From 75a751e2fda529a14de79fd32fb25ca97612400c Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Fri, 25 Aug 2023 12:11:31 -0700 Subject: [PATCH 001/375] Add missed 2023 copyright change. --- open-vm-tools/lib/include/compat/compat_stdarg.h | 2 +- .../services/plugins/serviceDiscovery/serviceDiscoveryInt.h | 2 +- .../services/plugins/serviceDiscovery/serviceDiscoveryPosix.c | 2 +- open-vm-tools/tests/Makefile.am | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/open-vm-tools/lib/include/compat/compat_stdarg.h b/open-vm-tools/lib/include/compat/compat_stdarg.h index 5295e5c9d..4d031601c 100644 --- a/open-vm-tools/lib/include/compat/compat_stdarg.h +++ b/open-vm-tools/lib/include/compat/compat_stdarg.h @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (C) 2006-2016 VMware, Inc. All rights reserved. + * Copyright (C) 2006-2016,2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published diff --git a/open-vm-tools/services/plugins/serviceDiscovery/serviceDiscoveryInt.h b/open-vm-tools/services/plugins/serviceDiscovery/serviceDiscoveryInt.h index 836e62f23..01a988e2b 100644 --- a/open-vm-tools/services/plugins/serviceDiscovery/serviceDiscoveryInt.h +++ b/open-vm-tools/services/plugins/serviceDiscovery/serviceDiscoveryInt.h @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (C) 2020-2021 VMware, Inc. All rights reserved. + * Copyright (C) 2020-2021,2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published diff --git a/open-vm-tools/services/plugins/serviceDiscovery/serviceDiscoveryPosix.c b/open-vm-tools/services/plugins/serviceDiscovery/serviceDiscoveryPosix.c index 28c53bdbb..570a6bd06 100644 --- a/open-vm-tools/services/plugins/serviceDiscovery/serviceDiscoveryPosix.c +++ b/open-vm-tools/services/plugins/serviceDiscovery/serviceDiscoveryPosix.c @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (C) 2020-2021 VMware, Inc. All rights reserved. + * Copyright (C) 2020-2021,2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published diff --git a/open-vm-tools/tests/Makefile.am b/open-vm-tools/tests/Makefile.am index 5a4629645..4203dd998 100644 --- a/open-vm-tools/tests/Makefile.am +++ b/open-vm-tools/tests/Makefile.am @@ -1,5 +1,5 @@ ################################################################################ -### Copyright (c) 2009-2016,2022 VMware, Inc. All rights reserved. +### Copyright (c) 2009-2016,2022,2023 VMware, Inc. All rights reserved. ### ### This program is free software; you can redistribute it and/or modify ### it under the terms of version 2 of the GNU General Public License as From 093aef15e1e390a613237a3bdd7a8c794ab672cc Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 5 Oct 2023 10:35:25 -0700 Subject: [PATCH 002/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/msg.h | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/open-vm-tools/lib/include/msg.h b/open-vm-tools/lib/include/msg.h index e90a44a28..28d7de0ad 100644 --- a/open-vm-tools/lib/include/msg.h +++ b/open-vm-tools/lib/include/msg.h @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (C) 1998-2017 VMware, Inc. All rights reserved. + * Copyright (C) 1998-2017,2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -18,7 +18,7 @@ /* * msg.h -- - * + * * user interaction through (non-modal) messages and (modal) dialogs */ @@ -192,6 +192,8 @@ HintResult Msg_HintMsgList(Bool defaultShow, HintOptions options, MsgList *msg); int Msg_CompareAnswer(Msg_String const *buttons, unsigned answer, const char *string); +Bool Msg_IsAnswered(Msg_String const *buttons, int defaultAnswer, + const char *id, unsigned int *reply); char *Msg_GetString(const char *idString); char *Msg_GetStringSafe(const char *idString); char *Msg_GetPlainButtonText(const char *idString); From 5188bd21d33180eb70612f57d5cb2aef8188108a Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 5 Oct 2023 10:35:25 -0700 Subject: [PATCH 003/375] Change to common source file not applicable to open-vm-tools at this time. --- open-vm-tools/docs/api/Makefile.am | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/docs/api/Makefile.am b/open-vm-tools/docs/api/Makefile.am index 3867d4e73..7d025052d 100644 --- a/open-vm-tools/docs/api/Makefile.am +++ b/open-vm-tools/docs/api/Makefile.am @@ -1,5 +1,5 @@ ################################################################################ -### Copyright (C) 2009-2016 VMware, Inc. All rights reserved. +### Copyright (c) 2009-2016,2022-2023 VMware, Inc. All rights reserved. ### ### This program is free software; you can redistribute it and/or modify ### it under the terms of version 2 of the GNU General Public License as @@ -22,6 +22,7 @@ DOXYGEN_INPUT += $(top_srcdir)/lib/include/vmware/tools DOXYGEN_INPUT += $(top_srcdir)/libvmtools DOXYGEN_INPUT += $(top_srcdir)/tests/vmrpcdbg + DOXYGEN_CPP_PREDEFINED = DOXYGEN_CPP_PREDEFINED += G_LOCK_DEFINE_STATIC(x) DOXYGEN_CPP_PREDEFINED += G_LOG_DOMAIN= From 2f1d2a0231db89c035b1dcd8a6266ea8ae49c9c4 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 5 Oct 2023 10:35:25 -0700 Subject: [PATCH 004/375] Bump the VMware Tools version to 12.4.0 in the "devel" branch. Setting the development VMware Tools version to 12.4.0. Adding the tag "HEDGE_TRIMMER" to the 12.3.0 version. --- open-vm-tools/lib/include/vm_tools_version.h | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/vm_tools_version.h b/open-vm-tools/lib/include/vm_tools_version.h index 6f4ae37ef..aa9bef5cf 100644 --- a/open-vm-tools/lib/include/vm_tools_version.h +++ b/open-vm-tools/lib/include/vm_tools_version.h @@ -1750,11 +1750,18 @@ TOOLS_VERSION_UINT_TO_COMPONENTS(const ToolsVersion toolsVersion, // IN #define TOOLS_VERSION_BANDSAW_UPDATE1_V_MNR 2 #define TOOLS_VERSION_BANDSAW_UPDATE1_V_BASE 5 +#ifndef RC_INVOKED +#define TOOLS_VERSION_HEDGE_TRIMMER TOOLS_VERSION_TO_UINT(TOOLS_VERSION_HEDGE_TRIMMER_V) +#endif /* RC_INVOKED */ +#define TOOLS_VERSION_HEDGE_TRIMMER_V_MJR 12 +#define TOOLS_VERSION_HEDGE_TRIMMER_V_MNR 3 +#define TOOLS_VERSION_HEDGE_TRIMMER_V_BASE 0 + #ifndef RC_INVOKED #define TOOLS_VERSION_NEXT TOOLS_VERSION_TO_UINT(TOOLS_VERSION_NEXT_V) #endif /* RC_INVOKED */ #define TOOLS_VERSION_NEXT_V_MJR 12 -#define TOOLS_VERSION_NEXT_V_MNR 3 +#define TOOLS_VERSION_NEXT_V_MNR 4 #define TOOLS_VERSION_NEXT_V_BASE 0 #define TOOLS_VERSION_CURRENT TOOLS_VERSION_NEXT From 7a6e765d2a5f3946513abdec8fc61c00385dc120 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 5 Oct 2023 10:35:25 -0700 Subject: [PATCH 005/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/asyncsocket.h | 20 +------------------- 1 file changed, 1 insertion(+), 19 deletions(-) diff --git a/open-vm-tools/lib/include/asyncsocket.h b/open-vm-tools/lib/include/asyncsocket.h index 09947002e..21c2d27a4 100644 --- a/open-vm-tools/lib/include/asyncsocket.h +++ b/open-vm-tools/lib/include/asyncsocket.h @@ -840,24 +840,7 @@ void AsyncSocket_WebSocketServerSendError(AsyncSocket *asock, const char *text); */ #define ASOCKPREFIX "SOCKET " -/* gcc needs special syntax to handle zero-length variadic arguments */ -#if defined(_MSC_VER) -#define ASOCKWARN(_asock, fmt, ...) \ - Warning(ASOCKPREFIX "%d (%d) " fmt, AsyncSocket_GetID(_asock), \ - AsyncSocket_GetFd(_asock), __VA_ARGS__) - -#define ASOCKLG0(_asock, fmt, ...) \ - Log(ASOCKPREFIX "%d (%d) " fmt, AsyncSocket_GetID(_asock), \ - AsyncSocket_GetFd(_asock), __VA_ARGS__) - -#define ASOCKLOG(_level, _asock, fmt, ...) \ - do { \ - if (((_level) == 0) || DOLOG_BYNAME(asyncsocket, (_level))) { \ - Log(ASOCKPREFIX "%d (%d) " fmt, AsyncSocket_GetID(_asock), \ - AsyncSocket_GetFd(_asock), __VA_ARGS__); \ - } \ - } while (0) -#else +/* Both gcc and msvc support ##__VA_ARGS__ to handle zero-length variadic arguments */ #define ASOCKWARN(_asock, fmt, ...) \ Warning(ASOCKPREFIX "%d (%d) " fmt, AsyncSocket_GetID(_asock), \ AsyncSocket_GetFd(_asock), ##__VA_ARGS__) @@ -873,7 +856,6 @@ void AsyncSocket_WebSocketServerSendError(AsyncSocket *asock, const char *text); AsyncSocket_GetFd(_asock), ##__VA_ARGS__); \ } \ } while (0) -#endif #if defined(__cplusplus) } // extern "C" From 97fd6909e336796e5eb3829d853754de9ac3b97a Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 5 Oct 2023 10:35:25 -0700 Subject: [PATCH 006/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_product_versions.h | 3 +++ 1 file changed, 3 insertions(+) diff --git a/open-vm-tools/lib/include/vm_product_versions.h b/open-vm-tools/lib/include/vm_product_versions.h index d856e87b5..e99f93a21 100644 --- a/open-vm-tools/lib/include/vm_product_versions.h +++ b/open-vm-tools/lib/include/vm_product_versions.h @@ -309,6 +309,9 @@ // Changing the version is required when CPD releases an update. #define VA_PATCH_VERSION "5100" +// esxcli +#define ESXCLI_VERSION "8.0" + #define HORIZONOSOT_VERSION "1.2.2303" #define HORIZONVMDS_VERSION "1.0.0" From f2485a10afcbc3a81b9cfc4726e2492a338b729a Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 5 Oct 2023 10:35:25 -0700 Subject: [PATCH 007/375] Changes to common source files not applicable to open-vm-tools. --- open-vm-tools/services/plugins/vix/vixTools.c | 1 + open-vm-tools/services/plugins/vix/vixToolsInt.h | 5 ++++- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/services/plugins/vix/vixTools.c b/open-vm-tools/services/plugins/vix/vixTools.c index 8f231acc6..75149b7a7 100644 --- a/open-vm-tools/services/plugins/vix/vixTools.c +++ b/open-vm-tools/services/plugins/vix/vixTools.c @@ -11954,6 +11954,7 @@ GuestAuthSAMLAuthenticateAndImpersonate( token, username, gCurrentUsername, + hostVerified, userToken, ¤tUserHandle); goto done; diff --git a/open-vm-tools/services/plugins/vix/vixToolsInt.h b/open-vm-tools/services/plugins/vix/vixToolsInt.h index 5893562cc..19685edbb 100644 --- a/open-vm-tools/services/plugins/vix/vixToolsInt.h +++ b/open-vm-tools/services/plugins/vix/vixToolsInt.h @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (c) 2010-2020 VMware, Inc. All rights reserved. + * Copyright (c) 2010-2020,2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -204,6 +204,9 @@ VixError VixToolsCheckSAMLForSystem(VGAuthContext *ctx, const char *token, const char *username, char *serviceUsername, +#ifdef VMTOOLS_FS_VGAUTH_HOST_VERIFICATION + Bool hostVerified, +#endif void **userToken, VGAuthUserHandle **curUserHandle); #endif // _WIN32 From 1536a14b450633ba8040f3fc57e922e39d9b3311 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 5 Oct 2023 10:35:25 -0700 Subject: [PATCH 008/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_product_versions.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/vm_product_versions.h b/open-vm-tools/lib/include/vm_product_versions.h index e99f93a21..7047aceb3 100644 --- a/open-vm-tools/lib/include/vm_product_versions.h +++ b/open-vm-tools/lib/include/vm_product_versions.h @@ -395,7 +395,7 @@ #define RDF_VERSION "8.11.0" #define HORIZON_DAAS_AGENT_VERSION "23.3.0" #define HORIZON_USB_AGENT_VERSION "11.11.0" -#define HORIZON_UPDATETOOL_VERSION "2.0.8" +#define HORIZON_UPDATETOOL_VERSION "2.0.9" #define MFW_VERSION "16.9.0" #define HORIZONTOOL_VERSION "16.11.0" From 6267410529bdc7ba4c4e89293232d72f7d824641 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 5 Oct 2023 10:35:25 -0700 Subject: [PATCH 009/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_basic_asm.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/vm_basic_asm.h b/open-vm-tools/lib/include/vm_basic_asm.h index 815b4356e..f56b132d4 100644 --- a/open-vm-tools/lib/include/vm_basic_asm.h +++ b/open-vm-tools/lib/include/vm_basic_asm.h @@ -75,7 +75,7 @@ #include "mul64.h" #endif -#if defined _M_ARM64EC +#if defined _M_ARM64EC || defined _M_ARM64 #include "vm_assert.h" #define MUL64_NO_ASM 1 #include "mul64.h" From bacfb532b8f904c7d4141891ca95db7b4b6c0ac6 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 5 Oct 2023 10:35:25 -0700 Subject: [PATCH 010/375] Allow pre-Windows 2000 style user logon for Linux Guests. With this change, applications that require user/password type authentication/authorization (done by VGAuth service) for guestOps can now use pre-windows 2000 style user logon for Linux Guests too. Github Issue: https://github.com/vmware/open-vm-tools/issues/641 --- open-vm-tools/vgauth/common/usercheck.c | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/open-vm-tools/vgauth/common/usercheck.c b/open-vm-tools/vgauth/common/usercheck.c index 31eeb5a77..3beede2e8 100644 --- a/open-vm-tools/vgauth/common/usercheck.c +++ b/open-vm-tools/vgauth/common/usercheck.c @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (C) 2011-2016,2019 VMware, Inc. All rights reserved. + * Copyright (C) 2011-2016,2019,2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -347,19 +347,14 @@ Usercheck_UsernameIsLegal(const gchar *userName) * The illegal character list appears to be: * * Windows /\@[]:;|=,+*?<>" - * Note that '\' is valid with a domain username; this is - * the restricted list for local usernames. * Ubuntu /\[]:;|=,*<>"!(){}?$@%^&' * Rhel /\[]:;|=,*<>"!(){}?$@%^&'+ * + * Note that '\' is valid with a domain username; this is the + * restricted list for local usernames. */ size_t len; -#ifdef _WIN32 - // allow '\' in for Windows domain usernames char *illegalChars = "<>/"; -#else - char *illegalChars = "\\<>/"; -#endif len = strlen(userName); if (strcspn(userName, illegalChars) != len) { From e796234eb7a790ac1accc87534106e10140394fa Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 5 Oct 2023 10:35:25 -0700 Subject: [PATCH 011/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_product_versions.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/vm_product_versions.h b/open-vm-tools/lib/include/vm_product_versions.h index 7047aceb3..e152b5af6 100644 --- a/open-vm-tools/lib/include/vm_product_versions.h +++ b/open-vm-tools/lib/include/vm_product_versions.h @@ -310,7 +310,7 @@ #define VA_PATCH_VERSION "5100" // esxcli -#define ESXCLI_VERSION "8.0" +#define ESXCLI_VERSION "8.0.0" #define HORIZONOSOT_VERSION "1.2.2303" #define HORIZONVMDS_VERSION "1.0.0" From 1930fbc010efcfb95196a999e6f24c9bcb19087f Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 5 Oct 2023 10:35:26 -0700 Subject: [PATCH 012/375] Changes to common source files not applicable to open-vm-tools. --- open-vm-tools/services/vmtoolsd/cmdLine.c | 12 +++++++++++- open-vm-tools/services/vmtoolsd/mainLoop.c | 7 ++++++- 2 files changed, 17 insertions(+), 2 deletions(-) diff --git a/open-vm-tools/services/vmtoolsd/cmdLine.c b/open-vm-tools/services/vmtoolsd/cmdLine.c index 68c2d138a..e18715d7a 100644 --- a/open-vm-tools/services/vmtoolsd/cmdLine.c +++ b/open-vm-tools/services/vmtoolsd/cmdLine.c @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (C) 2008-2021 VMware, Inc. All rights reserved. + * Copyright (c) 2008-2021,2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -44,6 +44,10 @@ #include "vmware/tools/guestrpc.h" #include "vm_version.h" +/* + * TODO: Build vmcheck library + */ +#ifndef _ARM64_ /** * Runs the given Tools RPC command, printing the result to the terminal and * exiting the application afterwards. @@ -136,6 +140,7 @@ ToolsCoreRunCommandFromFile(const gchar *option, "Unable to send command from file to VMware hypervisor.")); exit(1); } +#endif //_ARM64_ #if defined(G_PLATFORM_WIN32) @@ -286,12 +291,17 @@ ToolsCore_ParseCommandLine(ToolsServiceState *state, { "plugin-path", 'p', 0, G_OPTION_ARG_FILENAME, &state->pluginPath, SU_(cmdline.pluginpath, "Path to the plugin directory."), SU_(cmdline.path, "path") }, +/* + * TODO: Build vmcheck library + */ +#ifndef _ARM64_ { "cmd", '\0', 0, G_OPTION_ARG_CALLBACK, ToolsCoreRunCommand, SU_(cmdline.rpc, "Sends an RPC command to the host and exits."), SU_(cmdline.rpc.command, "command") }, { "cmdfile", '\0', 0, G_OPTION_ARG_CALLBACK, ToolsCoreRunCommandFromFile, SU_(cmdline.cmdfile, "Sends an RPC command from a file to the host and exits."), SU_(cmdline.cmdfile.command, "command file") }, +#endif //_ARM64+ #if defined(G_PLATFORM_WIN32) { "dump-state", 's', 0, G_OPTION_ARG_NONE, &dumpState, SU_(cmdline.state, "Dumps the internal state of a running service instance to the logs."), diff --git a/open-vm-tools/services/vmtoolsd/mainLoop.c b/open-vm-tools/services/vmtoolsd/mainLoop.c index d6487aedb..f6f595562 100644 --- a/open-vm-tools/services/vmtoolsd/mainLoop.c +++ b/open-vm-tools/services/vmtoolsd/mainLoop.c @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (c) 2008-2022 VMware, Inc. All rights reserved. + * Copyright (c) 2008-2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -1201,7 +1201,12 @@ ToolsCore_Setup(ToolsServiceState *state) #else state->ctx.mainLoop = g_main_loop_new(gctx, FALSE); #endif + /* + * TODO: Build vmcheck library + */ +#ifndef _ARM64_ state->ctx.isVMware = VmCheck_IsVirtualWorld(); +#endif g_main_context_unref(gctx); g_type_init(); From 126f05a2c2834ce20bc507b5e0f96b3b5929ed1a Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 5 Oct 2023 10:35:26 -0700 Subject: [PATCH 013/375] Changes to common source files not applicable to open-vm-tools. --- open-vm-tools/services/vmtoolsd/cmdLine.c | 10 ---------- open-vm-tools/services/vmtoolsd/mainLoop.c | 2 -- 2 files changed, 12 deletions(-) diff --git a/open-vm-tools/services/vmtoolsd/cmdLine.c b/open-vm-tools/services/vmtoolsd/cmdLine.c index e18715d7a..c98ac1967 100644 --- a/open-vm-tools/services/vmtoolsd/cmdLine.c +++ b/open-vm-tools/services/vmtoolsd/cmdLine.c @@ -44,10 +44,6 @@ #include "vmware/tools/guestrpc.h" #include "vm_version.h" -/* - * TODO: Build vmcheck library - */ -#ifndef _ARM64_ /** * Runs the given Tools RPC command, printing the result to the terminal and * exiting the application afterwards. @@ -140,7 +136,6 @@ ToolsCoreRunCommandFromFile(const gchar *option, "Unable to send command from file to VMware hypervisor.")); exit(1); } -#endif //_ARM64_ #if defined(G_PLATFORM_WIN32) @@ -291,17 +286,12 @@ ToolsCore_ParseCommandLine(ToolsServiceState *state, { "plugin-path", 'p', 0, G_OPTION_ARG_FILENAME, &state->pluginPath, SU_(cmdline.pluginpath, "Path to the plugin directory."), SU_(cmdline.path, "path") }, -/* - * TODO: Build vmcheck library - */ -#ifndef _ARM64_ { "cmd", '\0', 0, G_OPTION_ARG_CALLBACK, ToolsCoreRunCommand, SU_(cmdline.rpc, "Sends an RPC command to the host and exits."), SU_(cmdline.rpc.command, "command") }, { "cmdfile", '\0', 0, G_OPTION_ARG_CALLBACK, ToolsCoreRunCommandFromFile, SU_(cmdline.cmdfile, "Sends an RPC command from a file to the host and exits."), SU_(cmdline.cmdfile.command, "command file") }, -#endif //_ARM64+ #if defined(G_PLATFORM_WIN32) { "dump-state", 's', 0, G_OPTION_ARG_NONE, &dumpState, SU_(cmdline.state, "Dumps the internal state of a running service instance to the logs."), diff --git a/open-vm-tools/services/vmtoolsd/mainLoop.c b/open-vm-tools/services/vmtoolsd/mainLoop.c index f6f595562..7f54319e0 100644 --- a/open-vm-tools/services/vmtoolsd/mainLoop.c +++ b/open-vm-tools/services/vmtoolsd/mainLoop.c @@ -1204,9 +1204,7 @@ ToolsCore_Setup(ToolsServiceState *state) /* * TODO: Build vmcheck library */ -#ifndef _ARM64_ state->ctx.isVMware = VmCheck_IsVirtualWorld(); -#endif g_main_context_unref(gctx); g_type_init(); From 0633d24feca0d9aa28696b4156c6f1944d3e7644 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 5 Oct 2023 10:35:26 -0700 Subject: [PATCH 014/375] Changes to common source files not applicable to open-vm-tools. --- open-vm-tools/lib/include/globalConfig.h | 5 +++-- open-vm-tools/services/vmtoolsd/mainLoop.c | 14 +++++++------- open-vm-tools/services/vmtoolsd/toolsCoreInt.h | 5 +++-- 3 files changed, 13 insertions(+), 11 deletions(-) diff --git a/open-vm-tools/lib/include/globalConfig.h b/open-vm-tools/lib/include/globalConfig.h index 55ecb845e..9e766cb7f 100644 --- a/open-vm-tools/lib/include/globalConfig.h +++ b/open-vm-tools/lib/include/globalConfig.h @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (c) 2020-2021 VMware, Inc. All rights reserved. + * Copyright (c) 2020-2021,2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -19,7 +19,8 @@ #ifndef _GLOBAL_CONFIG_H_ #define _GLOBAL_CONFIG_H_ -#if defined(_WIN32) || (defined(__linux__) && !defined(USERWORLD)) +#if (defined(_WIN32) && !defined(_ARM64_)) || \ + (defined(__linux__) && !defined(USERWORLD)) #define GLOBALCONFIG_SUPPORTED 1 diff --git a/open-vm-tools/services/vmtoolsd/mainLoop.c b/open-vm-tools/services/vmtoolsd/mainLoop.c index 7f54319e0..5217be5da 100644 --- a/open-vm-tools/services/vmtoolsd/mainLoop.c +++ b/open-vm-tools/services/vmtoolsd/mainLoop.c @@ -45,8 +45,8 @@ #include "vmware/tools/utils.h" #include "vmware/tools/vmbackup.h" -#if defined(_WIN32) || \ - (defined(__linux__) && !defined(USERWORLD)) +#if (defined(_WIN32) && !defined(_ARM64_)) || \ + (defined(__linux__) && !defined(USERWORLD)) # include "vmware/tools/guestStore.h" # include "globalConfig.h" #endif @@ -55,7 +55,7 @@ * guestStoreClient library is needed for both GuestStore-based tools upgrade * and also for GlobalConfig module. */ -#if defined(_WIN32) || defined(GLOBALCONFIG_SUPPORTED) +#if (defined(_WIN32) && !defined(_ARM64_)) || defined(GLOBALCONFIG_SUPPORTED) # include "guestStoreClient.h" #endif @@ -118,8 +118,8 @@ static gboolean gGlobalConfStarted = FALSE; static void ToolsCoreCleanup(ToolsServiceState *state) { -#if defined(_WIN32) || \ - (defined(__linux__) && !defined(USERWORLD)) +#if (defined(_WIN32) && !defined(_ARM64_)) || \ + (defined(__linux__) && !defined(USERWORLD)) if (state->mainService) { /* * Shut down guestStore plugin first to prevent worker threads from being @@ -137,7 +137,7 @@ ToolsCoreCleanup(ToolsServiceState *state) } #endif -#if defined(_WIN32) || defined(GLOBALCONFIG_SUPPORTED) +#if (defined(_WIN32) && !defined(_ARM64_)) || defined(GLOBALCONFIG_SUPPORTED) /* * guestStoreClient library is needed for both GuestStore-based tools * upgrade and also for GlobalConfig module. @@ -472,7 +472,7 @@ ToolsCoreRunLoop(ToolsServiceState *state) } #endif -#if defined(_WIN32) || defined(GLOBALCONFIG_SUPPORTED) +#if (defined(_WIN32) && !defined(_ARM64_)) || defined(GLOBALCONFIG_SUPPORTED) /* * guestStoreClient library is needed for both GuestStore-based tools * upgrade and also for GlobalConfig module. diff --git a/open-vm-tools/services/vmtoolsd/toolsCoreInt.h b/open-vm-tools/services/vmtoolsd/toolsCoreInt.h index 57723f532..409eed63c 100644 --- a/open-vm-tools/services/vmtoolsd/toolsCoreInt.h +++ b/open-vm-tools/services/vmtoolsd/toolsCoreInt.h @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (c) 2008-2021 VMware, Inc. All rights reserved. + * Copyright (c) 2008-2021,2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -32,7 +32,8 @@ #include #include #include -#if defined(_WIN32) || (defined(__linux__) && !defined(USERWORLD)) +#if (defined(_WIN32) && !defined(_ARM64_)) || \ + (defined(__linux__) && !defined(USERWORLD)) /* Need this header for GLOBALCONFIG_SUPPORTED definition.*/ #include "globalConfig.h" #endif From a2f775b5c3e1d6c4859308bb87d9209018a28716 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 5 Oct 2023 10:35:26 -0700 Subject: [PATCH 015/375] Change to common source file not applicable to open-vm-tools. --- open-vm-tools/lib/hgfsServer/hgfsServer.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/open-vm-tools/lib/hgfsServer/hgfsServer.c b/open-vm-tools/lib/hgfsServer/hgfsServer.c index 1f7f2dbad..c7b4cdd0f 100644 --- a/open-vm-tools/lib/hgfsServer/hgfsServer.c +++ b/open-vm-tools/lib/hgfsServer/hgfsServer.c @@ -56,6 +56,10 @@ #include "vm_basic_asm.h" #include "unicodeOperations.h" +#ifndef VM_X86_ANY +#include "random.h" +#endif + #if defined(_WIN32) #include #define HGFS_PARENT_DIR "..\\" @@ -4159,7 +4163,16 @@ HgfsServer_ShareAccessCheck(HgfsOpenMode accessMode, // IN: open mode to check static uint64 HgfsGenerateSessionId(void) { +#ifdef VM_X86_ANY return RDTSC(); +#else + uint64 sessionId; + rqContext *rCtx = Random_QuickSeed((uint32)time(NULL)); + sessionId = (uint64)Random_Quick(rCtx) << 32; + sessionId |= Random_Quick(rCtx); + free(rCtx); + return sessionId; +#endif } From e367c428ff4062517228171ea63359fdbe252e66 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 5 Oct 2023 10:35:26 -0700 Subject: [PATCH 016/375] Update Glib header inclusion to address C++ compatibility issues. --- open-vm-tools/lib/include/vmware/tools/gdp.h | 14 +++++++++++++- .../lib/include/vmware/tools/guestStore.h | 14 +++++++++++++- open-vm-tools/lib/include/vmware/tools/guestrpc.h | 14 +++++++++++++- open-vm-tools/lib/include/vmware/tools/plugin.h | 14 +++++++++++++- .../lib/include/vmware/tools/threadPool.h | 14 +++++++++++++- .../plugins/dndcp/dndGuest/guestCopyPasteDest.cc | 5 ++--- .../plugins/dndcp/dndGuest/guestCopyPasteSrc.cc | 5 ++--- 7 files changed, 69 insertions(+), 11 deletions(-) diff --git a/open-vm-tools/lib/include/vmware/tools/gdp.h b/open-vm-tools/lib/include/vmware/tools/gdp.h index edf135fb2..c071cd532 100644 --- a/open-vm-tools/lib/include/vmware/tools/gdp.h +++ b/open-vm-tools/lib/include/vmware/tools/gdp.h @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (c) 2020-2021 VMware, Inc. All rights reserved. + * Copyright (c) 2020-2021,2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -25,7 +25,19 @@ * Public interface of the "gdp" plugin service. */ +/* + * glib-object.h should not be placed inside `extern "C"' blocks. + * However, this header is often placed inside such blocks. + * Here we change back into C++ for glib-object.h + */ +#ifdef __cplusplus +extern "C++" { +#endif #include +#ifdef __cplusplus +} +#endif + #include "vmware/tools/plugin.h" /* diff --git a/open-vm-tools/lib/include/vmware/tools/guestStore.h b/open-vm-tools/lib/include/vmware/tools/guestStore.h index 0552e43d8..f099f83a6 100644 --- a/open-vm-tools/lib/include/vmware/tools/guestStore.h +++ b/open-vm-tools/lib/include/vmware/tools/guestStore.h @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (c) 2020 VMware, Inc. All rights reserved. + * Copyright (c) 2020,2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -28,7 +28,19 @@ * @{ */ +/* + * glib-object.h should not be placed inside `extern "C"' blocks. + * However, this header is often placed inside such blocks. + * Here we change back into C++ for glib-object.h + */ +#ifdef __cplusplus +extern "C++" { +#endif #include +#ifdef __cplusplus +} +#endif + #include "vmware/tools/plugin.h" /** diff --git a/open-vm-tools/lib/include/vmware/tools/guestrpc.h b/open-vm-tools/lib/include/vmware/tools/guestrpc.h index 667023b7f..e8779b5fa 100644 --- a/open-vm-tools/lib/include/vmware/tools/guestrpc.h +++ b/open-vm-tools/lib/include/vmware/tools/guestrpc.h @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (C) 2008,2014-2016,2018-2020 VMware, Inc. All rights reserved. + * Copyright (C) 2008,2014-2016,2018-2020,2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -36,7 +36,19 @@ * @{ */ +/* + * glib.h should not be placed inside `extern "C"' blocks. + * However, this header is often placed inside such blocks. + * Here we change back into C++ for glib.h + */ +#ifdef __cplusplus +extern "C++" { +#endif #include +#ifdef __cplusplus +} +#endif + #include "vmware/tools/utils.h" G_BEGIN_DECLS diff --git a/open-vm-tools/lib/include/vmware/tools/plugin.h b/open-vm-tools/lib/include/vmware/tools/plugin.h index f8013f8c0..91c74e181 100644 --- a/open-vm-tools/lib/include/vmware/tools/plugin.h +++ b/open-vm-tools/lib/include/vmware/tools/plugin.h @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (c) 2008-2020 VMware, Inc. All rights reserved. + * Copyright (c) 2008-2020,2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -29,7 +29,19 @@ * @{ */ +/* + * glib.h should not be placed inside `extern "C"' blocks. + * However, this header is often placed inside such blocks. + * Here we change back into C++ for glib.h + */ +#ifdef __cplusplus +extern "C++" { +#endif #include +#ifdef __cplusplus +} +#endif + #if defined(G_PLATFORM_WIN32) # include # include diff --git a/open-vm-tools/lib/include/vmware/tools/threadPool.h b/open-vm-tools/lib/include/vmware/tools/threadPool.h index 5880fbcff..792be29a5 100644 --- a/open-vm-tools/lib/include/vmware/tools/threadPool.h +++ b/open-vm-tools/lib/include/vmware/tools/threadPool.h @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (C) 2010-2019 VMware, Inc. All rights reserved. + * Copyright (C) 2010-2019,2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -45,7 +45,19 @@ * thread. */ +/* + * glib-object.h should not be placed inside `extern "C"' blocks. + * However, this header is often placed inside such blocks. + * Here we change back into C++ for glib-object.h + */ +#ifdef __cplusplus +extern "C++" { +#endif #include +#ifdef __cplusplus +} +#endif + #include "vmware/tools/plugin.h" #define TOOLS_CORE_PROP_TPOOL "tcs_prop_thread_pool" diff --git a/open-vm-tools/services/plugins/dndcp/dndGuest/guestCopyPasteDest.cc b/open-vm-tools/services/plugins/dndcp/dndGuest/guestCopyPasteDest.cc index 918fdb37a..f91855624 100644 --- a/open-vm-tools/services/plugins/dndcp/dndGuest/guestCopyPasteDest.cc +++ b/open-vm-tools/services/plugins/dndcp/dndGuest/guestCopyPasteDest.cc @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (C) 2010-2016 VMware, Inc. All rights reserved. + * Copyright (C) 2010-2016,2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -23,10 +23,9 @@ */ #include "guestCopyPaste.hh" +#include extern "C" { - #include - #include "dndClipboard.h" #include "debug.h" } diff --git a/open-vm-tools/services/plugins/dndcp/dndGuest/guestCopyPasteSrc.cc b/open-vm-tools/services/plugins/dndcp/dndGuest/guestCopyPasteSrc.cc index f08917e28..42b14a74c 100644 --- a/open-vm-tools/services/plugins/dndcp/dndGuest/guestCopyPasteSrc.cc +++ b/open-vm-tools/services/plugins/dndcp/dndGuest/guestCopyPasteSrc.cc @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (C) 2010-2017 VMware, Inc. All rights reserved. + * Copyright (C) 2010-2017,2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -23,10 +23,9 @@ */ #include "guestCopyPaste.hh" +#include extern "C" { - #include - #include "dndClipboard.h" #include "debug.h" #include "cpNameUtil.h" From 2138a3fd2c8599d1d5ce66a423e86f61ba4dfe69 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 5 Oct 2023 10:35:26 -0700 Subject: [PATCH 017/375] Remove Glib usage from stringxx/ubstr_t. Replace Glib::RefPtr with std::shared_ptr. --- .../plugins/dndcp/stringxx/ubstr_t.hh | 42 ++++--------------- 1 file changed, 7 insertions(+), 35 deletions(-) diff --git a/open-vm-tools/services/plugins/dndcp/stringxx/ubstr_t.hh b/open-vm-tools/services/plugins/dndcp/stringxx/ubstr_t.hh index b4726e22a..9713ee8ff 100644 --- a/open-vm-tools/services/plugins/dndcp/stringxx/ubstr_t.hh +++ b/open-vm-tools/services/plugins/dndcp/stringxx/ubstr_t.hh @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (c) 2008-2019,2021-2022 VMware, Inc. All rights reserved. + * Copyright (c) 2008-2019,2021-2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -32,8 +32,7 @@ #include #include -#include // For GIOMM_*_VERSION -#include +#include #include "autoCPtr.hh" @@ -111,30 +110,10 @@ private: public: // Takes ownership of the input string. UTF8Data(char *utf8String = NULL) // IN/OUT: May be NULL - : mUTF8String(utf8String), - mRefCount(1) + : mUTF8String(utf8String) { } -#if GIOMM_MAJOR_VERSION >= 2 && GIOMM_MINOR_VERSION >= 68 - // Glib::RefPtr is now just a std::shared_ptr so no extras are needed -#else - // For Glib::RefPtr. - void reference() - { - ++mRefCount; - } - - // For Glib::RefPtr. - void unreference() - { - --mRefCount; - if (mRefCount == 0) { - delete this; - } - } -#endif - // Takes ownership of the input string. void Set(char *utf8String) // IN/OUT: May be NULL. { @@ -150,12 +129,6 @@ private: return mUTF8String; } -#if GIOMM_MAJOR_VERSION >= 2 && GIOMM_MINOR_VERSION >= 68 - public: -#else - private: - // Only destructible via unreference(). -#endif ~UTF8Data() { free(mUTF8String); @@ -163,7 +136,6 @@ private: private: char *mUTF8String; - unsigned int mRefCount; private: // Intentionally unimplemented. @@ -181,7 +153,7 @@ private: _bstr_t mBstr; // mUTF8 is allocated and initialized lazily. - mutable Glib::RefPtr mUTF8; + mutable std::shared_ptr mUTF8; }; @@ -265,7 +237,7 @@ ubstr_t::ubstr_t(const char *s) // IN: A UTF-8-encoded string. { if (s != NULL) { // Since we already have the UTF-8 version of the string, cache it now. - mUTF8 = Glib::RefPtr(new UTF8Data(Util_SafeStrdup(s))); + mUTF8 = std::shared_ptr(new UTF8Data(Util_SafeStrdup(s))); mBstr = AutoCPtr(Unicode_GetAllocUTF16(s), free).get(); } } @@ -310,7 +282,7 @@ ubstr_t::ubstr_t(const ubstr_t& s) // IN mUTF8(s.mUTF8) { if (static_cast(mBstr) != NULL && !mUTF8) { - mUTF8 = s.mUTF8 = Glib::RefPtr(new UTF8Data()); + mUTF8 = s.mUTF8 = std::shared_ptr(new UTF8Data()); } } @@ -839,7 +811,7 @@ ubstr_t::GetUTF8Cache() } if (!mUTF8) { - mUTF8 = Glib::RefPtr(new UTF8Data()); + mUTF8 = std::shared_ptr(new UTF8Data()); } if (mUTF8->Get() == NULL) { From 60ede3ec06d81bf7033ca2ac68431148506baf1b Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 5 Oct 2023 10:35:26 -0700 Subject: [PATCH 018/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_basic_asm_arm64.h | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/open-vm-tools/lib/include/vm_basic_asm_arm64.h b/open-vm-tools/lib/include/vm_basic_asm_arm64.h index 2cd7c5dce..88a709c17 100644 --- a/open-vm-tools/lib/include/vm_basic_asm_arm64.h +++ b/open-vm-tools/lib/include/vm_basic_asm_arm64.h @@ -336,16 +336,15 @@ GET_CURRENT_PC(void) /* * GET_CURRENT_LOCATION -- * - * Updates the arguments with the values of the pc, x29, sp and x30 - * registers at the current code location where the macro is invoked. + * Updates the arguments with the values of the pc, fp, sp and the + * return address at the current code location where the macro is invoked. */ -#define GET_CURRENT_LOCATION(pc, fp, sp, lr) do { \ +#define GET_CURRENT_LOCATION(pc, fp, sp, retAddr) do { \ _GET_CURRENT_PC(pc); \ - asm volatile("mov %0, x29" "\n\t" \ - "mov %1, sp" "\n\t" \ - "mov %2, x30" \ - : "=r" (fp), "=r" (sp), "=r" (lr)); \ + asm volatile("mov %0, sp" : "=r" (sp)); \ + fp = (uint64)GetFrameAddr(); \ + retAddr = (uint64)GetReturnAddress(); \ } while (0) From d90cefe349130cedc7af9722bac77198b4e0b891 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 5 Oct 2023 10:35:26 -0700 Subject: [PATCH 019/375] Change to common source file not applicable to open-vm-tools. --- open-vm-tools/services/plugins/vix/vixTools.c | 56 ++++++++++--------- 1 file changed, 29 insertions(+), 27 deletions(-) diff --git a/open-vm-tools/services/plugins/vix/vixTools.c b/open-vm-tools/services/plugins/vix/vixTools.c index 75149b7a7..75d24a29e 100644 --- a/open-vm-tools/services/plugins/vix/vixTools.c +++ b/open-vm-tools/services/plugins/vix/vixTools.c @@ -132,9 +132,11 @@ /* * No support for userworld. Enable support for open vm tools when * USE_VGAUTH is defined. + * + * XXX - Currently no support for vgauth in Windows on arm64. */ #if ((defined(__linux__) && !defined(USERWORLD)) || defined(_WIN32)) && \ - (!defined(OPEN_VM_TOOLS) || defined(USE_VGAUTH)) + (!defined(OPEN_VM_TOOLS) || defined(USE_VGAUTH)) && !defined(_ARM64_) #define SUPPORT_VGAUTH 1 #else #define SUPPORT_VGAUTH 0 @@ -161,32 +163,6 @@ static gboolean gSupportVGAuth = USE_VGAUTH_DEFAULT; static gboolean QueryVGAuthConfig(GKeyFile *confDictRef); -#ifdef _WIN32 -/* - * Check bug 2508431 for more details. If an application is not built - * with proper flags, 'creating a remote thread' to get the process - * command line will crash the target process. To avoid any such crash, - * 'remote thread' approach is not used by default. - * - * But 'remote thread' approach can be turned on (for whatever reason) - * by setting the following option to true in the tools.conf file. - * - * For few processes, 'WMI' can provide detailed commandline information. - * But using 'WMI' is a heavy weight approach and may affect the CPU - * performance and hence it is disabled by default. It can always be - * turned on by a setting (as mentioned below) in the tools.conf file. - */ -#define VIXTOOLS_CONFIG_USE_REMOTE_THREAD_PROCESS_COMMAND_LINE \ - "useRemoteThreadForProcessCommandLine" - -#define VIXTOOLS_CONFIG_USE_WMI_PROCESS_COMMAND_LINE \ - "useWMIForProcessCommandLine" - -#define USE_REMOTE_THREAD_PROCESS_COMMAND_LINE_DEFAULT FALSE -#define USE_WMI_PROCESS_COMMAND_LINE_DEFAULT FALSE - -#endif - #if ALLOW_LOCAL_SYSTEM_IMPERSONATION_BYPASS static gchar *gCurrentUsername = NULL; @@ -221,6 +197,32 @@ static VGAuthUserHandle *currentUserHandle = NULL; #endif +#ifdef _WIN32 +/* + * Check bug 2508431 for more details. If an application is not built + * with proper flags, 'creating a remote thread' to get the process + * command line will crash the target process. To avoid any such crash, + * 'remote thread' approach is not used by default. + * + * But 'remote thread' approach can be turned on (for whatever reason) + * by setting the following option to true in the tools.conf file. + * + * For few processes, 'WMI' can provide detailed commandline information. + * But using 'WMI' is a heavy weight approach and may affect the CPU + * performance and hence it is disabled by default. It can always be + * turned on by a setting (as mentioned below) in the tools.conf file. + */ +#define VIXTOOLS_CONFIG_USE_REMOTE_THREAD_PROCESS_COMMAND_LINE \ + "useRemoteThreadForProcessCommandLine" + +#define VIXTOOLS_CONFIG_USE_WMI_PROCESS_COMMAND_LINE \ + "useWMIForProcessCommandLine" + +#define USE_REMOTE_THREAD_PROCESS_COMMAND_LINE_DEFAULT FALSE +#define USE_WMI_PROCESS_COMMAND_LINE_DEFAULT FALSE + +#endif + /* * This should be an allocated string containing the impersonated username * while impersonation is active, and NULL when its not. From af8cb38e92ac414539655f563f1f05fdaf532fe6 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 5 Oct 2023 10:35:27 -0700 Subject: [PATCH 020/375] Change to common source file not applicable to open-vm-tools. --- open-vm-tools/lib/guestApp/guestApp.c | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/open-vm-tools/lib/guestApp/guestApp.c b/open-vm-tools/lib/guestApp/guestApp.c index c767d5d1a..ddac5de6e 100644 --- a/open-vm-tools/lib/guestApp/guestApp.c +++ b/open-vm-tools/lib/guestApp/guestApp.c @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (C) 1998-2019 VMware, Inc. All rights reserved. + * Copyright (C) 1998-2019, 2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -142,7 +142,18 @@ GuestApp_GetInstallPathW(void) DWORD temp = 0; PWCHAR data = NULL; - rc = RegOpenKeyExW(HKEY_LOCAL_MACHINE, TOOLS_KEY_NAME, 0, KEY_READ, &key); + /* + * We need to access the WOW3264Node Registry node for arm64 windows tools, + * since the arm64 installer is currently built with x86 emulation mode. + * + * TODO: REMOVE the the KEY_WOW64_32KEY once the msi installer is running + * in native arm64. + */ + REGSAM samDesired = KEY_READ; +#ifdef TOOLS_ARM64 + samDesired |= KEY_WOW64_32KEY; +#endif + rc = RegOpenKeyExW(HKEY_LOCAL_MACHINE, TOOLS_KEY_NAME, 0, samDesired, &key); if (ERROR_SUCCESS != rc) { Debug("%s: Couldn't open key \"%S\".\n", __FUNCTION__, TOOLS_KEY_NAME); Debug("%s: RegOpenKeyExW error 0x%x.\n", __FUNCTION__, GetLastError()); From f906dc45d324bf531219b14c5af0f405f801d5f4 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 5 Oct 2023 10:35:27 -0700 Subject: [PATCH 021/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_product_versions.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/vm_product_versions.h b/open-vm-tools/lib/include/vm_product_versions.h index e152b5af6..40830ece8 100644 --- a/open-vm-tools/lib/include/vm_product_versions.h +++ b/open-vm-tools/lib/include/vm_product_versions.h @@ -375,7 +375,7 @@ #define PRECHECK_VERSION "e.x.p" #define VHSESDK_VERSION "1.0.0" #define VIEWVC_VERSION "14.0.2" -#define WCP_VERSION "0.1.5" +#define WCP_VERSION "0.1.6" #define VSTATS_VERSION "0.0.1" #define XVP_VERSION "1.0.0" /* From 3ddae17a251d51c15a576fe3da7643574a96c061 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 5 Oct 2023 10:35:27 -0700 Subject: [PATCH 022/375] Change to common source file not applicable to open-vm-tools. --- open-vm-tools/lib/misc/hostinfoPosix.c | 170 +++++++++++++++++++++++-- 1 file changed, 162 insertions(+), 8 deletions(-) diff --git a/open-vm-tools/lib/misc/hostinfoPosix.c b/open-vm-tools/lib/misc/hostinfoPosix.c index 1e7e59fca..dd3c16898 100644 --- a/open-vm-tools/lib/misc/hostinfoPosix.c +++ b/open-vm-tools/lib/misc/hostinfoPosix.c @@ -51,6 +51,7 @@ #include #include #if !TARGET_OS_IPHONE +#include #include #endif #include @@ -91,10 +92,14 @@ #include #endif -#ifdef __linux__ +#if defined(__linux__) || defined(__APPLE__) #include #endif +#if defined(__linux__) || defined(__ANDROID__) +#include +#endif + #if !defined(_PATH_DEVNULL) #define _PATH_DEVNULL "/dev/null" #endif @@ -4441,10 +4446,11 @@ Hostinfo_GetModulePath(uint32 priv) // IN: * address resides. Expected usage is that the caller will pass * in the address of one of the caller's own functions. * - * Not implemented on MacOS. + * Not implemented on iOS (iOS does not support dynamic loading). + * Not fully implemented on ESX (the path MAY OR MAY NOT BE ABSOLUTE). * * Results: - * The path (which MAY OR MAY NOT BE ABSOLUTE) or NULL on failure. + * The absolute path or NULL on failure. * * Side effects: * Memory is allocated. @@ -4455,16 +4461,164 @@ Hostinfo_GetModulePath(uint32 priv) // IN: char * Hostinfo_GetLibraryPath(void *addr) // IN { -#ifdef __linux__ + char *path = NULL; + + /* + * Try fast path first. + * + * Does NOT work for iOS since iOS does not support dynamic loading. + */ +#if !TARGET_OS_IPHONE Dl_info info; if (dladdr(addr, &info)) { - return Unicode_Alloc(info.dli_fname, STRING_ENCODING_DEFAULT); + if (vmx86_server || + *info.dli_fname == DIRSEPC) { // We have an absolute path. + return Unicode_Alloc(info.dli_fname, STRING_ENCODING_DEFAULT); + } + } +#endif // !TARGET_OS_IPHONE + + /* + * Slow path for ESX, Linux, Android and macOS. + */ +#if defined(VMX86_SERVER) + { + // Slow path not needed on ESX by any caller. + } +#elif defined(__linux__) || defined(__ANDROID__) + { + DIR *dir; + + /* + * /proc/pid/map_files/ (since Linux 3.3) + * This subdirectory contains entries corresponding to + * memory-mapped files (see mmap(2)). Entries are named by + * memory region start and end address pair (expressed as + * hexadecimal numbers), and are symbolic links to the mapped + * files themselves. + * + * # ls -l /proc/self/map_files/ + * lr--------. 1 root root 64 Apr 16 21:31 + * 3252e00000-3252e20000 -> /usr/lib64/ld-2.15.so + */ + dir = Posix_OpenDir("/proc/self/map_files"); + if (dir == NULL) { + return NULL; + } + + for (;;) { + struct dirent *entry; + char *sep; + char *end; + uintptr_t startAddr; + uintptr_t endAddr; + + errno = 0; + entry = readdir(dir); + if (entry == NULL) { + ASSERT(errno == 0); + break; + } + + if (entry->d_type != DT_LNK) { // procfs supports `d_type`. + continue; + } + + sep = strchr(entry->d_name, '-'); + if (sep == NULL) { + continue; // The file name does NOT in `1234abcd-abcd1234` format + } + + errno = 0; + endAddr = (uintptr_t) strtoll(sep + 1, &end, 16); + if (*end != '\0' || errno != 0) { + continue; // The address is NOT hexadecimal numbers. + } + + if (endAddr < (uintptr_t) addr) { + continue; // `addr` is NOT in range. + } + + *sep = '\0'; // Terminate the start address part of the file name. + errno = 0; + startAddr = (uintptr_t) strtoll(entry->d_name, &end, 16); + if (*end != '\0' || errno != 0) { + continue; // The address is NOT hexadecimal numbers. + } + *sep = '-'; // Restore to the original file name. + + ASSERT((uintptr_t) addr <= endAddr); + if (startAddr <= (uintptr_t) addr) { + char targetBuf[PAGE_SIZE]; + ssize_t targetLen; + + /* + * readlinkat() does not append a terminating null byte to buf. + * It will (silently) truncate the contents in case the buffer + * is too small to hold all the contents. + */ + targetLen = readlinkat(dirfd(dir), entry->d_name, + targetBuf, sizeof targetBuf); + if (targetLen == -1 || + targetLen == sizeof targetBuf) { // truncation may have occurred + break; + } + + targetBuf[targetLen] = '\0'; + ASSERT(targetBuf[0] == DIRSEPC); // Ensure we have absolute path. + + path = Unicode_Alloc(targetBuf, STRING_ENCODING_DEFAULT); + break; + } + } // for each entry in "/proc/self/map_files" + + closedir(dir); + } +#elif defined(__APPLE__) && !TARGET_OS_IPHONE + { + char pathBuf[MAXPATHLEN]; + int pathLen; + pid_t pid; + + pid = getpid(); + errno = 0; + /* + * I cannot find a document for proc_regionfilename(). + * The only information I have is its source code: + * https://opensource.apple.com/source/Libc/Libc-825.40.1/darwin/ + * libproc.c.auto.html + * + * Parameters and return value: + * pid: The process ID of the `address` belongs to. + * address: The address you want to search. + * buffer: A buffer to receive the file path. + * buffersize: The size of the `buffer`, at least `MAXPATHLEN`. + * return value: The length of the path in `buffer`, or 0 on error. + * + * proc_regionfilename() does not append a terminating NUL byte to buffer. + * It will silently truncate the contents in case the buffer is too small + * to hold all the contents. + */ + pathLen = proc_regionfilename(pid, + (uintptr_t) addr, + pathBuf, + sizeof pathBuf); + if (pathLen == 0 || + pathLen == sizeof pathBuf) { // truncation may have occurred + goto out; + } + + ASSERT(errno == 0); + pathBuf[pathLen] = '\0'; + + path = Unicode_Alloc(pathBuf, STRING_ENCODING_DEFAULT); + out: + ; // A noop is needed at here to make the compiler happy. } - return NULL; -#else - return NULL; #endif + + return path; } From eba62c065fa21ee88d7c3e27533f1fbc4e959688 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 5 Oct 2023 10:35:27 -0700 Subject: [PATCH 023/375] Changes to common source files not applicable to open-vm-tools at this time. --- open-vm-tools/services/vmtoolsd/Makefile.am | 2 +- open-vm-tools/services/vmtoolsd/cmdLine.c | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/services/vmtoolsd/Makefile.am b/open-vm-tools/services/vmtoolsd/Makefile.am index f33703177..304d6f286 100644 --- a/open-vm-tools/services/vmtoolsd/Makefile.am +++ b/open-vm-tools/services/vmtoolsd/Makefile.am @@ -31,7 +31,7 @@ vmtoolsd_LDADD += @GMODULE_LIBS@ vmtoolsd_LDADD += @GOBJECT_LIBS@ vmtoolsd_LDADD += @GTHREAD_LIBS@ if LINUX - vmtoolsd_LDADD += ../../lib/globalConfig/libGlobalConfig.la +vmtoolsd_LDADD += ../../lib/globalConfig/libGlobalConfig.la endif vmtoolsd_SOURCES = diff --git a/open-vm-tools/services/vmtoolsd/cmdLine.c b/open-vm-tools/services/vmtoolsd/cmdLine.c index c98ac1967..cddd8b34b 100644 --- a/open-vm-tools/services/vmtoolsd/cmdLine.c +++ b/open-vm-tools/services/vmtoolsd/cmdLine.c @@ -44,6 +44,7 @@ #include "vmware/tools/guestrpc.h" #include "vm_version.h" + /** * Runs the given Tools RPC command, printing the result to the terminal and * exiting the application afterwards. From 0c494e27261531aaa6bc5d431e11dcf43691be61 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 5 Oct 2023 10:35:27 -0700 Subject: [PATCH 024/375] Allow only X509 certs to verify the SAML token signature. --- open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c b/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c index 72f1a495e..14cba1b5b 100644 --- a/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c +++ b/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c @@ -1356,7 +1356,14 @@ VerifySignature(xmlDocPtr doc, */ bRet = RegisterID(xmlDocGetRootElement(doc), "ID"); if (bRet == FALSE) { - g_warning("failed to register ID\n"); + g_warning("Failed to register ID\n"); + goto done; + } + + /* Use only X509 certs to validate the signature */ + if (xmlSecPtrListAdd(&(dsigCtx->keyInfoReadCtx.enabledKeyData), + BAD_CAST xmlSecKeyDataX509Id) < 0) { + g_warning("Failed to limit allowed key data\n"); goto done; } From 07c13237ef07e62927fc540c0f77cd67bb6b03b1 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 5 Oct 2023 10:35:27 -0700 Subject: [PATCH 025/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/system.h | 1 + 1 file changed, 1 insertion(+) diff --git a/open-vm-tools/lib/include/system.h b/open-vm-tools/lib/include/system.h index 73ad1287d..9345a9c88 100644 --- a/open-vm-tools/lib/include/system.h +++ b/open-vm-tools/lib/include/system.h @@ -78,6 +78,7 @@ Bool System_EnableDesktopComposition(BOOL enabled); LPWSTR System_GetImageFilePathForWindow(HWND hwnd); HANDLE System_OpenProcessForHWND(DWORD mask, BOOL inherit, HWND hwnd); LONG System_VerifyTrust(const char *filePath); +LPWSTR System_GetProcessCmdLine(DWORD pId); #endif From 6ab97407104bd86f63ef4ab30462c2234b72e47e Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 5 Oct 2023 10:35:27 -0700 Subject: [PATCH 026/375] Change to common source file not applicable to open-vm-tools. --- open-vm-tools/lib/asyncsocket/asyncSocketInterface.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/open-vm-tools/lib/asyncsocket/asyncSocketInterface.c b/open-vm-tools/lib/asyncsocket/asyncSocketInterface.c index 93d1de6df..fe5b2c91c 100644 --- a/open-vm-tools/lib/asyncsocket/asyncSocketInterface.c +++ b/open-vm-tools/lib/asyncsocket/asyncSocketInterface.c @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (C) 2016-2022 VMware, Inc. All rights reserved. + * Copyright (C) 2016-2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -383,7 +383,7 @@ AsyncSocket_UseNodelay(AsyncSocket *asyncSocket, // IN/OUT { const int noDelayNative = noDelay ? 1 : 0; return AsyncSocket_SetOption(asyncSocket, - IPPROTO_TCP, TCP_NODELAY, + (AsyncSocketOpts_Layer)IPPROTO_TCP, TCP_NODELAY, &noDelayNative, sizeof noDelayNative); } @@ -443,17 +443,17 @@ AsyncSocket_SetTCPTimeouts(AsyncSocket *asyncSocket, // IN/OUT ret = VT(asyncSocket)->setOption (asyncSocket, - IPPROTO_TCP, TCP_KEEPIDLE, + (AsyncSocketOpts_Layer)IPPROTO_TCP, TCP_KEEPIDLE, &keepIdleSec, sizeof keepIdleSec); if (ret == ASOCKERR_SUCCESS) { ret = VT(asyncSocket)->setOption (asyncSocket, - IPPROTO_TCP, TCP_KEEPINTVL, + (AsyncSocketOpts_Layer)IPPROTO_TCP, TCP_KEEPINTVL, &keepIntvlSec, sizeof keepIntvlSec); if (ret == ASOCKERR_SUCCESS) { ret = VT(asyncSocket)->setOption (asyncSocket, - IPPROTO_TCP, TCP_KEEPCNT, + (AsyncSocketOpts_Layer)IPPROTO_TCP, TCP_KEEPCNT, &keepCnt, sizeof keepCnt); } } From f48cd857d9fd17f4587b1d6d7213f9d88e658b5d Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 5 Oct 2023 10:35:27 -0700 Subject: [PATCH 027/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/backdoor_def.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/backdoor_def.h b/open-vm-tools/lib/include/backdoor_def.h index 9bb8e62b1..b194e6835 100644 --- a/open-vm-tools/lib/include/backdoor_def.h +++ b/open-vm-tools/lib/include/backdoor_def.h @@ -117,7 +117,7 @@ extern "C" { #define BDOOR_CMD_GETTIME 23 /* Deprecated -> GETTIMEFULL. */ #define BDOOR_CMD_STOPCATCHUP 24 #define BDOOR_CMD_PUTCHR 25 /* Disabled by default. */ -#define BDOOR_CMD_ENABLE_MSG 26 /* Devel only. */ +//#define BDOOR_CMD_ENABLE_MSG 26 /* Not in use. Was devel only.*/ //#define BDOOR_CMD_GOTO_TCL 27 /* Not in use. Was devel only */ #define BDOOR_CMD_INITPCIOPROM 28 /* CPL 0 only. */ //#define BDOOR_CMD_INT13 29 /* Not in use. */ From 6e43c69c0ab3e84a6d63d39d9fb832fc02d6076c Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 5 Oct 2023 10:35:27 -0700 Subject: [PATCH 028/375] Changes to common source files not applicable to open-vm-tools. --- .../lib/asyncsocket/asyncSocketInterface.c | 32 +++++++++++++++++++ .../lib/asyncsocket/asyncSocketVTable.h | 6 +++- open-vm-tools/lib/asyncsocket/asyncsocket.c | 1 + open-vm-tools/lib/include/asyncsocket.h | 2 ++ 4 files changed, 40 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/lib/asyncsocket/asyncSocketInterface.c b/open-vm-tools/lib/asyncsocket/asyncSocketInterface.c index fe5b2c91c..b00ac212c 100644 --- a/open-vm-tools/lib/asyncsocket/asyncSocketInterface.c +++ b/open-vm-tools/lib/asyncsocket/asyncSocketInterface.c @@ -1222,6 +1222,38 @@ AsyncSocket_GetNetworkStats(AsyncSocket *asock, // IN } +/* + *---------------------------------------------------------------------------- + * + * AsyncSocket_GetSNIHostname -- + * + * Get SNI hostname from the active socket. + * + * Results: + * ASOCKERR_* + * + * Side effects: + * None. + * + *---------------------------------------------------------------------------- + */ + +int +AsyncSocket_GetSNIHostname(AsyncSocket *asock, // IN + const char **sniHostname) // OUT +{ + int ret; + if (VALID(asock, getSNIHostname)) { + AsyncSocketLock(asock); + ret = VT(asock)->getSNIHostname(asock, sniHostname); + AsyncSocketUnlock(asock); + } else { + ret = ASOCKERR_INVAL; + } + return ret; +} + + /* *---------------------------------------------------------------------------- * diff --git a/open-vm-tools/lib/asyncsocket/asyncSocketVTable.h b/open-vm-tools/lib/asyncsocket/asyncSocketVTable.h index 4c2e4fa6d..04d161a62 100644 --- a/open-vm-tools/lib/asyncsocket/asyncSocketVTable.h +++ b/open-vm-tools/lib/asyncsocket/asyncSocketVTable.h @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (c) 2011,2014-2017,2019-2022 VMware, Inc. All rights reserved. + * Copyright (c) 2011,2014-2017,2019-2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -41,6 +41,8 @@ /* * If we change the AsyncSocketVTable, we also need to change the follow files: + * apps/asyncSocketProxy/asyncVvcSocket.c + * lib/blastSockets/asyncBweSocket.c * lib/blastSockets/asyncProxySocket.c * lib/asyncsocket/asyncsocket.c * lib/asyncsocket/asyncWebSocket.c @@ -108,6 +110,8 @@ typedef struct AsyncSocketVTable { int (*isSendBufferFull)(AsyncSocket *asock); int (*getNetworkStats)(AsyncSocket *asock, AsyncSocketNetworkStats *stats); + int (*getSNIHostname)(AsyncSocket *asock, + const char **sniHostname); int (*close)(AsyncSocket *asock); int (*closeWrite)(AsyncSocket *asock); int (*cancelRecv)(AsyncSocket *asock, int *partialRecvd, void **recvBuf, diff --git a/open-vm-tools/lib/asyncsocket/asyncsocket.c b/open-vm-tools/lib/asyncsocket/asyncsocket.c index 26aee553a..4f7b1843a 100644 --- a/open-vm-tools/lib/asyncsocket/asyncsocket.c +++ b/open-vm-tools/lib/asyncsocket/asyncsocket.c @@ -413,6 +413,7 @@ static const AsyncSocketVTable asyncTCPSocketVTable = { AsyncTCPSocketSend, AsyncTCPSocketIsSendBufferFull, NULL, /* getNetworkStats */ + NULL, /* getSNIHostname */ AsyncTCPSocketClose, AsyncTCPSocketCloseWrite, AsyncTCPSocketCancelRecv, diff --git a/open-vm-tools/lib/include/asyncsocket.h b/open-vm-tools/lib/include/asyncsocket.h index 21c2d27a4..57d491570 100644 --- a/open-vm-tools/lib/include/asyncsocket.h +++ b/open-vm-tools/lib/include/asyncsocket.h @@ -729,6 +729,8 @@ int AsyncSocket_SendWithFd(AsyncSocket *asock, void *buf, int len, int passFd, int AsyncSocket_IsSendBufferFull(AsyncSocket *asock); int AsyncSocket_GetNetworkStats(AsyncSocket *asock, AsyncSocketNetworkStats *stats); +int AsyncSocket_GetSNIHostname(AsyncSocket *asock, + const char **sniHostname); int AsyncSocket_CancelRecv(AsyncSocket *asock, int *partialRecvd, void **recvBuf, void **recvFn); int AsyncSocket_CancelRecvEx(AsyncSocket *asock, int *partialRecvd, void **recvBuf, From 59bff291726794b85921edf206290cd43c2b3cc2 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 5 Oct 2023 10:35:27 -0700 Subject: [PATCH 029/375] Change to common header file not applicable to open-vm-tools. --- .../lib/include/vm_product_versions.h | 26 +++++++++---------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/open-vm-tools/lib/include/vm_product_versions.h b/open-vm-tools/lib/include/vm_product_versions.h index 40830ece8..7385da4cc 100644 --- a/open-vm-tools/lib/include/vm_product_versions.h +++ b/open-vm-tools/lib/include/vm_product_versions.h @@ -83,7 +83,7 @@ /* this should be kept in sync with the corresponding vpx branch. */ #define PRODUCT_VERSION 8,0,2,PRODUCT_BUILD_NUMBER_NUMERIC #elif defined(VMX86_HORIZON_VIEW) - #define PRODUCT_VERSION 8,11,0,PRODUCT_BUILD_NUMBER_NUMERIC + #define PRODUCT_VERSION 8,12,0,PRODUCT_BUILD_NUMBER_NUMERIC // VMX86_DESKTOP must be last because it is the default and is always defined. #elif defined(VMX86_DESKTOP) // WORKSTATION_VERSION_NUMBER below has to match this @@ -384,27 +384,27 @@ * SCons parsing code requires that each line have a version string, so we * can't just do something like #define RDESDK_VERSION VIEW_VERSION" */ -#define VIEW_CLIENT_VERSION "8.11.0" +#define VIEW_CLIENT_VERSION "8.12.0" #define VIEW_CLIENT_VERSION_NUMBER VIEW_CLIENT_VERSION -#define VIEW_VERSION "8.11.0" -#define RDE_RFT_ALL_VERSION "8.11.0" -#define RDE_RFT_REL_VERSION "8.11.0" -#define RDESDKREL_VERSION "8.11.0" -#define MKSVCHANDEV_VERSION "15.11.0" -#define TSMMRDEV_VERSION "8.11.0" -#define RDF_VERSION "8.11.0" -#define HORIZON_DAAS_AGENT_VERSION "23.3.0" -#define HORIZON_USB_AGENT_VERSION "11.11.0" +#define VIEW_VERSION "8.12.0" +#define RDE_RFT_ALL_VERSION "8.12.0" +#define RDE_RFT_REL_VERSION "8.12.0" +#define RDESDKREL_VERSION "8.12.0" +#define MKSVCHANDEV_VERSION "15.12.0" +#define TSMMRDEV_VERSION "8.12.0" +#define RDF_VERSION "8.12.0" +#define HORIZON_DAAS_AGENT_VERSION "23.4.0" +#define HORIZON_USB_AGENT_VERSION "11.12.0" #define HORIZON_UPDATETOOL_VERSION "2.0.9" #define MFW_VERSION "16.9.0" -#define HORIZONTOOL_VERSION "16.11.0" +#define HORIZONTOOL_VERSION "16.12.0" /* * This is the Horizon Marketing version which is shared between * Horizon Client, Agent and Server. It is set in the format of * YYMM of the targeted release date. */ -#define HORIZON_YYMM_VERSION "2309" +#define HORIZON_YYMM_VERSION "2312" #ifndef MAKESTR #define MAKESTR(x) #x From aeb469eda96b721bb382e294f63342139c7ae694 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 5 Oct 2023 10:35:27 -0700 Subject: [PATCH 030/375] Remove support for building with xml-security-c and xerces-c. --- open-vm-tools/configure.ac | 138 +- open-vm-tools/vgauth/service/Makefile.am | 18 +- .../serviceImpl/saml-xml-security-c.cpp | 1280 ----------------- .../vgauth/serviceImpl/saml-xmlsec1.c | 37 +- open-vm-tools/vgauth/serviceImpl/samlInt.hpp | 142 -- 5 files changed, 70 insertions(+), 1545 deletions(-) delete mode 100644 open-vm-tools/vgauth/serviceImpl/saml-xml-security-c.cpp delete mode 100644 open-vm-tools/vgauth/serviceImpl/samlInt.hpp diff --git a/open-vm-tools/configure.ac b/open-vm-tools/configure.ac index b39422b4b..49293f6e5 100644 --- a/open-vm-tools/configure.ac +++ b/open-vm-tools/configure.ac @@ -793,86 +793,50 @@ fi AC_ARG_ENABLE([vgauth], [AS_HELP_STRING([--disable-vgauth], - [do not build vgauth.])], + [do not build vgauth])], [ if test "$with_pam" = "no" -a "$enableval" = "yes"; then AC_MSG_ERROR([Cannot enable vgauth without PAM. Please configure without --without-pam or without --enable-vgauth.]) fi enable_vgauth="$enableval" - use_xmlsec1=yes ], [ if test "$with_pam" = "no"; then enable_vgauth="no" - use_xmlsec1="no" AC_MSG_WARN("Building without PAM; vgauth will be disabled.") elif test "$os" = "linux"; then enable_vgauth=yes - use_xmlsec1=yes else enable_vgauth=no - use_xmlsec1=yes fi ]) -AC_ARG_ENABLE([xmlsec1], - [AS_HELP_STRING([--enable-xmlsec1], - [build vgauth with xmlsec1 instead of xml-security-c (on by default).])], - [use_xmlsec1="$enableval"], - [use_xmlsec1=yes]) - -AC_ARG_ENABLE([xmlsecurity], - [AS_HELP_STRING([--enable-xmlsecurity], - [build vgauth with xml-security-c instead of xmlsec1 (off by default).])], - [ - if test "$enableval" = "yes"; then - use_xmlsec1="no" - else - use_xmlsec1="yes" - fi - ], - []) - # -# Check for openssl, xerces-c and xml-security-c +# Check for openssl, xmlsec1, xml2 # AC_ARG_WITH([ssl], [AS_HELP_STRING([--without-ssl], - [compiles without openssl support (disables vgauth).])], - [ - enable_vgauth=no - ], - [with_ssl=yes]) - -AC_ARG_WITH([xmlsecurity], - [AS_HELP_STRING([--without-xmlsecurity], - [compiles without xml-security-c support (disables vgauth).])], - [enable_vgauth=no], - [with_xmlsecurity=yes]) - -AC_ARG_WITH([xerces], - [AS_HELP_STRING([--without-xerces], - [compiles without xerces support (disables vgauth).])], - [enable_vgauth=no], - [with_xerces=yes]) + [compiles without openssl support (disables vgauth)])], + [if test "$withval" = "no"; then enable_vgauth = "no"; fi], + [with_ssl="yes"]) AC_ARG_WITH([xmlsec1], [AS_HELP_STRING([--without-xmlsec1], - [compiles without xmlsec1 support (disables vgauth).])], - [enable_vgauth=no], - [with_xmlsec1=yes]) + [compiles without xmlsec1 support (disables vgauth)])], + [if test "$withval" = "no"; then enable_vgauth = "no"; fi], + [with_xmlsec1="yes"]) AC_ARG_WITH([xml2], [AS_HELP_STRING([--without-xml2], - [compiles without xml2 support (disables vgauth).])], - [enable_vgauth=no], - [with_xml2=yes]) + [compiles without xml2 support (disables vgauth)])], + [if test "$withval" = "no"; then enable_vgauth = "no"; fi], + [with_xml2="yes"]) AC_ARG_WITH([tirpc], [AS_HELP_STRING([--without-tirpc], - [compiles with/without libtirpc.])], + [compiles with/without libtirpc])], [], [with_tirpc=auto]) @@ -890,59 +854,32 @@ if test "$enable_vgauth" = "yes" ; then [BIO_new_file], [], [AC_VMW_LIB_ERROR([SSL], [ssl])]) -fi -if test "$enable_vgauth" = "yes"; then CPPFLAGS="$CPPFLAGS -DUSE_VGAUTH" - if test "$use_xmlsec1" = "yes"; then - AC_VMW_DEFAULT_FLAGS([XML2]) - AC_VMW_CHECK_LIB([xml2], - [XML2], - [], - [], - [], - [], - [], - [], - [AC_VMW_LIB_ERROR([XML2], [xml2])]) - - # Multiple distros built xmlsec1 with -DXMLSEC_NO_SIZE_T but - # their xmlssec1-config --cflags doesn't properly report it, - # so force it on. - AC_VMW_DEFAULT_FLAGS([XMLSEC1]) - AC_VMW_CHECK_LIB([xmlsec1], - [XMLSEC1], - [], - [xmlsec1-config], - [], - [xmlsec/xmlsec.h], - [xmlSecCheckVersionExt], - [XMLSEC1_CPPFLAGS="$XMLSEC1_CPPFLAGS -DXMLSEC_NO_SIZE_T"], - [AC_VMW_LIB_ERROR([XMLSEC1], [xmlsec1])]) - - else - AC_VMW_DEFAULT_FLAGS([XERCES]) - AC_VMW_CHECK_LIB([xerces-c], - [XERCES], - [], - [], - [], - [], - [], - [], - [AC_VMW_LIB_ERROR([XERCES], [xerces])]) - - AC_VMW_DEFAULT_FLAGS([XMLSECURITY]) - AC_VMW_CHECK_LIB([xml-security-c], - [XMLSECURITY], - [], - [], - [], - [], - [], - [], - [AC_VMW_LIB_ERROR([XMLSECURITY], [xmlsecurity])]) - fi + AC_VMW_DEFAULT_FLAGS([XML2]) + AC_VMW_CHECK_LIB([xml2], + [XML2], + [], + [], + [], + [], + [], + [], + [AC_VMW_LIB_ERROR([XML2], [xml2])]) + +# Multiple distros built xmlsec1 with -DXMLSEC_NO_SIZE_T but +# their xmlssec1-config --cflags doesn't properly report it, +# so force it on. + AC_VMW_DEFAULT_FLAGS([XMLSEC1]) + AC_VMW_CHECK_LIB([xmlsec1], + [XMLSEC1], + [], + [xmlsec1-config], + [], + [xmlsec/xmlsec.h], + [xmlSecCheckVersionExt], + [XMLSEC1_CPPFLAGS="$XMLSEC1_CPPFLAGS -DXMLSEC_NO_SIZE_T"], + [AC_VMW_LIB_ERROR([XMLSEC1], [xmlsec1])]) fi # @@ -1711,13 +1648,12 @@ AM_CONDITIONAL(USE_SLASH_PROC, test "$os" = "linux") AM_CONDITIONAL(ENABLE_CONTAINERINFO, test "$enable_containerinfo" = "yes") AM_CONDITIONAL(ENABLE_DEPLOYPKG, test "$enable_deploypkg" = "yes") AM_CONDITIONAL(ENABLE_VGAUTH, test "$enable_vgauth" = "yes") -AM_CONDITIONAL(USE_XMLSEC1, test "$use_xmlsec1" = "yes") AM_CONDITIONAL(HAVE_VSOCK, test "$os" = "linux") AM_CONDITIONAL(HAVE_MKDTEMP, test "$have_mkdtemp" = "yes") AM_CONDITIONAL(HAVE_UDEV, test "$have_udev" = "yes") AM_CONDITIONAL(ENABLE_RESOLUTIONKMS, test "x$enable_resolutionkms" = "xyes") AM_CONDITIONAL(ENABLE_VMWGFXCTRL, test "x$enable_vmwgfxctrl" = "xyes") -AM_CONDITIONAL(VGAUTH_USE_CXX, test "$with_icu" = "yes" -o "$use_xmlsec1" != "yes") +AM_CONDITIONAL(VGAUTH_USE_CXX, test "$with_icu" = "yes") AM_CONDITIONAL(ENABLE_LIBAPPMONITOR, test "$enable_libappmonitor" = "yes") AM_CONDITIONAL(ENABLE_SDMP, test "$enable_servicediscovery" = "yes") AM_CONDITIONAL(ENABLE_SALTMINION, test "$enable_saltminion" = "yes" -a \( "$arch" = "x64" \) ) diff --git a/open-vm-tools/vgauth/service/Makefile.am b/open-vm-tools/vgauth/service/Makefile.am index 54df26c18..9f46a9a93 100644 --- a/open-vm-tools/vgauth/service/Makefile.am +++ b/open-vm-tools/vgauth/service/Makefile.am @@ -1,5 +1,5 @@ ################################################################################ -### Copyright (C) 2014-2020, 2022 VMware, Inc. All rights reserved. +### Copyright (C) 2014-2020, 2022, 2023 VMware, Inc. All rights reserved. ### ### This program is free software; you can redistribute it and/or modify ### it under the terms of version 2 of the GNU General Public License as @@ -30,11 +30,7 @@ VGAuthService_SOURCES += ../serviceImpl/filePosix.c VGAuthService_SOURCES += ../serviceImpl/netPosix.c VGAuthService_SOURCES += ../serviceImpl/proto.c VGAuthService_SOURCES += ../serviceImpl/random.c -if USE_XMLSEC1 VGAuthService_SOURCES += ../serviceImpl/saml-xmlsec1.c -else -VGAuthService_SOURCES += ../serviceImpl/saml-xml-security-c.cpp -endif VGAuthService_SOURCES += ../serviceImpl/service.c VGAuthService_SOURCES += ../serviceImpl/ticket.c VGAuthService_SOURCES += ../serviceImpl/verify.c @@ -64,12 +60,7 @@ VGAuthService_SCRIPTS += ../serviceImpl/schemas/catalog.xml VGAuthService_CPPFLAGS = VGAuthService_CPPFLAGS += @GLIB2_CPPFLAGS@ -if USE_XMLSEC1 VGAuthService_CPPFLAGS += @XMLSEC1_CPPFLAGS@ -else -VGAuthService_CPPFLAGS += @XERCES_CPPFLAGS@ -VGAuthService_CPPFLAGS += @XMLSECURITY_CPPFLAGS@ -endif VGAuthService_CPPFLAGS += @SSL_CPPFLAGS@ VGAuthService_CPPFLAGS += -I$(top_srcdir)/vgauth/public VGAuthService_CPPFLAGS += -I$(top_srcdir)/vgauth/common @@ -78,14 +69,7 @@ VGAuthService_CPPFLAGS += -I$(top_srcdir)/vgauth/serviceImpl VGAuthService_LDADD = VGAuthService_LDADD += @GLIB2_LIBS@ VGAuthService_LDADD += @GTHREAD_LIBS@ -if USE_XMLSEC1 VGAuthService_LDADD += @XMLSEC1_LIBS@ -else -VGAuthService_LDADD += @XERCES_LIBS@ -VGAuthService_LDADD += @XMLSECURITY_LIBS@ -VGAuthService_LDADD += -lxerces-c -VGAuthService_LDADD += -lxml-security-c -endif VGAuthService_LDADD += @SSL_LIBS@ VGAuthService_LDADD += -lssl VGAuthService_LDADD += -lcrypto diff --git a/open-vm-tools/vgauth/serviceImpl/saml-xml-security-c.cpp b/open-vm-tools/vgauth/serviceImpl/saml-xml-security-c.cpp deleted file mode 100644 index 7fca8ba63..000000000 --- a/open-vm-tools/vgauth/serviceImpl/saml-xml-security-c.cpp +++ /dev/null @@ -1,1280 +0,0 @@ -/********************************************************* - * Copyright (c) 2011-2017,2023 VMware, Inc. All rights reserved. - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as published - * by the Free Software Foundation version 2.1 and no later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public - * License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - *********************************************************/ - -/** - * @file saml-xml-security-c.cpp - * - * Code for authenticating users based on SAML tokens. - */ - -#include -#include -#include -#include - -#undef WIN32_LEAN_AND_MEAN // XSEC unconditionally redefines this -#include -#include -#include -#include -#include -#include -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -/* - * XXX - * - * Optimization idea: stash a hash (SHA512) of a valid token, and bypass - * the full assertion process when we see that token again. The expiration - * date of the token must also be saved off (and beware the time skew issue). - * - * Note that there's some extra complexity here: - * - * 1 - AddAlias sets up a cert/user mapping - * 2 - a SAML token is used (and cached) using this cert/user combo - * 3 - RemoveAlias removes the combo - * 4 - the cached token still works - * - * So the cache should only bypass the token validation, not the certificate - * check in ServiceVerifyAndCheckTrustCertChainForSubject() - * - * Also TBD is how much this buys us in the real world. With short - * token lifetimes, its less interesting. Its also possible that - * it will have no measureable affect because the token verification - * will be lost in the noise of the API plumbing from VC->hostd->VMX->tools. - * - * The security folks have signed off on this, so long as we store only - * in memory. - * - */ - -/* - * XXX - * - * We should be a lot smarter about this, but this gets QE - * moving. - */ -#define SAML_TOKEN_PREFIX "saml:" -#define SAML_TOKEN_SSO_PREFIX "saml2:" - -extern "C" { -#include "prefs.h" -#include "serviceInt.h" -} -#include "samlInt.hpp" - - -/** - * Error handler used to log warnings from the XML parser. - */ - -class SAMLErrorHandler : public ErrorHandler { -public: - static void - printWarning(const SAXParseException &e, - const char *msg) - { - SAMLStringWrapper nativeMsg(e.getMessage()); - - /* - * XXX - * - * These functions were inlined on older compilers but are exported - * from libstdc++.so on newer compilers (4.4.3). Avoid using them to - * avoid the newer dependency. - * - * _ZNSo9_M_insertIyEERSoT_@@GLIBCXX_3.4.9 - * std::basic_ostream >& - * std::basic_ostream >:: - * _M_insert(unsigned long long) - * aka: operator<<(uint64_t) - * - * _ZSt16__ostream_insertIcSt11char_traitsIcEERSt13basic_ostreamIT_T0_ES6_PKS3_i@@GLIBCXX_3.4.9 - * std::basic_ostream >& - * std::__ostream_insert > - * (std::basic_ostream >&, - * char const*, int) - * aka: operator<<(std::string) - * - */ - Debug("SAML: %s: %s (line=%d, col=%d)\n", - msg, nativeMsg.c_str(), - (int) e.getLineNumber(), (int) e.getColumnNumber()); - -#ifdef avoid_this_usage - /* - * I'm tired of defining format modifier macros, so let's use - * stringstream to handle e.getLineNumber()'s return type. - */ - - std::stringstream ss; - - ss << msg << ": " << nativeMsg.c_str() << "" << " (line=" << - e.getLineNumber() << ", col=" << e.getColumnNumber() << ")"; - - Debug("SAML: %s.\n", ss.str().c_str()); -#endif - } - - void - warning(const SAXParseException &e) - { - printWarning(e, "warning"); - } - - void - error(const SAXParseException &e) - { - printWarning(e, "error"); - } - - void - fatalError (const SAXParseException &e) - { - printWarning(e, "fatal error"); - } - - void - resetErrors() - { - } -}; - - - -/** - * The XML schema files needed to perform validating parsing of the - * SAML assertions. Note: the order is important, since schemas need - * to be loaded before any schema that depends on them, so don't change - * the order. - */ -static const char *schemas[] = { - "xml.xsd", - "XMLSchema.xsd", - "xmldsig-core-schema.xsd", - "xenc-schema.xsd", - "saml-schema-assertion-2.0.xsd", -}; - - -/** - * An in-memory cache for XML schemas. - */ -static XMLGrammarPool *pool = NULL; - -static int clockSkewAdjustment = VGAUTH_PREF_DEFAULT_CLOCK_SKEW_SECS; - -static bool SAMLLoadSchema(XercesDOMParser &parser, - const SAMLGlibString &schemaDir, - const char *filename); -static DOMDocument *SAMLValidateSchemaAndParse(XercesDOMParser &parser, - const char *xmlText); - -static bool SAMLCheckSubject(const DOMDocument *doc, - SAMLTokenData &token); - -static bool SAMLCheckConditions(const DOMDocument *doc, - SAMLTokenData &token); - -static bool SAMLCheckTimeAttr(const DOMElement *elem, const char *attrName, - bool beforeNow); - -static bool SAMLCheckAudience(const XMLCh *audience); - -static bool SAMLCheckSignature(DOMDocument *doc, - gboolean hostVerified, - vector &certs); - -static bool SAMLCheckReference(const DOMDocument *doc, DSIGSignature *sig); - -static DOMElement *SAMLFindChildByName(const DOMElement *elem, - const char *name); - -static auto_ptr SAMLFindKey(const XSECEnv &secEnv, - const DOMElement *sigElem); - - -/* - ****************************************************************************** - * SAML_Init -- */ /** - * - * Performs any initialization needed for SAML processing. - * - * @return VGAUTH_E_OK on success, VGAuthError on failure - * - ****************************************************************************** - */ - -VGAuthError -SAML_Init() -{ - try { - XMLPlatformUtils::Initialize(); - XSECPlatformUtils::Initialise(); - - auto_ptr myPool = SAMLCreateAndPopulateGrammarPool(); - if (NULL == myPool.get()) { - return VGAUTH_E_FAIL; - } - - pool = myPool.release(); - - clockSkewAdjustment = Pref_GetInt(gPrefs, VGAUTH_PREF_CLOCK_SKEW_SECS, - VGAUTH_PREF_GROUP_NAME_SERVICE, - VGAUTH_PREF_DEFAULT_CLOCK_SKEW_SECS); - Log("%s: Allowing %d of clock skew for SAML date validation\n", - __FUNCTION__, clockSkewAdjustment); - - return VGAUTH_E_OK; - } catch (const XMLException& e) { - SAMLStringWrapper msg(e.getMessage()); - - Warning("Failed to initialize Xerces: %s.\n", msg.c_str()); - return VGAUTH_E_FAIL; - } catch (...) { - // We're called from C code, so don't let any exceptions out. - Warning("%s: Unexpected exception.\n", __FUNCTION__); - return VGAUTH_E_FAIL; - } -} - - -/* - ****************************************************************************** - * SAMLCreateAndPopulateGrammarPool -- */ /** - * - * Creates a grammar pool that is populates with cached grammars representing - * the XML schemas needed for SAML validation. - * - * @return A heap allocated grammar pool (must be freed with operator - * delete) or NULL on failure. - * - ****************************************************************************** - */ - -auto_ptr -SAMLCreateAndPopulateGrammarPool() -{ - auto_ptr newPool(new XMLGrammarPoolImpl(XMLPlatformUtils::fgMemoryManager)); - - /* - * Create a parser instance to load all the schemas, so they can - * be cached for later. In addition to making parsing faster, we - * need to cache them so that Xerces does not try to download - * schemas from the web when one is referenced or imported by another - * schema. - */ - XercesDOMParser parser(NULL, XMLPlatformUtils::fgMemoryManager, - newPool.get()); - - gchar *dir = Pref_GetString(gPrefs, VGAUTH_PREF_SAML_SCHEMA_DIR, - VGAUTH_PREF_GROUP_NAME_SERVICE, NULL); - if (NULL == dir) { -#ifdef _WIN32 - /* - * To make life easier for the Windows installer, assume - * the schema directory is next to the executable. Also - * check in ../ in case we're in a dev environment. - */ - dir = g_build_filename(gInstallDir, "schemas", NULL); - if (!(g_file_test(dir, G_FILE_TEST_EXISTS) && - g_file_test(dir, G_FILE_TEST_IS_DIR))) { - - gchar *newDir = g_build_filename(gInstallDir, "..", "schemas", NULL); - - Debug("%s: schemas not found in Windows install loc '%s'," - " trying dev location of '%s'\n", __FUNCTION__, dir, newDir); - - g_free(dir); - dir = newDir; - } -#else - /* - * XXX -- clean this up to make a better default for Linux. - */ - dir = g_build_filename(gInstallDir, "..", "schemas", NULL); -#endif - } - Log("%s: Using '%s' for SAML schemas\n", __FUNCTION__, dir); - SAMLGlibString schemaDir(dir); - - for (unsigned int i = 0; i < G_N_ELEMENTS(schemas); i++) { - if (!SAMLLoadSchema(parser, schemaDir, schemas[i])) { - return auto_ptr(NULL); - } - } - - return newPool; -} - - -/* - ****************************************************************************** - * SAML_Shutdown -- */ /** - * - * Performs any clean-up of resources needed for SAML processing. - * - ****************************************************************************** - */ - -void -SAML_Shutdown() -{ - try { - delete pool; - pool = NULL; - XSECPlatformUtils::Terminate(); - XMLPlatformUtils::Terminate(); - } catch (...) { - // We're called from C code, so don't let any exceptions out. - Warning("%s: Unexpected exception.\n", __FUNCTION__); - } -} - - -/* - ****************************************************************************** - * SAML_Reload -- */ /** - * - * Reload any in-memory state used by the SAML module. - * - ****************************************************************************** - */ - -void -SAML_Reload() -{ - ASSERT(pool != NULL); - - auto_ptr myPool = SAMLCreateAndPopulateGrammarPool(); - if (NULL == myPool.get()) { - Warning("%s: Failed to reload SAML state. Using old settings.\n", - __FUNCTION__); - return; - } - - delete pool; - pool = myPool.release(); -} - - -/* - ****************************************************************************** - * SAMLLoadSchema -- */ /** - * - * Loads a schema into the grammar pool used by the given parser. - * - * @param[in] parser The parser to load the schema with. - * @param[in] schemaDir The full path to the directory containing the schema. - * @param[in] filename The name of the XML schema file. - * - * @return true if the schema file was successfully loaded, false otherwise. - * - ****************************************************************************** - */ - -static bool -SAMLLoadSchema(XercesDOMParser &parser, - const SAMLGlibString &schemaDir, - const char *filename) -{ - SAMLGlibString schemaPath(g_build_filename(schemaDir.c_str(), filename, - NULL)); - Grammar *g = parser.loadGrammar(schemaPath.c_str(), - Grammar::SchemaGrammarType, true); - if (g == NULL) { - /* - * The parser complains even with official schemas, so we don't - * normally set an error handler. However, this should not fail since - * we control these files, so try again with logging, so we can see - * what went wrong. - */ - SAMLErrorHandler errorHandler; - parser.setErrorHandler(&errorHandler); - - g = parser.loadGrammar(schemaPath.c_str(), Grammar::SchemaGrammarType, - true); - - Warning("Failed to load XML Schema from %s.\n", schemaPath.c_str()); - return false; - } - - return true; -} - - -/* - ****************************************************************************** - * SAML_VerifyBearerToken -- */ /** - * - * Determines whether the SAML bearer token can be used to authenticate. - * A token consists of a single SAML assertion. - * - * This is currently only used from the test code. - * - * @param[in] xmlText The text of the SAML assertion. - * @param[in] userName Optional username to authenticate as. - * @param[out] userNameOut The user that the token has authenticated as. - * @param[out] subjNameOut The subject in the token. - * @param[out] verifySi The subjectInfo associated with the entry - * in the ID provider store used to verify the - * SAML cert. - * - * @return VGAUTH_E_OK on success, VGAuthError on failure - * - ****************************************************************************** - */ - -VGAuthError -SAML_VerifyBearerToken(const char *xmlText, - const char *userName, - char **userNameOut, - char **subjNameOut, - ServiceAliasInfo **verifyAi) -{ - try { - vector certs; - VGAuthError err; - SAMLTokenData token; - - err = SAMLVerifyAssertion(xmlText, - FALSE, // use original mode - token, certs); - if (VGAUTH_E_OK != err) { - return err; - } - - return err; - } catch (XSECException &e) { - SAMLStringWrapper msg(e.getMsg()); - - Warning("XSec exception while verifying assertion: %s.\n", msg.c_str()); - return VGAUTH_E_FAIL; - } catch (const XMLException& e) { - SAMLStringWrapper msg(e.getMessage()); - - Warning("Xerces exception while verifying assertion: %s.\n", - msg.c_str()); - return VGAUTH_E_FAIL; - } catch (...) { - // We're called from C code, so don't let any exceptions out. - Warning("Unexpected exception.\n"); - return VGAUTH_E_FAIL; - } -} - - -/* - ****************************************************************************** - * SAML_VerifyBearerTokenAndChain -- */ /** - * - * Determines whether the SAML bearer token can be used to authenticate. - * A token consists of a single SAML assertion. - * The token must first be verified, then the certificate chain used - * verify it must be checked against the appropriate certificate store. - * - * @param[in] xmlText The text of the SAML assertion. - * @param[in] userName Optional username to authenticate as. - * @param[in] hostVerified If true, skip signature verification. - * @param[out] userNameOut The user that the token has authenticated as. - * @param[out] subjNameOut The subject in the token. - * @param[out] verifySi The subjectInfo associated with the entry - * in the ID provider store used to verify the - * SAML cert. - * - * @return VGAUTH_E_OK on success, VGAuthError on failure - * - ****************************************************************************** - */ - -VGAuthError -SAML_VerifyBearerTokenAndChain(const char *xmlText, - const char *userName, - gboolean hostVerified, - char **userNameOut, - char **subjNameOut, - ServiceAliasInfo **verifyAi) -{ - *userNameOut = NULL; - *subjNameOut = NULL; - *verifyAi = NULL; - - try { - vector certs; - VGAuthError err; - SAMLTokenData token; - char **pemCerts; - ServiceSubject subj; - int i; - - err = SAMLVerifyAssertion(xmlText, - hostVerified, - token, certs); - if (VGAUTH_E_OK != err) { - return err; - } - - pemCerts = (char **) g_malloc0(sizeof(char *) * certs.size()); - for (i = 0; i < (int) certs.size(); i++) { - pemCerts[i] = g_strdup(certs[i].c_str()); - } - subj.type = SUBJECT_TYPE_NAMED; - if (subjNameOut) { - *subjNameOut = g_strdup(token.subjectName.c_str()); - } - subj.name = g_strdup(token.subjectName.c_str()); - err = ServiceVerifyAndCheckTrustCertChainForSubject((int) certs.size(), - (const char **) pemCerts, - userName, - &subj, - userNameOut, - verifyAi); - Debug("%s: ServiceVerifyAndCheckTrustCertChainForSubject() returned " VGAUTHERR_FMT64 "\n", __FUNCTION__, err); - - for (i = 0; i < (int) certs.size(); i++) { - g_free(pemCerts[i]); - } - g_free(pemCerts); - g_free(subj.name); - return err; - } catch (XSECException &e) { - SAMLStringWrapper msg(e.getMsg()); - - Warning("XSec exception while verifying assertion: %s.\n", msg.c_str()); - return VGAUTH_E_FAIL; - } catch (const XMLException& e) { - SAMLStringWrapper msg(e.getMessage()); - - Warning("Xerces exception while verifying assertion: %s.\n", - msg.c_str()); - return VGAUTH_E_FAIL; - } catch (...) { - // We're called from C code, so don't let any exceptions out. - Warning("Unexpected exception.\n"); - return VGAUTH_E_FAIL; - } -} - - -/* - ****************************************************************************** - * SAMLVerifyAssertion -- */ /** - * - * Performs the following checks to validate a SAML assertion. - * 1) Checks that the XML document is well formed according to the SAML 2.0 - * Assertion XML schema. - * 2) Check that the assertion is signed by a certificate contained within - * the assertion. - * 3) TODO: Check that the assertion contains a Subject element, and that - * Subject element should contain a SubjectConfirmation element. The - * SubjectConfirmation method must be "bearer" - * ("urn:oasis:names:tc:SAML:2.0:cm:bearer"). - * 4) The Conditions element for the assertion must be met in terms of - * any "NotBefore" or "NotOnOrAfter" information. - * The chain of certs used to verify the signature will be returned via @a - * certs. - * - * @param[in] xmlText - * @param[in] hostVerified If true, skip signature verification. - * @param[out] token The interesting bits extracted from the xmlText. - * @param[out] certs If the SAML assertion is verified, then this will - * contain the certificate chain for the issuer. - * Each certificate will be base64 encoded (but without - * the PEM-style bookends), with the issuer's cert - * at element 0. - * - * @return VGAUTH_E_OK on success, VGAuthError on failure - * - ****************************************************************************** - */ - -VGAuthError -SAMLVerifyAssertion(const char *xmlText, - gboolean hostVerified, - SAMLTokenData &token, - vector &certs) -{ - XercesDOMParser parser(NULL, XMLPlatformUtils::fgMemoryManager, pool); - SAMLErrorHandler errorHandler; - SecurityManager sm; - - parser.setErrorHandler(&errorHandler); - - // prevent the billion laughs attack -- put a limit on entity expansions - sm.setEntityExpansionLimit(100); - parser.setSecurityManager(&sm); - - DOMDocument *doc = SAMLValidateSchemaAndParse(parser, xmlText); - if (NULL == doc) { - return VGAUTH_E_AUTHENTICATION_DENIED; - } - - const DOMElement *s = SAMLFindChildByName(doc->getDocumentElement(), - SAML_TOKEN_PREFIX"Subject"); - if (NULL == s) { - Debug("Couldn't find " SAML_TOKEN_PREFIX " in token\n"); - s = SAMLFindChildByName(doc->getDocumentElement(), - SAML_TOKEN_SSO_PREFIX"Subject"); - if (NULL == s) { - Debug("Couldn't find " SAML_TOKEN_SSO_PREFIX " in token\n"); - Warning("No recognized tags in token; punting\n"); - return VGAUTH_E_AUTHENTICATION_DENIED; - } else { - Debug("Found " SAML_TOKEN_SSO_PREFIX " in token\n"); - token.isSSOToken = true; - token.ns = SAML_TOKEN_SSO_PREFIX; - } - } else { - Debug("Found " SAML_TOKEN_PREFIX " in token\n"); - token.isSSOToken = false; - token.ns = SAML_TOKEN_PREFIX; - } - - if (!SAMLCheckSubject(doc, token)) { - return VGAUTH_E_AUTHENTICATION_DENIED; - } - - if (!SAMLCheckConditions(doc, token)) { - return VGAUTH_E_AUTHENTICATION_DENIED; - } - - if (!SAMLCheckSignature(doc, - hostVerified, - certs)) { - return VGAUTH_E_AUTHENTICATION_DENIED; - } - - return VGAUTH_E_OK; -} - - -/* - ****************************************************************************** - * SAMLValidateSchemaAndParse -- */ /** - * - * Checks that the XML document is well formed according to the SAML 2.0 - * Assertion XML schema. - * - * @param[in] parser The parser to use with the XML document. - * @param[in] xmlText The text of the SAML assertion. - * - * @return A pointer to a DOMDocument instance that represents the parsed - * SAML assertion or NULL if the document was not valid. The memory - * used by the DOMDocument is owned by the parser. - * - ****************************************************************************** - */ - -static DOMDocument * -SAMLValidateSchemaAndParse(XercesDOMParser &parser, - const char *xmlText) -{ - parser.setDoNamespaces(true); - parser.setDoSchema(true); - parser.setValidationScheme(AbstractDOMParser::Val_Always); - parser.useCachedGrammarInParse(true); - - MemBufInputSource in(reinterpret_cast(xmlText), - strlen(xmlText), "VGAuthSamlAssertion"); - - parser.parse(in); - - xsecsize_t errorCount = parser.getErrorCount(); - if (errorCount > 0) { - Debug("Encountered %u errors while parsing SAML assertion.\n", - (unsigned int) errorCount); - return NULL; - } - - DOMDocument *doc = parser.getDocument(); - ASSERT(doc != NULL); - - return doc; -} - - -/* - ****************************************************************************** - * SAMLCheckSubject -- */ /** - * - * Extracts the name of the subject and enforces any conditions in - * SubjectConfirmation elements. - * Subjects are described in section 2.4 of the SAML Core specification. - * - * Example Subject XML: - * - * - * scott@example.org - * - * - * - * - * - * - * - * @param[in] doc The DOM representation of the SAML assertions. - * @param[in/out] token Information about the token to be populated. - * - * @return true if the conditions in at least one SubjectConfirmation is met, - * false otherwise. - * - ****************************************************************************** - */ - -static bool -SAMLCheckSubject(const DOMDocument *doc, - SAMLTokenData &token) -{ - const DOMElement *subject; - char *name = g_strdup_printf("%sSubject", - token.ns.c_str()); - subject = SAMLFindChildByName(doc->getDocumentElement(), name); - g_free(name); - - if (NULL == subject) { - // Should not happen, since this is required element in the schema. - Log("%s: Missing subject element!\n", __FUNCTION__); -// ASSERT(0); - return false; - } - - const DOMElement *nameID; - name = g_strdup_printf("%sNameID", token.ns.c_str()); - nameID = SAMLFindChildByName(subject, name); - g_free(name); - if (NULL == nameID) { - /* - * The schema allows BaseID, NameID, or EncryptedID. The library code - * for the SSO server only supports NameID. EncryptedID is really - * complicated (and we don't have decryption keys, so let's not - * support it for now. - */ - - Log("%s: No NameID element for the subject.\n", __FUNCTION__); - return false; - } - - token.subjectName = SAMLStringWrapper(nameID->getTextContent()).c_str(); - Debug("%s: subjectName: '%s'\n", __FUNCTION__, token.subjectName.c_str()); - - /* - * TODO: Investigate: NameID elements can have a NameQualifier attribute. - * This smells like a domain name, and we might want to include it with - * subject name (\subjectName). - */ - - /* - * Find all the SubjectConfirmation nodes and see if at least one can be - * verified. - */ - - name = g_strdup_printf("%sSubjectConfirmation", token.ns.c_str()); - XMLT scName(name); - g_free(name); - for (DOMElement *child = subject->getFirstElementChild(); child != NULL; - child = child->getNextElementSibling()) { - - if (!XMLString::equals(child->getNodeName(), scName.getUnicodeStr())) { - continue; - } - - const XMLCh *method = child->getAttribute(MAKE_UNICODE_STRING("Method")); - if ((NULL == method) || (0 == *method)) { - // Should not happen, since this is a required attribute. - ASSERT(0); - Debug("%s: Missing confirmation method.\n", __FUNCTION__); - continue; - } - - if (!XMLString::equals( - MAKE_UNICODE_STRING("urn:oasis:names:tc:SAML:2.0:cm:bearer"), - method)) { - Debug("%s: Non-bearer confirmation method in token", __FUNCTION__); - continue; - } - - const DOMElement *subjConfirmData; - name = g_strdup_printf("%sSubjectConfirmationData", token.ns.c_str()); - subjConfirmData = SAMLFindChildByName(child, name); - g_free(name); - if (NULL != subjConfirmData) { - if (!SAMLCheckTimeAttr(subjConfirmData, "NotBefore", true) || - !SAMLCheckTimeAttr(subjConfirmData, "NotOnOrAfter", false)) { - Warning("%s: subjConfirmData time check failed\n", __FUNCTION__); - continue; - } - - const XMLCh *recipient; - recipient = subjConfirmData->getAttribute( - MAKE_UNICODE_STRING("Recipient")); - /* - * getAttribute() returns a 0-length string, not NULL, if it can't - * find what it wants. - */ - if ((0 != XMLString::stringLen(recipient)) && - !SAMLCheckAudience(recipient)) { - Debug("%s: failed recipient check\n", __FUNCTION__); - continue; - } - } - - return true; - } - - Debug("%s: Could not verify using any SubjectConfirmation elements\n", - __FUNCTION__); - return false; -} - - -/* - ****************************************************************************** - * SAMLCheckConditions -- */ /** - * - * Enforces conditions specified by the "saml:Conditions" element - * under the root element. - * Conditions are described in section 2.5 of the SAML Core specification. - * - * Example Conditions XML: - * - * - * https://sp.example.com/SAML2 - * - * - * - * @param[in] doc The DOM representation of the SAML assertions. - * - * @return true if the conditions are met; false otherwise. - * - ****************************************************************************** - */ - -static bool -SAMLCheckConditions(const DOMDocument *doc, - SAMLTokenData &token) -{ - /* - * There should be at most one Conditions element and the schema checking - * done by the parser should enforce that. - */ - char *name = g_strdup_printf("%sConditions", token.ns.c_str()); - const DOMElement *conditions = SAMLFindChildByName(doc->getDocumentElement(), - name); - g_free(name); - if (NULL == conditions) { - // Conditions are optional. - return true; - } - - if (!SAMLCheckTimeAttr(conditions, "NotBefore", true) || - !SAMLCheckTimeAttr(conditions, "NotOnOrAfter", false)) { - return false; - } - - /* - * is a generic element, intended as an extension point. - * We don't know about any. According to the general processng rules, if - * we find a condition we don't know about, the result of the validation - * is "indeterminate" and we should reject the assertion. - */ - name = g_strdup_printf("%sCondition", token.ns.c_str()); - if (SAMLFindChildByName(conditions, name) != NULL) { - Log("%s: Unrecognized condition found!\n", __FUNCTION__); - g_free(name); - return false; - } - g_free(name); - - /* - * defines a set a URIs that describe what - * audience the assertioned is addressed to or intended for. - * But it's very generic. From the spec (section 2.5.1.4): - * A URI reference that identifies an intended audience. The URI - * reference MAY identify a document that describes the terms and - * conditions of audience membership. It MAY also contain the unique - * identifier URI from a SAML name identifier that describes a system - * entity. - * Some searching online shows people using http:/// as the - * URI, but let's wait until we get some feedback from the SSO team. - * TODO: Validate it using SAMLCheckAudience(). - */ - - /* - * element is specified to disallow caching. We don't - * cache, so it doesn't affect out validation. - * However, we need to communicate it to clients so they do not cache. - */ - name = g_strdup_printf("%sOneTimeUse", token.ns.c_str()); - token.oneTimeUse = (SAMLFindChildByName(conditions, name) - != NULL); - g_free(name); - - /* - * only applies if a service wants to make their own - * assertions based on a SAML assertion. That should not apply here. - */ - - return true; -} - - -/* - ****************************************************************************** - * SAMLCheckTimeAttr -- */ /** - * - * Checks that the given attribute with the given name is a timestamp and - * compares it against the current time. - * - * @param[in] elem The element containing the attribute. - * @param[in] attrName The name of the attribute. - * @param[in] notBefore Whether the condition given by the attribute - * should be in the past or 'now' (true). - * - ****************************************************************************** - */ - -static bool -SAMLCheckTimeAttr(const DOMElement *elem, - const char *attrName, - bool notBefore) -{ - const XMLCh *timeAttr = elem->getAttribute(MAKE_UNICODE_STRING(attrName)); - if ((NULL == timeAttr) || (0 == *timeAttr)) { - /* - * The presence of all time restrictions in SAML are optional, so if - * the attribute is not present, that is fine. - */ - return true; - } - - SAMLStringWrapper timeStr(timeAttr); - GTimeVal attrTime; - - if (!g_time_val_from_iso8601(timeStr.c_str(), &attrTime)) { - Log("%s: Could not parse %s value (%s).\n", __FUNCTION__, attrName, - timeStr.c_str()); - return false; - } - - GTimeVal now; - g_get_current_time(&now); - - glong diff; - - /* - * Check the difference, doing the math so that a positive - * value is bad. Ignore the micros since we're letting clock - * skew add a fudge-factor. - */ - if (notBefore) { - // expect time <= now - diff = attrTime.tv_sec - now.tv_sec; - } else { - // expect now <= time - diff = now.tv_sec - attrTime.tv_sec; - } - - /* - * A negative value is fine, a postive value - * greater than the clock skew range is bad. - */ - if (diff > clockSkewAdjustment) { - Warning("%s: FAILED SAML assertion (timeStamp %s, delta %d) %s.\n", - __FUNCTION__, timeStr.c_str(), (int) diff, - notBefore ? "is not yet valid" : "has expired"); - return false; - } - - return true; -} - - -/* - ****************************************************************************** - * SAMLCheckAudience -- */ /** - * - * Checks whether the given audience URI refers to this machine. - * - * @param[in] audience An audience URI that a token is targetted for. - * - * @return True if the audience URI refers to this machine, false otherwise. - * - ****************************************************************************** - */ - -static bool -SAMLCheckAudience(const XMLCh *audience) -{ - bool ret; - - /* - * XXX This should be much better. Ideally it should check that it refers - * to the hostname of a URL or matches some kind of URN. Also, this is - * where the VC UUID can be used when running in a VM. - * We should accept: - * URL: ://[/stuff] - * URN: urn:vmware:vgauth:::[vgauth_client_app_name] - * Glib has a basic URL and we should use it. - * TODO: Need a RpcIn call into the VMX to get the VC UUID, since it is not - * currently exposed. (Could be NamespaceDB, but then need to make a separate - * workflow for pushing the VC UUIDs out to VMs.) - */ - - ret = strstr(SAMLStringWrapper(audience).c_str(), - g_get_host_name()) != NULL; - Debug("%s: audience check: token: '%s', host: '%s' ? %d\n", - __FUNCTION__, - SAMLStringWrapper(audience).c_str(), - g_get_host_name(), ret); - return ret; -} - - -/* - ****************************************************************************** - * SAMLCheckSignature -- */ /** - * - * Finds the signature in the SAML assertion, then extracts the X509 - * from that, then checks that the signature is valid. - * - * @param[in] doc The document of which to check the signature. - * @param[in] hostVerified If true, skip signature verification. - * @param[out] certs The base64 encoded certificates present in the - * signature. - * - * @return true if the signature if valid, false otherwise. - * - ****************************************************************************** - */ - -static bool -SAMLCheckSignature(DOMDocument *doc, - gboolean hostVerified, - vector &certs) -{ - DOMElement *sigElem = SAMLFindChildByName(doc->getDocumentElement(), - "ds:Signature"); - if (NULL == sigElem) { - Warning("%s: No top level signature found.\n", __FUNCTION__); - return false; - } - - XSECEnv secEnv(doc); - - auto_ptr keyInfo = SAMLFindKey(secEnv, sigElem); - if (keyInfo.get() == NULL) { - Warning("%s: No X509 data found as part of the signature.\n", - __FUNCTION__); - return false; - } - - if (keyInfo->getCertificateListSize() == 0) { - Warning("%s: No X509 certificates found in the signature\n", - __FUNCTION__); - return false; - } - if (hostVerified) { - Debug("hostVerified is set, skipping signtaure check"); - } else { - - const XSECCryptoX509 *x509 = keyInfo->getCertificateCryptoItem(0); - ASSERT(NULL != x509); - - XSECProvider prov; - DSIGSignature *sig = prov.newSignatureFromDOM(doc, sigElem); - - sig->load(); - sig->setSigningKey(x509->clonePublicKey()); - - if (!SAMLCheckReference(doc, sig)) { - return false; - } - - if (!sig->verify()) { - Warning("%s: Signature check failed: %s.\n", __FUNCTION__, - SAMLStringWrapper(sig->getErrMsgs()).c_str()); - return false; - } - - } - for (int i = 0; i < keyInfo->getCertificateListSize(); i++) { - const XSECCryptoX509 *cert = keyInfo->getCertificateCryptoItem(i); - certs.push_back(string(cert->getDEREncodingSB().rawCharBuffer())); - } - - return true; -} - - -/* - ****************************************************************************** - * SAMLCheckReference -- */ /** - * - * Checks that the given signature refers to (and thus was computed over) - * the root element of the document. This ensures that the entire document - * is protected/endorsed by the signature. - * See the SAML Core specification, section 5.4.2. - * - * @param[in] doc The document in which contains the signature. - * @param[in] sig The signature - * - * @return true if the signature refers to the whole document, or false - * otherwise. - * - ****************************************************************************** - */ - -static bool -SAMLCheckReference(const DOMDocument *doc, - DSIGSignature *sig) -{ - DOMElement *rootElem = doc->getDocumentElement(); - - const XMLCh *id = rootElem->getAttribute(MAKE_UNICODE_STRING("ID")); - if (NULL == id) { - Debug("%s: NULL ID attribute.\n", __FUNCTION__); - return false; - } - - XMLSize_t idLen = XMLString::stringLen(id); - if (0 == idLen) { - Debug("%s: Root element has no or an empty ID attribute.\n", - __FUNCTION__); - return false; - } - - /* - * At least one reference should contain a URI that refers to the root - * element. To do so, that URI should be "#" followed by the value of - * the ID element of the root node; for example if the ID is "SAML" the - * URI must be "#SAML". - * - * TODO: The vmacore implementation of SAML parsing, used by clients - * validating tokens, allows for multiple references and considers if - * at least one matches. However, the SAML spec (section 5.4.2) requires - * that there be only one reference element in the signature. Currently - * we follow the vmacore behavior. - */ - - XMLT uriPrefix("#"); - XMLSize_t prefixLen = XMLString::stringLen(uriPrefix.getUnicodeStr()); - - DSIGReferenceList *references = sig->getReferenceList(); - DSIGReferenceList::size_type numReferences = references->getSize(); - for (DSIGReferenceList::size_type i = 0; i < numReferences; i++) { - DSIGReference *ref = references->item(i); - const XMLCh *uri = ref->getURI(); - - if (uri != NULL && - XMLString::startsWith(uri, uriPrefix.getUnicodeStr()) && - XMLString::equals(id, uri + prefixLen)) { - return true; - } - } - - Debug("%s: No matching reference found in the signature for ID '%s'.\n", - __FUNCTION__, SAMLStringWrapper(id).c_str()); - return false; -} - - -/* - ****************************************************************************** - * SAMLFindChildByName -- */ /** - * - * Finds the first element that is a child of the given element which - * matches the given node name. - * - * TODO: Investigate using getLocalName() and getNamespaceURI() to - * identify the child, since in "ds:Signature" "ds" is an alias to as longer - * URI, and that URI should be used instead (it's more stable). - * - * @param[in] elem The element to search the children of. - * @param[in] name The name of the child element - * - * @return A pointer to the DOMElement matching the name, or NULL if - * no such element is found. - * - ****************************************************************************** - */ - -static DOMElement * -SAMLFindChildByName(const DOMElement *elem, - const char *name) -{ - XMLT sigNodeName(name); - DOMElement *childElem; - - for (childElem = elem->getFirstElementChild(); - childElem != NULL; childElem = childElem->getNextElementSibling()) { - if (XMLString::equals(childElem->getNodeName(), - sigNodeName.getUnicodeStr())) { - break; - } - } - - return childElem; -} - - -/* - ****************************************************************************** - * SAMLFindKey -- */ /** - * - * Finds the first ds:X509Data element under the given ds:Signature element. - * - * @param[in] secEnv A XSEC environment to create the object from. - * @param[in] sigElem The root element of the signuture. - * - * @return A pointer to a DSIGKeyInfoX509 object, which must be freed using - * operator delete, or NULL if no ds:X509Data element is found. - * - ****************************************************************************** - */ - -static auto_ptr -SAMLFindKey(const XSECEnv &secEnv, - const DOMElement *sigElem) -{ - DOMNodeList *keyInfos = - sigElem->getElementsByTagName(MAKE_UNICODE_STRING("ds:X509Data")); - - if (keyInfos->getLength() == 0) { - return auto_ptr(NULL); - } - - auto_ptr keyInfo(new DSIGKeyInfoX509(&secEnv, - keyInfos->item(0))); - - keyInfo->load(); - - return keyInfo; -} diff --git a/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c b/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c index 14cba1b5b..0cc4edbb4 100644 --- a/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c +++ b/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c @@ -48,6 +48,33 @@ #include "certverify.h" #include "vmxlog.h" +/* + * XXX + * + * Optimization idea: stash a hash (SHA512) of a valid token, and bypass + * the full assertion process when we see that token again. The expiration + * date of the token must also be saved off (and beware the time skew issue). + * + * Note that there's some extra complexity here: + * + * 1 - AddAlias sets up a cert/user mapping + * 2 - a SAML token is used (and cached) using this cert/user combo + * 3 - RemoveAlias removes the combo + * 4 - the cached token still works + * + * So the cache should only bypass the token validation, not the certificate + * check in ServiceVerifyAndCheckTrustCertChainForSubject() + * + * Also TBD is how much this buys us in the real world. With short + * token lifetimes, its less interesting. Its also possible that + * it will have no measureable affect because the token verification + * will be lost in the noise of the API plumbing from VC->hostd->VMX->tools. + * + * The security folks have signed off on this, so long as we store only + * in memory. + * + */ + static int gClockSkewAdjustment = VGAUTH_PREF_DEFAULT_CLOCK_SKEW_SECS; static xmlSchemaPtr gParsedSchemas = NULL; static xmlSchemaValidCtxtPtr gSchemaValidateCtx = NULL; @@ -1316,9 +1343,9 @@ VerifySignature(xmlDocPtr doc, /* * Get the cert chain from the token. * - * Unlike xml-security-c, xmlsec1 wants to validate the cert - * chain in the token so it needs the full chain, not just - * the public key from the first cert. + * xmlsec1 wants to validate the cert chain in the token + * so it needs the full chain, not just the public key from + * the first cert. * * Also save it off for later use by the alias store check. */ @@ -1378,8 +1405,8 @@ VerifySignature(xmlDocPtr doc, } /* - * The xml-security-c verifies the Reference explicitly; this - * isn't needed for xmlsec1 because the library does it. + * No need to verify the Reference explicitly because the + * xmlsec1 library takes care of it. */ /* diff --git a/open-vm-tools/vgauth/serviceImpl/samlInt.hpp b/open-vm-tools/vgauth/serviceImpl/samlInt.hpp deleted file mode 100644 index 19f26f374..000000000 --- a/open-vm-tools/vgauth/serviceImpl/samlInt.hpp +++ /dev/null @@ -1,142 +0,0 @@ -/********************************************************* - * Copyright (C) 2011-2016,2023 VMware, Inc. All rights reserved. - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as published - * by the Free Software Foundation version 2.1 and no later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public - * License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - *********************************************************/ - -/** - * @file samlInt.hpp - * - * Functions that only need to be used within the SAML module or - * for testing thereof. - */ - -#ifndef _SAMLINT_H_ -#define _SAMLINT_H_ - -#include -#include - -#include - -#include - -#include "VGAuthError.h" - - -using namespace std; - -#ifdef XERCES_CPP_NAMESPACE_USE -XERCES_CPP_NAMESPACE_USE -#endif - - -/** - * Inherit from this class to disallow copy-construction and - * assignment. (Similar to boost::noncopyable) - */ - -class Noncopyable { -protected: - Noncopyable() - { - } - -private: - // Disallow copy-construction, assignment. - Noncopyable(const Noncopyable &); - const Noncopyable& operator=(const Noncopyable &); -}; - -/** - * A simple wrapper to convert Xerces's XMLCh strings to UTF-8, and manage - * the memory for the converted string. Instances of this class are immutable. - */ - -class SAMLStringWrapper : public Noncopyable { -public: - SAMLStringWrapper(const XMLCh *str) : - m_str(XMLString::transcode(str)) - { - } - - ~SAMLStringWrapper() - { - XMLString::release(const_cast(&m_str)); - } - - const char * - c_str() const - { - return m_str; - } - -private: - const char *m_str; -}; - -/** - * Wrapper class for strings allocated by GLib. The object takes ownership of - * the string's memory. - */ - -class SAMLGlibString { -public: - SAMLGlibString(gchar *str) : - m_str(str) - { - } - - SAMLGlibString(const SAMLGlibString &s) : - m_str(g_strdup(s.m_str)) - { - } - - ~SAMLGlibString() - { - g_free(const_cast(m_str)); - } - -const char * - c_str() const - { - return m_str; - } - -private: - SAMLGlibString &operator=(const SAMLGlibString &); // immuatable - - const gchar *m_str; -}; - -/* - * Holds data extracted from a SAML token. - */ -struct SAMLTokenData { - string subjectName; - vector issuerCerts; - bool oneTimeUse; - bool isSSOToken; // set if token came from VMware SSO server - string ns; -}; - - -auto_ptr SAMLCreateAndPopulateGrammarPool(); - -VGAuthError SAMLVerifyAssertion(const char *xmlText, - gboolean hostVerified, - SAMLTokenData &token, - vector &certs); -#endif // ifndef _SAMLINT_H_ From 045ccf2067bb1f9e29d20a0e8a8b9053da999cf6 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 5 Oct 2023 10:35:27 -0700 Subject: [PATCH 031/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/backdoor_def.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/backdoor_def.h b/open-vm-tools/lib/include/backdoor_def.h index b194e6835..392cad05f 100644 --- a/open-vm-tools/lib/include/backdoor_def.h +++ b/open-vm-tools/lib/include/backdoor_def.h @@ -246,7 +246,8 @@ extern "C" { #define BDOOR_CMD_APPLE_GPU_RES_SET 99 #define BDOOR_CMD_GETBUILDNUM 100 #define BDOOR_CMD_GETENTROPY 101 /* Configurable, off by default. */ -#define BDOOR_CMD_MAX 102 +#define BDOOR_CMD_REPORTGUESTCRASH 102 +#define BDOOR_CMD_MAX 103 /* From fe7e5654fbb69baec6c8e6de5c367346580934bc Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 5 Oct 2023 10:35:27 -0700 Subject: [PATCH 032/375] Linux guest identification: Correct the misidentification of Big Cloud Enterprise Linux. --- open-vm-tools/lib/misc/hostinfoPosix.c | 221 ++++++++++++++----------- 1 file changed, 126 insertions(+), 95 deletions(-) diff --git a/open-vm-tools/lib/misc/hostinfoPosix.c b/open-vm-tools/lib/misc/hostinfoPosix.c index dd3c16898..8b0fb629d 100644 --- a/open-vm-tools/lib/misc/hostinfoPosix.c +++ b/open-vm-tools/lib/misc/hostinfoPosix.c @@ -911,6 +911,101 @@ HostinfoArchString(void) } +/* + *----------------------------------------------------------------------------- + * + * HostinfoDefaultLinux -- + * + * Build and return generic data about the Linux disto. Only return what + * has been required - short description (i.e. guestOS string), long + * description (nice looking string). + * + * Return value: + * None + * + * Side effects: + * None + * + *----------------------------------------------------------------------------- + */ + +static void +HostinfoDefaultLinux(char *distro, // OUT/OPT: + size_t distroSize, // IN: + char *distroShort, // OUT/OPT: + size_t distroShortSize) // IN: +{ + char generic[128]; + const char *distroOut = NULL; + const char *distroShortOut = NULL; + int majorVersion = Hostinfo_OSVersion(0); + int minorVersion = Hostinfo_OSVersion(1); + + switch (majorVersion) { + case 1: + distroOut = STR_OS_OTHER_FULL; + distroShortOut = STR_OS_OTHER; + break; + + case 2: + if (minorVersion < 4) { + distroOut = STR_OS_OTHER_FULL; + distroShortOut = STR_OS_OTHER; + } else if (minorVersion < 6) { + distroOut = STR_OS_OTHER_24_FULL; + distroShortOut = STR_OS_OTHER_24; + } else { + distroOut = STR_OS_OTHER_26_FULL; + distroShortOut = STR_OS_OTHER_26; + } + + break; + + case 3: + distroOut = STR_OS_OTHER_3X_FULL; + distroShortOut = STR_OS_OTHER_3X; + break; + + case 4: + distroOut = STR_OS_OTHER_4X_FULL; + distroShortOut = STR_OS_OTHER_4X; + break; + + case 5: + distroOut = STR_OS_OTHER_5X_FULL; + distroShortOut = STR_OS_OTHER_5X; + break; + + case 6: + distroOut = STR_OS_OTHER_6X_FULL; + distroShortOut = STR_OS_OTHER_6X; + break; + + default: + /* + * Anything newer than this code explicitly handles returns the + * "highest" known short description and a dynamically created, + * appropriate long description. + */ + + Str_Sprintf(generic, sizeof generic, "Other Linux %d.%d kernel", + majorVersion, minorVersion); + distroOut = generic; + distroShortOut = STR_OS_OTHER_5X; + } + + if (distro != NULL) { + ASSERT(distroOut != NULL); + Str_Strcpy(distro, distroOut, distroSize); + } + + if (distroShort != NULL) { + ASSERT(distroShortOut != NULL); + Str_Strcpy(distroShort, distroShortOut, distroShortSize); + } +} + + /* *----------------------------------------------------------------------------- * @@ -1013,6 +1108,35 @@ HostinfoSetAsianuxShortName(const ShortNameSet *entry, // IN: Unused } +/* + *----------------------------------------------------------------------------- + * + * HostinfoBCSetShortName -- + * + * Handle Big Cloud Enterprise Linux. + * + * Return value: + * TRUE success + * + * Side effects: + * None + * + *----------------------------------------------------------------------------- + */ + +static Bool +HostinfoBCSetShortName(const ShortNameSet *entry, // IN: + int version, // IN: + const char *distroLower, // IN: + char *distroShort, // OUT: + int distroShortSize) // IN: +{ + HostinfoDefaultLinux(NULL, 0, distroShort, distroShortSize); + + return TRUE; +} + + /* *----------------------------------------------------------------------------- * @@ -1279,6 +1403,8 @@ static const ShortNameSet shortNameArray[] = { { "arklinux", STR_OS_ARKLINUX, HostinfoGenericSetShortName }, { "asianux", NULL, HostinfoSetAsianuxShortName }, { "aurox", STR_OS_AUROX, HostinfoGenericSetShortName }, +{ "bigcloud", NULL, HostinfoBCSetShortName }, +/* Big Cloud must come before Red Hat Entry */ { "black cat", STR_OS_BLACKCAT, HostinfoGenericSetShortName }, { "centos", NULL, HostinfoSetCentosShortName }, { "cobalt", STR_OS_COBALT, HostinfoGenericSetShortName }, @@ -1873,101 +1999,6 @@ HostinfoLsb(char ***args) // OUT: } -/* - *----------------------------------------------------------------------------- - * - * HostinfoDefaultLinux -- - * - * Build and return generic data about the Linux disto. Only return what - * has been required - short description (i.e. guestOS string), long - * description (nice looking string). - * - * Return value: - * None - * - * Side effects: - * None - * - *----------------------------------------------------------------------------- - */ - -static void -HostinfoDefaultLinux(char *distro, // OUT/OPT: - size_t distroSize, // IN: - char *distroShort, // OUT/OPT: - size_t distroShortSize) // IN: -{ - char generic[128]; - const char *distroOut = NULL; - const char *distroShortOut = NULL; - int majorVersion = Hostinfo_OSVersion(0); - int minorVersion = Hostinfo_OSVersion(1); - - switch (majorVersion) { - case 1: - distroOut = STR_OS_OTHER_FULL; - distroShortOut = STR_OS_OTHER; - break; - - case 2: - if (minorVersion < 4) { - distroOut = STR_OS_OTHER_FULL; - distroShortOut = STR_OS_OTHER; - } else if (minorVersion < 6) { - distroOut = STR_OS_OTHER_24_FULL; - distroShortOut = STR_OS_OTHER_24; - } else { - distroOut = STR_OS_OTHER_26_FULL; - distroShortOut = STR_OS_OTHER_26; - } - - break; - - case 3: - distroOut = STR_OS_OTHER_3X_FULL; - distroShortOut = STR_OS_OTHER_3X; - break; - - case 4: - distroOut = STR_OS_OTHER_4X_FULL; - distroShortOut = STR_OS_OTHER_4X; - break; - - case 5: - distroOut = STR_OS_OTHER_5X_FULL; - distroShortOut = STR_OS_OTHER_5X; - break; - - case 6: - distroOut = STR_OS_OTHER_6X_FULL; - distroShortOut = STR_OS_OTHER_6X; - break; - - default: - /* - * Anything newer than this code explicitly handles returns the - * "highest" known short description and a dynamically created, - * appropriate long description. - */ - - Str_Sprintf(generic, sizeof generic, "Other Linux %d.%d kernel", - majorVersion, minorVersion); - distroOut = generic; - distroShortOut = STR_OS_OTHER_5X; - } - - if (distro != NULL) { - ASSERT(distroOut != NULL); - Str_Strcpy(distro, distroOut, distroSize); - } - - if (distroShort != NULL) { - ASSERT(distroShortOut != NULL); - Str_Strcpy(distroShort, distroShortOut, distroShortSize); - } -} - - /* *----------------------------------------------------------------------------- * From ad9066280a11bfc8466747e4fa4d9f60e2d29df4 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 5 Oct 2023 10:35:28 -0700 Subject: [PATCH 033/375] Change to common source file not applicable to open-vm-tools. --- open-vm-tools/lib/panic/panic.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/lib/panic/panic.c b/open-vm-tools/lib/panic/panic.c index 7dc244246..eb6fa07ac 100644 --- a/open-vm-tools/lib/panic/panic.c +++ b/open-vm-tools/lib/panic/panic.c @@ -542,7 +542,8 @@ Panic_Panic(const char *format, Panic_DumpGuiResources(); -#if (defined(_WIN32) || !defined(VMX86_TOOLS)) && !defined(__ANDROID__) && !(TARGET_OS_IPHONE) +#if (defined(_WIN32) || !defined(VMX86_TOOLS)) && !defined(__ANDROID__) && \ + !(TARGET_OS_IPHONE) && !defined(__EMSCRIPTEN__) if (Panic_GetCoreDumpOnPanic()) { CoreDump_CoreDump(); } From f8b150212afbf963241685406c42002b80b10a11 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 5 Oct 2023 10:35:28 -0700 Subject: [PATCH 034/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/dynarray.h | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/dynarray.h b/open-vm-tools/lib/include/dynarray.h index 3b848290b..f55d77091 100644 --- a/open-vm-tools/lib/include/dynarray.h +++ b/open-vm-tools/lib/include/dynarray.h @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (C) 2004-2019 VMware, Inc. All rights reserved. + * Copyright (C) 2004-2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -254,8 +254,14 @@ DynArray_Copy(DynArray *src, // IN * * Yes, it's a poor man's template (but better than nothing). * + * Note that emscripten does not allow function pointer casting, and has a + * compiler warning to enforce this, so we cannot use DEFINE_DYNARRAY_TYPE + * as it relies on a function cast to define T##Array_QSort. + * */ +#ifndef __EMSCRIPTEN__ + #define DEFINE_DYNARRAY_TYPE(T) DEFINE_DYNARRAY_NAMED_TYPE(T, T) #define DEFINE_DYNARRAY_NAMED_TYPE(T, TYPE) \ @@ -354,9 +360,12 @@ DynArray_Copy(DynArray *src, // IN { \ return DynArray_Copy((DynArray *)src, (DynArray *)dest); \ } + /* Define DynArray of DynBuf. */ DEFINE_DYNARRAY_TYPE(DynBuf) +#endif // ifndef __EMSCRIPTEN__ + #if defined(__cplusplus) } // extern "C" #endif From ce61f2591ceed0b6acb4ad744a32d9362ca4b258 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 5 Oct 2023 10:35:28 -0700 Subject: [PATCH 035/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/str.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/open-vm-tools/lib/include/str.h b/open-vm-tools/lib/include/str.h index ea3bd5dbb..be50ebcc4 100644 --- a/open-vm-tools/lib/include/str.h +++ b/open-vm-tools/lib/include/str.h @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (C) 1998-2020,2022 VMware, Inc. All rights reserved. + * Copyright (C) 1998-2020,2022-2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -72,7 +72,7 @@ extern "C" { #if !defined(VMX86_TOOLS) || defined(_WIN32) #if (defined _WIN32 && !defined STR_NO_WIN32_LIBS) || \ (defined __linux__ && !defined __UCLIBC__ && !defined __ANDROID__) || \ - defined __APPLE__ + defined __APPLE__ || defined __EMSCRIPTEN__ #define HAS_BSD_PRINTF 1 #endif #endif From 9201543b6e4e6d5bc4788433b8231fb8d8e678a9 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 5 Oct 2023 10:35:28 -0700 Subject: [PATCH 036/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_basic_types.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/open-vm-tools/lib/include/vm_basic_types.h b/open-vm-tools/lib/include/vm_basic_types.h index 70c02aeaf..0a36e3246 100644 --- a/open-vm-tools/lib/include/vm_basic_types.h +++ b/open-vm-tools/lib/include/vm_basic_types.h @@ -392,8 +392,8 @@ typedef int64 VmTimeVirtualClock; /* Virtual Clock kept in CPU cycles */ #define FMTPD "I" #define FMTH "I" #endif -#elif defined __APPLE__ || (!defined VMKERNEL && \ - defined __linux__ && defined __KERNEL__) +#elif defined __APPLE__ || defined __EMSCRIPTEN__ || \ + (!defined VMKERNEL && defined __linux__ && defined __KERNEL__) /* semi-LLP64 targets; 'long' is 64-bit, but uint64_t is 'long long' */ #define FMT64 "ll" #if defined(__APPLE__) && KERNEL From d442791014bde010be93f5b9ce588a88fcd68bc3 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 5 Oct 2023 10:35:28 -0700 Subject: [PATCH 037/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_atomic.h | 96 +++++++++++++-------------- 1 file changed, 48 insertions(+), 48 deletions(-) diff --git a/open-vm-tools/lib/include/vm_atomic.h b/open-vm-tools/lib/include/vm_atomic.h index 6a58fd0a8..6337e49d9 100644 --- a/open-vm-tools/lib/include/vm_atomic.h +++ b/open-vm-tools/lib/include/vm_atomic.h @@ -318,7 +318,7 @@ Atomic_Read8(Atomic_uint8 const *var) // IN: uint8 val; #if defined VM_ATOMIC_USE_C11 - val = atomic_load((const _Atomic uint8 *)&var->value); + val = atomic_load((const _Atomic(uint8) *)&var->value); #elif defined __GNUC__ && defined VM_ARM_32 val = AtomicUndefined(var); #elif defined __GNUC__ && defined VM_ARM_64 @@ -360,7 +360,7 @@ Atomic_ReadWrite8(Atomic_uint8 *var, // IN/OUT: uint8 val) // IN: { #if defined VM_ATOMIC_USE_C11 - return atomic_exchange((_Atomic uint8 *)&var->value, val); + return atomic_exchange((_Atomic(uint8) *)&var->value, val); #elif defined __GNUC__ && defined VM_ARM_32 return AtomicUndefined(var + val); #elif defined __GNUC__ && defined VM_ARM_64 @@ -404,7 +404,7 @@ Atomic_Write8(Atomic_uint8 *var, // IN/OUT: uint8 val) // IN: { #if defined VM_ATOMIC_USE_C11 - atomic_store((_Atomic uint8 *)&var->value, val); + atomic_store((_Atomic(uint8) *)&var->value, val); #elif defined __GNUC__ && defined VM_ARM_32 AtomicUndefined(var + val); #elif defined __GNUC__ && defined VM_ARM_64 @@ -446,7 +446,7 @@ Atomic_ReadIfEqualWrite8(Atomic_uint8 *var, // IN/OUT: { #if defined VM_ATOMIC_USE_C11 atomic_compare_exchange_strong( - (_Atomic uint8 *)&var->value, &oldVal, newVal); + (_Atomic(uint8) *)&var->value, &oldVal, newVal); return oldVal; #elif defined __GNUC__ && defined VM_ARM_32 return AtomicUndefined(var + oldVal + newVal); @@ -498,7 +498,7 @@ Atomic_ReadAnd8(Atomic_uint8 *var, // IN/OUT uint8 res; #if defined VM_ATOMIC_USE_C11 - res = atomic_fetch_and((_Atomic uint8 *)&var->value, val); + res = atomic_fetch_and((_Atomic(uint8) *)&var->value, val); #elif defined __GNUC__ && defined VM_ARM_64 res = _VMATOM_X(ROP, 8, TRUE, &var->value, and, val); #else @@ -562,7 +562,7 @@ Atomic_ReadOr8(Atomic_uint8 *var, // IN/OUT uint8 res; #if defined VM_ATOMIC_USE_C11 - res = atomic_fetch_or((_Atomic uint8 *)&var->value, val); + res = atomic_fetch_or((_Atomic(uint8) *)&var->value, val); #elif defined __GNUC__ && defined VM_ARM_64 res = _VMATOM_X(ROP, 8, TRUE, &var->value, orr, val); #else @@ -626,7 +626,7 @@ Atomic_ReadXor8(Atomic_uint8 *var, // IN/OUT uint8 res; #if defined VM_ATOMIC_USE_C11 - res = atomic_fetch_xor((_Atomic uint8 *)&var->value, val); + res = atomic_fetch_xor((_Atomic(uint8) *)&var->value, val); #elif defined __GNUC__ && defined VM_ARM_64 res = _VMATOM_X(ROP, 8, TRUE, &var->value, eor, val); #else @@ -690,7 +690,7 @@ Atomic_ReadAdd8(Atomic_uint8 *var, // IN/OUT uint8 res; #if defined VM_ATOMIC_USE_C11 - res = atomic_fetch_add((_Atomic uint8 *)&var->value, val); + res = atomic_fetch_add((_Atomic(uint8) *)&var->value, val); #elif defined __GNUC__ && defined VM_ARM_64 res = _VMATOM_X(ROP, 8, TRUE, &var->value, add, val); #else @@ -752,7 +752,7 @@ Atomic_Sub8(Atomic_uint8 *var, // IN/OUT uint8 val) // IN { #if defined VM_ATOMIC_USE_C11 - atomic_fetch_sub((_Atomic uint8 *)&var->value, val); + atomic_fetch_sub((_Atomic(uint8) *)&var->value, val); #elif defined __GNUC__ && defined VM_ARM_64 _VMATOM_X(OP, 8, TRUE, &var->value, sub, val); #else @@ -879,7 +879,7 @@ Atomic_Read32(Atomic_uint32 const *var) // IN #endif #if defined VM_ATOMIC_USE_C11 - value = atomic_load((_Atomic uint32 *)&var->value); + value = atomic_load((_Atomic(uint32) *)&var->value); #elif defined __GNUC__ /* * Use inline assembler to force using a single load instruction to @@ -940,7 +940,7 @@ Atomic_ReadWrite32(Atomic_uint32 *var, // IN/OUT uint32 val) // IN { #if defined VM_ATOMIC_USE_C11 - return atomic_exchange((_Atomic uint32 *)&var->value, val); + return atomic_exchange((_Atomic(uint32) *)&var->value, val); #elif defined __GNUC__ #ifdef VM_ARM_V7 uint32 retVal; @@ -1009,7 +1009,7 @@ Atomic_Write32(Atomic_uint32 *var, // OUT #endif #if defined VM_ATOMIC_USE_C11 - atomic_store((_Atomic uint32 *)&var->value, val); + atomic_store((_Atomic(uint32) *)&var->value, val); #elif defined __GNUC__ #if defined VM_ARM_64 _VMATOM_X(W, 32, &var->value, val); @@ -1091,7 +1091,7 @@ Atomic_ReadIfEqualWrite32(Atomic_uint32 *var, // IN/OUT { #if defined VM_ATOMIC_USE_C11 atomic_compare_exchange_strong( - (_Atomic uint32 *)&var->value, &oldVal, newVal); + (_Atomic(uint32) *)&var->value, &oldVal, newVal); return oldVal; #elif defined __GNUC__ #ifdef VM_ARM_V7 @@ -1167,7 +1167,7 @@ Atomic_ReadIfEqualWrite64(Atomic_uint64 *var, // IN/OUT { #if defined VM_ATOMIC_USE_C11 atomic_compare_exchange_strong( - (_Atomic uint64 *)&var->value, &oldVal, newVal); + (_Atomic(uint64) *)&var->value, &oldVal, newVal); return oldVal; #elif defined __GNUC__ #ifdef VM_ARM_V7 @@ -1261,7 +1261,7 @@ Atomic_And32(Atomic_uint32 *var, // IN/OUT uint32 val) // IN { #if defined VM_ATOMIC_USE_C11 - atomic_fetch_and((_Atomic uint32 *)&var->value, val); + atomic_fetch_and((_Atomic(uint32) *)&var->value, val); #elif defined __GNUC__ #ifdef VM_ARM_V7 uint32 res; @@ -1323,7 +1323,7 @@ Atomic_Or32(Atomic_uint32 *var, // IN/OUT uint32 val) // IN { #if defined VM_ATOMIC_USE_C11 - atomic_fetch_or((_Atomic uint32 *)&var->value, val); + atomic_fetch_or((_Atomic(uint32) *)&var->value, val); #elif defined __GNUC__ #ifdef VM_ARM_V7 uint32 res; @@ -1385,7 +1385,7 @@ Atomic_Xor32(Atomic_uint32 *var, // IN/OUT uint32 val) // IN { #if defined VM_ATOMIC_USE_C11 - atomic_fetch_xor((_Atomic uint32 *)&var->value, val); + atomic_fetch_xor((_Atomic(uint32) *)&var->value, val); #elif defined __GNUC__ #ifdef VM_ARM_V7 uint32 res; @@ -1448,7 +1448,7 @@ Atomic_Xor64(Atomic_uint64 *var, // IN/OUT uint64 val) // IN { #if defined VM_ATOMIC_USE_C11 - atomic_fetch_xor((_Atomic uint64 *)&var->value, val); + atomic_fetch_xor((_Atomic(uint64) *)&var->value, val); #elif defined __GNUC__ #if defined VM_ARM_64 _VMATOM_X(OP, 64, TRUE, &var->value, eor, val); @@ -1492,7 +1492,7 @@ Atomic_Add32(Atomic_uint32 *var, // IN/OUT uint32 val) // IN { #if defined VM_ATOMIC_USE_C11 - atomic_fetch_add((_Atomic uint32 *)&var->value, val); + atomic_fetch_add((_Atomic(uint32) *)&var->value, val); #elif defined __GNUC__ #ifdef VM_ARM_V7 uint32 res; @@ -1554,7 +1554,7 @@ Atomic_Sub32(Atomic_uint32 *var, // IN/OUT uint32 val) // IN { #if defined VM_ATOMIC_USE_C11 - atomic_fetch_sub((_Atomic uint32 *)&var->value, val); + atomic_fetch_sub((_Atomic(uint32) *)&var->value, val); #elif defined __GNUC__ #ifdef VM_ARM_V7 uint32 res; @@ -1724,7 +1724,7 @@ Atomic_ReadOr32(Atomic_uint32 *var, // IN/OUT uint32 res; #if defined VM_ATOMIC_USE_C11 - res = atomic_fetch_or((_Atomic uint32 *)&var->value, val); + res = atomic_fetch_or((_Atomic(uint32) *)&var->value, val); #elif defined __GNUC__ && defined VM_ARM_64 res = _VMATOM_X(ROP, 32, TRUE, &var->value, orr, val); #else @@ -1760,7 +1760,7 @@ Atomic_ReadAnd32(Atomic_uint32 *var, // IN/OUT uint32 res; #if defined VM_ATOMIC_USE_C11 - res = atomic_fetch_and((_Atomic uint32 *)&var->value, val); + res = atomic_fetch_and((_Atomic(uint32) *)&var->value, val); #elif defined __GNUC__ && defined VM_ARM_64 res = _VMATOM_X(ROP, 32, TRUE, &var->value, and, val); #else @@ -1797,7 +1797,7 @@ Atomic_ReadOr64(Atomic_uint64 *var, // IN/OUT uint64 res; #if defined VM_ATOMIC_USE_C11 - res = atomic_fetch_or((_Atomic uint64 *)&var->value, val); + res = atomic_fetch_or((_Atomic(uint64) *)&var->value, val); #elif defined __GNUC__ && defined VM_ARM_64 res = _VMATOM_X(ROP, 64, TRUE, &var->value, orr, val); #else @@ -1833,7 +1833,7 @@ Atomic_ReadAnd64(Atomic_uint64 *var, // IN/OUT uint64 res; #if defined VM_ATOMIC_USE_C11 - res = atomic_fetch_and((_Atomic uint64 *)&var->value, val); + res = atomic_fetch_and((_Atomic(uint64) *)&var->value, val); #elif defined __GNUC__ && defined VM_ARM_64 res = _VMATOM_X(ROP, 64, TRUE, &var->value, and, val); #else @@ -1872,7 +1872,7 @@ Atomic_ReadAdd32(Atomic_uint32 *var, // IN/OUT uint32 val) // IN { #if defined VM_ATOMIC_USE_C11 - return atomic_fetch_add((_Atomic uint32 *)&var->value, val); + return atomic_fetch_add((_Atomic(uint32) *)&var->value, val); #elif defined __GNUC__ #ifdef VM_ARM_V7 uint32 res; @@ -1986,7 +1986,7 @@ Atomic_CMPXCHG64(Atomic_uint64 *var, // IN/OUT { #if defined VM_ATOMIC_USE_C11 return atomic_compare_exchange_strong( - (_Atomic uint64 *)&var->value, &oldVal, newVal); + (_Atomic(uint64) *)&var->value, &oldVal, newVal); #elif defined __GNUC__ #if defined VM_ARM_ANY return Atomic_ReadIfEqualWrite64(var, oldVal, newVal) == oldVal; @@ -2114,7 +2114,7 @@ Atomic_CMPXCHG32(Atomic_uint32 *var, // IN/OUT { #if defined VM_ATOMIC_USE_C11 return atomic_compare_exchange_strong( - (_Atomic uint32 *)&var->value, &oldVal, newVal); + (_Atomic(uint32) *)&var->value, &oldVal, newVal); #elif defined __GNUC__ #if defined VM_ARM_ANY return Atomic_ReadIfEqualWrite32(var, oldVal, newVal) == oldVal; @@ -2160,7 +2160,7 @@ static INLINE uint64 Atomic_Read64(Atomic_uint64 const *var) // IN { #if defined VM_ATOMIC_USE_C11 - return atomic_load((const _Atomic uint64 *)&var->value); + return atomic_load((const _Atomic(uint64) *)&var->value); #else #if defined __GNUC__ uint64 value; @@ -2284,7 +2284,7 @@ Atomic_ReadAdd64(Atomic_uint64 *var, // IN/OUT uint64 val) // IN { #if defined VM_ATOMIC_USE_C11 - return atomic_fetch_add((_Atomic uint64 *)&var->value, val); + return atomic_fetch_add((_Atomic(uint64) *)&var->value, val); #elif defined __GNUC__ && defined VM_ARM_64 return _VMATOM_X(ROP, 64, TRUE, &var->value, add, val); #elif defined __x86_64__ @@ -2340,7 +2340,7 @@ Atomic_ReadSub64(Atomic_uint64 *var, // IN/OUT uint64 val) // IN { #if defined VM_ATOMIC_USE_C11 - return atomic_fetch_sub((_Atomic uint64 *)&var->value, val); + return atomic_fetch_sub((_Atomic(uint64) *)&var->value, val); #elif defined __GNUC__ && defined VM_ARM_64 return _VMATOM_X(ROP, 64, TRUE, &var->value, sub, val); #else @@ -2434,7 +2434,7 @@ Atomic_Add64(Atomic_uint64 *var, // IN/OUT uint64 val) // IN { #if defined VM_ATOMIC_USE_C11 - atomic_fetch_add((_Atomic uint64 *)&var->value, val); + atomic_fetch_add((_Atomic(uint64) *)&var->value, val); #elif !defined VM_64BIT Atomic_ReadAdd64(var, val); /* Return value is unused. */ #elif defined __GNUC__ @@ -2479,7 +2479,7 @@ Atomic_Sub64(Atomic_uint64 *var, // IN/OUT uint64 val) // IN { #if defined VM_ATOMIC_USE_C11 - atomic_fetch_sub((_Atomic uint64 *)&var->value, val); + atomic_fetch_sub((_Atomic(uint64) *)&var->value, val); #elif !defined VM_64BIT Atomic_ReadSub64(var, val); /* Return value is unused. */ #elif defined __GNUC__ @@ -2604,7 +2604,7 @@ Atomic_ReadWrite64(Atomic_uint64 *var, // IN/OUT uint64 val) // IN { #if defined VM_ATOMIC_USE_C11 - return atomic_exchange((_Atomic uint64 *)&var->value, val); + return atomic_exchange((_Atomic(uint64) *)&var->value, val); #elif defined __GNUC__ && defined __x86_64__ /* Checked against the AMD manual and GCC --hpreg */ __asm__ __volatile__( @@ -2657,7 +2657,7 @@ Atomic_Write64(Atomic_uint64 *var, // OUT #endif #if defined VM_ATOMIC_USE_C11 - atomic_store((_Atomic uint64 *)&var->value, val); + atomic_store((_Atomic(uint64) *)&var->value, val); #elif defined __GNUC__ && defined __x86_64__ /* * There is no move instruction for 64-bit immediate to memory, so unless @@ -2710,7 +2710,7 @@ Atomic_Or64(Atomic_uint64 *var, // IN/OUT uint64 val) // IN { #if defined VM_ATOMIC_USE_C11 - atomic_fetch_or((_Atomic uint64 *)&var->value, val); + atomic_fetch_or((_Atomic(uint64) *)&var->value, val); #elif defined __GNUC__ && defined __x86_64__ /* Checked against the AMD manual and GCC --hpreg */ __asm__ __volatile__( @@ -2756,7 +2756,7 @@ Atomic_And64(Atomic_uint64 *var, // IN/OUT uint64 val) // IN { #if defined VM_ATOMIC_USE_C11 - atomic_fetch_and((_Atomic uint64 *)&var->value, val); + atomic_fetch_and((_Atomic(uint64) *)&var->value, val); #elif defined __GNUC__ && defined __x86_64__ /* Checked against the AMD manual and GCC --hpreg */ __asm__ __volatile__( @@ -2969,7 +2969,7 @@ Atomic_Read16(Atomic_uint16 const *var) // IN #endif #if defined VM_ATOMIC_USE_C11 - value = atomic_load((_Atomic uint16 *)&var->value); + value = atomic_load((_Atomic(uint16) *)&var->value); #elif defined __GNUC__ && (defined __x86_64__ || defined __i386__) __asm__ __volatile__( "movw %1, %0" @@ -3015,7 +3015,7 @@ Atomic_ReadWrite16(Atomic_uint16 *var, // IN/OUT: uint16 val) // IN: { #if defined VM_ATOMIC_USE_C11 - return atomic_exchange((_Atomic uint16 *)&var->value, val); + return atomic_exchange((_Atomic(uint16) *)&var->value, val); #elif defined __GNUC__ && (defined __x86_64__ || defined __i386__) __asm__ __volatile__( "xchgw %0, %1" @@ -3080,7 +3080,7 @@ Atomic_Write16(Atomic_uint16 *var, // OUT: #endif #if defined VM_ATOMIC_USE_C11 - atomic_store((_Atomic uint16 *)&var->value, val); + atomic_store((_Atomic(uint16) *)&var->value, val); #elif defined __GNUC__ && (defined __x86_64__ || defined __i386__) __asm__ __volatile__( "movw %1, %0" @@ -3124,7 +3124,7 @@ Atomic_ReadIfEqualWrite16(Atomic_uint16 *var, // IN/OUT { #if defined VM_ATOMIC_USE_C11 atomic_compare_exchange_strong( - (_Atomic uint16 *)&var->value, &oldVal, newVal); + (_Atomic(uint16) *)&var->value, &oldVal, newVal); return oldVal; #elif defined __GNUC__ && (defined __x86_64__ || defined __i386__) uint16 val; @@ -3192,7 +3192,7 @@ Atomic_ReadAnd16(Atomic_uint16 *var, // IN/OUT uint16 res; #if defined VM_ATOMIC_USE_C11 - res = atomic_fetch_and((_Atomic uint16 *)&var->value, val); + res = atomic_fetch_and((_Atomic(uint16) *)&var->value, val); #elif defined __GNUC__ && defined VM_ARM_64 res = _VMATOM_X(ROP, 16, TRUE, &var->value, and, val); #else @@ -3226,7 +3226,7 @@ Atomic_And16(Atomic_uint16 *var, // IN/OUT uint16 val) // IN { #if defined VM_ATOMIC_USE_C11 - atomic_fetch_and((_Atomic uint16 *)&var->value, val); + atomic_fetch_and((_Atomic(uint16) *)&var->value, val); #elif defined __GNUC__ && (defined __x86_64__ || defined __i386__) __asm__ __volatile__( "lock; andw %1, %0" @@ -3283,7 +3283,7 @@ Atomic_Or16(Atomic_uint16 *var, // IN/OUT uint16 val) // IN { #if defined VM_ATOMIC_USE_C11 - atomic_fetch_or((_Atomic uint16 *)&var->value, val); + atomic_fetch_or((_Atomic(uint16) *)&var->value, val); #elif defined __GNUC__ && (defined __x86_64__ || defined __i386__) __asm__ __volatile__( "lock; orw %1, %0" @@ -3340,7 +3340,7 @@ Atomic_Xor16(Atomic_uint16 *var, // IN/OUT uint16 val) // IN { #if defined VM_ATOMIC_USE_C11 - atomic_fetch_xor((_Atomic uint16 *)&var->value, val); + atomic_fetch_xor((_Atomic(uint16) *)&var->value, val); #elif defined __GNUC__ && (defined __x86_64__ || defined __i386__) __asm__ __volatile__( "lock; xorw %1, %0" @@ -3397,7 +3397,7 @@ Atomic_Add16(Atomic_uint16 *var, // IN/OUT uint16 val) // IN { #if defined VM_ATOMIC_USE_C11 - atomic_fetch_add((_Atomic uint16 *)&var->value, val); + atomic_fetch_add((_Atomic(uint16) *)&var->value, val); #elif defined __GNUC__ && (defined __x86_64__ || defined __i386__) __asm__ __volatile__( "lock; addw %1, %0" @@ -3454,7 +3454,7 @@ Atomic_Sub16(Atomic_uint16 *var, // IN/OUT uint16 val) // IN { #if defined VM_ATOMIC_USE_C11 - atomic_fetch_sub((_Atomic uint16 *)&var->value, val); + atomic_fetch_sub((_Atomic(uint16) *)&var->value, val); #elif defined __GNUC__ && (defined __x86_64__ || defined __i386__) __asm__ __volatile__( "lock; subw %1, %0" @@ -3577,7 +3577,7 @@ Atomic_ReadOr16(Atomic_uint16 *var, // IN/OUT uint16 res; #if defined VM_ATOMIC_USE_C11 - res = atomic_fetch_or((_Atomic uint16 *)&var->value, val); + res = atomic_fetch_or((_Atomic(uint16) *)&var->value, val); #elif defined __GNUC__ && defined VM_ARM_64 res = _VMATOM_X(ROP, 16, TRUE, &var->value, orr, val); #else @@ -3611,7 +3611,7 @@ Atomic_ReadAdd16(Atomic_uint16 *var, // IN/OUT uint16 val) // IN: { #if defined VM_ATOMIC_USE_C11 - return atomic_fetch_add((_Atomic uint16 *)&var->value, val); + return atomic_fetch_add((_Atomic(uint16) *)&var->value, val); #elif defined __GNUC__ && (defined __x86_64__ || defined __i386__) __asm__ __volatile__( "lock; xaddw %0, %1" From 058863ab5eaef42aa3511d4974c32db11a3cf9d7 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 5 Oct 2023 10:50:32 -0700 Subject: [PATCH 038/375] Correct missed 2023 copyright update. --- open-vm-tools/services/vmtoolsd/Makefile.am | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/open-vm-tools/services/vmtoolsd/Makefile.am b/open-vm-tools/services/vmtoolsd/Makefile.am index 304d6f286..7eb0e47bd 100644 --- a/open-vm-tools/services/vmtoolsd/Makefile.am +++ b/open-vm-tools/services/vmtoolsd/Makefile.am @@ -1,5 +1,5 @@ ################################################################################ -### Copyright (c) 2009-2021 VMware, Inc. All rights reserved. +### Copyright (c) 2009-2021,2023 VMware, Inc. All rights reserved. ### ### This program is free software; you can redistribute it and/or modify ### it under the terms of version 2 of the GNU General Public License as From e61042ddf3627af614a2cce12406ce7a5b5e7869 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 5 Oct 2023 15:42:41 -0700 Subject: [PATCH 039/375] Enabling the open-vm-tools VGAuth Host Verification feature. The Host Verified SAML token work is complete. Adding the new code to the open-vm-tools source. --- open-vm-tools/configure.ac | 6 ------ open-vm-tools/services/plugins/vix/vixToolsInt.h | 2 -- open-vm-tools/vgauth/common/VGAuthProto.h | 2 -- open-vm-tools/vgauth/public/VGAuthAuthentication.h | 2 +- 4 files changed, 1 insertion(+), 11 deletions(-) diff --git a/open-vm-tools/configure.ac b/open-vm-tools/configure.ac index 49293f6e5..c37e16b3a 100644 --- a/open-vm-tools/configure.ac +++ b/open-vm-tools/configure.ac @@ -1880,12 +1880,6 @@ AC_CONFIG_FILES([ \ -AM_CONDITIONAL([VMTOOLS_FS_VGAUTH_HOST_VERIFICATION],[true]) -if test "$enable_vgauth" = "yes"; then - echo "Enabling vgauth host verification" - CPPFLAGS="$CPPFLAGS -DVMTOOLS_FS_VGAUTH_HOST_VERIFICATION" -fi - ### ### Output diff --git a/open-vm-tools/services/plugins/vix/vixToolsInt.h b/open-vm-tools/services/plugins/vix/vixToolsInt.h index 19685edbb..007db5115 100644 --- a/open-vm-tools/services/plugins/vix/vixToolsInt.h +++ b/open-vm-tools/services/plugins/vix/vixToolsInt.h @@ -204,9 +204,7 @@ VixError VixToolsCheckSAMLForSystem(VGAuthContext *ctx, const char *token, const char *username, char *serviceUsername, -#ifdef VMTOOLS_FS_VGAUTH_HOST_VERIFICATION Bool hostVerified, -#endif void **userToken, VGAuthUserHandle **curUserHandle); #endif // _WIN32 diff --git a/open-vm-tools/vgauth/common/VGAuthProto.h b/open-vm-tools/vgauth/common/VGAuthProto.h index f7bcae12f..58a84a1c4 100644 --- a/open-vm-tools/vgauth/common/VGAuthProto.h +++ b/open-vm-tools/vgauth/common/VGAuthProto.h @@ -622,7 +622,6 @@ #define VGAUTH_REQUESTVALIDATESAMLBEARERTOKEN_ELEMENT_NAME "ValidateSamlBToken" - #define VGAUTH_VALIDATESAMLBEARERTOKEN_REQUEST_FORMAT \ VGAUTH_REQUEST_FORMAT_START \ "<"VGAUTH_REQUESTNAME_ELEMENT_NAME">"VGAUTH_REQUESTVALIDATESAMLBEARERTOKEN_ELEMENT_NAME"" \ @@ -632,7 +631,6 @@ "<"VGAUTH_HOST_VERIFIED_ELEMENT_NAME">%s" \ VGAUTH_REQUEST_FORMAT_END - #define VGAUTH_VALIDATESAMLBEARERTOKEN_REPLY_FORMAT_START \ VGAUTH_REPLY_FORMAT_START \ "<"VGAUTH_USERNAME_ELEMENT_NAME">%s" \ diff --git a/open-vm-tools/vgauth/public/VGAuthAuthentication.h b/open-vm-tools/vgauth/public/VGAuthAuthentication.h index 0d6565af1..e19fe4764 100644 --- a/open-vm-tools/vgauth/public/VGAuthAuthentication.h +++ b/open-vm-tools/vgauth/public/VGAuthAuthentication.h @@ -198,7 +198,7 @@ VGAuthError VGAuth_ValidateSSPIResponse(VGAuthContext *ctx, #define VGAUTH_PARAM_VALIDATE_INFO_ONLY "validateInfoOnly" -# define VGAUTH_PARAM_SAML_HOST_VERIFIED "hostVerified" +#define VGAUTH_PARAM_SAML_HOST_VERIFIED "hostVerified" VGAuthError VGAuth_ValidateSamlBearerToken(VGAuthContext *ctx, const char *samlToken, From b7f4cf3d0dcd9de5df3340ee088bb701725b4597 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 5 Oct 2023 15:42:41 -0700 Subject: [PATCH 040/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_product_versions.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/open-vm-tools/lib/include/vm_product_versions.h b/open-vm-tools/lib/include/vm_product_versions.h index 7385da4cc..bbe72bf5d 100644 --- a/open-vm-tools/lib/include/vm_product_versions.h +++ b/open-vm-tools/lib/include/vm_product_versions.h @@ -626,6 +626,7 @@ #define PRODUCT_VERSION_WORKSTATION_160 PRODUCT_WORKSTATION_BRIEF_NAME " 16.x" #define PRODUCT_VERSION_WORKSTATION_162 PRODUCT_WORKSTATION_BRIEF_NAME " 16.2.x" #define PRODUCT_VERSION_WORKSTATION_170 PRODUCT_WORKSTATION_BRIEF_NAME " 17.x" +#define PRODUCT_VERSION_WORKSTATION_175 PRODUCT_WORKSTATION_BRIEF_NAME " 17.5.x" #define PRODUCT_VERSION_PLAYER_1 PRODUCT_PLAYER_BRIEF_NAME " 1.x" #define PRODUCT_VERSION_MAC_DESKTOP_1 PRODUCT_MAC_DESKTOP_BRIEF_NAME " 1.1" #define PRODUCT_VERSION_MAC_DESKTOP_2 PRODUCT_MAC_DESKTOP_BRIEF_NAME " 2.x" @@ -641,6 +642,7 @@ #define PRODUCT_VERSION_MAC_DESKTOP_120 PRODUCT_MAC_DESKTOP_BRIEF_NAME " 12.x" #define PRODUCT_VERSION_MAC_DESKTOP_122 PRODUCT_MAC_DESKTOP_BRIEF_NAME " 12.2.x" #define PRODUCT_VERSION_MAC_DESKTOP_130 PRODUCT_MAC_DESKTOP_BRIEF_NAME " 13.x" +#define PRODUCT_VERSION_MAC_DESKTOP_135 PRODUCT_MAC_DESKTOP_BRIEF_NAME " 13.5.x" /* * VDFS Versions From 5d08866eafbc2536732d9fce9d8f024532fe0364 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 5 Oct 2023 15:42:41 -0700 Subject: [PATCH 041/375] Record the use of tools version 12.2.6 for an emergency patch. Also updating 12.3.0 as released and adding the scheduled 12.3.5 update relase. --- open-vm-tools/lib/include/vm_tools_version.h | 22 ++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) diff --git a/open-vm-tools/lib/include/vm_tools_version.h b/open-vm-tools/lib/include/vm_tools_version.h index aa9bef5cf..2aa9462fd 100644 --- a/open-vm-tools/lib/include/vm_tools_version.h +++ b/open-vm-tools/lib/include/vm_tools_version.h @@ -1751,11 +1751,25 @@ TOOLS_VERSION_UINT_TO_COMPONENTS(const ToolsVersion toolsVersion, // IN #define TOOLS_VERSION_BANDSAW_UPDATE1_V_BASE 5 #ifndef RC_INVOKED -#define TOOLS_VERSION_HEDGE_TRIMMER TOOLS_VERSION_TO_UINT(TOOLS_VERSION_HEDGE_TRIMMER_V) +#define TOOLS_VERSION_BANDSAW_PATCH1 TOOLS_VERSION_TO_UINT(TOOLS_VERSION_BANDSAW_PATCH1_V) #endif /* RC_INVOKED */ -#define TOOLS_VERSION_HEDGE_TRIMMER_V_MJR 12 -#define TOOLS_VERSION_HEDGE_TRIMMER_V_MNR 3 -#define TOOLS_VERSION_HEDGE_TRIMMER_V_BASE 0 +#define TOOLS_VERSION_BANDSAW_PATCH1_V_MJR 12 +#define TOOLS_VERSION_BANDSAW_PATCH1_V_MNR 2 +#define TOOLS_VERSION_BANDSAW_PATCH1_V_BASE 6 + +#ifndef RC_INVOKED +#define TOOLS_VERSION_HEDGE_TRIMMER_RELEASE TOOLS_VERSION_TO_UINT(TOOLS_VERSION_HEDGE_TRIMMER_RELEASE_V) +#endif /* RC_INVOKED */ +#define TOOLS_VERSION_HEDGE_TRIMMER_RELEASE_V_MJR 12 +#define TOOLS_VERSION_HEDGE_TRIMMER_RELEASE_V_MNR 3 +#define TOOLS_VERSION_HEDGE_TRIMMER_RELEASE_V_BASE 0 + +#ifndef RC_INVOKED +#define TOOLS_VERSION_HEDGE_TRIMMER_UPDATE1 TOOLS_VERSION_TO_UINT(TOOLS_VERSION_HEDGE_TRIMMER_UPDATE1_V) +#endif /* RC_INVOKED */ +#define TOOLS_VERSION_HEDGE_TRIMMER_UPDATE1_V_MJR 12 +#define TOOLS_VERSION_HEDGE_TRIMMER_UPDATE1_V_MNR 3 +#define TOOLS_VERSION_HEDGE_TRIMMER_UPDATE1_V_BASE 5 #ifndef RC_INVOKED #define TOOLS_VERSION_NEXT TOOLS_VERSION_TO_UINT(TOOLS_VERSION_NEXT_V) From 12c2e213b1de63349c58561612333fb9af8eb00e Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 5 Oct 2023 15:42:41 -0700 Subject: [PATCH 042/375] Change to common source file not applicable to open-vm-tools at this time. --- open-vm-tools/docs/Makefile.am | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/docs/Makefile.am b/open-vm-tools/docs/Makefile.am index 63fa59d83..3bd25da62 100644 --- a/open-vm-tools/docs/Makefile.am +++ b/open-vm-tools/docs/Makefile.am @@ -1,5 +1,5 @@ ################################################################################ -### Copyright (C) 2009-2016 VMware, Inc. All rights reserved. +### Copyright (c) 2009-2016, 2023 VMware, Inc. All rights reserved. ### ### This program is free software; you can redistribute it and/or modify ### it under the terms of version 2 of the GNU General Public License as @@ -19,4 +19,5 @@ SUBDIRS = if HAVE_DOXYGEN SUBDIRS += api + endif From d0605c5ba368a3f417ad1a24fc9dc28c0de5bef7 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 5 Oct 2023 15:42:42 -0700 Subject: [PATCH 043/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/guest_msg_def.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/guest_msg_def.h b/open-vm-tools/lib/include/guest_msg_def.h index 8f661ae8b..0b511762f 100644 --- a/open-vm-tools/lib/include/guest_msg_def.h +++ b/open-vm-tools/lib/include/guest_msg_def.h @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (c) 1998-2016,2022 VMware, Inc. All rights reserved. + * Copyright (c) 1998-2016,2022-2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -43,6 +43,7 @@ #define INCLUDE_ALLOW_MODULE #define INCLUDE_ALLOW_USERLEVEL +#define INCLUDE_ALLOW_VMKERNEL #include "includeCheck.h" From 2cb54143f98031d5ab42c08e4fb1a6c9133b44b0 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 5 Oct 2023 15:53:07 -0700 Subject: [PATCH 044/375] Update Changelog with the granular push of Oct. 5, 2023. - plus ChangeLog update of Aug. 25, 2023. --- open-vm-tools/ChangeLog | 280 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 280 insertions(+) diff --git a/open-vm-tools/ChangeLog b/open-vm-tools/ChangeLog index 288079e05..a74392650 100644 --- a/open-vm-tools/ChangeLog +++ b/open-vm-tools/ChangeLog @@ -1,3 +1,283 @@ +commit d0605c5ba368a3f417ad1a24fc9dc28c0de5bef7 +Author: Katy Feng +Date: Thu Oct 5 15:42:42 2023 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit 12c2e213b1de63349c58561612333fb9af8eb00e +Author: Katy Feng +Date: Thu Oct 5 15:42:41 2023 -0700 + + Change to common source file not applicable to open-vm-tools at this time. + +commit 5d08866eafbc2536732d9fce9d8f024532fe0364 +Author: Katy Feng +Date: Thu Oct 5 15:42:41 2023 -0700 + + Record the use of tools version 12.2.6 for an emergency patch. + Also updating 12.3.0 as released and adding the scheduled 12.3.5 + update relase. + +commit b7f4cf3d0dcd9de5df3340ee088bb701725b4597 +Author: Katy Feng +Date: Thu Oct 5 15:42:41 2023 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit e61042ddf3627af614a2cce12406ce7a5b5e7869 +Author: Katy Feng +Date: Thu Oct 5 15:42:41 2023 -0700 + + Enabling the open-vm-tools VGAuth Host Verification feature. + + The Host Verified SAML token work is complete. Adding the new code to the + open-vm-tools source. + +commit 058863ab5eaef42aa3511d4974c32db11a3cf9d7 +Author: Katy Feng +Date: Thu Oct 5 10:50:32 2023 -0700 + + Correct missed 2023 copyright update. + +commit d442791014bde010be93f5b9ce588a88fcd68bc3 +Author: Katy Feng +Date: Thu Oct 5 10:35:28 2023 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit 9201543b6e4e6d5bc4788433b8231fb8d8e678a9 +Author: Katy Feng +Date: Thu Oct 5 10:35:28 2023 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit ce61f2591ceed0b6acb4ad744a32d9362ca4b258 +Author: Katy Feng +Date: Thu Oct 5 10:35:28 2023 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit f8b150212afbf963241685406c42002b80b10a11 +Author: Katy Feng +Date: Thu Oct 5 10:35:28 2023 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit ad9066280a11bfc8466747e4fa4d9f60e2d29df4 +Author: Katy Feng +Date: Thu Oct 5 10:35:28 2023 -0700 + + Change to common source file not applicable to open-vm-tools. + +commit fe7e5654fbb69baec6c8e6de5c367346580934bc +Author: Katy Feng +Date: Thu Oct 5 10:35:27 2023 -0700 + + Linux guest identification: Correct the misidentification of + Big Cloud Enterprise Linux. + +commit 045ccf2067bb1f9e29d20a0e8a8b9053da999cf6 +Author: Katy Feng +Date: Thu Oct 5 10:35:27 2023 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit aeb469eda96b721bb382e294f63342139c7ae694 +Author: Katy Feng +Date: Thu Oct 5 10:35:27 2023 -0700 + + Remove support for building with xml-security-c and xerces-c. + +commit 59bff291726794b85921edf206290cd43c2b3cc2 +Author: Katy Feng +Date: Thu Oct 5 10:35:27 2023 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit 6e43c69c0ab3e84a6d63d39d9fb832fc02d6076c +Author: Katy Feng +Date: Thu Oct 5 10:35:27 2023 -0700 + + Changes to common source files not applicable to open-vm-tools. + +commit f48cd857d9fd17f4587b1d6d7213f9d88e658b5d +Author: Katy Feng +Date: Thu Oct 5 10:35:27 2023 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit 6ab97407104bd86f63ef4ab30462c2234b72e47e +Author: Katy Feng +Date: Thu Oct 5 10:35:27 2023 -0700 + + Change to common source file not applicable to open-vm-tools. + +commit 07c13237ef07e62927fc540c0f77cd67bb6b03b1 +Author: Katy Feng +Date: Thu Oct 5 10:35:27 2023 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit 0c494e27261531aaa6bc5d431e11dcf43691be61 +Author: Katy Feng +Date: Thu Oct 5 10:35:27 2023 -0700 + + Allow only X509 certs to verify the SAML token signature. + +commit eba62c065fa21ee88d7c3e27533f1fbc4e959688 +Author: Katy Feng +Date: Thu Oct 5 10:35:27 2023 -0700 + + Changes to common source files not applicable to open-vm-tools at this time. + +commit 3ddae17a251d51c15a576fe3da7643574a96c061 +Author: Katy Feng +Date: Thu Oct 5 10:35:27 2023 -0700 + + Change to common source file not applicable to open-vm-tools. + +commit f906dc45d324bf531219b14c5af0f405f801d5f4 +Author: Katy Feng +Date: Thu Oct 5 10:35:27 2023 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit af8cb38e92ac414539655f563f1f05fdaf532fe6 +Author: Katy Feng +Date: Thu Oct 5 10:35:27 2023 -0700 + + Change to common source file not applicable to open-vm-tools. + +commit d90cefe349130cedc7af9722bac77198b4e0b891 +Author: Katy Feng +Date: Thu Oct 5 10:35:26 2023 -0700 + + Change to common source file not applicable to open-vm-tools. + +commit 60ede3ec06d81bf7033ca2ac68431148506baf1b +Author: Katy Feng +Date: Thu Oct 5 10:35:26 2023 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit 2138a3fd2c8599d1d5ce66a423e86f61ba4dfe69 +Author: Katy Feng +Date: Thu Oct 5 10:35:26 2023 -0700 + + Remove Glib usage from stringxx/ubstr_t. + Replace Glib::RefPtr with std::shared_ptr. + +commit e367c428ff4062517228171ea63359fdbe252e66 +Author: Katy Feng +Date: Thu Oct 5 10:35:26 2023 -0700 + + Update Glib header inclusion to address C++ compatibility issues. + +commit a2f775b5c3e1d6c4859308bb87d9209018a28716 +Author: Katy Feng +Date: Thu Oct 5 10:35:26 2023 -0700 + + Change to common source file not applicable to open-vm-tools. + +commit 0633d24feca0d9aa28696b4156c6f1944d3e7644 +Author: Katy Feng +Date: Thu Oct 5 10:35:26 2023 -0700 + + Changes to common source files not applicable to open-vm-tools. + +commit 126f05a2c2834ce20bc507b5e0f96b3b5929ed1a +Author: Katy Feng +Date: Thu Oct 5 10:35:26 2023 -0700 + + Changes to common source files not applicable to open-vm-tools. + +commit 1930fbc010efcfb95196a999e6f24c9bcb19087f +Author: Katy Feng +Date: Thu Oct 5 10:35:26 2023 -0700 + + Changes to common source files not applicable to open-vm-tools. + +commit e796234eb7a790ac1accc87534106e10140394fa +Author: Katy Feng +Date: Thu Oct 5 10:35:25 2023 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit bacfb532b8f904c7d4141891ca95db7b4b6c0ac6 +Author: Katy Feng +Date: Thu Oct 5 10:35:25 2023 -0700 + + Allow pre-Windows 2000 style user logon for Linux Guests. + + With this change, applications that require user/password type + authentication/authorization (done by VGAuth service) for guestOps + can now use pre-windows 2000 style user logon for Linux Guests too. + + Github Issue: https://github.com/vmware/open-vm-tools/issues/641 + +commit 6267410529bdc7ba4c4e89293232d72f7d824641 +Author: Katy Feng +Date: Thu Oct 5 10:35:25 2023 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit 1536a14b450633ba8040f3fc57e922e39d9b3311 +Author: Katy Feng +Date: Thu Oct 5 10:35:25 2023 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit f2485a10afcbc3a81b9cfc4726e2492a338b729a +Author: Katy Feng +Date: Thu Oct 5 10:35:25 2023 -0700 + + Changes to common source files not applicable to open-vm-tools. + +commit 97fd6909e336796e5eb3829d853754de9ac3b97a +Author: Katy Feng +Date: Thu Oct 5 10:35:25 2023 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit 7a6e765d2a5f3946513abdec8fc61c00385dc120 +Author: Katy Feng +Date: Thu Oct 5 10:35:25 2023 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit 2f1d2a0231db89c035b1dcd8a6266ea8ae49c9c4 +Author: Katy Feng +Date: Thu Oct 5 10:35:25 2023 -0700 + + Bump the VMware Tools version to 12.4.0 in the "devel" branch. + + Setting the development VMware Tools version to 12.4.0. + Adding the tag "HEDGE_TRIMMER" to the 12.3.0 version. + +commit 5188bd21d33180eb70612f57d5cb2aef8188108a +Author: Katy Feng +Date: Thu Oct 5 10:35:25 2023 -0700 + + Change to common source file not applicable to open-vm-tools at this time. + +commit 093aef15e1e390a613237a3bdd7a8c794ab672cc +Author: Katy Feng +Date: Thu Oct 5 10:35:25 2023 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit 75a751e2fda529a14de79fd32fb25ca97612400c +Author: Katy Feng +Date: Fri Aug 25 12:11:31 2023 -0700 + + Add missed 2023 copyright change. + +commit 1335787e74fc86752984c81ea7b0bd1b0065ce89 +Author: Katy Feng +Date: Fri Aug 25 11:57:15 2023 -0700 + + ChangeLog update of Aug. 25, 2023. + commit 518a77a39a30d39c4397d2533bae57880f44ec6e Author: Katy Feng Date: Fri Aug 25 11:51:12 2023 -0700 From 650ce059114e09cbac3594b9e1be4069febe4311 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Tue, 17 Oct 2023 15:24:47 -0700 Subject: [PATCH 045/375] Setting the VMware Tools version to 12.3.5. --- open-vm-tools/lib/include/vm_tools_version.h | 21 +++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/open-vm-tools/lib/include/vm_tools_version.h b/open-vm-tools/lib/include/vm_tools_version.h index 6f4ae37ef..74825bd30 100644 --- a/open-vm-tools/lib/include/vm_tools_version.h +++ b/open-vm-tools/lib/include/vm_tools_version.h @@ -1751,15 +1751,22 @@ TOOLS_VERSION_UINT_TO_COMPONENTS(const ToolsVersion toolsVersion, // IN #define TOOLS_VERSION_BANDSAW_UPDATE1_V_BASE 5 #ifndef RC_INVOKED -#define TOOLS_VERSION_NEXT TOOLS_VERSION_TO_UINT(TOOLS_VERSION_NEXT_V) +#define TOOLS_VERSION_HEDGE_TRIMMER_RELEASE TOOLS_VERSION_TO_UINT(TOOLS_VERSION_HEDGE_TRIMMER_RELEASE_V) #endif /* RC_INVOKED */ -#define TOOLS_VERSION_NEXT_V_MJR 12 -#define TOOLS_VERSION_NEXT_V_MNR 3 -#define TOOLS_VERSION_NEXT_V_BASE 0 +#define TOOLS_VERSION_HEDGE_TRIMMER_RELEASE_V_MJR 12 +#define TOOLS_VERSION_HEDGE_TRIMMER_RELEASE_V_MNR 3 +#define TOOLS_VERSION_HEDGE_TRIMMER_RELEASE_V_BASE 0 -#define TOOLS_VERSION_CURRENT TOOLS_VERSION_NEXT -#define TOOLS_VERSION_CURRENT_STR TOOLS_VERSION_TO_STR(TOOLS_VERSION_NEXT) -#define TOOLS_VERSION_CURRENT_CSV TOOLS_VERSION_TO_CSV(TOOLS_VERSION_NEXT) +#ifndef RC_INVOKED +#define TOOLS_VERSION_HEDGE_TRIMMER_UPDATE1 TOOLS_VERSION_TO_UINT(TOOLS_VERSION_HEDGE_TRIMMER_UPDATE1_V) +#endif /* RC_INVOKED */ +#define TOOLS_VERSION_HEDGE_TRIMMER_UPDATE1_V_MJR 12 +#define TOOLS_VERSION_HEDGE_TRIMMER_UPDATE1_V_MNR 3 +#define TOOLS_VERSION_HEDGE_TRIMMER_UPDATE1_V_BASE 5 + +#define TOOLS_VERSION_CURRENT TOOLS_VERSION_HEDGE_TRIMMER_UPDATE1 +#define TOOLS_VERSION_CURRENT_STR TOOLS_VERSION_TO_STR(TOOLS_VERSION_HEDGE_TRIMMER_UPDATE1) +#define TOOLS_VERSION_CURRENT_CSV TOOLS_VERSION_TO_CSV(TOOLS_VERSION_HEDGE_TRIMMER_UPDATE1) /* * The extended Tools version is the current Tools version with the From ba8219ee4bab927d7142e8392b20e183c589786e Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Tue, 17 Oct 2023 15:24:48 -0700 Subject: [PATCH 046/375] Enabling the open-vm-tools VGAuth Host Verification feature. The Host Verified SAML token work is complete. Adding the new code to the open-vm-tools source. --- open-vm-tools/configure.ac | 6 ------ open-vm-tools/services/plugins/vix/vixToolsInt.h | 2 -- open-vm-tools/vgauth/common/VGAuthProto.h | 2 -- open-vm-tools/vgauth/public/VGAuthAuthentication.h | 2 +- 4 files changed, 1 insertion(+), 11 deletions(-) diff --git a/open-vm-tools/configure.ac b/open-vm-tools/configure.ac index 2d60c725b..4ec1ea97f 100644 --- a/open-vm-tools/configure.ac +++ b/open-vm-tools/configure.ac @@ -1944,12 +1944,6 @@ AC_CONFIG_FILES([ \ -AM_CONDITIONAL([VMTOOLS_FS_VGAUTH_HOST_VERIFICATION],[true]) -if test "$enable_vgauth" = "yes"; then - echo "Enabling vgauth host verification" - CPPFLAGS="$CPPFLAGS -DVMTOOLS_FS_VGAUTH_HOST_VERIFICATION" -fi - ### ### Output diff --git a/open-vm-tools/services/plugins/vix/vixToolsInt.h b/open-vm-tools/services/plugins/vix/vixToolsInt.h index 19685edbb..007db5115 100644 --- a/open-vm-tools/services/plugins/vix/vixToolsInt.h +++ b/open-vm-tools/services/plugins/vix/vixToolsInt.h @@ -204,9 +204,7 @@ VixError VixToolsCheckSAMLForSystem(VGAuthContext *ctx, const char *token, const char *username, char *serviceUsername, -#ifdef VMTOOLS_FS_VGAUTH_HOST_VERIFICATION Bool hostVerified, -#endif void **userToken, VGAuthUserHandle **curUserHandle); #endif // _WIN32 diff --git a/open-vm-tools/vgauth/common/VGAuthProto.h b/open-vm-tools/vgauth/common/VGAuthProto.h index f7bcae12f..58a84a1c4 100644 --- a/open-vm-tools/vgauth/common/VGAuthProto.h +++ b/open-vm-tools/vgauth/common/VGAuthProto.h @@ -622,7 +622,6 @@ #define VGAUTH_REQUESTVALIDATESAMLBEARERTOKEN_ELEMENT_NAME "ValidateSamlBToken" - #define VGAUTH_VALIDATESAMLBEARERTOKEN_REQUEST_FORMAT \ VGAUTH_REQUEST_FORMAT_START \ "<"VGAUTH_REQUESTNAME_ELEMENT_NAME">"VGAUTH_REQUESTVALIDATESAMLBEARERTOKEN_ELEMENT_NAME"" \ @@ -632,7 +631,6 @@ "<"VGAUTH_HOST_VERIFIED_ELEMENT_NAME">%s" \ VGAUTH_REQUEST_FORMAT_END - #define VGAUTH_VALIDATESAMLBEARERTOKEN_REPLY_FORMAT_START \ VGAUTH_REPLY_FORMAT_START \ "<"VGAUTH_USERNAME_ELEMENT_NAME">%s" \ diff --git a/open-vm-tools/vgauth/public/VGAuthAuthentication.h b/open-vm-tools/vgauth/public/VGAuthAuthentication.h index 0d6565af1..e19fe4764 100644 --- a/open-vm-tools/vgauth/public/VGAuthAuthentication.h +++ b/open-vm-tools/vgauth/public/VGAuthAuthentication.h @@ -198,7 +198,7 @@ VGAuthError VGAuth_ValidateSSPIResponse(VGAuthContext *ctx, #define VGAUTH_PARAM_VALIDATE_INFO_ONLY "validateInfoOnly" -# define VGAUTH_PARAM_SAML_HOST_VERIFIED "hostVerified" +#define VGAUTH_PARAM_SAML_HOST_VERIFIED "hostVerified" VGAuthError VGAuth_ValidateSamlBearerToken(VGAuthContext *ctx, const char *samlToken, From d9ffb3275ada811caa8478d481cd9003766baa1c Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Tue, 17 Oct 2023 15:24:48 -0700 Subject: [PATCH 047/375] Add missed 2023 copyright change. --- open-vm-tools/lib/include/compat/compat_stdarg.h | 2 +- .../services/plugins/serviceDiscovery/serviceDiscoveryInt.h | 2 +- .../services/plugins/serviceDiscovery/serviceDiscoveryPosix.c | 2 +- open-vm-tools/tests/Makefile.am | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/open-vm-tools/lib/include/compat/compat_stdarg.h b/open-vm-tools/lib/include/compat/compat_stdarg.h index 5295e5c9d..4d031601c 100644 --- a/open-vm-tools/lib/include/compat/compat_stdarg.h +++ b/open-vm-tools/lib/include/compat/compat_stdarg.h @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (C) 2006-2016 VMware, Inc. All rights reserved. + * Copyright (C) 2006-2016,2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published diff --git a/open-vm-tools/services/plugins/serviceDiscovery/serviceDiscoveryInt.h b/open-vm-tools/services/plugins/serviceDiscovery/serviceDiscoveryInt.h index 836e62f23..01a988e2b 100644 --- a/open-vm-tools/services/plugins/serviceDiscovery/serviceDiscoveryInt.h +++ b/open-vm-tools/services/plugins/serviceDiscovery/serviceDiscoveryInt.h @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (C) 2020-2021 VMware, Inc. All rights reserved. + * Copyright (C) 2020-2021,2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published diff --git a/open-vm-tools/services/plugins/serviceDiscovery/serviceDiscoveryPosix.c b/open-vm-tools/services/plugins/serviceDiscovery/serviceDiscoveryPosix.c index 28c53bdbb..570a6bd06 100644 --- a/open-vm-tools/services/plugins/serviceDiscovery/serviceDiscoveryPosix.c +++ b/open-vm-tools/services/plugins/serviceDiscovery/serviceDiscoveryPosix.c @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (C) 2020-2021 VMware, Inc. All rights reserved. + * Copyright (C) 2020-2021,2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published diff --git a/open-vm-tools/tests/Makefile.am b/open-vm-tools/tests/Makefile.am index 5a4629645..4203dd998 100644 --- a/open-vm-tools/tests/Makefile.am +++ b/open-vm-tools/tests/Makefile.am @@ -1,5 +1,5 @@ ################################################################################ -### Copyright (c) 2009-2016,2022 VMware, Inc. All rights reserved. +### Copyright (c) 2009-2016,2022,2023 VMware, Inc. All rights reserved. ### ### This program is free software; you can redistribute it and/or modify ### it under the terms of version 2 of the GNU General Public License as From 395cb80dc14e86f07e22541ae5ff205ad695056e Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Tue, 17 Oct 2023 15:24:48 -0700 Subject: [PATCH 048/375] Checking flag 'disable_vmware_customization' in more cloud-init config files Currently, deployPkg plugin checks the existence of flag 'disable_vmware_customization: false' in the /etc/cloud/cloud.cfg file to determine if VMware customization is enabled or not on cloud-init side when cloud-init is available in guest. Both cloud-init team and customers suggested that it's better practice to put local configuration like this flag into some .cfg files under /etc/cloud/cloud.cfg.d directory, ex: /etc/cloud/cloud.cfg.d/somefile.cfg This change implements the following adjustments to make sure we handle this flag the same way as cloud-init does in ds-identify and Datasource: 1. Instead of regex matching flag 'disable_vmware_customization: false', we will check the value of flag 'disable_vmware_customization': If the value is 'false', it means VMware customization is enabled. If the value is 'true', it means VMware customization is disabled. If the flag is not set, by default VMware customization is disabled on cloud-init side. 2. Besides cloud-init /etc/cloud/cloud.cfg file, we will check all .cfg files under /etc/cloud/cloud.cfg.d directory. 3. The value of flag 'disable_vmware_customization' in .cfg files under /etc/cloud/cloud.cfg.d directory will overwrite the one in /etc/cloud/cloud.cfg file. 4. The value of flag 'disable_vmware_customization' in a .cfg file listed further down the alphabetical order under /etc/cloud/cloud.cfg.d directory will overwrite the value in a .cfg file listed earier. 5. If a cloud-init config file contains more than one instance of this flag, the value of the later flag will overwrite the former one's. Github Issue: https://github.com/vmware/open-vm-tools/issues/310 --- open-vm-tools/libDeployPkg/linuxDeployment.c | 5 +- .../libDeployPkg/linuxDeploymentUtilities.c | 220 ++++++++++++++---- .../libDeployPkg/linuxDeploymentUtilities.h | 4 +- 3 files changed, 180 insertions(+), 49 deletions(-) diff --git a/open-vm-tools/libDeployPkg/linuxDeployment.c b/open-vm-tools/libDeployPkg/linuxDeployment.c index 0faaaf8b8..4ddf3477a 100644 --- a/open-vm-tools/libDeployPkg/linuxDeployment.c +++ b/open-vm-tools/libDeployPkg/linuxDeployment.c @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (c) 2006-2022 VMware, Inc. All rights reserved. + * Copyright (c) 2006-2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -1236,7 +1236,6 @@ UseCloudInitWorkflow(const char* dirPath, bool ignoreCloudInit) { static const char cfgName[] = "cust.cfg"; static const char metadataName[] = "metadata"; - static const char cloudInitConfigFilePath[] = "/etc/cloud/cloud.cfg"; static const char cloudInitCommand[] = "/usr/bin/cloud-init -v"; char cloudInitCommandOutput[MAX_LENGTH_CLOUDINIT_VERSION]; int forkExecResult; @@ -1288,7 +1287,7 @@ UseCloudInitWorkflow(const char* dirPath, bool ignoreCloudInit) return USE_CLOUDINIT_OK; } } else { - if (IsCloudInitEnabled(cloudInitConfigFilePath)) { + if (IsCloudInitCustomizationEnabled()) { return USE_CLOUDINIT_OK; } else { return USE_CLOUDINIT_DISABLED; diff --git a/open-vm-tools/libDeployPkg/linuxDeploymentUtilities.c b/open-vm-tools/libDeployPkg/linuxDeploymentUtilities.c index 8de2f7f00..61ccd54d3 100644 --- a/open-vm-tools/libDeployPkg/linuxDeploymentUtilities.c +++ b/open-vm-tools/libDeployPkg/linuxDeploymentUtilities.c @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (C) 2016-2019 VMware, Inc. All rights reserved. + * Copyright (c) 2016-2019, 2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -18,70 +18,99 @@ #include #include +#include #include #include #include #include #include "linuxDeploymentUtilities.h" +#include "str.h" extern LogFunction sLog; +// The status code of flag 'disable_vmware_customization' +typedef enum DISABLE_VMWARE_CUSTIOMIZATION_FLAG_STATUS_CODE { + DISABLE_VMWARE_CUSTOMIZATION_FLAG_UNSET = 0, + DISABLE_VMWARE_CUSTOMIZATION_FLAG_SET_TRUE, + DISABLE_VMWARE_CUSTOMIZATION_FLAG_SET_FALSE, +} DISABLE_VMWARE_CUSTIOMIZATION_FLAG_STATUS_CODE; + +// Private functions +static DISABLE_VMWARE_CUSTIOMIZATION_FLAG_STATUS_CODE +GetDisableVMwareCustomizationFlagStatus(const char* cloudInitConfigFilePath); +static int +FilterCfgExt(const struct dirent *dir); + /** *---------------------------------------------------------------------------- * - * IsCloudInitEnabled + * IsCloudInitCustomizationEnabled * - * Function to determine if cloud-init is enabled. + * Function to determine if cloud-init customization workflow is enabled. * Essentially it does - * - read a cloud-init config file - * - Find if a particular flag is enabled or disabled. + * - Read all cloud-init configuration files under /etc/cloud/cloud.cfg.d/ + * - Read the cloud-init configuration file /etc/cloud/cloud.cfg + * - Find if a particular flag is enabled or disabled + * - Particularly, the value of flag in files under /etc/cloud/cloud.cfg.d/ + * has higher priority than the one in file /etc/cloud/cloud.cfg, and the + * value of flag in file listed behind in alphabetical sort under + * /etc/cloud/cloud.cfg.d/ has higher priority than the one in file listed + * in front * - * @param [IN] cloudFilePath path of the cloud-init config file - * @returns TRUE if disable_vmware_customization is false and FALSE otherwise. + * @returns TRUE if value of the flag 'disable_vmware_customization' is false + * FALSE otherwise * *---------------------------------------------------------------------------- **/ bool -IsCloudInitEnabled(const char *cloudFilePath) +IsCloudInitCustomizationEnabled() { - bool isEnabled = false; - FILE *cloudFile; - char line[256]; - regex_t regex; - const char *cloudInitRegex = - "^\\s*disable_vmware_customization\\s*:\\s*false\\s*$"; - int reti; + DISABLE_VMWARE_CUSTIOMIZATION_FLAG_STATUS_CODE flagStatus = + DISABLE_VMWARE_CUSTOMIZATION_FLAG_UNSET; + static const char cloudInitBaseConfigFilePath[] = "/etc/cloud/cloud.cfg"; + static const char cloudInitConfigDirPath[] = "/etc/cloud/cloud.cfg.d/"; + struct dirent **fileList; + int i, fileCount; + size_t filePathLength; + char *filePath = NULL; - sLog(log_info, "Checking if cloud.cfg exists and if cloud-init is enabled."); - cloudFile = fopen(cloudFilePath, "r"); - if (cloudFile == NULL) { - sLog(log_info, "Could not open file: %s", strerror(errno)); - return isEnabled; - } - - reti = regcomp(®ex, cloudInitRegex, 0); - if (reti != 0) { - char buf[256]; - regerror(reti, ®ex, buf, sizeof(buf)); - sLog(log_error, "Error compiling regex for cloud-init flag: %s", buf); - goto done; - } - - while (fgets(line, sizeof(line), cloudFile) != NULL) { - if (regexec(®ex, line, 0, NULL, 0) == 0) { - isEnabled = true; - break; + sLog(log_info, "Checking if cloud-init customization is enabled."); + fileCount = + scandir(cloudInitConfigDirPath, &fileList, FilterCfgExt, alphasort); + if (fileCount < 0) { + sLog(log_warning, "Could not scan directory %s, error: %s.", + cloudInitConfigDirPath, strerror(errno)); + } else { + for (i = fileCount - 1; i >= 0; i--) { + filePathLength = Str_Strlen(cloudInitConfigDirPath, PATH_MAX) + + Str_Strlen(fileList[i]->d_name, FILENAME_MAX) + 1; + filePath = malloc(filePathLength); + if (filePath == NULL) { + sLog(log_warning, "Error allocating memory to copy '%s'.", + cloudInitConfigDirPath); + break; + } + Str_Strcpy(filePath, cloudInitConfigDirPath, filePathLength); + Str_Strcat(filePath, fileList[i]->d_name, filePathLength); + flagStatus = GetDisableVMwareCustomizationFlagStatus(filePath); + free(filePath); + filePath = NULL; + if (flagStatus != DISABLE_VMWARE_CUSTOMIZATION_FLAG_UNSET) { + break; + } + } + for (i = 0; i < fileCount; i++) { + free(fileList[i]); } } - if (ferror(cloudFile) != 0) { - sLog(log_warning, "Error reading file: %s", strerror(errno)); - isEnabled = false; + free(fileList); + + if (flagStatus == DISABLE_VMWARE_CUSTOMIZATION_FLAG_UNSET) { + flagStatus = + GetDisableVMwareCustomizationFlagStatus(cloudInitBaseConfigFilePath); } - regfree(®ex); -done: - fclose(cloudFile); - return isEnabled; + return (flagStatus == DISABLE_VMWARE_CUSTOMIZATION_FLAG_SET_FALSE); } /** @@ -113,7 +142,7 @@ GetCustomScript(const char* dirPath) sLog(log_info, "Check if custom script(pre/post customization) exists."); tempDir = opendir(dirPath); if (tempDir == NULL) { - sLog(log_warning, "Could not open directory %s: error: %s", dirPath, + sLog(log_warning, "Could not open directory %s: error: %s.", dirPath, strerror(errno)); return scriptName; } @@ -123,7 +152,7 @@ GetCustomScript(const char* dirPath) char buf[256]; regerror(regRet, &scriptRegex, buf, sizeof(buf)); - sLog(log_error, "Error compiling regex for custom script: %s", buf); + sLog(log_error, "Error compiling regex for custom script: %s.", buf); goto done; } @@ -131,7 +160,7 @@ GetCustomScript(const char* dirPath) if (regexec(&scriptRegex, dir->d_name, 0, NULL, 0) == 0) { scriptName = strdup(dir->d_name); if (scriptName == NULL) { - sLog(log_warning, "Could not allocate memory for scriptName: %s", + sLog(log_warning, "Could not allocate memory for scriptName: %s.", strerror(errno)); break; } @@ -145,3 +174,106 @@ GetCustomScript(const char* dirPath) return scriptName; } +/** + *---------------------------------------------------------------------------- + * + * GetDisableVMwareCustomizationFlagStatus + * + * Function to get status code of the flag 'disable_vmware_customization' from + * a cloud-init config file. + * Essentially it does + * - Read a cloud-init config file + * - Get status code of the flag according to its value + * + * @param [IN] cloudInitConfigFilePath path of a cloud-int config file + * @returns The status code of this particular flag + * + *---------------------------------------------------------------------------- + **/ +static DISABLE_VMWARE_CUSTIOMIZATION_FLAG_STATUS_CODE +GetDisableVMwareCustomizationFlagStatus(const char* cloudInitConfigFilePath) +{ + DISABLE_VMWARE_CUSTIOMIZATION_FLAG_STATUS_CODE flagStatus = + DISABLE_VMWARE_CUSTOMIZATION_FLAG_UNSET; + FILE *cloudInitConfigFile; + char line[256]; + regex_t regex; + size_t maxGroups = 2, flagValueLength = 0; + regmatch_t groupArray[maxGroups]; + const char *flagPattern = + "^\\s*disable_vmware_customization\\s*:\\s*(true|false)\\s*$"; + int reti; + + cloudInitConfigFile = fopen(cloudInitConfigFilePath, "r"); + if (cloudInitConfigFile == NULL) { + sLog(log_warning, "Could not open file: %s.", strerror(errno)); + return flagStatus; + } + + reti = regcomp(®ex, flagPattern, REG_EXTENDED); + if (reti != 0) { + char buf[256]; + regerror(reti, ®ex, buf, sizeof(buf)); + sLog(log_error, "Error compiling regex for cloud-init flag: %s.", buf); + goto done; + } + + while (fgets(line, sizeof(line), cloudInitConfigFile) != NULL) { + if (regexec(®ex, line, maxGroups, groupArray, 0) == 0) { + flagValueLength = groupArray[1].rm_eo - groupArray[1].rm_so; + if (flagValueLength > 0) { + char flagValue[flagValueLength + 1]; + Str_Strncpy(flagValue, flagValueLength + 1, + line + groupArray[1].rm_so, flagValueLength); + sLog(log_info, + "Flag 'disable_vmware_customization' set in %s with value: %s.", + cloudInitConfigFilePath, flagValue); + if (Str_Strequal(flagValue, "false")) { + flagStatus = DISABLE_VMWARE_CUSTOMIZATION_FLAG_SET_FALSE; + } else if (Str_Strequal(flagValue, "true")) { + flagStatus = DISABLE_VMWARE_CUSTOMIZATION_FLAG_SET_TRUE; + } + } + } + } + if (ferror(cloudInitConfigFile) != 0) { + sLog(log_warning, "Error reading file: %s.", strerror(errno)); + flagStatus = DISABLE_VMWARE_CUSTOMIZATION_FLAG_UNSET; + } + regfree(®ex); + +done: + fclose(cloudInitConfigFile); + return flagStatus; +} + +/** + *----------------------------------------------------------------------------- + * + * FilterCfgExt + * + * Filter files with .cfg extension when calling scandir. + * + * @param [IN] dir struct dirent of a directory entry + * @returns 1 if dir is a regular file and its file extension is .cfg + * 0 otherwise + * + * ---------------------------------------------------------------------------- + **/ +static int +FilterCfgExt(const struct dirent *dir) +{ + if (!dir) + return 0; + + if (dir->d_type == DT_REG) { + const char *ext = Str_Strrchr(dir->d_name, '.'); + if ((!ext) || (ext == dir->d_name)) { + return 0; + } else if (Str_Strequal(ext, ".cfg")) { + return 1; + } + } + + return 0; +} diff --git a/open-vm-tools/libDeployPkg/linuxDeploymentUtilities.h b/open-vm-tools/libDeployPkg/linuxDeploymentUtilities.h index 80ab04ef0..b461e4bcf 100644 --- a/open-vm-tools/libDeployPkg/linuxDeploymentUtilities.h +++ b/open-vm-tools/libDeployPkg/linuxDeploymentUtilities.h @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (C) 2016-2019 VMware, Inc. All rights reserved. + * Copyright (c) 2016-2019, 2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -24,7 +24,7 @@ #include "imgcust-common/imgcust-api.h" IMGCUST_API bool -IsCloudInitEnabled(const char* configFile); +IsCloudInitCustomizationEnabled(); IMGCUST_API char * GetCustomScript(const char* dirPath); From 3b5308bb4bdf3eeebd49808eb0efa015aa183772 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Tue, 17 Oct 2023 15:24:48 -0700 Subject: [PATCH 049/375] Suppress optional arg to backup scripts when empty string. Backup scripts can be called with an optional argument. Don't pass the optional arg to the script if it's an empty string. --- open-vm-tools/services/plugins/vmbackup/scriptOps.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/open-vm-tools/services/plugins/vmbackup/scriptOps.c b/open-vm-tools/services/plugins/vmbackup/scriptOps.c index 2dc4eb664..2dbf9bf06 100644 --- a/open-vm-tools/services/plugins/vmbackup/scriptOps.c +++ b/open-vm-tools/services/plugins/vmbackup/scriptOps.c @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (C) 2007-2019, 2021 VMware, Inc. All rights reserved. + * Copyright (c) 2007-2019, 2021, 2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -157,7 +157,7 @@ VmBackupRunNextScript(VmBackupScriptOp *op) // IN/OUT if (File_IsFile(scripts[index].path)) { char *cmd; - if (op->state->scriptArg != NULL) { + if (op->state->scriptArg != NULL && op->state->scriptArg[0] != '\0') { cmd = Str_Asprintf(NULL, "\"%s\" %s \"%s\"", scripts[index].path, scriptOp, op->state->scriptArg); } else { From 63f7c79c4aecb14d37cc4ce9da509419e31d394f Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Tue, 17 Oct 2023 15:24:48 -0700 Subject: [PATCH 050/375] File descriptor vulnerability in the open-vm-tools vmware-user-suid-wrapperx on Linux Moving the privilege drop logic (dropping privilege to the real uid and gid of the process for the vmusr service) from suidWrapper to vmtoolsd code. Now the vmtoolsd is not executed with dropped privileges (started as setuid program) and the dumpable attribute of the process is not reset. The unprivileged user will not have access to the privileged file descriptors in the vmtoolsd vmusr process. Also, setting the FD_CLOEXEC flag for both uinputFd and blockFd preventing the file descriptors being inherited any further from the vmtoolsd. --- open-vm-tools/services/vmtoolsd/mainPosix.c | 78 ++++++++++++++++++- open-vm-tools/vmware-user-suid-wrapper/main.c | 28 +------ 2 files changed, 81 insertions(+), 25 deletions(-) diff --git a/open-vm-tools/services/vmtoolsd/mainPosix.c b/open-vm-tools/services/vmtoolsd/mainPosix.c index fd2667cd5..6c52156bc 100644 --- a/open-vm-tools/services/vmtoolsd/mainPosix.c +++ b/open-vm-tools/services/vmtoolsd/mainPosix.c @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (c) 2008-2020,2022 VMware, Inc. All rights reserved. + * Copyright (c) 2008-2020,2022-2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -28,10 +28,12 @@ #include #include #include +#include #include #include "file.h" #include "guestApp.h" #include "hostinfo.h" +#include "su.h" #include "system.h" #include "unicode.h" #include "util.h" @@ -154,6 +156,59 @@ ToolsCoreWorkAroundLoop(ToolsServiceState *state, } +/** + * Tools function to set close-on-exec flg for the fd. + * + * @param[in] fd open file descriptor. + * + * @return TRUE on success, FALSE otherwise. + */ + +static gboolean +ToolsSetCloexecFlag(int fd) +{ + int flags; + + if (fd == -1) { + /* fd is not present, no need to manipulate */ + return TRUE; + } + + flags = fcntl(fd, F_GETFD, 0); + if (flags < 0) { + g_printerr("Couldn't get the flags set for fd %d, error %u.", fd, errno); + return FALSE; + } + flags |= FD_CLOEXEC; + if (fcntl(fd, F_SETFD, flags) < 0) { + g_printerr("Couldn't set close-on-exec for fd %d, error %u.", fd, errno); + return FALSE; + } + + return TRUE; +} + + +/** + * Tools function to close the fds. + */ + +static void +ToolsCloseFds(void) +{ + if (gState.ctx.blockFD != -1) { + close(gState.ctx.blockFD); + } + + /* + * uinputFD will be available only for wayland. + */ + if (gState.ctx.uinputFD != -1) { + close(gState.ctx.uinputFD); + } +} + + /** * Tools daemon entry function. * @@ -210,6 +265,27 @@ main(int argc, g_free(argvCopy); argvCopy = NULL; + /* + * Drops privilege to the real uid and gid of the process + * for the "vmusr" service. + */ + if (TOOLS_IS_USER_SERVICE(&gState)) { + uid_t uid = getuid(); + gid_t gid = getgid(); + + if ((Id_SetREUid(uid, uid) != 0) || + (Id_SetREGid(gid, gid) != 0)) { + g_printerr("could not drop privileges: %s", strerror(errno)); + ToolsCloseFds(); + goto exit; + } + if (!ToolsSetCloexecFlag(gState.ctx.blockFD) || + !ToolsSetCloexecFlag(gState.ctx.uinputFD)) { + ToolsCloseFds(); + goto exit; + } + } + if (gState.pidFile != NULL) { /* * If argv[0] is not an absolute path, make it so; all other path diff --git a/open-vm-tools/vmware-user-suid-wrapper/main.c b/open-vm-tools/vmware-user-suid-wrapper/main.c index e9d7e5084..73ae9b9bb 100644 --- a/open-vm-tools/vmware-user-suid-wrapper/main.c +++ b/open-vm-tools/vmware-user-suid-wrapper/main.c @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (C) 2007-2018 VMware, Inc. All rights reserved. + * Copyright (C) 2007-2018,2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -156,8 +156,7 @@ MaskSignals(void) * * Obtains the library directory from the Tools locations database, then * opens a file descriptor (while still root) to add and remove blocks, - * drops privilege to the real uid of this process, and finally starts - * vmware-user. + * and finally starts vmware-user. * * Results: * Parent: TRUE on success, FALSE on failure. @@ -173,8 +172,6 @@ static Bool StartVMwareUser(char *const envp[]) { pid_t pid; - uid_t uid; - gid_t gid; int blockFd = -1; char blockFdStr[8]; int uinputFd = -1; @@ -191,8 +188,8 @@ StartVMwareUser(char *const envp[]) } /* - * Now create a child process, obtain a file descriptor as root, downgrade - * privilege, and run vmware-user. + * Now create a child process, obtain a file descriptor as root and + * run vmware-user. */ pid = fork(); if (pid == -1) { @@ -229,23 +226,6 @@ StartVMwareUser(char *const envp[]) } } - uid = getuid(); - gid = getgid(); - - if ((setreuid(uid, uid) != 0) || - (setregid(gid, gid) != 0)) { - Error("could not drop privileges: %s\n", strerror(errno)); - if (blockFd != -1) { - close(blockFd); - } - if (useWayland) { - if (uinputFd != -1) { - close(uinputFd); - } - } - return FALSE; - } - /* * Since vmware-user provides features that don't depend on vmblock, we * invoke vmware-user even if we couldn't obtain a file descriptor or we From 1bfe23d728b74e08f4f65cd9b0093ca73937003a Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Tue, 17 Oct 2023 15:24:48 -0700 Subject: [PATCH 051/375] Don't accept tokens with unrelated certs If a SAML token has a cert that's not a part of a chain, fail the token as invalid. --- open-vm-tools/vgauth/common/certverify.c | 147 +++++++++++++++++- open-vm-tools/vgauth/common/certverify.h | 6 +- open-vm-tools/vgauth/common/prefs.h | 4 +- .../vgauth/serviceImpl/saml-xmlsec1.c | 14 ++ 4 files changed, 168 insertions(+), 3 deletions(-) diff --git a/open-vm-tools/vgauth/common/certverify.c b/open-vm-tools/vgauth/common/certverify.c index 0ed78edb0..845f59b91 100644 --- a/open-vm-tools/vgauth/common/certverify.c +++ b/open-vm-tools/vgauth/common/certverify.c @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (c) 2011-2016, 2018-2019, 2021-2022 VMware, Inc. All rights reserved. + * Copyright (c) 2011-2016, 2018-2019, 2021-2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -914,3 +914,148 @@ CertVerify_CheckSignature(VGAuthHashAlg hash, return err; } + + +/* + * Finds a cert with a subject (if checkSubj is set) or issuer (if + * checkSUbj is unset), matching 'val' in the list + * of certs. Returns a match or NULL. + */ + +static X509 * +FindCert(GList *cList, + X509_NAME *val, + int checkSubj) +{ + GList *l; + X509 *c; + X509_NAME *v; + + l = cList; + while (l != NULL) { + c = (X509 *) l->data; + if (checkSubj) { + v = X509_get_subject_name(c); + } else { + v = X509_get_issuer_name(c); + } + if (X509_NAME_cmp(val, v) == 0) { + return c; + } + l = l->next; + } + return NULL; +} + + +/* + ****************************************************************************** + * CertVerify_CheckForUnrelatedCerts -- */ /** + * + * Looks over a list of certs. If it finds that they are not all + * part of the same chain, returns failure. + * + * @param[in] numCerts The number of certs in the chain. + * @param[in] pemCerts The chain of certificates to verify. + * + * @return VGAUTH_E_OK on success, VGAUTH_E_FAIL if unrelated certs are found. + * + ****************************************************************************** + */ + +VGAuthError +CertVerify_CheckForUnrelatedCerts(int numCerts, + const char **pemCerts) +{ + VGAuthError err = VGAUTH_E_FAIL; + int chainLen = 0; + int i; + X509 **certs = NULL; + GList *rawList = NULL; + X509 *baseCert; + X509 *curCert; + X509_NAME *subject; + X509_NAME *issuer; + + /* common single cert case; nothing to do */ + if (numCerts == 1) { + return VGAUTH_E_OK; + } + + /* convert all PEM to X509 objects */ + certs = g_malloc0(numCerts * sizeof(X509 *)); + for (i = 0; i < numCerts; i++) { + certs[i] = CertStringToX509(pemCerts[i]); + if (NULL == certs[i]) { + g_warning("%s: failed to convert cert to X509\n", __FUNCTION__); + goto done; + } + } + + /* choose the cert to start the chain. shouldn't matter which */ + baseCert = certs[0]; + + /* put the rest into a list */ + for (i = 1; i < numCerts; i++) { + rawList = g_list_append(rawList, certs[i]); + } + + /* now chase down to a leaf, looking for certs the baseCert issued */ + subject = X509_get_subject_name(baseCert); + while ((curCert = FindCert(rawList, subject, 0)) != NULL) { + /* pull it from the list */ + rawList = g_list_remove(rawList, curCert); + /* set up the next find */ + subject = X509_get_subject_name(curCert); + } + + /* + * walk up to the root cert, by finding a cert where the + * issuer equals the subject of the current + */ + issuer = X509_get_issuer_name(baseCert); + while ((curCert = FindCert(rawList, issuer, 1)) != NULL) { + /* pull it from the list */ + rawList = g_list_remove(rawList, curCert); + /* set up the next find */ + issuer = X509_get_issuer_name(curCert); + } + + /* + * At this point, anything on the list should be certs that are not part + * of the chain that includes the original 'baseCert'. + * + * For a valid token, the list should be empty. + */ + chainLen = g_list_length(rawList); + if (chainLen != 0 ) { + GList *l; + + g_warning("%s: %d unrelated certs found in list\n", + __FUNCTION__, chainLen); + + /* debug helper */ + l = rawList; + while (l != NULL) { + X509* c = (X509 *) l->data; + char *s = X509_NAME_oneline(X509_get_subject_name(c), NULL, 0); + + g_debug("%s: unrelated cert subject: %s\n", __FUNCTION__, s); + free(s); + l = l->next; + } + + goto done; + } + + g_debug("%s: Success! no unrelated certs found\n", __FUNCTION__); + err = VGAUTH_E_OK; + +done: + g_list_free(rawList); + for (i = 0; i < numCerts; i++) { + X509_free(certs[i]); + } + g_free(certs); + return err; +} diff --git a/open-vm-tools/vgauth/common/certverify.h b/open-vm-tools/vgauth/common/certverify.h index d7c6410b6..89ec97a10 100644 --- a/open-vm-tools/vgauth/common/certverify.h +++ b/open-vm-tools/vgauth/common/certverify.h @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (C) 2011-2016, 2020 VMware, Inc. All rights reserved. + * Copyright (C) 2011-2016, 2020, 2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -67,6 +67,10 @@ VGAuthError CertVerify_CheckSignatureUsingCert(VGAuthHashAlg hash, size_t signatureLen, const unsigned char *signature); + +VGAuthError CertVerify_CheckForUnrelatedCerts(int numCerts, + const char **pemCerts); + gchar * CertVerify_StripPEMCert(const gchar *pemCert); gchar * CertVerify_CertToX509String(const gchar *pemCert); diff --git a/open-vm-tools/vgauth/common/prefs.h b/open-vm-tools/vgauth/common/prefs.h index ff116928c..6c58f3f4b 100644 --- a/open-vm-tools/vgauth/common/prefs.h +++ b/open-vm-tools/vgauth/common/prefs.h @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (C) 2011-2019 VMware, Inc. All rights reserved. + * Copyright (C) 2011-2019,2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -136,6 +136,8 @@ msgCatalog = /etc/vmware-tools/vgauth/messages #define VGAUTH_PREF_ALIASSTORE_DIR "aliasStoreDir" /** The number of seconds slack allowed in either direction in SAML token date checks. */ #define VGAUTH_PREF_CLOCK_SKEW_SECS "clockSkewAdjustment" +/** If unrelated certificates are allowed in a SAML token */ +#define VGAUTH_PREF_ALLOW_UNRELATED_CERTS "allowUnrelatedCerts" /** Ticket group name. */ #define VGAUTH_PREF_GROUP_NAME_TICKET "ticket" diff --git a/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c b/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c index 14cba1b5b..57e931626 100644 --- a/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c +++ b/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c @@ -49,6 +49,7 @@ #include "vmxlog.h" static int gClockSkewAdjustment = VGAUTH_PREF_DEFAULT_CLOCK_SKEW_SECS; +static gboolean gAllowUnrelatedCerts = FALSE; static xmlSchemaPtr gParsedSchemas = NULL; static xmlSchemaValidCtxtPtr gSchemaValidateCtx = NULL; @@ -369,6 +370,10 @@ LoadPrefs(void) VGAUTH_PREF_DEFAULT_CLOCK_SKEW_SECS); Log("%s: Allowing %d of clock skew for SAML date validation\n", __FUNCTION__, gClockSkewAdjustment); + gAllowUnrelatedCerts = Pref_GetBool(gPrefs, + VGAUTH_PREF_ALLOW_UNRELATED_CERTS, + VGAUTH_PREF_GROUP_NAME_SERVICE, + FALSE); } @@ -1697,6 +1702,15 @@ SAML_VerifyBearerTokenAndChain(const char *xmlText, return VGAUTH_E_AUTHENTICATION_DENIED; } + if (!gAllowUnrelatedCerts) { + err = CertVerify_CheckForUnrelatedCerts(num, (const char **) certChain); + if (err != VGAUTH_E_OK) { + VMXLog_Log(VMXLOG_LEVEL_WARNING, + "Unrelated certs found in SAML token, failing\n"); + return VGAUTH_E_AUTHENTICATION_DENIED; + } + } + subj.type = SUBJECT_TYPE_NAMED; subj.name = *subjNameOut; err = ServiceVerifyAndCheckTrustCertChainForSubject(num, From ca8bde40e2bb2e03b5f3a38530f6be0d4b19de34 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Tue, 17 Oct 2023 15:31:51 -0700 Subject: [PATCH 052/375] Update the ChangeLog file with the changes in the 12.3.5 open-vm-tools release. - plus the 12.3.0 open-vm-tools release point in the ChangeLog. --- open-vm-tools/ChangeLog | 95 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 95 insertions(+) diff --git a/open-vm-tools/ChangeLog b/open-vm-tools/ChangeLog index 5d3e9d7e1..3951059a0 100644 --- a/open-vm-tools/ChangeLog +++ b/open-vm-tools/ChangeLog @@ -1,3 +1,98 @@ +commit 1bfe23d728b74e08f4f65cd9b0093ca73937003a +Author: Katy Feng +Date: Tue Oct 17 15:24:48 2023 -0700 + + Don't accept tokens with unrelated certs + + If a SAML token has a cert that's not a part of a chain, + fail the token as invalid. + +commit 63f7c79c4aecb14d37cc4ce9da509419e31d394f +Author: Katy Feng +Date: Tue Oct 17 15:24:48 2023 -0700 + + File descriptor vulnerability in the open-vm-tools vmware-user-suid-wrapperx + on Linux + + Moving the privilege drop logic (dropping privilege to the real uid and + gid of the process for the vmusr service) from suidWrapper to vmtoolsd code. + Now the vmtoolsd is not executed with dropped privileges (started as setuid + program) and the dumpable attribute of the process is not reset. + The unprivileged user will not have access to the privileged file descriptors + in the vmtoolsd vmusr process. + Also, setting the FD_CLOEXEC flag for both uinputFd and blockFd preventing + the file descriptors being inherited any further from the vmtoolsd. + +commit 3b5308bb4bdf3eeebd49808eb0efa015aa183772 +Author: Katy Feng +Date: Tue Oct 17 15:24:48 2023 -0700 + + Suppress optional arg to backup scripts when empty string. + Backup scripts can be called with an optional argument. Don't pass the + optional arg to the script if it's an empty string. + +commit 395cb80dc14e86f07e22541ae5ff205ad695056e +Author: Katy Feng +Date: Tue Oct 17 15:24:48 2023 -0700 + + Checking flag 'disable_vmware_customization' in more cloud-init config files + + Currently, deployPkg plugin checks the existence of flag + 'disable_vmware_customization: false' in the /etc/cloud/cloud.cfg file + to determine if VMware customization is enabled or not on cloud-init + side when cloud-init is available in guest. + Both cloud-init team and customers suggested that it's better practice to + put local configuration like this flag into some .cfg files under + /etc/cloud/cloud.cfg.d directory, ex: /etc/cloud/cloud.cfg.d/somefile.cfg + + This change implements the following adjustments to make sure we handle + this flag the same way as cloud-init does in ds-identify and Datasource: + 1. Instead of regex matching flag 'disable_vmware_customization: false', + we will check the value of flag 'disable_vmware_customization': + If the value is 'false', it means VMware customization is enabled. + If the value is 'true', it means VMware customization is disabled. + If the flag is not set, by default VMware customization is disabled + on cloud-init side. + 2. Besides cloud-init /etc/cloud/cloud.cfg file, we will check all .cfg + files under /etc/cloud/cloud.cfg.d directory. + 3. The value of flag 'disable_vmware_customization' in .cfg files under + /etc/cloud/cloud.cfg.d directory will overwrite the one in + /etc/cloud/cloud.cfg file. + 4. The value of flag 'disable_vmware_customization' in a .cfg file listed + further down the alphabetical order under /etc/cloud/cloud.cfg.d directory + will overwrite the value in a .cfg file listed earier. + 5. If a cloud-init config file contains more than one instance of this + flag, the value of the later flag will overwrite the former one's. + + Github Issue: https://github.com/vmware/open-vm-tools/issues/310 + +commit d9ffb3275ada811caa8478d481cd9003766baa1c +Author: Katy Feng +Date: Tue Oct 17 15:24:48 2023 -0700 + + Add missed 2023 copyright change. + +commit ba8219ee4bab927d7142e8392b20e183c589786e +Author: Katy Feng +Date: Tue Oct 17 15:24:48 2023 -0700 + + Enabling the open-vm-tools VGAuth Host Verification feature. + + The Host Verified SAML token work is complete. Adding the new code to the + open-vm-tools source. + +commit 650ce059114e09cbac3594b9e1be4069febe4311 +Author: Katy Feng +Date: Tue Oct 17 15:24:47 2023 -0700 + + Setting the VMware Tools version to 12.3.5. + +commit 865e76adf86fb38380220a3b760aa92ba5407c60 +Author: Katy Feng +Date: Thu Aug 31 07:38:59 2023 -0700 + + Update of the ChangeLog with the "open-vm-tools 12.3.0" release point marker. + commit 4fe4b1be1d7139aa571a6431f26904e6f0b77883 Author: Katy Feng Date: Thu Aug 31 07:32:27 2023 -0700 From d5a0ca16b64730507735281012bc3a4660c5b46c Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Wed, 25 Oct 2023 11:13:15 -0700 Subject: [PATCH 053/375] Prepare for the open-vm-tools 12.3.5 release. - Update the tools version in the configure.ac. - Update the build numbers in the buldNumber.h. --- open-vm-tools/configure.ac | 4 ++-- open-vm-tools/lib/include/buildNumber.h | 12 ++++++------ 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/open-vm-tools/configure.ac b/open-vm-tools/configure.ac index 4ec1ea97f..26bfdb682 100644 --- a/open-vm-tools/configure.ac +++ b/open-vm-tools/configure.ac @@ -35,10 +35,10 @@ ### Initialization ### -TOOLS_VERSION="12.3.0" +TOOLS_VERSION="12.3.5" AC_INIT( [open-vm-tools], - [12.3.0], + [12.3.5], [open-vm-tools-devel@lists.sourceforge.net]) # In order to make this configure script auto-detect situations where diff --git a/open-vm-tools/lib/include/buildNumber.h b/open-vm-tools/lib/include/buildNumber.h index 80b7050a0..ad0f8d205 100644 --- a/open-vm-tools/lib/include/buildNumber.h +++ b/open-vm-tools/lib/include/buildNumber.h @@ -1,12 +1,12 @@ #define BUILD_NUMBER \ - "build-22234872" + "build-22544099" #define BUILD_NUMBER_NUMERIC \ - 22234872 + 22544099 #define BUILD_NUMBER_NUMERIC_STRING \ - "22234872" + "22544099" #define PRODUCT_BUILD_NUMBER \ - "product-build-44994" + "product-build-46049" #define PRODUCT_BUILD_NUMBER_NUMERIC \ - 44994 + 46049 #define PRODUCT_BUILD_NUMBER_NUMERIC_STRING \ - "44994" + "46049" From 6acd1f6742a8fc0dea9cabf7ba15416a2daf5075 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 26 Oct 2023 08:35:59 -0700 Subject: [PATCH 054/375] Update the ReleaseNotes.md for the 12.3.5 open-vm-tools release. --- ReleaseNotes.md | 78 +++++++++++++++---------------------------------- 1 file changed, 23 insertions(+), 55 deletions(-) diff --git a/ReleaseNotes.md b/ReleaseNotes.md index c7dd4ca09..beaffc7e6 100644 --- a/ReleaseNotes.md +++ b/ReleaseNotes.md @@ -1,8 +1,8 @@ -# open-vm-tools 12.3.0 Release Notes +# open-vm-tools 12.3.5 Release Notes -Updated on: 31 August 2023 +Updated on: 26 October 2023 -open-vm-tools | 31 AUGUST 2023 | Build 22234872 +open-vm-tools | 26 OCTOBER 2023 | Build 22544099 Check back for additions and updates to these release notes. @@ -10,7 +10,7 @@ Check back for additions and updates to these release notes. The release notes cover the following topics: -- [open-vm-tools 12.3.0 Release Notes](#open-vm-tools-1230-release-notes) +- [open-vm-tools 12.3.5 Release Notes](#open-vm-tools-1235-release-notes) - [What's in the Release Notes](#whats-in-the-release-notes) - [What's New](#whats-new) - [End of Feature Support Notice](#end-of-feature-support-notice) @@ -22,13 +22,15 @@ The release notes cover the following topics: ## What's New -This release resolves CVE-2023-20900. For more information on this vulnerability and its impact on VMware products, see https://www.vmware.com/security/advisories/VMSA-2023-0019.html. +* This release resolves CVE-2023-34058. For more information on this vulnerability and its impact on VMware products, see https://www.vmware.com/security/advisories/VMSA-2023-0024.html. + +* This release resolves CVE-2023-34059 which only affects open-vm-tools. * Please see the [Resolved Issues](#resolvedissues) and [Known Issues](#knownissues) sections below. -* A complete list of the granular changes in the open-vm-tools 12.3.0 release is available at: +* A complete list of the granular changes in the open-vm-tools 12.3.5 release is available at: - [open-vm-tools ChangeLog](https://github.com/vmware/open-vm-tools/blob/stable-12.3.0/open-vm-tools/ChangeLog) + [open-vm-tools ChangeLog](https://github.com/vmware/open-vm-tools/blob/stable-12.3.5/open-vm-tools/ChangeLog) ## End of Feature Support Notice @@ -38,7 +40,7 @@ This release resolves CVE-2023-20900. For more information on this vulnerability ## Internationalization -open-vm-tools 12.3.0 is available in the following languages: +open-vm-tools 12.3.5 is available in the following languages: * English * French @@ -60,66 +62,32 @@ The [VMware Product Interoperability Matrix](http://partnerweb.vmware.com/comp_ ## Resolved Issues -* **This release resolves CVE-2023-20900.** - - For more information on this vulnerability and its impact on VMware products, see https://www.vmware.com/security/advisories/VMSA-2023-0019.html. - -* **Linux quiesced snapshot: "SyncDriver: failed to freeze '_filesystem_'"** - - The open-vm-tools 12.2.0 release had an update to the Linux quiesced snapshot operation that would avoid starting a quiesced snapshot if a filesystem had already been frozen by another process. See the [Resolved Issues](https://github.com/vmware/open-vm-tools/blob/stable-12.2.0/ReleaseNotes.md#-resolved-issues) section in the open-vm-tools 12.2.0 Release Notes. That fix may have been backported into earlier versions of open-vm-tools by Linux vendors. - - It is possible that filesystems are being frozen in custom pre-freeze scripts to control the order in which those specific filesystems are to be frozen. The vmtoolsd process **must be informed** of all such filesystems with the help of "excludedFileSystems" setting of tools.conf. - - ``` - [vmbackup] - - excludedFileSystems=/opt/data,/opt/app/project-*,... - ``` - - A temporary workaround is available (starting from open-vm-tools 12.3.0) for system administrators to quickly allow a quiescing operation to succeed until the "excludedFileSystems" list can be configured. Note, if another process thaws the file system while a quiescing snapshot operation is ongoing, the snapshot may be compromised. Once the "excludedFileSystems" list is configured this setting MUST be unset (or set to false). - - ``` - [vmbackup] - - ignoreFrozenFileSystems = true - ``` - - This workaround is provided in the source file changes in - - https://github.com/vmware/open-vm-tools/commit/60c3a80ddc2b400366ed05169e16a6bed6501da2 - - and at Linux vendors' discretion, may be backported to earlier versions of open-vm-tools. - -* **A number of Coverity reported issues have been addressed.** +* **This release resolves CVE-2023-34058.** -* **Component Manager / salt-minion: New InstallStatus "UNMANAGED".** + For more information on this vulnerability and its impact on VMware products, see https://www.vmware.com/security/advisories/VMSA-2023-0024.html. - Salt-minion added support for "ExternalInstall" (106) to indicate an older version of salt-minion is installed on the vm and cannot be managed by the svtminion.* scripts. The Component Manager will track that as "UNMANAGED" and take no action. + open-vm-tools contains a SAML token signature bypass vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.5 - CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H -* **The following pull requests and issues have been addressed** + A malicious actor that has been granted Guest Operation Privileges in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias. - * Add antrea and calico interface pattern to GUESTINFO_DEFAULT_IFACE_EXCLUDES + Note: While the description and known attack vectors are very similar to CVE-2023-20900, CVE-2023-34058 has a different root cause that must be addressed. - [Issue #638](https://github.com/vmware/open-vm-tools/issues/638) - [Pull request #639](https://github.com/vmware/open-vm-tools/pull/639) + A patch for earlier versions of open-vm-tools is available at [CVE-2023-34058.patch](https://github.com/vmware/open-vm-tools/blob/CVE-2023-34058.patch). - * Invalid argument with "\\" in Linux username (Active Directory user) +* **This release resolves CVE-2023-34059.** - [Issue #641](https://github.com/vmware/open-vm-tools/issues/641) + open-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.4. - CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H - * Improve POSIX guest identification + A malicious actor with non-root privileges may be able to hijack the /dev/uinput file descriptor allowing them to simulate user inputs. - [Issue #647](https://github.com/vmware/open-vm-tools/issues/647) - [Issue #648](https://github.com/vmware/open-vm-tools/issues/648) + A patch for earlier versions of open-vm-tools is available at [CVE-2023-34059.patch](https://github.com/vmware/open-vm-tools/blob/CVE-2023-34059.patch). - * Remove appUtil library which depends on deprecated "gdk-pixbuf-xlib" +* **The following github.com/vmware/open-vm-tools issue have been addressed** - [Issue #658](https://github.com/vmware/open-vm-tools/issues/658) + * Better cooperation between deployPkg plugin and cloud-init concerning location of 'disable_vmware_customization' flag. - * Fix build problems with grpc + [Issue #310](https://github.com/vmware/open-vm-tools/issues/310) - [Pull request #664](https://github.com/vmware/open-vm-tools/pull/664) - [Issue #676](https://github.com/vmware/open-vm-tools/issues/676) ## Known Issues From 1b362b9eb449fb5de3809aaea4a636ece30ee5b7 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 26 Oct 2023 08:39:15 -0700 Subject: [PATCH 055/375] ================================================= open-vm-tools 12.3.5 released at this point. ================================================= Update of the ChangeLog with the final changes in preparation for the open-vm-tools 12.3.5 release. --- open-vm-tools/ChangeLog | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/open-vm-tools/ChangeLog b/open-vm-tools/ChangeLog index 3951059a0..84a71d53a 100644 --- a/open-vm-tools/ChangeLog +++ b/open-vm-tools/ChangeLog @@ -1,3 +1,24 @@ +commit 6acd1f6742a8fc0dea9cabf7ba15416a2daf5075 +Author: Katy Feng +Date: Thu Oct 26 08:35:59 2023 -0700 + + Update the ReleaseNotes.md for the 12.3.5 open-vm-tools release. + +commit d5a0ca16b64730507735281012bc3a4660c5b46c +Author: Katy Feng +Date: Wed Oct 25 11:13:15 2023 -0700 + + Prepare for the open-vm-tools 12.3.5 release. + - Update the tools version in the configure.ac. + - Update the build numbers in the buldNumber.h. + +commit ca8bde40e2bb2e03b5f3a38530f6be0d4b19de34 +Author: Katy Feng +Date: Tue Oct 17 15:31:51 2023 -0700 + + Update the ChangeLog file with the changes in the 12.3.5 open-vm-tools release. + - plus the 12.3.0 open-vm-tools release point in the ChangeLog. + commit 1bfe23d728b74e08f4f65cd9b0093ca73937003a Author: Katy Feng Date: Tue Oct 17 15:24:48 2023 -0700 From 92cc832c4493c272cb9227a87f68a9ae0cf18fec Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Mon, 13 Nov 2023 12:07:33 -0800 Subject: [PATCH 056/375] Checking flag 'disable_vmware_customization' in more cloud-init config files Currently, the deployPkg plugin checks the existence of the flag 'disable_vmware_customization: false' in the /etc/cloud/cloud.cfg file to determine whether VMware customization is enabled on cloud-init side when cloud-init is available in guest. Instead, keep local settings, such as this flag, in config files under the /etc/cloud/cloud.cfg.d directory, for example: /etc/cloud/cloud.cfg.d/somefile.cfg This change implements the following adjustments to make sure this flag is handled the same way as cloud-init does in ds-identify and Datasource: 1. Instead of regex matching flag 'disable_vmware_customization: false', check the value of flag 'disable_vmware_customization': If the value is 'false', it means VMware customization is enabled. If the value is 'true', it means VMware customization is disabled. If the flag is not set, by default VMware customization is disabled on cloud-init side. 2. Besides cloud-init /etc/cloud/cloud.cfg file, also check all .cfg files under /etc/cloud/cloud.cfg.d directory. 3. The value of flag 'disable_vmware_customization' in .cfg files under /etc/cloud/cloud.cfg.d directory will overwrite the one in the /etc/cloud/cloud.cfg file. 4. The value of flag 'disable_vmware_customization' in a .cfg file listed further down in alphabetical order under the /etc/cloud/cloud.cfg.d directory will overwrite the value in a .cfg file listed earier. 5. If a cloud-init config file contains more than one instance of this flag, the value of the later flag will overwrite the former one. Github Issue: https://github.com/vmware/open-vm-tools/issues/310 --- open-vm-tools/libDeployPkg/linuxDeployment.c | 5 +- .../libDeployPkg/linuxDeploymentUtilities.c | 220 ++++++++++++++---- .../libDeployPkg/linuxDeploymentUtilities.h | 4 +- 3 files changed, 180 insertions(+), 49 deletions(-) diff --git a/open-vm-tools/libDeployPkg/linuxDeployment.c b/open-vm-tools/libDeployPkg/linuxDeployment.c index 0faaaf8b8..4ddf3477a 100644 --- a/open-vm-tools/libDeployPkg/linuxDeployment.c +++ b/open-vm-tools/libDeployPkg/linuxDeployment.c @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (c) 2006-2022 VMware, Inc. All rights reserved. + * Copyright (c) 2006-2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -1236,7 +1236,6 @@ UseCloudInitWorkflow(const char* dirPath, bool ignoreCloudInit) { static const char cfgName[] = "cust.cfg"; static const char metadataName[] = "metadata"; - static const char cloudInitConfigFilePath[] = "/etc/cloud/cloud.cfg"; static const char cloudInitCommand[] = "/usr/bin/cloud-init -v"; char cloudInitCommandOutput[MAX_LENGTH_CLOUDINIT_VERSION]; int forkExecResult; @@ -1288,7 +1287,7 @@ UseCloudInitWorkflow(const char* dirPath, bool ignoreCloudInit) return USE_CLOUDINIT_OK; } } else { - if (IsCloudInitEnabled(cloudInitConfigFilePath)) { + if (IsCloudInitCustomizationEnabled()) { return USE_CLOUDINIT_OK; } else { return USE_CLOUDINIT_DISABLED; diff --git a/open-vm-tools/libDeployPkg/linuxDeploymentUtilities.c b/open-vm-tools/libDeployPkg/linuxDeploymentUtilities.c index 8de2f7f00..61ccd54d3 100644 --- a/open-vm-tools/libDeployPkg/linuxDeploymentUtilities.c +++ b/open-vm-tools/libDeployPkg/linuxDeploymentUtilities.c @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (C) 2016-2019 VMware, Inc. All rights reserved. + * Copyright (c) 2016-2019, 2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -18,70 +18,99 @@ #include #include +#include #include #include #include #include #include "linuxDeploymentUtilities.h" +#include "str.h" extern LogFunction sLog; +// The status code of flag 'disable_vmware_customization' +typedef enum DISABLE_VMWARE_CUSTIOMIZATION_FLAG_STATUS_CODE { + DISABLE_VMWARE_CUSTOMIZATION_FLAG_UNSET = 0, + DISABLE_VMWARE_CUSTOMIZATION_FLAG_SET_TRUE, + DISABLE_VMWARE_CUSTOMIZATION_FLAG_SET_FALSE, +} DISABLE_VMWARE_CUSTIOMIZATION_FLAG_STATUS_CODE; + +// Private functions +static DISABLE_VMWARE_CUSTIOMIZATION_FLAG_STATUS_CODE +GetDisableVMwareCustomizationFlagStatus(const char* cloudInitConfigFilePath); +static int +FilterCfgExt(const struct dirent *dir); + /** *---------------------------------------------------------------------------- * - * IsCloudInitEnabled + * IsCloudInitCustomizationEnabled * - * Function to determine if cloud-init is enabled. + * Function to determine if cloud-init customization workflow is enabled. * Essentially it does - * - read a cloud-init config file - * - Find if a particular flag is enabled or disabled. + * - Read all cloud-init configuration files under /etc/cloud/cloud.cfg.d/ + * - Read the cloud-init configuration file /etc/cloud/cloud.cfg + * - Find if a particular flag is enabled or disabled + * - Particularly, the value of flag in files under /etc/cloud/cloud.cfg.d/ + * has higher priority than the one in file /etc/cloud/cloud.cfg, and the + * value of flag in file listed behind in alphabetical sort under + * /etc/cloud/cloud.cfg.d/ has higher priority than the one in file listed + * in front * - * @param [IN] cloudFilePath path of the cloud-init config file - * @returns TRUE if disable_vmware_customization is false and FALSE otherwise. + * @returns TRUE if value of the flag 'disable_vmware_customization' is false + * FALSE otherwise * *---------------------------------------------------------------------------- **/ bool -IsCloudInitEnabled(const char *cloudFilePath) +IsCloudInitCustomizationEnabled() { - bool isEnabled = false; - FILE *cloudFile; - char line[256]; - regex_t regex; - const char *cloudInitRegex = - "^\\s*disable_vmware_customization\\s*:\\s*false\\s*$"; - int reti; + DISABLE_VMWARE_CUSTIOMIZATION_FLAG_STATUS_CODE flagStatus = + DISABLE_VMWARE_CUSTOMIZATION_FLAG_UNSET; + static const char cloudInitBaseConfigFilePath[] = "/etc/cloud/cloud.cfg"; + static const char cloudInitConfigDirPath[] = "/etc/cloud/cloud.cfg.d/"; + struct dirent **fileList; + int i, fileCount; + size_t filePathLength; + char *filePath = NULL; - sLog(log_info, "Checking if cloud.cfg exists and if cloud-init is enabled."); - cloudFile = fopen(cloudFilePath, "r"); - if (cloudFile == NULL) { - sLog(log_info, "Could not open file: %s", strerror(errno)); - return isEnabled; - } - - reti = regcomp(®ex, cloudInitRegex, 0); - if (reti != 0) { - char buf[256]; - regerror(reti, ®ex, buf, sizeof(buf)); - sLog(log_error, "Error compiling regex for cloud-init flag: %s", buf); - goto done; - } - - while (fgets(line, sizeof(line), cloudFile) != NULL) { - if (regexec(®ex, line, 0, NULL, 0) == 0) { - isEnabled = true; - break; + sLog(log_info, "Checking if cloud-init customization is enabled."); + fileCount = + scandir(cloudInitConfigDirPath, &fileList, FilterCfgExt, alphasort); + if (fileCount < 0) { + sLog(log_warning, "Could not scan directory %s, error: %s.", + cloudInitConfigDirPath, strerror(errno)); + } else { + for (i = fileCount - 1; i >= 0; i--) { + filePathLength = Str_Strlen(cloudInitConfigDirPath, PATH_MAX) + + Str_Strlen(fileList[i]->d_name, FILENAME_MAX) + 1; + filePath = malloc(filePathLength); + if (filePath == NULL) { + sLog(log_warning, "Error allocating memory to copy '%s'.", + cloudInitConfigDirPath); + break; + } + Str_Strcpy(filePath, cloudInitConfigDirPath, filePathLength); + Str_Strcat(filePath, fileList[i]->d_name, filePathLength); + flagStatus = GetDisableVMwareCustomizationFlagStatus(filePath); + free(filePath); + filePath = NULL; + if (flagStatus != DISABLE_VMWARE_CUSTOMIZATION_FLAG_UNSET) { + break; + } + } + for (i = 0; i < fileCount; i++) { + free(fileList[i]); } } - if (ferror(cloudFile) != 0) { - sLog(log_warning, "Error reading file: %s", strerror(errno)); - isEnabled = false; + free(fileList); + + if (flagStatus == DISABLE_VMWARE_CUSTOMIZATION_FLAG_UNSET) { + flagStatus = + GetDisableVMwareCustomizationFlagStatus(cloudInitBaseConfigFilePath); } - regfree(®ex); -done: - fclose(cloudFile); - return isEnabled; + return (flagStatus == DISABLE_VMWARE_CUSTOMIZATION_FLAG_SET_FALSE); } /** @@ -113,7 +142,7 @@ GetCustomScript(const char* dirPath) sLog(log_info, "Check if custom script(pre/post customization) exists."); tempDir = opendir(dirPath); if (tempDir == NULL) { - sLog(log_warning, "Could not open directory %s: error: %s", dirPath, + sLog(log_warning, "Could not open directory %s: error: %s.", dirPath, strerror(errno)); return scriptName; } @@ -123,7 +152,7 @@ GetCustomScript(const char* dirPath) char buf[256]; regerror(regRet, &scriptRegex, buf, sizeof(buf)); - sLog(log_error, "Error compiling regex for custom script: %s", buf); + sLog(log_error, "Error compiling regex for custom script: %s.", buf); goto done; } @@ -131,7 +160,7 @@ GetCustomScript(const char* dirPath) if (regexec(&scriptRegex, dir->d_name, 0, NULL, 0) == 0) { scriptName = strdup(dir->d_name); if (scriptName == NULL) { - sLog(log_warning, "Could not allocate memory for scriptName: %s", + sLog(log_warning, "Could not allocate memory for scriptName: %s.", strerror(errno)); break; } @@ -145,3 +174,106 @@ GetCustomScript(const char* dirPath) return scriptName; } +/** + *---------------------------------------------------------------------------- + * + * GetDisableVMwareCustomizationFlagStatus + * + * Function to get status code of the flag 'disable_vmware_customization' from + * a cloud-init config file. + * Essentially it does + * - Read a cloud-init config file + * - Get status code of the flag according to its value + * + * @param [IN] cloudInitConfigFilePath path of a cloud-int config file + * @returns The status code of this particular flag + * + *---------------------------------------------------------------------------- + **/ +static DISABLE_VMWARE_CUSTIOMIZATION_FLAG_STATUS_CODE +GetDisableVMwareCustomizationFlagStatus(const char* cloudInitConfigFilePath) +{ + DISABLE_VMWARE_CUSTIOMIZATION_FLAG_STATUS_CODE flagStatus = + DISABLE_VMWARE_CUSTOMIZATION_FLAG_UNSET; + FILE *cloudInitConfigFile; + char line[256]; + regex_t regex; + size_t maxGroups = 2, flagValueLength = 0; + regmatch_t groupArray[maxGroups]; + const char *flagPattern = + "^\\s*disable_vmware_customization\\s*:\\s*(true|false)\\s*$"; + int reti; + + cloudInitConfigFile = fopen(cloudInitConfigFilePath, "r"); + if (cloudInitConfigFile == NULL) { + sLog(log_warning, "Could not open file: %s.", strerror(errno)); + return flagStatus; + } + + reti = regcomp(®ex, flagPattern, REG_EXTENDED); + if (reti != 0) { + char buf[256]; + regerror(reti, ®ex, buf, sizeof(buf)); + sLog(log_error, "Error compiling regex for cloud-init flag: %s.", buf); + goto done; + } + + while (fgets(line, sizeof(line), cloudInitConfigFile) != NULL) { + if (regexec(®ex, line, maxGroups, groupArray, 0) == 0) { + flagValueLength = groupArray[1].rm_eo - groupArray[1].rm_so; + if (flagValueLength > 0) { + char flagValue[flagValueLength + 1]; + Str_Strncpy(flagValue, flagValueLength + 1, + line + groupArray[1].rm_so, flagValueLength); + sLog(log_info, + "Flag 'disable_vmware_customization' set in %s with value: %s.", + cloudInitConfigFilePath, flagValue); + if (Str_Strequal(flagValue, "false")) { + flagStatus = DISABLE_VMWARE_CUSTOMIZATION_FLAG_SET_FALSE; + } else if (Str_Strequal(flagValue, "true")) { + flagStatus = DISABLE_VMWARE_CUSTOMIZATION_FLAG_SET_TRUE; + } + } + } + } + if (ferror(cloudInitConfigFile) != 0) { + sLog(log_warning, "Error reading file: %s.", strerror(errno)); + flagStatus = DISABLE_VMWARE_CUSTOMIZATION_FLAG_UNSET; + } + regfree(®ex); + +done: + fclose(cloudInitConfigFile); + return flagStatus; +} + +/** + *----------------------------------------------------------------------------- + * + * FilterCfgExt + * + * Filter files with .cfg extension when calling scandir. + * + * @param [IN] dir struct dirent of a directory entry + * @returns 1 if dir is a regular file and its file extension is .cfg + * 0 otherwise + * + * ---------------------------------------------------------------------------- + **/ +static int +FilterCfgExt(const struct dirent *dir) +{ + if (!dir) + return 0; + + if (dir->d_type == DT_REG) { + const char *ext = Str_Strrchr(dir->d_name, '.'); + if ((!ext) || (ext == dir->d_name)) { + return 0; + } else if (Str_Strequal(ext, ".cfg")) { + return 1; + } + } + + return 0; +} diff --git a/open-vm-tools/libDeployPkg/linuxDeploymentUtilities.h b/open-vm-tools/libDeployPkg/linuxDeploymentUtilities.h index 80ab04ef0..b461e4bcf 100644 --- a/open-vm-tools/libDeployPkg/linuxDeploymentUtilities.h +++ b/open-vm-tools/libDeployPkg/linuxDeploymentUtilities.h @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (C) 2016-2019 VMware, Inc. All rights reserved. + * Copyright (c) 2016-2019, 2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -24,7 +24,7 @@ #include "imgcust-common/imgcust-api.h" IMGCUST_API bool -IsCloudInitEnabled(const char* configFile); +IsCloudInitCustomizationEnabled(); IMGCUST_API char * GetCustomScript(const char* dirPath); From b4b5483324bd241a1895e080489383ed59335117 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Mon, 13 Nov 2023 12:07:33 -0800 Subject: [PATCH 057/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_product_versions.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/open-vm-tools/lib/include/vm_product_versions.h b/open-vm-tools/lib/include/vm_product_versions.h index bbe72bf5d..fd513f9a4 100644 --- a/open-vm-tools/lib/include/vm_product_versions.h +++ b/open-vm-tools/lib/include/vm_product_versions.h @@ -355,11 +355,11 @@ //#define VDDK_FILE_VERSION gVddkFileVersion //MARKER_FAST_UNCOMMENT_END -#define OVFTOOL_VERSION "4.6.2" +#define OVFTOOL_VERSION "4.6.3" #define VCSA_INSTALLER_VERSION "1.0.0" //MARKER_FAST_REMOVE_START -#define OVFTOOL_FILE_VERSION 4,6,2,PRODUCT_BUILD_NUMBER_NUMERIC +#define OVFTOOL_FILE_VERSION 4,6,3,PRODUCT_BUILD_NUMBER_NUMERIC //MARKER_FAST_REMOVE_END //MARKER_FAST_UNCOMMENT_START //#define OVFTOOL_FILE_VERSION gOvftoolFileVersion From e60562e9409f81541281c452af5f8426a1cc1df2 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Mon, 13 Nov 2023 12:07:33 -0800 Subject: [PATCH 058/375] Change to common header file not applicable to open-vm-tools. --- .../lib/include/vm_product_versions.h | 22 +++++++++---------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/open-vm-tools/lib/include/vm_product_versions.h b/open-vm-tools/lib/include/vm_product_versions.h index fd513f9a4..8373bd336 100644 --- a/open-vm-tools/lib/include/vm_product_versions.h +++ b/open-vm-tools/lib/include/vm_product_versions.h @@ -81,7 +81,7 @@ #define PRODUCT_VERSION 1,1,5,PRODUCT_BUILD_NUMBER_NUMERIC #elif defined(VMX86_VPX) /* this should be kept in sync with the corresponding vpx branch. */ - #define PRODUCT_VERSION 8,0,2,PRODUCT_BUILD_NUMBER_NUMERIC + #define PRODUCT_VERSION 8,0,3,PRODUCT_BUILD_NUMBER_NUMERIC #elif defined(VMX86_HORIZON_VIEW) #define PRODUCT_VERSION 8,12,0,PRODUCT_BUILD_NUMBER_NUMERIC // VMX86_DESKTOP must be last because it is the default and is always defined. @@ -184,7 +184,7 @@ */ #define ESX_VERSION_MAJOR "8" #define ESX_VERSION_MINOR "0" -#define ESX_VERSION_MAINT "2" // 0 = Pre-release/GA, 2 = Update 2 +#define ESX_VERSION_MAINT "3" // 0 = Pre-release/GA, 3 = Update 3 #define ESX_VERSION_UPDATE ESX_VERSION_MAINT // ESX's own update level #define ESX_VERSION ESX_VERSION_MAJOR "." ESX_VERSION_MINOR "." \ @@ -239,7 +239,7 @@ */ #define FUSION_VERSION "e.x.p" -#define VIM_VERSION "8.0.2" +#define VIM_VERSION "8.0.3" /* *For smooth version bump up for quaterly releases, we need to have a fallback *mechanism to previous version in all those components which perform version @@ -269,15 +269,15 @@ 6.0.0,\ 6.5.0" // Put VPX_VERSION first, because vpx/make/defs.mk doesn't check for suffix. -#define VPX_VERSION "8.0.2" +#define VPX_VERSION "8.0.3" #define VPX_VERSION_MAJOR "8" #define VPX_VERSION_MINOR "0" -#define VPX_VERSION_MAINT "2" +#define VPX_VERSION_MAINT "3" #define VPX_VERSION_PATCH "00000" #define VPX_VERSION_THIRD_PARTY VPX_VERSION_MAJOR VPX_VERSION_MINOR \ VPX_VERSION_MAINT //MARKER_FAST_REMOVE_START -#define VPX_VERSION_NUMERIC 8,0,2,PRODUCT_BUILD_NUMBER_NUMERIC +#define VPX_VERSION_NUMERIC 8,0,3,PRODUCT_BUILD_NUMBER_NUMERIC //MARKER_FAST_REMOVE_END //MARKER_FAST_UNCOMMENT_START //#define VPX_VERSION_NUMERIC gVpxVersionNumeric @@ -287,14 +287,14 @@ #define VPX_MIN_HOST_VERSION "6.7.0" #define MAX_SUPPORTED_VI_VERSION "6.6" //from ovfTool/src/supportedVersions.h -#define VCDB_CURRENT_SCHEMA_VERSION 802 // from PitCADatabase.h +#define VCDB_CURRENT_SCHEMA_VERSION 803 // from PitCADatabase.h #define VPX_RELEASE_UPDATE "0" /* 0 = Pre-release/GA, 1 = Update 1 */ #define VPX_RELEASE_PATCH "0" /* 0 = experimental */ #define VPX_RELEASE VPX_RELEASE_UPDATE "." VPX_RELEASE_PATCH /* expected database version for current release */ -#define VPXD_VDB_DB_VERSION_ID 802 +#define VPXD_VDB_DB_VERSION_ID 803 #define VPXD_VDB_DB_VERSION_VALUE "VirtualCenter Database 8.0" /* @@ -315,7 +315,7 @@ #define HORIZONOSOT_VERSION "1.2.2303" #define HORIZONVMDS_VERSION "1.0.0" -#define INTEGRITY_VERSION "8.0.2" /* Should use VPX_VERSION? */ +#define INTEGRITY_VERSION "8.0.3" /* Should use VPX_VERSION? */ #define SVA_VERSION "1.0.0" #define SSO_VERSION "1.0.0" #define SDK_VERSION "4.1.0" @@ -342,10 +342,10 @@ //#define NETDUMP_FILE_VERSION gNetdumpFileVersion //MARKER_FAST_UNCOMMENT_END -#define VDDK_VERSION "8.0.2" +#define VDDK_VERSION "8.0.3" #define VDDK_VERSION_MAJOR 8 #define VDDK_VERSION_MINOR 0 -#define VDDK_VERSION_MAINT 2 +#define VDDK_VERSION_MAINT 3 //MARKER_FAST_REMOVE_START #define VDDK_FILE_VERSION VDDK_VERSION_MAJOR,VDDK_VERSION_MINOR,\ From fdb122f3e196835e97d2828fd77580d4f7bedb1a Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Mon, 13 Nov 2023 12:07:33 -0800 Subject: [PATCH 059/375] Suppress optional arg to backup scripts when empty string. Backup scripts can be called with an optional argument. Don't pass the optional arg to the script if it's an empty string. --- open-vm-tools/services/plugins/vmbackup/scriptOps.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/open-vm-tools/services/plugins/vmbackup/scriptOps.c b/open-vm-tools/services/plugins/vmbackup/scriptOps.c index 2dc4eb664..2dbf9bf06 100644 --- a/open-vm-tools/services/plugins/vmbackup/scriptOps.c +++ b/open-vm-tools/services/plugins/vmbackup/scriptOps.c @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (C) 2007-2019, 2021 VMware, Inc. All rights reserved. + * Copyright (c) 2007-2019, 2021, 2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -157,7 +157,7 @@ VmBackupRunNextScript(VmBackupScriptOp *op) // IN/OUT if (File_IsFile(scripts[index].path)) { char *cmd; - if (op->state->scriptArg != NULL) { + if (op->state->scriptArg != NULL && op->state->scriptArg[0] != '\0') { cmd = Str_Asprintf(NULL, "\"%s\" %s \"%s\"", scripts[index].path, scriptOp, op->state->scriptArg); } else { From e9cab85bc079a3b5b0cc9f154a0aa90946314c72 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Mon, 13 Nov 2023 12:07:33 -0800 Subject: [PATCH 060/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/x86cpuid.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/open-vm-tools/lib/include/x86cpuid.h b/open-vm-tools/lib/include/x86cpuid.h index 8bf9dc4e8..83d5c3b17 100644 --- a/open-vm-tools/lib/include/x86cpuid.h +++ b/open-vm-tools/lib/include/x86cpuid.h @@ -1423,7 +1423,7 @@ FLAG( 81F, 0, EAX, 1, 1, SEV, YES, 17 ) \ FLAG( 81F, 0, EAX, 2, 1, PAGE_FLUSH_MSR, NO, 0 ) \ FLAG( 81F, 0, EAX, 3, 1, SEV_ES, YES, 17 ) \ FLAG( 81F, 0, EAX, 4, 1, SEV_SNP, NO, 0 ) \ -FLAG( 81F, 0, EAX, 5, 1, VMPL, NO, 0 ) \ +FLAG( 81F, 0, EAX, 5, 1, VMPL, YES, FUT ) \ FLAG( 81F, 0, EAX, 6, 1, RMPQUERY, NO, 0 ) \ FLAG( 81F, 0, EAX, 7, 1, VMPL_SSS, NO, 0 ) \ FLAG( 81F, 0, EAX, 8, 1, SECURE_TSC, NO, 0 ) \ @@ -1441,7 +1441,7 @@ FLAG( 81F, 0, EAX, 19, 1, SEV_IBS_VIRT, NO, 0 ) \ FLAG( 81F, 0, EAX, 24, 1, VMSA_REG_PROT, NO, 0 ) \ FIELD(81F, 0, EBX, 0, 6, SME_PAGE_TABLE_BIT_NUM, YES, 17 ) \ FIELD(81F, 0, EBX, 6, 6, SME_PHYS_ADDR_SPACE_REDUCTION, NO, 0 ) \ -FIELD(81F, 0, EBX, 12, 4, NUM_VMPL, NO, 0 ) \ +FIELD(81F, 0, EBX, 12, 4, NUM_VMPL, YES, FUT ) \ FIELD(81F, 0, ECX, 0, 32, NUM_ENCRYPTED_GUESTS, NO, 0 ) \ FIELD(81F, 0, EDX, 0, 32, SEV_MIN_ASID, NO, 0 ) From fa2b47d9a4d0f27be5a5172c5d0eb6f197fca596 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Mon, 13 Nov 2023 12:07:33 -0800 Subject: [PATCH 061/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_product_versions.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/open-vm-tools/lib/include/vm_product_versions.h b/open-vm-tools/lib/include/vm_product_versions.h index 8373bd336..2e3811dd0 100644 --- a/open-vm-tools/lib/include/vm_product_versions.h +++ b/open-vm-tools/lib/include/vm_product_versions.h @@ -531,7 +531,7 @@ # define PRODUCT_LICENSE_VERSION PRODUCT_FLEX_VERSION_STRING_FOR_LICENSE # elif defined(VMX86_VPX) # define PRODUCT_LICENSE_VERSION "8.0" -# define PRODUCT_LICENSE_FILE_VERSION "8.0.3.0" +# define PRODUCT_LICENSE_FILE_VERSION "8.0.4.0" # elif defined(VMX86_SDK) # define PRODUCT_LICENSE_VERSION "1.0" # elif defined(VMX86_P2V) @@ -549,7 +549,7 @@ # define PRODUCT_VERSION_STRING_FOR_LICENSE PRODUCT_LICENSE_VERSION #endif #define PRODUCT_ESX_LICENSE_VERSION "8.0" -#define PRODUCT_ESX_LICENSE_FILE_VERSION "8.0.3.0" +#define PRODUCT_ESX_LICENSE_FILE_VERSION "8.0.4.0" /* * The configuration file version string should be changed From cdbc0b2bee9d771ab3c3312abe737cabecf4bfc8 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Mon, 13 Nov 2023 12:07:33 -0800 Subject: [PATCH 062/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_atomic.h | 75 +++++++++++++++++++-------- 1 file changed, 53 insertions(+), 22 deletions(-) diff --git a/open-vm-tools/lib/include/vm_atomic.h b/open-vm-tools/lib/include/vm_atomic.h index 6337e49d9..622fbca88 100644 --- a/open-vm-tools/lib/include/vm_atomic.h +++ b/open-vm-tools/lib/include/vm_atomic.h @@ -183,6 +183,32 @@ typedef ALIGNED(16) struct Atomic_uint128 { #define dmb() __asm__ __volatile__("dmb" : : : "memory") #endif +/* + * Whether GCC flags output operands are supported. + * If building with GCC 6+ on x86, and 10+ on arm, flags output is supported. + * Some pieces are still built with GCC 4, which doesn't support flag outputs. + * Also support was added for x86 before ARM / AARCH64. + */ +#ifdef __GCC_ASM_FLAG_OUTPUTS__ +/* + * The above check should be sufficient to see whether the current compiler + * supports GCC style assembly flag outputs, but just in case print a debug + * message if it looks like we're being compiled with an older version of + * GCC before assembly flag outputs was added. + */ +#if defined(VM_X86_ANY) && __GNUC__ < 6 + #pragma message "GCC < 6 claims to support x86 asm flag outputs" +#elif defined(VM_ARM_ANY) && __GNUC__ < 10 + #pragma message "GCC < 10 claims to support ARM asm flag outputs" +#endif + +#define IF_ASM_FLAG_OUTPUT(supportedValue, fallbackValue) supportedValue + +#else /* older gcc (or not gcc), flags output is not supported */ +#define IF_ASM_FLAG_OUTPUT(supportedValue, fallbackValue) fallbackValue + +#endif + /* Convert a volatile uint32 to Atomic_uint32. */ static INLINE Atomic_uint32 * @@ -1997,10 +2023,10 @@ Atomic_CMPXCHG64(Atomic_uint64 *var, // IN/OUT #if defined __x86_64__ uint64 dummy; __asm__ __volatile__( - "lock; cmpxchgq %3, %0" "\n\t" - "sete %1" + "lock; cmpxchgq %3, %0" + IF_ASM_FLAG_OUTPUT("", "\n\t" "sete %1") : "+m" (*var), - "=qm" (equal), + IF_ASM_FLAG_OUTPUT("=@cce", "=qm") (equal), "=a" (dummy) : "r" (newVal), "2" (oldVal) @@ -2042,9 +2068,9 @@ Atomic_CMPXCHG64(Atomic_uint64 *var, // IN/OUT __asm__ __volatile__( "xchgl %%ebx, %6" "\n\t" "lock; cmpxchg8b (%3)" "\n\t" - "xchgl %%ebx, %6" "\n\t" - "sete %0" - : "=qm" (equal), + "xchgl %%ebx, %6" + IF_ASM_FLAG_OUTPUT("", "\n\t" "sete %0") + : IF_ASM_FLAG_OUTPUT("=@cce", "=qm") (equal), "=a" (dummy1), "=d" (dummy2) : /* @@ -2064,10 +2090,10 @@ Atomic_CMPXCHG64(Atomic_uint64 *var, // IN/OUT ); # else __asm__ __volatile__( - "lock; cmpxchg8b %0" "\n\t" - "sete %1" + "lock; cmpxchg8b %0" + IF_ASM_FLAG_OUTPUT("", "\n\t" "sete %1") : "+m" (*var), - "=qm" (equal), + IF_ASM_FLAG_OUTPUT("=@cce", "=qm") (equal), "=a" (dummy1), "=d" (dummy2) : "2" (((S_uint64 *)&oldVal)->lowValue), @@ -2123,10 +2149,10 @@ Atomic_CMPXCHG32(Atomic_uint32 *var, // IN/OUT uint32 dummy; __asm__ __volatile__( - "lock; cmpxchgl %3, %0" "\n\t" - "sete %1" + "lock; cmpxchgl %3, %0" + IF_ASM_FLAG_OUTPUT("", "\n\t" "sete %1") : "+m" (*var), - "=qm" (equal), + IF_ASM_FLAG_OUTPUT("=@cce", "=qm") (equal), "=a" (dummy) : "r" (newVal), "2" (oldVal) @@ -2885,8 +2911,9 @@ Atomic_TestBit64(Atomic_uint64 *var, // IN ASSERT(bit <= 63); #if defined __x86_64__ && defined __GNUC__ __asm__ __volatile__( - "btq %2, %1; setc %0" - : "=rm"(out) + "btq %2, %1" + IF_ASM_FLAG_OUTPUT("", "\n\t" "setc %0") + : IF_ASM_FLAG_OUTPUT("=@ccc", "=rm") (out) : "m" (var->value), "rJ" ((uint64)bit) : "cc" @@ -2923,8 +2950,10 @@ Atomic_TestSetBit64(Atomic_uint64 *var, // IN/OUT Bool out; ASSERT(bit <= 63); __asm__ __volatile__( - "lock; btsq %2, %1; setc %0" - : "=rm" (out), "+m" (var->value) + "lock; btsq %2, %1" + IF_ASM_FLAG_OUTPUT("", "\n\t" "setc %0") + : IF_ASM_FLAG_OUTPUT("=@ccc", "=rm") (out), + "+m" (var->value) : "rJ" ((uint64)bit) : "cc", "memory" ); @@ -3941,9 +3970,10 @@ Atomic_TestSetBitVector(Atomic_uint8 *var, // IN/OUT #if defined __x86_64__ && defined __GNUC__ Bool bit; __asm__ __volatile__( - "lock; bts %2, %1;" - "setc %0" - : "=qQm" (bit), "+m" (var->value) + "lock; bts %2, %1" + IF_ASM_FLAG_OUTPUT("", "\n\t" "setc %0") + : IF_ASM_FLAG_OUTPUT("=@ccc", "=qQm") (bit), + "+m" (var->value) : "rI" (index) : "cc", "memory" ); @@ -3980,9 +4010,10 @@ Atomic_TestClearBitVector(Atomic_uint8 *var, // IN/OUT #if defined __x86_64__ && defined __GNUC__ Bool bit; __asm__ __volatile__( - "lock; btr %2, %1;" - "setc %0" - : "=qQm" (bit), "+m" (var->value) + "lock; btr %2, %1" + IF_ASM_FLAG_OUTPUT("", "\n\t" "setc %0") + : IF_ASM_FLAG_OUTPUT("=@ccc", "=qQm") (bit), + "+m" (var->value) : "rI" (index) : "cc", "memory" ); From c10d8436ff4137dbd66b17d12ffe1be7e00a1f2d Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Mon, 13 Nov 2023 12:07:33 -0800 Subject: [PATCH 063/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/log.h | 3 +++ 1 file changed, 3 insertions(+) diff --git a/open-vm-tools/lib/include/log.h b/open-vm-tools/lib/include/log.h index 765665268..beb59ec15 100644 --- a/open-vm-tools/lib/include/log.h +++ b/open-vm-tools/lib/include/log.h @@ -355,6 +355,9 @@ Log_GetLogLevel(uint32 group); uint32 Log_LookupGroupNumber(const char *groupName); +Bool +Log_ValidateGroupNumber(uint32 group); + LogOutput * Log_NewStdioOutput(const char *appPrefix, struct Dictionary *params, From 0546037841f16e8fe4148c8434e2b02cb2b0a6dd Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Mon, 13 Nov 2023 12:07:34 -0800 Subject: [PATCH 064/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/log.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/open-vm-tools/lib/include/log.h b/open-vm-tools/lib/include/log.h index beb59ec15..725330bd4 100644 --- a/open-vm-tools/lib/include/log.h +++ b/open-vm-tools/lib/include/log.h @@ -352,11 +352,11 @@ Log_SetLogLevel(uint32 group, int32 Log_GetLogLevel(uint32 group); -uint32 +int32 Log_LookupGroupNumber(const char *groupName); -Bool -Log_ValidateGroupNumber(uint32 group); +const char * +Log_LookupGroupName(uint32 group); LogOutput * Log_NewStdioOutput(const char *appPrefix, From fd4c58055253ba80d84a17778d9f2e93d117350e Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Mon, 13 Nov 2023 12:07:34 -0800 Subject: [PATCH 065/375] Don't accept tokens with unrelated certs If a SAML token has a cert that's not a part of a chain, fail the token as invalid. --- open-vm-tools/vgauth/common/certverify.c | 147 +++++++++++++++++- open-vm-tools/vgauth/common/certverify.h | 6 +- open-vm-tools/vgauth/common/prefs.h | 4 +- .../vgauth/serviceImpl/saml-xmlsec1.c | 14 ++ 4 files changed, 168 insertions(+), 3 deletions(-) diff --git a/open-vm-tools/vgauth/common/certverify.c b/open-vm-tools/vgauth/common/certverify.c index 0ed78edb0..845f59b91 100644 --- a/open-vm-tools/vgauth/common/certverify.c +++ b/open-vm-tools/vgauth/common/certverify.c @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (c) 2011-2016, 2018-2019, 2021-2022 VMware, Inc. All rights reserved. + * Copyright (c) 2011-2016, 2018-2019, 2021-2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -914,3 +914,148 @@ CertVerify_CheckSignature(VGAuthHashAlg hash, return err; } + + +/* + * Finds a cert with a subject (if checkSubj is set) or issuer (if + * checkSUbj is unset), matching 'val' in the list + * of certs. Returns a match or NULL. + */ + +static X509 * +FindCert(GList *cList, + X509_NAME *val, + int checkSubj) +{ + GList *l; + X509 *c; + X509_NAME *v; + + l = cList; + while (l != NULL) { + c = (X509 *) l->data; + if (checkSubj) { + v = X509_get_subject_name(c); + } else { + v = X509_get_issuer_name(c); + } + if (X509_NAME_cmp(val, v) == 0) { + return c; + } + l = l->next; + } + return NULL; +} + + +/* + ****************************************************************************** + * CertVerify_CheckForUnrelatedCerts -- */ /** + * + * Looks over a list of certs. If it finds that they are not all + * part of the same chain, returns failure. + * + * @param[in] numCerts The number of certs in the chain. + * @param[in] pemCerts The chain of certificates to verify. + * + * @return VGAUTH_E_OK on success, VGAUTH_E_FAIL if unrelated certs are found. + * + ****************************************************************************** + */ + +VGAuthError +CertVerify_CheckForUnrelatedCerts(int numCerts, + const char **pemCerts) +{ + VGAuthError err = VGAUTH_E_FAIL; + int chainLen = 0; + int i; + X509 **certs = NULL; + GList *rawList = NULL; + X509 *baseCert; + X509 *curCert; + X509_NAME *subject; + X509_NAME *issuer; + + /* common single cert case; nothing to do */ + if (numCerts == 1) { + return VGAUTH_E_OK; + } + + /* convert all PEM to X509 objects */ + certs = g_malloc0(numCerts * sizeof(X509 *)); + for (i = 0; i < numCerts; i++) { + certs[i] = CertStringToX509(pemCerts[i]); + if (NULL == certs[i]) { + g_warning("%s: failed to convert cert to X509\n", __FUNCTION__); + goto done; + } + } + + /* choose the cert to start the chain. shouldn't matter which */ + baseCert = certs[0]; + + /* put the rest into a list */ + for (i = 1; i < numCerts; i++) { + rawList = g_list_append(rawList, certs[i]); + } + + /* now chase down to a leaf, looking for certs the baseCert issued */ + subject = X509_get_subject_name(baseCert); + while ((curCert = FindCert(rawList, subject, 0)) != NULL) { + /* pull it from the list */ + rawList = g_list_remove(rawList, curCert); + /* set up the next find */ + subject = X509_get_subject_name(curCert); + } + + /* + * walk up to the root cert, by finding a cert where the + * issuer equals the subject of the current + */ + issuer = X509_get_issuer_name(baseCert); + while ((curCert = FindCert(rawList, issuer, 1)) != NULL) { + /* pull it from the list */ + rawList = g_list_remove(rawList, curCert); + /* set up the next find */ + issuer = X509_get_issuer_name(curCert); + } + + /* + * At this point, anything on the list should be certs that are not part + * of the chain that includes the original 'baseCert'. + * + * For a valid token, the list should be empty. + */ + chainLen = g_list_length(rawList); + if (chainLen != 0 ) { + GList *l; + + g_warning("%s: %d unrelated certs found in list\n", + __FUNCTION__, chainLen); + + /* debug helper */ + l = rawList; + while (l != NULL) { + X509* c = (X509 *) l->data; + char *s = X509_NAME_oneline(X509_get_subject_name(c), NULL, 0); + + g_debug("%s: unrelated cert subject: %s\n", __FUNCTION__, s); + free(s); + l = l->next; + } + + goto done; + } + + g_debug("%s: Success! no unrelated certs found\n", __FUNCTION__); + err = VGAUTH_E_OK; + +done: + g_list_free(rawList); + for (i = 0; i < numCerts; i++) { + X509_free(certs[i]); + } + g_free(certs); + return err; +} diff --git a/open-vm-tools/vgauth/common/certverify.h b/open-vm-tools/vgauth/common/certverify.h index d7c6410b6..89ec97a10 100644 --- a/open-vm-tools/vgauth/common/certverify.h +++ b/open-vm-tools/vgauth/common/certverify.h @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (C) 2011-2016, 2020 VMware, Inc. All rights reserved. + * Copyright (C) 2011-2016, 2020, 2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -67,6 +67,10 @@ VGAuthError CertVerify_CheckSignatureUsingCert(VGAuthHashAlg hash, size_t signatureLen, const unsigned char *signature); + +VGAuthError CertVerify_CheckForUnrelatedCerts(int numCerts, + const char **pemCerts); + gchar * CertVerify_StripPEMCert(const gchar *pemCert); gchar * CertVerify_CertToX509String(const gchar *pemCert); diff --git a/open-vm-tools/vgauth/common/prefs.h b/open-vm-tools/vgauth/common/prefs.h index ff116928c..6c58f3f4b 100644 --- a/open-vm-tools/vgauth/common/prefs.h +++ b/open-vm-tools/vgauth/common/prefs.h @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (C) 2011-2019 VMware, Inc. All rights reserved. + * Copyright (C) 2011-2019,2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -136,6 +136,8 @@ msgCatalog = /etc/vmware-tools/vgauth/messages #define VGAUTH_PREF_ALIASSTORE_DIR "aliasStoreDir" /** The number of seconds slack allowed in either direction in SAML token date checks. */ #define VGAUTH_PREF_CLOCK_SKEW_SECS "clockSkewAdjustment" +/** If unrelated certificates are allowed in a SAML token */ +#define VGAUTH_PREF_ALLOW_UNRELATED_CERTS "allowUnrelatedCerts" /** Ticket group name. */ #define VGAUTH_PREF_GROUP_NAME_TICKET "ticket" diff --git a/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c b/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c index 0cc4edbb4..f0b83f73d 100644 --- a/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c +++ b/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c @@ -76,6 +76,7 @@ */ static int gClockSkewAdjustment = VGAUTH_PREF_DEFAULT_CLOCK_SKEW_SECS; +static gboolean gAllowUnrelatedCerts = FALSE; static xmlSchemaPtr gParsedSchemas = NULL; static xmlSchemaValidCtxtPtr gSchemaValidateCtx = NULL; @@ -396,6 +397,10 @@ LoadPrefs(void) VGAUTH_PREF_DEFAULT_CLOCK_SKEW_SECS); Log("%s: Allowing %d of clock skew for SAML date validation\n", __FUNCTION__, gClockSkewAdjustment); + gAllowUnrelatedCerts = Pref_GetBool(gPrefs, + VGAUTH_PREF_ALLOW_UNRELATED_CERTS, + VGAUTH_PREF_GROUP_NAME_SERVICE, + FALSE); } @@ -1724,6 +1729,15 @@ SAML_VerifyBearerTokenAndChain(const char *xmlText, return VGAUTH_E_AUTHENTICATION_DENIED; } + if (!gAllowUnrelatedCerts) { + err = CertVerify_CheckForUnrelatedCerts(num, (const char **) certChain); + if (err != VGAUTH_E_OK) { + VMXLog_Log(VMXLOG_LEVEL_WARNING, + "Unrelated certs found in SAML token, failing\n"); + return VGAUTH_E_AUTHENTICATION_DENIED; + } + } + subj.type = SUBJECT_TYPE_NAMED; subj.name = *subjNameOut; err = ServiceVerifyAndCheckTrustCertChainForSubject(num, From f612000e31b788f3da054aae9d3f296447d00039 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Mon, 13 Nov 2023 12:07:34 -0800 Subject: [PATCH 066/375] File descriptor vulnerability in the open-vm-tools vmware-user-suid-wrapper on Linux Move the privilege drop logic (dropping privilege to the real uid and gid of the process for the vmusr service) from suidWrapper to vmtoolsd code. Now vmtoolsd is not executed with dropped privileges (started as setuid program) and the dumpable attribute of the process is not reset. Unprivileged users will not have access to the privileged file descriptors in the vmtoolsd vmusr process. Also, set the FD_CLOEXEC flag for both uinputFd and blockFd preventing those file descriptors from being inherited any further from vmtoolsd. --- open-vm-tools/services/vmtoolsd/mainPosix.c | 78 ++++++++++++++++++- open-vm-tools/vmware-user-suid-wrapper/main.c | 28 +------ 2 files changed, 81 insertions(+), 25 deletions(-) diff --git a/open-vm-tools/services/vmtoolsd/mainPosix.c b/open-vm-tools/services/vmtoolsd/mainPosix.c index fd2667cd5..6c52156bc 100644 --- a/open-vm-tools/services/vmtoolsd/mainPosix.c +++ b/open-vm-tools/services/vmtoolsd/mainPosix.c @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (c) 2008-2020,2022 VMware, Inc. All rights reserved. + * Copyright (c) 2008-2020,2022-2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -28,10 +28,12 @@ #include #include #include +#include #include #include "file.h" #include "guestApp.h" #include "hostinfo.h" +#include "su.h" #include "system.h" #include "unicode.h" #include "util.h" @@ -154,6 +156,59 @@ ToolsCoreWorkAroundLoop(ToolsServiceState *state, } +/** + * Tools function to set close-on-exec flg for the fd. + * + * @param[in] fd open file descriptor. + * + * @return TRUE on success, FALSE otherwise. + */ + +static gboolean +ToolsSetCloexecFlag(int fd) +{ + int flags; + + if (fd == -1) { + /* fd is not present, no need to manipulate */ + return TRUE; + } + + flags = fcntl(fd, F_GETFD, 0); + if (flags < 0) { + g_printerr("Couldn't get the flags set for fd %d, error %u.", fd, errno); + return FALSE; + } + flags |= FD_CLOEXEC; + if (fcntl(fd, F_SETFD, flags) < 0) { + g_printerr("Couldn't set close-on-exec for fd %d, error %u.", fd, errno); + return FALSE; + } + + return TRUE; +} + + +/** + * Tools function to close the fds. + */ + +static void +ToolsCloseFds(void) +{ + if (gState.ctx.blockFD != -1) { + close(gState.ctx.blockFD); + } + + /* + * uinputFD will be available only for wayland. + */ + if (gState.ctx.uinputFD != -1) { + close(gState.ctx.uinputFD); + } +} + + /** * Tools daemon entry function. * @@ -210,6 +265,27 @@ main(int argc, g_free(argvCopy); argvCopy = NULL; + /* + * Drops privilege to the real uid and gid of the process + * for the "vmusr" service. + */ + if (TOOLS_IS_USER_SERVICE(&gState)) { + uid_t uid = getuid(); + gid_t gid = getgid(); + + if ((Id_SetREUid(uid, uid) != 0) || + (Id_SetREGid(gid, gid) != 0)) { + g_printerr("could not drop privileges: %s", strerror(errno)); + ToolsCloseFds(); + goto exit; + } + if (!ToolsSetCloexecFlag(gState.ctx.blockFD) || + !ToolsSetCloexecFlag(gState.ctx.uinputFD)) { + ToolsCloseFds(); + goto exit; + } + } + if (gState.pidFile != NULL) { /* * If argv[0] is not an absolute path, make it so; all other path diff --git a/open-vm-tools/vmware-user-suid-wrapper/main.c b/open-vm-tools/vmware-user-suid-wrapper/main.c index e9d7e5084..73ae9b9bb 100644 --- a/open-vm-tools/vmware-user-suid-wrapper/main.c +++ b/open-vm-tools/vmware-user-suid-wrapper/main.c @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (C) 2007-2018 VMware, Inc. All rights reserved. + * Copyright (C) 2007-2018,2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -156,8 +156,7 @@ MaskSignals(void) * * Obtains the library directory from the Tools locations database, then * opens a file descriptor (while still root) to add and remove blocks, - * drops privilege to the real uid of this process, and finally starts - * vmware-user. + * and finally starts vmware-user. * * Results: * Parent: TRUE on success, FALSE on failure. @@ -173,8 +172,6 @@ static Bool StartVMwareUser(char *const envp[]) { pid_t pid; - uid_t uid; - gid_t gid; int blockFd = -1; char blockFdStr[8]; int uinputFd = -1; @@ -191,8 +188,8 @@ StartVMwareUser(char *const envp[]) } /* - * Now create a child process, obtain a file descriptor as root, downgrade - * privilege, and run vmware-user. + * Now create a child process, obtain a file descriptor as root and + * run vmware-user. */ pid = fork(); if (pid == -1) { @@ -229,23 +226,6 @@ StartVMwareUser(char *const envp[]) } } - uid = getuid(); - gid = getgid(); - - if ((setreuid(uid, uid) != 0) || - (setregid(gid, gid) != 0)) { - Error("could not drop privileges: %s\n", strerror(errno)); - if (blockFd != -1) { - close(blockFd); - } - if (useWayland) { - if (uinputFd != -1) { - close(uinputFd); - } - } - return FALSE; - } - /* * Since vmware-user provides features that don't depend on vmblock, we * invoke vmware-user even if we couldn't obtain a file descriptor or we From 34035501b125caadae9e0a9598f1e68bbe56282e Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Mon, 13 Nov 2023 12:07:34 -0800 Subject: [PATCH 067/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/x86cpuid.h | 3 +++ 1 file changed, 3 insertions(+) diff --git a/open-vm-tools/lib/include/x86cpuid.h b/open-vm-tools/lib/include/x86cpuid.h index 83d5c3b17..8b1f8b7f8 100644 --- a/open-vm-tools/lib/include/x86cpuid.h +++ b/open-vm-tools/lib/include/x86cpuid.h @@ -1439,6 +1439,9 @@ FLAG( 81F, 0, EAX, 17, 1, VMGEXIT_PARAMETER, NO, 0 ) \ FLAG( 81F, 0, EAX, 18, 1, VIRTUAL_MSR_TOM, NO, 0 ) \ FLAG( 81F, 0, EAX, 19, 1, SEV_IBS_VIRT, NO, 0 ) \ FLAG( 81F, 0, EAX, 24, 1, VMSA_REG_PROT, NO, 0 ) \ +FLAG( 81F, 0, EAX, 25, 1, SMT_PROTECTION, NO, 0 ) \ +FLAG( 81F, 0, EAX, 28, 1, SVSM_COMM_PAGE_MSR, NO, 0 ) \ +FLAG( 81F, 0, EAX, 29, 1, NESTED_VIRT_SNP_MSR, NO, 0 ) \ FIELD(81F, 0, EBX, 0, 6, SME_PAGE_TABLE_BIT_NUM, YES, 17 ) \ FIELD(81F, 0, EBX, 6, 6, SME_PHYS_ADDR_SPACE_REDUCTION, NO, 0 ) \ FIELD(81F, 0, EBX, 12, 4, NUM_VMPL, YES, FUT ) \ From e6937680a6ee85431799d956c521971113508dd2 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Mon, 13 Nov 2023 12:07:34 -0800 Subject: [PATCH 068/375] Change to common source file not applicable to open-vm-tools. --- open-vm-tools/lib/misc/hostinfoPosix.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/open-vm-tools/lib/misc/hostinfoPosix.c b/open-vm-tools/lib/misc/hostinfoPosix.c index 8b0fb629d..e764bd93e 100644 --- a/open-vm-tools/lib/misc/hostinfoPosix.c +++ b/open-vm-tools/lib/misc/hostinfoPosix.c @@ -1403,7 +1403,7 @@ static const ShortNameSet shortNameArray[] = { { "arklinux", STR_OS_ARKLINUX, HostinfoGenericSetShortName }, { "asianux", NULL, HostinfoSetAsianuxShortName }, { "aurox", STR_OS_AUROX, HostinfoGenericSetShortName }, -{ "bigcloud", NULL, HostinfoBCSetShortName }, +{ "bigcloud", NULL, HostinfoBCSetShortName }, /* Big Cloud must come before Red Hat Entry */ { "black cat", STR_OS_BLACKCAT, HostinfoGenericSetShortName }, { "centos", NULL, HostinfoSetCentosShortName }, From b7775db161d414bb1311a1eb120a7f8474d59aeb Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Mon, 13 Nov 2023 12:07:34 -0800 Subject: [PATCH 069/375] Change to common header file not applicable to open-vm-tools. --- .../modules/shared/vmxnet/vmxnet3_defs.h | 79 ++++++++++++++++++- 1 file changed, 75 insertions(+), 4 deletions(-) diff --git a/open-vm-tools/modules/shared/vmxnet/vmxnet3_defs.h b/open-vm-tools/modules/shared/vmxnet/vmxnet3_defs.h index 13a21b40b..b61766e4e 100644 --- a/open-vm-tools/modules/shared/vmxnet/vmxnet3_defs.h +++ b/open-vm-tools/modules/shared/vmxnet/vmxnet3_defs.h @@ -119,6 +119,8 @@ #define __le64 uint64 #endif +#define VMXNET3_PMC_PSEUDO_TSC 0x10003 + typedef enum { VMXNET3_CMD_FIRST_SET = 0xCAFE0000, VMXNET3_CMD_ACTIVATE_DEV = VMXNET3_CMD_FIRST_SET, @@ -163,6 +165,8 @@ typedef enum { VMXNET3_CMD_GET_RSS_HASH_FUNC, VMXNET3_CMD_GET_MAX_CAPABILITIES, VMXNET3_CMD_GET_DCR0_REG, + VMXNET3_CMD_GET_TSRING_DESC_SIZE, + VMXNET3_CMD_GET_DISABLED_OFFLOADS, } Vmxnet3_Cmd; /* Adaptive Ring Info Flags */ @@ -295,6 +299,30 @@ typedef struct Vmxnet3_RxDesc { } Vmxnet3_RxDesc; #pragma pack(pop) +#pragma pack(push, 1) +typedef struct Vmxnet3TSInfo { + uint64 tsData:56; + uint64 tsType:4; + uint64 tsi:1; //bit to indicate to set ts + uint64 pad:3; + uint64 pad2; +} Vmxnet3TSInfo; +#pragma pack(pop) + +#pragma pack(push, 1) +typedef struct Vmxnet3_TxTSDesc { + Vmxnet3TSInfo ts; + uint64 pad[14]; +} Vmxnet3_TxTSDesc; +#pragma pack(pop) + +#pragma pack(push, 1) +typedef struct Vmxnet3_RxTSDesc { + Vmxnet3TSInfo ts; + uint64 pad[14]; +} Vmxnet3_RxTSDesc; +#pragma pack(pop) + /* values of RXD.BTYPE */ #define VMXNET3_RXD_BTYPE_HEAD 0 /* head only */ #define VMXNET3_RXD_BTYPE_BODY 1 /* body only */ @@ -305,11 +333,12 @@ typedef struct Vmxnet3_RxDesc { #define VMXNET3_RCD_HDR_INNER_SHIFT 13 #define VMXNET3_RCD_RSS_INNER_SHIFT 12 +#define VMXNET3_RCD_TS_SHIFT 31 #pragma pack(push, 1) typedef struct Vmxnet3_RxCompDesc { #ifdef __BIG_ENDIAN_BITFIELD - uint32 ext2:1; + uint32 ext2:1; /* Packet is timestamped */ uint32 cnc:1; /* Checksum Not Calculated */ uint32 rssType:4; /* RSS hash type used */ uint32 rqID:10; /* rx queue/ring ID */ @@ -327,7 +356,7 @@ typedef struct Vmxnet3_RxCompDesc { uint32 rqID:10; /* rx queue/ring ID */ uint32 rssType:4; /* RSS hash type used */ uint32 cnc:1; /* Checksum Not Calculated */ - uint32 ext2:1; + uint32 ext2:1; /* Packet is timestamped */ #endif /* __BIG_ENDIAN_BITFIELD */ __le32 rssHash; /* RSS hash value */ @@ -477,6 +506,14 @@ typedef union Vmxnet3_GenericDesc { #define VMXNET3_TXDATA_DESC_SIZE_ALIGN 64 #define VMXNET3_TXDATA_DESC_SIZE_MASK (VMXNET3_TXDATA_DESC_SIZE_ALIGN - 1) +/* Rx TS Ring buffer size must be a multiple of 64 bytes */ +#define VMXNET3_RXTS_DESC_SIZE_ALIGN 64 +#define VMXNET3_RXTS_DESC_SIZE_MASK (VMXNET3_RXTS_DESC_SIZE_ALIGN - 1) + +/* Tx TS Ring buffer size must be a multiple of 64 bytes */ +#define VMXNET3_TXTS_DESC_SIZE_ALIGN 64 +#define VMXNET3_TXTS_DESC_SIZE_MASK (VMXNET3_TXTS_DESC_SIZE_ALIGN - 1) + /* Max ring size */ #define VMXNET3_TX_RING_MAX_SIZE 4096 #define VMXNET3_TC_RING_MAX_SIZE 4096 @@ -489,6 +526,9 @@ typedef union Vmxnet3_GenericDesc { #define VMXNET3_TXDATA_DESC_MIN_SIZE 128 #define VMXNET3_TXDATA_DESC_MAX_SIZE 2048 +#define VMXNET3_TXTS_DESC_MAX_SIZE 256 +#define VMXNET3_RXTS_DESC_MAX_SIZE 256 + /* a list of reasons for queue stop */ #define VMXNET3_ERR_NOEOP 0x80000000 /* cannot find the EOP desc of a pkt */ @@ -603,6 +643,31 @@ typedef struct Vmxnet3_RxQueueConf { } Vmxnet3_RxQueueConf; #pragma pack(pop) +#pragma pack(push, 1) +typedef struct Vmxnet3_LatencyConf { + uint16 sampleRate; + uint16 packetSize; + uint32 pad; +} Vmxnet3_LatencyConf; +#pragma pack(pop) + +#pragma pack(push, 1) +typedef struct Vmxnet3_TxQueueTSConf { + __le64 txTSRingBasePA; + __le16 txTSRingDescSize; /* size of tx timestamp ring buffer */ + uint16 pad[3]; + Vmxnet3_LatencyConf latencyConf; +} Vmxnet3_TxQueueTSConf; +#pragma pack(pop) + +#pragma pack(push, 1) +typedef struct Vmxnet3_RxQueueTSConf { + __le64 rxTSRingBasePA; + __le16 rxTSRingDescSize; /* size of rx timestamp ring buffer */ + uint16 pad[7]; +} Vmxnet3_RxQueueTSConf; +#pragma pack(pop) + enum vmxnet3_intr_mask_mode { VMXNET3_IMM_AUTO = 0, VMXNET3_IMM_ACTIVE = 1, @@ -920,7 +985,8 @@ typedef struct Vmxnet3_TxQueueDesc { /* Driver read after a GET command */ Vmxnet3_QueueStatus status; UPT1_TxStats stats; - uint8 _pad[88]; /* 128 aligned */ + Vmxnet3_TxQueueTSConf tsConf; + uint8 _pad[64]; /* 128 aligned */ } Vmxnet3_TxQueueDesc; #pragma pack(pop) @@ -931,7 +997,8 @@ typedef struct Vmxnet3_RxQueueDesc { /* Driver read after a GET command */ Vmxnet3_QueueStatus status; UPT1_RxStats stats; - uint8 _pad[88]; /* 128 aligned */ + Vmxnet3_RxQueueTSConf tsConf; + uint8 _pad[64]; /* 128 aligned */ } Vmxnet3_RxQueueDesc; #pragma pack(pop) @@ -1145,4 +1212,8 @@ do {\ /* when new capability is introduced, update VMXNET3_CAP_MAX */ #define VMXNET3_CAP_MAX VMXNET3_CAP_VERSION_8_MAX + +#define VMXNET3_OFFLOAD_TSO (1 << 0) +#define VMXNET3_OFFLOAD_LRO (1 << 1) + #endif /* _VMXNET3_DEFS_H_ */ From e7c2898e1a2b61948efd7bfd582a36a0e9363b3b Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Mon, 13 Nov 2023 12:07:34 -0800 Subject: [PATCH 070/375] Guest identification: Asianux Linux is now Miracle Linux The Asianux distro rebranded itself as Miracle Linux. Our infrastructure already knows about Asianux however the guest identification that runs in tools does not. Add the necessary aliasing code to the "in guest" code. --- open-vm-tools/lib/misc/hostinfoPosix.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/lib/misc/hostinfoPosix.c b/open-vm-tools/lib/misc/hostinfoPosix.c index e764bd93e..2fab24993 100644 --- a/open-vm-tools/lib/misc/hostinfoPosix.c +++ b/open-vm-tools/lib/misc/hostinfoPosix.c @@ -1079,7 +1079,7 @@ HostinfoSetAmazonShortName(const ShortNameSet *entry, // IN: Unused * * HostinfoSetAsianuxShortName -- * - * Set short name for the Asianux distro. + * Set short name for the Asianux (a.k.a. Miracle Linux) distro. * * Return value: * TRUE success @@ -1420,6 +1420,7 @@ static const ShortNameSet shortNameArray[] = { { "linux-ppc", STR_OS_LINUX_PPC, HostinfoGenericSetShortName }, { "mandrake", STR_OS_MANDRAKE, HostinfoGenericSetShortName }, { "mandriva", STR_OS_MANDRIVA, HostinfoGenericSetShortName }, +{ "miracle linux", NULL, HostinfoSetAsianuxShortName }, { "mklinux", STR_OS_MKLINUX, HostinfoGenericSetShortName }, { "opensuse", STR_OS_OPENSUSE, HostinfoGenericSetShortName }, { "oracle", NULL, HostinfoSetOracleShortName }, From beb027f7eccea977d00ef2a91da29e19ccc0a6d8 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Mon, 13 Nov 2023 12:07:34 -0800 Subject: [PATCH 071/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_basic_defs.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/open-vm-tools/lib/include/vm_basic_defs.h b/open-vm-tools/lib/include/vm_basic_defs.h index 9197cee0b..9f22e5120 100644 --- a/open-vm-tools/lib/include/vm_basic_defs.h +++ b/open-vm-tools/lib/include/vm_basic_defs.h @@ -592,9 +592,9 @@ typedef int pid_t; #undef ARM64_ONLY #ifdef VM_ARM_64 -#define ARM64_ONLY(x) x +#define ARM64_ONLY(...) __VA_ARGS__ #else -#define ARM64_ONLY(x) +#define ARM64_ONLY(...) #endif #undef X86_ONLY From 8647f0cf7a15f1c3a06e903cb15e053871d23c36 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Mon, 13 Nov 2023 12:07:34 -0800 Subject: [PATCH 072/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_basic_defs.h | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/open-vm-tools/lib/include/vm_basic_defs.h b/open-vm-tools/lib/include/vm_basic_defs.h index 9f22e5120..480531e4d 100644 --- a/open-vm-tools/lib/include/vm_basic_defs.h +++ b/open-vm-tools/lib/include/vm_basic_defs.h @@ -670,6 +670,12 @@ typedef int pid_t; #define HOSTED_ONLY(x) x #endif +#ifdef VMX86_FDM +#define vmx86_fdm 1 +#else +#define vmx86_fdm 0 +#endif + #ifdef VMX86_ESXIO #define vmx86_esxio 1 #else From f756d77a51c5e1c7d66b46e5e33774b5503e21de Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Mon, 13 Nov 2023 13:14:45 -0800 Subject: [PATCH 073/375] Update Changelog with the granular push of Nov. 13, 2023. - plus ChangeLog update of Oct. 5, 2023. --- open-vm-tools/ChangeLog | 159 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 159 insertions(+) diff --git a/open-vm-tools/ChangeLog b/open-vm-tools/ChangeLog index a74392650..14de78508 100644 --- a/open-vm-tools/ChangeLog +++ b/open-vm-tools/ChangeLog @@ -1,3 +1,162 @@ +commit 8647f0cf7a15f1c3a06e903cb15e053871d23c36 +Author: Katy Feng +Date: Mon Nov 13 12:07:34 2023 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit beb027f7eccea977d00ef2a91da29e19ccc0a6d8 +Author: Katy Feng +Date: Mon Nov 13 12:07:34 2023 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit e7c2898e1a2b61948efd7bfd582a36a0e9363b3b +Author: Katy Feng +Date: Mon Nov 13 12:07:34 2023 -0800 + + Guest identification: Asianux Linux is now Miracle Linux + + The Asianux distro rebranded itself as Miracle Linux. Our + infrastructure already knows about Asianux however the guest + identification that runs in tools does not. Add the necessary + aliasing code to the "in guest" code. + +commit b7775db161d414bb1311a1eb120a7f8474d59aeb +Author: Katy Feng +Date: Mon Nov 13 12:07:34 2023 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit e6937680a6ee85431799d956c521971113508dd2 +Author: Katy Feng +Date: Mon Nov 13 12:07:34 2023 -0800 + + Change to common source file not applicable to open-vm-tools. + +commit 34035501b125caadae9e0a9598f1e68bbe56282e +Author: Katy Feng +Date: Mon Nov 13 12:07:34 2023 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit f612000e31b788f3da054aae9d3f296447d00039 +Author: Katy Feng +Date: Mon Nov 13 12:07:34 2023 -0800 + + File descriptor vulnerability in the open-vm-tools vmware-user-suid-wrapper + on Linux + + Move the privilege drop logic (dropping privilege to the real uid and + gid of the process for the vmusr service) from suidWrapper to vmtoolsd code. + Now vmtoolsd is not executed with dropped privileges (started as setuid + program) and the dumpable attribute of the process is not reset. + Unprivileged users will not have access to the privileged file descriptors + in the vmtoolsd vmusr process. + Also, set the FD_CLOEXEC flag for both uinputFd and blockFd preventing + those file descriptors from being inherited any further from vmtoolsd. + +commit fd4c58055253ba80d84a17778d9f2e93d117350e +Author: Katy Feng +Date: Mon Nov 13 12:07:34 2023 -0800 + + Don't accept tokens with unrelated certs + + If a SAML token has a cert that's not a part of a chain, + fail the token as invalid. + +commit 0546037841f16e8fe4148c8434e2b02cb2b0a6dd +Author: Katy Feng +Date: Mon Nov 13 12:07:34 2023 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit c10d8436ff4137dbd66b17d12ffe1be7e00a1f2d +Author: Katy Feng +Date: Mon Nov 13 12:07:33 2023 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit cdbc0b2bee9d771ab3c3312abe737cabecf4bfc8 +Author: Katy Feng +Date: Mon Nov 13 12:07:33 2023 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit fa2b47d9a4d0f27be5a5172c5d0eb6f197fca596 +Author: Katy Feng +Date: Mon Nov 13 12:07:33 2023 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit e9cab85bc079a3b5b0cc9f154a0aa90946314c72 +Author: Katy Feng +Date: Mon Nov 13 12:07:33 2023 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit fdb122f3e196835e97d2828fd77580d4f7bedb1a +Author: Katy Feng +Date: Mon Nov 13 12:07:33 2023 -0800 + + Suppress optional arg to backup scripts when empty string. + + Backup scripts can be called with an optional argument. + Don't pass the optional arg to the script if it's an empty string. + +commit e60562e9409f81541281c452af5f8426a1cc1df2 +Author: Katy Feng +Date: Mon Nov 13 12:07:33 2023 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit b4b5483324bd241a1895e080489383ed59335117 +Author: Katy Feng +Date: Mon Nov 13 12:07:33 2023 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit 92cc832c4493c272cb9227a87f68a9ae0cf18fec +Author: Katy Feng +Date: Mon Nov 13 12:07:33 2023 -0800 + + Checking flag 'disable_vmware_customization' in more cloud-init config files + + Currently, the deployPkg plugin checks the existence of the flag + 'disable_vmware_customization: false' in the /etc/cloud/cloud.cfg file + to determine whether VMware customization is enabled on cloud-init + side when cloud-init is available in guest. Instead, keep local settings, + such as this flag, in config files under the /etc/cloud/cloud.cfg.d directory, + for example: /etc/cloud/cloud.cfg.d/somefile.cfg + + This change implements the following adjustments to make sure this flag is + handled the same way as cloud-init does in ds-identify and Datasource: + + 1. Instead of regex matching flag 'disable_vmware_customization: false', + check the value of flag 'disable_vmware_customization': + If the value is 'false', it means VMware customization is enabled. + If the value is 'true', it means VMware customization is disabled. + If the flag is not set, by default VMware customization is disabled + on cloud-init side. + 2. Besides cloud-init /etc/cloud/cloud.cfg file, also check all .cfg + files under /etc/cloud/cloud.cfg.d directory. + 3. The value of flag 'disable_vmware_customization' in .cfg files under + /etc/cloud/cloud.cfg.d directory will overwrite the one in the + /etc/cloud/cloud.cfg file. + 4. The value of flag 'disable_vmware_customization' in a .cfg file listed + further down in alphabetical order under the /etc/cloud/cloud.cfg.d + directory will overwrite the value in a .cfg file listed earier. + 5. If a cloud-init config file contains more than one instance of this + flag, the value of the later flag will overwrite the former one. + + Github Issue: https://github.com/vmware/open-vm-tools/issues/310 + +commit 2cb54143f98031d5ab42c08e4fb1a6c9133b44b0 +Author: Katy Feng +Date: Thu Oct 5 15:53:07 2023 -0700 + + Update Changelog with the granular push of Oct. 5, 2023. + - plus ChangeLog update of Aug. 25, 2023. + commit d0605c5ba368a3f417ad1a24fc9dc28c0de5bef7 Author: Katy Feng Date: Thu Oct 5 15:42:42 2023 -0700 From f76fea45d2c4de6ebcc0d7f5ed40a6c24689abef Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 16 Nov 2023 09:21:20 -0800 Subject: [PATCH 074/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/x86cpuid.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/x86cpuid.h b/open-vm-tools/lib/include/x86cpuid.h index 8b1f8b7f8..b76205d48 100644 --- a/open-vm-tools/lib/include/x86cpuid.h +++ b/open-vm-tools/lib/include/x86cpuid.h @@ -1438,7 +1438,7 @@ FLAG( 81F, 0, EAX, 16, 1, SEV_VTE, NO, 0 ) \ FLAG( 81F, 0, EAX, 17, 1, VMGEXIT_PARAMETER, NO, 0 ) \ FLAG( 81F, 0, EAX, 18, 1, VIRTUAL_MSR_TOM, NO, 0 ) \ FLAG( 81F, 0, EAX, 19, 1, SEV_IBS_VIRT, NO, 0 ) \ -FLAG( 81F, 0, EAX, 24, 1, VMSA_REG_PROT, NO, 0 ) \ +FLAG( 81F, 0, EAX, 24, 1, VMSA_REG_PROT, YES, FUT ) \ FLAG( 81F, 0, EAX, 25, 1, SMT_PROTECTION, NO, 0 ) \ FLAG( 81F, 0, EAX, 28, 1, SVSM_COMM_PAGE_MSR, NO, 0 ) \ FLAG( 81F, 0, EAX, 29, 1, NESTED_VIRT_SNP_MSR, NO, 0 ) \ From 77f6b260876aba27c497a96c833b26ec5d50578a Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 16 Nov 2023 09:21:20 -0800 Subject: [PATCH 075/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/guest_os_tables.h | 1 + 1 file changed, 1 insertion(+) diff --git a/open-vm-tools/lib/include/guest_os_tables.h b/open-vm-tools/lib/include/guest_os_tables.h index 3ddd05ed2..d54ab1029 100644 --- a/open-vm-tools/lib/include/guest_os_tables.h +++ b/open-vm-tools/lib/include/guest_os_tables.h @@ -394,6 +394,7 @@ extern "C" { GOKM("almalinux-64", almalinux_64Guest, TRUE) \ GOKM("rockylinux-64", rockylinux_64Guest, TRUE) \ GOKM("CRXPod1-64", crxPod1Guest, TRUE) \ + GOKM("CRXSys1-64", crxSys1Guest, TRUE) \ /* Netware guests */ \ GOKM("netware4", netware4Guest, TRUE) \ GOKM("netware5", netware5Guest, TRUE) \ From 8f03cddae70d27fe10b2833d53995f1dd3985f37 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 16 Nov 2023 09:21:20 -0800 Subject: [PATCH 076/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_basic_defs.h | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/open-vm-tools/lib/include/vm_basic_defs.h b/open-vm-tools/lib/include/vm_basic_defs.h index 480531e4d..c138856fb 100644 --- a/open-vm-tools/lib/include/vm_basic_defs.h +++ b/open-vm-tools/lib/include/vm_basic_defs.h @@ -590,6 +590,12 @@ typedef int pid_t; * Convenience macros and definitions. Can often be used instead of #ifdef. */ +#ifdef VMK_HAS_VMM +#define VMK_HAS_VMM_ONLY(...) __VA_ARGS__ +#else +#define VMK_HAS_VMM_ONLY(...) +#endif + #undef ARM64_ONLY #ifdef VM_ARM_64 #define ARM64_ONLY(...) __VA_ARGS__ From 2683d53f2ef4e8e01c938b6ec81f87e46e187c3d Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 16 Nov 2023 09:21:20 -0800 Subject: [PATCH 077/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_basic_defs.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/open-vm-tools/lib/include/vm_basic_defs.h b/open-vm-tools/lib/include/vm_basic_defs.h index c138856fb..0f8c2c0a2 100644 --- a/open-vm-tools/lib/include/vm_basic_defs.h +++ b/open-vm-tools/lib/include/vm_basic_defs.h @@ -605,9 +605,9 @@ typedef int pid_t; #undef X86_ONLY #ifdef VM_X86_ANY -#define X86_ONLY(x) x +#define X86_ONLY(...) __VA_ARGS__ #else -#define X86_ONLY(x) +#define X86_ONLY(...) #endif #undef DEBUG_ONLY From 14ada379295c86b9eed8d407753c88610312a6e8 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 16 Nov 2023 09:21:20 -0800 Subject: [PATCH 078/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_basic_defs.h | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/open-vm-tools/lib/include/vm_basic_defs.h b/open-vm-tools/lib/include/vm_basic_defs.h index 0f8c2c0a2..8f5d226fd 100644 --- a/open-vm-tools/lib/include/vm_basic_defs.h +++ b/open-vm-tools/lib/include/vm_basic_defs.h @@ -605,9 +605,21 @@ typedef int pid_t; #undef X86_ONLY #ifdef VM_X86_ANY -#define X86_ONLY(...) __VA_ARGS__ -#else -#define X86_ONLY(...) +# ifdef _MSC_VER +/* + * Old MSVC versions (such as MSVC 14.29.30133, used to build Workstation's + * offset checker) are notorious to have non-standard __VA_ARGS__ handling. + */ +# define X86_ONLY(x) x +# else +# define X86_ONLY(...) __VA_ARGS__ +# endif +#else +# ifdef _MSC_VER +# define X86_ONLY(x) +# else +# define X86_ONLY(...) +# endif #endif #undef DEBUG_ONLY From 72effb954333e49657315835c4df87fc0417ad2a Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 16 Nov 2023 09:21:20 -0800 Subject: [PATCH 079/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_basic_defs.h | 24 +++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/open-vm-tools/lib/include/vm_basic_defs.h b/open-vm-tools/lib/include/vm_basic_defs.h index 8f5d226fd..04bb3d061 100644 --- a/open-vm-tools/lib/include/vm_basic_defs.h +++ b/open-vm-tools/lib/include/vm_basic_defs.h @@ -604,22 +604,22 @@ typedef int pid_t; #endif #undef X86_ONLY -#ifdef VM_X86_ANY -# ifdef _MSC_VER +#ifdef _MSC_VER /* * Old MSVC versions (such as MSVC 14.29.30133, used to build Workstation's * offset checker) are notorious to have non-standard __VA_ARGS__ handling. */ -# define X86_ONLY(x) x -# else -# define X86_ONLY(...) __VA_ARGS__ -# endif -#else -# ifdef _MSC_VER -# define X86_ONLY(x) -# else -# define X86_ONLY(...) -# endif +#ifdef VM_X86_ANY +#define X86_ONLY(x) x +#else +#define X86_ONLY(x) +#endif +#else +#ifdef VM_X86_ANY +#define X86_ONLY(...) __VA_ARGS__ +#else +#define X86_ONLY(...) +#endif #endif #undef DEBUG_ONLY From 7800de416d88ba03db4f8bd818d7c99d51048bdf Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 16 Nov 2023 09:21:20 -0800 Subject: [PATCH 080/375] Change to common source file not applicable to open-vm-tools. --- open-vm-tools/services/plugins/vmbackup/stateMachine.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/open-vm-tools/services/plugins/vmbackup/stateMachine.c b/open-vm-tools/services/plugins/vmbackup/stateMachine.c index 6d8288c0b..a73396507 100644 --- a/open-vm-tools/services/plugins/vmbackup/stateMachine.c +++ b/open-vm-tools/services/plugins/vmbackup/stateMachine.c @@ -100,7 +100,7 @@ VM_EMBED_VERSION(VMTOOLSD_VERSION_STRING); * TRUE will allow the host to use NVMe feature in snapshot, * FALSE otherwise. */ -#define VMBACKUP_CFG_ENABLENVME_DEFAULT FALSE +#define VMBACKUP_CFG_ENABLENVME_DEFAULT TRUE static VmBackupState *gBackupState = NULL; From c7c88a4aacd05f7d6f232c11c5537f2d43934d6b Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 16 Nov 2023 09:21:20 -0800 Subject: [PATCH 081/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/hgfsServer.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/hgfsServer.h b/open-vm-tools/lib/include/hgfsServer.h index bd7cc0dc5..dd27dabfc 100644 --- a/open-vm-tools/lib/include/hgfsServer.h +++ b/open-vm-tools/lib/include/hgfsServer.h @@ -27,7 +27,7 @@ extern "C" { #endif -#define HGFS_VMX_IOV_CONTEXT_SIZE (vmx86_debug ? 120 : 104) +#define HGFS_VMX_IOV_CONTEXT_SIZE (vmx86_debug ? 112 : 96) typedef struct HgfsVmxIov { void *va; /* Virtual addr */ uint64 pa; /* Physical address passed by the guest */ From 5d5bbbecd32cbc054b81b05a5af4bdbf62aee3a7 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 16 Nov 2023 09:21:20 -0800 Subject: [PATCH 082/375] =?UTF-8?q?Change=20in=20Guest=20Data=20Producer?= =?UTF-8?q?=20plugin=20API=20and=20Guest=20Data=20Producer=20protocol/hand?= =?UTF-8?q?shake=20between=20the=20host=20and=20guest=20to=20support=20?= =?UTF-8?q?=E2=80=98no=20subscribers=E2=80=99=20error=20feedback.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The Service Discovery plugin was updated for API compatibility. Changes in the GDP protocol/handshake introduce versioning of the protocol. The new version is “2” and introduces new attributes (‘version’ and ‘requireSubs’) in the guest request header sent to the host publisher service. The response from the host publisher service to the guest producer client is also versioned and changes more significantly: V2 response messages have new attributes (‘version’, ‘error-id’, and ‘error-text’) and have the ‘status’ attributes type change from string (‘ok’, ‘bad’) to Boolean (‘true’, ‘false’). The ‘error-id’, when present, contains a string identifier for an error type/code and ‘error-text’, when present, contains textual details for the error. The host publisher supports all protocol versions up to the version it provides for backward and forward compatibility. The host publisher service responds with the same version of protocol as the incoming request or its highest protocol version when the incoming request version is higher than it supports. The guest producer client supports all response versions up to the version it provides for backward and forward compatibility. The guest producer client always sends request to the host publisher service using the highest protocol version it supports. --- open-vm-tools/lib/include/vmware/tools/gdp.h | 55 ++- .../services/plugins/gdp/gdpPlugin.c | 416 ++++++++++++++++-- .../serviceDiscovery/serviceDiscovery.c | 57 ++- 3 files changed, 457 insertions(+), 71 deletions(-) diff --git a/open-vm-tools/lib/include/vmware/tools/gdp.h b/open-vm-tools/lib/include/vmware/tools/gdp.h index c071cd532..ec59e06b5 100644 --- a/open-vm-tools/lib/include/vmware/tools/gdp.h +++ b/open-vm-tools/lib/include/vmware/tools/gdp.h @@ -40,6 +40,31 @@ extern "C++" { #include "vmware/tools/plugin.h" +/* + * GDP Protocol version + */ +#define GDP_PROTOCOL_VERSION 2 + +/* + * GDP Protocol version before versioning was introduced. + */ +#define GDP_PROTOCOL_UNVERSIONED_VERSION 1 + +/* + * First GDP Protocol version to support versioning. + */ +#define GDP_PROTOCOL_VERSIONED_VERSION 2 + +/* + * Maximum GDP Data Message protocol version generated by GDP plugin. + */ +#define GDP_PROTOCOL_DM_MAX_VERSION GDP_PROTOCOL_VERSION + +/* + * Maximum GDP Data Message Response protocol version handled by GDP plugin. + */ +#define GDP_PROTOCOL_DM_RESP_MAX_VERSION GDP_PROTOCOL_VERSION + /* * Size in bytes: * 17 * 4096 - Maximum VMCI datagram size @@ -63,33 +88,48 @@ extern "C++" { /* * GdpError definitions. + * The GDP_ERR_ITEM Tuple is: + * - GdpEnum name + * - error-id string id + * - Default error message string */ #define GDP_ERR_LIST \ GDP_ERR_ITEM(GDP_ERROR_SUCCESS = 0, \ + "success", \ "No error") \ GDP_ERR_ITEM(GDP_ERROR_INVALID_DATA, \ + "invalid-data", \ "Invalid data") \ GDP_ERR_ITEM(GDP_ERROR_DATA_SIZE, \ + "data-size", \ "Data size too large") \ GDP_ERR_ITEM(GDP_ERROR_GENERAL, \ + "error", \ "General error") \ GDP_ERR_ITEM(GDP_ERROR_STOP, \ + "stopped-for-shutdown", \ "Stopped for vmtoolsd shutdown") \ GDP_ERR_ITEM(GDP_ERROR_UNREACH, \ + "publisher-unreachable", \ "Host daemon unreachable") \ GDP_ERR_ITEM(GDP_ERROR_TIMEOUT, \ - "Operation timed out") + "timeout", \ + "Operation timed out") \ + GDP_ERR_ITEM(GDP_ERROR_NO_SUBSCRIBERS, \ + "no-subscribers", \ + "No subscribers for data") /* - * GdpError codes. + * GdpError codes enum. */ -#define GDP_ERR_ITEM(a, b) a, +#define GDP_ERR_ITEM(a, b, c) a, typedef enum GdpError { GDP_ERR_LIST GDP_ERR_MAX } GdpError; #undef GDP_ERR_ITEM + /** * @brief Type of the public interface of the gdp plugin service. * @@ -103,7 +143,8 @@ typedef struct ToolsPluginSvcGdp { const gchar *category, const gchar *data, guint32 dataLen, - gboolean cacheData); + gboolean cacheData, + gboolean requireSubs); } ToolsPluginSvcGdp; @@ -127,6 +168,7 @@ typedef struct ToolsPluginSvcGdp { * @param[in] data Buffer containing data to publish * @param[in] dataLen Buffer length * @param[in] cacheData Cache the data if TRUE + * @param[in] requireSubs Require subscriber(s) if TRUE * * @return GDP_ERROR_SUCCESS on success. * @return Other GdpError code otherwise. @@ -142,13 +184,14 @@ ToolsPluginSvcGdp_Publish(ToolsAppCtx *ctx, // IN const gchar *category, // IN, OPTIONAL const gchar *data, // IN guint32 dataLen, // IN - gboolean cacheData) // IN + gboolean cacheData, // IN + gboolean requireSubs) // IN { ToolsPluginSvcGdp *svcGdp = NULL; g_object_get(ctx->serviceObj, TOOLS_PLUGIN_SVC_PROP_GDP, &svcGdp, NULL); if (svcGdp != NULL && svcGdp->publish != NULL) { return svcGdp->publish(createTime, topic, token, - category, data, dataLen, cacheData); + category, data, dataLen, cacheData, requireSubs); } return GDP_ERROR_GENERAL; } diff --git a/open-vm-tools/services/plugins/gdp/gdpPlugin.c b/open-vm-tools/services/plugins/gdp/gdpPlugin.c index 96e6d717b..0e67ccac5 100644 --- a/open-vm-tools/services/plugins/gdp/gdpPlugin.c +++ b/open-vm-tools/services/plugins/gdp/gdpPlugin.c @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (c) 2020-2021 VMware, Inc. All rights reserved. + * Copyright (c) 2020-2021,2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -118,13 +118,130 @@ VM_EMBED_VERSION(VMTOOLSD_VERSION_STRING); */ #define GDP_WAIT_RESULT_TIMEOUT 1500 // ms -#define GDP_PACKET_JSON_LINE_SUBSCRIBERS \ - " \"subscribers\":[%s],\n" +/* + * GDP Protocol + * + * The Producer (Guest) to Publisher (Host) protocol specification and + * implementation aim to be backward compatible. + * + * Newer gdp plugin and clients using it must handle operation with hosts using + * older versions of the protocol and implementation. + * + * The GDP protocol messages supported (newest to oldest) are described below: + * + * V2 --- Data Message + * { + * "header": { + * "sequence":uint64, + * "version":int, + * "subscribers":[int-array], + * "requireSubs":Boolean, + * "createTime":"time-string", + * "topic":"string", + * "token":"string" + * } + * "payload": { + * "category":"string", + * "base64":"base64-encoded-string" + * } + * } + * NOTES: + * - Required attributes: + * o In header: sequence, version (new in V2), createTime, topic, token + * o In payload: category, base64 + * - Optional fields + * o In header: + * + subscribers: Present only in History Data Message. + * + requireSubs: Present only when Data Producer requires subscriber + * to be present/subscribed (new in V2). + * + * V2 --- Response + * { + * "sequence":uint64, + * "version":int, + * "status":Boolean, + * "error-id":"id-string", + * "error-text":"string", + * "rateLimit":int + * } + * NOTES: + * - Required attributes: + * o sequence, status, rateLimit + * - Required but optional for Backward compatibility. + * o version: Required when the request header was version >= 2 AND the + * host gdp daemon supports versions >= 2. + * - Optional fields: + * o error-id: Required when version >= 2 AND status==false; else ignored. + * o error-text: Same conditions as error-id. + * + * ------------------------------------- + * + * Unversioned/original -- Data Message + * { + * "header": { + * "sequence":uint64, + * "subscribers":[int-array], + * "createTime":"time-string", + * "topic":"string", + * "token":"string" + * } + * "payload": { + * "category":"string", + * "base64":"base64-encoded-string" + * } + * } + * NOTES: + * - Required attributes: + * o In header: sequence, createTime, topic, token + * o In payload: category, base64 + * - Optional fields + * o In header: + * + subscribers: Present only in History Data Message. + * + * Unversioned/original -- Response + * { + * "sequence":uint64, + * "status":"string-{ok|bad}", + * "diagnosis":"formatted-string", + * "rateLimit":int + * } + * NOTES: + * - Required attributes: + * o sequence, status, rateLimit + * - Optional attributes: + * o diagnosis: Present when error (status is 'bad') or for diagnostics + * (debug only) + * - The 'status' field type changes from 'string' in V1 to 'boolean' in V2. + * This adds some complexity in format validation. + * + * ------------------------------------- + * Backward Compatibility + * Response parsing can handle all message version, required attributes + * expectations must be met and rely on the provided version field (or the + * default version) to evaluate if a valid response was received. + * + * A V2 request can receive an unversioned ('V1') response from an old host + * and must handle the format. The impact is some functionality will not be + * available to the gdp plugin clients. + * + * Forward Compatibility + * Unknown attributes are ignored. + * + * A host will not send a response with an higher version field value than the + * data message it is responding to. But if it did, the gdp plugin will ignore + * unknown attributes. + * + * When receiving a response with a version field value lower then what the + * gdp plugin can support, this indicate the highest protocol version the host + * supports. + */ #define GDP_PACKET_JSON \ "{\n" \ " \"header\": {\n" \ " \"sequence\":%" G_GUINT64_FORMAT ",\n" \ + " \"version\":%" G_GUINT64_FORMAT ",\n" \ + "%s" \ "%s" \ " \"createTime\":\"%s\",\n" \ " \"topic\":\"%s\",\n" \ @@ -136,17 +253,32 @@ VM_EMBED_VERSION(VMTOOLSD_VERSION_STRING); " }\n" \ "}" +#define GDP_PACKET_JSON_LINE_SUBSCRIBERS \ + " \"subscribers\":[%s],\n" + +#define GDP_PACKET_JSON_LINE_REQUIRE_SUBS \ + " \"requireSubs\":%s,\n" + #define GDP_RESULT_SEQUENCE "sequence" // Required, e.g. 12345 -#define GDP_RESULT_STATUS "status" // Required, "ok", or "bad" for +#define GDP_RESULT_VERSION "version" // V2: Required, e.g. 2 +#define GDP_RESULT_STATUS "status" // V1: Required, "ok", or "bad" for // malformed and rejected packet + // V2: Required, true, or false for + // malformed and rejected packet, and + // other errors (see error-id and + // error-text). #define GDP_RESULT_DIAGNOSIS "diagnosis" // Optional +#define GDP_RESULT_ERROR_ID "error-id" // V2: Required Error ID to map to + // GdpError enum. +#define GDP_RESULT_ERROR_TEXT "error-text"// V2: Optional Provided error message. #define GDP_RESULT_RATE_LIMIT "rateLimit" // Required, // e.g. 2 packets per second -#define GDP_RESULT_STATUS_OK "ok" -#define GDP_RESULT_STATUS_BAD "bad" +#define GDP_RESULT_STATUS_OK "ok" // V1: possible value for status +#define GDP_RESULT_STATUS_BAD "bad" // V1: possible value for status #define GDP_RESULT_REQUIRED_KEYS 3 +#define GDP_RESULT_V2_REQUIRED_KEYS 4 #define GDP_HISTORY_REQUEST_PAST_SECONDS "pastSeconds" // , // Required @@ -155,7 +287,6 @@ VM_EMBED_VERSION(VMTOOLSD_VERSION_STRING); // Required #define GDP_HISTORY_REQUEST_TOPIC_PREFIXES "topicPrefixes" // , // Optional - #define GDP_HISTORY_REQUEST_REQUIRED_KEYS 2 /* @@ -176,44 +307,64 @@ VM_EMBED_VERSION(VMTOOLSD_VERSION_STRING); #define GDP_TOKENS_PER_ALLOC 50 + +/* + * Gdp protocol 'error-id' response attribute table. + * From GDP_ERR_ITEM tuple: + * - GdpEnum name + * - error-id string id + * - Default error message string + */ +#define GDP_ERR_ITEM(a, b, c) b, +static const char * const gdpErrIds[] = { +GDP_ERR_LIST +}; +#undef GDP_ERR_ITEM + /* * GdpError message table. + * From GDP_ERR_ITEM tuple: + * - GdpEnum name + * - error-id string id + * - Default error message string */ -#define GDP_ERR_ITEM(a, b) b, +#define GDP_ERR_ITEM(a, b, c) c, static const char * const gdpErrMsgs[] = { GDP_ERR_LIST }; #undef GDP_ERR_ITEM +static GdpError GetGdpErrorFromErrorId(const char *erroIdStr); // IN + typedef struct PluginState { ToolsAppCtx *ctx; /* Tools application context */ Atomic_Bool started; /* TRUE : Guest data publishing is started - FALSE: otherwise - Transitions from FALSE to TRUE only */ + * FALSE: otherwise + * Transitions from FALSE to TRUE only */ #if defined(_WIN32) Bool wsaStarted; /* TRUE : WSAStartup succeeded, WSACleanup required - FALSE: otherwise */ + * FALSE: otherwise */ #endif int vmciFd; /* vSocket address family value fd */ int vmciFamily; /* vSocket address family value */ SOCKET sock; /* Datagram socket for publishing guest data */ #if defined(_WIN32) GdpEvent eventNetwork; /* The network event object: - To be associated with network - send/recv ready event */ + * To be associated with network + * send/recv ready event */ #endif GdpEvent eventStop; /* The stop event object: - Signalled to stop guest data publishing */ + * Signalled to stop guest data publishing */ Atomic_Bool stopped; /* TRUE : Guest data publishing is stopped - FALSE: otherwise - Transitions from FALSE to TRUE only */ + * FALSE: otherwise + * Transitions from FALSE to TRUE only */ GdpEvent eventConfig; /* The config event object: - Signalled to update config */ + * Signalled to update config */ } PluginState; static PluginState gPluginState; @@ -227,13 +378,14 @@ typedef struct PublishState { * the gdp task thread. */ gint64 createTime; /* Real wall-clock time, - in microseconds since January 1, 1970 UTC. */ + * in microseconds since January 1, 1970 UTC. */ const gchar *topic; const gchar *token; const gchar *category; const gchar *data; guint32 dataLen; gboolean cacheData; + gboolean requireSubs; /* Subscriber presence required by publisher */ /* * The publish event object: @@ -267,14 +419,14 @@ typedef enum GdpTaskEvent { typedef enum GdpTaskMode { GDP_TASK_MODE_NONE, /* Not publishing - valid with GDP_TASK_STATE_IDLE only */ + * valid with GDP_TASK_STATE_IDLE only */ GDP_TASK_MODE_PUBLISH, /* Publishing new data */ GDP_TASK_MODE_HISTORY, /* Publishing history data */ } GdpTaskMode; typedef enum GdpTaskState { GDP_TASK_STATE_IDLE, /* Not started - valid with GDP_TASK_MODE_NONE only */ + * valid with GDP_TASK_MODE_NONE only */ GDP_TASK_STATE_WAIT_TO_SEND, /* Wait to send JSON packet */ GDP_TASK_STATE_WAIT_FOR_RESULT1, /* Wait for publish result from daemon */ GDP_TASK_STATE_WAIT_FOR_RESULT2, /* Wait for publish result after re-send */ @@ -282,9 +434,14 @@ typedef enum GdpTaskState { typedef struct PublishResult { guint64 sequence; /* Result for the packet with this sequence number */ - Bool statusOk; /* TRUE: ok, FALSE: bad */ + Bool statusOk; /* TRUE: ok|true, FALSE: bad|false */ gchar *diagnosis; /* Diagnosis message if statusOk is FALSE */ gint32 rateLimit; /* VMCI peer rate limit */ + guint64 version; /* Response message protocol version, since v2 */ + GdpError errorId; /* GdpError from error-id when statusOk is FALSE, + * GDP_ERROR_SUCCESS otherwise */ + gchar *errorText; /* error-text; can be provided when when statusOk is + * FALSE; NULL otherwise */ } PublishResult; typedef struct HistoryRequest { @@ -301,6 +458,9 @@ typedef struct HistoryCacheItem { gchar *category; gchar *data; guint32 dataLen; /* Guest data - end */ + gboolean requireSubs; /* Publisher requires subscriber to publish Guest Data. + * Requires a V2 (and up) protocol compatible host; + * ignored otherwise */ gint64 cacheTime; /* Monotonic time point when item is cached */ guint32 itemSize; /* Item size in bytes */ } HistoryCacheItem; @@ -311,7 +471,7 @@ typedef struct HistoryCache { guint32 countLimit; /* Cache item count limit */ guint32 size; /* Current cache buffer size */ GList *currentLink; /* Pointer to the history cache queue link - currently being published */ + * currently being published */ } HistoryCache; typedef struct TaskContext { @@ -351,9 +511,9 @@ typedef struct TaskContext { guint32 packetLen; /* JSON packet length */ gint64 timeoutAt; /* Time out at this monotonic time point, - in microseconds. */ + * in microseconds. */ gint64 sendAfter; /* Send to daemon after this monotonic time point, - in microseconds. */ + * in microseconds. */ } TaskContext; @@ -433,7 +593,8 @@ GdpTaskHistoryCachePushItem(TaskContext *taskCtx, // IN/OUT const gchar *token, // IN const gchar *category, // IN const gchar *data, // IN - guint32 dataLen); // IN + guint32 dataLen, // IN + gboolean requireSubs); // IN static gchar * GdpGetFormattedUtcTime(gint64 utcTime); // IN @@ -446,6 +607,7 @@ GdpTaskBuildPacket(TaskContext *taskCtx, // IN/OUT const gchar *category, // IN, OPTIONAL const gchar *data, // IN guint32 dataLen, // IN + gboolean requireSubs, // IN const gchar *subscribers); // IN, OPTIONAL static inline void @@ -540,6 +702,38 @@ static void GdpDestroy(void); +/* + ****************************************************************************** + * GetGdpErrorFromErrorId -- + * + * Translate an error-id string to a GdpError enumeration. + * + * @return The GdpError match + * @return GDP_ERR_MAX otherwise. + * + ****************************************************************************** + */ + +static GdpError +GetGdpErrorFromErrorId(const char *errorIdStr) // IN +{ + if (errorIdStr != NULL && errorIdStr[0] != '\0') { + + int i; // Err: 'for' loop initial declarations only allowed in C99 mode + + for (i = 0; i < GDP_ERR_MAX; i++) { + if (strcmp(gdpErrIds[i], errorIdStr) == 0) { + // Match + return i; + } + } + } + + // Return GDP_ERR_MAX for not found/invalid + return GDP_ERR_MAX; +} + + /* ****************************************************************************** * GdpCreateEvent -- @@ -1311,6 +1505,7 @@ GdpTaskDeleteHistoryCacheTail(TaskContext *taskCtx) // IN/OUT * "application" * @param[in] data Buffer containing data to publish * @param[in] dataLen Buffer length + * @param[in] requireSubs Subscriber required flag * ****************************************************************************** */ @@ -1322,7 +1517,8 @@ GdpTaskHistoryCachePushItem(TaskContext *taskCtx, // IN/OUT const gchar *token, // IN const gchar *category, // IN const gchar *data, // IN - guint32 dataLen) // IN + guint32 dataLen, // IN + gboolean requireSubs) // IN { HistoryCacheItem *item; @@ -1338,6 +1534,7 @@ GdpTaskHistoryCachePushItem(TaskContext *taskCtx, // IN/OUT item->data = (gchar *) Util_SafeMalloc(dataLen); Util_Memcpy(item->data, data, dataLen); item->dataLen = dataLen; + item->requireSubs = requireSubs; item->cacheTime = g_get_monotonic_time(); item->itemSize = ((guint32) sizeof(HistoryCacheItem)) @@ -1420,6 +1617,10 @@ GdpGetFormattedUtcTime(gint64 utcTime) // IN * "application" * @param[in] data Buffer containing data to publish * @param[in] dataLen Buffer length + * @param[in] requireSubs Indicate whether the publisher requires or + * not that subscribers be present. Expected to + * be false for history data. Ignored by pre-V2 + * protocol host. * @param[in,optional] subscribers For history data only, NULL for new data * * @return GDP_ERROR_SUCCESS on success. @@ -1436,10 +1637,12 @@ GdpTaskBuildPacket(TaskContext *taskCtx, // IN/OUT const gchar *category, // IN, OPTIONAL const gchar *data, // IN guint32 dataLen, // IN + const gboolean requireSubs, // IN const gchar *subscribers) // IN, OPTIONAL { gchar base64Data[GDP_MAX_PACKET_LEN + 1]; // Add a space for NULL gchar *subscribersLine = NULL; + gchar *subscribersRequiredLine = NULL; gchar *formattedTime; GdpError gdpErr; @@ -1457,13 +1660,24 @@ GdpTaskBuildPacket(TaskContext *taskCtx, // IN/OUT subscribers); } + // subscribers required is optional in (V2). + // since: GDP_PROTOCOL_VERSIONED_VERSION + if (requireSubs) { + subscribersRequiredLine = + g_strdup_printf(GDP_PACKET_JSON_LINE_REQUIRE_SUBS, + "true"); + } + formattedTime = GdpGetFormattedUtcTime(createTime); ASSERT(taskCtx->packet == NULL); taskCtx->packet = g_strdup_printf(GDP_PACKET_JSON, ++taskCtx->sequence, + (uint64) GDP_PROTOCOL_VERSION, subscribersLine != NULL ? subscribersLine : "", + subscribersRequiredLine != NULL ? + subscribersRequiredLine : "", formattedTime != NULL ? formattedTime : "", topic, @@ -1484,6 +1698,7 @@ GdpTaskBuildPacket(TaskContext *taskCtx, // IN/OUT g_free(formattedTime); g_free(subscribersLine); + g_free(subscribersRequiredLine); return gdpErr; } @@ -1748,6 +1963,7 @@ GdpTaskPublishHistory(TaskContext *taskCtx) // IN/OUT item->category, item->data, item->dataLen, + item->requireSubs, subscribers); if (gdpErr != GDP_ERROR_SUCCESS) { /* @@ -1881,8 +2097,12 @@ GdpJsonIsPublishResult(const char *json, // IN PublishResult *result) // OUT { int index; - int requiredKeys = GDP_RESULT_REQUIRED_KEYS; + int requiredKeysCount = 0; gchar *diagnosis = NULL; + Bool handledRateLimit = FALSE; + Bool handledStatus = FALSE; + + result->errorId = GDP_ERR_MAX; /* result usually zeroed in caller */ /* * Loops over all keys of the root object. @@ -1891,41 +2111,117 @@ GdpJsonIsPublishResult(const char *json, // IN int tokenLen; if (GdpJsonIsTokenOfKey(json, &tokens[index], GDP_RESULT_SEQUENCE)) { - requiredKeys--; + ASSERT(result->sequence == 0); /* duplicate check */ + requiredKeysCount++; index++; result->sequence = g_ascii_strtoull(json + tokens[index].start, NULL, 10); + ASSERT(result->sequence != 0); /* no! */ + } else if (GdpJsonIsTokenOfKey(json, &tokens[index], + GDP_RESULT_VERSION)) { + ASSERT(result->version == 0); /* duplicate check */ + requiredKeysCount++; + index++; + result->version = g_ascii_strtoull(json + tokens[index].start, + NULL, 10); + ASSERT(result->version > 0); /* version == 0 is bad */ } else if (GdpJsonIsTokenOfKey(json, &tokens[index], GDP_RESULT_STATUS)) { - requiredKeys--; + ASSERT(handledStatus == FALSE); /* duplicate check */ + handledStatus = TRUE; + requiredKeysCount++; index++; tokenLen = tokens[index].end - tokens[index].start; + /* + * V1 status: 'ok' or V2 status: 'true' + */ if ((int) strlen(GDP_RESULT_STATUS_OK) == tokenLen && strncmp(json + tokens[index].start, GDP_RESULT_STATUS_OK, tokenLen) == 0) { + /* + * Success V1 + */ + result->statusOk = TRUE; + } else if (4 == tokenLen && + strncmp(json + tokens[index].start, + "true", tokenLen) == 0) { + /* + * Success V2 + */ result->statusOk = TRUE; } else { + /* + * Anything else is error response + */ result->statusOk = FALSE; } } else if (GdpJsonIsTokenOfKey(json, &tokens[index], GDP_RESULT_DIAGNOSIS)) { + ASSERT(diagnosis == NULL); /* duplicate check */ index++; - ASSERT(diagnosis == NULL); tokenLen = tokens[index].end - tokens[index].start; diagnosis = g_strndup(json + tokens[index].start, tokenLen); } else if (GdpJsonIsTokenOfKey(json, &tokens[index], GDP_RESULT_RATE_LIMIT)) { - requiredKeys--; + ASSERT(handledRateLimit == FALSE); /* duplicate check */ + handledRateLimit = TRUE; + requiredKeysCount++; index++; result->rateLimit = atoi(json + tokens[index].start); + } else if (GdpJsonIsTokenOfKey(json, &tokens[index], + GDP_RESULT_ERROR_ID)) { + gchar *errorIdStr = NULL; + ASSERT(result->errorId == GDP_ERR_MAX); /* duplicate check */ + /* + * Forward compatible error-id lookup, set to a valid error + */ + index++; + tokenLen = tokens[index].end - tokens[index].start; + errorIdStr = g_strndup(json + tokens[index].start, tokenLen); + result->errorId = GetGdpErrorFromErrorId(errorIdStr); + if (result->errorId == GDP_ERR_MAX) { + /* + * Unknown error-id error + */ + g_warning("%s: Unknown error-id: '%s' converting to '%s'", + __FUNCTION__, errorIdStr, gdpErrIds[GDP_ERROR_GENERAL]); + result->errorId = GDP_ERROR_GENERAL; + } + g_free(errorIdStr); + } else if (GdpJsonIsTokenOfKey(json, &tokens[index], + GDP_RESULT_ERROR_TEXT)) { + ASSERT(result->errorText == NULL); /* duplicate check */ + index++; + tokenLen = tokens[index].end - tokens[index].start; + result->errorText = g_strndup(json + tokens[index].start, tokenLen); } - } + } /* for index */ - if (requiredKeys == 0) { + /* + * Make sure requiredKeysCount for Unversioned or versioned protocol matches + * their respective expectations. + */ + if (result->version < GDP_PROTOCOL_VERSIONED_VERSION && + requiredKeysCount == GDP_RESULT_REQUIRED_KEYS) { + /* + * Assign diagnosis for unversioned protocol + */ result->diagnosis = diagnosis; return TRUE; + } else if (result->version >= GDP_PROTOCOL_VERSIONED_VERSION && + requiredKeysCount == GDP_RESULT_V2_REQUIRED_KEYS) { + /* + * diagnosis not used for versioned protocol, clean it up; + * error-text is assigned during parsing when present. + */ + g_free(diagnosis); + return TRUE; } else { g_free(diagnosis); + if (result->errorText != NULL) { + g_free(result->errorText); + result->errorText = NULL; + } return FALSE; } } @@ -1964,28 +2260,49 @@ GdpTaskProcessPublishResult(TaskContext *taskCtx, // IN/OUT } if (!result->statusOk) { - g_info("%s: Publish failed: %s\n", __FUNCTION__, - result->diagnosis ? result->diagnosis : ""); + if (result->version >= GDP_PROTOCOL_VERSIONED_VERSION) { + // V2 and up; use result->errorId and errorText + g_info("%s: Publish failed: Id(%d), Message: %s\n", __FUNCTION__, + result->errorId, result->errorText ? result->errorText : ""); + } else { + g_info("%s: Publish failed: %s\n", __FUNCTION__, + result->diagnosis ? result->diagnosis : ""); + } } if (taskCtx->mode == GDP_TASK_MODE_PUBLISH) { - if (result->statusOk) { - if (GdpTaskIsHistoryCacheEnabled(taskCtx) && - gPublishState.cacheData) { - GdpTaskHistoryCachePushItem(taskCtx, - gPublishState.createTime, - gPublishState.topic, - gPublishState.token, - gPublishState.category, - gPublishState.data, - gPublishState.dataLen); - } + Bool addToHistory = FALSE; + if (result->statusOk) { gPublishState.gdpErr = GDP_ERROR_SUCCESS; + addToHistory = TRUE; + } else if (result->version >= GDP_PROTOCOL_VERSIONED_VERSION) { + // V2 and up; use result->errorId + gPublishState.gdpErr = result->errorId; + + if (gPublishState.requireSubs && + result->errorId == GDP_ERROR_NO_SUBSCRIBERS) { + // Add Data Message to history on no-subscriber error. + addToHistory = TRUE; + } } else { + // Unversioned/original - default error response. gPublishState.gdpErr = GDP_ERROR_INVALID_DATA; } + if (addToHistory && + GdpTaskIsHistoryCacheEnabled(taskCtx) && + gPublishState.cacheData) { + GdpTaskHistoryCachePushItem(taskCtx, + gPublishState.createTime, + gPublishState.topic, + gPublishState.token, + gPublishState.category, + gPublishState.data, + gPublishState.dataLen, + gPublishState.requireSubs); + } + GdpSetEvent(gPublishState.eventGetResult); } @@ -2233,6 +2550,7 @@ GdpTaskProcessNetwork(TaskContext *taskCtx) // IN/OUT if (isPublishResult) { GdpTaskProcessPublishResult(taskCtx, &result); g_free(result.diagnosis); + g_free(result.errorText); } else if (isHistoryRequest) { g_debug("%s: Received history request:\n%s\n", __FUNCTION__, buf); GdpTaskProcessHistoryRequest(taskCtx, &request); @@ -2280,6 +2598,7 @@ GdpTaskProcessPublish(TaskContext *taskCtx) // IN/OUT gPublishState.category, gPublishState.data, gPublishState.dataLen, + gPublishState.requireSubs, NULL); if (gdpErr != GDP_ERROR_SUCCESS) { goto fail; @@ -3041,6 +3360,7 @@ GdpDestroy(void) * @param[in] data Buffer containing data to publish * @param[in] dataLen Buffer length * @param[in] cacheData Cache the data if TRUE + * @param[in] requireSubs Require subscribers if TRUE * * @return GDP_ERROR_SUCCESS on success. * @return Other GdpError code otherwise. @@ -3055,7 +3375,8 @@ GdpPublish(gint64 createTime, // IN const gchar *category, // IN, OPTIONAL const gchar *data, // IN guint32 dataLen, // IN - gboolean cacheData) // IN + gboolean cacheData, // IN + gboolean requireSubs) // IN { GdpError gdpErr; @@ -3099,6 +3420,7 @@ GdpPublish(gint64 createTime, // IN gPublishState.data = data; gPublishState.dataLen = dataLen; gPublishState.cacheData = cacheData; + gPublishState.requireSubs = requireSubs; GdpSetEvent(gPublishState.eventPublish); diff --git a/open-vm-tools/services/plugins/serviceDiscovery/serviceDiscovery.c b/open-vm-tools/services/plugins/serviceDiscovery/serviceDiscovery.c index 103cf14ee..e35f1c008 100644 --- a/open-vm-tools/services/plugins/serviceDiscovery/serviceDiscovery.c +++ b/open-vm-tools/services/plugins/serviceDiscovery/serviceDiscovery.c @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (C) 2020-2021,2023 VMware, Inc. All rights reserved. + * Copyright (c) 2020-2021,2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -105,7 +105,7 @@ static gchar* scriptInstallDir = NULL; #define SERVICE_DISCOVERY_POLL_INTERVAL 300000 /* - * Time shift for comparision of time read from the signal and + * Time shift for comparison of time read from the signal and * current system time in milliseconds. */ #define SERVICE_DISCOVERY_WRITE_DELTA 60000 @@ -119,23 +119,31 @@ static gchar* scriptInstallDir = NULL; * Defines the configuration to cache data in gdp plugin */ #define CONFNAME_SERVICEDISCOVERY_CACHEDATA "cache-data" - #define SERVICE_DISCOVERY_CONF_DEFAULT_CACHEDATA TRUE +/* + * Define the configuration to require at least one subscriber subscribed for + * the gdp message. + * + * TODO: SD maintainer to update default to TRUE when ready. + */ +#define CONFNAME_SERVICEDISCOVERY_REQUIRESUBS "require-subscribers" +#define SERVICE_DISCOVERY_CONF_DEFAULT_REQUIRESUBS FALSE + #define SERVICE_DISCOVERY_TOPIC_PREFIX "serviceDiscovery" #if defined(VMX86_DEBUG) /* * Defines the configuration to identify whether is in GDP debug mode * - * Tools daemon restart is required to apply this setting's cahnge + * Tools daemon restart is required to apply this setting's change */ #define CONFNAME_SERVICEDISCOVERY_GDP_DEBUG "gdp-debug" /* * Defines the configuration to customize polling interval for GDP debug * - * Tools daemon restart is required to apply this setting's cahnge + * Tools daemon restart is required to apply this setting's change */ #define CONFNAME_SERVICEDISCOVERY_GDP_POLL_INTERVAL "poll-interval" @@ -159,8 +167,12 @@ static Bool isGDPDebug = FALSE; /* * GdpError message table. + * From GDP_ERR_ITEM tuple: + * - GdpEnum name + * - error-id string id + * - Default error message string */ -#define GDP_ERR_ITEM(a, b) b, +#define GDP_ERR_ITEM(a, b, c) c, static const char * const gdpErrMsgs[] = { GDP_ERR_LIST }; @@ -317,7 +329,7 @@ SendRpcMessage(ToolsAppCtx *ctx, * @param[in] createTime Data create time * @param[in] topic Data topic * @param[in] data Service data - * @param[in] len Service data len + * @param[in] len Service data length * * @retval TRUE On success. * @retval FALSE Failed. @@ -334,22 +346,30 @@ SendData(ToolsAppCtx *ctx, { GdpError gdpErr; Bool status = FALSE; - Bool cacheData = VMTools_ConfigGetBoolean(ctx->config, - CONFGROUPNAME_SERVICEDISCOVERY, - CONFNAME_SERVICEDISCOVERY_CACHEDATA, - SERVICE_DISCOVERY_CONF_DEFAULT_CACHEDATA); + Bool cacheData = VMTools_ConfigGetBoolean( + ctx->config, + CONFGROUPNAME_SERVICEDISCOVERY, + CONFNAME_SERVICEDISCOVERY_CACHEDATA, + SERVICE_DISCOVERY_CONF_DEFAULT_CACHEDATA); + Bool requireSubs = VMTools_ConfigGetBoolean( + ctx->config, + CONFGROUPNAME_SERVICEDISCOVERY, + CONFNAME_SERVICEDISCOVERY_REQUIRESUBS, + SERVICE_DISCOVERY_CONF_DEFAULT_REQUIRESUBS); gdpErr = ToolsPluginSvcGdp_Publish(ctx, createTime, topic, - NULL, - NULL, + NULL, /* token (optional) */ + NULL, /* category (optional) */ data, len, - cacheData); + cacheData, + requireSubs); if (gdpErr != GDP_ERROR_SUCCESS) { g_info("%s: ToolsPluginSvcGdp_Publish error: %s\n", __FUNCTION__, gdpErrMsgs[gdpErr]); + /* NOTE to SD maintainer: gdpErr == GDP_ERROR_NO_SUBSCRIBERS to be handled here when ready*/ if (gdpErr == GDP_ERROR_STOP || gdpErr == GDP_ERROR_UNREACH || gdpErr == GDP_ERROR_TIMEOUT) { @@ -368,7 +388,7 @@ SendData(ToolsAppCtx *ctx, * * A wrapper of C runtime library fread() with almost same signature except * the item size is always 1 byte. It ensures that when the returned number - * of bytes is less than the input buffer size in bytes, an error has occured + * of bytes is less than the input buffer size in bytes, an error has occurred * or the end of the file is encountered. * * @param [out] buf Pointer to a block of memory with a size of at least @@ -922,9 +942,8 @@ ServiceDiscoveryTask(ToolsAppCtx *ctx, if (isNDBWriteReady) { gint64 previousWriteTime = gLastWriteTime; - /* - * We are going to write to Namespace DB, update glastWriteTime + * We are going to write to Namespace DB, update gLastWriteTime */ gLastWriteTime = GetGuestTimeInMillis(); @@ -960,6 +979,7 @@ ServiceDiscoveryTask(ToolsAppCtx *ctx, } } } + if (isGDPWriteReady && !gSkipThisTask) { gchar* readyData = g_strdup_printf("%"FMTSZ"u", readBytesPerCycle); g_debug("%s: Sending ready flag with number of read bytes :%s\n", @@ -998,7 +1018,8 @@ ServiceDiscoveryTask(ToolsAppCtx *ctx, * has elapsed since the last write operation. * * @param[in] ctx The application context. - * @param[in] signalKey Signal key to check the write redinness of Namespace DB or gdp. + * @param[in] signalKey Signal key to check the write readiness of + * Namespace DB or gdp. * * @retval TRUE Execute scripts and write service data to Namespace DB or gdp * @retval FALSE Omit this cycle wihtout any script running. From f094b993b7be5583e47a0d3f10fcbabe1db49122 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 16 Nov 2023 09:21:20 -0800 Subject: [PATCH 083/375] Changes to common source files not applicable to open-vm-tools. --- open-vm-tools/lib/include/conf.h | 12 +++++++++++- open-vm-tools/vgauth/cli/main.c | 12 +++++++++++- open-vm-tools/vgauth/service/main.c | 5 ++++- 3 files changed, 26 insertions(+), 3 deletions(-) diff --git a/open-vm-tools/lib/include/conf.h b/open-vm-tools/lib/include/conf.h index babafc82e..edb844093 100644 --- a/open-vm-tools/lib/include/conf.h +++ b/open-vm-tools/lib/include/conf.h @@ -590,7 +590,17 @@ /** Where to find Tools data in the Win32 registry. */ -#define CONF_VMWARE_TOOLS_REGKEY "Software\\VMware, Inc.\\VMware Tools" +#if defined(_WIN32) +# ifndef WSTR +# define WSTR_(X) L##X +# define WSTR(X) WSTR_(X) +# endif +# define CONF_VMWARE_TOOLS_REGKEY "Software\\VMware, Inc.\\VMware Tools" +# define CONF_VMWARE_TOOLS_INSTPATH_KEY "InstallPath" + +# define CONF_VMWARE_TOOLS_REGKEY_W WSTR(CONF_VMWARE_TOOLS_REGKEY) +# define CONF_VMWARE_TOOLS_INSTPATH_KEY_W WSTR(CONF_VMWARE_TOOLS_INSTPATH_KEY) +#endif /* Wait 5 seconds between polls to see if the conf file has changed */ #define CONF_POLL_TIME 5 diff --git a/open-vm-tools/vgauth/cli/main.c b/open-vm-tools/vgauth/cli/main.c index 2ffafb0cc..e2b7ef061 100644 --- a/open-vm-tools/vgauth/cli/main.c +++ b/open-vm-tools/vgauth/cli/main.c @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (C) 2011-2020 VMware, Inc. All rights reserved. + * Copyright (c) 2011-2020, 2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -41,6 +41,9 @@ #define VMW_TEXT_DOMAIN "VGAuthCli" #include "i18n.h" #include "prefs.h" +#ifdef _WIN32 +# include "winUtil.h" +#endif static gchar *appName; @@ -940,6 +943,13 @@ wmain(int argc, int i; char **argvUtf8 = g_malloc0((argc + 1) * sizeof (char*)); +#ifdef _WIN32 + WinUtil_EnableSafePathSearching(); +#if defined(VMX86_RELEASE) + WinUtil_VerifyExePathW(); +#endif +#endif + for (i = 0; i < argc; ++i) { CHK_UTF16_TO_UTF8(argvUtf8[i], argv[i], goto end); } diff --git a/open-vm-tools/vgauth/service/main.c b/open-vm-tools/vgauth/service/main.c index 71713e138..f157cf40c 100644 --- a/open-vm-tools/vgauth/service/main.c +++ b/open-vm-tools/vgauth/service/main.c @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (C) 2011-2021 VMware, Inc. All rights reserved. + * Copyright (c) 2011-2021, 2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -532,6 +532,9 @@ main(int argc, { #ifdef _WIN32 WinUtil_EnableSafePathSearching(); +#if defined(VMX86_RELEASE) + WinUtil_VerifyExePathW(); +#endif #endif gPrefs = Pref_Init(VGAUTH_PREF_CONFIG_FILENAME); From 1910ed7b5ac64c98d03b14532f8af7460fa0ebe0 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 16 Nov 2023 09:21:20 -0800 Subject: [PATCH 084/375] Changes to common source files not applicable to open-vm-tools. --- open-vm-tools/hgfsclient/hgfsclient.c | 5 ++++- open-vm-tools/lib/guestApp/guestApp.c | 21 +++++++++++---------- open-vm-tools/namespacetool/namespacetool.c | 5 ++++- open-vm-tools/rpctool/rpctool.c | 5 ++++- open-vm-tools/toolbox/toolbox-cmd.c | 5 ++++- open-vm-tools/vgauthImport/vgauthImport.c | 11 ++++++++++- 6 files changed, 37 insertions(+), 15 deletions(-) diff --git a/open-vm-tools/hgfsclient/hgfsclient.c b/open-vm-tools/hgfsclient/hgfsclient.c index 3bbe76340..e34541855 100644 --- a/open-vm-tools/hgfsclient/hgfsclient.c +++ b/open-vm-tools/hgfsclient/hgfsclient.c @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (c) 2006-2019,2021 VMware, Inc. All rights reserved. + * Copyright (c) 2006-2019,2021,2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -419,6 +419,9 @@ main(int argc, // IN { #ifdef _WIN32 WinUtil_EnableSafePathSearching(TRUE); +# if defined(VMX86_RELEASE) + WinUtil_VerifyExePathW(); +# endif #endif if (argc == 2 && (!strncmp(argv[1], "-h", 2) || diff --git a/open-vm-tools/lib/guestApp/guestApp.c b/open-vm-tools/lib/guestApp/guestApp.c index ddac5de6e..35fde3794 100644 --- a/open-vm-tools/lib/guestApp/guestApp.c +++ b/open-vm-tools/lib/guestApp/guestApp.c @@ -31,6 +31,7 @@ #include #include #include "productState.h" +#include "conf.h" // for tools install path regkey #include "winregistry.h" #include "windowsUtil.h" #endif @@ -133,9 +134,6 @@ GuestApp_GetDefaultScript(const char *confName) // IN LPWSTR GuestApp_GetInstallPathW(void) { - static LPCWSTR TOOLS_KEY_NAME = L"Software\\VMware, Inc.\\VMware Tools"; - static LPCWSTR INSTALLPATH_VALUE_NAME = L"InstallPath"; - HKEY key = NULL; LONG rc; DWORD cbData = 0; @@ -153,17 +151,20 @@ GuestApp_GetInstallPathW(void) #ifdef TOOLS_ARM64 samDesired |= KEY_WOW64_32KEY; #endif - rc = RegOpenKeyExW(HKEY_LOCAL_MACHINE, TOOLS_KEY_NAME, 0, samDesired, &key); + rc = RegOpenKeyExW(HKEY_LOCAL_MACHINE, CONF_VMWARE_TOOLS_REGKEY_W, 0, + samDesired, &key); if (ERROR_SUCCESS != rc) { - Debug("%s: Couldn't open key \"%S\".\n", __FUNCTION__, TOOLS_KEY_NAME); + Debug("%s: Couldn't open key \"%S\".\n", __FUNCTION__, + CONF_VMWARE_TOOLS_REGKEY_W); Debug("%s: RegOpenKeyExW error 0x%x.\n", __FUNCTION__, GetLastError()); goto exit; } - rc = RegQueryValueExW(key, INSTALLPATH_VALUE_NAME, 0, NULL, NULL, &cbData); + rc = RegQueryValueExW(key, CONF_VMWARE_TOOLS_INSTPATH_KEY_W, 0, NULL, NULL, + &cbData); if (ERROR_SUCCESS != rc) { Debug("%s: Couldn't get length of value \"%S\".\n", __FUNCTION__, - INSTALLPATH_VALUE_NAME); + CONF_VMWARE_TOOLS_INSTPATH_KEY_W); Debug("%s: RegQueryValueExW error 0x%x.\n", __FUNCTION__, GetLastError()); goto exit; } @@ -179,11 +180,11 @@ GuestApp_GetInstallPathW(void) } temp = cbData; - rc = RegQueryValueExW(key, INSTALLPATH_VALUE_NAME, 0, NULL, (LPBYTE) data, + rc = RegQueryValueExW(key, CONF_VMWARE_TOOLS_INSTPATH_KEY_W, 0, NULL, (LPBYTE) data, &temp); if (ERROR_SUCCESS != rc) { Debug("%s: Couldn't get data for value \"%S\".\n", __FUNCTION__, - INSTALLPATH_VALUE_NAME); + CONF_VMWARE_TOOLS_INSTPATH_KEY_W); Debug("%s: RegQueryValueExW error 0x%x.\n", __FUNCTION__, GetLastError()); goto exit; } @@ -228,7 +229,7 @@ GuestApp_GetInstallPath(void) if (WinReg_GetSZ(HKEY_LOCAL_MACHINE, CONF_VMWARE_TOOLS_REGKEY, - "InstallPath", + CONF_VMWARE_TOOLS_INSTPATH_KEY, &pathUtf8) != ERROR_SUCCESS) { Warning("%s: Unable to retrieve install path: %s\n", __FUNCTION__, Msg_ErrString()); diff --git a/open-vm-tools/namespacetool/namespacetool.c b/open-vm-tools/namespacetool/namespacetool.c index 915f149e5..fd842ed62 100644 --- a/open-vm-tools/namespacetool/namespacetool.c +++ b/open-vm-tools/namespacetool/namespacetool.c @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (c) 2016-2020,2022 VMware, Inc. All rights reserved. + * Copyright (c) 2016-2020,2022-2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -635,6 +635,9 @@ main(int argc, char *argv[]) #if defined(_WIN32) WinUtil_EnableSafePathSearching(TRUE); +#if defined(VMX86_RELEASE) + WinUtil_VerifyExePathW(); +#endif #endif gAppName = g_path_get_basename(argv[0]); diff --git a/open-vm-tools/rpctool/rpctool.c b/open-vm-tools/rpctool/rpctool.c index 6220a0a83..b343b7655 100644 --- a/open-vm-tools/rpctool/rpctool.c +++ b/open-vm-tools/rpctool/rpctool.c @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (C) 2002-2020 VMware, Inc. All rights reserved. + * Copyright (c) 2002-2020, 2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -146,6 +146,9 @@ main(int argc, char *argv[]) #ifdef _WIN32 WinUtil_EnableSafePathSearching(TRUE); +#if defined(VMX86_RELEASE) + WinUtil_VerifyExePathW(); +#endif #endif /* diff --git a/open-vm-tools/toolbox/toolbox-cmd.c b/open-vm-tools/toolbox/toolbox-cmd.c index 585073f33..ae9b209a3 100644 --- a/open-vm-tools/toolbox/toolbox-cmd.c +++ b/open-vm-tools/toolbox/toolbox-cmd.c @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (c) 2008-2021 VMware, Inc. All rights reserved. + * Copyright (c) 2008-2021,2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -462,6 +462,9 @@ main(int argc, // IN: length of command line arguments char **argv; WinUtil_EnableSafePathSearching(TRUE); +# if defined(VMX86_RELEASE) + WinUtil_VerifyExePathW(); +# endif Unicode_InitW(argc, wargv, NULL, &argv, NULL); #else diff --git a/open-vm-tools/vgauthImport/vgauthImport.c b/open-vm-tools/vgauthImport/vgauthImport.c index e96d19de7..3b2d14629 100644 --- a/open-vm-tools/vgauthImport/vgauthImport.c +++ b/open-vm-tools/vgauthImport/vgauthImport.c @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (c) 2012,2018-2021 VMware, Inc. All rights reserved. + * Copyright (c) 2012,2018-2021, 2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -522,8 +522,17 @@ main(int argc, char *argv[]) { NULL }, }; GOptionContext *optCtx; + +/* + * Using WinUtil_EnableSafePathSearching() and WinUtil_VerifyExePathW() from + * "vmware/tools/win32util.h" rather than the ones + * in vgauth/common/winUtil.h, since this app is generic toolbox apps. + */ #ifdef _WIN32 WinUtil_EnableSafePathSearching(TRUE); +#if defined(VMX86_RELEASE) + WinUtil_VerifyExePathW(); +#endif #endif /* From 7c2e898997a5b5667ed0a932652124dc85b80560 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 16 Nov 2023 09:21:20 -0800 Subject: [PATCH 085/375] Change to common header file not applicable to open-vm-tools. --- .../lib/include/vm_product_versions.h | 26 +++++++++---------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/open-vm-tools/lib/include/vm_product_versions.h b/open-vm-tools/lib/include/vm_product_versions.h index 2e3811dd0..58af3c250 100644 --- a/open-vm-tools/lib/include/vm_product_versions.h +++ b/open-vm-tools/lib/include/vm_product_versions.h @@ -83,7 +83,7 @@ /* this should be kept in sync with the corresponding vpx branch. */ #define PRODUCT_VERSION 8,0,3,PRODUCT_BUILD_NUMBER_NUMERIC #elif defined(VMX86_HORIZON_VIEW) - #define PRODUCT_VERSION 8,12,0,PRODUCT_BUILD_NUMBER_NUMERIC + #define PRODUCT_VERSION 8,13,0,PRODUCT_BUILD_NUMBER_NUMERIC // VMX86_DESKTOP must be last because it is the default and is always defined. #elif defined(VMX86_DESKTOP) // WORKSTATION_VERSION_NUMBER below has to match this @@ -384,27 +384,27 @@ * SCons parsing code requires that each line have a version string, so we * can't just do something like #define RDESDK_VERSION VIEW_VERSION" */ -#define VIEW_CLIENT_VERSION "8.12.0" +#define VIEW_CLIENT_VERSION "8.13.0" #define VIEW_CLIENT_VERSION_NUMBER VIEW_CLIENT_VERSION -#define VIEW_VERSION "8.12.0" -#define RDE_RFT_ALL_VERSION "8.12.0" -#define RDE_RFT_REL_VERSION "8.12.0" -#define RDESDKREL_VERSION "8.12.0" -#define MKSVCHANDEV_VERSION "15.12.0" -#define TSMMRDEV_VERSION "8.12.0" -#define RDF_VERSION "8.12.0" -#define HORIZON_DAAS_AGENT_VERSION "23.4.0" -#define HORIZON_USB_AGENT_VERSION "11.12.0" +#define VIEW_VERSION "8.13.0" +#define RDE_RFT_ALL_VERSION "8.13.0" +#define RDE_RFT_REL_VERSION "8.13.0" +#define RDESDKREL_VERSION "8.13.0" +#define MKSVCHANDEV_VERSION "15.13.0" +#define TSMMRDEV_VERSION "8.13.0" +#define RDF_VERSION "8.13.0" +#define HORIZON_DAAS_AGENT_VERSION "24.1.0" +#define HORIZON_USB_AGENT_VERSION "11.13.0" #define HORIZON_UPDATETOOL_VERSION "2.0.9" #define MFW_VERSION "16.9.0" -#define HORIZONTOOL_VERSION "16.12.0" +#define HORIZONTOOL_VERSION "16.13.0" /* * This is the Horizon Marketing version which is shared between * Horizon Client, Agent and Server. It is set in the format of * YYMM of the targeted release date. */ -#define HORIZON_YYMM_VERSION "2312" +#define HORIZON_YYMM_VERSION "2403" #ifndef MAKESTR #define MAKESTR(x) #x From d3bce5781e8c869fcdd398d2bb1fcceb4ef84076 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 16 Nov 2023 09:21:20 -0800 Subject: [PATCH 086/375] Send guest detailed data to VMX even when short-name is set in tools.conf. --- .../plugins/guestInfo/guestInfoServer.c | 161 +++++++++--------- 1 file changed, 85 insertions(+), 76 deletions(-) diff --git a/open-vm-tools/services/plugins/guestInfo/guestInfoServer.c b/open-vm-tools/services/plugins/guestInfo/guestInfoServer.c index 86080e1d1..9077e6b3e 100644 --- a/open-vm-tools/services/plugins/guestInfo/guestInfoServer.c +++ b/open-vm-tools/services/plugins/guestInfo/guestInfoServer.c @@ -546,6 +546,10 @@ GuestInfoGather(gpointer data) gchar *osNameFullOverride; Bool maxNicsError = FALSE; static uint32 logThrottleCount = 0; + Bool sendOsNames = FALSE; + char *osName = NULL; + char *osFullName = NULL; + char *detailedGosData = NULL; g_debug("Entered guest info gather.\n"); @@ -581,44 +585,48 @@ GuestInfoGather(gpointer data) g_free(osNameFullOverride); } - /* Only use override if at least the short OS name is provided */ - if (osNameOverride == NULL) { - Bool sendOsNames = FALSE; - char *osName = NULL; - char *osFullName = NULL; - char *detailedGosData = NULL; + /* Gather all the relevant guest information. */ + osFullName = Hostinfo_GetOSName(); + osName = Hostinfo_GetOSGuestString(); - /* Gather all the relevant guest information. */ - osFullName = Hostinfo_GetOSName(); - osName = Hostinfo_GetOSGuestString(); - - if (gSendDetailedGosData) { - detailedGosData = Hostinfo_GetOSDetailedData(); - } + if (gSendDetailedGosData) { + detailedGosData = Hostinfo_GetOSDetailedData(); + } - if (detailedGosData == NULL) { - g_debug("No detailed data.\n"); - sendOsNames = TRUE; - gSendDetailedGosData = FALSE; + if (detailedGosData == NULL) { + g_debug("No detailed data.\n"); + sendOsNames = TRUE; + gSendDetailedGosData = FALSE; + } else { + /* Build and attempt to send the detailed data */ + HostinfoDetailedDataHeader *detailedDataHeader = NULL; + size_t infoHeaderSize; + size_t detailedGosDataLen; + size_t infoSize; + + g_debug("Sending detailed data.\n"); + detailedGosDataLen = strlen(detailedGosData); + infoHeaderSize = sizeof *detailedDataHeader; + infoSize = infoHeaderSize + detailedGosDataLen + 1; // cover NUL + + detailedDataHeader = g_malloc(infoSize); + /* Clear struct and memory allocated for detailed data */ + memset(detailedDataHeader, 0, infoSize); + + /* Set the version of the detailed data header used */ + detailedDataHeader->version = HOSTINFO_STRUCT_HEADER_VERSION; + + if (osNameOverride) { + Str_Strcpy(detailedDataHeader->shortName, osNameOverride, + sizeof detailedDataHeader->shortName); + if (osNameFullOverride == NULL) { + g_debug(CONFNAME_GUESTOSINFO_LONGNAME " was not set in " + "tools.conf.\n"); + } else { + Str_Strcpy(detailedDataHeader->fullName, osNameFullOverride, + sizeof detailedDataHeader->fullName); + } } else { - /* Build and attempt to send the detailed data */ - HostinfoDetailedDataHeader *detailedDataHeader = NULL; - size_t infoHeaderSize; - size_t detailedGosDataLen; - size_t infoSize; - - g_debug("Sending detailed data.\n"); - detailedGosDataLen = strlen(detailedGosData); - infoHeaderSize = sizeof *detailedDataHeader; - infoSize = infoHeaderSize + detailedGosDataLen + 1; // cover NUL - - detailedDataHeader = g_malloc(infoSize); - /* Clear struct and memory allocated for detailed data */ - memset(detailedDataHeader, 0, infoSize); - - /* Set the version of the detailed data header used */ - detailedDataHeader->version = HOSTINFO_STRUCT_HEADER_VERSION; - if (osName == NULL) { g_warning("Failed to get OS name.\n"); } else { @@ -631,27 +639,46 @@ GuestInfoGather(gpointer data) Str_Strcpy(detailedDataHeader->fullName, osFullName, sizeof detailedDataHeader->fullName); } + } - Str_Strcpy((char *)detailedDataHeader + infoHeaderSize, - detailedGosData, infoSize - infoHeaderSize); + Str_Strcpy((char *)detailedDataHeader + infoHeaderSize, + detailedGosData, infoSize - infoHeaderSize); - if (GuestInfoUpdateVMX(ctx, INFO_OS_DETAILED, detailedDataHeader, - infoSize)) { - GuestInfoFreeDetailedData(gInfoCache.detailedData); - gInfoCache.detailedData = detailedDataHeader; - g_debug("Detailed data was sent successfully.\n"); - } else { - /* - * Only send the OS Name if the VMX failed to receive the detailed - * data - */ - gSendDetailedGosData = FALSE; - sendOsNames = TRUE; - g_debug("Detailed data was not sent successfully.\n"); - } + if (GuestInfoUpdateVMX(ctx, INFO_OS_DETAILED, detailedDataHeader, + infoSize)) { + GuestInfoFreeDetailedData(gInfoCache.detailedData); + gInfoCache.detailedData = detailedDataHeader; + g_debug("Detailed data was sent successfully.\n"); + } else { + /* + * Only send the OS Name if the VMX failed to receive the detailed + * data + */ + gSendDetailedGosData = FALSE; + sendOsNames = TRUE; + g_debug("Detailed data was not sent successfully.\n"); } + } - if (sendOsNames) { + if (sendOsNames) { + if (osNameOverride) { + /* Use osName and osNameFull provided in config file */ + if (osNameFullOverride == NULL) { + g_debug(CONFNAME_GUESTOSINFO_LONGNAME " was not set in " + "tools.conf, using empty string.\n"); + } + if (!GuestInfoUpdateVMX(ctx, + INFO_OS_NAME_FULL, + (osNameFullOverride == NULL) ? "" : + osNameFullOverride, + 0)) { + g_warning("Failed to send INFO_OS_NAME_FULL\n"); + } + if (!GuestInfoUpdateVMX(ctx, INFO_OS_NAME, osNameOverride, 0)) { + g_warning("Failed to send INFO_OS_NAME\n"); + } + g_debug("Using values in tools.conf to override OS Name.\n"); + } else { g_debug("Sending the short and long name\n"); if (osFullName == NULL) { g_warning("Failed to get OS info.\n"); @@ -668,32 +695,14 @@ GuestInfoGather(gpointer data) } } } - - free(detailedGosData); - free(osFullName); - free(osName); - } else { - /* Use osName and osNameFull provided in config file */ - if (osNameFullOverride == NULL) { - g_warning(CONFNAME_GUESTOSINFO_LONGNAME " was not set in " - "tools.conf, using empty string.\n"); - } - if (!GuestInfoUpdateVMX(ctx, - INFO_OS_NAME_FULL, - (osNameFullOverride == NULL) ? "" : - osNameFullOverride, - 0)) { - g_warning("Failed to send INFO_OS_NAME_FULL\n"); - } - g_free(osNameFullOverride); - - if (!GuestInfoUpdateVMX(ctx, INFO_OS_NAME, osNameOverride, 0)) { - g_warning("Failed to send INFO_OS_NAME\n"); - } - g_free(osNameOverride); - g_debug("Using values in tools.conf to override OS Name.\n"); } + free(detailedGosData); + free(osFullName); + free(osName); + g_free(osNameFullOverride); + g_free(osNameOverride); + #if !defined(USERWORLD) disableQueryDiskInfo = g_key_file_get_boolean(ctx->config, CONFGROUPNAME_GUESTINFO, From db767e6d28188cbed8a13b2497877e05c5fd38ab Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 16 Nov 2023 09:21:20 -0800 Subject: [PATCH 087/375] Drop group privileges before dropping user privileges in vmtoolsd vmusr service. --- open-vm-tools/services/vmtoolsd/mainPosix.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/open-vm-tools/services/vmtoolsd/mainPosix.c b/open-vm-tools/services/vmtoolsd/mainPosix.c index 6c52156bc..be31206c3 100644 --- a/open-vm-tools/services/vmtoolsd/mainPosix.c +++ b/open-vm-tools/services/vmtoolsd/mainPosix.c @@ -273,8 +273,8 @@ main(int argc, uid_t uid = getuid(); gid_t gid = getgid(); - if ((Id_SetREUid(uid, uid) != 0) || - (Id_SetREGid(gid, gid) != 0)) { + if ((Id_SetREGid(gid, gid) != 0) || + (Id_SetREUid(uid, uid) != 0)) { g_printerr("could not drop privileges: %s", strerror(errno)); ToolsCloseFds(); goto exit; From 7f7374c8ab89c546e4e32d3302442103c0a0ba5e Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 16 Nov 2023 09:21:20 -0800 Subject: [PATCH 088/375] Fix double free in guestInfoServer.c. Double free in "GuestInfoGather(gpointer data)" for osNameFullOverride. --- .../plugins/guestInfo/guestInfoServer.c | 24 ++++++++----------- open-vm-tools/tools.conf | 2 +- 2 files changed, 11 insertions(+), 15 deletions(-) diff --git a/open-vm-tools/services/plugins/guestInfo/guestInfoServer.c b/open-vm-tools/services/plugins/guestInfo/guestInfoServer.c index 9077e6b3e..8ec1236e3 100644 --- a/open-vm-tools/services/plugins/guestInfo/guestInfoServer.c +++ b/open-vm-tools/services/plugins/guestInfo/guestInfoServer.c @@ -543,7 +543,7 @@ GuestInfoGather(gpointer data) int maxIPv4RoutesToGather; int maxIPv6RoutesToGather; gchar *osNameOverride; - gchar *osNameFullOverride; + gchar *osNameFullOverride = NULL; Bool maxNicsError = FALSE; static uint32 logThrottleCount = 0; Bool sendOsNames = FALSE; @@ -570,19 +570,15 @@ GuestInfoGather(gpointer data) CONFGROUPNAME_GUESTOSINFO, CONFNAME_GUESTOSINFO_SHORTNAME, NULL); - - osNameFullOverride = VMTools_ConfigGetString(ctx->config, - CONFGROUPNAME_GUESTOSINFO, - CONFNAME_GUESTOSINFO_LONGNAME, - NULL); - /* If only the OS Full Name is provided, continue as normal, but emit - * warning. */ - if (osNameOverride == NULL && osNameFullOverride != NULL) { - g_warning("Ignoring " CONFNAME_GUESTOSINFO_LONGNAME " override.\n"); - g_warning("To use the GOS name override, " - CONFNAME_GUESTOSINFO_SHORTNAME " must be present in the " - "tools.conf file.\n"); - g_free(osNameFullOverride); + /* + * CONFNAME_GUESTINFO_LONGNAME is ignored if CONFNAME_GUESTINFO_SHORTNAME + * is not provided + */ + if (osNameOverride) { + osNameFullOverride = VMTools_ConfigGetString(ctx->config, + CONFGROUPNAME_GUESTOSINFO, + CONFNAME_GUESTOSINFO_LONGNAME, + NULL); } /* Gather all the relevant guest information. */ diff --git a/open-vm-tools/tools.conf b/open-vm-tools/tools.conf index 9a70c2d05..64cb844bd 100644 --- a/open-vm-tools/tools.conf +++ b/open-vm-tools/tools.conf @@ -359,7 +359,7 @@ # Override the short OS name sent by tools. #short-name= -# Override the long OS name sent by tools. +# Override the long OS name sent by tools. Ignored if short-name is not set. #long-name= [vmbackup] From 7994b3261aa968f69c0fa6eabac63e4d68423bbc Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Thu, 16 Nov 2023 09:23:56 -0800 Subject: [PATCH 089/375] Update Changelog with the granular push of Nov. 16, 2023. - plus ChangeLog update of Nov. 13, 2023. --- open-vm-tools/ChangeLog | 122 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 122 insertions(+) diff --git a/open-vm-tools/ChangeLog b/open-vm-tools/ChangeLog index 14de78508..b45609a42 100644 --- a/open-vm-tools/ChangeLog +++ b/open-vm-tools/ChangeLog @@ -1,3 +1,125 @@ +commit 7f7374c8ab89c546e4e32d3302442103c0a0ba5e +Author: Katy Feng +Date: Thu Nov 16 09:21:20 2023 -0800 + + Fix double free in guestInfoServer.c. + + Double free in "GuestInfoGather(gpointer data)" for osNameFullOverride. + +commit db767e6d28188cbed8a13b2497877e05c5fd38ab +Author: Katy Feng +Date: Thu Nov 16 09:21:20 2023 -0800 + + Drop group privileges before dropping user privileges in vmtoolsd vmusr service. + +commit d3bce5781e8c869fcdd398d2bb1fcceb4ef84076 +Author: Katy Feng +Date: Thu Nov 16 09:21:20 2023 -0800 + + Send guest detailed data to VMX even when short-name is set in tools.conf. + +commit 7c2e898997a5b5667ed0a932652124dc85b80560 +Author: Katy Feng +Date: Thu Nov 16 09:21:20 2023 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit 1910ed7b5ac64c98d03b14532f8af7460fa0ebe0 +Author: Katy Feng +Date: Thu Nov 16 09:21:20 2023 -0800 + + Changes to common source files not applicable to open-vm-tools. + +commit f094b993b7be5583e47a0d3f10fcbabe1db49122 +Author: Katy Feng +Date: Thu Nov 16 09:21:20 2023 -0800 + + Changes to common source files not applicable to open-vm-tools. + +commit 5d5bbbecd32cbc054b81b05a5af4bdbf62aee3a7 +Author: Katy Feng +Date: Thu Nov 16 09:21:20 2023 -0800 + + Change in Guest Data Producer plugin API and Guest Data Producer + protocol/handshake between the host and guest to support ‘no subscribers’ + error feedback. + + The Service Discovery plugin was updated for API compatibility. + + Changes in the GDP protocol/handshake introduce versioning of the protocol. + The new version is “2” and introduces new attributes (‘version’ and + ‘requireSubs’) in the guest request header sent to the host publisher service. + The response from the host publisher service to the guest producer client is + also versioned and changes more significantly: V2 response messages have new + attributes (‘version’, ‘error-id’, and ‘error-text’) and have the ‘status’ + attributes type change from string (‘ok’, ‘bad’) to Boolean (‘true’, ‘false’). + The ‘error-id’, when present, contains a string identifier for an error + type/code and ‘error-text’, when present, contains textual details for the error. + + The host publisher supports all protocol versions up to the version it provides + for backward and forward compatibility. The host publisher service responds with + the same version of protocol as the incoming request or its highest protocol + version when the incoming request version is higher than it supports. + The guest producer client supports all response versions up to the version it + provides for backward and forward compatibility. The guest producer client + always sends request to the host publisher service using the highest protocol + version it supports. + +commit c7c88a4aacd05f7d6f232c11c5537f2d43934d6b +Author: Katy Feng +Date: Thu Nov 16 09:21:20 2023 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit 7800de416d88ba03db4f8bd818d7c99d51048bdf +Author: Katy Feng +Date: Thu Nov 16 09:21:20 2023 -0800 + + Change to common source file not applicable to open-vm-tools. + +commit 72effb954333e49657315835c4df87fc0417ad2a +Author: Katy Feng +Date: Thu Nov 16 09:21:20 2023 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit 14ada379295c86b9eed8d407753c88610312a6e8 +Author: Katy Feng +Date: Thu Nov 16 09:21:20 2023 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit 2683d53f2ef4e8e01c938b6ec81f87e46e187c3d +Author: Katy Feng +Date: Thu Nov 16 09:21:20 2023 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit 8f03cddae70d27fe10b2833d53995f1dd3985f37 +Author: Katy Feng +Date: Thu Nov 16 09:21:20 2023 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit 77f6b260876aba27c497a96c833b26ec5d50578a +Author: Katy Feng +Date: Thu Nov 16 09:21:20 2023 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit f76fea45d2c4de6ebcc0d7f5ed40a6c24689abef +Author: Katy Feng +Date: Thu Nov 16 09:21:20 2023 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit f756d77a51c5e1c7d66b46e5e33774b5503e21de +Author: Katy Feng +Date: Mon Nov 13 13:14:45 2023 -0800 + + Update Changelog with the granular push of Nov. 13, 2023. + - plus ChangeLog update of Oct. 5, 2023. + commit 8647f0cf7a15f1c3a06e903cb15e053871d23c36 Author: Katy Feng Date: Mon Nov 13 12:07:34 2023 -0800 From 5bc44d481b88ddf14e9c46d56b7bd8f0ebff6b6d Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Tue, 21 Nov 2023 12:17:25 -0800 Subject: [PATCH 090/375] Change to common header file not applicable to open-vm-tools. --- .../lib/include/vm_basic_asm_arm64.h | 56 ++++++++++++++++++- 1 file changed, 54 insertions(+), 2 deletions(-) diff --git a/open-vm-tools/lib/include/vm_basic_asm_arm64.h b/open-vm-tools/lib/include/vm_basic_asm_arm64.h index 88a709c17..88faddbfb 100644 --- a/open-vm-tools/lib/include/vm_basic_asm_arm64.h +++ b/open-vm-tools/lib/include/vm_basic_asm_arm64.h @@ -307,7 +307,7 @@ ESB(void) #define MMIO_RW_BARRIER_W() MMIO_RW_BARRIER_RW() #define MMIO_RW_BARRIER_RW() _DSB(SY) -#ifndef _MSC_VER +#ifdef __GNUC__ /* * _GET_CURRENT_PC -- @@ -394,6 +394,8 @@ GET_CURRENT_PC(void) #define MSR_IMMED(name, val) \ asm volatile("msr " XSTR(name) ", %0" :: "i" (val) : "memory") +#endif // ifdef __GNUC__ + /* *---------------------------------------------------------------------- @@ -413,7 +415,13 @@ MMIORead32(const volatile void *addr) { uint32 res; +#if defined __GNUC__ asm volatile ("ldr %w0, [%1]" : "=r" (res) : "r" (addr)); +#elif defined _MSC_VER + res = __iso_volatile_load32((const volatile __int32 *)addr); +#else +#error No compiler defined for MMIORead32 +#endif return res; } @@ -436,7 +444,13 @@ MMIORead64(const volatile void *addr) { uint64 res; +#if defined __GNUC__ asm volatile ("ldr %x0, [%1]" : "=r" (res) : "r" (addr)); +#elif defined _MSC_VER + res = __iso_volatile_load64((const volatile __int64 *)addr); +#else +#error No compiler defined for MMIORead64 +#endif return res; } @@ -455,7 +469,13 @@ static INLINE void MMIOWrite32(volatile void *addr, // OUT uint32 val) { +#if defined __GNUC__ asm volatile ("str %w0, [%1]" : : "r" (val), "r" (addr) : "memory"); +#elif defined _MSC_VER + __iso_volatile_store32((volatile __int32 *)addr, val); +#else +#error No compiler defined for MMIOWrite32 +#endif } @@ -473,7 +493,13 @@ static INLINE void MMIOWrite64(volatile void *addr, // OUT uint64 val) { +#if defined __GNUC__ asm volatile ("str %x0, [%1]" : : "r" (val), "r" (addr) : "memory"); +#elif defined _MSC_VER + __iso_volatile_store64((volatile __int64 *)addr, val); +#else +#error No compiler defined for MMIOWrite64 +#endif } @@ -495,7 +521,13 @@ MMIORead16(const volatile void *addr) { uint16 res; +#if defined __GNUC__ asm volatile ("ldrh %w0, [%1]" : "=r" (res) : "r" (addr)); +#elif defined _MSC_VER + res = __iso_volatile_load16((const volatile __int16 *)addr); +#else +#error No compiler defined for MMIORead16 +#endif return res; } @@ -514,7 +546,13 @@ static INLINE void MMIOWrite16(volatile void *addr, // IN uint16 val) // IN { +#if defined __GNUC__ asm volatile ("strh %w0, [%1]" : : "r" (val), "r" (addr) : "memory"); +#elif defined _MSC_VER + __iso_volatile_store16((volatile __int16 *)addr, val); +#else +#error No compiler defined for MMIOWrite16 +#endif } @@ -536,7 +574,13 @@ MMIORead8(const volatile void *addr) { uint8 res; +#if defined __GNUC__ asm volatile ("ldrb %w0, [%1]" : "=r" (res) : "r" (addr)); +#elif defined _MSC_VER + res = __iso_volatile_load8((const volatile __int8 *)addr); +#else +#error No compiler defined for MMIORead8 +#endif return res; } @@ -555,10 +599,18 @@ static INLINE void MMIOWrite8(volatile void *addr, // IN uint8 val) // IN { +#if defined __GNUC__ asm volatile ("strb %w0, [%1]" : : "r" (val), "r" (addr) : "memory"); +#elif defined _MSC_VER + __iso_volatile_store8((volatile __int8 *)addr, val); +#else +#error No compiler defined for MMIOWrite8 +#endif } +#ifdef __GNUC__ + /* *---------------------------------------------------------------------- * @@ -872,7 +924,7 @@ DCacheClean(VA va, uint64 len) _DSB(SY); } -#endif // ifndef _MSC_VER +#endif // ifdef __GNUC__ #if defined _MSC_VER /* Until we implement Mul64x6464() with Windows intrinsics... */ From 39e99567d4febf2987f22cc778c4cbefff40d307 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Tue, 21 Nov 2023 12:17:25 -0800 Subject: [PATCH 091/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_basic_asm.h | 131 ++++++++--------------- 1 file changed, 46 insertions(+), 85 deletions(-) diff --git a/open-vm-tools/lib/include/vm_basic_asm.h b/open-vm-tools/lib/include/vm_basic_asm.h index f56b132d4..9d98b869c 100644 --- a/open-vm-tools/lib/include/vm_basic_asm.h +++ b/open-vm-tools/lib/include/vm_basic_asm.h @@ -403,11 +403,9 @@ mssb64(const uint64 value) return (unsigned)mssb64_0(value) + 1; } -#ifdef __GNUC__ -#if defined(VM_X86_ANY) || defined(VM_ARM_ANY) /* - *---------------------------------------------------------------------- + *----------------------------------------------------------------------------- * * uint16set -- * @@ -419,16 +417,18 @@ mssb64(const uint64 value) * Side effects: * As with memset. * - *---------------------------------------------------------------------- + *----------------------------------------------------------------------------- */ -static INLINE void * -uint16set(void *dst, uint16 val, size_t count) +static inline void * +uint16set(void *dst, // OUT + uint16 val, // IN + size_t count) // IN { -#ifdef VM_ARM_32 +#if defined __GNUC__ && defined VM_ARM_32 void *tmpDst = dst; - __asm__ __volatile__ ( + __asm__ __volatile__( "cmp %1, #0\n\t" "beq 2f\n" "1:\n\t" @@ -439,7 +439,7 @@ uint16set(void *dst, uint16 val, size_t count) : "+r" (tmpDst), "+r" (count) : "r" (val) : "cc", "memory"); -#elif defined(VM_ARM_64) +#elif defined __GNUC__ && defined VM_ARM_64 void *tmpDst = dst; uint64 tmpVal = 0; @@ -447,7 +447,7 @@ uint16set(void *dst, uint16 val, size_t count) return dst; } - __asm__ __volatile__ ( + __asm__ __volatile__( "cbz %3, 1f\n\t" // Copy 16 bits twice... @@ -483,24 +483,31 @@ uint16set(void *dst, uint16 val, size_t count) : "+r" (tmpDst), "+r" (count), "+r" (tmpVal) : "r" ((uint64)val) : "cc", "memory"); -#else +#elif defined __GNUC__ && defined VM_X86_ANY size_t dummy0; void *dummy1; - __asm__ __volatile__("\t" - "cld" "\n\t" - "rep ; stosw" "\n" - : "=c" (dummy0), "=D" (dummy1) - : "0" (count), "1" (dst), "a" (val) - : "memory", "cc" - ); + __asm__ __volatile__( + "cld" "\n\t" + "rep ; stosw" "\n" + : "=c" (dummy0), "=D" (dummy1) + : "0" (count), "1" (dst), "a" (val) + : "memory", "cc"); +#elif defined _MSC_VER && defined VM_X86_ANY + __stosw((uint16 *)dst, val, count); +#else /* Fall back to a plain C implementation. */ + size_t i; + + for (i = 0; i < count; i++) { + ((uint16 *)dst)[i] = val; + } #endif return dst; } /* - *---------------------------------------------------------------------- + *----------------------------------------------------------------------------- * * uint32set -- * @@ -512,16 +519,18 @@ uint16set(void *dst, uint16 val, size_t count) * Side effects: * As with memset. * - *---------------------------------------------------------------------- + *----------------------------------------------------------------------------- */ -static INLINE void * -uint32set(void *dst, uint32 val, size_t count) +static inline void * +uint32set(void *dst, // OUT + uint32 val, // IN + size_t count) // IN { -#ifdef VM_ARM_32 +#if defined __GNUC__ && defined VM_ARM_32 void *tmpDst = dst; - __asm__ __volatile__ ( + __asm__ __volatile__( "cmp %1, #0\n\t" "beq 2f\n" "1:\n\t" @@ -532,15 +541,15 @@ uint32set(void *dst, uint32 val, size_t count) : "+r" (tmpDst), "+r" (count) : "r" (val) : "cc", "memory"); -#elif defined(VM_ARM_64) +#elif defined __GNUC__ && defined VM_ARM_64 void *tmpDst = dst; - uint64 tmpVal = val; + uint64 tmpVal = val; if (count == 0) { return dst; } - __asm__ __volatile__ ( + __asm__ __volatile__( "cbz %2, 1f\n\t" // Drop our value in the top 32 bits, then copy from there to the bottom @@ -574,65 +583,21 @@ uint32set(void *dst, uint32 val, size_t count) : "+r" (tmpDst), "+r" (count), "+r" (tmpVal) : : "cc", "memory"); -#else +#elif defined __GNUC__ && defined VM_X86_ANY size_t dummy0; void *dummy1; - __asm__ __volatile__("\t" - "cld" "\n\t" - "rep ; stosl" "\n" - : "=c" (dummy0), "=D" (dummy1) - : "0" (count), "1" (dst), "a" (val) - : "memory", "cc" - ); -#endif - return dst; -} - -#else /* unknown system: rely on C to write */ -static INLINE void * -uint16set(void *dst, uint16 val, size_t count) -{ - size_t i; - for (i = 0; i < count; i++) { - ((uint16 *) dst)[i] = val; - } - return dst; -} - -static INLINE void * -uint32set(void *dst, uint32 val, size_t count) -{ - size_t i; - for (i = 0; i < count; i++) { - ((uint32 *) dst)[i] = val; - } - return dst; -} -#endif // defined(VM_X86_ANY) || defined(VM_ARM_ANY) -#elif defined(_MSC_VER) - -static INLINE void * -uint16set(void *dst, uint16 val, size_t count) -{ -#ifdef VM_X86_ANY - __stosw((uint16*)dst, val, count); -#else + __asm__ __volatile__( + "cld" "\n\t" + "rep ; stosl" "\n" + : "=c" (dummy0), "=D" (dummy1) + : "0" (count), "1" (dst), "a" (val) + : "memory", "cc"); +#elif defined _MSC_VER && defined VM_X86_ANY + __stosd((unsigned long *)dst, (unsigned long)val, count); +#else /* Fall back to a plain C implementation. */ size_t i; - for (i = 0; i < count; i++) { - ((uint16 *)dst)[i] = val; - } -#endif - return dst; -} -static INLINE void * -uint32set(void *dst, uint32 val, size_t count) -{ -#ifdef VM_X86_ANY - __stosd((unsigned long*)dst, (unsigned long)val, count); -#else - size_t i; for (i = 0; i < count; i++) { ((uint32 *)dst)[i] = val; } @@ -640,10 +605,6 @@ uint32set(void *dst, uint32 val, size_t count) return dst; } -#else -#error "No compiler defined for uint*set" -#endif - /* *----------------------------------------------------------------------------- From 4bf9de66e43222f50d1280f7181bc542b059d02f Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Tue, 21 Nov 2023 12:17:25 -0800 Subject: [PATCH 092/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_basic_asm.h | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/open-vm-tools/lib/include/vm_basic_asm.h b/open-vm-tools/lib/include/vm_basic_asm.h index 9d98b869c..c259c53cf 100644 --- a/open-vm-tools/lib/include/vm_basic_asm.h +++ b/open-vm-tools/lib/include/vm_basic_asm.h @@ -678,11 +678,20 @@ Bswap32(uint32 v) // IN static INLINE uint64 Bswap64(uint64 v) // IN { -#if defined(VM_ARM_64) && !defined(_MSC_VER) +#if defined _MSC_VER + return _byteswap_uint64(v); +#elif defined __GNUC__ + +/* TODO: Return __builtin_bswap64(v) if gcc-arm64 is verified to use "rev". */ +#if defined VM_ARM_64 __asm__("rev %0, %0" : "+r"(v)); return v; #else - return ((uint64)Bswap((uint32)v) << 32) | Bswap((uint32)(v >> 32)); + return __builtin_bswap64(v); +#endif + +#else + return ((uint64)Bswap32((uint32)v) << 32) | Bswap32((uint32)(v >> 32)); #endif } From af68bed4751d1415b292d310e41f557d8c7ffcde Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Tue, 21 Nov 2023 12:17:25 -0800 Subject: [PATCH 093/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/x86_basic_defs.h | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/x86_basic_defs.h b/open-vm-tools/lib/include/x86_basic_defs.h index e02b30fff..cd239511d 100644 --- a/open-vm-tools/lib/include/x86_basic_defs.h +++ b/open-vm-tools/lib/include/x86_basic_defs.h @@ -78,6 +78,9 @@ #ifndef CR3_PCID_MASK #define CR3_PCID_MASK 0xFFF #endif + +#define CR3_LAM_U57 (1ULL << 61) +#define CR3_LAM_U48 (1ULL << 62) #define CR3_NO_FLUSH (1ULL << 63) #define CR4_VME 0x00000001 @@ -104,7 +107,8 @@ #define CR4_CET 0x00800000 #define CR4_PKS 0x01000000 #define CR4_UINTR 0x02000000 -#define CR4_RESERVED CONST64U(0xfffffffffe089000) +#define CR4_LAM_SUP 0x10000000 +#define CR4_RESERVED CONST64U(0xffffffffee089000) #define CR8_RESERVED CONST64U(0xfffffffffffffff0) /* From 76b60aa06da13f2c1e42e10a3bef7a62a51fc896 Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Tue, 21 Nov 2023 12:17:25 -0800 Subject: [PATCH 094/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/ghIntegrationCommon.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/open-vm-tools/lib/include/ghIntegrationCommon.h b/open-vm-tools/lib/include/ghIntegrationCommon.h index 585745f5b..1be455f54 100644 --- a/open-vm-tools/lib/include/ghIntegrationCommon.h +++ b/open-vm-tools/lib/include/ghIntegrationCommon.h @@ -126,6 +126,8 @@ typedef uint32 GHIGuestToHostMessageType; #define GHI_RDE_COMMON_GENERIC_CMD "ghi.rde.generic" #define GHI_RDE_COMMON_SET_IME_ENABLED_CMD "ghi.rde.set.ime.enabled" #define GHI_RDE_COMMON_SET_IME_HOST_KEYS_CMD "ghi.rde.set.ime.host.keys" +#define GHI_RDE_COMMON_SET_BLOCK_SENDINPUT_ENABLED_CMD \ + "ghi.rde.set.blocksendinput.enabled" /* * MKS->UI messages over GHI_CHANNEL_VIEW_REMOTE_RDE_COMMON. From e6c2e7a6426335e6b6cef87e223a687b4623ce8a Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Tue, 21 Nov 2023 12:17:25 -0800 Subject: [PATCH 095/375] Change to common source file not applicable to open-vm-tools. --- open-vm-tools/lib/asyncsocket/asyncsocket.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/open-vm-tools/lib/asyncsocket/asyncsocket.c b/open-vm-tools/lib/asyncsocket/asyncsocket.c index 4f7b1843a..d61777601 100644 --- a/open-vm-tools/lib/asyncsocket/asyncsocket.c +++ b/open-vm-tools/lib/asyncsocket/asyncsocket.c @@ -5576,7 +5576,7 @@ static void AsyncTCPSocketRecvCallback(void *clientData) // IN { AsyncTCPSocket *asock = clientData; - int error; + int error = ASOCKERR_SUCCESS; Bool recv = TRUE; ASSERT(asock); From 4986a2b0cbb94e8d6e3a6e4414215246aa0cbbbd Mon Sep 17 00:00:00 2001 From: Katy Feng Date: Tue, 21 Nov 2023 12:23:20 -0800 Subject: [PATCH 096/375] Update Changelog with the granular push of Nov. 21, 2023. - plus ChangeLog update of Nov. 16, 2023. --- open-vm-tools/ChangeLog | 43 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) diff --git a/open-vm-tools/ChangeLog b/open-vm-tools/ChangeLog index b45609a42..892b88950 100644 --- a/open-vm-tools/ChangeLog +++ b/open-vm-tools/ChangeLog @@ -1,3 +1,46 @@ +commit e6c2e7a6426335e6b6cef87e223a687b4623ce8a +Author: Katy Feng +Date: Tue Nov 21 12:17:25 2023 -0800 + + Change to common source file not applicable to open-vm-tools. + +commit 76b60aa06da13f2c1e42e10a3bef7a62a51fc896 +Author: Katy Feng +Date: Tue Nov 21 12:17:25 2023 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit af68bed4751d1415b292d310e41f557d8c7ffcde +Author: Katy Feng +Date: Tue Nov 21 12:17:25 2023 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit 4bf9de66e43222f50d1280f7181bc542b059d02f +Author: Katy Feng +Date: Tue Nov 21 12:17:25 2023 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit 39e99567d4febf2987f22cc778c4cbefff40d307 +Author: Katy Feng +Date: Tue Nov 21 12:17:25 2023 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit 5bc44d481b88ddf14e9c46d56b7bd8f0ebff6b6d +Author: Katy Feng +Date: Tue Nov 21 12:17:25 2023 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit 7994b3261aa968f69c0fa6eabac63e4d68423bbc +Author: Katy Feng +Date: Thu Nov 16 09:23:56 2023 -0800 + + Update Changelog with the granular push of Nov. 16, 2023. + - plus ChangeLog update of Nov. 13, 2023. + commit 7f7374c8ab89c546e4e32d3302442103c0a0ba5e Author: Katy Feng Date: Thu Nov 16 09:21:20 2023 -0800 From c0cc78a3fa53c8f6ea82aafda981251e753bae4d Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 19 Feb 2024 06:32:44 -0800 Subject: [PATCH 097/375] Fix out-of-bound access issues reported by Coverity Do not pass PATH_MAX and FILENAME_MAX to Str_Strlen function call. --- open-vm-tools/libDeployPkg/linuxDeploymentUtilities.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/open-vm-tools/libDeployPkg/linuxDeploymentUtilities.c b/open-vm-tools/libDeployPkg/linuxDeploymentUtilities.c index 61ccd54d3..9b36168b6 100644 --- a/open-vm-tools/libDeployPkg/linuxDeploymentUtilities.c +++ b/open-vm-tools/libDeployPkg/linuxDeploymentUtilities.c @@ -82,8 +82,9 @@ IsCloudInitCustomizationEnabled() cloudInitConfigDirPath, strerror(errno)); } else { for (i = fileCount - 1; i >= 0; i--) { - filePathLength = Str_Strlen(cloudInitConfigDirPath, PATH_MAX) + - Str_Strlen(fileList[i]->d_name, FILENAME_MAX) + 1; + filePathLength = + Str_Strlen(cloudInitConfigDirPath, sizeof(cloudInitConfigDirPath)) + + Str_Strlen(fileList[i]->d_name, NAME_MAX) + 1; filePath = malloc(filePathLength); if (filePath == NULL) { sLog(log_warning, "Error allocating memory to copy '%s'.", From 777dc80ddfcf8980c055ab33091200923a06ab67 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 19 Feb 2024 06:32:44 -0800 Subject: [PATCH 098/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_basic_defs.h | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/open-vm-tools/lib/include/vm_basic_defs.h b/open-vm-tools/lib/include/vm_basic_defs.h index 04bb3d061..4a210be23 100644 --- a/open-vm-tools/lib/include/vm_basic_defs.h +++ b/open-vm-tools/lib/include/vm_basic_defs.h @@ -969,12 +969,13 @@ typedef int pid_t; /* VMW_FALLTHROUGH * - * Instructs GCC 9 and above to not warn when a case label of a + * Instructs capable compilers to not warn when a case label of a * 'switch' statement falls through to the next label. * - * If not GCC 9 or above, expands to nothing. + * If not a matched compiler, expands to nothing. */ -#if __GNUC__ >= 9 +#if (defined(__GNUC__) && (__GNUC__ >= 9)) || \ + (defined(__clang__) && (__clang_major__ >= 13)) #define VMW_FALLTHROUGH() __attribute__((fallthrough)) #else #define VMW_FALLTHROUGH() From 60094472f75aefbbc957574faa8c1663ee0625d4 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 19 Feb 2024 06:32:44 -0800 Subject: [PATCH 099/375] lib/file/file.c: Handle EACCES during File_CreateDirectoryHierarchyEx On DELL thinOS, while creating an existing dir in a path without write permission, mkdir returns EACCES. This breaks the directory hierarchy check. This patch handles the EACCES by checking the file with euidaccess after an EACCES failure. --- open-vm-tools/lib/file/file.c | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/lib/file/file.c b/open-vm-tools/lib/file/file.c index 241f129e4..0fd2fc3bc 100644 --- a/open-vm-tools/lib/file/file.c +++ b/open-vm-tools/lib/file/file.c @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (C) 1998-2022 VMware, Inc. All rights reserved. + * Copyright (C) 1998-2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -1785,6 +1785,16 @@ File_CreateDirectoryHierarchyEx(const char *pathName, // IN: temp = NULL; } } else { + /* + * For DELL thinOS, calling `mkdir' for an existing directory in a + * path which we do not have write permission will return with EACCES + * instead of EEXIST. Here we test again using `euidaccess' to work + * around this. + */ + if (err == EACCES && Posix_EuidAccess(temp, F_OK) == 0) { + err = EEXIST; + } + if (err == EEXIST) { FileData fileData; From 3095d26c3d3f044911771d436c31b0cf51abea35 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 19 Feb 2024 06:32:44 -0800 Subject: [PATCH 100/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/conf.h | 28 ++++++++++++++++++++++++++++ open-vm-tools/tools.conf | 26 ++++++++++++++++++++++++++ 2 files changed, 54 insertions(+) diff --git a/open-vm-tools/lib/include/conf.h b/open-vm-tools/lib/include/conf.h index edb844093..8ca5bf86d 100644 --- a/open-vm-tools/lib/include/conf.h +++ b/open-vm-tools/lib/include/conf.h @@ -679,6 +679,34 @@ ****************************************************************************** */ +/* + ****************************************************************************** + * BEGIN AMSI Fileless goodies. + */ + +/** + * Defines the string used for vsep plugin AMSI Fileless config file group + */ +#define CONFGROUPNAME_AMSI "giamsi" + +/* Default state of AMSI config*/ +#define VSEP_DEFAULT_AMSI_STATE FALSE + +/** + * Defines user-defined maximum AMSI client connections. + */ +#define CONFNAME_AMSI_MAX_CLIENT_CONNECTIONS "amsi-max-client-connections" + +/** + * Defines user-defined maximum script size supported in fileless. + */ +#define CONFNAME_AMSI_MAX_SCRIPT_SIZE_IN_BYTES "amsi-max-script-size-in-bytes" + +/* + * END Fileless goodies. + ****************************************************************************** + */ + /* ****************************************************************************** * BEGIN CarbonBlack helper plugin goodies. diff --git a/open-vm-tools/tools.conf b/open-vm-tools/tools.conf index 64cb844bd..210ed7b5f 100644 --- a/open-vm-tools/tools.conf +++ b/open-vm-tools/tools.conf @@ -541,3 +541,29 @@ # By default the gitray plugin is enabled # To disable gitray user plugin set #enabled=false + +[giamsi] + +# The giamsi plugin for the Windows AntiMalware Scan Interface (AMSI) configuration. + +# By default the fileless AMSI is disabled. +# To enable the AMSI plugin set +#enabled=true + +# By default, the maximum client connections supported is 8. +# The values in range are 8 Date: Mon, 19 Feb 2024 06:32:44 -0800 Subject: [PATCH 101/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_product_versions.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/vm_product_versions.h b/open-vm-tools/lib/include/vm_product_versions.h index 58af3c250..ca01e79f0 100644 --- a/open-vm-tools/lib/include/vm_product_versions.h +++ b/open-vm-tools/lib/include/vm_product_versions.h @@ -375,7 +375,7 @@ #define PRECHECK_VERSION "e.x.p" #define VHSESDK_VERSION "1.0.0" #define VIEWVC_VERSION "14.0.2" -#define WCP_VERSION "0.1.6" +#define WCP_VERSION "0.1.7" #define VSTATS_VERSION "0.0.1" #define XVP_VERSION "1.0.0" /* From 86b1b5bf4a688e9e986400249a8170d03f24bea9 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 19 Feb 2024 06:32:44 -0800 Subject: [PATCH 102/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/x86cpuid.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/x86cpuid.h b/open-vm-tools/lib/include/x86cpuid.h index b76205d48..4f419765f 100644 --- a/open-vm-tools/lib/include/x86cpuid.h +++ b/open-vm-tools/lib/include/x86cpuid.h @@ -1422,7 +1422,7 @@ FLAG( 81F, 0, EAX, 0, 1, SME, NO, 0 ) \ FLAG( 81F, 0, EAX, 1, 1, SEV, YES, 17 ) \ FLAG( 81F, 0, EAX, 2, 1, PAGE_FLUSH_MSR, NO, 0 ) \ FLAG( 81F, 0, EAX, 3, 1, SEV_ES, YES, 17 ) \ -FLAG( 81F, 0, EAX, 4, 1, SEV_SNP, NO, 0 ) \ +FLAG( 81F, 0, EAX, 4, 1, SEV_SNP, YES, FUT ) \ FLAG( 81F, 0, EAX, 5, 1, VMPL, YES, FUT ) \ FLAG( 81F, 0, EAX, 6, 1, RMPQUERY, NO, 0 ) \ FLAG( 81F, 0, EAX, 7, 1, VMPL_SSS, NO, 0 ) \ From e8cbf5e4db323638b95999bb268a0d2cb2ab4ce5 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 19 Feb 2024 06:32:44 -0800 Subject: [PATCH 103/375] Changes to common source files not applicable to open-vm-tools at this time. --- open-vm-tools/lib/rpcChannel/rpcChannel.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/lib/rpcChannel/rpcChannel.c b/open-vm-tools/lib/rpcChannel/rpcChannel.c index 453c675a3..8f10b0ac3 100644 --- a/open-vm-tools/lib/rpcChannel/rpcChannel.c +++ b/open-vm-tools/lib/rpcChannel/rpcChannel.c @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (C) 2008-2016, 2018-2021 VMware, Inc. All rights reserved. + * Copyright (c) 2008-2016, 2018-2021, 2023 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -1201,6 +1201,8 @@ RpcChannelSendOneRaw(const char *data, } else if (priv && RpcChannel_GetType(chan) != RPCCHANNEL_TYPE_PRIV_VSOCK) { if (result != NULL) { *result = Util_SafeStrdup(RPCCHANNEL_SEND_PERMISSION_DENIED); + Warning("%s: failed to set up channel, returning '%s'\n", + __FUNCTION__, *result); if (resultLen != NULL) { *resultLen = strlen(*result); } From 6057078343bc803ff1614fc2039e31bec49bcf35 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 19 Feb 2024 06:32:44 -0800 Subject: [PATCH 104/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/conf.h | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/open-vm-tools/lib/include/conf.h b/open-vm-tools/lib/include/conf.h index 8ca5bf86d..3778cf1c3 100644 --- a/open-vm-tools/lib/include/conf.h +++ b/open-vm-tools/lib/include/conf.h @@ -600,6 +600,13 @@ # define CONF_VMWARE_TOOLS_REGKEY_W WSTR(CONF_VMWARE_TOOLS_REGKEY) # define CONF_VMWARE_TOOLS_INSTPATH_KEY_W WSTR(CONF_VMWARE_TOOLS_INSTPATH_KEY) +# ifdef UNITY_FOR_VIEW +# define CONF_VMWARE_RDE_REGKEY "SOFTWARE\\VMware, Inc.\\VMware VDM\\RemoteExperienceAgent" +# define CONF_VMWARE_RDE_INSTPATH_KEY "InstallPath" + +# define CONF_VMWARE_RDE_REGKEY_W WSTR(CONF_VMWARE_RDE_REGKEY) +# define CONF_VMWARE_RDE_INSTPATH_KEY_W WSTR(CONF_VMWARE_RDE_INSTPATH_KEY) +# endif #endif /* Wait 5 seconds between polls to see if the conf file has changed */ From 9c0491a6654630397aad6a884e6aa04f1cd962e1 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 19 Feb 2024 06:32:44 -0800 Subject: [PATCH 105/375] Changes to common source files not applicable to open-vm-tools at this time. --- open-vm-tools/configure.ac | 1 + open-vm-tools/services/plugins/appInfo/Makefile.am | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/open-vm-tools/configure.ac b/open-vm-tools/configure.ac index c37e16b3a..9c991156d 100644 --- a/open-vm-tools/configure.ac +++ b/open-vm-tools/configure.ac @@ -1881,6 +1881,7 @@ AC_CONFIG_FILES([ \ + ### ### Output ### diff --git a/open-vm-tools/services/plugins/appInfo/Makefile.am b/open-vm-tools/services/plugins/appInfo/Makefile.am index b8609c2e7..689559b01 100644 --- a/open-vm-tools/services/plugins/appInfo/Makefile.am +++ b/open-vm-tools/services/plugins/appInfo/Makefile.am @@ -1,5 +1,5 @@ ################################################################################ -### Copyright (C) 2019 VMware, Inc. All rights reserved. +### Copyright (c) 2019,2023 VMware, Inc. All rights reserved. ### ### This program is free software; you can redistribute it and/or modify ### it under the terms of version 2 of the GNU General Public License as @@ -34,4 +34,4 @@ libappInfo_la_SOURCES = libappInfo_la_SOURCES += appInfo.c libappInfo_la_SOURCES += appInfoInt.h libappInfo_la_SOURCES += appInfoUtil.c -libappInfo_la_SOURCES += appInfoPosix.c \ No newline at end of file +libappInfo_la_SOURCES += appInfoPosix.c From 56ecc8b15b195a66d1476360b0a51579324e3820 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 19 Feb 2024 07:07:41 -0800 Subject: [PATCH 106/375] Update Changelog with the granular push of Feb 19, 2024. - plus ChangeLog update of Nov 21, 2023. --- open-vm-tools/ChangeLog | 69 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 69 insertions(+) diff --git a/open-vm-tools/ChangeLog b/open-vm-tools/ChangeLog index 892b88950..f9dace478 100644 --- a/open-vm-tools/ChangeLog +++ b/open-vm-tools/ChangeLog @@ -1,3 +1,72 @@ +commit 9c0491a6654630397aad6a884e6aa04f1cd962e1 +Author: Kruti +Date: Mon Feb 19 06:32:44 2024 -0800 + + Changes to common source files not applicable to open-vm-tools at this time. + +commit 6057078343bc803ff1614fc2039e31bec49bcf35 +Author: Kruti +Date: Mon Feb 19 06:32:44 2024 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit e8cbf5e4db323638b95999bb268a0d2cb2ab4ce5 +Author: Kruti +Date: Mon Feb 19 06:32:44 2024 -0800 + + Changes to common source files not applicable to open-vm-tools at this time. + +commit 86b1b5bf4a688e9e986400249a8170d03f24bea9 +Author: Kruti +Date: Mon Feb 19 06:32:44 2024 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit aad5ad195a0a502982e7cc8d5269d13ea6e38a85 +Author: Kruti +Date: Mon Feb 19 06:32:44 2024 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit 3095d26c3d3f044911771d436c31b0cf51abea35 +Author: Kruti +Date: Mon Feb 19 06:32:44 2024 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit 60094472f75aefbbc957574faa8c1663ee0625d4 +Author: Kruti +Date: Mon Feb 19 06:32:44 2024 -0800 + + lib/file/file.c: Handle EACCES during File_CreateDirectoryHierarchyEx + + On DELL thinOS, while creating an existing dir in a path without write + permission, mkdir returns EACCES. This breaks the directory + hierarchy check. + This patch handles the EACCES by checking the file with euidaccess + after an EACCES failure. + +commit 777dc80ddfcf8980c055ab33091200923a06ab67 +Author: Kruti +Date: Mon Feb 19 06:32:44 2024 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit c0cc78a3fa53c8f6ea82aafda981251e753bae4d +Author: Kruti +Date: Mon Feb 19 06:32:44 2024 -0800 + + Fix out-of-bound access issues reported by Coverity + + Do not pass PATH_MAX and FILENAME_MAX to Str_Strlen function call. + +commit 4986a2b0cbb94e8d6e3a6e4414215246aa0cbbbd +Author: Katy Feng +Date: Tue Nov 21 12:23:20 2023 -0800 + + Update Changelog with the granular push of Nov. 21, 2023. + - plus ChangeLog update of Nov. 16, 2023. + commit e6c2e7a6426335e6b6cef87e223a687b4623ce8a Author: Katy Feng Date: Tue Nov 21 12:17:25 2023 -0800 From 190202266d0d198cef38c34420be6057bd75e3e2 Mon Sep 17 00:00:00 2001 From: Kruti Date: Fri, 23 Feb 2024 02:25:09 -0800 Subject: [PATCH 107/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/x86_basic_defs.h | 1 + 1 file changed, 1 insertion(+) diff --git a/open-vm-tools/lib/include/x86_basic_defs.h b/open-vm-tools/lib/include/x86_basic_defs.h index cd239511d..a139da28b 100644 --- a/open-vm-tools/lib/include/x86_basic_defs.h +++ b/open-vm-tools/lib/include/x86_basic_defs.h @@ -107,6 +107,7 @@ #define CR4_CET 0x00800000 #define CR4_PKS 0x01000000 #define CR4_UINTR 0x02000000 +#define CR4_LASS 0x08000000 #define CR4_LAM_SUP 0x10000000 #define CR4_RESERVED CONST64U(0xffffffffee089000) #define CR8_RESERVED CONST64U(0xfffffffffffffff0) From e4f0f9b0d72f583b5129fc8d2b19dd5bb4497d74 Mon Sep 17 00:00:00 2001 From: Kruti Date: Fri, 23 Feb 2024 02:25:09 -0800 Subject: [PATCH 108/375] Change to common source files not applicable to open-vm-tools. --- open-vm-tools/lib/file/file.c | 31 +++++++++++++++++++++++++++++++ open-vm-tools/lib/include/file.h | 2 ++ 2 files changed, 33 insertions(+) diff --git a/open-vm-tools/lib/file/file.c b/open-vm-tools/lib/file/file.c index 0fd2fc3bc..e6b6a52a8 100644 --- a/open-vm-tools/lib/file/file.c +++ b/open-vm-tools/lib/file/file.c @@ -2821,3 +2821,34 @@ File_IsSubPathOf(const char *base, // IN: the base path to test against. return isSubPath; } + +/* + *--------------------------------------------------------------------------- + * + * File_DoesVolumeSupportConvertBlocks -- + * + * Does the volume support the new convert block allocation + * IOCTL? + * + * Results: + * TRUE Yes + * FALSE No + * + * Side effects: + * None + * + *--------------------------------------------------------------------------- + */ + +Bool +File_DoesVolumeSupportConvertBlocks(const char *pathName) // IN: +{ +#if defined(VMX86_SERVER) + uint32 vmfsVersion; + return (File_GetVMFSVersion(pathName, &vmfsVersion) >= 0 && + vmfsVersion >= 6); +#else + UNUSED_VARIABLE(pathName); + return FALSE; +#endif +} diff --git a/open-vm-tools/lib/include/file.h b/open-vm-tools/lib/include/file.h index 15b17891d..726d5c14d 100644 --- a/open-vm-tools/lib/include/file.h +++ b/open-vm-tools/lib/include/file.h @@ -383,6 +383,8 @@ Bool File_DoesVolumeSupportAcls(const char *pathName); Bool File_IsSubPathOf(const char *base, const char *path); +Bool File_DoesVolumeSupportConvertBlocks(const char *pathName); + /* *--------------------------------------------------------------------------- * From c35063e1280f549342a993453cadff3cc12b8ca6 Mon Sep 17 00:00:00 2001 From: Kruti Date: Fri, 23 Feb 2024 02:25:10 -0800 Subject: [PATCH 109/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/x86cpuid.h | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/open-vm-tools/lib/include/x86cpuid.h b/open-vm-tools/lib/include/x86cpuid.h index 4f419765f..5af7ae7c8 100644 --- a/open-vm-tools/lib/include/x86cpuid.h +++ b/open-vm-tools/lib/include/x86cpuid.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 1998-2023 VMware, Inc. All rights reserved. + * Copyright (c) 1998-2023 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -611,7 +612,7 @@ FLAG( 7, 1, EAX, 23, 1, AVX_IFMA, NO, 0 ) \ FLAG( 7, 1, EAX, 26, 1, LAM, NO, 0 ) \ FLAG( 7, 1, EAX, 27, 1, MSRLIST, NO, 0 ) \ FLAG( 7, 1, EBX, 0, 1, LEAF7_PPIN, NO, 0 ) \ -FLAG( 7, 1, EDX, 4, 1, AVX_VNNI_INT8, NO, 0 ) \ +FLAG( 7, 1, EDX, 4, 1, AVX_VNNI_INT8, YES, FUT ) \ FLAG( 7, 1, EDX, 5, 1, AVX_NE_CONVERT, NO, 0 ) \ FLAG( 7, 1, EDX, 8, 1, AMX_COMPLEX, NO, 0 ) \ FLAG( 7, 1, EDX, 14, 1, PREFETCHI, YES, 21 ) \ From c199ccedd3fd8417c0d58b4ca1d3675224d8ac48 Mon Sep 17 00:00:00 2001 From: Kruti Date: Fri, 23 Feb 2024 02:25:10 -0800 Subject: [PATCH 110/375] Power Ops: Attempt to execute file path only Adding a check to verify that the path to execute is a file only and not a directory. Pull request: https://github.com/vmware/open-vm-tools/pull/689 --- open-vm-tools/AUTHORS | 3 +++ open-vm-tools/scripts/common/statechange.sh | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/AUTHORS b/open-vm-tools/AUTHORS index 156f5cc2e..98c86fd6c 100644 --- a/open-vm-tools/AUTHORS +++ b/open-vm-tools/AUTHORS @@ -91,3 +91,6 @@ Dirk Mueller Detect the proto files for containerd grpc client on SUSE like s Jan Engelhardt Fix build problems with grpc (at least) 1.54 - https://github.com/vmware/open-vm-tools/pull/664 + +Yun Zheng Hu Power Ops: Attempt to execute file path only + - https://github.com/vmware/open-vm-tools/pull/689 diff --git a/open-vm-tools/scripts/common/statechange.sh b/open-vm-tools/scripts/common/statechange.sh index 40732519a..b3f16f8ce 100644 --- a/open-vm-tools/scripts/common/statechange.sh +++ b/open-vm-tools/scripts/common/statechange.sh @@ -88,7 +88,7 @@ RunScripts() { if [ -d "$scriptDir" ]; then for scriptFile in "$scriptDir"/*; do - if [ -x "$scriptFile" ]; then + if [ -f "$scriptFile" -a -x "$scriptFile" ]; then "$scriptFile" $powerOp exitCode=`expr $exitCode \| $?` fi From fe771b09686ac3160886f685488a3fd7dede7831 Mon Sep 17 00:00:00 2001 From: Kruti Date: Fri, 23 Feb 2024 02:25:10 -0800 Subject: [PATCH 111/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/ghIntegrationCommon.h | 2 -- 1 file changed, 2 deletions(-) diff --git a/open-vm-tools/lib/include/ghIntegrationCommon.h b/open-vm-tools/lib/include/ghIntegrationCommon.h index 1be455f54..585745f5b 100644 --- a/open-vm-tools/lib/include/ghIntegrationCommon.h +++ b/open-vm-tools/lib/include/ghIntegrationCommon.h @@ -126,8 +126,6 @@ typedef uint32 GHIGuestToHostMessageType; #define GHI_RDE_COMMON_GENERIC_CMD "ghi.rde.generic" #define GHI_RDE_COMMON_SET_IME_ENABLED_CMD "ghi.rde.set.ime.enabled" #define GHI_RDE_COMMON_SET_IME_HOST_KEYS_CMD "ghi.rde.set.ime.host.keys" -#define GHI_RDE_COMMON_SET_BLOCK_SENDINPUT_ENABLED_CMD \ - "ghi.rde.set.blocksendinput.enabled" /* * MKS->UI messages over GHI_CHANNEL_VIEW_REMOTE_RDE_COMMON. From f9769f7b4f90e5da0ee51b699b203e1e737e0b90 Mon Sep 17 00:00:00 2001 From: Kruti Date: Fri, 23 Feb 2024 02:25:10 -0800 Subject: [PATCH 112/375] Changes to common source files not applicable to open-vm-tools. --- open-vm-tools/lib/file/file.c | 12 ++++----- open-vm-tools/lib/file/filePosix.c | 42 ++++++++++++++++++++++++++++++ 2 files changed, 47 insertions(+), 7 deletions(-) diff --git a/open-vm-tools/lib/file/file.c b/open-vm-tools/lib/file/file.c index e6b6a52a8..ffe49417b 100644 --- a/open-vm-tools/lib/file/file.c +++ b/open-vm-tools/lib/file/file.c @@ -2822,13 +2822,15 @@ File_IsSubPathOf(const char *base, // IN: the base path to test against. } +#if !defined(VMX86_SERVER) + /* *--------------------------------------------------------------------------- * * File_DoesVolumeSupportConvertBlocks -- * * Does the volume support the new convert block allocation - * IOCTL? + * IOCTL? (Always FALSE for now on non-VMFS.) * * Results: * TRUE Yes @@ -2843,12 +2845,8 @@ File_IsSubPathOf(const char *base, // IN: the base path to test against. Bool File_DoesVolumeSupportConvertBlocks(const char *pathName) // IN: { -#if defined(VMX86_SERVER) - uint32 vmfsVersion; - return (File_GetVMFSVersion(pathName, &vmfsVersion) >= 0 && - vmfsVersion >= 6); -#else UNUSED_VARIABLE(pathName); return FALSE; -#endif } + +#endif diff --git a/open-vm-tools/lib/file/filePosix.c b/open-vm-tools/lib/file/filePosix.c index 78b4a42c8..eaf5da443 100644 --- a/open-vm-tools/lib/file/filePosix.c +++ b/open-vm-tools/lib/file/filePosix.c @@ -1655,6 +1655,48 @@ File_GetVMFSLockInfo(const char *path, // IN return ret; } + +/* + *--------------------------------------------------------------------------- + * + * File_DoesVolumeSupportConvertBlocks -- + * + * Does the volume support the new convert block allocation + * IOCTL? (Always FALSE for now on non-VMFS.) + * + * Results: + * TRUE Yes + * FALSE No + * + * Side effects: + * None + * + *--------------------------------------------------------------------------- + */ + +Bool +File_DoesVolumeSupportConvertBlocks(const char *pathName) // IN: +{ + Bool supports; + FS_PartitionListResult *fsAttrs = NULL; + int ret = File_GetVMFSAttributes(pathName, &fsAttrs); + + if (ret < 0) { + /* Probably not VMFS. */ + return FALSE; + } + + /* + * Only regular VMFS (no VMFS-L, VMFSOS, or other oddities) and + * only version 6 and above. + */ + supports = Str_Strcmp(fsAttrs->fsType, FS_VMFS_ON_ESX) == 0 && + fsAttrs->versionNumber >= 6; + + Posix_Free(fsAttrs); + return supports; +} + #endif // VMX86_SERVER From 70684e40254279f8b8e16dbf51a33c0407d22703 Mon Sep 17 00:00:00 2001 From: Kruti Date: Fri, 23 Feb 2024 02:25:10 -0800 Subject: [PATCH 113/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/x86cpuid.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/x86cpuid.h b/open-vm-tools/lib/include/x86cpuid.h index 5af7ae7c8..d5e7b2147 100644 --- a/open-vm-tools/lib/include/x86cpuid.h +++ b/open-vm-tools/lib/include/x86cpuid.h @@ -608,7 +608,7 @@ FLAG( 7, 1, EAX, 12, 1, FAST_SHORT_CMPSB_SCASB, YES, 20 ) \ FLAG( 7, 1, EAX, 19, 1, WRMSRNS, NO, 0 ) \ FLAG( 7, 1, EAX, 21, 1, AMX_FP16, YES, 21 ) \ FLAG( 7, 1, EAX, 22, 1, HRESET, NO, 0 ) \ -FLAG( 7, 1, EAX, 23, 1, AVX_IFMA, NO, 0 ) \ +FLAG( 7, 1, EAX, 23, 1, AVX_IFMA, YES, FUT ) \ FLAG( 7, 1, EAX, 26, 1, LAM, NO, 0 ) \ FLAG( 7, 1, EAX, 27, 1, MSRLIST, NO, 0 ) \ FLAG( 7, 1, EBX, 0, 1, LEAF7_PPIN, NO, 0 ) \ From 3b63dd72bf283e575d86d1b691d1191f26df7c0e Mon Sep 17 00:00:00 2001 From: Kruti Date: Fri, 23 Feb 2024 08:06:32 -0800 Subject: [PATCH 114/375] Update Changelog with the granular push of Feb 23, 2024. - plus ChangeLog update of Feb 19, 2024. --- open-vm-tools/ChangeLog | 54 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 54 insertions(+) diff --git a/open-vm-tools/ChangeLog b/open-vm-tools/ChangeLog index f9dace478..c30f9a13e 100644 --- a/open-vm-tools/ChangeLog +++ b/open-vm-tools/ChangeLog @@ -1,3 +1,57 @@ +commit 70684e40254279f8b8e16dbf51a33c0407d22703 +Author: Kruti +Date: Fri Feb 23 02:25:10 2024 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit f9769f7b4f90e5da0ee51b699b203e1e737e0b90 +Author: Kruti +Date: Fri Feb 23 02:25:10 2024 -0800 + + Changes to common source files not applicable to open-vm-tools. + +commit fe771b09686ac3160886f685488a3fd7dede7831 +Author: Kruti +Date: Fri Feb 23 02:25:10 2024 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit c199ccedd3fd8417c0d58b4ca1d3675224d8ac48 +Author: Kruti +Date: Fri Feb 23 02:25:10 2024 -0800 + + Power Ops: Attempt to execute file path only + + Adding a check to verify that the path to execute + is a file only and not a directory. + + Pull request: https://github.com/vmware/open-vm-tools/pull/689 + +commit c35063e1280f549342a993453cadff3cc12b8ca6 +Author: Kruti +Date: Fri Feb 23 02:25:10 2024 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit e4f0f9b0d72f583b5129fc8d2b19dd5bb4497d74 +Author: Kruti +Date: Fri Feb 23 02:25:09 2024 -0800 + + Change to common source files not applicable to open-vm-tools. + +commit 190202266d0d198cef38c34420be6057bd75e3e2 +Author: Kruti +Date: Fri Feb 23 02:25:09 2024 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit 56ecc8b15b195a66d1476360b0a51579324e3820 +Author: Kruti +Date: Mon Feb 19 07:07:41 2024 -0800 + + Update Changelog with the granular push of Feb 19, 2024. + - plus ChangeLog update of Nov 21, 2023. + commit 9c0491a6654630397aad6a884e6aa04f1cd962e1 Author: Kruti Date: Mon Feb 19 06:32:44 2024 -0800 From a4b3c5996c1027cefc2e8dddcac24af2193c6284 Mon Sep 17 00:00:00 2001 From: Kruti Date: Wed, 28 Feb 2024 09:33:57 -0800 Subject: [PATCH 115/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_legal.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/vm_legal.h b/open-vm-tools/lib/include/vm_legal.h index 6c6444dd5..49ab026f7 100644 --- a/open-vm-tools/lib/include/vm_legal.h +++ b/open-vm-tools/lib/include/vm_legal.h @@ -37,7 +37,7 @@ * Updating them therefore may require updating translations and vmsg * auditing files in bora/messages/ to avoid breaking the build. */ -#define COPYRIGHT_YEARS "1998-2023" /* See the note above when changing. */ +#define COPYRIGHT_YEARS "1998-2024" /* See the note above when changing. */ #define COPYRIGHT_STRING "Copyright (C) " COPYRIGHT_YEARS " " COMPANY_NAME #define RIGHT_RESERVED "All rights reserved." From 11647ac4a337e7b768c98b3753acd4e814e58939 Mon Sep 17 00:00:00 2001 From: Kruti Date: Wed, 28 Feb 2024 10:01:36 -0800 Subject: [PATCH 116/375] Update Changelog with the granular push of Feb 28, 2024. - plus ChangeLog update of Feb 23, 2024. --- open-vm-tools/ChangeLog | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/open-vm-tools/ChangeLog b/open-vm-tools/ChangeLog index c30f9a13e..a79ec8c46 100644 --- a/open-vm-tools/ChangeLog +++ b/open-vm-tools/ChangeLog @@ -1,3 +1,16 @@ +commit a4b3c5996c1027cefc2e8dddcac24af2193c6284 +Author: Kruti +Date: Wed Feb 28 09:33:57 2024 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit 3b63dd72bf283e575d86d1b691d1191f26df7c0e +Author: Kruti +Date: Fri Feb 23 08:06:32 2024 -0800 + + Update Changelog with the granular push of Feb 23, 2024. + - plus ChangeLog update of Feb 19, 2024. + commit 70684e40254279f8b8e16dbf51a33c0407d22703 Author: Kruti Date: Fri Feb 23 02:25:10 2024 -0800 From 646fcb96b0dc9503824c62c1099f57fd3fb8845b Mon Sep 17 00:00:00 2001 From: Kruti Date: Sat, 9 Mar 2024 20:56:08 -0800 Subject: [PATCH 117/375] [GDP][GdpPlugin]: Subscriber presence interrogation (ZeroData). This change allows empty/0 byte payload to be sent from GDP Plugin on guest to the gdp daemon on host when querying for subscriber presence, without publishing the data to the subscribers. --- .../services/plugins/gdp/gdpPlugin.c | 23 +++++++++++++++---- 1 file changed, 18 insertions(+), 5 deletions(-) diff --git a/open-vm-tools/services/plugins/gdp/gdpPlugin.c b/open-vm-tools/services/plugins/gdp/gdpPlugin.c index 0e67ccac5..9f5e15e88 100644 --- a/open-vm-tools/services/plugins/gdp/gdpPlugin.c +++ b/open-vm-tools/services/plugins/gdp/gdpPlugin.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 2020-2021,2023 VMware, Inc. All rights reserved. + * Copyright (c) 2020-2021,2023-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -1647,9 +1648,16 @@ GdpTaskBuildPacket(TaskContext *taskCtx, // IN/OUT GdpError gdpErr; ASSERT(topic != NULL); - ASSERT(data != NULL && dataLen > 0); - if (!Base64_Encode(data, dataLen, base64Data, sizeof base64Data, NULL)) { + if (data == NULL || dataLen == 0) { + /* + * ZeroData: Empty/no data is allowed only if requireSubs=true AND + * gPublishState.cacheData=false. + */ + ASSERT(requireSubs && !gPublishState.cacheData); /* see: GdpPublish() */ + base64Data[0] = '\0'; // ZeroData: set empty payload. + } else if (!Base64_Encode(data, dataLen, + base64Data, sizeof base64Data, NULL)) { g_info("%s: Base64_Encode failed, data length is %u.\n", __FUNCTION__, dataLen); return GDP_ERROR_DATA_SIZE; @@ -3388,8 +3396,13 @@ GdpPublish(gint64 createTime, // IN } if (data == NULL || dataLen == 0) { - g_info("%s: Topic '%s' has no data.\n", __FUNCTION__, topic); - return GDP_ERROR_INVALID_DATA; + /* + * ZeroData: Allow empty/no data when requireSubs=true and cacheData=false + */ + if (!requireSubs || cacheData) { + g_info("%s: Topic '%s' has no data.\n", __FUNCTION__, topic); + return GDP_ERROR_INVALID_DATA; + } } if (token != NULL && *token == '\0') { From e8a1ee47e5c13611f1fec31a96d300c1aa5dd39c Mon Sep 17 00:00:00 2001 From: Kruti Date: Sat, 9 Mar 2024 20:56:08 -0800 Subject: [PATCH 118/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_legal.h | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/vm_legal.h b/open-vm-tools/lib/include/vm_legal.h index 49ab026f7..fc5830e74 100644 --- a/open-vm-tools/lib/include/vm_legal.h +++ b/open-vm-tools/lib/include/vm_legal.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 2006-2023 VMware, Inc. All rights reserved. + * Copyright (c) 2006-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -54,8 +55,18 @@ * Windows. (Only Windows cares about UTF-16 anyway.) */ #ifdef _WIN32 +#if defined(VMX86_TOOLS) || defined(VMX86_VGAUTH) || defined(VMX86_SYSIMAGE) +/* + * XXX - Temporary fix for Windows user-mode binaries properties copyright. + */ +#define COMPANY_COPYRIGHT_NAME "Broadcom Inc. and/or its subsidiaries." + +#define UTF16_COPYRIGHT_STRING L"Copyright \x00A9 " WSTR(COPYRIGHT_YEARS) L" " \ + WSTR(COMPANY_COPYRIGHT_NAME) L" All Rights Reserved." +#else #define UTF16_COPYRIGHT_STRING L"Copyright \x00A9 " WSTR(COPYRIGHT_YEARS) L" " WSTR(COMPANY_NAME) #endif +#endif /* From 70b3a68f08914f8a0321e5e244434445ab6264b6 Mon Sep 17 00:00:00 2001 From: Kruti Date: Sat, 9 Mar 2024 20:56:08 -0800 Subject: [PATCH 119/375] Change to common source file not applicable to open-vm-tools. --- open-vm-tools/lib/misc/hostinfoPosix.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/open-vm-tools/lib/misc/hostinfoPosix.c b/open-vm-tools/lib/misc/hostinfoPosix.c index 2fab24993..dbceb30fc 100644 --- a/open-vm-tools/lib/misc/hostinfoPosix.c +++ b/open-vm-tools/lib/misc/hostinfoPosix.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 1998-2023 VMware, Inc. All rights reserved. + * Copyright (c) 1998-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -4500,7 +4501,7 @@ Hostinfo_GetLibraryPath(void *addr) // IN * * Does NOT work for iOS since iOS does not support dynamic loading. */ -#if !TARGET_OS_IPHONE +#if !TARGET_OS_IPHONE && !defined(__FreeBSD__) Dl_info info; if (dladdr(addr, &info)) { From 0056a21c3bb0d47da45792159dc17690bdda18a0 Mon Sep 17 00:00:00 2001 From: Kruti Date: Sun, 10 Mar 2024 08:24:52 -0700 Subject: [PATCH 120/375] Update ChangeLog with the granular push of Mar 9, 2024. - plus ChangeLog update of Feb 28, 2024. --- open-vm-tools/ChangeLog | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/open-vm-tools/ChangeLog b/open-vm-tools/ChangeLog index a79ec8c46..bfb31df4c 100644 --- a/open-vm-tools/ChangeLog +++ b/open-vm-tools/ChangeLog @@ -1,3 +1,32 @@ +commit 70b3a68f08914f8a0321e5e244434445ab6264b6 +Author: Kruti +Date: Sat Mar 9 20:56:08 2024 -0800 + + Change to common source file not applicable to open-vm-tools. + +commit e8a1ee47e5c13611f1fec31a96d300c1aa5dd39c +Author: Kruti +Date: Sat Mar 9 20:56:08 2024 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit 646fcb96b0dc9503824c62c1099f57fd3fb8845b +Author: Kruti +Date: Sat Mar 9 20:56:08 2024 -0800 + + [GDP][GdpPlugin]: Subscriber presence interrogation (ZeroData). + + This change allows empty/0 byte payload to be sent from GDP Plugin on guest + to the gdp daemon on host when querying for subscriber presence, + without publishing the data to the subscribers. + +commit 11647ac4a337e7b768c98b3753acd4e814e58939 +Author: Kruti +Date: Wed Feb 28 10:01:36 2024 -0800 + + Update Changelog with the granular push of Feb 28, 2024. + - plus ChangeLog update of Feb 23, 2024. + commit a4b3c5996c1027cefc2e8dddcac24af2193c6284 Author: Kruti Date: Wed Feb 28 09:33:57 2024 -0800 From 0eeef953ab3034bfd7034b5db7c064c9b287b791 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 18 Mar 2024 11:03:48 -0700 Subject: [PATCH 121/375] Bump the VMware Tools version to 12.5.0 on "devel" branch. Ear-marked "SOCKET_WRENCH" as the tools tag for the 12.4.x series of releases. --- open-vm-tools/lib/include/vm_tools_version.h | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/open-vm-tools/lib/include/vm_tools_version.h b/open-vm-tools/lib/include/vm_tools_version.h index 2aa9462fd..a77f92297 100644 --- a/open-vm-tools/lib/include/vm_tools_version.h +++ b/open-vm-tools/lib/include/vm_tools_version.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 1998-2023 VMware, Inc. All rights reserved. + * Copyright (c) 1998-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -1771,11 +1772,18 @@ TOOLS_VERSION_UINT_TO_COMPONENTS(const ToolsVersion toolsVersion, // IN #define TOOLS_VERSION_HEDGE_TRIMMER_UPDATE1_V_MNR 3 #define TOOLS_VERSION_HEDGE_TRIMMER_UPDATE1_V_BASE 5 +#ifndef RC_INVOKED +#define TOOLS_VERSION_SOCKET_WRENCH_RELEASE TOOLS_VERSION_TO_UINT(TOOLS_VERSION_SOCKET_WRENCH_RELEASE_V) +#endif /* RC_INVOKED */ +#define TOOLS_VERSION_SOCKET_WRENCH_RELEASE_V_MJR 12 +#define TOOLS_VERSION_SOCKET_WRENCH_RELEASE_V_MNR 4 +#define TOOLS_VERSION_SOCKET_WRENCH_RELEASE_V_BASE 0 + #ifndef RC_INVOKED #define TOOLS_VERSION_NEXT TOOLS_VERSION_TO_UINT(TOOLS_VERSION_NEXT_V) #endif /* RC_INVOKED */ #define TOOLS_VERSION_NEXT_V_MJR 12 -#define TOOLS_VERSION_NEXT_V_MNR 4 +#define TOOLS_VERSION_NEXT_V_MNR 5 #define TOOLS_VERSION_NEXT_V_BASE 0 #define TOOLS_VERSION_CURRENT TOOLS_VERSION_NEXT From e3ca1f9beea77e7423c1c21d8f698b18d4ebe942 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 18 Mar 2024 11:03:48 -0700 Subject: [PATCH 122/375] Change to common source file not applicable to open-vm-tools. --- open-vm-tools/lib/file/filePosix.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/open-vm-tools/lib/file/filePosix.c b/open-vm-tools/lib/file/filePosix.c index eaf5da443..a62a0b2bf 100644 --- a/open-vm-tools/lib/file/filePosix.c +++ b/open-vm-tools/lib/file/filePosix.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 2006-2021, 2023 VMware, Inc. All rights reserved. + * Copyright (c) 2006-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -1688,10 +1689,12 @@ File_DoesVolumeSupportConvertBlocks(const char *pathName) // IN: /* * Only regular VMFS (no VMFS-L, VMFSOS, or other oddities) and - * only version 6 and above. + * only version 6 and above. Also, no VMFS on VSAN/VVol objects. */ supports = Str_Strcmp(fsAttrs->fsType, FS_VMFS_ON_ESX) == 0 && - fsAttrs->versionNumber >= 6; + fsAttrs->versionNumber >= 6 && + strcmp(fsAttrs->driverType, "vsan") != 0 && + strcmp(fsAttrs->driverType, "vvol") != 0; Posix_Free(fsAttrs); return supports; From 66fb7a4816661670889d3f6f6cb74895cfb8c6fe Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 18 Mar 2024 11:03:48 -0700 Subject: [PATCH 123/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/x86cpuid.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/open-vm-tools/lib/include/x86cpuid.h b/open-vm-tools/lib/include/x86cpuid.h index d5e7b2147..cecf57dba 100644 --- a/open-vm-tools/lib/include/x86cpuid.h +++ b/open-vm-tools/lib/include/x86cpuid.h @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (c) 1998-2023 Broadcom. All rights reserved. + * Copyright (c) 1998-2024 Broadcom. All rights reserved. * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it @@ -613,7 +613,7 @@ FLAG( 7, 1, EAX, 26, 1, LAM, NO, 0 ) \ FLAG( 7, 1, EAX, 27, 1, MSRLIST, NO, 0 ) \ FLAG( 7, 1, EBX, 0, 1, LEAF7_PPIN, NO, 0 ) \ FLAG( 7, 1, EDX, 4, 1, AVX_VNNI_INT8, YES, FUT ) \ -FLAG( 7, 1, EDX, 5, 1, AVX_NE_CONVERT, NO, 0 ) \ +FLAG( 7, 1, EDX, 5, 1, AVX_NE_CONVERT, YES, FUT ) \ FLAG( 7, 1, EDX, 8, 1, AMX_COMPLEX, NO, 0 ) \ FLAG( 7, 1, EDX, 14, 1, PREFETCHI, YES, 21 ) \ FLAG( 7, 1, EDX, 18, 1, CET_SSS, NO, 0 ) \ From fc9c9503ee2d4a1a18aed73d001ef6340491d302 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 18 Mar 2024 11:03:48 -0700 Subject: [PATCH 124/375] [GDP][GdpPlugin] Subscriber presence interrogation (ZeroData). This change allows empty/0 byte payload to be sent from GDP Plugin on guest to the gdp daemon on host when querying for subscriber presence, without publishing the data to the subscribers. --- .../services/plugins/gdp/gdpPlugin.c | 23 +++++++++++++++---- 1 file changed, 18 insertions(+), 5 deletions(-) diff --git a/open-vm-tools/services/plugins/gdp/gdpPlugin.c b/open-vm-tools/services/plugins/gdp/gdpPlugin.c index 0e67ccac5..9f5e15e88 100644 --- a/open-vm-tools/services/plugins/gdp/gdpPlugin.c +++ b/open-vm-tools/services/plugins/gdp/gdpPlugin.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 2020-2021,2023 VMware, Inc. All rights reserved. + * Copyright (c) 2020-2021,2023-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -1647,9 +1648,16 @@ GdpTaskBuildPacket(TaskContext *taskCtx, // IN/OUT GdpError gdpErr; ASSERT(topic != NULL); - ASSERT(data != NULL && dataLen > 0); - if (!Base64_Encode(data, dataLen, base64Data, sizeof base64Data, NULL)) { + if (data == NULL || dataLen == 0) { + /* + * ZeroData: Empty/no data is allowed only if requireSubs=true AND + * gPublishState.cacheData=false. + */ + ASSERT(requireSubs && !gPublishState.cacheData); /* see: GdpPublish() */ + base64Data[0] = '\0'; // ZeroData: set empty payload. + } else if (!Base64_Encode(data, dataLen, + base64Data, sizeof base64Data, NULL)) { g_info("%s: Base64_Encode failed, data length is %u.\n", __FUNCTION__, dataLen); return GDP_ERROR_DATA_SIZE; @@ -3388,8 +3396,13 @@ GdpPublish(gint64 createTime, // IN } if (data == NULL || dataLen == 0) { - g_info("%s: Topic '%s' has no data.\n", __FUNCTION__, topic); - return GDP_ERROR_INVALID_DATA; + /* + * ZeroData: Allow empty/no data when requireSubs=true and cacheData=false + */ + if (!requireSubs || cacheData) { + g_info("%s: Topic '%s' has no data.\n", __FUNCTION__, topic); + return GDP_ERROR_INVALID_DATA; + } } if (token != NULL && *token == '\0') { From 96d97fdf1031b1c71656c7089e0ecfb7390af2eb Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 18 Mar 2024 11:03:48 -0700 Subject: [PATCH 125/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/backdoor_def.h | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/open-vm-tools/lib/include/backdoor_def.h b/open-vm-tools/lib/include/backdoor_def.h index 392cad05f..7d53081f8 100644 --- a/open-vm-tools/lib/include/backdoor_def.h +++ b/open-vm-tools/lib/include/backdoor_def.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 1998-2023 VMware, Inc. All rights reserved. + * Copyright (c) 1998-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -182,7 +183,7 @@ extern "C" { # define BDOOR_CMD_VCPU_MMIO_HONORS_PAT 4 # define BDOOR_CMD_VCPU_RESERVED 31 #define BDOOR_CMD_EFI_SERIALCON_CONFIG 69 /* CPL 0 only. */ -#define BDOOR_CMD_BUG328986 70 /* CPL 0 only. */ +//#define BDOOR_CMD_BUG328986 70 /* CPL 0 only. Deprecated. */ #define BDOOR_CMD_FIRMWARE_ERROR 71 /* CPL 0 only. */ # define BDOOR_CMD_FE_INSUFFICIENT_MEM 0 # define BDOOR_CMD_FE_EXCEPTION 1 From ad34c945344422fac091d7e7d5c1869edf4b0cdf Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 18 Mar 2024 11:03:48 -0700 Subject: [PATCH 126/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_legal.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/open-vm-tools/lib/include/vm_legal.h b/open-vm-tools/lib/include/vm_legal.h index 49ab026f7..32a89ca6f 100644 --- a/open-vm-tools/lib/include/vm_legal.h +++ b/open-vm-tools/lib/include/vm_legal.h @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (c) 2006-2023 VMware, Inc. All rights reserved. + * Copyright (c) 2006-2024 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -37,7 +37,7 @@ * Updating them therefore may require updating translations and vmsg * auditing files in bora/messages/ to avoid breaking the build. */ -#define COPYRIGHT_YEARS "1998-2024" /* See the note above when changing. */ +#define COPYRIGHT_YEARS "2024" /* See the note above when changing. */ #define COPYRIGHT_STRING "Copyright (C) " COPYRIGHT_YEARS " " COMPANY_NAME #define RIGHT_RESERVED "All rights reserved." From 51036fade754381b95821d54ec5e01dd56bbd5dd Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 18 Mar 2024 11:03:48 -0700 Subject: [PATCH 127/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_legal.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/vm_legal.h b/open-vm-tools/lib/include/vm_legal.h index 32a89ca6f..4d09dcbb9 100644 --- a/open-vm-tools/lib/include/vm_legal.h +++ b/open-vm-tools/lib/include/vm_legal.h @@ -37,7 +37,7 @@ * Updating them therefore may require updating translations and vmsg * auditing files in bora/messages/ to avoid breaking the build. */ -#define COPYRIGHT_YEARS "2024" /* See the note above when changing. */ +#define COPYRIGHT_YEARS "1998-2024" /* See the note above when changing. */ #define COPYRIGHT_STRING "Copyright (C) " COPYRIGHT_YEARS " " COMPANY_NAME #define RIGHT_RESERVED "All rights reserved." From d27143ceb08381f644fc93d8b685965685f87f1a Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 18 Mar 2024 11:03:48 -0700 Subject: [PATCH 128/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_basic_asm.h | 106 +++++++++++------------ 1 file changed, 53 insertions(+), 53 deletions(-) diff --git a/open-vm-tools/lib/include/vm_basic_asm.h b/open-vm-tools/lib/include/vm_basic_asm.h index c259c53cf..382b5d472 100644 --- a/open-vm-tools/lib/include/vm_basic_asm.h +++ b/open-vm-tools/lib/include/vm_basic_asm.h @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (c) 2003-2023 VMware, Inc. All rights reserved. + * Copyright (c) 2003-2024 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -105,18 +105,18 @@ extern "C" { * lssbPtr_0 LSB set (uintptr_t;64-bit) 0..63 -1 * mssbPtr_0 MSB set (uintptr_t;32-bit) 0..31 -1 * mssbPtr_0 MSB set (uintptr_t;64-bit) 0..63 -1 - * lssbPtr LSB set (uintptr_t;32-bit) 1..32 0 - * lssbPtr LSB set (uintptr_t;64-bit) 1..64 0 - * mssbPtr MSB set (uintptr_t;32-bit) 1..32 0 - * mssbPtr MSB set (uintptr_t;64-bit) 1..64 0 * lssb32 LSB set (uint32) 1..32 0 * mssb32 MSB set (uint32) 1..32 0 * lssb64 LSB set (uint64) 1..64 0 * mssb64 MSB set (uint64) 1..64 0 + * lssbPtr LSB set (uintptr_t;32-bit) 1..32 0 + * lssbPtr LSB set (uintptr_t;64-bit) 1..64 0 + * mssbPtr MSB set (uintptr_t;32-bit) 1..32 0 + * mssbPtr MSB set (uintptr_t;64-bit) 1..64 0 */ #if defined(_MSC_VER) && !defined(__clang__) // Clang defines _MSC_VER on Windows -static INLINE int +static inline int lssb32_0(const uint32 value) { unsigned long idx; @@ -134,7 +134,7 @@ lssb32_0(const uint32 value) return idx; } -static INLINE int +static inline int mssb32_0(const uint32 value) { unsigned long idx; @@ -152,7 +152,7 @@ mssb32_0(const uint32 value) return idx; } -static INLINE int +static inline int lssb64_0(const uint64 value) { if (UNLIKELY(value == 0)) { @@ -183,7 +183,7 @@ lssb64_0(const uint64 value) } } -static INLINE int +static inline int mssb64_0(const uint64 value) { if (UNLIKELY(value == 0)) { @@ -242,7 +242,7 @@ mssb64_0(const uint64 value) * ********************************************************** */ -static INLINE int +static inline int lssb32_0(uint32 v) { int value = (int)v; @@ -260,7 +260,7 @@ lssb32_0(uint32 v) return __builtin_ffs(value) - 1; } -static INLINE int +static inline int mssb32_0(uint32 value) { /* @@ -283,7 +283,7 @@ mssb32_0(uint32 value) } } -static INLINE int +static inline int lssb64_0(const uint64 v) { int64 value = (int64)v; @@ -314,7 +314,7 @@ lssb64_0(const uint64 v) } -static INLINE int +static inline int mssb64_0(const uint64 value) { if (UNLIKELY(value == 0)) { @@ -347,7 +347,7 @@ mssb64_0(const uint64 value) #endif // __GNUC__ -static INLINE int +static inline int lssbPtr_0(const uintptr_t value) { #ifdef VM_64BIT @@ -357,13 +357,13 @@ lssbPtr_0(const uintptr_t value) #endif } -static INLINE unsigned +static inline unsigned lssbPtr(const uintptr_t value) { return (unsigned)lssbPtr_0(value) + 1; } -static INLINE int +static inline int mssbPtr_0(const uintptr_t value) { #ifdef VM_64BIT @@ -373,31 +373,31 @@ mssbPtr_0(const uintptr_t value) #endif } -static INLINE unsigned +static inline unsigned mssbPtr(const uintptr_t value) { return (unsigned)mssbPtr_0(value) + 1; } -static INLINE unsigned +static inline unsigned lssb32(const uint32 value) { return (unsigned)lssb32_0(value) + 1; } -static INLINE unsigned +static inline unsigned mssb32(const uint32 value) { return (unsigned)mssb32_0(value) + 1; } -static INLINE unsigned +static inline unsigned lssb64(const uint64 value) { return (unsigned)lssb64_0(value) + 1; } -static INLINE unsigned +static inline unsigned mssb64(const uint64 value) { return (unsigned)mssb64_0(value) + 1; @@ -616,7 +616,7 @@ uint32set(void *dst, // OUT *----------------------------------------------------------------------------- */ -static INLINE uint16 +static inline uint16 Bswap16(uint16 v) { #if defined(VM_ARM_64) && !defined(_MSC_VER) @@ -638,7 +638,7 @@ Bswap16(uint16 v) *----------------------------------------------------------------------------- */ -static INLINE uint32 +static inline uint32 Bswap32(uint32 v) // IN { #if defined(__GNUC__) && defined(VM_X86_ANY) @@ -675,7 +675,7 @@ Bswap32(uint32 v) // IN *----------------------------------------------------------------------------- */ -static INLINE uint64 +static inline uint64 Bswap64(uint64 v) // IN { #if defined _MSC_VER @@ -701,7 +701,7 @@ Bswap64(uint64 v) // IN * on non-P4 IA32 systems, the encoding is interpreted as a REPZ-NOP. * Use volatile to avoid NOP removal. */ -static INLINE void +static inline void PAUSE(void) #if defined(__GNUC__) || defined(VM_ARM_32) { @@ -734,7 +734,7 @@ PAUSE(void) * * volatile because the tsc always changes without the compiler knowing it. */ -static INLINE uint64 +static inline uint64 RDTSC(void) #ifdef __GNUC__ { @@ -836,49 +836,49 @@ RDTSC(void) *----------------------------------------------------------------------------- */ -static INLINE void +static inline void SetBit32(uint32 *var, unsigned index) { *var |= 1 << index; } -static INLINE void +static inline void ClearBit32(uint32 *var, unsigned index) { *var &= ~(1 << index); } -static INLINE void +static inline void ToggleBit32(uint32 *var, unsigned index) { *var ^= 1 << index; } -static INLINE void +static inline void SetBit64(uint64 *var, unsigned index) { *var |= CONST64U(1) << index; } -static INLINE void +static inline void ClearBit64(uint64 *var, unsigned index) { *var &= ~(CONST64U(1) << index); } -static INLINE void +static inline void ToggleBit64(uint64 *var, unsigned index) { *var ^= (CONST64U(1) << index); } -static INLINE Bool +static inline Bool TestBit32(const uint32 *var, unsigned index) { return (*var & (1 << index)) != 0; } -static INLINE Bool +static inline Bool TestBit64(const uint64 *var, unsigned index) { return (*var & (CONST64U(1) << index)) != 0; @@ -911,7 +911,7 @@ TestBit64(const uint64 *var, unsigned index) #define GCC_ASM_BT_EPILOG "\n\tsetc\t%0" : "=qQm" #endif -static INLINE Bool +static inline Bool SetBitVector(void *var, int32 index) { #if defined(__GNUC__) && defined(VM_X86_ANY) @@ -930,7 +930,7 @@ SetBitVector(void *var, int32 index) #endif } -static INLINE Bool +static inline Bool ClearBitVector(void *var, int32 index) { #if defined(__GNUC__) && defined(VM_X86_ANY) @@ -949,7 +949,7 @@ ClearBitVector(void *var, int32 index) #endif } -static INLINE Bool +static inline Bool ComplementBitVector(void *var, int32 index) { #if defined(__GNUC__) && defined(VM_X86_ANY) @@ -968,7 +968,7 @@ ComplementBitVector(void *var, int32 index) #endif } -static INLINE Bool +static inline Bool TestBitVector(const void *var, int32 index) { #if defined(__GNUC__) && defined(VM_X86_ANY) @@ -996,7 +996,7 @@ TestBitVector(const void *var, int32 index) *----------------------------------------------------------------------------- */ -static INLINE uint64 +static inline uint64 RoundDownPow2_64(uint64 value) { if ((value & (value - 1)) == 0) { @@ -1010,12 +1010,12 @@ RoundDownPow2_64(uint64 value) } -static INLINE uint32 +static inline uint32 RoundDownPow2_32(uint32 value) { if ((value & (value - 1)) == 0) { /* - * Already a power of two. + * Already zero or a power of two. */ return value; } @@ -1035,7 +1035,7 @@ RoundDownPow2_32(uint32 value) *----------------------------------------------------------------------------- */ -static INLINE uint64 +static inline uint64 RoundUpPow2C64(uint64 value) { if (value <= 1 || value > (CONST64U(1) << 63)) { @@ -1046,7 +1046,7 @@ RoundUpPow2C64(uint64 value) } #if defined(__GNUC__) && defined(VM_X86_64) -static INLINE uint64 +static inline uint64 RoundUpPow2Asm64(uint64 value) { uint64 out = 2; @@ -1064,7 +1064,7 @@ RoundUpPow2Asm64(uint64 value) } #endif -static INLINE uint64 +static inline uint64 RoundUpPow2_64(uint64 value) { #if defined(__GNUC__) && defined(VM_X86_64) @@ -1078,7 +1078,7 @@ RoundUpPow2_64(uint64 value) #endif } -static INLINE uint32 +static inline uint32 RoundUpPow2C32(uint32 value) { if (value <= 1 || value > (1U << 31)) { @@ -1091,7 +1091,7 @@ RoundUpPow2C32(uint32 value) } #ifdef __GNUC__ -static INLINE uint32 +static inline uint32 RoundUpPow2Asm32(uint32 value) { #ifdef VM_ARM_32 @@ -1127,7 +1127,7 @@ RoundUpPow2Asm32(uint32 value) } #endif // __GNUC__ -static INLINE uint32 +static inline uint32 RoundUpPow2_32(uint32 value) { #ifdef __GNUC__ @@ -1158,7 +1158,7 @@ RoundUpPow2_32(uint32 value) *----------------------------------------------------------------------------- */ -static INLINE unsigned +static inline unsigned PopCount32(uint32 value) { #if defined(__GNUC__) && defined(__POPCNT__) @@ -1227,7 +1227,7 @@ PopCount32(uint32 value) *----------------------------------------------------------------------------- */ -static INLINE unsigned +static inline unsigned PopCount64(uint64 value) { #if defined(__GNUC__) && defined(__POPCNT__) @@ -1275,7 +1275,7 @@ PopCount64(uint64 value) #ifdef __GNUC__ -static INLINE void +static inline void INTR_RW_BARRIER_RW(void) { __asm__ __volatile__("" ::: "memory"); @@ -1292,19 +1292,19 @@ INTR_RW_BARRIER_RW(void) #elif defined _MSC_VER -static INLINE void +static inline void INTR_R_BARRIER_R(void) { _ReadBarrier(); } -static INLINE void +static inline void INTR_W_BARRIER_W(void) { _WriteBarrier(); } -static INLINE void +static inline void INTR_RW_BARRIER_RW(void) { _ReadWriteBarrier(); From 7884ab85eebacf7c864e1eecab600b94dc9dd844 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 18 Mar 2024 11:03:48 -0700 Subject: [PATCH 129/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_legal.h | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/vm_legal.h b/open-vm-tools/lib/include/vm_legal.h index 4d09dcbb9..fc5830e74 100644 --- a/open-vm-tools/lib/include/vm_legal.h +++ b/open-vm-tools/lib/include/vm_legal.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 2006-2024 VMware, Inc. All rights reserved. + * Copyright (c) 2006-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -54,8 +55,18 @@ * Windows. (Only Windows cares about UTF-16 anyway.) */ #ifdef _WIN32 +#if defined(VMX86_TOOLS) || defined(VMX86_VGAUTH) || defined(VMX86_SYSIMAGE) +/* + * XXX - Temporary fix for Windows user-mode binaries properties copyright. + */ +#define COMPANY_COPYRIGHT_NAME "Broadcom Inc. and/or its subsidiaries." + +#define UTF16_COPYRIGHT_STRING L"Copyright \x00A9 " WSTR(COPYRIGHT_YEARS) L" " \ + WSTR(COMPANY_COPYRIGHT_NAME) L" All Rights Reserved." +#else #define UTF16_COPYRIGHT_STRING L"Copyright \x00A9 " WSTR(COPYRIGHT_YEARS) L" " WSTR(COMPANY_NAME) #endif +#endif /* From 9adc1653c0d40aef5e27e415bfa7cc111bda31bd Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 18 Mar 2024 11:03:48 -0700 Subject: [PATCH 130/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/modules/shared/vmxnet/net.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/open-vm-tools/modules/shared/vmxnet/net.h b/open-vm-tools/modules/shared/vmxnet/net.h index 5099c5749..7f0509149 100644 --- a/open-vm-tools/modules/shared/vmxnet/net.h +++ b/open-vm-tools/modules/shared/vmxnet/net.h @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (C) 1998-2019 VMware, Inc. All rights reserved. + * Copyright (C) 1998-2019,2024 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -131,7 +131,7 @@ typedef struct Net_AdapterCount { *---------------------------------------------------------------------------- */ -static INLINE void +static inline void Net_AddAddrToLadrf(const uint8 *addr, // IN: pointer to MAC address uint8 *ladrf) // IN/OUT: pointer to ladrf { @@ -182,7 +182,7 @@ Net_AddAddrToLadrf(const uint8 *addr, // IN: pointer to MAC address *---------------------------------------------------------------------- */ -static INLINE void +static inline void Net_GetNumAdapters(Net_AdapterCount *counts) { uint32 i; From 652a17c1d06a0ced2fceecde700ad93623d311b6 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 18 Mar 2024 11:03:48 -0700 Subject: [PATCH 131/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/modules/shared/vmxnet/vmxnet3_defs.h | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/open-vm-tools/modules/shared/vmxnet/vmxnet3_defs.h b/open-vm-tools/modules/shared/vmxnet/vmxnet3_defs.h index b61766e4e..ab072b9aa 100644 --- a/open-vm-tools/modules/shared/vmxnet/vmxnet3_defs.h +++ b/open-vm-tools/modules/shared/vmxnet/vmxnet3_defs.h @@ -646,8 +646,7 @@ typedef struct Vmxnet3_RxQueueConf { #pragma pack(push, 1) typedef struct Vmxnet3_LatencyConf { uint16 sampleRate; - uint16 packetSize; - uint32 pad; + uint16 pad; } Vmxnet3_LatencyConf; #pragma pack(pop) @@ -655,7 +654,7 @@ typedef struct Vmxnet3_LatencyConf { typedef struct Vmxnet3_TxQueueTSConf { __le64 txTSRingBasePA; __le16 txTSRingDescSize; /* size of tx timestamp ring buffer */ - uint16 pad[3]; + uint16 pad; Vmxnet3_LatencyConf latencyConf; } Vmxnet3_TxQueueTSConf; #pragma pack(pop) @@ -664,7 +663,7 @@ typedef struct Vmxnet3_TxQueueTSConf { typedef struct Vmxnet3_RxQueueTSConf { __le64 rxTSRingBasePA; __le16 rxTSRingDescSize; /* size of rx timestamp ring buffer */ - uint16 pad[7]; + uint16 pad[3]; } Vmxnet3_RxQueueTSConf; #pragma pack(pop) @@ -986,7 +985,7 @@ typedef struct Vmxnet3_TxQueueDesc { Vmxnet3_QueueStatus status; UPT1_TxStats stats; Vmxnet3_TxQueueTSConf tsConf; - uint8 _pad[64]; /* 128 aligned */ + uint8 _pad[72]; /* 128 aligned */ } Vmxnet3_TxQueueDesc; #pragma pack(pop) @@ -998,7 +997,7 @@ typedef struct Vmxnet3_RxQueueDesc { Vmxnet3_QueueStatus status; UPT1_RxStats stats; Vmxnet3_RxQueueTSConf tsConf; - uint8 _pad[64]; /* 128 aligned */ + uint8 _pad[72]; /* 128 aligned */ } Vmxnet3_RxQueueDesc; #pragma pack(pop) From 3ad15e4e776738b993c8c2da8119f0c1a7bf0a91 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 18 Mar 2024 11:03:48 -0700 Subject: [PATCH 132/375] Change to common header file not applicable to open-vm-tools. --- .../lib/include/vmware/guestrpc/capabilities.h | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/open-vm-tools/lib/include/vmware/guestrpc/capabilities.h b/open-vm-tools/lib/include/vmware/guestrpc/capabilities.h index 53b86b231..56b206e28 100644 --- a/open-vm-tools/lib/include/vmware/guestrpc/capabilities.h +++ b/open-vm-tools/lib/include/vmware/guestrpc/capabilities.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 2008-2017,2020-2021, 2023 VMware, Inc. All rights reserved. + * Copyright (c) 2008-2017,2020-2021,2023-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -29,15 +30,24 @@ /* clang-format off */ /* * Guest capabilities. + * * The guest uses this enum to communicate whether a certain * feature is supported by the tools. + * * The guest sends an RPC where it specifies which features - * are turned off and on, for example - * "tools.capability.features 0=1 2=1 3=0". + * are turned off and on, for example: + * + * "tools.capability.features 0=1 2=1 3=0" + * * In the above example, the guest is capable of showing the * start menu and setting the work area, but does not support * multiple monitors. * + * For capabilities that can be managed by tools.conf settings, guest should + * send a separate RPC tools.capability.features for each capability change, + * even when multiple such capabilities are changed by tools.conf at the same + * time. + * * NOTE: the order for these has to stay constant for backward compatibility * with older Tools versions. New capabilities must be added at the end. */ From acfd8ab650f10759b09a93f8adde71459a131392 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 18 Mar 2024 11:03:49 -0700 Subject: [PATCH 133/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_basic_asm_arm64.h | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/vm_basic_asm_arm64.h b/open-vm-tools/lib/include/vm_basic_asm_arm64.h index 88faddbfb..18908ba2c 100644 --- a/open-vm-tools/lib/include/vm_basic_asm_arm64.h +++ b/open-vm-tools/lib/include/vm_basic_asm_arm64.h @@ -244,7 +244,18 @@ ESB(void) * Thanks for pasting this whole comment into every architecture header. */ -#define COMPILER_MEM_BARRIER() SMP_RW_BARRIER_RW() +/* + * To match x86 TSO semantics, we need to guarantee ordering for + * everything _except_ store-load: + * + * - DMB ISHLD orders load-load and load-store. + * - DMB ISHST orders store-store. + * + * In contrast, SMP_RW_BARRIER_RW, or DMB ISH, orders all four + * (load-load, load-store, store-load, store-store), so it's stronger + * than we need -- like x86 MFENCE. + */ +#define COMPILER_MEM_BARRIER() do { _DMB(ISHLD); _DMB(ISHST); } while (0) /* * Memory barriers. These take the form of From f510b78fe043392325ba0cede8066994baaa8276 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 18 Mar 2024 11:03:49 -0700 Subject: [PATCH 134/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/hostinfo.h | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/hostinfo.h b/open-vm-tools/lib/include/hostinfo.h index 4e409c1bd..f964de6e1 100644 --- a/open-vm-tools/lib/include/hostinfo.h +++ b/open-vm-tools/lib/include/hostinfo.h @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (C) 1998-2023 VMware, Inc. All rights reserved. + * Copyright (C) 1998-2024 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -34,6 +34,7 @@ #include "vm_basic_defs.h" #include "x86vendor.h" #include "unicodeTypes.h" +#include "x86cpuid.h" #if defined(__cplusplus) extern "C" { @@ -201,6 +202,10 @@ typedef struct { uint32 extfeatures; } HostinfoCpuIdInfo; +#define AMDVBSSupport(eax) (CPUID_MODEL_IS_ZEN2(eax) || \ + CPUID_MODEL_IS_ZEN3(eax) || \ + CPUID_MODEL_IS_ZEN4(eax) || \ + CPUID_MODEL_IS_ZEN5(eax)) uint32 Hostinfo_NumCPUs(void); char *Hostinfo_GetCpuidStr(void); From c2056a39e9bf4fc91cd457c4ef12c29a3e9af3a7 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 18 Mar 2024 11:30:49 -0700 Subject: [PATCH 135/375] Correct copyright year to 2024. --- open-vm-tools/modules/shared/vmxnet/vmxnet3_defs.h | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/modules/shared/vmxnet/vmxnet3_defs.h b/open-vm-tools/modules/shared/vmxnet/vmxnet3_defs.h index ab072b9aa..72f9e3bbd 100644 --- a/open-vm-tools/modules/shared/vmxnet/vmxnet3_defs.h +++ b/open-vm-tools/modules/shared/vmxnet/vmxnet3_defs.h @@ -1,5 +1,7 @@ /********************************************************* - * Copyright (C) 2007-2023 VMware, Inc. All rights reserved. + * Copyright (c) 2007-2024 Broadcom. All Rights Reserved. + * Broadcom Confidential. The term "Broadcom" refers to Broadcom Inc. + * and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the From a02c7f8de02dd3108a5ebdd6158dfc9366051409 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 18 Mar 2024 11:42:23 -0700 Subject: [PATCH 136/375] Update ChangeLog with the granular push of Mar 18, 2024. - plus Copyright update of file vmxnet3_defs.h - plus ChangeLog update of Feb 28, 2024. --- open-vm-tools/ChangeLog | 104 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 104 insertions(+) diff --git a/open-vm-tools/ChangeLog b/open-vm-tools/ChangeLog index a79ec8c46..187bd2f4b 100644 --- a/open-vm-tools/ChangeLog +++ b/open-vm-tools/ChangeLog @@ -1,3 +1,107 @@ +commit c2056a39e9bf4fc91cd457c4ef12c29a3e9af3a7 +Author: Kruti +Date: Mon Mar 18 11:30:49 2024 -0700 + + Correct copyright year to 2024. + +commit f510b78fe043392325ba0cede8066994baaa8276 +Author: Kruti +Date: Mon Mar 18 11:03:49 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit acfd8ab650f10759b09a93f8adde71459a131392 +Author: Kruti +Date: Mon Mar 18 11:03:49 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit 3ad15e4e776738b993c8c2da8119f0c1a7bf0a91 +Author: Kruti +Date: Mon Mar 18 11:03:48 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit 652a17c1d06a0ced2fceecde700ad93623d311b6 +Author: Kruti +Date: Mon Mar 18 11:03:48 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit 9adc1653c0d40aef5e27e415bfa7cc111bda31bd +Author: Kruti +Date: Mon Mar 18 11:03:48 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit 7884ab85eebacf7c864e1eecab600b94dc9dd844 +Author: Kruti +Date: Mon Mar 18 11:03:48 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit d27143ceb08381f644fc93d8b685965685f87f1a +Author: Kruti +Date: Mon Mar 18 11:03:48 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit 51036fade754381b95821d54ec5e01dd56bbd5dd +Author: Kruti +Date: Mon Mar 18 11:03:48 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit ad34c945344422fac091d7e7d5c1869edf4b0cdf +Author: Kruti +Date: Mon Mar 18 11:03:48 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit 96d97fdf1031b1c71656c7089e0ecfb7390af2eb +Author: Kruti +Date: Mon Mar 18 11:03:48 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit fc9c9503ee2d4a1a18aed73d001ef6340491d302 +Author: Kruti +Date: Mon Mar 18 11:03:48 2024 -0700 + + [GDP][GdpPlugin] Subscriber presence interrogation (ZeroData). + + This change allows empty/0 byte payload to be sent from GDP Plugin on guest + to the gdp daemon on host when querying for subscriber presence, + without publishing the data to the subscribers. + +commit 66fb7a4816661670889d3f6f6cb74895cfb8c6fe +Author: Kruti +Date: Mon Mar 18 11:03:48 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit e3ca1f9beea77e7423c1c21d8f698b18d4ebe942 +Author: Kruti +Date: Mon Mar 18 11:03:48 2024 -0700 + + Change to common source file not applicable to open-vm-tools. + +commit 0eeef953ab3034bfd7034b5db7c064c9b287b791 +Author: Kruti +Date: Mon Mar 18 11:03:48 2024 -0700 + + Bump the VMware Tools version to 12.5.0 on "devel" branch. + + Ear-marked "SOCKET_WRENCH" as the tools tag for the 12.4.x series of + releases. + +commit 11647ac4a337e7b768c98b3753acd4e814e58939 +Author: Kruti +Date: Wed Feb 28 10:01:36 2024 -0800 + + Update Changelog with the granular push of Feb 28, 2024. + - plus ChangeLog update of Feb 23, 2024. + commit a4b3c5996c1027cefc2e8dddcac24af2193c6284 Author: Kruti Date: Wed Feb 28 09:33:57 2024 -0800 From 6d7499f9c5c9eeb8ae2288280e310d40a0d42a41 Mon Sep 17 00:00:00 2001 From: Kruti Date: Thu, 21 Mar 2024 13:00:23 -0700 Subject: [PATCH 137/375] Prepare for the open-vm-tools 12.4.0 release. - Update the tools version in the configure.ac. - Update the build numbers in the buldNumber.h. --- open-vm-tools/configure.ac | 4 ++-- open-vm-tools/lib/include/buildNumber.h | 12 ++++++------ 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/open-vm-tools/configure.ac b/open-vm-tools/configure.ac index 9c991156d..0bd0db12c 100644 --- a/open-vm-tools/configure.ac +++ b/open-vm-tools/configure.ac @@ -35,10 +35,10 @@ ### Initialization ### -TOOLS_VERSION="11.2.0" +TOOLS_VERSION="12.4.0" AC_INIT( [open-vm-tools], - [11.2.0], + [12.4.0], [open-vm-tools-devel@lists.sourceforge.net]) # In order to make this configure script auto-detect situations where diff --git a/open-vm-tools/lib/include/buildNumber.h b/open-vm-tools/lib/include/buildNumber.h index 523eb3253..4993bf7c4 100644 --- a/open-vm-tools/lib/include/buildNumber.h +++ b/open-vm-tools/lib/include/buildNumber.h @@ -1,12 +1,12 @@ #define BUILD_NUMBER \ - "build-15943241" + "build-23259341" #define BUILD_NUMBER_NUMERIC \ - 15943241 + 23259341 #define BUILD_NUMBER_NUMERIC_STRING \ - "15943241" + 23259341 #define PRODUCT_BUILD_NUMBER \ - "product-build-19694" + "product-build-48309" #define PRODUCT_BUILD_NUMBER_NUMERIC \ - 19694 + 48309 #define PRODUCT_BUILD_NUMBER_NUMERIC_STRING \ - "19694" + 48309 From 6710ee5cd85d196fc8b16ce40f9e24444eed4e5a Mon Sep 17 00:00:00 2001 From: John Wolfe Date: Fri, 22 Mar 2024 13:53:03 -0700 Subject: [PATCH 138/375] Correct build number strings in the build_number.h header file. Synch the Broadcom copyright capitalization with that in official source repo. - 4 files. --- open-vm-tools/lib/include/buildNumber.h | 4 ++-- open-vm-tools/lib/include/vm_legal.h | 2 +- open-vm-tools/lib/include/x86cpuid.h | 2 +- open-vm-tools/lib/misc/hostinfoPosix.c | 2 +- open-vm-tools/services/plugins/gdp/gdpPlugin.c | 2 +- 5 files changed, 6 insertions(+), 6 deletions(-) diff --git a/open-vm-tools/lib/include/buildNumber.h b/open-vm-tools/lib/include/buildNumber.h index 4993bf7c4..0b528de83 100644 --- a/open-vm-tools/lib/include/buildNumber.h +++ b/open-vm-tools/lib/include/buildNumber.h @@ -3,10 +3,10 @@ #define BUILD_NUMBER_NUMERIC \ 23259341 #define BUILD_NUMBER_NUMERIC_STRING \ - 23259341 + "23259341" #define PRODUCT_BUILD_NUMBER \ "product-build-48309" #define PRODUCT_BUILD_NUMBER_NUMERIC \ 48309 #define PRODUCT_BUILD_NUMBER_NUMERIC_STRING \ - 48309 + "48309" diff --git a/open-vm-tools/lib/include/vm_legal.h b/open-vm-tools/lib/include/vm_legal.h index fc5830e74..1d3f0fdbd 100644 --- a/open-vm-tools/lib/include/vm_legal.h +++ b/open-vm-tools/lib/include/vm_legal.h @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (c) 2006-2024 Broadcom. All rights reserved. + * Copyright (c) 2006-2024 Broadcom. All Rights Reserved. * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it diff --git a/open-vm-tools/lib/include/x86cpuid.h b/open-vm-tools/lib/include/x86cpuid.h index d5e7b2147..39faaa414 100644 --- a/open-vm-tools/lib/include/x86cpuid.h +++ b/open-vm-tools/lib/include/x86cpuid.h @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (c) 1998-2023 Broadcom. All rights reserved. + * Copyright (c) 1998-2023 Broadcom. All Rights Reserved. * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it diff --git a/open-vm-tools/lib/misc/hostinfoPosix.c b/open-vm-tools/lib/misc/hostinfoPosix.c index dbceb30fc..68f08c398 100644 --- a/open-vm-tools/lib/misc/hostinfoPosix.c +++ b/open-vm-tools/lib/misc/hostinfoPosix.c @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (c) 1998-2024 Broadcom. All rights reserved. + * Copyright (c) 1998-2024 Broadcom. All Rights Reserved. * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it diff --git a/open-vm-tools/services/plugins/gdp/gdpPlugin.c b/open-vm-tools/services/plugins/gdp/gdpPlugin.c index 9f5e15e88..412c016f6 100644 --- a/open-vm-tools/services/plugins/gdp/gdpPlugin.c +++ b/open-vm-tools/services/plugins/gdp/gdpPlugin.c @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (c) 2020-2021,2023-2024 Broadcom. All rights reserved. + * Copyright (c) 2020-2021,2023-2024 Broadcom. All Rights Reserved. * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it From 619e61f96c0a82c0b3054122c81a62a29301bf1b Mon Sep 17 00:00:00 2001 From: John Wolfe Date: Fri, 22 Mar 2024 14:00:45 -0700 Subject: [PATCH 139/375] Update the ReleaseNotes.md for the 12.4.0 open-vm-tools release. --- ReleaseNotes.md | 143 +++++++++++++++++++++++++++++------------------- 1 file changed, 87 insertions(+), 56 deletions(-) diff --git a/ReleaseNotes.md b/ReleaseNotes.md index 6f4ce1c57..1997f073a 100644 --- a/ReleaseNotes.md +++ b/ReleaseNotes.md @@ -1,56 +1,87 @@ -#open-vm-tools 10.0.0 Release Notes - -Updated on 1 SEP 2015 -##What's in the Release Notes -The release notes cover the following topics: - -- What's New -- Internationalization -- Compatibility -- Installation and Upgrades for This Release -- Known Issues - -##What's New -VMware Tools is a suite of utilities that enhances the performance of the virtual machine's guest operating system and improves management of the virtual machine. Read about the new and enhanced features in this release below: - -- **Common versioning**: Infrastructure changes to enable reporting of the true version of open-vm-tools. This feature is dependent on host support. -- **Quiesced snapshots enhancements for Linux guests running IO workload**: Robustness related enhancements in quiesced snapshot operation. The _vmtoolsd_ service supports caching of log messages when guest IO has been quiesced. Enhancements in the _vmbackup_ plugin use a separate thread to quiesce the guest OS to avoid timeout issues due to heavy I/O in the guest. -- **Shared Folders**: For Linux distributions with kernel version 4.0.0 and higher, there is a new FUSE based Shared Folders client which is used as a replacement for the kernel mode client. -- **ESXi Serviceability**: Default _vmtoolsd_ logging is directed to a file instead of syslog. _vmware-toolbox-cmd_ is enhanced for setting _vmtoolsd_ logging levels. -- **GuestInfo Enhancements**: Plugin enhancements to report more than 64 IP addresses from the guest. These enhancements will be available only after upgrading the host because the guest IP addresses limit also exists on the host side. - -## Internationalization -open-vm-tools 10.0.0 supports the following languages: - -- English -- French -- German -- Spanish -- Italian -- Japanese -- Korean -- Simplified Chinese -- Traditional Chinese - -## Compatibility -open-vm-tools 10.0.0 is compatible with all supported versions of VMware vSphere, VMware Workstation 12.0 and VMware Fusion 8.0. -## Installation and Upgrades for This Release -The steps to install open-vm-tools vary depending on your VMware product and the guest operating system you have installed. For general steps to install open-vm-tools in most VMware products, see https://github.com/vmware/open-vm-tools/blob/master/README.md -## Known Issues -The known issues are as follows: - -- **The status of IPv6 address is displayed as "unknown"** - - The status of IPv6 address from vim-cmd is displayed as "unknown" even when the address is valid. - - Workaround: None -- **TextCopyPaste between host and guest systems fail** - - Copy and Paste of text between host and guest systems fail if the text size 50KB or higher. - - Workaround: Copy and Paste smaller amounts of text. -- **Definition of the field _ipAddress_ in guestinfo is ambiguous** - - The field _ipAddress_ is defined as "Primary IP address assigned to the guest operating system, if known". - - Workaround: The field _ipAddress_ in this context for Linux is defined as the first IP address fetched by open-vm-tools. +# open-vm-tools 12.4.0 Release Notes + +Updated on: 21 March 2024 + +open-vm-tools | 21 MARCH 2024 | Build 23259341 + +Check back for additions and updates to these release notes. + +## What's in the Release Notes + +The release notes cover the following topics: + +* [What's New](#whatsnew) +* [End of Feature Support Notice](#endsupport) +* [Internationalization](#i18n) +* [Guest Operating System Customization Support](#guestop) +* [Interoperability Matrix](#interop) +* [Resolved Issues](#resolvedissues) +* [Known Issues](#knownissues) + +## What's New + + +* Please see the [Resolved Issues](#resolvedissues) and [Known Issues](#knownissues) sections below. + +* A complete list of the granular changes in the open-vm-tools 12.4.0 release is available at: + + [open-vm-tools ChangeLog](https://github.com/vmware/open-vm-tools/blob/stable-12.4.0/open-vm-tools/ChangeLog) + +## End of Feature Support Notice + +* Discontinued: Using "xml-security-c" and "xerces-c" to build the VMware Guest Authentication Service (VGAuth) + + Starting with open-vm-tools 12.4.0, and going forward, the VGAuth service build will require the "xmlsec1" and "libxml2" development and runtime packages. If still using the "xml-security-c" and "xerces-c" open source projects to build open-vm-tools, you must make the change now. The open-vm-tools 12.3.x series will be the last version that can use "xml-security-c" and "xerces-c". + +## Internationalization + +open-vm-tools 12.4.0 is available in the following languages: + +* English +* French +* German +* Spanish +* Italian +* Japanese +* Korean +* Simplified Chinese +* Traditional Chinese + +## Guest Operating System Customization Support + +The [Guest OS Customization Support Matrix](http://partnerweb.vmware.com/programs/guestOS/guest-os-customization-matrix.pdf) provides details about the guest operating systems supported for customization. + +## Interoperability Matrix + +The [VMware Product Interoperability Matrix](http://partnerweb.vmware.com/comp_guide2/sim/interop_matrix.php) provides details about the compatibility of current and earlier versions of VMware Products.  + +## Resolved Issues + +* **The following github.com/vmware/open-vm-tools pull request has been addressed** + + * Power Ops: Attempt to execute file path only + + [Pull request #689](https://github.com/vmware/open-vm-tools/pull/689) + +* **A number of issues flagged by Coverity have been addressed.** + +* **Add aliasing code to identify Miracle Linux by its former name of "asianux".** + + The Asianux Linux distribution rebranded itself as Miracle Linux. Since vSphere infrastructure recognizes "asianux" but not Miracle Linux, aliasing code was added to open-vm-tools to continue to identify Miracle Linux systems as "asianux". + +## Known Issues + + +* **Shared Folders mount is unavailable on Linux VM.** + + If the **Shared Folders** feature is enabled on a Linux VM while it is powered off, the shared folders mount is not available on restart. + + Note: This issue is applicable to open-vm-tools running on VMware Workstation and VMware Fusion. + + Workaround: + + If the VM is powered on, disable and enable the **Shared Folders** feature from the interface. For resolving the issue permanently, edit **/etc/fstab** and add an entry to mount the Shared Folders automatically on boot. For example, add the line: + + vmhgfs-fuse /mnt/hgfs fuse defaults,allow_other 0 0 + + For more information on how to configure VMware Tools Shared Folders, see [KB 60262](https://kb.vmware.com/s/article/60262) From 4fb3e03c17a7a7f72946bd41675722624fdc4106 Mon Sep 17 00:00:00 2001 From: John Wolfe Date: Fri, 22 Mar 2024 14:08:29 -0700 Subject: [PATCH 140/375] open-vm-tools 12.4.0 released at this point. ================================================= Update of the ChangeLog with the final changes in preparation for the open-vm-tools 12.4.0 release. --- open-vm-tools/ChangeLog | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/open-vm-tools/ChangeLog b/open-vm-tools/ChangeLog index bfb31df4c..2717017e8 100644 --- a/open-vm-tools/ChangeLog +++ b/open-vm-tools/ChangeLog @@ -1,3 +1,32 @@ +commit 619e61f96c0a82c0b3054122c81a62a29301bf1b +Author: John Wolfe +Date: Fri Mar 22 14:00:45 2024 -0700 + + Update the ReleaseNotes.md for the 12.4.0 open-vm-tools release. + +commit 6710ee5cd85d196fc8b16ce40f9e24444eed4e5a +Author: John Wolfe +Date: Fri Mar 22 13:53:03 2024 -0700 + + Correct build number strings in the build_number.h header file. + Synch the Broadcom copyright capitalization with that in official + source repo. - 4 files. + +commit 6d7499f9c5c9eeb8ae2288280e310d40a0d42a41 +Author: Kruti +Date: Thu Mar 21 13:00:23 2024 -0700 + + Prepare for the open-vm-tools 12.4.0 release. + - Update the tools version in the configure.ac. + - Update the build numbers in the buldNumber.h. + +commit 0056a21c3bb0d47da45792159dc17690bdda18a0 +Author: Kruti +Date: Sun Mar 10 08:24:52 2024 -0700 + + Update ChangeLog with the granular push of Mar 9, 2024. + - plus ChangeLog update of Feb 28, 2024. + commit 70b3a68f08914f8a0321e5e244434445ab6264b6 Author: Kruti Date: Sat Mar 9 20:56:08 2024 -0800 From ad958958f7c4fe4c1b231876853ede8e4c557333 Mon Sep 17 00:00:00 2001 From: John Wolfe Date: Fri, 22 Mar 2024 14:58:19 -0700 Subject: [PATCH 141/375] Correct auto-merge error in vm_tools_version.h - stable-12.4.x to master. --- open-vm-tools/lib/include/vm_tools_version.h | 13 +++---------- 1 file changed, 3 insertions(+), 10 deletions(-) diff --git a/open-vm-tools/lib/include/vm_tools_version.h b/open-vm-tools/lib/include/vm_tools_version.h index 7f6d11fc4..2aa9462fd 100644 --- a/open-vm-tools/lib/include/vm_tools_version.h +++ b/open-vm-tools/lib/include/vm_tools_version.h @@ -1778,16 +1778,9 @@ TOOLS_VERSION_UINT_TO_COMPONENTS(const ToolsVersion toolsVersion, // IN #define TOOLS_VERSION_NEXT_V_MNR 4 #define TOOLS_VERSION_NEXT_V_BASE 0 -#ifndef RC_INVOKED -#define TOOLS_VERSION_HEDGE_TRIMMER_UPDATE1 TOOLS_VERSION_TO_UINT(TOOLS_VERSION_HEDGE_TRIMMER_UPDATE1_V) -#endif /* RC_INVOKED */ -#define TOOLS_VERSION_HEDGE_TRIMMER_UPDATE1_V_MJR 12 -#define TOOLS_VERSION_HEDGE_TRIMMER_UPDATE1_V_MNR 3 -#define TOOLS_VERSION_HEDGE_TRIMMER_UPDATE1_V_BASE 5 - -#define TOOLS_VERSION_CURRENT TOOLS_VERSION_HEDGE_TRIMMER_UPDATE1 -#define TOOLS_VERSION_CURRENT_STR TOOLS_VERSION_TO_STR(TOOLS_VERSION_HEDGE_TRIMMER_UPDATE1) -#define TOOLS_VERSION_CURRENT_CSV TOOLS_VERSION_TO_CSV(TOOLS_VERSION_HEDGE_TRIMMER_UPDATE1) +#define TOOLS_VERSION_CURRENT TOOLS_VERSION_NEXT +#define TOOLS_VERSION_CURRENT_STR TOOLS_VERSION_TO_STR(TOOLS_VERSION_NEXT) +#define TOOLS_VERSION_CURRENT_CSV TOOLS_VERSION_TO_CSV(TOOLS_VERSION_NEXT) /* * The extended Tools version is the current Tools version with the From 9523e770f58e440e7359b3e495f2fe6b03da3447 Mon Sep 17 00:00:00 2001 From: Kruti Date: Sun, 7 Apr 2024 23:26:31 -0700 Subject: [PATCH 142/375] Change to common header file not applicable to open-vm-tools. --- .../lib/include/vm_basic_asm_arm64.h | 181 ++++++++++++------ 1 file changed, 126 insertions(+), 55 deletions(-) diff --git a/open-vm-tools/lib/include/vm_basic_asm_arm64.h b/open-vm-tools/lib/include/vm_basic_asm_arm64.h index 18908ba2c..adc55f200 100644 --- a/open-vm-tools/lib/include/vm_basic_asm_arm64.h +++ b/open-vm-tools/lib/include/vm_basic_asm_arm64.h @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (C) 2013-2023 VMware, Inc. All rights reserved. + * Copyright (C) 2013-2024 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -75,7 +75,7 @@ extern "C" { */ #if defined __GNUC__ -#define _DMB(t) asm volatile("dmb " #t ::: "memory") +#define _DMB(t) asm volatile ("dmb " #t ::: "memory") #elif defined _MSC_VER #define _DMB(t) __dmb(_ARM64_BARRIER_##t) #else @@ -103,7 +103,7 @@ extern "C" { */ #if defined __GNUC__ -#define _DSB(t) asm volatile("dsb " #t ::: "memory") +#define _DSB(t) asm volatile ("dsb " #t ::: "memory") #elif defined _MSC_VER #define _DSB(t) __dsb(_ARM64_BARRIER_##t) #else @@ -130,11 +130,11 @@ extern "C" { *---------------------------------------------------------------------- */ -static INLINE void +static inline void ISB(void) { #if defined __GNUC__ - asm volatile("isb" ::: "memory"); + asm volatile ("isb" ::: "memory"); #elif defined _MSC_VER __isb(_ARM64_BARRIER_SY); #else @@ -163,7 +163,7 @@ ISB(void) */ #if defined __GNUC__ -static INLINE void +static inline void ESB(void) { /* @@ -333,7 +333,7 @@ ESB(void) */ #define _GET_CURRENT_PC(pc) \ - asm volatile("1: adr %0, 1b" : "=r" (pc)) + asm volatile ("1: adr %0, 1b" : "=r" (pc)) static INLINE_ALWAYS void * GET_CURRENT_PC(void) @@ -353,7 +353,7 @@ GET_CURRENT_PC(void) #define GET_CURRENT_LOCATION(pc, fp, sp, retAddr) do { \ _GET_CURRENT_PC(pc); \ - asm volatile("mov %0, sp" : "=r" (sp)); \ + asm volatile ("mov %0, sp" : "=r" (sp)); \ fp = (uint64)GetFrameAddr(); \ retAddr = (uint64)GetReturnAddress(); \ } while (0) @@ -377,7 +377,7 @@ GET_CURRENT_PC(void) #define MRS(name) ({ \ uint64 val; \ - asm volatile("mrs %0, " XSTR(name) : "=r" (val) :: "memory"); \ + asm volatile ("mrs %0, " XSTR(name) : "=r" (val) :: "memory"); \ val; \ }) @@ -400,10 +400,10 @@ GET_CURRENT_PC(void) */ #define MSR(name, val) \ - asm volatile("msr " XSTR(name) ", %0" :: "r" (val) : "memory") + asm volatile ("msr " XSTR(name) ", %0" :: "r" (val) : "memory") #define MSR_IMMED(name, val) \ - asm volatile("msr " XSTR(name) ", %0" :: "i" (val) : "memory") + asm volatile ("msr " XSTR(name) ", %0" :: "i" (val) : "memory") #endif // ifdef __GNUC__ @@ -421,13 +421,15 @@ GET_CURRENT_PC(void) *---------------------------------------------------------------------- */ -static INLINE uint32 -MMIORead32(const volatile void *addr) +static inline uint32 +MMIORead32(const volatile void *addr) // IN { uint32 res; #if defined __GNUC__ - asm volatile ("ldr %w0, [%1]" : "=r" (res) : "r" (addr)); + asm volatile ("ldr %w0, %1" + : "=r" (res) + : "m" (*(const volatile uint32 *)addr)); #elif defined _MSC_VER res = __iso_volatile_load32((const volatile __int32 *)addr); #else @@ -450,13 +452,15 @@ MMIORead32(const volatile void *addr) *---------------------------------------------------------------------- */ -static INLINE uint64 -MMIORead64(const volatile void *addr) +static inline uint64 +MMIORead64(const volatile void *addr) // IN { uint64 res; #if defined __GNUC__ - asm volatile ("ldr %x0, [%1]" : "=r" (res) : "r" (addr)); + asm volatile ("ldr %x0, %1" + : "=r" (res) + : "m" (*(const volatile uint64 *)addr)); #elif defined _MSC_VER res = __iso_volatile_load64((const volatile __int64 *)addr); #else @@ -476,12 +480,14 @@ MMIORead64(const volatile void *addr) *---------------------------------------------------------------------- */ -static INLINE void +static inline void MMIOWrite32(volatile void *addr, // OUT - uint32 val) + uint32 val) // IN { #if defined __GNUC__ - asm volatile ("str %w0, [%1]" : : "r" (val), "r" (addr) : "memory"); + asm volatile ("str %w1, %0" + : "=m" (*(volatile uint32 *)addr) + : "r" (val)); #elif defined _MSC_VER __iso_volatile_store32((volatile __int32 *)addr, val); #else @@ -500,12 +506,14 @@ MMIOWrite32(volatile void *addr, // OUT *---------------------------------------------------------------------- */ -static INLINE void +static inline void MMIOWrite64(volatile void *addr, // OUT - uint64 val) + uint64 val) // IN { #if defined __GNUC__ - asm volatile ("str %x0, [%1]" : : "r" (val), "r" (addr) : "memory"); + asm volatile ("str %x1, %0" + : "=m" (*(volatile uint64 *)addr) + : "r" (val)); #elif defined _MSC_VER __iso_volatile_store64((volatile __int64 *)addr, val); #else @@ -527,13 +535,15 @@ MMIOWrite64(volatile void *addr, // OUT *---------------------------------------------------------------------- */ -static INLINE uint16 -MMIORead16(const volatile void *addr) +static inline uint16 +MMIORead16(const volatile void *addr) // IN { uint16 res; #if defined __GNUC__ - asm volatile ("ldrh %w0, [%1]" : "=r" (res) : "r" (addr)); + asm volatile ("ldrh %w0, %1" + : "=r" (res) + : "m" (*(const volatile uint16 *)addr)); #elif defined _MSC_VER res = __iso_volatile_load16((const volatile __int16 *)addr); #else @@ -553,12 +563,14 @@ MMIORead16(const volatile void *addr) *---------------------------------------------------------------------- */ -static INLINE void -MMIOWrite16(volatile void *addr, // IN +static inline void +MMIOWrite16(volatile void *addr, // OUT uint16 val) // IN { #if defined __GNUC__ - asm volatile ("strh %w0, [%1]" : : "r" (val), "r" (addr) : "memory"); + asm volatile ("strh %w1, %0" + : "=m" (*(volatile uint16 *)addr) + : "r" (val)); #elif defined _MSC_VER __iso_volatile_store16((volatile __int16 *)addr, val); #else @@ -580,13 +592,15 @@ MMIOWrite16(volatile void *addr, // IN *---------------------------------------------------------------------- */ -static INLINE uint8 -MMIORead8(const volatile void *addr) +static inline uint8 +MMIORead8(const volatile void *addr) // IN { uint8 res; #if defined __GNUC__ - asm volatile ("ldrb %w0, [%1]" : "=r" (res) : "r" (addr)); + asm volatile ("ldrb %w0, %1" + : "=r" (res) + : "m" (*(const volatile uint8 *)addr)); #elif defined _MSC_VER res = __iso_volatile_load8((const volatile __int8 *)addr); #else @@ -606,12 +620,14 @@ MMIORead8(const volatile void *addr) *---------------------------------------------------------------------- */ -static INLINE void -MMIOWrite8(volatile void *addr, // IN +static inline void +MMIOWrite8(volatile void *addr, // OUT uint8 val) // IN { #if defined __GNUC__ - asm volatile ("strb %w0, [%1]" : : "r" (val), "r" (addr) : "memory"); + asm volatile ("strb %w1, %0" + : "=m" (*(volatile uint8 *)addr) + : "r" (val)); #elif defined _MSC_VER __iso_volatile_store8((volatile __int8 *)addr, val); #else @@ -620,6 +636,61 @@ MMIOWrite8(volatile void *addr, // IN } +#ifdef VM_HAS_INT128 +/* + *---------------------------------------------------------------------- + * + * MMIORead128 -- + * + * IO read from address "addr". + * + * Results: + * 128-bit value at given location. + * + *---------------------------------------------------------------------- + */ +static inline uint128 +MMIORead128(const volatile void *addr) // IN +{ + union { + uint128 val128; + struct { + uint64 val64[2]; + }; + } res; + asm volatile ("ldp %x0, %x1, %2" + : "=r" (res.val64[0]), "=r" (res.val64[1]) + : "Q" (*(const volatile uint128 *)addr)); + return res.val128; +} + + +/* + *---------------------------------------------------------------------- + * + * MMIOWrite128 -- + * + * IO write to address "addr". + * + *---------------------------------------------------------------------- + */ +static inline void +MMIOWrite128(volatile void *addr, // OUT + uint128 val) // IN +{ + union { + uint128 val128; + struct { + uint64 val64[2]; + }; + } res = { .val128 = val }; + asm volatile ("stp %x1, %x2, %0" + : "=Q" (*(volatile uint128 *)addr) + : "r" (res.val64[0]), "r" (res.val64[1])); +} +#endif // VM_HAS_INT128 + + #ifdef __GNUC__ /* @@ -638,10 +709,10 @@ MMIOWrite8(volatile void *addr, // IN *---------------------------------------------------------------------- */ -static INLINE void +static inline void WFI(void) { - asm volatile("wfi" ::: "memory"); + asm volatile ("wfi" ::: "memory"); } @@ -661,10 +732,10 @@ WFI(void) *---------------------------------------------------------------------- */ -static INLINE void +static inline void WFE(void) { - asm volatile("wfe" ::: "memory"); + asm volatile ("wfe" ::: "memory"); } @@ -684,10 +755,10 @@ WFE(void) *---------------------------------------------------------------------- */ -static INLINE void +static inline void SEV(void) { - asm volatile("sev" ::: "memory"); + asm volatile ("sev" ::: "memory"); } @@ -707,10 +778,10 @@ SEV(void) *----------------------------------------------------------------------------- */ -static INLINE void +static inline void SetSPELx(VA va) { - asm volatile( + asm volatile ( "msr spsel, #1 \n\t" "mov sp, %0 \n\t" "msr spsel, #0 \n\t" @@ -742,7 +813,7 @@ SetSPELx(VA va) *----------------------------------------------------------------------------- */ -static INLINE void +static inline void Div643232(uint64 dividend, // IN uint32 divisor, // IN uint32 *quotient, // OUT @@ -771,7 +842,7 @@ Div643232(uint64 dividend, // IN *----------------------------------------------------------------------------- */ -static INLINE void +static inline void Div643264(uint64 dividend, // IN uint32 divisor, // IN uint64 *quotient, // OUT @@ -798,7 +869,7 @@ Div643264(uint64 dividend, // IN *---------------------------------------------------------------------- */ -static INLINE void * +static inline void * uint64set(void *dst, uint64 val, uint64 count) { void *tmpDst = dst; @@ -858,7 +929,7 @@ uint64set(void *dst, uint64 val, uint64 count) *----------------------------------------------------------------------------- */ -static INLINE void +static inline void RDTSC_BARRIER(void) { ISB(); @@ -884,7 +955,7 @@ RDTSC_BARRIER(void) *----------------------------------------------------------------------------- */ -static INLINE void +static inline void DCacheCleanInvalidate(VA va, uint64 len) { VA dva; @@ -893,7 +964,7 @@ DCacheCleanInvalidate(VA va, uint64 len) for (dva = ROUNDDOWN(va, CACHELINE_SIZE); dva < va + len; dva += CACHELINE_SIZE) { - asm volatile("dc civac, %0" :: "r" (dva) : "memory"); + asm volatile ("dc civac, %0" :: "r" (dva) : "memory"); } /* Ensure completion. */ @@ -919,7 +990,7 @@ DCacheCleanInvalidate(VA va, uint64 len) *----------------------------------------------------------------------------- */ -static INLINE void +static inline void DCacheClean(VA va, uint64 len) { VA dva; @@ -928,7 +999,7 @@ DCacheClean(VA va, uint64 len) for (dva = ROUNDDOWN(va, CACHELINE_SIZE); dva < va + len; dva += CACHELINE_SIZE) { - asm volatile("dc cvac, %0" :: "r" (dva) : "memory"); + asm volatile ("dc cvac, %0" :: "r" (dva) : "memory"); } /* Ensure completion of clean. */ @@ -963,7 +1034,7 @@ DCacheClean(VA va, uint64 len) *----------------------------------------------------------------------------- */ -static INLINE uint64 +static inline uint64 Mul64x6464(uint64 multiplicand, uint64 multiplier, uint32 shift) @@ -1000,7 +1071,7 @@ Mul64x6464(uint64 multiplicand, *----------------------------------------------------------------------------- */ -static INLINE int64 +static inline int64 Muls64x64s64(int64 multiplicand, int64 multiplier, uint32 shift) @@ -1037,7 +1108,7 @@ Muls64x64s64(int64 multiplicand, *----------------------------------------------------------------------------- */ -static INLINE uint64 +static inline uint64 Mul64x3264(uint64 multiplicand, uint32 multiplier, uint32 shift) { return Mul64x6464(multiplicand, multiplier, shift); @@ -1062,7 +1133,7 @@ Mul64x3264(uint64 multiplicand, uint32 multiplier, uint32 shift) *----------------------------------------------------------------------------- */ -static INLINE int64 +static inline int64 Muls64x32s64(int64 multiplicand, uint32 multiplier, uint32 shift) { return Muls64x64s64(multiplicand, multiplier, shift); From ef456ec9073f2f223e56117077fd2555a3e3d4c1 Mon Sep 17 00:00:00 2001 From: Kruti Date: Sun, 7 Apr 2024 23:26:31 -0700 Subject: [PATCH 143/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/guest_os_tables.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/guest_os_tables.h b/open-vm-tools/lib/include/guest_os_tables.h index d54ab1029..52dcfaae4 100644 --- a/open-vm-tools/lib/include/guest_os_tables.h +++ b/open-vm-tools/lib/include/guest_os_tables.h @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (c) 1998-2023 VMware, Inc. All rights reserved. + * Copyright (c) 1998-2024 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -302,6 +302,7 @@ extern "C" { GOKM("rhel7-64", rhel7_64Guest, TRUE) \ GOKM("rhel8-64", rhel8_64Guest, TRUE) \ GOKM("rhel9-64", rhel9_64Guest, TRUE) \ + GOKM("rhel10-64", rhel10_64Guest, TRUE) \ GOKM("centos", centosGuest, TRUE) \ GOKM("centos-64", centos64Guest, TRUE) \ GOKM("centos6", centos6Guest, TRUE) \ From 98d046ba12d3eb3e34ec2cf5752a9c35721946ba Mon Sep 17 00:00:00 2001 From: Kruti Date: Sun, 7 Apr 2024 23:26:31 -0700 Subject: [PATCH 144/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/guest_os_tables.h | 1 + 1 file changed, 1 insertion(+) diff --git a/open-vm-tools/lib/include/guest_os_tables.h b/open-vm-tools/lib/include/guest_os_tables.h index 52dcfaae4..cbddc7e86 100644 --- a/open-vm-tools/lib/include/guest_os_tables.h +++ b/open-vm-tools/lib/include/guest_os_tables.h @@ -319,6 +319,7 @@ extern "C" { GOKM("oraclelinux7-64", oracleLinux7_64Guest, TRUE) \ GOKM("oraclelinux8-64", oracleLinux8_64Guest, TRUE) \ GOKM("oraclelinux9-64", oracleLinux9_64Guest, TRUE) \ + GOKM("oraclelinux10-64", oracleLinux10_64Guest, TRUE) \ GOKM("suse", suseGuest, TRUE) \ GOKM("suse-64", suse64Guest, TRUE) \ GOKM("sles", slesGuest, TRUE) \ From dc2afa499e80d09f198d056b9f65b34054934eb9 Mon Sep 17 00:00:00 2001 From: Kruti Date: Sun, 7 Apr 2024 23:26:31 -0700 Subject: [PATCH 145/375] Linux network log file permissions fix: 0644 to 0600 Since release 11.3.5, on linux guests, the vmware-network.log file has root default file creation permissions (0644) rather than the expected 0600 permissions. Fix: - Adding chmod 0600 on log file creation. - Adding file creation before first logging. - Adding handling of unset handler in case switch, default to file logging. - Adding logging of unknown or bad handler, and using file logging as default. - Default number of logfiles when network.maxOldLogFiles is set to 0. --- open-vm-tools/scripts/linux/network | 36 +++++++++++++++++++++++++++-- 1 file changed, 34 insertions(+), 2 deletions(-) diff --git a/open-vm-tools/scripts/linux/network b/open-vm-tools/scripts/linux/network index 033c88248..b8cb92ce3 100644 --- a/open-vm-tools/scripts/linux/network +++ b/open-vm-tools/scripts/linux/network @@ -1,6 +1,7 @@ #!/bin/sh -x ########################################################## -# Copyright (c) 2001-2018, 2021, 2023 VMware, Inc. All rights reserved. +# Copyright (c) 2001-2018, 2021, 2023-2024 Broadcom. All rights reserved. +# The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. # # This program is free software; you can redistribute it and/or modify it # under the terms of the GNU Lesser General Public License as published @@ -37,6 +38,9 @@ logmode=1 # Defines whether to rotate logs (1) or not (0) logrotate=1 +# Defines whether to set log file permissions (1) or not (0) +logsetperms=1 + # # Get log file path # @@ -56,23 +60,33 @@ get_logfile() { get_logconfig() { handler=`vmware-toolbox-cmd config get logging network.handler | \ sed -e 's/.*= *//' -e 's/ *$//'` + if [ -z "${handler##*"UNSET"*}" ]; then + # Default unset to file handler + handler=file + fi case $handler in "file") get_logfile ;; "file+") + # Append to a file instead of recreating each time get_logfile logrotate=0 ;; "vmx"|"std") logrotate=0 + logsetperms=0 ;; "syslog") logfile=/var/log/syslog logdir=`dirname $logfile` logrotate=0 + logsetperms=0 ;; *) + # Default unknown to 'file' handler, log the issue. + `vmtoolsd --cmd "log WARNING: [$SOURCE] Logging unknown network.handler: $handler"` + get_logfile ;; esac } @@ -84,7 +98,12 @@ rotate_logfile() { if [ $logrotate -eq 1 ]; then max=`vmware-toolbox-cmd config get logging network.maxOldLogFiles | \ sed -e 's/.*= *//' -e 's/ *$//'` - if [ -z "${max##*"UNSET"*}" -o `expr "$max" : '[0-9]\+$'` -eq 0 ]; then + if [ `expr "$max" : '[0-9]\+$'` -eq 0 ]; then + # max is not numeric (UNSET or else), use default. + max=9 + fi + if [ $max -lt 1 ]; then + # max must be > 0, use default. max=9 fi max=`expr $max - 1` @@ -123,6 +142,19 @@ log() { get_logconfig rotate_logfile +if [ $logsetperms -eq 1 ]; then + # Create/Recreate logfile + if [ ! -e $logfile ]; then + touch $logfile + fi + + # Set logfile permissions before writing first log to file. + # ** When handler is 'file+' and logfile existed prior to execution, this + # updates the permissions before appending to logfile. + # ** Otherwise sets permission on new file. + chmod 0600 $logfile +fi + log "Executing '$0 $*'" . `dirname "$0"`/../../statechange.subr From d00cb18b872419d1fc9dba12d82a33249c9f8381 Mon Sep 17 00:00:00 2001 From: Kruti Date: Sun, 7 Apr 2024 23:26:32 -0700 Subject: [PATCH 146/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/guest_os_tables.h | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/guest_os_tables.h b/open-vm-tools/lib/include/guest_os_tables.h index cbddc7e86..399cd76c8 100644 --- a/open-vm-tools/lib/include/guest_os_tables.h +++ b/open-vm-tools/lib/include/guest_os_tables.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 1998-2024 VMware, Inc. All rights reserved. + * Copyright (c) 1998-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -358,6 +359,8 @@ extern "C" { GOKM("debian11-64", debian11_64Guest, TRUE) \ GOKM("debian12", debian12Guest, TRUE) \ GOKM("debian12-64", debian12_64Guest, TRUE) \ + GOKM("debian13", debian13Guest, TRUE) \ + GOKM("debian13-64", debian13_64Guest, TRUE) \ GOKM("asianux3", asianux3Guest, TRUE) \ GOKM("asianux3-64", asianux3_64Guest, TRUE) \ GOKM("asianux4", asianux4Guest, TRUE) \ From a27e36f708ba532610bc80aa05c6f646aff2e221 Mon Sep 17 00:00:00 2001 From: Kruti Date: Sun, 7 Apr 2024 23:26:32 -0700 Subject: [PATCH 147/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_basic_defs.h | 35 ++++++++++++++--------- 1 file changed, 22 insertions(+), 13 deletions(-) diff --git a/open-vm-tools/lib/include/vm_basic_defs.h b/open-vm-tools/lib/include/vm_basic_defs.h index 4a210be23..73735fff4 100644 --- a/open-vm-tools/lib/include/vm_basic_defs.h +++ b/open-vm-tools/lib/include/vm_basic_defs.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 2003-2023 VMware, Inc. All rights reserved. + * Copyright (c) 2003-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -248,32 +249,40 @@ Max(int a, int b) #define PAGE_SHIFT_16KB 14 #define PAGE_SHIFT_64KB 16 -#ifndef PAGE_SHIFT // { +#define PAGE_SIZE_4KB 4096 +#define PAGE_SIZE_16KB 16384 +#define PAGE_SIZE_64KB 65536 + #if defined __x86_64__ || defined __i386__ - #define PAGE_SHIFT PAGE_SHIFT_4KB + #define VMW_PAGE_SHIFT PAGE_SHIFT_4KB + #define VMW_PAGE_SIZE PAGE_SIZE_4KB #elif defined __APPLE__ #if defined VM_ARM_ANY - #define PAGE_SHIFT PAGE_SHIFT_16KB + #define VMW_PAGE_SHIFT PAGE_SHIFT_16KB + #define VMW_PAGE_SIZE PAGE_SIZE_16KB #else - #define PAGE_SHIFT PAGE_SHIFT_4KB + #define VMW_PAGE_SHIFT PAGE_SHIFT_4KB + #define VMW_PAGE_SIZE PAGE_SIZE_4KB #endif #elif defined VM_ARM_64 - #define PAGE_SHIFT PAGE_SHIFT_4KB + #define VMW_PAGE_SHIFT PAGE_SHIFT_4KB + #define VMW_PAGE_SIZE PAGE_SIZE_4KB #elif defined __arm__ - #define PAGE_SHIFT PAGE_SHIFT_4KB + #define VMW_PAGE_SHIFT PAGE_SHIFT_4KB + #define VMW_PAGE_SIZE PAGE_SIZE_4KB #elif defined __wasm__ - #define PAGE_SHIFT PAGE_SHIFT_4KB + #define VMW_PAGE_SHIFT PAGE_SHIFT_4KB + #define VMW_PAGE_SIZE PAGE_SIZE_4KB #else #error #endif -#endif // } -#define PAGE_SIZE_4KB (1 << PAGE_SHIFT_4KB) -#define PAGE_SIZE_16KB (1 << PAGE_SHIFT_16KB) -#define PAGE_SIZE_64KB (1 << PAGE_SHIFT_64KB) +#ifndef PAGE_SHIFT +#define PAGE_SHIFT VMW_PAGE_SHIFT +#endif #ifndef PAGE_SIZE -#define PAGE_SIZE (1 << PAGE_SHIFT) +#define PAGE_SIZE VMW_PAGE_SIZE #endif #define PAGE_MASK_4KB (PAGE_SIZE_4KB - 1) From 16b2942637b4b4c8613c97910b0c926aa78f118e Mon Sep 17 00:00:00 2001 From: Kruti Date: Sun, 7 Apr 2024 23:26:32 -0700 Subject: [PATCH 148/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_product_versions.h | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/open-vm-tools/lib/include/vm_product_versions.h b/open-vm-tools/lib/include/vm_product_versions.h index ca01e79f0..196cf4228 100644 --- a/open-vm-tools/lib/include/vm_product_versions.h +++ b/open-vm-tools/lib/include/vm_product_versions.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 1998-2023 VMware, Inc. All rights reserved. + * Copyright (c) 1998-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -375,7 +376,7 @@ #define PRECHECK_VERSION "e.x.p" #define VHSESDK_VERSION "1.0.0" #define VIEWVC_VERSION "14.0.2" -#define WCP_VERSION "0.1.7" +#define WCP_VERSION "0.1.8" #define VSTATS_VERSION "0.0.1" #define XVP_VERSION "1.0.0" /* From 160a2f6464f1f8a391e20445436aac828747944b Mon Sep 17 00:00:00 2001 From: Kruti Date: Sun, 7 Apr 2024 23:26:32 -0700 Subject: [PATCH 149/375] Change to common source file not applicable to open-vm-tools. --- open-vm-tools/lib/misc/hostinfoPosix.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/open-vm-tools/lib/misc/hostinfoPosix.c b/open-vm-tools/lib/misc/hostinfoPosix.c index 2fab24993..e07839987 100644 --- a/open-vm-tools/lib/misc/hostinfoPosix.c +++ b/open-vm-tools/lib/misc/hostinfoPosix.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 1998-2023 VMware, Inc. All rights reserved. + * Copyright (c) 1998-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -4479,6 +4480,7 @@ Hostinfo_GetModulePath(uint32 priv) // IN: * in the address of one of the caller's own functions. * * Not implemented on iOS (iOS does not support dynamic loading). + * Not implemented on FreeBSD (doesn't support fs /proc/self) * Not fully implemented on ESX (the path MAY OR MAY NOT BE ABSOLUTE). * * Results: @@ -4498,9 +4500,10 @@ Hostinfo_GetLibraryPath(void *addr) // IN /* * Try fast path first. * - * Does NOT work for iOS since iOS does not support dynamic loading. + * Does NOT work for iOS and FreeBSD, as iOS does not support dynamic loading + * and FreeBSD (non-linux) doesn't support the file system /proc/self/ . */ -#if !TARGET_OS_IPHONE +#if !TARGET_OS_IPHONE && !defined(__FreeBSD__) Dl_info info; if (dladdr(addr, &info)) { @@ -4509,7 +4512,7 @@ Hostinfo_GetLibraryPath(void *addr) // IN return Unicode_Alloc(info.dli_fname, STRING_ENCODING_DEFAULT); } } -#endif // !TARGET_OS_IPHONE +#endif // !TARGET_OS_IPHONE && !defined(__FreeBSD__) /* * Slow path for ESX, Linux, Android and macOS. From 76177671b4dbe6795b30d7282750daa6bc44c3ce Mon Sep 17 00:00:00 2001 From: Kruti Date: Sun, 7 Apr 2024 23:26:32 -0700 Subject: [PATCH 150/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/guest_os_tables.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/open-vm-tools/lib/include/guest_os_tables.h b/open-vm-tools/lib/include/guest_os_tables.h index 399cd76c8..55040fda1 100644 --- a/open-vm-tools/lib/include/guest_os_tables.h +++ b/open-vm-tools/lib/include/guest_os_tables.h @@ -454,6 +454,8 @@ extern "C" { GOKM("freeBSD13-64", freebsd13_64Guest, TRUE) \ GOKM("freeBSD14", freebsd14Guest, TRUE) \ GOKM("freeBSD14-64", freebsd14_64Guest, TRUE) \ + GOKM("freeBSD15", freebsd15Guest, TRUE) \ + GOKM("freeBSD15-64", freebsd15_64Guest, TRUE) \ GOKM("openserver5", openServer5Guest, TRUE) \ GOKM("openserver6", openServer6Guest, TRUE) \ GOKM("unixware7", unixWare7Guest, TRUE) \ From 9026382b617114a4ea10593be3358d4f5470160a Mon Sep 17 00:00:00 2001 From: Kruti Date: Sun, 7 Apr 2024 23:26:32 -0700 Subject: [PATCH 151/375] Update NetworkManager calls in suspend/resume scripts. Revise the NetworkManager calls in the Linux network script to prefer using the Sleep method over the "Enable" method being used to work around a bug in version 0.9.0. Pull request: https://github.com/vmware/open-vm-tools/pull/699 Issue: https://github.com/vmware/open-vm-tools/issues/426 --- open-vm-tools/AUTHORS | 4 ++++ open-vm-tools/scripts/linux/network | 18 ++++++++++-------- 2 files changed, 14 insertions(+), 8 deletions(-) diff --git a/open-vm-tools/AUTHORS b/open-vm-tools/AUTHORS index 98c86fd6c..a744081a9 100644 --- a/open-vm-tools/AUTHORS +++ b/open-vm-tools/AUTHORS @@ -94,3 +94,7 @@ Jan Engelhardt Fix build problems with grpc (at least) 1.54 Yun Zheng Hu Power Ops: Attempt to execute file path only - https://github.com/vmware/open-vm-tools/pull/689 + +Joseph Allen Updated NetworkManager calls in suspend/resume scripts + https://github.com/vmware/open-vm-tools/pull/699 + diff --git a/open-vm-tools/scripts/linux/network b/open-vm-tools/scripts/linux/network index b8cb92ce3..a293e1d10 100644 --- a/open-vm-tools/scripts/linux/network +++ b/open-vm-tools/scripts/linux/network @@ -561,20 +561,21 @@ TranquilizeNetworkManager() ;; esac - # NetworkManager 0.8.0 and above + # NetworkManager 0.9.1 and above + earlier versions that honor + # the "Sleep" config boolean. $dbusSend --system --print-reply \ --dest=org.freedesktop.NetworkManager \ /org/freedesktop/NetworkManager \ - org.freedesktop.NetworkManager.Enable boolean:false + org.freedesktop.NetworkManager.Sleep boolean:true rc=$? if [ $rc -eq 0 ]; then return $rc fi - # NetworkManager 0.7.0 + # NetworkManager 0.9.0 $dbusSend --system --print-reply \ --dest=org.freedesktop.NetworkManager \ /org/freedesktop/NetworkManager \ - org.freedesktop.NetworkManager.Sleep boolean:true + org.freedesktop.NetworkManager.Enable boolean:false rc=$? if [ $rc -eq 0 ]; then return $rc @@ -610,20 +611,21 @@ WakeNetworkManager() dbusSend=`which dbus-send 2>/dev/null` rc=$? if [ $rc = 0 ]; then - # NetworkManager 0.8.0 + # NetworkManager 0.9.1 and above + earlier versions that honor + # the "Sleep" config boolean. $dbusSend --system --print-reply \ --dest=org.freedesktop.NetworkManager \ /org/freedesktop/NetworkManager \ - org.freedesktop.NetworkManager.Enable boolean:true + org.freedesktop.NetworkManager.Sleep boolean:false rc=$? if [ $rc = 0 ]; then return $rc fi - # NetworkManager 0.7.0 + # NetworkManager 0.9.0 $dbusSend --system --print-reply \ --dest=org.freedesktop.NetworkManager \ /org/freedesktop/NetworkManager \ - org.freedesktop.NetworkManager.Sleep boolean:false + org.freedesktop.NetworkManager.Enable boolean:true rc=$? if [ $rc = 0 ]; then return $rc From 831d35dfed2fc94eb8dfa61cf16cfc7b9d1a2a36 Mon Sep 17 00:00:00 2001 From: Kruti Date: Sun, 7 Apr 2024 23:49:24 -0700 Subject: [PATCH 152/375] Update ChangeLog with the granular push of Apr 7, 2024. - Plus ChangeLog update Mar 18, 2024. --- open-vm-tools/ChangeLog | 85 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 85 insertions(+) diff --git a/open-vm-tools/ChangeLog b/open-vm-tools/ChangeLog index 187bd2f4b..caf39e16c 100644 --- a/open-vm-tools/ChangeLog +++ b/open-vm-tools/ChangeLog @@ -1,3 +1,88 @@ +commit 9026382b617114a4ea10593be3358d4f5470160a +Author: Kruti +Date: Sun Apr 7 23:26:32 2024 -0700 + + Update NetworkManager calls in suspend/resume scripts. + + Revise the NetworkManager calls in the Linux network script to + prefer using the Sleep method over the "Enable" method being used + to work around a bug in version 0.9.0. + + Pull request: https://github.com/vmware/open-vm-tools/pull/699 + Issue: https://github.com/vmware/open-vm-tools/issues/426 + +commit 76177671b4dbe6795b30d7282750daa6bc44c3ce +Author: Kruti +Date: Sun Apr 7 23:26:32 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit 160a2f6464f1f8a391e20445436aac828747944b +Author: Kruti +Date: Sun Apr 7 23:26:32 2024 -0700 + + Change to common source file not applicable to open-vm-tools. + +commit 16b2942637b4b4c8613c97910b0c926aa78f118e +Author: Kruti +Date: Sun Apr 7 23:26:32 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit a27e36f708ba532610bc80aa05c6f646aff2e221 +Author: Kruti +Date: Sun Apr 7 23:26:32 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit d00cb18b872419d1fc9dba12d82a33249c9f8381 +Author: Kruti +Date: Sun Apr 7 23:26:32 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit dc2afa499e80d09f198d056b9f65b34054934eb9 +Author: Kruti +Date: Sun Apr 7 23:26:31 2024 -0700 + + Linux network log file permissions fix: 0644 to 0600 + Since release 11.3.5, on linux guests, the vmware-network.log file has root + default file creation permissions (0644) rather than the expected 0600 + permissions. + + Fix: + - Adding chmod 0600 on log file creation. + - Adding file creation before first logging. + - Adding handling of unset handler in case switch, default to file logging. + - Adding logging of unknown or bad handler, and using file logging as default. + - Default number of logfiles when network.maxOldLogFiles is set to 0. + +commit 98d046ba12d3eb3e34ec2cf5752a9c35721946ba +Author: Kruti +Date: Sun Apr 7 23:26:31 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit ef456ec9073f2f223e56117077fd2555a3e3d4c1 +Author: Kruti +Date: Sun Apr 7 23:26:31 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit 9523e770f58e440e7359b3e495f2fe6b03da3447 +Author: Kruti +Date: Sun Apr 7 23:26:31 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit a02c7f8de02dd3108a5ebdd6158dfc9366051409 +Author: Kruti +Date: Mon Mar 18 11:42:23 2024 -0700 + + Update ChangeLog with the granular push of Mar 18, 2024. + - plus Copyright update of file vmxnet3_defs.h + - plus ChangeLog update of Feb 28, 2024. + commit c2056a39e9bf4fc91cd457c4ef12c29a3e9af3a7 Author: Kruti Date: Mon Mar 18 11:30:49 2024 -0700 From 7f68542609c84b573b0faee31acd4aa5dfffc94b Mon Sep 17 00:00:00 2001 From: Kruti Date: Fri, 3 May 2024 09:05:44 -0700 Subject: [PATCH 153/375] GuestOS: Explicitly identify Flatcar Linux We support a VMX guestOS string for Flatcar Linux ("flatcar-64"). Update the guest identification code to report Flatcar, rather than generically (other linux - 64). --- open-vm-tools/lib/misc/hostinfoPosix.c | 1 + 1 file changed, 1 insertion(+) diff --git a/open-vm-tools/lib/misc/hostinfoPosix.c b/open-vm-tools/lib/misc/hostinfoPosix.c index e07839987..0772f104e 100644 --- a/open-vm-tools/lib/misc/hostinfoPosix.c +++ b/open-vm-tools/lib/misc/hostinfoPosix.c @@ -1415,6 +1415,7 @@ static const ShortNameSet shortNameArray[] = { /* Red Hat must come before the Enterprise Linux entry */ { "enterprise linux", NULL, HostinfoSetOracleShortName }, { "fedora", STR_OS_FEDORA, HostinfoGenericSetShortName }, +{ "flatcar", STR_OS_FLATCAR, HostinfoGenericSetShortName }, { "gentoo", STR_OS_GENTOO, HostinfoGenericSetShortName }, { "immunix", STR_OS_IMMUNIX, HostinfoGenericSetShortName }, { "linux-from-scratch", STR_OS_LINUX_FROM_SCRATCH, HostinfoGenericSetShortName }, From 98e9e31448b81ff4ba8f4ec29c893957aa9d07aa Mon Sep 17 00:00:00 2001 From: Kruti Date: Fri, 3 May 2024 09:05:44 -0700 Subject: [PATCH 154/375] Stop the glib based logging to avoid nested logging from RpcChannel error. --- open-vm-tools/libvmtools/vmtoolsLog.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/open-vm-tools/libvmtools/vmtoolsLog.c b/open-vm-tools/libvmtools/vmtoolsLog.c index 3560080fc..d5f41b652 100644 --- a/open-vm-tools/libvmtools/vmtoolsLog.c +++ b/open-vm-tools/libvmtools/vmtoolsLog.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 2008-2021 VMware, Inc. All rights reserved. + * Copyright (c) 2008-2021,2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -2670,15 +2671,17 @@ VMTools_TeardownVmxGuestLog(void) /* * Acquire the same locks as VMTools_SetupVmxGuestLog. + * Stop the glib based logging to avoid nested logging + * from RpcChannel error. */ VMTools_AcquireLogStateLock(); - + StopGlibLogging(); g_rec_mutex_lock(&gVmxGuestLogMutex); DestroyRpcChannel(); g_rec_mutex_unlock(&gVmxGuestLogMutex); - + RestartGlibLogging(); VMTools_ReleaseLogStateLock(); } From c48b6ac791d13313db4cb023b275bb6df90c565a Mon Sep 17 00:00:00 2001 From: Kruti Date: Fri, 3 May 2024 09:05:44 -0700 Subject: [PATCH 155/375] Change to common source files not applicable to open-vm-tools. --- open-vm-tools/lib/include/guest_os_tables.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/open-vm-tools/lib/include/guest_os_tables.h b/open-vm-tools/lib/include/guest_os_tables.h index 55040fda1..9215208d9 100644 --- a/open-vm-tools/lib/include/guest_os_tables.h +++ b/open-vm-tools/lib/include/guest_os_tables.h @@ -390,6 +390,8 @@ extern "C" { GOKM("other5xlinux-64", other5xLinux64Guest, TRUE) \ GOKM("other6xlinux", other6xLinuxGuest, TRUE) \ GOKM("other6xlinux-64", other6xLinux64Guest, TRUE) \ + GOKM("other7xlinux", other7xLinuxGuest, TRUE) \ + GOKM("other7xlinux-64", other7xLinux64Guest, TRUE) \ GOKM("linux", otherLinuxGuest, FALSE) \ GOKM("otherlinux", otherLinuxGuest, TRUE) \ GOKM("otherlinux-64", otherLinux64Guest, TRUE) \ From e2d1f8c418c72f21f0ef44a83262d19e0f68185e Mon Sep 17 00:00:00 2001 From: Kruti Date: Fri, 3 May 2024 09:05:44 -0700 Subject: [PATCH 156/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/userlock.h | 37 +++++++++++++++++++++------- 1 file changed, 28 insertions(+), 9 deletions(-) diff --git a/open-vm-tools/lib/include/userlock.h b/open-vm-tools/lib/include/userlock.h index b58b66305..043077509 100644 --- a/open-vm-tools/lib/include/userlock.h +++ b/open-vm-tools/lib/include/userlock.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 2009-2020 VMware, Inc. All rights reserved. + * Copyright (c) 2009-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -35,14 +36,15 @@ extern "C" { #endif -typedef struct MXUserExclLock MXUserExclLock; -typedef struct MXUserRecLock MXUserRecLock; -typedef struct MXUserRWLock MXUserRWLock; -typedef struct MXUserRankLock MXUserRankLock; -typedef struct MXUserCondVar MXUserCondVar; -typedef struct MXUserSemaphore MXUserSemaphore; -typedef struct MXUserEvent MXUserEvent; -typedef struct MXUserBarrier MXUserBarrier; +typedef struct MXUserExclLock MXUserExclLock; +typedef struct MXUserRecLock MXUserRecLock; +typedef struct MXUserRWLock MXUserRWLock; +typedef struct MXUserRankLock MXUserRankLock; +typedef struct MXUserCondVar MXUserCondVar; +typedef struct MXUserSemaphore MXUserSemaphore; +typedef struct MXUserBinSemaphore MXUserBinSemaphore; +typedef struct MXUserEvent MXUserEvent; +typedef struct MXUserBarrier MXUserBarrier; /* * Exclusive ownership lock @@ -270,6 +272,23 @@ MXUserSemaphore *MXUser_CreateSingletonSemaphore(Atomic_Ptr *semaStorage, const char *name, MX_Rank rank); +/* + * Binary semaphore + */ + +MXUserBinSemaphore *MXUser_CreateBinSemaphore(const char *name, + MX_Rank rank); + +void MXUser_DestroyBinSemaphore(MXUserBinSemaphore *binSema); +void MXUser_UpBinSemaphore(MXUserBinSemaphore *binSema); +void MXUser_DownBinSemaphore(MXUserBinSemaphore *binSema); +Bool MXUser_TryDownBinSemaphore(MXUserBinSemaphore *binSema); + +Bool MXUser_TimedDownBinSemaphore(MXUserBinSemaphore *binSema, + uint32 waitTimeMS); +Bool MXUser_TimedDownBinSemaphoreNS(MXUserBinSemaphore *binSema, + uint64 waitTimeNS); + /* * Rank lock * From 8336d5d8ace540b356813c197794d5f14f2ae38b Mon Sep 17 00:00:00 2001 From: Kruti Date: Fri, 3 May 2024 09:05:44 -0700 Subject: [PATCH 157/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_basic_defs.h | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/open-vm-tools/lib/include/vm_basic_defs.h b/open-vm-tools/lib/include/vm_basic_defs.h index 73735fff4..cb77b46e8 100644 --- a/open-vm-tools/lib/include/vm_basic_defs.h +++ b/open-vm-tools/lib/include/vm_basic_defs.h @@ -605,6 +605,19 @@ typedef int pid_t; #define VMK_HAS_VMM_ONLY(...) #endif +#if defined VMM || defined VMK_HAS_VMM +/* Structure field only used to support the VMM (as opposed to the ULM). */ +#define VMM_ONLY_FIELD(name) name +#else +/* + * Structure field only used to support the VMM (as opposed to the ULM). + * Until VMK_HAS_VMM is retired, keep this field so the size of the structure + * is unchanged (was bug 3354277), but prepend an underscore to the field's + * name to verify at compile time that the field is indeed not used. + */ +#define VMM_ONLY_FIELD(name) _##name +#endif + #undef ARM64_ONLY #ifdef VM_ARM_64 #define ARM64_ONLY(...) __VA_ARGS__ From 1b3e41d24086fed921982674daa89f70d3bd677e Mon Sep 17 00:00:00 2001 From: Kruti Date: Fri, 3 May 2024 09:05:44 -0700 Subject: [PATCH 158/375] Style correction in Broadcom copyright. --- open-vm-tools/lib/include/vmware/guestrpc/capabilities.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/vmware/guestrpc/capabilities.h b/open-vm-tools/lib/include/vmware/guestrpc/capabilities.h index 56b206e28..cff58f112 100644 --- a/open-vm-tools/lib/include/vmware/guestrpc/capabilities.h +++ b/open-vm-tools/lib/include/vmware/guestrpc/capabilities.h @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (c) 2008-2017,2020-2021,2023-2024 Broadcom. All rights reserved. + * Copyright (c) 2008-2024 Broadcom. All rights reserved. * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it From ffd52c7e4010098893a34c66b6d70b500d98711e Mon Sep 17 00:00:00 2001 From: Kruti Date: Fri, 3 May 2024 09:05:44 -0700 Subject: [PATCH 159/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_basic_defs.h | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/open-vm-tools/lib/include/vm_basic_defs.h b/open-vm-tools/lib/include/vm_basic_defs.h index cb77b46e8..2a7039c2d 100644 --- a/open-vm-tools/lib/include/vm_basic_defs.h +++ b/open-vm-tools/lib/include/vm_basic_defs.h @@ -467,6 +467,16 @@ Max(int a, int b) #endif #define QWORD(_hi, _lo) ((((uint64)(_hi)) << 32) | ((uint32)(_lo))) +#ifndef HIDWORD128 +#define HIDWORD128(_qw) ((uint64)((_qw) >> 64)) +#endif +#ifndef LODWORD128 +#define LODWORD128(_qw) ((uint64)(_qw)) +#endif +#ifndef QWORD128 +#define QWORD128(_hi, _lo) ((((uint128)(_hi)) << 64) | ((uint64)(_lo))) +#endif + /* * Deposit a field _src at _pos bits from the right, From ae31ed20bfbf0e744701f60b7839f88aa73ae554 Mon Sep 17 00:00:00 2001 From: Kruti Date: Fri, 3 May 2024 09:05:44 -0700 Subject: [PATCH 160/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/log.h | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/open-vm-tools/lib/include/log.h b/open-vm-tools/lib/include/log.h index 725330bd4..36ba86bd5 100644 --- a/open-vm-tools/lib/include/log.h +++ b/open-vm-tools/lib/include/log.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 1998-2023 VMware, Inc. All rights reserved. + * Copyright (c) 1998-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -448,18 +449,18 @@ Log_SetOutputLevel(LogOutput *output, /* * Structure contains all the pointers to where value can be updated. - * Making VmxStats as a struct has its own advantage, such as updating + * Making VmxStatsInfo as a struct has its own advantage, such as updating * 'droppedChars' from the struct instead within LogFile. */ -struct VmxStatMinMax64; +struct StatFileMinMax64; typedef struct { uint64 *logMsgsDropped; // Number of dropped messages uint64 *logBytesDropped; // Number of drop bytes uint64 *logBytesLogged; // Bytes logged - struct VmxStatMinMax64 *logWriteMinMaxTime; // Min/max write time in US + struct StatsFileMinMax64 *logWriteMinMaxTime; // Min/max write time in US uint64 *logWriteAvgTime; // Average time to write in US } VmxStatsInfo; From b892d59578b2a3d65f473d6f597df2f3c95997bf Mon Sep 17 00:00:00 2001 From: Kruti Date: Fri, 3 May 2024 09:05:45 -0700 Subject: [PATCH 161/375] [Coverity]: Fix the Y2K38_SAFETY findings from static application security testing (SAST) guestInfoServer.c -- 2 issues reported in file issue: casting time_t (64bits) to int (32bits) causing Y2K38_SAFETY. impact: delta is a time delta in seconds, overflow if delta >= (G_MAXINT/1000)+1 fix: Remove cast on delta, cast both values as int64. issue: casting time_t to int for logging to a '%d'. impact: delta is a time delta in seconds, not expected to overflow a 32 bit int. fix: Remove cast on delta, change string to use '%"FMT64"d' format and cast the time_t to int64; time_t is defined as 'long int'. vixTools.c -- 7 issues reported in file issue: casting time_t to int for convertion to string (xml) impact: procStartTime is a time from epoch, it will overflow the int in Y2K38. fix: Remove the cast, change the string to use '%"FMT64"d"' and cast the time_t to int64; time_t is defined as 'long int'. issues: casting time_t to int in call to VixToolsPrintProcInfoEx. impact: The times used are time from epoch and will be impacted by Y2K38. fix: Change signature of VixToolsPrintProcInfoEx to take in time_t types. Change VixToolsPrintProcInfoEx to use '%"FMT64"d' in string conversions. and cast the time_t to int64; time_t is defined as 'long int'. --- .../plugins/guestInfo/guestInfoServer.c | 9 ++--- open-vm-tools/services/plugins/vix/vixTools.c | 33 ++++++++++--------- 2 files changed, 22 insertions(+), 20 deletions(-) diff --git a/open-vm-tools/services/plugins/guestInfo/guestInfoServer.c b/open-vm-tools/services/plugins/guestInfo/guestInfoServer.c index 8ec1236e3..f4e405a9f 100644 --- a/open-vm-tools/services/plugins/guestInfo/guestInfoServer.c +++ b/open-vm-tools/services/plugins/guestInfo/guestInfoServer.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 1998-2023 VMware, Inc. All rights reserved. + * Copyright (c) 1998-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -304,13 +305,13 @@ GuestInfoCheckIfRunningSlow(ToolsAppCtx *ctx) * Have a long enough delta to ensure that we have really missed a * collection. */ - if (((int) delta * 1000) >= (2 * guestInfoPollInterval)) { + if (((int64)delta * 1000) >= ((int64) 2 * guestInfoPollInterval)) { gchar *msg, *rpcMsg; msg = g_strdup_printf( "*** WARNING: GuestInfo collection interval longer than " - "expected; actual=%d sec, expected=%d sec. ***\n", - (int) delta, guestInfoPollInterval / 1000); + "expected; actual=%"FMT64"d sec, expected=%d sec. ***\n", + (int64) delta, guestInfoPollInterval / 1000); rpcMsg = g_strdup_printf("log %s", msg); diff --git a/open-vm-tools/services/plugins/vix/vixTools.c b/open-vm-tools/services/plugins/vix/vixTools.c index 75d24a29e..46fb83744 100644 --- a/open-vm-tools/services/plugins/vix/vixTools.c +++ b/open-vm-tools/services/plugins/vix/vixTools.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 2007-2023 VMware, Inc. All rights reserved. + * Copyright (c) 2007-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -590,9 +591,9 @@ static VixError VixToolsPrintProcInfoEx(DynBuf *dstBuffer, const char *name, uint64 pid, const char *user, - int start, + time_t start, int exitCode, - int exitTime); + time_t exitTime); static VixError VixToolsListDirectory(VixCommandRequestHeader *requestMsg, size_t maxBufferSize, @@ -5383,13 +5384,13 @@ VixToolsListProcesses(VixCommandRequestHeader *requestMsg, // IN "%d" #endif "%s" - "%d" + "%"FMT64"d" "", cmdNamePtr, name, (int) procInfo->procId, #if defined(_WIN32) (int) procInfo->procDebugged, #endif - user, (int) procInfo->procStartTime); + user, (int64) procInfo->procStartTime); if (NULL == procBufPtr) { err = VIX_E_OUT_OF_MEMORY; goto quit; @@ -5552,9 +5553,9 @@ VixToolsListProcessesExGenerateData(uint32 numPids, // IN spList->fullCommandLine, spList->pid, spList->user, - (int) spList->startTime, + spList->startTime, spList->exitCode, - (int) spList->endTime); + spList->endTime); if (VIX_OK != err) { goto quit; } @@ -5572,9 +5573,9 @@ VixToolsListProcessesExGenerateData(uint32 numPids, // IN spList->fullCommandLine, spList->pid, spList->user, - (int) spList->startTime, + spList->startTime, spList->exitCode, - (int) spList->endTime); + spList->endTime); if (VIX_OK != err) { goto quit; } @@ -5648,7 +5649,7 @@ VixToolsListProcessesExGenerateData(uint32 numPids, // IN procInfo->procId, (NULL == procInfo->procOwner) ? "" : procInfo->procOwner, - (int) procInfo->procStartTime, + procInfo->procStartTime, 0, 0); if (VIX_OK != err) { goto quit; @@ -5669,7 +5670,7 @@ VixToolsListProcessesExGenerateData(uint32 numPids, // IN procInfo->procId, (NULL == procInfo->procOwner) ? "" : procInfo->procOwner, - (int) procInfo->procStartTime, + procInfo->procStartTime, 0, 0); if (VIX_OK != err) { goto quit; @@ -5996,9 +5997,9 @@ VixToolsPrintProcInfoEx(DynBuf *dstBuffer, // IN/OUT const char *name, // IN uint64 pid, // IN const char *user, // IN - int start, // IN + time_t start, // IN int exitCode, // IN - int exitTime) // IN + time_t exitTime) // IN { VixError err; char *escapedName = NULL; @@ -6038,12 +6039,12 @@ VixToolsPrintProcInfoEx(DynBuf *dstBuffer, // IN/OUT "%s" "%"FMT64"d" "%s" - "%d" + "%"FMT64"d" "%d" - "%d" + "%"FMT64"d" "", cmdNamePtr, escapedName, pid, escapedUser, - start, exitCode, exitTime); + (int64) start, exitCode, (int64) exitTime); if (NULL == procInfoEntry) { err = VIX_E_OUT_OF_MEMORY; goto quit; From 5c10fab774d061230e8e747569d918272b182366 Mon Sep 17 00:00:00 2001 From: Kruti Date: Fri, 3 May 2024 09:05:45 -0700 Subject: [PATCH 162/375] Fix the SHELLCHECK_WARNING findings from static application security testing (SAST) install/Linux/scripts/network: Multiple shellcheck issues found in the Linux "network" script with the warning "Remove backticks to avoid executing output (or use eval if intentional)." Removed the backticks from those corresponding lines of the script. --- open-vm-tools/scripts/linux/network | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/open-vm-tools/scripts/linux/network b/open-vm-tools/scripts/linux/network index a293e1d10..58d3bc31e 100644 --- a/open-vm-tools/scripts/linux/network +++ b/open-vm-tools/scripts/linux/network @@ -85,7 +85,7 @@ get_logconfig() { ;; *) # Default unknown to 'file' handler, log the issue. - `vmtoolsd --cmd "log WARNING: [$SOURCE] Logging unknown network.handler: $handler"` + vmtoolsd --cmd "log WARNING: [$SOURCE] Logging unknown network.handler: $handler" get_logfile ;; esac @@ -121,7 +121,7 @@ rotate_logfile() { log() { if [ $logmode -eq 1 ]; then if [ "$handler" = "vmx" ]; then - `vmtoolsd --cmd "log $*"` + vmtoolsd --cmd "log $*" elif [ "$handler" = "std" ]; then echo `date` ": $*" elif [ -w $logdir ]; then @@ -129,11 +129,11 @@ log() { if [ $space -gt 1024 ]; then echo `date` ": $*" >> $logfile else - `vmtoolsd --cmd "log WARNING: [$SOURCE] Logging disabled. No space left in $logdir"` + vmtoolsd --cmd "log WARNING: [$SOURCE] Logging disabled. No space left in $logdir" logmode=0 fi else - `vmtoolsd --cmd "log WARNING: [$SOURCE] Logging disabled. $logdir is not writable"` + vmtoolsd --cmd "log WARNING: [$SOURCE] Logging disabled. $logdir is not writable" logmode=0 fi fi @@ -533,7 +533,7 @@ rescue_NIC() TranquilizeNetworkManager() { - # `which' may be a bit noisy, so we'll shush it. + # 'which' may be a bit noisy, so we'll shush it. dbusSend=`which dbus-send 2>/dev/null` rc=$? if [ $rc -ne 0 ]; then @@ -607,7 +607,7 @@ TranquilizeNetworkManager() WakeNetworkManager() { - # `which' may be a bit noisy, so we'll shush it. + # 'which' may be a bit noisy, so we'll shush it. dbusSend=`which dbus-send 2>/dev/null` rc=$? if [ $rc = 0 ]; then From 1d19761e81b9a601b6fdb10109c92331f0b11eef Mon Sep 17 00:00:00 2001 From: Kruti Date: Fri, 3 May 2024 09:05:45 -0700 Subject: [PATCH 163/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_atomic.h | 55 ++++++++++++++++++++++++++- 1 file changed, 54 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/vm_atomic.h b/open-vm-tools/lib/include/vm_atomic.h index 622fbca88..f3bbb8437 100644 --- a/open-vm-tools/lib/include/vm_atomic.h +++ b/open-vm-tools/lib/include/vm_atomic.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 1998-2023 VMware, Inc. All rights reserved. + * Copyright (c) 1998-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -3945,6 +3946,32 @@ MAKE_ATOMIC_TYPE(Bool, 8, Bool, Bool, Bool) #define ATOMIC_BITVECTOR(varName, capacity) \ Atomic_uint8 varName[CEILING(capacity, 8)] +/* + *----------------------------------------------------------------------------- + * + * Atomic_SetBitVector -- + * + * Atomically set the bit 'index' in bit vector var. + * + * The index input value specifies which bit to modify and is 0-based. + * + * Results: + * None + * + * Side effects: + * None + * + *----------------------------------------------------------------------------- + */ + +static INLINE void +Atomic_SetBitVector(Atomic_uint8 *var, // IN/OUT + unsigned index) // IN +{ + Atomic_Or8(var + index / 8, 1 << index % 8); +} + + /* *----------------------------------------------------------------------------- * @@ -3985,6 +4012,32 @@ Atomic_TestSetBitVector(Atomic_uint8 *var, // IN/OUT } +/* + *----------------------------------------------------------------------------- + * + * Atomic_ClearBitVector -- + * + * Atomically clear the bit 'index' in bit vector var. + * + * The index input value specifies which bit to modify and is 0-based. + * + * Results: + * None + * + * Side effects: + * None + * + *----------------------------------------------------------------------------- + */ + +static INLINE void +Atomic_ClearBitVector(Atomic_uint8 *var, // IN/OUT + unsigned index) // IN +{ + Atomic_And8(var + index / 8, ~(1 << index % 8)); +} + + /* *----------------------------------------------------------------------------- * From 1963bfed9f388aa57c9a8fc5d0f17424c76cbe60 Mon Sep 17 00:00:00 2001 From: Kruti Date: Fri, 3 May 2024 09:05:45 -0700 Subject: [PATCH 164/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/uuid.h | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/uuid.h b/open-vm-tools/lib/include/uuid.h index e535c97cb..028315372 100644 --- a/open-vm-tools/lib/include/uuid.h +++ b/open-vm-tools/lib/include/uuid.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 1998-2018, 2020-2021 VMware, Inc. All rights reserved. + * Copyright (c) 1998-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -27,6 +28,7 @@ #define INCLUDE_ALLOW_USERLEVEL #define INCLUDE_ALLOW_VMCORE +#define INCLUDE_ALLOW_VMKERNEL // for typedefs only #include "includeCheck.h" #if defined(__cplusplus) From 200fa56ef5f0097df888c34e24cb52c9c947d287 Mon Sep 17 00:00:00 2001 From: Kruti Date: Fri, 3 May 2024 09:05:45 -0700 Subject: [PATCH 165/375] Fixes for issues found in Coverity scan. vgauth/serviceImpl/saml-xmlsec1.c issue: 'string_null' for strlen(pemCert) impact: False-positive fix: suppress 'string_null' issue: leaked_storage: certChain is not cleaned up on error. impact: Memory is leaked on the error path. fix: Add line before return to free certChain. vgauth/common/i18n.c issue: 'leaked_storage' for "name" variable impact: False-positive fix: suppress 'leaked_storage' lib/file/file.c issue: use_after_free for 'src' pointer impact: False-positive fix: suppress 'use_after_free' services/plugins/serviceDiscovery/serviceDiscovery.c issue: overrun-local: gdpErrMsgs array contains one less entry then there are enum defined. impact: Valid but the function never return the GDP_ERR_MAX enum. fix: in gdp.h, add an error entry for GDP_ERR_MAX this way gdpErrMsgs will generate all entries. lib/file/fileLockPosix.c issue: string_null for 'buffer' not being null terminated. impact: False-positive fix: suppress 'string_null' --- open-vm-tools/lib/file/file.c | 4 +++- open-vm-tools/lib/file/fileLockPosix.c | 4 +++- open-vm-tools/lib/include/vmware/tools/gdp.h | 11 ++++++++--- open-vm-tools/vgauth/common/i18n.c | 4 +++- open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c | 5 ++++- 5 files changed, 21 insertions(+), 7 deletions(-) diff --git a/open-vm-tools/lib/file/file.c b/open-vm-tools/lib/file/file.c index ffe49417b..246864ba5 100644 --- a/open-vm-tools/lib/file/file.c +++ b/open-vm-tools/lib/file/file.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 1998-2023 VMware, Inc. All rights reserved. + * Copyright (c) 1998-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -2419,6 +2420,7 @@ FileRotateByRename(const char *fileName, // IN: full path to file ASSERT(dst != fileName); Posix_Free(dst); + /* coverity[use_after_free] */ dst = src; } } diff --git a/open-vm-tools/lib/file/fileLockPosix.c b/open-vm-tools/lib/file/fileLockPosix.c index 8dec054ae..2cd388e80 100644 --- a/open-vm-tools/lib/file/fileLockPosix.c +++ b/open-vm-tools/lib/file/fileLockPosix.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 2006-2019 VMware, Inc. All rights reserved. + * Copyright (c) 2006-2019,2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -238,6 +239,7 @@ FileLockProcessDescriptor(pid_t pid) // IN: * properly handled. */ + /* coverity[string_null] */ p = strchr(buffer, '('); if ((p == NULL) || (p == buffer) || (*(p - 1) != ' ')) { diff --git a/open-vm-tools/lib/include/vmware/tools/gdp.h b/open-vm-tools/lib/include/vmware/tools/gdp.h index ec59e06b5..a3077b476 100644 --- a/open-vm-tools/lib/include/vmware/tools/gdp.h +++ b/open-vm-tools/lib/include/vmware/tools/gdp.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 2020-2021,2023 VMware, Inc. All rights reserved. + * Copyright (c) 2020-2021,2023-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -92,6 +93,8 @@ extern "C++" { * - GdpEnum name * - error-id string id * - Default error message string + * + * GDP_ERR_MAX item MUST BE LAST */ #define GDP_ERR_LIST \ GDP_ERR_ITEM(GDP_ERROR_SUCCESS = 0, \ @@ -117,7 +120,10 @@ extern "C++" { "Operation timed out") \ GDP_ERR_ITEM(GDP_ERROR_NO_SUBSCRIBERS, \ "no-subscribers", \ - "No subscribers for data") + "No subscribers for data") \ + GDP_ERR_ITEM(GDP_ERR_MAX, \ + "last-error", \ + "last-error") /* * GdpError codes enum. @@ -125,7 +131,6 @@ extern "C++" { #define GDP_ERR_ITEM(a, b, c) a, typedef enum GdpError { GDP_ERR_LIST - GDP_ERR_MAX } GdpError; #undef GDP_ERR_ITEM diff --git a/open-vm-tools/vgauth/common/i18n.c b/open-vm-tools/vgauth/common/i18n.c index 6377f335f..a8d1310bf 100644 --- a/open-vm-tools/vgauth/common/i18n.c +++ b/open-vm-tools/vgauth/common/i18n.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 2011-2019 VMware, Inc. All rights reserved. + * Copyright (c) 2011-2019,2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -622,6 +623,7 @@ MsgLoadCatalog(const char *path) * If the local DictLL_UnmarshalLine() returns NULL, name and value * will remain NULL pointers. No malloc'ed memory to free here. */ + /* coverity[leaked_storage] */ break; } diff --git a/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c b/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c index f0b83f73d..917e49f4b 100644 --- a/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c +++ b/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 2016-2023 VMware, Inc. All rights reserved. + * Copyright (c) 2016-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -1222,6 +1223,7 @@ BuildCertChain(xmlNodePtr x509Node, /* * Add cert to the keymanager. */ + /* coverity[string_null] */ ret = xmlSecCryptoAppKeysMngrCertLoadMemory(mgr, pemCert, (xmlSecSize) strlen(pemCert), @@ -1734,6 +1736,7 @@ SAML_VerifyBearerTokenAndChain(const char *xmlText, if (err != VGAUTH_E_OK) { VMXLog_Log(VMXLOG_LEVEL_WARNING, "Unrelated certs found in SAML token, failing\n"); + FreeCertArray(num, certChain); return VGAUTH_E_AUTHENTICATION_DENIED; } } From 5681e42c30f9a8875abfcdecb8c12ee8c51416f1 Mon Sep 17 00:00:00 2001 From: Kruti Date: Fri, 3 May 2024 09:05:45 -0700 Subject: [PATCH 166/375] Record the use of version 12.4.5 in the vm_tools_version.h header --- open-vm-tools/lib/include/vm_tools_version.h | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/open-vm-tools/lib/include/vm_tools_version.h b/open-vm-tools/lib/include/vm_tools_version.h index a77f92297..ec7047fbb 100644 --- a/open-vm-tools/lib/include/vm_tools_version.h +++ b/open-vm-tools/lib/include/vm_tools_version.h @@ -1779,6 +1779,13 @@ TOOLS_VERSION_UINT_TO_COMPONENTS(const ToolsVersion toolsVersion, // IN #define TOOLS_VERSION_SOCKET_WRENCH_RELEASE_V_MNR 4 #define TOOLS_VERSION_SOCKET_WRENCH_RELEASE_V_BASE 0 +#ifndef RC_INVOKED +#define TOOLS_VERSION_SOCKET_WRENCH_UPDATE1 TOOLS_VERSION_TO_UINT(TOOLS_VERSION_SOCKET_WRENCH_UPDATE1_V) +#endif /* RC_INVOKED */ +#define TOOLS_VERSION_SOCKET_WRENCH_UPDATE1_V_MJR 12 +#define TOOLS_VERSION_SOCKET_WRENCH_UPDATE1_V_MNR 4 +#define TOOLS_VERSION_SOCKET_WRENCH_UPDATE1_V_BASE 5 + #ifndef RC_INVOKED #define TOOLS_VERSION_NEXT TOOLS_VERSION_TO_UINT(TOOLS_VERSION_NEXT_V) #endif /* RC_INVOKED */ From fa6d75da8c15c7fb3a696839c9f4aa7b43344d31 Mon Sep 17 00:00:00 2001 From: Kruti Date: Fri, 3 May 2024 09:05:45 -0700 Subject: [PATCH 167/375] Change to common source file not applicable to open-vm-tools at this time. --- open-vm-tools/services/vmtoolsd/cmdLine.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/services/vmtoolsd/cmdLine.c b/open-vm-tools/services/vmtoolsd/cmdLine.c index cddd8b34b..dbd2c7661 100644 --- a/open-vm-tools/services/vmtoolsd/cmdLine.c +++ b/open-vm-tools/services/vmtoolsd/cmdLine.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 2008-2021,2023 VMware, Inc. All rights reserved. + * Copyright (c) 2008-2021,2023-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published From f9aaf02fd8c3e928bc1706fc9c692a6190a03a23 Mon Sep 17 00:00:00 2001 From: Kruti Date: Fri, 3 May 2024 09:05:45 -0700 Subject: [PATCH 168/375] Service Discovery data collection duration takes > 70 minutes when monitoring large setups. The issue happens on vrops node VMs that are part of large clusters because these kind of nodes typically have a large amount of tcp/udp connections. The root cause of the issue is an enormous number of spaces generated by "ss -antup | grep -E $pattern" command in get-connection-info.sh. The SDMP plugin considers these spaces while calculating the chunk size for writing into NDB and writing about 200-400 chunks for the get-connection-info key. Processing of this amount of data slows down the discovery process on both the adapter and plugin sides and, as a result, the discovery exceeds the timing limit and fails. The solution is to remove unnecessary spaces from the end of the get-connection-info output lines. --- .../services/plugins/serviceDiscovery/get-connection-info.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/open-vm-tools/services/plugins/serviceDiscovery/get-connection-info.sh b/open-vm-tools/services/plugins/serviceDiscovery/get-connection-info.sh index 5b49442e6..804f651ee 100644 --- a/open-vm-tools/services/plugins/serviceDiscovery/get-connection-info.sh +++ b/open-vm-tools/services/plugins/serviceDiscovery/get-connection-info.sh @@ -15,4 +15,4 @@ space_separated_pids=$(ss -lntup | grep -Eo "pid=[0-9]+" | sort -u) pattern=$(echo $space_separated_pids | tr ' ' '|') # get matching lines -ss -antup | grep -E $pattern +ss -antup | grep -E $pattern | sed 's/[ \t]*$//' From 12f3303f0559e74724b0656d192d32bd54957350 Mon Sep 17 00:00:00 2001 From: Kruti Date: Fri, 3 May 2024 09:05:45 -0700 Subject: [PATCH 169/375] Fix the Y2K38_SAFETY finding found by Coverity scan. Change the date type to 'long long' to make the size be 64 bits, same as that of time_t. --- open-vm-tools/libDeployPkg/linuxDeployment.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/open-vm-tools/libDeployPkg/linuxDeployment.c b/open-vm-tools/libDeployPkg/linuxDeployment.c index 4ddf3477a..d31d52927 100644 --- a/open-vm-tools/libDeployPkg/linuxDeployment.c +++ b/open-vm-tools/libDeployPkg/linuxDeployment.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 2006-2023 VMware, Inc. All rights reserved. + * Copyright (c) 2006-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -1758,7 +1759,7 @@ ExtractZipPackage(const char* pkgName, Bool ret = TRUE; // strip the header from the file - snprintf(zipName, sizeof zipName, "%s/%x", destDir, (unsigned int)time(0)); + snprintf(zipName, sizeof zipName, "%s/%llx", destDir, (long long)time(NULL)); zipName[(sizeof zipName) - 1] = '\0'; if ((pkgFd = open(pkgName, O_RDONLY)) < 0) { sLog(log_error, "Failed to open package file '%s' for read. (%s)", From 3abed5b9e3060208a02dd404749a3683b5aec79b Mon Sep 17 00:00:00 2001 From: Kruti Date: Fri, 3 May 2024 09:05:45 -0700 Subject: [PATCH 170/375] ProcManagerPosix.c: Direct child process's logs to stdio. Mutexes in lib/libvmtools/vmtoolsLog.c and glib could have been locked at fork time. The vmtoolsLog.c Debug(), Warning() and Panic()functions are not safe for child processes. - Direct the offspring process's logs to stdio. - Terminate the offspring process with _exit() or abort(). --- open-vm-tools/lib/procMgr/procMgrPosix.c | 218 +++++++++++++++++++---- 1 file changed, 186 insertions(+), 32 deletions(-) diff --git a/open-vm-tools/lib/procMgr/procMgrPosix.c b/open-vm-tools/lib/procMgr/procMgrPosix.c index 5a3f0d451..e761489cc 100644 --- a/open-vm-tools/lib/procMgr/procMgrPosix.c +++ b/open-vm-tools/lib/procMgr/procMgrPosix.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 1998-2022 VMware, Inc. All rights reserved. + * Copyright (c) 1998-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -103,6 +104,8 @@ static int const cSignals[] = { SIGUSR2, }; +static Bool gOffspringProcess = FALSE; + /* * Keeps track of the posix async proc info. @@ -142,6 +145,144 @@ Bool ProcMgr_PromoteEffectiveToReal(void); #endif +/* + * Mutexes in bora-vmsoft/apps/vmtoolslib/vmtoolsLog.c and glib could have + * been locked at fork time. vmtoolsLog.c Debug, Warning and Panic functions + * are not safe for offspring processes. A straightforward alternative for + * offspring process code paths is to invoke SAFE_DEBUG, SAFE_WARNING and + * SAFE_PANIC. +*/ + +#define SAFE_DEBUG(fmt, ...) \ + if (gOffspringProcess) { \ + OffspringDebug(fmt, ## __VA_ARGS__); \ + } else { \ + Debug(fmt, ## __VA_ARGS__); \ + } + +#define SAFE_WARNING(fmt, ...) \ + if (gOffspringProcess) { \ + OffspringWarning(fmt, ## __VA_ARGS__); \ + } else { \ + Warning(fmt, ## __VA_ARGS__); \ + } + + +/* + *---------------------------------------------------------------------- + * + * OffspringDebug -- + * + * Called by offspring processes to print a debug message to stdout. + * + * Results: + * None + * + * Side effects: + * None + * + *---------------------------------------------------------------------- + */ + +static void +OffspringDebug(const char *fmt, ...) +{ + va_list args; + + va_start(args, fmt); + vfprintf(stdout, fmt, args); + va_end(args); +} + + +/* + *---------------------------------------------------------------------- + * + * OffspringWarning -- + * + * Called by offspring processes to print a warning message to stderr. + * + * Results: + * None + * + * Side effects: + * None + * + *---------------------------------------------------------------------- + */ + +static void +OffspringWarning(const char *fmt, ...) +{ + va_list args; + + va_start(args, fmt); + vfprintf(stderr, fmt, args); + va_end(args); +} + + +#if !defined(USERWORLD) + +#define SAFE_PANIC(fmt, ...) \ + if (gOffspringProcess) { \ + OffspringPanic(fmt, ## __VA_ARGS__); \ + } else { \ + Panic(fmt, ## __VA_ARGS__); \ + } + + +/* + *---------------------------------------------------------------------- + * + * OffspringPanic -- + * + * Called by offspring processes to print an error message to stderr + * and abort. + * + * Results: + * None + * + * Side effects: + * None + * + *---------------------------------------------------------------------- + */ + +static void +OffspringPanic(const char *fmt, ...) +{ + char cwd[PATH_MAX]; + va_list args; + + va_start(args, fmt); + vfprintf(stderr, fmt, args); + va_end(args); + + /* + * Refer to bora-vmsoft/apps/vmtoolslib/vmtoolsLog.c::VMToolsLogPanic + */ + if (getcwd(cwd, sizeof cwd) != NULL) { + if (access(cwd, W_OK) == -1) { + /* + * Can't write to the working dir. chdir() to the user's home + * directory as an attempt to get a valid core dump. + */ + const char *home = getenv("HOME"); + if (home != NULL) { + if (chdir(home)) { + /* Just to make glibc headers happy. */ + } + } + } + } + + abort(); +} + +#endif + + /* *---------------------------------------------------------------------- * @@ -1436,13 +1577,13 @@ ProcMgrStartProcess(char const *cmd, // IN: UTF-8 encoded cmd */ if (!CodeSet_Utf8ToCurrent(cmd, strlen(cmd), &cmdCurrent, NULL)) { - Warning("Could not convert from UTF-8 to current\n"); + SAFE_WARNING("Could not convert from UTF-8 to current\n"); return -1; } if ((NULL != workingDir) && !CodeSet_Utf8ToCurrent(workingDir, strlen(workingDir), &workDir, NULL)) { - Warning("Could not convert workingDir from UTF-8 to current\n"); + SAFE_WARNING("Could not convert workingDir from UTF-8 to current\n"); return -1; } @@ -1485,7 +1626,7 @@ ProcMgrStartProcess(char const *cmd, // IN: UTF-8 encoded cmd pid = fork(); if (pid == -1) { - Warning("Unable to fork: %s.\n\n", strerror(errno)); + SAFE_WARNING("Unable to fork: %s.\n\n", strerror(errno)); } else if (pid == 0) { static const char bashShellPath[] = BASH_PATH; char *bashArgs[] = { "bash", "-c", cmdCurrent, NULL }; @@ -1494,6 +1635,11 @@ ProcMgrStartProcess(char const *cmd, // IN: UTF-8 encoded cmd const char *shellPath; char **args; + /* + * Child + */ + gOffspringProcess = TRUE; + /* * Check bug 772203. To start the program, we start the shell * and specify the program using the option '-c'. We should return the @@ -1518,10 +1664,6 @@ ProcMgrStartProcess(char const *cmd, // IN: UTF-8 encoded cmd args = bourneArgs; } - /* - * Child - */ - #ifdef __APPLE__ /* * On OS X with security fixes, we cannot revert the real uid if @@ -1533,14 +1675,15 @@ ProcMgrStartProcess(char const *cmd, // IN: UTF-8 encoded cmd * root. */ if (!ProcMgr_PromoteEffectiveToReal()) { - Panic("%s: Could not set real uid to effective\n", __FUNCTION__); + SAFE_PANIC("%s: Could not set real uid to effective\n", + __FUNCTION__); } #endif if (NULL != workDir) { if (chdir(workDir) != 0) { - Warning("%s: Could not chdir(%s) %s\n", __FUNCTION__, workDir, - strerror(errno)); + SAFE_WARNING("%s: Could not chdir(%s) %s\n", __FUNCTION__, + workDir, strerror(errno)); } } @@ -1551,8 +1694,8 @@ ProcMgrStartProcess(char const *cmd, // IN: UTF-8 encoded cmd } /* Failure */ - Panic("Unable to execute the \"%s\" shell command: %s.\n\n", - cmd, strerror(errno)); + SAFE_PANIC("Unable to execute the \"%s\" shell command: %s.\n\n", + cmd, strerror(errno)); } #endif @@ -1612,8 +1755,8 @@ ProcMgrWaitForProcCompletion(pid_t pid, // IN continue; } - Warning("Unable to wait for the process %"FMTPID" to terminate: " - "%s.\n\n", pid, strerror(errno)); + SAFE_WARNING("Unable to wait for the process %"FMTPID" to terminate: " + "%s.\n\n", pid, strerror(errno)); return FALSE; } @@ -1625,8 +1768,8 @@ ProcMgrWaitForProcCompletion(pid_t pid, // IN retVal = (WIFEXITED(childStatus) && WEXITSTATUS(childStatus) == 0); - Debug("Done waiting for process: %"FMTPID" (%s)\n", pid, - retVal ? "success" : "failure"); + SAFE_DEBUG("Done waiting for process: %"FMTPID" (%s)\n", pid, + retVal ? "success" : "failure"); return retVal; } @@ -1686,6 +1829,7 @@ ProcMgr_ExecAsync(char const *cmd, // IN: UTF-8 command line /* * Child */ + gOffspringProcess = TRUE; /* * shut down everything but stdio and the pipe() we just made. @@ -1702,6 +1846,16 @@ ProcMgr_ExecAsync(char const *cmd, // IN: UTF-8 command line } } + close(readFd); + + /* + * Child should not invoke parent's logging facilities as logging mutex + * could have been locked at fork time. Also, logging file descriptors + * have already been closed now. + * Child shall terminate with _exit() or abort() to avoid calling any + * functions registered with atexit() or on_exit() in the parent. + */ + if (Signal_SetGroupHandler(cSignals, olds, ARRAYSIZE(cSignals), #ifndef sun SIG_DFL @@ -1712,15 +1866,14 @@ ProcMgr_ExecAsync(char const *cmd, // IN: UTF-8 command line status = FALSE; } - close(readFd); - /* * Only run the program if we have not already experienced a failure. */ if (status) { childPid = ProcMgrStartProcess(cmd, userArgs ? userArgs->envp : NULL, - userArgs ? userArgs->workingDirectory : NULL); + userArgs ? userArgs->workingDirectory : + NULL); status = childPid != -1; } @@ -1729,14 +1882,14 @@ ProcMgr_ExecAsync(char const *cmd, // IN: UTF-8 command line * report the result pid back synchronously. */ if (write(writeFd, &childPid, sizeof childPid) == -1) { - Warning("Waiter unable to write back to parent.\n"); + SAFE_WARNING("Waiter unable to write back to parent.\n"); /* * This is quite bad, since the original process will block * waiting for data. Unfortunately, there isn't much to do * (other than trying some other IPC mechanism). */ - exit(-1); + _exit(-1); } if (status) { @@ -1745,35 +1898,36 @@ ProcMgr_ExecAsync(char const *cmd, // IN: UTF-8 command line * finishes executing. */ ASSERT(pid != -1); - status = ProcMgrWaitForProcCompletion(childPid, &validExitCode, &exitCode); + status = ProcMgrWaitForProcCompletion(childPid, &validExitCode, + &exitCode); } /* * We always have to send IPC back to caller, so that it does not * block waiting for data we'll never send. */ - Debug("Writing the command %s a success to fd %x\n", - status ? "was" : "was not", writeFd); + SAFE_DEBUG("Writing the command %s a success to fd %x\n", + status ? "was" : "was not", writeFd); if (write(writeFd, &status, sizeof status) == -1) { - Warning("Waiter unable to write back to parent\n"); + SAFE_WARNING("Waiter unable to write back to parent\n"); /* * This is quite bad, since the original process will block * waiting for data. Unfortunately, there isn't much to do * (other than trying some other IPC mechanism). */ - exit(-1); + _exit(-1); } if (write(writeFd, &exitCode, sizeof exitCode) == -1) { - Warning("Waiter unable to write back to parent\n"); + SAFE_WARNING("Waiter unable to write back to parent\n"); /* * This is quite bad, since the original process will block * waiting for data. Unfortunately, there isn't much to do * (other than trying some other IPC mechanism). */ - exit(-1); + _exit(-1); } close(writeFd); @@ -1789,7 +1943,7 @@ ProcMgr_ExecAsync(char const *cmd, // IN: UTF-8 command line exitCode = 0; } - exit(exitCode); + _exit(exitCode); } /* @@ -2460,12 +2614,12 @@ ProcMgr_PromoteEffectiveToReal(void) ret = setregid(gid, gid); if (ret < 0) { - Warning("Failed to setregid(%d) %d\n", gid, errno); + SAFE_WARNING("Failed to setregid(%d) %d\n", gid, errno); return FALSE; } ret = setreuid(uid, uid); if (ret < 0) { - Warning("Failed to setreuid(%d) %d\n", uid, errno); + SAFE_WARNING("Failed to setreuid(%d) %d\n", uid, errno); return FALSE; } From 550b331d8c9b738065ea4c99daa07dcd1ab9235d Mon Sep 17 00:00:00 2001 From: Kruti Date: Fri, 3 May 2024 09:05:45 -0700 Subject: [PATCH 171/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_atomic.h | 15 --------------- 1 file changed, 15 deletions(-) diff --git a/open-vm-tools/lib/include/vm_atomic.h b/open-vm-tools/lib/include/vm_atomic.h index f3bbb8437..db9d2cdd8 100644 --- a/open-vm-tools/lib/include/vm_atomic.h +++ b/open-vm-tools/lib/include/vm_atomic.h @@ -188,26 +188,11 @@ typedef ALIGNED(16) struct Atomic_uint128 { * Whether GCC flags output operands are supported. * If building with GCC 6+ on x86, and 10+ on arm, flags output is supported. * Some pieces are still built with GCC 4, which doesn't support flag outputs. - * Also support was added for x86 before ARM / AARCH64. */ #ifdef __GCC_ASM_FLAG_OUTPUTS__ -/* - * The above check should be sufficient to see whether the current compiler - * supports GCC style assembly flag outputs, but just in case print a debug - * message if it looks like we're being compiled with an older version of - * GCC before assembly flag outputs was added. - */ -#if defined(VM_X86_ANY) && __GNUC__ < 6 - #pragma message "GCC < 6 claims to support x86 asm flag outputs" -#elif defined(VM_ARM_ANY) && __GNUC__ < 10 - #pragma message "GCC < 10 claims to support ARM asm flag outputs" -#endif - #define IF_ASM_FLAG_OUTPUT(supportedValue, fallbackValue) supportedValue - #else /* older gcc (or not gcc), flags output is not supported */ #define IF_ASM_FLAG_OUTPUT(supportedValue, fallbackValue) fallbackValue - #endif From a0ffd2a0bf2a1f22cce695adad374628c832555c Mon Sep 17 00:00:00 2001 From: Kruti Date: Fri, 3 May 2024 09:15:25 -0700 Subject: [PATCH 172/375] Copyright update. --- open-vm-tools/modules/shared/vmxnet/vmxnet3_defs.h | 3 +-- .../services/plugins/serviceDiscovery/get-connection-info.sh | 5 ++++- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/open-vm-tools/modules/shared/vmxnet/vmxnet3_defs.h b/open-vm-tools/modules/shared/vmxnet/vmxnet3_defs.h index 72f9e3bbd..92a216eb8 100644 --- a/open-vm-tools/modules/shared/vmxnet/vmxnet3_defs.h +++ b/open-vm-tools/modules/shared/vmxnet/vmxnet3_defs.h @@ -1,7 +1,6 @@ /********************************************************* * Copyright (c) 2007-2024 Broadcom. All Rights Reserved. - * Broadcom Confidential. The term "Broadcom" refers to Broadcom Inc. - * and/or its subsidiaries. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/open-vm-tools/services/plugins/serviceDiscovery/get-connection-info.sh b/open-vm-tools/services/plugins/serviceDiscovery/get-connection-info.sh index 804f651ee..0a3c0e1c0 100644 --- a/open-vm-tools/services/plugins/serviceDiscovery/get-connection-info.sh +++ b/open-vm-tools/services/plugins/serviceDiscovery/get-connection-info.sh @@ -1,6 +1,9 @@ #!/bin/sh -# Copyright (C) 2020 VMware, Inc. All rights reserved. +#################################################################### +# Copyright (c) 2020-2024 Broadcom. All Rights Reserved. +# The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. +#################################################################### # check if necesary commands exist command -v ss >/dev/null 2>&1 || { echo >&2 "ss doesn't exist"; exit 1; } From 9e85a0c132b8aa01e27bf958b61a802602352311 Mon Sep 17 00:00:00 2001 From: Kruti Date: Fri, 3 May 2024 09:27:03 -0700 Subject: [PATCH 173/375] Update ChangeLog with the granular push of May 3, 2024. - plus Copyright modification of files vmxnet3_defs.h and get-connection-info.sh. - plus ChangeLog update of Apr 7, 2024. --- open-vm-tools/ChangeLog | 216 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 216 insertions(+) diff --git a/open-vm-tools/ChangeLog b/open-vm-tools/ChangeLog index caf39e16c..78b2ae3ac 100644 --- a/open-vm-tools/ChangeLog +++ b/open-vm-tools/ChangeLog @@ -1,3 +1,219 @@ +commit a0ffd2a0bf2a1f22cce695adad374628c832555c +Author: Kruti +Date: Fri May 3 09:15:25 2024 -0700 + + Copyright update. + +commit 550b331d8c9b738065ea4c99daa07dcd1ab9235d +Author: Kruti +Date: Fri May 3 09:05:45 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit 3abed5b9e3060208a02dd404749a3683b5aec79b +Author: Kruti +Date: Fri May 3 09:05:45 2024 -0700 + + ProcManagerPosix.c: Direct child process's logs to stdio. + + Mutexes in lib/libvmtools/vmtoolsLog.c and glib could have been locked + at fork time. The vmtoolsLog.c Debug(), Warning() and Panic()functions + are not safe for child processes. + - Direct the offspring process's logs to stdio. + - Terminate the offspring process with _exit() or abort(). + +commit 12f3303f0559e74724b0656d192d32bd54957350 +Author: Kruti +Date: Fri May 3 09:05:45 2024 -0700 + + Fix the Y2K38_SAFETY finding found by Coverity scan. + + Change the date type to 'long long' to make the size be 64 bits, + same as that of time_t. + +commit f9aaf02fd8c3e928bc1706fc9c692a6190a03a23 +Author: Kruti +Date: Fri May 3 09:05:45 2024 -0700 + + Service Discovery data collection duration takes > 70 minutes when + monitoring large setups. + + The issue happens on vrops node VMs that are part of large clusters + because these kind of nodes typically have a large amount of tcp/udp + connections. The root cause of the issue is an enormous number of + spaces generated by "ss -antup | grep -E $pattern" command in + get-connection-info.sh. The SDMP plugin considers these spaces while + calculating the chunk size for writing into NDB and writing about 200-400 + chunks for the get-connection-info key. Processing of this amount of + data slows down the discovery process on both the adapter and plugin sides + and, as a result, the discovery exceeds the timing limit and fails. + + The solution is to remove unnecessary spaces from the end of the + get-connection-info output lines. + +commit fa6d75da8c15c7fb3a696839c9f4aa7b43344d31 +Author: Kruti +Date: Fri May 3 09:05:45 2024 -0700 + + Change to common source file not applicable to open-vm-tools at this time. + +commit 5681e42c30f9a8875abfcdecb8c12ee8c51416f1 +Author: Kruti +Date: Fri May 3 09:05:45 2024 -0700 + + Record the use of version 12.4.5 in the vm_tools_version.h header + +commit 200fa56ef5f0097df888c34e24cb52c9c947d287 +Author: Kruti +Date: Fri May 3 09:05:45 2024 -0700 + + Fixes for issues found in Coverity scan. + + vgauth/serviceImpl/saml-xmlsec1.c + issue: 'string_null' for strlen(pemCert) + impact: False-positive + fix: suppress 'string_null' + issue: leaked_storage: certChain is not cleaned up on error. + impact: Memory is leaked on the error path. + fix: Add line before return to free certChain. + + vgauth/common/i18n.c + issue: 'leaked_storage' for "name" variable + impact: False-positive + fix: suppress 'leaked_storage' + + lib/file/file.c + issue: use_after_free for 'src' pointer + impact: False-positive + fix: suppress 'use_after_free' + + services/plugins/serviceDiscovery/serviceDiscovery.c + issue: overrun-local: gdpErrMsgs array contains one less entry then there are + enum defined. + impact: Valid but the function never return the GDP_ERR_MAX enum. + fix: in gdp.h, add an error entry for GDP_ERR_MAX this way gdpErrMsgs will + generate all entries. + + lib/file/fileLockPosix.c + issue: string_null for 'buffer' not being null terminated. + impact: False-positive + fix: suppress 'string_null' + +commit 1963bfed9f388aa57c9a8fc5d0f17424c76cbe60 +Author: Kruti +Date: Fri May 3 09:05:45 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit 1d19761e81b9a601b6fdb10109c92331f0b11eef +Author: Kruti +Date: Fri May 3 09:05:45 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit 5c10fab774d061230e8e747569d918272b182366 +Author: Kruti +Date: Fri May 3 09:05:45 2024 -0700 + + Fix the SHELLCHECK_WARNING findings from static application security testing + (SAST) + + install/Linux/scripts/network: Multiple shellcheck issues found in the + Linux "network" script with the warning "Remove backticks to avoid + executing output (or use eval if intentional)." + + Removed the backticks from those corresponding lines of the script. + +commit b892d59578b2a3d65f473d6f597df2f3c95997bf +Author: Kruti +Date: Fri May 3 09:05:45 2024 -0700 + + [Coverity]: Fix the Y2K38_SAFETY findings from static application security + testing (SAST) + + guestInfoServer.c -- 2 issues reported in file + issue: casting time_t (64bits) to int (32bits) causing Y2K38_SAFETY. + impact: delta is a time delta in seconds, overflow if delta >= + (G_MAXINT/1000)+1 + fix: Remove cast on delta, cast both values as int64. + + issue: casting time_t to int for logging to a '%d'. + impact: delta is a time delta in seconds, not expected to overflow a 32 bit + int. + fix: Remove cast on delta, change string to use '%"FMT64"d' format and cast + the time_t to int64; time_t is defined as 'long int'. + + vixTools.c -- 7 issues reported in file + issue: casting time_t to int for convertion to string (xml) + impact: procStartTime is a time from epoch, it will overflow the int in Y2K38. + fix: Remove the cast, change the string to use '%"FMT64"d"' and cast the + time_t to int64; time_t is defined as 'long int'. + + issues: casting time_t to int in call to VixToolsPrintProcInfoEx. + impact: The times used are time from epoch and will be impacted by Y2K38. + fix: Change signature of VixToolsPrintProcInfoEx to take in time_t types. + Change VixToolsPrintProcInfoEx to use '%"FMT64"d' in string conversions. + and cast the time_t to int64; time_t is defined as 'long int'. + +commit ae31ed20bfbf0e744701f60b7839f88aa73ae554 +Author: Kruti +Date: Fri May 3 09:05:44 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit ffd52c7e4010098893a34c66b6d70b500d98711e +Author: Kruti +Date: Fri May 3 09:05:44 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit 1b3e41d24086fed921982674daa89f70d3bd677e +Author: Kruti +Date: Fri May 3 09:05:44 2024 -0700 + + Style correction in Broadcom copyright. + +commit 8336d5d8ace540b356813c197794d5f14f2ae38b +Author: Kruti +Date: Fri May 3 09:05:44 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit e2d1f8c418c72f21f0ef44a83262d19e0f68185e +Author: Kruti +Date: Fri May 3 09:05:44 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit c48b6ac791d13313db4cb023b275bb6df90c565a +Author: Kruti +Date: Fri May 3 09:05:44 2024 -0700 + + Change to common source files not applicable to open-vm-tools. + +commit 98e9e31448b81ff4ba8f4ec29c893957aa9d07aa +Author: Kruti +Date: Fri May 3 09:05:44 2024 -0700 + + Stop the glib based logging to avoid nested logging from RpcChannel error. + +commit 7f68542609c84b573b0faee31acd4aa5dfffc94b +Author: Kruti +Date: Fri May 3 09:05:44 2024 -0700 + + GuestOS: Explicitly identify Flatcar Linux + + We support a VMX guestOS string for Flatcar Linux ("flatcar-64"). + Update the guest identification code to report Flatcar, rather than + generically (other linux - 64). + +commit 831d35dfed2fc94eb8dfa61cf16cfc7b9d1a2a36 +Author: Kruti +Date: Sun Apr 7 23:49:24 2024 -0700 + + Update ChangeLog with the granular push of Apr 7, 2024. + - Plus ChangeLog update Mar 18, 2024. + commit 9026382b617114a4ea10593be3358d4f5470160a Author: Kruti Date: Sun Apr 7 23:26:32 2024 -0700 From 52596dea1e33e40ad8f518d445b53d7f0a4f34f1 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 20 May 2024 22:58:12 -0700 Subject: [PATCH 174/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/loglevel_userVars.h | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/loglevel_userVars.h b/open-vm-tools/lib/include/loglevel_userVars.h index b5ada8c6d..2831d6ba6 100644 --- a/open-vm-tools/lib/include/loglevel_userVars.h +++ b/open-vm-tools/lib/include/loglevel_userVars.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 1998-2023 VMware, Inc. All rights reserved. + * Copyright (c) 1998-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -342,6 +343,7 @@ LOGLEVEL_VAR(wifi), /* macWireless and wpa_supplicant */ \ LOGLEVEL_VAR(win32util), \ LOGLEVEL_VAR(worker), \ + LOGLEVEL_VAR(xled), \ LOGLEVEL_VAR(xpmode) /* end of list */ From 31894dfbfcd91efe5a2712c2f33ce9114d942e11 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 20 May 2024 22:58:12 -0700 Subject: [PATCH 175/375] Fix LOCK_EVASION issue found by Coverity scan. fileLogger.c -- 2 issues reported in file issue: MultiReader/SingleWriter lock race conditions between assign and check. fix: Mitigation more than fix. issue: Coverity seems confused by the MR/SW lock, but there is some data field assignment performed under the wrong lock to clean up. fix: Move assignment made under Read lock to Write lock. Moved setting the data->error status inside of writer lock block. Added re-checking the data->error status at reader -> writer and writer -> reader lock transitions. --- open-vm-tools/vgauth/service/fileLogger.c | 21 +++++++++++++++------ 1 file changed, 15 insertions(+), 6 deletions(-) diff --git a/open-vm-tools/vgauth/service/fileLogger.c b/open-vm-tools/vgauth/service/fileLogger.c index e38007700..49f60da43 100644 --- a/open-vm-tools/vgauth/service/fileLogger.c +++ b/open-vm-tools/vgauth/service/fileLogger.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 2011-2019 VMware, Inc. All rights reserved. + * Copyright (c) 2011-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -233,14 +234,17 @@ ServiceFileLogger_Log(const gchar *domain, */ g_rw_lock_reader_unlock(&data->lock); g_rw_lock_writer_lock(&data->lock); - if (data->file == NULL) { + if (data->file == NULL && !data->error) { data->file = ServiceFileLoggerOpen(data); + if (data->file == NULL) { + data->error = TRUE; + fprintf(stderr, "Unable to open log file %s\n", data->path); + } } g_rw_lock_writer_unlock(&data->lock); g_rw_lock_reader_lock(&data->lock); - if (data->file == NULL) { - data->error = TRUE; - fprintf(stderr, "Unable to open log file %s\n", data->path); + if (data->error) { + /* Error set here or in another thread */ goto exit; } } @@ -258,10 +262,15 @@ ServiceFileLogger_Log(const gchar *domain, /* Drop the reader lock, grab the writer lock and re-check. */ g_rw_lock_reader_unlock(&data->lock); g_rw_lock_writer_lock(&data->lock); - if (g_atomic_int_get(&data->logSize) >= data->maxSize) { + if (!data->error && data->file != NULL && + g_atomic_int_get(&data->logSize) >= data->maxSize) { fclose(data->file); data->append = FALSE; data->file = ServiceFileLoggerOpen(data); + if (data->file == NULL) { + data->error = TRUE; + fprintf(stderr, "Unable to reopen log file %s\n", data->path); + } } g_rw_lock_writer_unlock(&data->lock); g_rw_lock_reader_lock(&data->lock); From b437f6f4ae99b540820cb66dabc716eb43c5c71a Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 20 May 2024 22:58:12 -0700 Subject: [PATCH 176/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_product_versions.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/vm_product_versions.h b/open-vm-tools/lib/include/vm_product_versions.h index 196cf4228..a2a199ad2 100644 --- a/open-vm-tools/lib/include/vm_product_versions.h +++ b/open-vm-tools/lib/include/vm_product_versions.h @@ -376,7 +376,7 @@ #define PRECHECK_VERSION "e.x.p" #define VHSESDK_VERSION "1.0.0" #define VIEWVC_VERSION "14.0.2" -#define WCP_VERSION "0.1.8" +#define WCP_VERSION "0.1.9" #define VSTATS_VERSION "0.0.1" #define XVP_VERSION "1.0.0" /* From f9649775dafd0c2666f86357c1f72fb10e0d18c4 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 20 May 2024 22:58:12 -0700 Subject: [PATCH 177/375] [Coverity]: UNINIT in resolutionSet finding from static application security testing (SAST) resolutionSet.c -- 1 issue reported in the file issue: capabilityArray not initialized or partially initialized when reaching the statement. impact: False-positive fix: suppress 'uninit_use_in_call' VMTools_WrapArray converts the capabilityArray to a GArray. The 'wrapped' array is allocated space for capabilityCount elements and only the first capabilityCount elements are COPIED from capabilityArray to the allocated GArray. As such, the uninitialized elements of the capabilityArray are never used to generate the returned GArray. While technically true (uninitialized) there is no reason to zero the array indexes from capabilityCount through to the end of the array as these elements are unused. --- .../services/plugins/resolutionSet/resolutionSet.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/services/plugins/resolutionSet/resolutionSet.c b/open-vm-tools/services/plugins/resolutionSet/resolutionSet.c index 4cc9bd164..d4f7293d7 100644 --- a/open-vm-tools/services/plugins/resolutionSet/resolutionSet.c +++ b/open-vm-tools/services/plugins/resolutionSet/resolutionSet.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 2008-2018 VMware, Inc. All rights reserved. + * Copyright (c) 2008-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -510,6 +511,12 @@ ResolutionSetCapabilities(gpointer src, ASSERT(capabilityCount <= RESOLUTION_SET_CAPABILITIES_MAX); + /* + * VMTools_WrapArray copies the first capabilityCount elements from + * capabilityArray to the returned GArray. The uninitialized elements are not + * used. + */ + /* coverity[uninit_use_in_call] */ return VMTools_WrapArray(capabilityArray, sizeof *capabilityArray, capabilityCount); From ec5f27caeb454cf1c4142a7e95f98b9d2e001b3d Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 20 May 2024 22:58:12 -0700 Subject: [PATCH 178/375] Fix copyright years. --- open-vm-tools/libvmtools/vmtoolsLog.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/open-vm-tools/libvmtools/vmtoolsLog.c b/open-vm-tools/libvmtools/vmtoolsLog.c index d5f41b652..eb3e699e8 100644 --- a/open-vm-tools/libvmtools/vmtoolsLog.c +++ b/open-vm-tools/libvmtools/vmtoolsLog.c @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (c) 2008-2021,2024 Broadcom. All rights reserved. + * Copyright (c) 2008-2024 Broadcom. All rights reserved. * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it From 0ffadd28557203cd0c994e48ccb442f1405a85c8 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 20 May 2024 22:58:12 -0700 Subject: [PATCH 179/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_product_versions.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/open-vm-tools/lib/include/vm_product_versions.h b/open-vm-tools/lib/include/vm_product_versions.h index a2a199ad2..f9edc1ce1 100644 --- a/open-vm-tools/lib/include/vm_product_versions.h +++ b/open-vm-tools/lib/include/vm_product_versions.h @@ -532,7 +532,7 @@ # define PRODUCT_LICENSE_VERSION PRODUCT_FLEX_VERSION_STRING_FOR_LICENSE # elif defined(VMX86_VPX) # define PRODUCT_LICENSE_VERSION "8.0" -# define PRODUCT_LICENSE_FILE_VERSION "8.0.4.0" +# define PRODUCT_LICENSE_FILE_VERSION "8.0.5.0" # elif defined(VMX86_SDK) # define PRODUCT_LICENSE_VERSION "1.0" # elif defined(VMX86_P2V) @@ -550,7 +550,7 @@ # define PRODUCT_VERSION_STRING_FOR_LICENSE PRODUCT_LICENSE_VERSION #endif #define PRODUCT_ESX_LICENSE_VERSION "8.0" -#define PRODUCT_ESX_LICENSE_FILE_VERSION "8.0.4.0" +#define PRODUCT_ESX_LICENSE_FILE_VERSION "8.0.5.0" /* * The configuration file version string should be changed From 2723eb37bad5d86683e67c6c6d09871da35e92e3 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 20 May 2024 22:58:12 -0700 Subject: [PATCH 180/375] Log customized error exit code from offspring processes. --- open-vm-tools/lib/procMgr/procMgrPosix.c | 104 +++++++++++++++++++---- 1 file changed, 88 insertions(+), 16 deletions(-) diff --git a/open-vm-tools/lib/procMgr/procMgrPosix.c b/open-vm-tools/lib/procMgr/procMgrPosix.c index e761489cc..bd89a5eb6 100644 --- a/open-vm-tools/lib/procMgr/procMgrPosix.c +++ b/open-vm-tools/lib/procMgr/procMgrPosix.c @@ -90,6 +90,25 @@ #endif +/* + * Use custom exit code in the range [166, 199] + */ + +#define PROCMGR_CUSTOM_EXIT_CODE_BASE 166 + +enum { + PROCMGR_ERROR_CMD_ENCODE = PROCMGR_CUSTOM_EXIT_CODE_BASE, + PROCMGR_ERROR_WORKDIR_ENCODE, + PROCMGR_ERROR_VMK_FORKEXEC, + PROCMGR_ERROR_FORK, + PROCMGR_ERROR_SETREGID, + PROCMGR_ERROR_SETREUID, + PROCMGR_ERROR_SET_SIG_HANDLER, + PROCMGR_ERROR_WRITE_PIPE, + PROCMGR_ERROR_WAITPID +}; + + /* * All signals that: * . Can terminate the process @@ -105,6 +124,7 @@ static int const cSignals[] = { }; static Bool gOffspringProcess = FALSE; +static int gOffspringExitCode = 0; /* @@ -167,6 +187,14 @@ Bool ProcMgr_PromoteEffectiveToReal(void); Warning(fmt, ## __VA_ARGS__); \ } +#define SET_OFFSPRING_EXIT_CODE(exitCode) \ + if (gOffspringProcess) { \ + gOffspringExitCode = exitCode; \ + } + +#define EXIT_ON_ERROR_WRITE_PIPE() \ + _exit(gOffspringExitCode ? gOffspringExitCode : PROCMGR_ERROR_WRITE_PIPE) + /* *---------------------------------------------------------------------- @@ -283,6 +311,40 @@ OffspringPanic(const char *fmt, ...) #endif +/* + *---------------------------------------------------------------------- + * + * WaitOffspring -- + * + * Wait to de-zombify a direct child process specified by pid. + * + * Results: + * None + * + * Side effects: + * None + * + *---------------------------------------------------------------------- + */ + +static void +WaitOffspring(pid_t pid) +{ + int status; + pid_t retVal; + + retVal = waitpid(pid, &status, 0); + if (retVal == pid) { + SAFE_DEBUG("waitpid(%"FMTPID") returned child status: 0x%08x, " + "WIFEXITED flag: %d, WEXITSTATUS value: %d\n", + pid, status, WIFEXITED(status), WEXITSTATUS(status)); + } else { + SAFE_WARNING("waitpid(%"FMTPID") returned %"FMTPID" with error: %s\n", + pid, retVal, strerror(errno)); + } +} + + /* *---------------------------------------------------------------------- * @@ -1449,6 +1511,7 @@ ProcMgrExecSync(char const *cmd, // IN: UTF-8 command line { pid_t pid; + ASSERT(cmd != NULL); Debug("Executing sync command: %s\n", cmd); if (validExitCode != NULL) { @@ -1566,10 +1629,7 @@ ProcMgrStartProcess(char const *cmd, // IN: UTF-8 encoded cmd char **envpCurrent = NULL; char *workDir = NULL; - if (cmd == NULL) { - ASSERT(FALSE); - return -1; - } + ASSERT(cmd != NULL); /* * Convert the strings before the call to fork(), since the conversion @@ -1578,12 +1638,14 @@ ProcMgrStartProcess(char const *cmd, // IN: UTF-8 encoded cmd if (!CodeSet_Utf8ToCurrent(cmd, strlen(cmd), &cmdCurrent, NULL)) { SAFE_WARNING("Could not convert from UTF-8 to current\n"); + SET_OFFSPRING_EXIT_CODE(PROCMGR_ERROR_CMD_ENCODE); return -1; } if ((NULL != workingDir) && !CodeSet_Utf8ToCurrent(workingDir, strlen(workingDir), &workDir, NULL)) { SAFE_WARNING("Could not convert workingDir from UTF-8 to current\n"); + SET_OFFSPRING_EXIT_CODE(PROCMGR_ERROR_WORKDIR_ENCODE); return -1; } @@ -1619,6 +1681,7 @@ ProcMgrStartProcess(char const *cmd, // IN: UTF-8 encoded cmd pid = (pid_t)outPid; } else { VmkuserStatus_CodeToErrno(status, &errno); + SET_OFFSPRING_EXIT_CODE(PROCMGR_ERROR_VMK_FORKEXEC); pid = -1; } } while (FALSE); @@ -1627,6 +1690,7 @@ ProcMgrStartProcess(char const *cmd, // IN: UTF-8 encoded cmd if (pid == -1) { SAFE_WARNING("Unable to fork: %s.\n\n", strerror(errno)); + SET_OFFSPRING_EXIT_CODE(PROCMGR_ERROR_FORK); } else if (pid == 0) { static const char bashShellPath[] = BASH_PATH; char *bashArgs[] = { "bash", "-c", cmdCurrent, NULL }; @@ -1639,6 +1703,7 @@ ProcMgrStartProcess(char const *cmd, // IN: UTF-8 encoded cmd * Child */ gOffspringProcess = TRUE; + gOffspringExitCode = 0; /* * Check bug 772203. To start the program, we start the shell @@ -1757,7 +1822,7 @@ ProcMgrWaitForProcCompletion(pid_t pid, // IN SAFE_WARNING("Unable to wait for the process %"FMTPID" to terminate: " "%s.\n\n", pid, strerror(errno)); - + SET_OFFSPRING_EXIT_CODE(PROCMGR_ERROR_WAITPID); return FALSE; } @@ -1787,7 +1852,8 @@ ProcMgrWaitForProcCompletion(pid_t pid, // IN * NULL if the cmd failed to be forked. * * Side effects: - * The cmd is run. + * The cmd is run. + * ProcMgrStartProcess sets gOffspringExitCode on failure. * *---------------------------------------------------------------------- */ @@ -1802,6 +1868,7 @@ ProcMgr_ExecAsync(char const *cmd, // IN: UTF-8 command line pid_t resultPid; int readFd, writeFd; + ASSERT(cmd != NULL); Debug("Executing async command: '%s' in working dir '%s'\n", cmd, (userArgs && userArgs->workingDirectory) ? userArgs->workingDirectory : ""); @@ -1830,6 +1897,7 @@ ProcMgr_ExecAsync(char const *cmd, // IN: UTF-8 command line * Child */ gOffspringProcess = TRUE; + gOffspringExitCode = 0; /* * shut down everything but stdio and the pipe() we just made. @@ -1863,6 +1931,7 @@ ProcMgr_ExecAsync(char const *cmd, // IN: UTF-8 command line 0 #endif ) == 0) { + gOffspringExitCode = PROCMGR_ERROR_SET_SIG_HANDLER; status = FALSE; } @@ -1889,7 +1958,7 @@ ProcMgr_ExecAsync(char const *cmd, // IN: UTF-8 command line * waiting for data. Unfortunately, there isn't much to do * (other than trying some other IPC mechanism). */ - _exit(-1); + EXIT_ON_ERROR_WRITE_PIPE(); } if (status) { @@ -1916,7 +1985,7 @@ ProcMgr_ExecAsync(char const *cmd, // IN: UTF-8 command line * waiting for data. Unfortunately, there isn't much to do * (other than trying some other IPC mechanism). */ - _exit(-1); + EXIT_ON_ERROR_WRITE_PIPE(); } if (write(writeFd, &exitCode, sizeof exitCode) == -1) { @@ -1927,7 +1996,7 @@ ProcMgr_ExecAsync(char const *cmd, // IN: UTF-8 command line * waiting for data. Unfortunately, there isn't much to do * (other than trying some other IPC mechanism). */ - _exit(-1); + EXIT_ON_ERROR_WRITE_PIPE(); } close(writeFd); @@ -1939,11 +2008,11 @@ ProcMgr_ExecAsync(char const *cmd, // IN: UTF-8 command line */ } - if (!validExitCode) { - exitCode = 0; + if (validExitCode) { + gOffspringExitCode = exitCode; } - _exit(exitCode); + _exit(gOffspringExitCode); } /* @@ -1975,7 +2044,7 @@ ProcMgr_ExecAsync(char const *cmd, // IN: UTF-8 command line /* * Clean up the child process; it should exit pretty quickly. */ - waitpid(pid, NULL, 0); + WaitOffspring(pid); goto quit; } @@ -2314,7 +2383,7 @@ ProcMgr_GetExitCode(ProcMgr_AsyncProc *asyncProc, // IN if (read(asyncProc->fd, &asyncProc->exitCode, sizeof asyncProc->exitCode) != sizeof asyncProc->exitCode) { - Warning("Error reading async process status.\n"); + Warning("Error reading async process exitCode.\n"); goto exit; } @@ -2328,8 +2397,9 @@ ProcMgr_GetExitCode(ProcMgr_AsyncProc *asyncProc, // IN exit: if (asyncProc->waiterPid != -1) { - Debug("Waiting on pid %"FMTPID" to de-zombify it\n", asyncProc->waiterPid); - waitpid(asyncProc->waiterPid, NULL, 0); + Debug("Waiting on pid %"FMTPID" to de-zombify it\n", + asyncProc->waiterPid); + WaitOffspring(asyncProc->waiterPid); asyncProc->waiterPid = -1; } return (asyncProc->exitCode == -1) ? -1 : 0; @@ -2615,11 +2685,13 @@ ProcMgr_PromoteEffectiveToReal(void) ret = setregid(gid, gid); if (ret < 0) { SAFE_WARNING("Failed to setregid(%d) %d\n", gid, errno); + SET_OFFSPRING_EXIT_CODE(PROCMGR_ERROR_SETREGID); return FALSE; } ret = setreuid(uid, uid); if (ret < 0) { SAFE_WARNING("Failed to setreuid(%d) %d\n", uid, errno); + SET_OFFSPRING_EXIT_CODE(PROCMGR_ERROR_SETREUID); return FALSE; } From 33aa649c612d2a41f850ace726047fb5d6f70475 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 20 May 2024 22:58:12 -0700 Subject: [PATCH 181/375] Remove unused header files from the open-vm-tools source bundle. --- open-vm-tools/lib/include/miscSolaris.h | 47 ----- open-vm-tools/lib/include/syncEvent.h | 89 -------- open-vm-tools/lib/include/vm_basic_math.h | 197 ------------------ open-vm-tools/lib/include/vm_legal.h | 94 --------- .../libDeployPkg/libDeployPkg_version.h | 37 ---- .../libguestlib/vmguestlib_version.h | 39 ---- open-vm-tools/vgauth/common/createToken.h | 36 ---- open-vm-tools/vgauth/common/s4u2self.h | 33 --- open-vm-tools/vgauth/common/serviceUser.h | 37 ---- .../vgauth/public/VGAuthIdProvider.h | 185 ---------------- .../vgauth/service/vgauthService_version.h | 39 ---- 11 files changed, 833 deletions(-) delete mode 100644 open-vm-tools/lib/include/miscSolaris.h delete mode 100644 open-vm-tools/lib/include/syncEvent.h delete mode 100644 open-vm-tools/lib/include/vm_basic_math.h delete mode 100644 open-vm-tools/lib/include/vm_legal.h delete mode 100644 open-vm-tools/libDeployPkg/libDeployPkg_version.h delete mode 100644 open-vm-tools/libguestlib/vmguestlib_version.h delete mode 100644 open-vm-tools/vgauth/common/createToken.h delete mode 100644 open-vm-tools/vgauth/common/s4u2self.h delete mode 100644 open-vm-tools/vgauth/common/serviceUser.h delete mode 100644 open-vm-tools/vgauth/public/VGAuthIdProvider.h delete mode 100644 open-vm-tools/vgauth/service/vgauthService_version.h diff --git a/open-vm-tools/lib/include/miscSolaris.h b/open-vm-tools/lib/include/miscSolaris.h deleted file mode 100644 index c2676ada6..000000000 --- a/open-vm-tools/lib/include/miscSolaris.h +++ /dev/null @@ -1,47 +0,0 @@ -/********************************************************* - * Copyright (C) 2005-2017 VMware, Inc. All rights reserved. - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as published - * by the Free Software Foundation version 2.1 and no later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public - * License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - *********************************************************/ - -/* - *---------------------------------------------------------------------- - * - * miscSolaris -- - * - * Implementation of new Linux functions for Solaris. - * - *---------------------------------------------------------------------- - */ - -#ifndef _MISCSOLARIS_H_ -#define _MISCSOLARIS_H_ - -#define INCLUDE_ALLOW_USERLEVEL - -#if defined(__cplusplus) -extern "C" { -#endif - -int -daemon(int nochdir, int noclose); - -#if defined(__cplusplus) -} // extern "C" -#endif - -#endif /* _MISCSOLARIS_H_ */ - - diff --git a/open-vm-tools/lib/include/syncEvent.h b/open-vm-tools/lib/include/syncEvent.h deleted file mode 100644 index 8e4f13e0d..000000000 --- a/open-vm-tools/lib/include/syncEvent.h +++ /dev/null @@ -1,89 +0,0 @@ -/********************************************************* - * Copyright (C) 2004-2017 VMware, Inc. All rights reserved. - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as published - * by the Free Software Foundation version 2.1 and no later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public - * License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - *********************************************************/ - -/* - * syncEvent.h -- - * - * Implements a platform independent condition event that - * you can either wait on or pass to Poll() or your event loop. - * - * WARNING! - * This is an auto-reset event. So, you cannot use it for devices - * in Poll that may be holding a device lock. It works fine for Poll if - * you don't specify a lock when you register the handle with Poll(). - */ - -#ifndef _SYNC_EVENT_H_ -#define _SYNC_EVENT_H_ - -//#include "syncWaitQ.h" -#include "vm_atomic.h" - -#if defined(__cplusplus) -extern "C" { -#endif - - -#ifndef _WIN32 -typedef enum -{ - READ_FD_INDEX = 0, - WRITE_FD_INDEX = 1, - NUM_SYNC_EVENT_FDS = 2 -} SyncEventFDTypes; -#endif // _WIN32 - - -/* - * SyncEvent -- - */ -typedef struct SyncEvent { - /* - * Whether the waitqueue has been initialized; - */ - Bool initialized; - -#ifdef _WIN32 - HANDLE event; -#else - Atomic_uint32 signalled; - int fdList[NUM_SYNC_EVENT_FDS]; -#endif // #ifdef _WIN32 -} SyncEvent; - - -/* - * Be careful, on win64, handles are 64 bits, but Poll takes an int32. - */ -typedef int32 SyncEventSelectableHandle; - - -Bool SyncEvent_Init(SyncEvent *that); -void SyncEvent_Destroy(SyncEvent *that); - -void SyncEvent_Signal(SyncEvent *that); -Bool SyncEvent_TryWait(SyncEvent *that); -void SyncEvent_Wait(SyncEvent *that); - -SyncEventSelectableHandle SyncEvent_GetHandle(SyncEvent *that); - -#if defined(__cplusplus) -} // extern "C" -#endif - -#endif // #ifndef _SYNC_EVENT_H_ diff --git a/open-vm-tools/lib/include/vm_basic_math.h b/open-vm-tools/lib/include/vm_basic_math.h deleted file mode 100644 index 065ba368f..000000000 --- a/open-vm-tools/lib/include/vm_basic_math.h +++ /dev/null @@ -1,197 +0,0 @@ -/********************************************************* - * Copyright (C) 2008-2017 VMware, Inc. All rights reserved. - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as published - * by the Free Software Foundation version 2.1 and no later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public - * License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - *********************************************************/ - -/* - * vm_basic_math.h -- - * - * Standard mathematical macros for VMware source code. - */ - -#ifndef _VM_BASIC_MATH_H_ -#define _VM_BASIC_MATH_H_ - -#define INCLUDE_ALLOW_USERLEVEL - -#define INCLUDE_ALLOW_MODULE -#define INCLUDE_ALLOW_VMMON -#define INCLUDE_ALLOW_VMKERNEL -#define INCLUDE_ALLOW_VMKDRIVERS -#define INCLUDE_ALLOW_VMK_MODULE -#define INCLUDE_ALLOW_DISTRIBUTE -#define INCLUDE_ALLOW_VMCORE -#include "includeCheck.h" -#include "vm_basic_types.h" // For INLINE. -#include "vm_basic_asm.h" // For Div64... - -#if defined __cplusplus -extern "C" { -#endif - - -static INLINE uint32 -RatioOf(uint32 numer1, uint32 numer2, uint32 denom) -{ - uint64 numer = (uint64)numer1 * numer2; - /* Calculate "(numer1 * numer2) / denom" avoiding round-off errors. */ -#if defined(VMM) || !(defined(__i386__) || defined(__x86_64__)) - return numer / denom; -#else - uint32 ratio; - uint32 unused; - Div643232(numer, denom, &ratio, &unused); - return ratio; -#endif -} - -static INLINE uint32 -ExponentialAvg(uint32 avg, uint32 value, uint32 gainNumer, uint32 gainDenom) -{ - uint32 term1 = gainNumer * avg; - uint32 term2 = (gainDenom - gainNumer) * value; - return (term1 + term2) / gainDenom; -} - - -/* - *----------------------------------------------------------------------------- - * - * IsZeroOrPowerOfTwo -- - * IsZeroOrPowerOfTwo64 -- - * - * Results: - * TRUE iff the value is 0 or a power of two. - * - * Side effects: - * None. - * - *----------------------------------------------------------------------------- - */ - -static INLINE Bool -IsZeroOrPowerOfTwo64(uint64 x) -{ - return !(x & (x - 1)); -} - - -static INLINE Bool -IsZeroOrPowerOfTwo(uint32 x) // IN -{ - return !(x & (x - 1)); -} - - -static INLINE uint32 -GetPowerOfTwo(uint32 x) -{ - /* Returns next-greatest power-of-two. */ - uint32 power2 = 1; - while (x > power2) { - power2 = power2 << 1; - } - return power2; -} - - -#if !defined(_WIN32) && !defined(_WIN64) -/* - *----------------------------------------------------------------------------- - * - * RotateLeft32 -- - * - * Results: - * Value rotated to the left by 'shift' bits. - * - * Side effects: - * None. - * - *----------------------------------------------------------------------------- - */ -static INLINE uint32 -RotateLeft32(uint32 value, uint8 shift) -{ - return ((value << shift) | (value >> (32 - shift))); -} - - -/* - *----------------------------------------------------------------------------- - * - * RotateRight32 -- - * - * Results: - * Value rotated to the right by 'shift' bits. - * - * Side effects: - * None. - * - *----------------------------------------------------------------------------- - */ -static INLINE uint32 -RotateRight32(uint32 value, uint8 shift) -{ - return ((value >> shift) | (value << (32 - shift))); -} - - -/* - *----------------------------------------------------------------------------- - * - * RotateLeft64 -- - * - * Results: - * Value rotated to the left by 'shift' bits. - * - * Side effects: - * None. - * - *----------------------------------------------------------------------------- - */ -static INLINE uint64 -RotateLeft64(uint64 value, uint8 shift) -{ - return ((value << shift) | (value >> (64 - shift))); -} - - -/* - *----------------------------------------------------------------------------- - * - * RotateRight64 -- - * - * Results: - * Value rotated to the right by 'shift' bits. - * - * Side effects: - * None. - * - *----------------------------------------------------------------------------- - */ -static INLINE uint64 -RotateRight64(uint64 value, uint8 shift) -{ - return ((value >> shift) | (value << (64 - shift))); -} -#endif // if !defined(_WIN32) && !defined(_WIN64) - - -#if defined __cplusplus -} // extern "C" -#endif - -#endif // ifndef _VM_BASIC_MATH_H_ diff --git a/open-vm-tools/lib/include/vm_legal.h b/open-vm-tools/lib/include/vm_legal.h deleted file mode 100644 index fc5830e74..000000000 --- a/open-vm-tools/lib/include/vm_legal.h +++ /dev/null @@ -1,94 +0,0 @@ -/********************************************************* - * Copyright (c) 2006-2024 Broadcom. All rights reserved. - * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as published - * by the Free Software Foundation version 2.1 and no later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public - * License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - *********************************************************/ - -/* - * All the legalese that we display in About boxes and similar places. - */ - - -#ifndef VM_LEGAL_H -#define VM_LEGAL_H - -#include "vm_product.h" - -#ifndef WSTR -#define WSTR_(x) L ## x -#define WSTR(x) WSTR_(x) -#endif - - -/* - * NOTE: The following strings may be incorporated into MSGID strings. - * Updating them therefore may require updating translations and vmsg - * auditing files in bora/messages/ to avoid breaking the build. - */ -#define COPYRIGHT_YEARS "1998-2024" /* See the note above when changing. */ -#define COPYRIGHT_STRING "Copyright (C) " COPYRIGHT_YEARS " " COMPANY_NAME -#define RIGHT_RESERVED "All rights reserved." - -/* - * Use UTF8_COPYRIGHT_STRING_BASE when the COMPANY_NAME must be separated out - * to create a hyperlink. - */ -#define UTF8_COPYRIGHT_STRING_BASE "Copyright \302\251 " COPYRIGHT_YEARS -#define UTF8_COPYRIGHT_STRING UTF8_COPYRIGHT_STRING_BASE " " COMPANY_NAME - -/* - * A UTF-16 version of the copyright string. wchar_t is an - * implementation-defined type, but we can expect it to be UTF-16 on - * Windows. (Only Windows cares about UTF-16 anyway.) - */ -#ifdef _WIN32 -#if defined(VMX86_TOOLS) || defined(VMX86_VGAUTH) || defined(VMX86_SYSIMAGE) -/* - * XXX - Temporary fix for Windows user-mode binaries properties copyright. - */ -#define COMPANY_COPYRIGHT_NAME "Broadcom Inc. and/or its subsidiaries." - -#define UTF16_COPYRIGHT_STRING L"Copyright \x00A9 " WSTR(COPYRIGHT_YEARS) L" " \ - WSTR(COMPANY_COPYRIGHT_NAME) L" All Rights Reserved." -#else -#define UTF16_COPYRIGHT_STRING L"Copyright \x00A9 " WSTR(COPYRIGHT_YEARS) L" " WSTR(COMPANY_NAME) -#endif -#endif - - -/* - * Use PATENTS_STRING for showing the patents string in plaintext form. - * PATENTS_FMT_STRING can be used with PATENTS_URL for creating hyperlinks. - * - * The spaces that precede embedded newlines in the strings below are - * intentional. (See bug 1089068.) - */ -#define PATENTS_STRING_BASE \ - "This product is protected by U.S. and international copyright and \n" \ - "intellectual property laws. VMware products are covered by one or \n" \ - "more patents listed at " -#define PATENTS_STRING PATENTS_STRING_BASE "<" PATENTS_URL ">." -#define PATENTS_FMT_STRING PATENTS_STRING_BASE "%s." -#define PATENTS_URL "http://www.vmware.com/go/patents" - -#define TRADEMARK_STRING \ - "VMware is a registered trademark or trademark of VMware, Inc. in the \n" \ - "United States and/or other jurisdictions." -#define GENERIC_TRADEMARK_STRING \ - "All other marks and names mentioned herein may be trademarks of their \n" \ - "respective companies." - -#endif /* VM_LEGAL_H */ diff --git a/open-vm-tools/libDeployPkg/libDeployPkg_version.h b/open-vm-tools/libDeployPkg/libDeployPkg_version.h deleted file mode 100644 index f2ad8ef3d..000000000 --- a/open-vm-tools/libDeployPkg/libDeployPkg_version.h +++ /dev/null @@ -1,37 +0,0 @@ -/********************************************************* - * Copyright (C) 2014-2017 VMware, Inc. All rights reserved. - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as published - * by the Free Software Foundation version 2.1 and no later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public - * License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - *********************************************************/ - -/* - * libDeployPkg_version.h -- - * - * Version definitions for libDeployPkg. - */ - -#ifndef _LIBDEPLOYPKG_VERSION_H_ -#define _LIBDEPLOYPKG_VERSION_H_ - -/* - * This component's version is coupled with Tools versioning. The effect - * is that the version increments with each build, and with each Tools - * version bump. - */ -#include "vm_tools_version.h" -#define LIBDEPLOYPKG_VERSION_COMMAS TOOLS_VERSION_EXT_CURRENT_CSV -#define LIBDEPLOYPKG_VERSION_STRING TOOLS_VERSION_EXT_CURRENT_STR - -#endif /* _LIBDEPLOYPKG_VERSION_H_ */ diff --git a/open-vm-tools/libguestlib/vmguestlib_version.h b/open-vm-tools/libguestlib/vmguestlib_version.h deleted file mode 100644 index 9349bff7a..000000000 --- a/open-vm-tools/libguestlib/vmguestlib_version.h +++ /dev/null @@ -1,39 +0,0 @@ -/********************************************************* - * Copyright (C) 2007-2016 VMware, Inc. All rights reserved. - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as published - * by the Free Software Foundation version 2.1 and no later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public - * License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - *********************************************************/ - -/* - * vmguestlib_version.h -- - * - * Version definitions for GuestLib. - */ - -#ifndef _VMGUESTLIB_VERSION_H_ -#define _VMGUESTLIB_VERSION_H_ - -/* - * This component's version is coupled with Tools versioning. The effect - * is that the version increments with each build, and with each Tools - * version bump. If and when it becomes necessary to version the component - * manually, make sure that the version is bumped any time the component or - * its dependencies are changed. - */ -#include "vm_tools_version.h" -#define VMGUESTLIB_VERSION_COMMAS TOOLS_VERSION_EXT_CURRENT_CSV -#define VMGUESTLIB_VERSION_STRING TOOLS_VERSION_EXT_CURRENT_STR - -#endif /* _VMGUESTLIB_VERSION_H_ */ diff --git a/open-vm-tools/vgauth/common/createToken.h b/open-vm-tools/vgauth/common/createToken.h deleted file mode 100644 index a62b32bad..000000000 --- a/open-vm-tools/vgauth/common/createToken.h +++ /dev/null @@ -1,36 +0,0 @@ -/********************************************************* - * Copyright (C) 2011-2016 VMware, Inc. All rights reserved. - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as published - * by the Free Software Foundation version 2.1 and no later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public - * License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - *********************************************************/ - -/** - * @file winToken.h -- - * - * NtCReateToken() support. - * - */ - - -#ifndef _VGAUTH_CREATE_TOKEN_H_ -#define _VGAUTH_CREATE_TOKEN_H_ - -#include - -// obsolete NtCreateToken() wrappers -HANDLE WinToken_Create(const gchar *user); -HANDLE WinTokenCreateImpl(const gchar *user); - -#endif // _VGAUTH_CREATE_TOKEN_H_ diff --git a/open-vm-tools/vgauth/common/s4u2self.h b/open-vm-tools/vgauth/common/s4u2self.h deleted file mode 100644 index ba2c8a987..000000000 --- a/open-vm-tools/vgauth/common/s4u2self.h +++ /dev/null @@ -1,33 +0,0 @@ -/********************************************************* - * Copyright (C) 2012-2016 VMware, Inc. All rights reserved. - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as published - * by the Free Software Foundation version 2.1 and no later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public - * License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - *********************************************************/ - -/** - * @file s4u2self.h -- - * - * Code to use the Windows Service-for-User-to-Self extension. - */ - - -#ifndef _VGAUTH_S4U2SELF_H_ -#define _VGAUTH_S4U2SELF_H_ - -#include - -DWORD Win_CreateS4UTokenForUser(const char *userName, HANDLE *userTokenRet); - -#endif // _VGAUTH_S4U2SELF_H_ diff --git a/open-vm-tools/vgauth/common/serviceUser.h b/open-vm-tools/vgauth/common/serviceUser.h deleted file mode 100644 index ae2f2f1f5..000000000 --- a/open-vm-tools/vgauth/common/serviceUser.h +++ /dev/null @@ -1,37 +0,0 @@ -/********************************************************* - * Copyright (C) 2012-2016 VMware, Inc. All rights reserved. - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as published - * by the Free Software Foundation version 2.1 and no later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public - * License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - *********************************************************/ - -/** - * @file serviceUser.h -- - * - * Functions to manipulate a local account with privileges - * to call NtCreateToken() - */ - - -#ifndef _VGAUTH_SERVICEUSER_H_ -#define _VGAUTH_SERVICEUSER_H_ - -#include - -extern BOOL WinServiceUser_CreateTokenAccount(void); -extern BOOL WinServiceUser_DeleteTokenAccount(void); -extern BOOL WinServiceUser_CreateTokenForUser(const char *userName, - HANDLE *userTokenRet); - -#endif // _VGAUTH_SERVICEUSER_H_ diff --git a/open-vm-tools/vgauth/public/VGAuthIdProvider.h b/open-vm-tools/vgauth/public/VGAuthIdProvider.h deleted file mode 100644 index 8f25de2df..000000000 --- a/open-vm-tools/vgauth/public/VGAuthIdProvider.h +++ /dev/null @@ -1,185 +0,0 @@ -/********************************************************* - * Copyright (C) 2011-2016 VMware, Inc. All rights reserved. - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as published - * by the Free Software Foundation version 2.1 and no later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public - * License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - *********************************************************/ - -/** - * @file VGAuthIdProvider.h - * - * Client library identity provider management API definitions. - * - * @addtogroup vgauth_id VGAuth Identity Management - * @{ - * - */ -#ifndef _VGAUTHIDPROVIDER_H_ -#define _VGAUTHIDPROVIDER_H_ - -#ifdef __cplusplus -extern "C" { -#endif - -#include "VGAuthCommon.h" - -/** - * The types of subjects. Any is a special case. - */ -typedef enum { - /** The Subject field in a SAML token must match in the token verification process. */ - VGAUTH_SUBJECT_NAMED, - - /** Any Subject field in a SAML token can be matched in the token verification process. */ - VGAUTH_SUBJECT_ANY, -} VGAuthSubjectType; - - -/** - * VGAuthSubject is either ANY or NAMED, in which case it contains - * the Subject name. - * - * When authenticating a SAML token, the Subject is used to determine - * what guest user the SAML token can be authenticated as. If no - * entry in the IdProvider store is found using that Subject, then - * if the special ANY subject exists in the identity store, that entry - * will be used. - */ -typedef struct VGAuthSubject { - VGAuthSubjectType type; /**< The subject type. */ - union { - char *name; /**< The subject name, if type VGAUTH_SUBJECT_NAMED */ - } val; -} VGAuthSubject; - - -/** - * VGAuthSubjectInfo combines a subject and a comment. Each subject can - * have its own comment describing its use. - */ -typedef struct VGAuthSubjectInfo { - VGAuthSubject subject; /**< The subject. */ - char *comment; /**< User-supplied data to describe the subject. */ -} VGAuthSubjectInfo; - - -/** - * Describes all subjects that are associated with a certficate. - */ -typedef struct VGAuthIdProvider { - char *pemCert; /**< The provider's certficate in PEM format. */ - int numInfos; - VGAuthSubjectInfo *infos; /**< The SubjectInfos associated with the - certificate. */ -} VGAuthIdProvider; - - -/** - * Describes an entry in the IdProvider mapping file. - */ -typedef struct VGAuthMappedIdentity { - char *pemCert; /**< The provider's certificate in PEM format. */ - int numSubjects; /**< The number of Subjects associated with - the mapping file entry. */ - VGAuthSubject *subjects; /**< The Subjects associated with - the mapping file entry. */ - - char *userName; /**< The username associated with the mapping file entry. */ -} VGAuthMappedIdentity; - - -/* - * Adds the given VGAuthSubjectInfo associated with the pemCert - * to the identity store of @a userName. - * - * If addMapping is TRUE, also create an entry in the mapping file from - * the cert and subject to @a userName. - */ -VGAuthError VGAuth_AddSubject(VGAuthContext *ctx, - const char *userName, - VGAuthBool addMapping, - const char *pemCert, - VGAuthSubjectInfo *si, - int numExtraParams, - const VGAuthExtraParams *extraParams); - -/* - * Removes the VGAuthSubjectInfo from the @a userName identity provider for @a - * subject, also removing any associated mapping entry. - */ -VGAuthError VGAuth_RemoveSubject(VGAuthContext *ctx, - const char *userName, - const char *pemCert, - VGAuthSubject *subject, - int numExtraParams, - const VGAuthExtraParams *extraParams); -/* - * Removes all VGAuthIdentities with the matching PEM certificate from - * the @a userName identity store for all subjects, also removing any associated - * mapping entry. - */ -VGAuthError VGAuth_RemoveCert(VGAuthContext *ctx, - const char *userName, - const char *pemCert, - int numExtraParams, - const VGAuthExtraParams *extraParams); - -/* - * Lists all the VGAuthIdProvider from the identity store belonging - * to @a userName. - */ -VGAuthError VGAuth_QueryIdProviders(VGAuthContext *ctx, - const char *userName, - int numExtraParams, - const VGAuthExtraParams *extraParams, - int *num, // OUT - VGAuthIdProvider **idList); // OUT - -/* - * Lists all the certificates/subject pairs in the mapping file and their - * associated user. - */ -VGAuthError VGAuth_QueryMappedIdentities(VGAuthContext *ctx, - int numExtraParams, - const VGAuthExtraParams *extraParams, - int *num, // OUT - VGAuthMappedIdentity **miList); // OUT - -/* - * Data structure cleanup functions. - */ - -/* - * Frees an array of VGAuthIdProvider. - */ -void VGAuth_FreeIdProviderList(int num, VGAuthIdProvider *idList); - -/* - * Frees a VGAuthVGAuthSubjectInfo and contents. - */ -void VGAuth_FreeSubjectInfo(VGAuthSubjectInfo *si); - -/* - * Frees an array of VGAuthMappedIdentity. - */ -void VGAuth_FreeMappedIdentityList(int num, VGAuthMappedIdentity *miList); - -/** @} */ - -#ifdef __cplusplus -} /* extern "C" */ -#endif - -#endif // _VGAUTHIDPROVIDER_H_ - diff --git a/open-vm-tools/vgauth/service/vgauthService_version.h b/open-vm-tools/vgauth/service/vgauthService_version.h deleted file mode 100644 index 9ce67e733..000000000 --- a/open-vm-tools/vgauth/service/vgauthService_version.h +++ /dev/null @@ -1,39 +0,0 @@ -/********************************************************* - * Copyright (C) 2013-2016 VMware, Inc. All rights reserved. - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as published - * by the Free Software Foundation version 2.1 and no later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public - * License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - *********************************************************/ - -/* - * vgauthService_version.h -- - * - * Version definitions for the vgauthService program - */ - -#ifndef _VGAUTHSERVICE_VERSION_H_ -#define _VGAUTHSERVICE_VERSION_H_ - -/* - * This component's version is coupled with Tools versioning. The effect - * is that the version increments with each build, and with each Tools - * version bump. If and when it becomes necessary to version the component - * manually, make sure that the version is bumped any time the component or - * its dependencies are changed. - */ -#include "vm_tools_version.h" -#define VGAUTHSERVICE_VERSION_COMMAS TOOLS_VERSION_EXT_CURRENT_CSV -#define VGAUTHSERVICE_VERSION_STRING TOOLS_VERSION_EXT_CURRENT_STR - -#endif /* _VGAUTHSERVICE_VERSION_H_ */ From b8fbf56a86b2d7e3d937fba9858add64d9792e8b Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 20 May 2024 22:58:12 -0700 Subject: [PATCH 182/375] Change to common source file not directly applicable to open-vm-tools. --- open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c | 7 ++++--- open-vm-tools/vgauth/test/README.txt | 8 ++++---- 2 files changed, 8 insertions(+), 7 deletions(-) diff --git a/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c b/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c index 917e49f4b..10e5cc83d 100644 --- a/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c +++ b/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c @@ -1424,9 +1424,10 @@ VerifySignature(xmlDocPtr doc, * dsigCtx->status can be at the wrong offset. So * dump the value of status, which should be either * 1 (xmlSecDSigStatusSucceeded) or 2 (xmlSecDSigStatusInvalid). - * If its something else, that's a sign there's a - * build issue and XMLSEC_NO_SIZE_T may be set at one layer but - * not the other. + * If its something else, that could be a sign that there's a build issue + * and that libxmlsec1 is using a different size type than its callers. + * Please see xmlSecSize changelog in + * https://www.aleksey.com/xmlsec/news.html * */ if (dsigCtx->status != xmlSecDSigStatusSucceeded) { diff --git a/open-vm-tools/vgauth/test/README.txt b/open-vm-tools/vgauth/test/README.txt index ae1d8a462..55790a8e0 100644 --- a/open-vm-tools/vgauth/test/README.txt +++ b/open-vm-tools/vgauth/test/README.txt @@ -31,7 +31,7 @@ * - SAML verification failed to init (xmlsec1 build issues) * - token fails to validate * - this test was run after 12/18/3015 - * - xmlsec1-config lies about how xmlsec1 was built - * some packages leave out -DXMLSEC_NO_SIZE_T, - * which can make some data structures a different size - * than in the library + * - libxmlsec1 may have been built using a different size type than + * its callers, which can make some data structures a different size + * than in the library. See xmlSecSize changelog in + * https://www.aleksey.com/xmlsec/news.html From b3b985137250d9b82bb22367a1ce1e424830c21d Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 20 May 2024 22:58:12 -0700 Subject: [PATCH 183/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_basic_asm.h | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/open-vm-tools/lib/include/vm_basic_asm.h b/open-vm-tools/lib/include/vm_basic_asm.h index 382b5d472..2c3ba1945 100644 --- a/open-vm-tools/lib/include/vm_basic_asm.h +++ b/open-vm-tools/lib/include/vm_basic_asm.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 2003-2024 VMware, Inc. All rights reserved. + * Copyright (c) 2003-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -31,9 +32,9 @@ *********************************************************/ /* - * vm_basic_asm.h + * vm_basic_asm.h -- * - * Basic asm macros + * Basic asm macros. */ #ifndef _VM_BASIC_ASM_H_ @@ -760,6 +761,7 @@ RDTSC(void) #elif defined(VM_ARM_64) /* * Keep this implementation in sync with: + * bora/vmkernel/hardware/arm64/tscsync_arch.h::TSCSyncRDTSC() * bora/lib/vprobe/arm64/vp_emit_tc.c::VpEmit_BuiltinRDTSCWork() * bora/modules/vmkernel/tests/core/xmapTest/xmapTest_arm64.c::XMapTest_SetupLoopCode() */ @@ -783,8 +785,8 @@ RDTSC(void) #else { /* - * We need to do more inverstagetion here to find - * a microsoft equivalent of that code + * We need to do more investigation here to find + * a Microsoft equivalent of that code. */ NOT_IMPLEMENTED(); return 0; From 42ceedd78f9ccb39540c4ea12f40fba7c644a050 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 20 May 2024 22:58:12 -0700 Subject: [PATCH 184/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/log.h | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/log.h b/open-vm-tools/lib/include/log.h index 36ba86bd5..d9d67e922 100644 --- a/open-vm-tools/lib/include/log.h +++ b/open-vm-tools/lib/include/log.h @@ -496,7 +496,6 @@ Log_SetProductInfoSimple(void) ProductState_GetCompilationOption()); } - LogOutput * Log_InitWithCustomInt(struct CfgInterface *cfgIf, LogCustomMsgFunc *msgFunc, @@ -513,6 +512,22 @@ Log_InitWithCustom(struct CfgInterface *cfgIf, return Log_InitWithCustomInt(cfgIf, msgFunc, minLogLevel); } +LogOutput * +Log_InitWithCustomIntEx(struct CfgInterface *cfgIf, + LogCustomMsgFuncEx *msgFunc, + int minLogLevel); + + +static INLINE LogOutput * +Log_InitWithCustomEx(struct CfgInterface *cfgIf, + LogCustomMsgFuncEx *msgFunc, + int minLogLevel) +{ + Log_SetProductInfoSimple(); + + return Log_InitWithCustomIntEx(cfgIf, msgFunc, minLogLevel); +} + LogOutput * Log_InitWithFileInt(const char *appPrefix, struct Dictionary *dict, From 6196b065644d325d6345db2a42f8778a0fcd9751 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 20 May 2024 22:58:12 -0700 Subject: [PATCH 185/375] Change to common source files not applicable to open-vm-tools. --- open-vm-tools/lib/include/guest_os.h | 7 +++++-- open-vm-tools/lib/include/guest_os_tables.h | 3 ++- open-vm-tools/lib/misc/hostinfoPosix.c | 1 + 3 files changed, 8 insertions(+), 3 deletions(-) diff --git a/open-vm-tools/lib/include/guest_os.h b/open-vm-tools/lib/include/guest_os.h index 28e2c6a77..29aebbbd7 100644 --- a/open-vm-tools/lib/include/guest_os.h +++ b/open-vm-tools/lib/include/guest_os.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 1998-2021, 2023 VMware, Inc. All rights reserved. + * Copyright (c) 1998-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -234,7 +235,7 @@ Bool Gos_InSetArray(uint32 gos, const uint32 *set); #define ALL6XLINUX64 BS(OTHER6XLINUX_64), BS(OTHER6XLINUX_ARM_64), \ BS(RHEL10_64), BS(RHEL10_ARM_64), \ - BS(ORACLE10_64) + BS(ORACLE10_64), BS(PROLINUX_64) #define ALL7XLINUX32 BS(OTHER7XLINUX) @@ -363,6 +364,8 @@ Bool Gos_InSetArray(uint32 gos, const uint32 *set); #define STR_OS_OTHER_7X_FULL "Other Linux 7.x and later kernel" #define STR_OS_PHOTON "vmware-photon" #define STR_OS_PHOTON_FULL "VMware Photon OS" +#define STR_OS_PROLINUX "prolinux" +#define STR_OS_PROLINUX_FULL "ProLinux" #define STR_OS_PLD "PLD" #define STR_OS_RED_HAT "redhat" #define STR_OS_RED_HAT_EN "rhel" diff --git a/open-vm-tools/lib/include/guest_os_tables.h b/open-vm-tools/lib/include/guest_os_tables.h index 9215208d9..ed247f068 100644 --- a/open-vm-tools/lib/include/guest_os_tables.h +++ b/open-vm-tools/lib/include/guest_os_tables.h @@ -187,7 +187,8 @@ extern "C" { GOT(GUEST_OS_ROCKY_LINUX_64) \ GOT(GUEST_OS_ROCKY_LINUX_ARM_64) \ GOT(GUEST_OS_ALMA_LINUX_64) \ - GOT(GUEST_OS_ALMA_LINUX_ARM_64) + GOT(GUEST_OS_ALMA_LINUX_ARM_64) \ + GOT(GUEST_OS_PROLINUX_64) /* diff --git a/open-vm-tools/lib/misc/hostinfoPosix.c b/open-vm-tools/lib/misc/hostinfoPosix.c index 0772f104e..d8609805c 100644 --- a/open-vm-tools/lib/misc/hostinfoPosix.c +++ b/open-vm-tools/lib/misc/hostinfoPosix.c @@ -1427,6 +1427,7 @@ static const ShortNameSet shortNameArray[] = { { "opensuse", STR_OS_OPENSUSE, HostinfoGenericSetShortName }, { "oracle", NULL, HostinfoSetOracleShortName }, { "pld", STR_OS_PLD, HostinfoGenericSetShortName }, +{ "prolinux", STR_OS_PROLINUX, HostinfoGenericSetShortName }, { "rocky linux", STR_OS_ROCKY_LINUX, HostinfoGenericSetShortName }, { "slackware", STR_OS_SLACKWARE, HostinfoGenericSetShortName }, { "sme server", STR_OS_SMESERVER, HostinfoGenericSetShortName }, From 1dad197a3419d900e8e4a7e2549abf8586a8b885 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 20 May 2024 22:58:12 -0700 Subject: [PATCH 186/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/backdoor_def.h | 29 ++++++++++++------------ 1 file changed, 15 insertions(+), 14 deletions(-) diff --git a/open-vm-tools/lib/include/backdoor_def.h b/open-vm-tools/lib/include/backdoor_def.h index 7d53081f8..6c44be4b1 100644 --- a/open-vm-tools/lib/include/backdoor_def.h +++ b/open-vm-tools/lib/include/backdoor_def.h @@ -158,21 +158,22 @@ extern "C" { #define BDOOR_CMD_NESTING_CONTROL 63 #define BDOOR_CMD_FIRMWARE_INIT 64 /* CPL 0 only. */ #define BDOOR_CMD_FIRMWARE_ACPI_SERVICES 65 /* CPL 0 only. */ -# define BDOOR_CMD_FAS_GET_TABLE_SIZE 0 -# define BDOOR_CMD_FAS_GET_TABLE_DATA 1 -# define BDOOR_CMD_FAS_GET_PLATFORM_NAME 2 -# define BDOOR_CMD_FAS_GET_PCIE_OSC_MASK 3 -# define BDOOR_CMD_FAS_GET_APIC_ROUTING 4 -# define BDOOR_CMD_FAS_GET_TABLE_SKIP 5 -# define BDOOR_CMD_FAS_GET_SLEEP_ENABLES 6 -# define BDOOR_CMD_FAS_GET_HARD_RESET_ENABLE 7 -# define BDOOR_CMD_FAS_GET_MOUSE_HID 8 -# define BDOOR_CMD_FAS_GET_SMBIOS_VERSION 9 +# define BDOOR_CMD_FAS_GET_TABLE_SIZE 0 +# define BDOOR_CMD_FAS_GET_TABLE_DATA 1 +# define BDOOR_CMD_FAS_GET_PLATFORM_NAME 2 +# define BDOOR_CMD_FAS_GET_PCIE_OSC_MASK 3 +# define BDOOR_CMD_FAS_GET_APIC_ROUTING 4 +# define BDOOR_CMD_FAS_GET_TABLE_SKIP 5 +# define BDOOR_CMD_FAS_GET_SLEEP_ENABLES 6 +# define BDOOR_CMD_FAS_GET_HARD_RESET_ENABLE 7 +# define BDOOR_CMD_FAS_GET_MOUSE_HID 8 +# define BDOOR_CMD_FAS_GET_SMBIOS_VERSION 9 # define BDOOR_CMD_FAS_GET_64BIT_PCI_HOLE_SIZE 10 -//#define BDOOR_CMD_FAS_GET_NVDIMM_FMT_CODE 11 /* Not in use. Never shipped. */ -# define BDOOR_CMD_FAS_SRP_ENABLED 12 -# define BDOOR_CMD_FAS_EXIT_BOOT_SERVICES 13 -# define BDOOR_CMD_FAS_GET_API_ENABLES 14 +//#define BDOOR_CMD_FAS_GET_NVDIMM_FMT_CODE 11 /* Not in use. Never shipped. */ +# define BDOOR_CMD_FAS_SRP_ENABLED 12 +# define BDOOR_CMD_FAS_EXIT_BOOT_SERVICES 13 +# define BDOOR_CMD_FAS_GET_API_ENABLES 14 +# define BDOOR_CMD_FAS_UNACCEPTED_MEM_ENABLED 15 #define BDOOR_CMD_SENDPSHAREHINTS 66 /* Not in use. Deprecated. */ #define BDOOR_CMD_ENABLE_USB_MOUSE 67 #define BDOOR_CMD_GET_VCPU_INFO 68 From 084e3f4c6911d8036d157ed4f96dbda94f705142 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 20 May 2024 22:58:12 -0700 Subject: [PATCH 187/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/log.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/open-vm-tools/lib/include/log.h b/open-vm-tools/lib/include/log.h index d9d67e922..2592f83a0 100644 --- a/open-vm-tools/lib/include/log.h +++ b/open-vm-tools/lib/include/log.h @@ -580,8 +580,8 @@ Log_InitWithSyslogSimpleInt(const char *appPrefix, const char *syslogID); static INLINE LogOutput * -Log_InitWithSyslogSimple(const char *syslogID, - const char *appPrefix) +Log_InitWithSyslogSimple(const char *appPrefix, + const char *syslogID) { Log_SetProductInfoSimple(); From b841140771ae6218f8875574de78dac1dd19fd90 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 20 May 2024 22:58:12 -0700 Subject: [PATCH 188/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/log.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/open-vm-tools/lib/include/log.h b/open-vm-tools/lib/include/log.h index 2592f83a0..aca53c889 100644 --- a/open-vm-tools/lib/include/log.h +++ b/open-vm-tools/lib/include/log.h @@ -551,8 +551,8 @@ Log_InitWithFileSimpleInt(const char *appPrefix, const char *fileName); static INLINE LogOutput * -Log_InitWithFileSimple(const char *fileName, - const char *appPrefix) +Log_InitWithFileSimple(const char *appPrefix, + const char *fileName) { Log_SetProductInfoSimple(); From 3fb8fe48f108067c39077934497df465616ba518 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 20 May 2024 22:58:13 -0700 Subject: [PATCH 189/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/x86cpuid.h | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/open-vm-tools/lib/include/x86cpuid.h b/open-vm-tools/lib/include/x86cpuid.h index cecf57dba..e374b069a 100644 --- a/open-vm-tools/lib/include/x86cpuid.h +++ b/open-vm-tools/lib/include/x86cpuid.h @@ -804,14 +804,20 @@ FLAG( 12, 0, EAX, 5, 1, SGX_OVERSUB_ENCLV, NO, 0 ) \ FLAG( 12, 0, EAX, 6, 1, SGX_OVERSUB_ENCLS, NO, 0 ) \ FLAG( 12, 0, EAX, 7, 1, SGX_EVERIFYREPORT2, NO, 0 ) \ FLAG( 12, 0, EAX, 10, 1, SGX_EUPDATESVN, NO, 0 ) \ +FLAG( 12, 0, EAX, 11, 1, SGX_EDECCSSA, ANY, FUT ) \ FLAG( 12, 0, EBX, 0, 1, SGX_MISCSELECT_EXINFO, ANY, FUT ) \ -FIELD( 12, 0, EBX, 1, 31, SGX_MISCSELECT_RSVD, NO, 0 ) \ +FLAG( 12, 0, EBX, 1, 1, SGX_MISCSELECT_CPINFO, ANY, FUT ) \ FIELD( 12, 0, EDX, 0, 8, MAX_ENCLAVE_SIZE_NOT64, ANY, 17 ) \ FIELD( 12, 0, EDX, 8, 8, MAX_ENCLAVE_SIZE_64, ANY, 17 ) \ -FIELD( 12, 1, EAX, 0, 32, SECS_ATTRIBUTES0, ANY, 17 ) \ -FIELD( 12, 1, EBX, 0, 32, SECS_ATTRIBUTES1, ANY, 17 ) \ -FIELD( 12, 1, ECX, 0, 32, SECS_ATTRIBUTES2, ANY, 17 ) \ -FIELD( 12, 1, EDX, 0, 32, SECS_ATTRIBUTES3, ANY, 17 ) \ +FLAG( 12, 1, EAX, 1, 1, SECS_ATTRIBUTES_DEBUG, ANY, 17 ) \ +FLAG( 12, 1, EAX, 2, 1, SECS_ATTRIBUTES_MODE64BIT, ANY, 17 ) \ +FLAG( 12, 1, EAX, 4, 1, SECS_ATTRIBUTES_PROVISIONKEY, ANY, 17 ) \ +FLAG( 12, 1, EAX, 5, 1, SECS_ATTRIBUTES_EINITTOKEN_KEY, ANY, 17 ) \ +FLAG( 12, 1, EAX, 6, 1, SECS_ATTRIBUTES_CET, NO, 0 ) \ +FLAG( 12, 1, EAX, 7, 1, SECS_ATTRIBUTES_KSS, ANY, 17 ) \ +FLAG( 12, 1, EAX, 10, 1, SECS_ATTRIBUTES_AEXNOTIFY, ANY, FUT ) \ +FIELD( 12, 1, ECX, 0, 32, SECS_ATTRIBUTES_XFRM_LOW, ANY, 17 ) \ +FIELD( 12, 1, EDX, 0, 32, SECS_ATTRIBUTES_XFRM_HIGH, ANY, 17 ) \ FIELD( 12, 2, EAX, 0, 4, EPC00_VALID, ANY, 17 ) \ FIELD( 12, 2, EAX, 12, 20, EPC00_BASE_LOW, ANY, 17 ) \ FIELD( 12, 2, EBX, 0, 20, EPC00_BASE_HIGH, ANY, 17 ) \ From ae0b62370b6ca926dbabe25bf5856c2a97cdcc5c Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 20 May 2024 22:58:13 -0700 Subject: [PATCH 190/375] Verify the xmlsec version before passing the compiler flag "-DXMLSEC_NO_SIZE_T", as it has been deprecated since 1.3.3. The configure option "--enable-size-t" has been set to yes by default starting with 1.3.0. version < 1.3.0 : Add "-DXMLSEC_NO_SIZE_T" if size_t has a size other than 4 bytes. (There was no enable-size-t before 1.2.35 and the enable-size-t is "no" by default in [1.2.35, 1.3.0)) version >= 1.3.0 : Do not add "-DXMLSEC_NO_SIZE_T" (as enable-size-t is "yes" by default in version [1.3.0, 1.3.3) and no need to consider this option since 1.3.3) --- open-vm-tools/configure.ac | 23 +++++++++++++++++++---- 1 file changed, 19 insertions(+), 4 deletions(-) diff --git a/open-vm-tools/configure.ac b/open-vm-tools/configure.ac index 9c991156d..fe366ed97 100644 --- a/open-vm-tools/configure.ac +++ b/open-vm-tools/configure.ac @@ -1,5 +1,6 @@ ################################################################################ -### Copyright (c) 2007-2023 VMware, Inc. All rights reserved. +### Copyright (c) 2007-2024 Broadcom. All Rights Reserved. +### The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. ### ### Configure script for building the VMware OSS Tools. ### @@ -868,8 +869,13 @@ if test "$enable_vgauth" = "yes" ; then [AC_VMW_LIB_ERROR([XML2], [xml2])]) # Multiple distros built xmlsec1 with -DXMLSEC_NO_SIZE_T but -# their xmlssec1-config --cflags doesn't properly report it, -# so force it on. +# their xmlssec1-config --cflags doesn't properly report it. +# Force it on following the xmlSecSize changelog in below link: +# https://www.aleksey.com/xmlsec/news.html +# The xmlsec configure flag "enable_size_t" is "yes" by default +# since 1.3.0, and both the configure flag and CPP flag has been +# deprecated since 1.3.3, which means the size_t is used by default +# and no need to add CPP flag -DXMLSEC_NO_SIZE_T since 1.3.0. AC_VMW_DEFAULT_FLAGS([XMLSEC1]) AC_VMW_CHECK_LIB([xmlsec1], [XMLSEC1], @@ -878,7 +884,16 @@ if test "$enable_vgauth" = "yes" ; then [], [xmlsec/xmlsec.h], [xmlSecCheckVersionExt], - [XMLSEC1_CPPFLAGS="$XMLSEC1_CPPFLAGS -DXMLSEC_NO_SIZE_T"], + [XMLSEC1_VER=`pkg-config --modversion xmlsec1` + xmlsec1_major_version="`echo $XMLSEC1_VER | cut -f1 -d. | cut -f1 -d-`" + xmlsec1_minor_version="`echo $XMLSEC1_VER | cut -f2 -d. | cut -f1 -d-`" + xmlsec1_micro_version="`echo $XMLSEC1_VER | cut -f3 -d. | cut -f1 -d-`" + xmlsec1_version=`printf '%02d%02d%02d' $xmlsec1_major_version $xmlsec1_minor_version $xmlsec1_micro_version` + AC_CHECK_SIZEOF(size_t) + if test "$xmlsec1_version" -lt 010300 -a "$ac_cv_sizeof_size_t" -ne 4 ; then + XMLSEC1_CPPFLAGS="$XMLSEC1_CPPFLAGS -DXMLSEC_NO_SIZE_T" + fi + ], [AC_VMW_LIB_ERROR([XMLSEC1], [xmlsec1])]) fi From ebe97d7d8cb01e68826ada7766f0227d3c016508 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 20 May 2024 22:58:13 -0700 Subject: [PATCH 191/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/x86cpuid.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/x86cpuid.h b/open-vm-tools/lib/include/x86cpuid.h index e374b069a..3a955aad6 100644 --- a/open-vm-tools/lib/include/x86cpuid.h +++ b/open-vm-tools/lib/include/x86cpuid.h @@ -802,7 +802,7 @@ FLAG( 12, 0, EAX, 0, 1, SGX1, ANY, 17 ) \ FLAG( 12, 0, EAX, 1, 1, SGX2, ANY, 21 ) \ FLAG( 12, 0, EAX, 5, 1, SGX_OVERSUB_ENCLV, NO, 0 ) \ FLAG( 12, 0, EAX, 6, 1, SGX_OVERSUB_ENCLS, NO, 0 ) \ -FLAG( 12, 0, EAX, 7, 1, SGX_EVERIFYREPORT2, NO, 0 ) \ +FLAG( 12, 0, EAX, 7, 1, SGX_EVERIFYREPORT2, ANY, FUT ) \ FLAG( 12, 0, EAX, 10, 1, SGX_EUPDATESVN, NO, 0 ) \ FLAG( 12, 0, EAX, 11, 1, SGX_EDECCSSA, ANY, FUT ) \ FLAG( 12, 0, EBX, 0, 1, SGX_MISCSELECT_EXINFO, ANY, FUT ) \ From 9364240246824f9a1daa591cc45af8a6714e046b Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 20 May 2024 22:58:13 -0700 Subject: [PATCH 192/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/x86cpuid.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/open-vm-tools/lib/include/x86cpuid.h b/open-vm-tools/lib/include/x86cpuid.h index 3a955aad6..b7984b7c8 100644 --- a/open-vm-tools/lib/include/x86cpuid.h +++ b/open-vm-tools/lib/include/x86cpuid.h @@ -815,6 +815,8 @@ FLAG( 12, 1, EAX, 4, 1, SECS_ATTRIBUTES_PROVISIONKEY, ANY, 17 ) \ FLAG( 12, 1, EAX, 5, 1, SECS_ATTRIBUTES_EINITTOKEN_KEY, ANY, 17 ) \ FLAG( 12, 1, EAX, 6, 1, SECS_ATTRIBUTES_CET, NO, 0 ) \ FLAG( 12, 1, EAX, 7, 1, SECS_ATTRIBUTES_KSS, ANY, 17 ) \ +FLAG( 12, 1, EAX, 8, 1, SECS_ATTRIBUTES_LAM_U57, NO, 0 ) \ +FLAG( 12, 1, EAX, 9, 1, SECS_ATTRIBUTES_LAM_U48, NO, 0 ) \ FLAG( 12, 1, EAX, 10, 1, SECS_ATTRIBUTES_AEXNOTIFY, ANY, FUT ) \ FIELD( 12, 1, ECX, 0, 32, SECS_ATTRIBUTES_XFRM_LOW, ANY, 17 ) \ FIELD( 12, 1, EDX, 0, 32, SECS_ATTRIBUTES_XFRM_HIGH, ANY, 17 ) \ From 385e9b78195e96089353fbe2e945f069b245a831 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 20 May 2024 22:58:13 -0700 Subject: [PATCH 193/375] Maintain compatibility with libxml2.12.5 and later. --- open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c b/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c index 10e5cc83d..8572a7110 100644 --- a/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c +++ b/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c @@ -432,14 +432,6 @@ SAML_Init(void) */ LIBXML_TEST_VERSION - /* - * Tell libxml to do ID/REF lookups - * Tell libxml to complete attributes with defaults from the DTDs - */ - xmlLoadExtDtdDefaultValue = XML_DETECT_IDS | XML_COMPLETE_ATTRS; - xmlSubstituteEntitiesDefault(1); - - /* set up the xml2 error handler */ xmlSetGenericErrorFunc(NULL, XmlErrorHandler); @@ -1524,7 +1516,13 @@ VerifySAMLToken(const gchar *token, strlen(token), NULL, NULL, 0); #else - doc = xmlParseMemory(token, (int)strlen(token)); + /* + * Tell libxml to substitute the entities (XML_PARSE_NOENT). + * Tell libxml to load the external DTD (XML_PARSE_DTDLOAD). + * Tell libxml to add default attributes from the DTD (XML_PARSE_DTDATTR). + */ + doc = xmlReadMemory(token, (int)strlen(token), NULL, NULL, + XML_PARSE_NOENT | XML_PARSE_DTDATTR | XML_PARSE_DTDLOAD); #endif if ((NULL == doc) || (xmlDocGetRootElement(doc) == NULL)) { g_warning("Failed to parse document\n"); From b91770061d3000de3fbe0994480579d1c2ca62f8 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 20 May 2024 22:58:13 -0700 Subject: [PATCH 194/375] Change to common source file not applicable to open-vm-tools. --- open-vm-tools/lib/guestApp/guestApp.c | 12 +----------- 1 file changed, 1 insertion(+), 11 deletions(-) diff --git a/open-vm-tools/lib/guestApp/guestApp.c b/open-vm-tools/lib/guestApp/guestApp.c index 35fde3794..eb27cbd05 100644 --- a/open-vm-tools/lib/guestApp/guestApp.c +++ b/open-vm-tools/lib/guestApp/guestApp.c @@ -139,18 +139,8 @@ GuestApp_GetInstallPathW(void) DWORD cbData = 0; DWORD temp = 0; PWCHAR data = NULL; - - /* - * We need to access the WOW3264Node Registry node for arm64 windows tools, - * since the arm64 installer is currently built with x86 emulation mode. - * - * TODO: REMOVE the the KEY_WOW64_32KEY once the msi installer is running - * in native arm64. - */ REGSAM samDesired = KEY_READ; -#ifdef TOOLS_ARM64 - samDesired |= KEY_WOW64_32KEY; -#endif + rc = RegOpenKeyExW(HKEY_LOCAL_MACHINE, CONF_VMWARE_TOOLS_REGKEY_W, 0, samDesired, &key); if (ERROR_SUCCESS != rc) { From 8cd75607fbb7b5923f791c3cd8270d88b73fbef2 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 20 May 2024 22:58:13 -0700 Subject: [PATCH 195/375] [Coverity]: Fixes for issues found from static application security testing Adding coverity escapes for false-positive issues. hgfsServerParameters.c -- 1 issue reported. issue: Overrunning array of 5 bytes at byte offset 5 by dereferencing pointer "newName". impact: False-Positive fix: suppress 'overrun-local' vmhgfs-fuse/file.c -- 2 issues reported. issue: Overrunning array of n bytes at byte offset n by dereferencing pointer "newNameP" (n is 17 and 5 respectively for those 2 locations where the issue occured). impact: False-Positive fix: suppress 'overrun-local' vmhgfs-fuse/link.c -- 2 issues reported. issue: Overrunning array of n bytes at byte offset n by dereferencing pointer "fileNameP" (n is 17 and 5 respectively for those 2 locations where the issue occured). impact: False-Positive fix: suppress 'overrun-local' vmhgfs-fuse/transport.c -- 1 issue reported. issue: uninit_use_in_call: Using uninitialized value "reply" while calling HgfsCompleteReq() function. impact: Bug fix: Remove function, it is unused/dead code (transport.h too). --- .../lib/hgfsServer/hgfsServerParameters.c | 10 ++++- open-vm-tools/vmhgfs-fuse/file.c | 13 ++++++- open-vm-tools/vmhgfs-fuse/link.c | 15 ++++++- open-vm-tools/vmhgfs-fuse/transport.c | 39 +------------------ open-vm-tools/vmhgfs-fuse/transport.h | 4 +- 5 files changed, 39 insertions(+), 42 deletions(-) diff --git a/open-vm-tools/lib/hgfsServer/hgfsServerParameters.c b/open-vm-tools/lib/hgfsServer/hgfsServerParameters.c index 8b601829c..9836a3fea 100644 --- a/open-vm-tools/lib/hgfsServer/hgfsServerParameters.c +++ b/open-vm-tools/lib/hgfsServer/hgfsServerParameters.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 2010-2019 VMware, Inc. All rights reserved. + * Copyright (c) 2010-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -1968,6 +1969,13 @@ HgfsUnpackRenamePayloadV2(const HgfsRequestRenameV2 *requestV2, // IN: request p } else { newName = (const HgfsFileName *)((char *)(&requestV2->oldName + 1) + *cpOldNameLen); + /* + * The HgfsRequestRenameV2 structure overlay on the data has the old and + * new data interlaced rather. The newName pointer in the data is + * calculated as an offset from the oldName field. This confuses Coverity, + * there is no overrun here. + */ + /* coverity[overrun-local] */ if (!HgfsUnpackFileName(newName, extra, cpNewName, diff --git a/open-vm-tools/vmhgfs-fuse/file.c b/open-vm-tools/vmhgfs-fuse/file.c index f0323095a..b9b9a933f 100644 --- a/open-vm-tools/vmhgfs-fuse/file.c +++ b/open-vm-tools/vmhgfs-fuse/file.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 2013,2018-2019, 2023 VMware, Inc. All rights reserved. + * Copyright (c) 2013-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -1038,6 +1039,11 @@ HgfsRename(const char* from, const char* to) result = -EINVAL; goto out; } + /* + * The usage of the space allocated in req early in the function is kept + * in reqSize. If oldName length was 0 we're not causing an overrun. + */ + /* coverity[overrun-local] */ newNameP->length = result; reqSize += result; newNameP->flags = 0; @@ -1060,6 +1066,11 @@ HgfsRename(const char* from, const char* to) result = -EINVAL; goto out; } + /* + * The usage of the space allocated in req early in the function is kept + * in reqSize. If oldName length was 0 we're not causing an overrun. + */ + /* coverity[overrun-local] */ newNameP->length = result; reqSize += result; } diff --git a/open-vm-tools/vmhgfs-fuse/link.c b/open-vm-tools/vmhgfs-fuse/link.c index 3a6fc912c..9a607ca51 100644 --- a/open-vm-tools/vmhgfs-fuse/link.c +++ b/open-vm-tools/vmhgfs-fuse/link.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 2013,2019 VMware, Inc. All rights reserved. + * Copyright (c) 2013-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -90,6 +91,12 @@ HgfsPackSymlinkCreateRequest(const char* symlink, // IN: path of the link LOG(6, ("Target name: \"%s\"\n", fileNameP->name)); /* Convert target name to CPName-lite format. */ CPNameLite_ConvertTo(fileNameP->name, targetNameBytes - 1, '/'); + /* + * The req size is always sufficient to hold the request data. + * There is no overrun here, coverity has issue with how the data is + * packed (name fields data are interlaced). + */ + /* coverity[overrun-local] */ fileNameP->length = targetNameBytes - 1; fileNameP->flags = 0; fileNameP->fid = HGFS_INVALID_HANDLE; @@ -125,6 +132,12 @@ HgfsPackSymlinkCreateRequest(const char* symlink, // IN: path of the link LOG(6, ("Target name: \"%s\"\n", fileNameP->name)); /* Convert target name to CPName-lite format. */ CPNameLite_ConvertTo(fileNameP->name, targetNameBytes - 1, '/'); + /* + * The req size is always sufficient to hold the request data. + * There is no overrun here, coverity has issue with how the data is + * packed (name fields data are interlaced). + */ + /* coverity[overrun-local] */ fileNameP->length = targetNameBytes - 1; break; } diff --git a/open-vm-tools/vmhgfs-fuse/transport.c b/open-vm-tools/vmhgfs-fuse/transport.c index 22fa5a070..4ba451a5d 100644 --- a/open-vm-tools/vmhgfs-fuse/transport.c +++ b/open-vm-tools/vmhgfs-fuse/transport.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 2013,2019 VMware, Inc. All rights reserved. + * Copyright (c) 2013-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -266,42 +267,6 @@ HgfsTransportProcessPacket(char *receivedPacket, //IN: received packet } -/* - *---------------------------------------------------------------------- - * - * HgfsTransportBeforeExitingRecvThread -- - * - * The cleanup work to do before the recv thread exits, including - * completing pending requests with error. - * - * Results: - * None - * - * Side effects: - * None - * - *---------------------------------------------------------------------- - */ - -void -HgfsTransportBeforeExitingRecvThread(void) -{ - struct list_head *cur, *next; - - /* Walk through gHgfsPendingRequests queue and reply them with error. */ - pthread_mutex_lock(&gHgfsPendingRequestsLock); - list_for_each_safe(cur, next, &gHgfsPendingRequests) { - HgfsReq *req; - HgfsReply reply; - - req = list_entry(cur, HgfsReq, list); - LOG(6, ("Injecting error reply to req id: %d\n", req->id)); - HgfsCompleteReq(req, (char *)&reply, sizeof reply); - } - pthread_mutex_unlock(&gHgfsPendingRequestsLock); -} - - /* *---------------------------------------------------------------------- * diff --git a/open-vm-tools/vmhgfs-fuse/transport.h b/open-vm-tools/vmhgfs-fuse/transport.h index e8d92e05b..49b8677c5 100644 --- a/open-vm-tools/vmhgfs-fuse/transport.h +++ b/open-vm-tools/vmhgfs-fuse/transport.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 2013 VMware, Inc. All rights reserved. + * Copyright (c) 2013-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -58,6 +59,5 @@ void HgfsTransportExit(void); int HgfsTransportSendRequest(HgfsReq *req); void HgfsTransportProcessPacket(char *receivedPacket, size_t receivedSize); -void HgfsTransportBeforeExitingRecvThread(void); #endif // _HGFS_DRIVER_TRANSPORT_H_ From 9daa47c599c1fd85b60419b9375ef7d53d8d5c0f Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 20 May 2024 23:10:14 -0700 Subject: [PATCH 196/375] Correct copyright year to 2024. --- open-vm-tools/lib/guestApp/guestApp.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/lib/guestApp/guestApp.c b/open-vm-tools/lib/guestApp/guestApp.c index eb27cbd05..d0bdf1f74 100644 --- a/open-vm-tools/lib/guestApp/guestApp.c +++ b/open-vm-tools/lib/guestApp/guestApp.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 1998-2019, 2023 VMware, Inc. All rights reserved. + * Copyright (c) 1998-2024 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published From 8112f3d6d12a59d44f87776090643a2519b52f08 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 20 May 2024 23:18:11 -0700 Subject: [PATCH 197/375] Update ChangeLog with the granular push of May 20, 2024. - plus Copyright update of file guestApp.c - plus ChangeLog update of May 3, 2024. --- open-vm-tools/ChangeLog | 218 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 218 insertions(+) diff --git a/open-vm-tools/ChangeLog b/open-vm-tools/ChangeLog index 78b2ae3ac..07ccf5c39 100644 --- a/open-vm-tools/ChangeLog +++ b/open-vm-tools/ChangeLog @@ -1,3 +1,221 @@ +commit 9daa47c599c1fd85b60419b9375ef7d53d8d5c0f +Author: Kruti +Date: Mon May 20 23:10:14 2024 -0700 + + Correct copyright year to 2024. + +commit 8cd75607fbb7b5923f791c3cd8270d88b73fbef2 +Author: Kruti +Date: Mon May 20 22:58:13 2024 -0700 + + [Coverity]: Fixes for issues found from static application security testing + + Adding coverity escapes for false-positive issues. + + hgfsServerParameters.c -- 1 issue reported. + issue: Overrunning array of 5 bytes at byte offset 5 by dereferencing + pointer "newName". + impact: False-Positive + fix: suppress 'overrun-local' + + vmhgfs-fuse/file.c -- 2 issues reported. + issue: Overrunning array of n bytes at byte offset n by dereferencing + pointer "newNameP" (n is 17 and 5 respectively for those 2 locations + where the issue occured). + impact: False-Positive + fix: suppress 'overrun-local' + + vmhgfs-fuse/link.c -- 2 issues reported. + issue: Overrunning array of n bytes at byte offset n by dereferencing + pointer "fileNameP" (n is 17 and 5 respectively for those 2 locations + where the issue occured). + impact: False-Positive + fix: suppress 'overrun-local' + + vmhgfs-fuse/transport.c -- 1 issue reported. + issue: uninit_use_in_call: Using uninitialized value "reply" while calling + HgfsCompleteReq() function. + impact: Bug + fix: Remove function, it is unused/dead code (transport.h too). + +commit b91770061d3000de3fbe0994480579d1c2ca62f8 +Author: Kruti +Date: Mon May 20 22:58:13 2024 -0700 + + Change to common source file not applicable to open-vm-tools. + +commit 385e9b78195e96089353fbe2e945f069b245a831 +Author: Kruti +Date: Mon May 20 22:58:13 2024 -0700 + + Maintain compatibility with libxml2.12.5 and later. + +commit 9364240246824f9a1daa591cc45af8a6714e046b +Author: Kruti +Date: Mon May 20 22:58:13 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit ebe97d7d8cb01e68826ada7766f0227d3c016508 +Author: Kruti +Date: Mon May 20 22:58:13 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit ae0b62370b6ca926dbabe25bf5856c2a97cdcc5c +Author: Kruti +Date: Mon May 20 22:58:13 2024 -0700 + + Verify the xmlsec version before passing the compiler flag "-DXMLSEC_NO_SIZE_T", + as it has been deprecated since 1.3.3. + + The configure option "--enable-size-t" has been set to yes by default starting + with 1.3.0. + + version < 1.3.0 : + Add "-DXMLSEC_NO_SIZE_T" if size_t has a size other than 4 bytes. + (There was no enable-size-t before 1.2.35 and the enable-size-t is + "no" by default in [1.2.35, 1.3.0)) + version >= 1.3.0 : + Do not add "-DXMLSEC_NO_SIZE_T" (as enable-size-t is "yes" by + default in version [1.3.0, 1.3.3) and no need to consider this + option since 1.3.3) + +commit 3fb8fe48f108067c39077934497df465616ba518 +Author: Kruti +Date: Mon May 20 22:58:13 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit b841140771ae6218f8875574de78dac1dd19fd90 +Author: Kruti +Date: Mon May 20 22:58:12 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit 084e3f4c6911d8036d157ed4f96dbda94f705142 +Author: Kruti +Date: Mon May 20 22:58:12 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit 1dad197a3419d900e8e4a7e2549abf8586a8b885 +Author: Kruti +Date: Mon May 20 22:58:12 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit 6196b065644d325d6345db2a42f8778a0fcd9751 +Author: Kruti +Date: Mon May 20 22:58:12 2024 -0700 + + Change to common source files not applicable to open-vm-tools. + +commit 42ceedd78f9ccb39540c4ea12f40fba7c644a050 +Author: Kruti +Date: Mon May 20 22:58:12 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit b3b985137250d9b82bb22367a1ce1e424830c21d +Author: Kruti +Date: Mon May 20 22:58:12 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit b8fbf56a86b2d7e3d937fba9858add64d9792e8b +Author: Kruti +Date: Mon May 20 22:58:12 2024 -0700 + + Change to common source file not directly applicable to open-vm-tools. + +commit 33aa649c612d2a41f850ace726047fb5d6f70475 +Author: Kruti +Date: Mon May 20 22:58:12 2024 -0700 + + Remove unused header files from the open-vm-tools source bundle. + +commit 2723eb37bad5d86683e67c6c6d09871da35e92e3 +Author: Kruti +Date: Mon May 20 22:58:12 2024 -0700 + + Log customized error exit code from offspring processes. + +commit 0ffadd28557203cd0c994e48ccb442f1405a85c8 +Author: Kruti +Date: Mon May 20 22:58:12 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit ec5f27caeb454cf1c4142a7e95f98b9d2e001b3d +Author: Kruti +Date: Mon May 20 22:58:12 2024 -0700 + + Fix copyright years. + +commit f9649775dafd0c2666f86357c1f72fb10e0d18c4 +Author: Kruti +Date: Mon May 20 22:58:12 2024 -0700 + + [Coverity]: UNINIT in resolutionSet finding from static application + security testing (SAST) + + resolutionSet.c -- 1 issue reported in the file + issue: capabilityArray not initialized or partially initialized when + reaching the statement. + impact: False-positive + fix: suppress 'uninit_use_in_call' + + VMTools_WrapArray converts the capabilityArray to a GArray. + The 'wrapped' array is allocated space for capabilityCount elements and + only the first capabilityCount elements are COPIED from capabilityArray + to the allocated GArray. As such, the uninitialized elements of the + capabilityArray are never used to generate the returned GArray. While + technically true (uninitialized) there is no reason to zero the array + indexes from capabilityCount through to the end of the array as these + elements are unused. + +commit b437f6f4ae99b540820cb66dabc716eb43c5c71a +Author: Kruti +Date: Mon May 20 22:58:12 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit 31894dfbfcd91efe5a2712c2f33ce9114d942e11 +Author: Kruti +Date: Mon May 20 22:58:12 2024 -0700 + + Fix LOCK_EVASION issue found by Coverity scan. + + fileLogger.c -- 2 issues reported in file + issue: MultiReader/SingleWriter lock race conditions between assign and + check. + fix: Mitigation more than fix. + + issue: Coverity seems confused by the MR/SW lock, but there is some data + field assignment performed under the wrong lock to clean up. + fix: Move assignment made under Read lock to Write lock. + + Moved setting the data->error status inside of writer lock block. + + Added re-checking the data->error status at reader -> writer and + writer -> reader lock transitions. + +commit 52596dea1e33e40ad8f518d445b53d7f0a4f34f1 +Author: Kruti +Date: Mon May 20 22:58:12 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit 9e85a0c132b8aa01e27bf958b61a802602352311 +Author: Kruti +Date: Fri May 3 09:27:03 2024 -0700 + + Update ChangeLog with the granular push of May 3, 2024. + - plus Copyright modification of files vmxnet3_defs.h and + get-connection-info.sh. + - plus ChangeLog update of Apr 7, 2024. + commit a0ffd2a0bf2a1f22cce695adad374628c832555c Author: Kruti Date: Fri May 3 09:15:25 2024 -0700 From f026fcbdf5344d531954d049b05db12c3cf14429 Mon Sep 17 00:00:00 2001 From: Kruti Date: Sun, 26 May 2024 23:55:32 -0700 Subject: [PATCH 198/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_basic_asm.h | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/open-vm-tools/lib/include/vm_basic_asm.h b/open-vm-tools/lib/include/vm_basic_asm.h index 2c3ba1945..728c50684 100644 --- a/open-vm-tools/lib/include/vm_basic_asm.h +++ b/open-vm-tools/lib/include/vm_basic_asm.h @@ -71,6 +71,9 @@ #include "mul64.h" #elif defined VM_ARM_64 #include "vm_basic_asm_arm64.h" +#ifdef VMKERNEL +#include "vmk_arm_mode.h" +#endif #else #define MUL64_NO_ASM 1 #include "mul64.h" @@ -765,8 +768,8 @@ RDTSC(void) * bora/lib/vprobe/arm64/vp_emit_tc.c::VpEmit_BuiltinRDTSCWork() * bora/modules/vmkernel/tests/core/xmapTest/xmapTest_arm64.c::XMapTest_SetupLoopCode() */ -#if defined(VMKERNEL) && !defined(VMK_ARM_EL1_OR_VHE) - return MRS(CNTPCT_EL0); +#ifdef VMKERNEL + return MRSx(VMK_CNT_CT_EL); #else return MRS(CNTVCT_EL0); #endif From 5ab6868b2b993a18f3680416ad1257b4240c5f25 Mon Sep 17 00:00:00 2001 From: Kruti Date: Sun, 26 May 2024 23:55:32 -0700 Subject: [PATCH 199/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/guest_os.h | 4 +++- open-vm-tools/lib/include/guest_os_tables.h | 6 ++++-- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/open-vm-tools/lib/include/guest_os.h b/open-vm-tools/lib/include/guest_os.h index 29aebbbd7..56317c846 100644 --- a/open-vm-tools/lib/include/guest_os.h +++ b/open-vm-tools/lib/include/guest_os.h @@ -244,7 +244,8 @@ Bool Gos_InSetArray(uint32 gos, const uint32 *set); #define ALLVMKERNEL BS(VMKERNEL), BS(VMKERNEL5), \ BS(VMKERNEL6), BS(VMKERNEL65), \ BS(VMKERNEL7), BS(VMKERNEL7_ARM), \ - BS(VMKERNEL8), BS(VMKERNEL8_ARM) + BS(VMKERNEL8), BS(VMKERNEL8_ARM), \ + BS(VMKERNEL9), BS(VMKERNEL9_ARM) #define ALLLINUX32 BS(VMKERNEL), BS(OTHERLINUX), \ BS(OTHER24XLINUX), ALL26XLINUX32, \ @@ -291,6 +292,7 @@ Bool Gos_InSetArray(uint32 gos, const uint32 *set); BS(WIN_12_ARM_64), \ BS(UBUNTU_ARM_64), BS(PHOTON_ARM_64), \ BS(VMKERNEL7_ARM), BS(VMKERNEL8_ARM), \ + BS(VMKERNEL9_ARM), \ BS(OTHER_ARM_64), BS(DEBIAN_ARM_64), \ BS(OTHER5XLINUX_ARM_64), BS(OTHER6XLINUX_ARM_64), \ BS(OTHER7XLINUX_ARM_64), \ diff --git a/open-vm-tools/lib/include/guest_os_tables.h b/open-vm-tools/lib/include/guest_os_tables.h index ed247f068..1f46e2f17 100644 --- a/open-vm-tools/lib/include/guest_os_tables.h +++ b/open-vm-tools/lib/include/guest_os_tables.h @@ -156,8 +156,10 @@ extern "C" { GOT(GUEST_OS_VMKERNEL65) /* ESX 6.5 and 6.7 64-bit */ \ GOT(GUEST_OS_VMKERNEL7) /* ESX 7 64-bit */ \ GOT(GUEST_OS_VMKERNEL7_ARM) /* ESX 7 Arm 64-bit */ \ - GOT(GUEST_OS_VMKERNEL8) /* ESX 8 and later 64-bit */ \ - GOT(GUEST_OS_VMKERNEL8_ARM) /* ESX 8 and later Arm 64-bit */ \ + GOT(GUEST_OS_VMKERNEL8) /* ESX 8 64-bit */ \ + GOT(GUEST_OS_VMKERNEL8_ARM) /* ESX 8 Arm 64-bit */ \ + GOT(GUEST_OS_VMKERNEL9) /* ESX 9 and later 64-bit */ \ + GOT(GUEST_OS_VMKERNEL9_ARM) /* ESX 9 and later Arm 64-bit */ \ GOT(GUEST_OS_PHOTON_64) /* VMware Photon 64-bit */ \ GOT(GUEST_OS_PHOTON_ARM_64) /* VMware Photon Arm 64-bit */ \ GOT(GUEST_OS_ORACLE) \ From bf2ac0396aedb12330050eeb63d0e3f2af65f847 Mon Sep 17 00:00:00 2001 From: Kruti Date: Sun, 26 May 2024 23:55:32 -0700 Subject: [PATCH 200/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/x86_basic_defs.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/x86_basic_defs.h b/open-vm-tools/lib/include/x86_basic_defs.h index a139da28b..44fb7bd15 100644 --- a/open-vm-tools/lib/include/x86_basic_defs.h +++ b/open-vm-tools/lib/include/x86_basic_defs.h @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (C) 2006-2021,2023 VMware, Inc. All rights reserved. + * Copyright (C) 2006-2021,2023-2024 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -81,6 +81,7 @@ #define CR3_LAM_U57 (1ULL << 61) #define CR3_LAM_U48 (1ULL << 62) +#define CR3_LAM_USER (CR3_LAM_U48 | CR3_LAM_U57) #define CR3_NO_FLUSH (1ULL << 63) #define CR4_VME 0x00000001 From 0d0b7bd3c8c2f63519c055236af843ecfd6d718f Mon Sep 17 00:00:00 2001 From: Kruti Date: Sun, 26 May 2024 23:55:32 -0700 Subject: [PATCH 201/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_product_versions.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/vm_product_versions.h b/open-vm-tools/lib/include/vm_product_versions.h index f9edc1ce1..8fc42e946 100644 --- a/open-vm-tools/lib/include/vm_product_versions.h +++ b/open-vm-tools/lib/include/vm_product_versions.h @@ -532,7 +532,7 @@ # define PRODUCT_LICENSE_VERSION PRODUCT_FLEX_VERSION_STRING_FOR_LICENSE # elif defined(VMX86_VPX) # define PRODUCT_LICENSE_VERSION "8.0" -# define PRODUCT_LICENSE_FILE_VERSION "8.0.5.0" +# define PRODUCT_LICENSE_FILE_VERSION "8.0.5.1" # elif defined(VMX86_SDK) # define PRODUCT_LICENSE_VERSION "1.0" # elif defined(VMX86_P2V) From eedd5a4b61bfd2f54eaabffc2553cb9d7fcabbb5 Mon Sep 17 00:00:00 2001 From: Kruti Date: Sun, 26 May 2024 23:55:32 -0700 Subject: [PATCH 202/375] Change to common source files not applicable to open-vm-tools. --- open-vm-tools/lib/include/vmcheck.h | 10 +++--- open-vm-tools/lib/vmCheck/vmcheck.c | 54 +++++++++++++++++++++++++++-- 2 files changed, 57 insertions(+), 7 deletions(-) diff --git a/open-vm-tools/lib/include/vmcheck.h b/open-vm-tools/lib/include/vmcheck.h index adbdf18f3..9d3285c51 100644 --- a/open-vm-tools/lib/include/vmcheck.h +++ b/open-vm-tools/lib/include/vmcheck.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 2006-2017 VMware, Inc. All rights reserved. + * Copyright (c) 2006-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -16,14 +17,12 @@ * *********************************************************/ - /* * vmcheck.h -- * - * Utility functions for discovering our virtualization status. + * Utility functions for discovering our virtualization status. */ - #ifndef __VMCHECK_H__ # define __VMCHECK_H__ @@ -37,6 +36,9 @@ Bool VmCheck_GetVersion(uint32 *version, // OUT uint32 *type); // OUT +Bool +VmCheck_GetHWVersion(uint32 *hwversion); // OUT + Bool VmCheck_IsVirtualWorld(void); diff --git a/open-vm-tools/lib/vmCheck/vmcheck.c b/open-vm-tools/lib/vmCheck/vmcheck.c index 0e296be5a..153e33034 100644 --- a/open-vm-tools/lib/vmCheck/vmcheck.c +++ b/open-vm-tools/lib/vmCheck/vmcheck.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 2006-2021, 2023 VMware, Inc. All rights reserved. + * Copyright (c) 2006-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -20,7 +21,7 @@ /* * vmcheck.c -- * - * Utility functions for discovering our virtualization status. + * Utility functions for discovering our virtualization status. */ #include @@ -197,7 +198,7 @@ VmCheckSafe(SafeCheckFn checkFn) Bool VmCheck_GetVersion(uint32 *version, // OUT - uint32 *type) // OUT + uint32 *type) // OUT { Backdoor_proto bp; @@ -243,6 +244,53 @@ VmCheck_GetVersion(uint32 *version, // OUT } +/* + *---------------------------------------------------------------------- + * + * VmCheck_GetHWVersion -- + * + * Retrieve the VM's hardware version. + * + * Return value: + * TRUE on success + * *hwversion contains the VM hardware version + * FALSE on failure + * + * Side effects: + * None + * + *---------------------------------------------------------------------- + */ + +Bool +VmCheck_GetHWVersion(uint32 *hwversion) // OUT +{ + Backdoor_proto bp; + ASSERT(hwversion); + + /* Make sure EBX does not contain BDOOR_MAGIC */ + bp.in.size = (size_t)~BDOOR_MAGIC; + /* send backdoor command to get hw version */ + bp.in.cx.halfs.low = BDOOR_CMD_GETHWVERSION; + Backdoor(&bp); + + if (bp.out.ax.word == 0xFFFFFFFF) { + /* + * No backdoor device there. This code is not executing in a VMware + * virtual machine. + */ + return FALSE; + } + + if (bp.out.bx.word != BDOOR_MAGIC) { + return FALSE; + } + + *hwversion = bp.out.ax.word; + return TRUE; +} + + /* *---------------------------------------------------------------------- * From fa9c8fb804f47536cddcdca1365b79477dccff88 Mon Sep 17 00:00:00 2001 From: Kruti Date: Tue, 28 May 2024 02:00:20 -0700 Subject: [PATCH 203/375] Update Copyright pattern. --- open-vm-tools/lib/include/x86_basic_defs.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/x86_basic_defs.h b/open-vm-tools/lib/include/x86_basic_defs.h index 44fb7bd15..c9693a768 100644 --- a/open-vm-tools/lib/include/x86_basic_defs.h +++ b/open-vm-tools/lib/include/x86_basic_defs.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 2006-2021,2023-2024 VMware, Inc. All rights reserved. + * Copyright (c) 2006-2024 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published From 515e38c175e0a642865c663334932b2247414d87 Mon Sep 17 00:00:00 2001 From: Kruti Date: Tue, 28 May 2024 02:35:23 -0700 Subject: [PATCH 204/375] Update ChangeLog with the granular push of May 26, 2024. - plus Copyright pattern update of file x86_basic_defs.h - plus ChangeLog update of May 20, 2024. --- open-vm-tools/ChangeLog | 44 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) diff --git a/open-vm-tools/ChangeLog b/open-vm-tools/ChangeLog index 07ccf5c39..aa00a8aaa 100644 --- a/open-vm-tools/ChangeLog +++ b/open-vm-tools/ChangeLog @@ -1,3 +1,47 @@ +commit fa9c8fb804f47536cddcdca1365b79477dccff88 +Author: Kruti +Date: Tue May 28 02:00:20 2024 -0700 + + Update Copyright pattern. + +commit eedd5a4b61bfd2f54eaabffc2553cb9d7fcabbb5 +Author: Kruti +Date: Sun May 26 23:55:32 2024 -0700 + + Change to common source files not applicable to open-vm-tools. + +commit 0d0b7bd3c8c2f63519c055236af843ecfd6d718f +Author: Kruti +Date: Sun May 26 23:55:32 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit bf2ac0396aedb12330050eeb63d0e3f2af65f847 +Author: Kruti +Date: Sun May 26 23:55:32 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit 5ab6868b2b993a18f3680416ad1257b4240c5f25 +Author: Kruti +Date: Sun May 26 23:55:32 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit f026fcbdf5344d531954d049b05db12c3cf14429 +Author: Kruti +Date: Sun May 26 23:55:32 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit 8112f3d6d12a59d44f87776090643a2519b52f08 +Author: Kruti +Date: Mon May 20 23:18:11 2024 -0700 + + Update ChangeLog with the granular push of May 20, 2024. + - plus Copyright update of file guestApp.c + - plus ChangeLog update of May 3, 2024. + commit 9daa47c599c1fd85b60419b9375ef7d53d8d5c0f Author: Kruti Date: Mon May 20 23:10:14 2024 -0700 From 83463bd3a458f83765fafab346e6d08562139b66 Mon Sep 17 00:00:00 2001 From: Kruti Date: Fri, 7 Jun 2024 09:55:03 -0700 Subject: [PATCH 205/375] Setting the VMware Tools version to 12.4.5. --- open-vm-tools/Makefile.am | 78 ++++++++++++++++++++ open-vm-tools/lib/Makefile.am | 78 ++++++++++++++++++++ open-vm-tools/lib/include/vm_tools_version.h | 24 ++++-- open-vm-tools/vgauth/Makefile.am | 22 ++++++ 4 files changed, 194 insertions(+), 8 deletions(-) diff --git a/open-vm-tools/Makefile.am b/open-vm-tools/Makefile.am index 3ad409e8f..30cde8796 100644 --- a/open-vm-tools/Makefile.am +++ b/open-vm-tools/Makefile.am @@ -72,6 +72,84 @@ if HAVE_UDEV endif +install-data-local: + $(INSTALL) -d $(DESTDIR)/etc/vmware-tools/ + $(INSTALL) -m 644 $(srcdir)/tools.conf $(DESTDIR)/etc/vmware-tools/tools.conf.example + +################################################################################ +### Copyright (c) 2007-2021,2023 VMware, Inc. All rights reserved. +### +### Top-level Makefile for building the VMware OSS Tools. +### +### +### This program is free software; you can redistribute it and/or modify +### it under the terms of version 2 of the GNU General Public License as +### published by the Free Software Foundation. +### +### This program is distributed in the hope that it will be useful, +### but WITHOUT ANY WARRANTY; without even the implied warranty of +### MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +### GNU General Public License for more details. +### +### You should have received a copy of the GNU General Public License +### along with this program; if not, write to the Free Software +### Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA +################################################################################ + +# These flags get passed to aclocal when autoreconf calls it, and tell aclocal +# that all of our macros are in the 'm4' subdirectory. +ACLOCAL_AMFLAGS = -I m4 + +SUBDIRS = +SUBDIRS += lib +if LINUX + SUBDIRS += libguestStoreClient +endif +SUBDIRS += libvmtools +SUBDIRS += libhgfs +SUBDIRS += hgfsclient +if ENABLE_VGAUTH + SUBDIRS += vgauth + SUBDIRS += vgauthImport +endif +SUBDIRS += checkvm +SUBDIRS += libguestlib +if ENABLE_DEPLOYPKG + SUBDIRS += libDeployPkg +endif +SUBDIRS += rpctool +SUBDIRS += namespacetool +SUBDIRS += scripts +SUBDIRS += services +SUBDIRS += toolbox +if HAVE_X11 + SUBDIRS += vmware-user-suid-wrapper +endif +if HAVE_FUSE + SUBDIRS += vmblock-fuse + SUBDIRS += vmhgfs-fuse +endif +if !LINUX + SUBDIRS += vmblockmounter +endif +SUBDIRS += xferlogs +if ENABLE_TESTS + SUBDIRS += tests +endif +if WITH_KERNEL_MODULES + SUBDIRS += modules +endif +SUBDIRS += docs +if ENABLE_LIBAPPMONITOR + SUBDIRS += libappmonitor +endif + +if HAVE_UDEV + SUBDIRS += udev + SUBDIRS += vmwgfxctrl +endif + + install-data-local: $(INSTALL) -d $(DESTDIR)/etc/vmware-tools/ $(INSTALL) -m 644 $(srcdir)/tools.conf $(DESTDIR)/etc/vmware-tools/tools.conf.example diff --git a/open-vm-tools/lib/Makefile.am b/open-vm-tools/lib/Makefile.am index e37422cc1..41656d083 100644 --- a/open-vm-tools/lib/Makefile.am +++ b/open-vm-tools/lib/Makefile.am @@ -76,3 +76,81 @@ SUBDIRS += wiper SUBDIRS += xdg +################################################################################ +### Copyright (c) 2007-2016,2020-2023 VMware, Inc. All rights reserved. +### +### This program is free software; you can redistribute it and/or modify +### it under the terms of version 2 of the GNU General Public License as +### published by the Free Software Foundation. +### +### This program is distributed in the hope that it will be useful, +### but WITHOUT ANY WARRANTY; without even the implied warranty of +### MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +### GNU General Public License for more details. +### +### You should have received a copy of the GNU General Public License +### along with this program; if not, write to the Free Software +### Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA +################################################################################ + +SUBDIRS = +SUBDIRS += guestRpc +SUBDIRS += auth +SUBDIRS += backdoor +if HAVE_VSOCK +SUBDIRS += asyncsocket +endif +SUBDIRS += sslDirect +SUBDIRS += pollGtk +SUBDIRS += poll +SUBDIRS += dataMap +SUBDIRS += hashMap +SUBDIRS += dict +SUBDIRS += dynxdr +SUBDIRS += err +SUBDIRS += file +SUBDIRS += foundryMsg +SUBDIRS += glibUtils +SUBDIRS += guestApp +if LINUX + SUBDIRS += guestStoreClientHelper + SUBDIRS += globalConfig +endif +SUBDIRS += hgfs +SUBDIRS += hgfsBd +SUBDIRS += hgfsHelper +SUBDIRS += hgfsServer +SUBDIRS += hgfsServerManagerGuest +SUBDIRS += hgfsServerPolicyGuest +if HAVE_GTKMM +SUBDIRS += hgfsUri +endif +SUBDIRS += impersonate +SUBDIRS += lock +SUBDIRS += message +SUBDIRS += misc +SUBDIRS += netUtil +SUBDIRS += nicInfo +SUBDIRS += panic +SUBDIRS += panicDefault +SUBDIRS += procMgr +SUBDIRS += rpcChannel +SUBDIRS += rpcIn +SUBDIRS += rpcOut +SUBDIRS += rpcVmx +if USE_SLASH_PROC + SUBDIRS += slashProc +endif +SUBDIRS += string +SUBDIRS += jsmn +SUBDIRS += stubs +SUBDIRS += syncDriver +SUBDIRS += system +SUBDIRS += unicode +SUBDIRS += user +SUBDIRS += vmCheck +SUBDIRS += vmSignal +SUBDIRS += wiper +SUBDIRS += xdg + + diff --git a/open-vm-tools/lib/include/vm_tools_version.h b/open-vm-tools/lib/include/vm_tools_version.h index 2aa9462fd..ea3d2dfd3 100644 --- a/open-vm-tools/lib/include/vm_tools_version.h +++ b/open-vm-tools/lib/include/vm_tools_version.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 1998-2023 VMware, Inc. All rights reserved. + * Copyright (c) 1998-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -1772,15 +1773,22 @@ TOOLS_VERSION_UINT_TO_COMPONENTS(const ToolsVersion toolsVersion, // IN #define TOOLS_VERSION_HEDGE_TRIMMER_UPDATE1_V_BASE 5 #ifndef RC_INVOKED -#define TOOLS_VERSION_NEXT TOOLS_VERSION_TO_UINT(TOOLS_VERSION_NEXT_V) +#define TOOLS_VERSION_SOCKET_WRENCH_RELEASE TOOLS_VERSION_TO_UINT(TOOLS_VERSION_SOCKET_WRENCH_RELEASE_V) #endif /* RC_INVOKED */ -#define TOOLS_VERSION_NEXT_V_MJR 12 -#define TOOLS_VERSION_NEXT_V_MNR 4 -#define TOOLS_VERSION_NEXT_V_BASE 0 +#define TOOLS_VERSION_SOCKET_WRENCH_RELEASE_V_MJR 12 +#define TOOLS_VERSION_SOCKET_WRENCH_RELEASE_V_MNR 4 +#define TOOLS_VERSION_SOCKET_WRENCH_RELEASE_V_BASE 0 -#define TOOLS_VERSION_CURRENT TOOLS_VERSION_NEXT -#define TOOLS_VERSION_CURRENT_STR TOOLS_VERSION_TO_STR(TOOLS_VERSION_NEXT) -#define TOOLS_VERSION_CURRENT_CSV TOOLS_VERSION_TO_CSV(TOOLS_VERSION_NEXT) +#ifndef RC_INVOKED +#define TOOLS_VERSION_SOCKET_WRENCH_UPDATE1 TOOLS_VERSION_TO_UINT(TOOLS_VERSION_SOCKET_WRENCH_UPDATE1_V) +#endif /* RC_INVOKED */ +#define TOOLS_VERSION_SOCKET_WRENCH_UPDATE1_V_MJR 12 +#define TOOLS_VERSION_SOCKET_WRENCH_UPDATE1_V_MNR 4 +#define TOOLS_VERSION_SOCKET_WRENCH_UPDATE1_V_BASE 5 + +#define TOOLS_VERSION_CURRENT TOOLS_VERSION_SOCKET_WRENCH_UPDATE1 +#define TOOLS_VERSION_CURRENT_STR TOOLS_VERSION_TO_STR(TOOLS_VERSION_SOCKET_WRENCH_UPDATE1) +#define TOOLS_VERSION_CURRENT_CSV TOOLS_VERSION_TO_CSV(TOOLS_VERSION_SOCKET_WRENCH_UPDATE1) /* * The extended Tools version is the current Tools version with the diff --git a/open-vm-tools/vgauth/Makefile.am b/open-vm-tools/vgauth/Makefile.am index a984425bc..ef160b99a 100644 --- a/open-vm-tools/vgauth/Makefile.am +++ b/open-vm-tools/vgauth/Makefile.am @@ -20,3 +20,25 @@ SUBDIRS += lib SUBDIRS += cli SUBDIRS += service SUBDIRS += test +################################################################################ +### Copyright (c) 2014-2017,2023 VMware, Inc. All rights reserved. +### +### This program is free software; you can redistribute it and/or modify +### it under the terms of version 2 of the GNU General Public License as +### published by the Free Software Foundation. +### +### This program is distributed in the hope that it will be useful, +### but WITHOUT ANY WARRANTY; without even the implied warranty of +### MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +### GNU General Public License for more details. +### +### You should have received a copy of the GNU General Public License +### along with this program; if not, write to the Free Software +### Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA +################################################################################ + +SUBDIRS = +SUBDIRS += lib +SUBDIRS += cli +SUBDIRS += service +SUBDIRS += test From 6b2f429a17b1256c32008d64785eb6d5242f5b23 Mon Sep 17 00:00:00 2001 From: Kruti Date: Fri, 7 Jun 2024 09:55:03 -0700 Subject: [PATCH 206/375] Linux network log file permissions fix: 0644 to 0600 Since release 11.3.5, on linux guests, the vmware-network.log file has root default file creation permissions (0644) rather than the expected 0600 permissions. Fix: - Adding chmod 0600 on log file creation. - Adding file creation before first logging. - Adding handling of unset handler in case switch, default to file logging. - Adding logging of unknown or bad handler, and using file logging as default. - Default number of logfiles when network.maxOldLogFiles is set to 0. --- open-vm-tools/scripts/linux/network | 36 +++++++++++++++++++++++++++-- 1 file changed, 34 insertions(+), 2 deletions(-) diff --git a/open-vm-tools/scripts/linux/network b/open-vm-tools/scripts/linux/network index 033c88248..b8cb92ce3 100644 --- a/open-vm-tools/scripts/linux/network +++ b/open-vm-tools/scripts/linux/network @@ -1,6 +1,7 @@ #!/bin/sh -x ########################################################## -# Copyright (c) 2001-2018, 2021, 2023 VMware, Inc. All rights reserved. +# Copyright (c) 2001-2018, 2021, 2023-2024 Broadcom. All rights reserved. +# The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. # # This program is free software; you can redistribute it and/or modify it # under the terms of the GNU Lesser General Public License as published @@ -37,6 +38,9 @@ logmode=1 # Defines whether to rotate logs (1) or not (0) logrotate=1 +# Defines whether to set log file permissions (1) or not (0) +logsetperms=1 + # # Get log file path # @@ -56,23 +60,33 @@ get_logfile() { get_logconfig() { handler=`vmware-toolbox-cmd config get logging network.handler | \ sed -e 's/.*= *//' -e 's/ *$//'` + if [ -z "${handler##*"UNSET"*}" ]; then + # Default unset to file handler + handler=file + fi case $handler in "file") get_logfile ;; "file+") + # Append to a file instead of recreating each time get_logfile logrotate=0 ;; "vmx"|"std") logrotate=0 + logsetperms=0 ;; "syslog") logfile=/var/log/syslog logdir=`dirname $logfile` logrotate=0 + logsetperms=0 ;; *) + # Default unknown to 'file' handler, log the issue. + `vmtoolsd --cmd "log WARNING: [$SOURCE] Logging unknown network.handler: $handler"` + get_logfile ;; esac } @@ -84,7 +98,12 @@ rotate_logfile() { if [ $logrotate -eq 1 ]; then max=`vmware-toolbox-cmd config get logging network.maxOldLogFiles | \ sed -e 's/.*= *//' -e 's/ *$//'` - if [ -z "${max##*"UNSET"*}" -o `expr "$max" : '[0-9]\+$'` -eq 0 ]; then + if [ `expr "$max" : '[0-9]\+$'` -eq 0 ]; then + # max is not numeric (UNSET or else), use default. + max=9 + fi + if [ $max -lt 1 ]; then + # max must be > 0, use default. max=9 fi max=`expr $max - 1` @@ -123,6 +142,19 @@ log() { get_logconfig rotate_logfile +if [ $logsetperms -eq 1 ]; then + # Create/Recreate logfile + if [ ! -e $logfile ]; then + touch $logfile + fi + + # Set logfile permissions before writing first log to file. + # ** When handler is 'file+' and logfile existed prior to execution, this + # updates the permissions before appending to logfile. + # ** Otherwise sets permission on new file. + chmod 0600 $logfile +fi + log "Executing '$0 $*'" . `dirname "$0"`/../../statechange.subr From 539c497e2c29f6023cc17e3e382acc43598cfe33 Mon Sep 17 00:00:00 2001 From: Kruti Date: Fri, 7 Jun 2024 09:55:03 -0700 Subject: [PATCH 207/375] [Coverity]: Fix the Y2K38_SAFETY findings from static application security testing (SAST) guestInfoServer.c -- 2 issues reported in file issue: casting time_t (64bits) to int (32bits) causing Y2K38_SAFETY. impact: delta is a time delta in seconds, overflow if delta >= (G_MAXINT/1000)+1 fix: Remove cast on delta, cast both values as int64. issue: casting time_t to int for logging to a '%d'. impact: delta is a time delta in seconds, not expected to overflow a 32 bit int. fix: Remove cast on delta, change string to use '%"FMT64"d' format and cast the time_t to int64; time_t is defined as 'long int'. vixTools.c -- 7 issues reported in file issue: casting time_t to int for convertion to string (xml) impact: procStartTime is a time from epoch, it will overflow the int in Y2K38. fix: Remove the cast, change the string to use '%"FMT64"d"' and cast the time_t to int64; time_t is defined as 'long int'. issues: casting time_t to int in call to VixToolsPrintProcInfoEx. impact: The times used are time from epoch and will be impacted by Y2K38. fix: Change signature of VixToolsPrintProcInfoEx to take in time_t types. Change VixToolsPrintProcInfoEx to use '%"FMT64"d' in string conversions. and cast the time_t to int64; time_t is defined as 'long int'. --- .../plugins/guestInfo/guestInfoServer.c | 9 ++--- open-vm-tools/services/plugins/vix/vixTools.c | 33 ++++++++++--------- 2 files changed, 22 insertions(+), 20 deletions(-) diff --git a/open-vm-tools/services/plugins/guestInfo/guestInfoServer.c b/open-vm-tools/services/plugins/guestInfo/guestInfoServer.c index 8ec1236e3..f4e405a9f 100644 --- a/open-vm-tools/services/plugins/guestInfo/guestInfoServer.c +++ b/open-vm-tools/services/plugins/guestInfo/guestInfoServer.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 1998-2023 VMware, Inc. All rights reserved. + * Copyright (c) 1998-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -304,13 +305,13 @@ GuestInfoCheckIfRunningSlow(ToolsAppCtx *ctx) * Have a long enough delta to ensure that we have really missed a * collection. */ - if (((int) delta * 1000) >= (2 * guestInfoPollInterval)) { + if (((int64)delta * 1000) >= ((int64) 2 * guestInfoPollInterval)) { gchar *msg, *rpcMsg; msg = g_strdup_printf( "*** WARNING: GuestInfo collection interval longer than " - "expected; actual=%d sec, expected=%d sec. ***\n", - (int) delta, guestInfoPollInterval / 1000); + "expected; actual=%"FMT64"d sec, expected=%d sec. ***\n", + (int64) delta, guestInfoPollInterval / 1000); rpcMsg = g_strdup_printf("log %s", msg); diff --git a/open-vm-tools/services/plugins/vix/vixTools.c b/open-vm-tools/services/plugins/vix/vixTools.c index 75d24a29e..46fb83744 100644 --- a/open-vm-tools/services/plugins/vix/vixTools.c +++ b/open-vm-tools/services/plugins/vix/vixTools.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 2007-2023 VMware, Inc. All rights reserved. + * Copyright (c) 2007-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -590,9 +591,9 @@ static VixError VixToolsPrintProcInfoEx(DynBuf *dstBuffer, const char *name, uint64 pid, const char *user, - int start, + time_t start, int exitCode, - int exitTime); + time_t exitTime); static VixError VixToolsListDirectory(VixCommandRequestHeader *requestMsg, size_t maxBufferSize, @@ -5383,13 +5384,13 @@ VixToolsListProcesses(VixCommandRequestHeader *requestMsg, // IN "%d" #endif "%s" - "%d" + "%"FMT64"d" "", cmdNamePtr, name, (int) procInfo->procId, #if defined(_WIN32) (int) procInfo->procDebugged, #endif - user, (int) procInfo->procStartTime); + user, (int64) procInfo->procStartTime); if (NULL == procBufPtr) { err = VIX_E_OUT_OF_MEMORY; goto quit; @@ -5552,9 +5553,9 @@ VixToolsListProcessesExGenerateData(uint32 numPids, // IN spList->fullCommandLine, spList->pid, spList->user, - (int) spList->startTime, + spList->startTime, spList->exitCode, - (int) spList->endTime); + spList->endTime); if (VIX_OK != err) { goto quit; } @@ -5572,9 +5573,9 @@ VixToolsListProcessesExGenerateData(uint32 numPids, // IN spList->fullCommandLine, spList->pid, spList->user, - (int) spList->startTime, + spList->startTime, spList->exitCode, - (int) spList->endTime); + spList->endTime); if (VIX_OK != err) { goto quit; } @@ -5648,7 +5649,7 @@ VixToolsListProcessesExGenerateData(uint32 numPids, // IN procInfo->procId, (NULL == procInfo->procOwner) ? "" : procInfo->procOwner, - (int) procInfo->procStartTime, + procInfo->procStartTime, 0, 0); if (VIX_OK != err) { goto quit; @@ -5669,7 +5670,7 @@ VixToolsListProcessesExGenerateData(uint32 numPids, // IN procInfo->procId, (NULL == procInfo->procOwner) ? "" : procInfo->procOwner, - (int) procInfo->procStartTime, + procInfo->procStartTime, 0, 0); if (VIX_OK != err) { goto quit; @@ -5996,9 +5997,9 @@ VixToolsPrintProcInfoEx(DynBuf *dstBuffer, // IN/OUT const char *name, // IN uint64 pid, // IN const char *user, // IN - int start, // IN + time_t start, // IN int exitCode, // IN - int exitTime) // IN + time_t exitTime) // IN { VixError err; char *escapedName = NULL; @@ -6038,12 +6039,12 @@ VixToolsPrintProcInfoEx(DynBuf *dstBuffer, // IN/OUT "%s" "%"FMT64"d" "%s" - "%d" + "%"FMT64"d" "%d" - "%d" + "%"FMT64"d" "", cmdNamePtr, escapedName, pid, escapedUser, - start, exitCode, exitTime); + (int64) start, exitCode, (int64) exitTime); if (NULL == procInfoEntry) { err = VIX_E_OUT_OF_MEMORY; goto quit; From 36108c65d3dbfaa7bf630076376252dcefcb1e80 Mon Sep 17 00:00:00 2001 From: Kruti Date: Fri, 7 Jun 2024 09:55:03 -0700 Subject: [PATCH 208/375] Fix the Y2K38_SAFETY finding found by Coverity scan. Change the date type to 'long long' to make the size be 64 bits, same as that of time_t. --- open-vm-tools/libDeployPkg/linuxDeployment.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/open-vm-tools/libDeployPkg/linuxDeployment.c b/open-vm-tools/libDeployPkg/linuxDeployment.c index 4ddf3477a..d31d52927 100644 --- a/open-vm-tools/libDeployPkg/linuxDeployment.c +++ b/open-vm-tools/libDeployPkg/linuxDeployment.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 2006-2023 VMware, Inc. All rights reserved. + * Copyright (c) 2006-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -1758,7 +1759,7 @@ ExtractZipPackage(const char* pkgName, Bool ret = TRUE; // strip the header from the file - snprintf(zipName, sizeof zipName, "%s/%x", destDir, (unsigned int)time(0)); + snprintf(zipName, sizeof zipName, "%s/%llx", destDir, (long long)time(NULL)); zipName[(sizeof zipName) - 1] = '\0'; if ((pkgFd = open(pkgName, O_RDONLY)) < 0) { sLog(log_error, "Failed to open package file '%s' for read. (%s)", From 912e76c343e876197ab597a303eced5685d05d2f Mon Sep 17 00:00:00 2001 From: Kruti Date: Fri, 7 Jun 2024 09:55:03 -0700 Subject: [PATCH 209/375] Fix the SHELLCHECK_WARNING findings from static application security testing (SAST) install/Linux/scripts/network: Multiple shellcheck issues found in the Linux "network" script with the warning "Remove backticks to avoid executing output (or use eval if intentional)." Removed the backticks from those corresponding lines of the script. --- open-vm-tools/scripts/linux/network | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/open-vm-tools/scripts/linux/network b/open-vm-tools/scripts/linux/network index b8cb92ce3..e6a2765f5 100644 --- a/open-vm-tools/scripts/linux/network +++ b/open-vm-tools/scripts/linux/network @@ -85,7 +85,7 @@ get_logconfig() { ;; *) # Default unknown to 'file' handler, log the issue. - `vmtoolsd --cmd "log WARNING: [$SOURCE] Logging unknown network.handler: $handler"` + vmtoolsd --cmd "log WARNING: [$SOURCE] Logging unknown network.handler: $handler" get_logfile ;; esac @@ -121,7 +121,7 @@ rotate_logfile() { log() { if [ $logmode -eq 1 ]; then if [ "$handler" = "vmx" ]; then - `vmtoolsd --cmd "log $*"` + vmtoolsd --cmd "log $*" elif [ "$handler" = "std" ]; then echo `date` ": $*" elif [ -w $logdir ]; then @@ -129,11 +129,11 @@ log() { if [ $space -gt 1024 ]; then echo `date` ": $*" >> $logfile else - `vmtoolsd --cmd "log WARNING: [$SOURCE] Logging disabled. No space left in $logdir"` + vmtoolsd --cmd "log WARNING: [$SOURCE] Logging disabled. No space left in $logdir" logmode=0 fi else - `vmtoolsd --cmd "log WARNING: [$SOURCE] Logging disabled. $logdir is not writable"` + vmtoolsd --cmd "log WARNING: [$SOURCE] Logging disabled. $logdir is not writable" logmode=0 fi fi @@ -533,7 +533,7 @@ rescue_NIC() TranquilizeNetworkManager() { - # `which' may be a bit noisy, so we'll shush it. + # 'which' may be a bit noisy, so we'll shush it. dbusSend=`which dbus-send 2>/dev/null` rc=$? if [ $rc -ne 0 ]; then @@ -606,7 +606,7 @@ TranquilizeNetworkManager() WakeNetworkManager() { - # `which' may be a bit noisy, so we'll shush it. + # 'which' may be a bit noisy, so we'll shush it. dbusSend=`which dbus-send 2>/dev/null` rc=$? if [ $rc = 0 ]; then From 0d4abd5e8b920058685199adc356836d0e4dd7f3 Mon Sep 17 00:00:00 2001 From: Kruti Date: Fri, 7 Jun 2024 09:55:03 -0700 Subject: [PATCH 210/375] Fixes for issues found in Coverity scan. vgauth/serviceImpl/saml-xmlsec1.c issue: 'string_null' for strlen(pemCert) impact: False-positive fix: suppress 'string_null' issue: leaked_storage: certChain is not cleaned up on error. impact: Memory is leaked on the error path. fix: Add line before return to free certChain. vgauth/common/i18n.c issue: 'leaked_storage' for "name" variable impact: False-positive fix: suppress 'leaked_storage' lib/file/file.c issue: use_after_free for 'src' pointer impact: False-positive fix: suppress 'use_after_free' services/plugins/serviceDiscovery/serviceDiscovery.c issue: overrun-local: gdpErrMsgs array contains one less entry then there are enum defined. impact: Valid but the function never return the GDP_ERR_MAX enum. fix: in gdp.h, add an error entry for GDP_ERR_MAX this way gdpErrMsgs will generate all entries. lib/file/fileLockPosix.c issue: string_null for 'buffer' not being null terminated. impact: False-positive fix: suppress 'string_null' --- open-vm-tools/lib/file/file.c | 4 +++- open-vm-tools/lib/file/fileLockPosix.c | 4 +++- open-vm-tools/lib/include/vmware/tools/gdp.h | 11 ++++++++--- open-vm-tools/vgauth/common/i18n.c | 4 +++- open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c | 5 ++++- 5 files changed, 21 insertions(+), 7 deletions(-) diff --git a/open-vm-tools/lib/file/file.c b/open-vm-tools/lib/file/file.c index ffe49417b..246864ba5 100644 --- a/open-vm-tools/lib/file/file.c +++ b/open-vm-tools/lib/file/file.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 1998-2023 VMware, Inc. All rights reserved. + * Copyright (c) 1998-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -2419,6 +2420,7 @@ FileRotateByRename(const char *fileName, // IN: full path to file ASSERT(dst != fileName); Posix_Free(dst); + /* coverity[use_after_free] */ dst = src; } } diff --git a/open-vm-tools/lib/file/fileLockPosix.c b/open-vm-tools/lib/file/fileLockPosix.c index 8dec054ae..2cd388e80 100644 --- a/open-vm-tools/lib/file/fileLockPosix.c +++ b/open-vm-tools/lib/file/fileLockPosix.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 2006-2019 VMware, Inc. All rights reserved. + * Copyright (c) 2006-2019,2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -238,6 +239,7 @@ FileLockProcessDescriptor(pid_t pid) // IN: * properly handled. */ + /* coverity[string_null] */ p = strchr(buffer, '('); if ((p == NULL) || (p == buffer) || (*(p - 1) != ' ')) { diff --git a/open-vm-tools/lib/include/vmware/tools/gdp.h b/open-vm-tools/lib/include/vmware/tools/gdp.h index ec59e06b5..a3077b476 100644 --- a/open-vm-tools/lib/include/vmware/tools/gdp.h +++ b/open-vm-tools/lib/include/vmware/tools/gdp.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 2020-2021,2023 VMware, Inc. All rights reserved. + * Copyright (c) 2020-2021,2023-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -92,6 +93,8 @@ extern "C++" { * - GdpEnum name * - error-id string id * - Default error message string + * + * GDP_ERR_MAX item MUST BE LAST */ #define GDP_ERR_LIST \ GDP_ERR_ITEM(GDP_ERROR_SUCCESS = 0, \ @@ -117,7 +120,10 @@ extern "C++" { "Operation timed out") \ GDP_ERR_ITEM(GDP_ERROR_NO_SUBSCRIBERS, \ "no-subscribers", \ - "No subscribers for data") + "No subscribers for data") \ + GDP_ERR_ITEM(GDP_ERR_MAX, \ + "last-error", \ + "last-error") /* * GdpError codes enum. @@ -125,7 +131,6 @@ extern "C++" { #define GDP_ERR_ITEM(a, b, c) a, typedef enum GdpError { GDP_ERR_LIST - GDP_ERR_MAX } GdpError; #undef GDP_ERR_ITEM diff --git a/open-vm-tools/vgauth/common/i18n.c b/open-vm-tools/vgauth/common/i18n.c index 6377f335f..a8d1310bf 100644 --- a/open-vm-tools/vgauth/common/i18n.c +++ b/open-vm-tools/vgauth/common/i18n.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 2011-2019 VMware, Inc. All rights reserved. + * Copyright (c) 2011-2019,2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -622,6 +623,7 @@ MsgLoadCatalog(const char *path) * If the local DictLL_UnmarshalLine() returns NULL, name and value * will remain NULL pointers. No malloc'ed memory to free here. */ + /* coverity[leaked_storage] */ break; } diff --git a/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c b/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c index f0b83f73d..917e49f4b 100644 --- a/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c +++ b/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 2016-2023 VMware, Inc. All rights reserved. + * Copyright (c) 2016-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -1222,6 +1223,7 @@ BuildCertChain(xmlNodePtr x509Node, /* * Add cert to the keymanager. */ + /* coverity[string_null] */ ret = xmlSecCryptoAppKeysMngrCertLoadMemory(mgr, pemCert, (xmlSecSize) strlen(pemCert), @@ -1734,6 +1736,7 @@ SAML_VerifyBearerTokenAndChain(const char *xmlText, if (err != VGAUTH_E_OK) { VMXLog_Log(VMXLOG_LEVEL_WARNING, "Unrelated certs found in SAML token, failing\n"); + FreeCertArray(num, certChain); return VGAUTH_E_AUTHENTICATION_DENIED; } } From 7db39873858ca26a285d5690ef25c0ffdb0d437d Mon Sep 17 00:00:00 2001 From: Kruti Date: Fri, 7 Jun 2024 09:55:03 -0700 Subject: [PATCH 211/375] Update NetworkManager calls in suspend/resume scripts. Revise the NetworkManager calls in the Linux network script to prefer using the Sleep method over the "Enable" method being used to work around a bug in version 0.9.0. Pull request: https://github.com/vmware/open-vm-tools/pull/699 Issue: https://github.com/vmware/open-vm-tools/issues/426 --- open-vm-tools/AUTHORS | 4 ++++ open-vm-tools/scripts/linux/network | 18 ++++++++++-------- 2 files changed, 14 insertions(+), 8 deletions(-) diff --git a/open-vm-tools/AUTHORS b/open-vm-tools/AUTHORS index 98c86fd6c..a744081a9 100644 --- a/open-vm-tools/AUTHORS +++ b/open-vm-tools/AUTHORS @@ -94,3 +94,7 @@ Jan Engelhardt Fix build problems with grpc (at least) 1.54 Yun Zheng Hu Power Ops: Attempt to execute file path only - https://github.com/vmware/open-vm-tools/pull/689 + +Joseph Allen Updated NetworkManager calls in suspend/resume scripts + https://github.com/vmware/open-vm-tools/pull/699 + diff --git a/open-vm-tools/scripts/linux/network b/open-vm-tools/scripts/linux/network index e6a2765f5..58d3bc31e 100644 --- a/open-vm-tools/scripts/linux/network +++ b/open-vm-tools/scripts/linux/network @@ -561,20 +561,21 @@ TranquilizeNetworkManager() ;; esac - # NetworkManager 0.8.0 and above + # NetworkManager 0.9.1 and above + earlier versions that honor + # the "Sleep" config boolean. $dbusSend --system --print-reply \ --dest=org.freedesktop.NetworkManager \ /org/freedesktop/NetworkManager \ - org.freedesktop.NetworkManager.Enable boolean:false + org.freedesktop.NetworkManager.Sleep boolean:true rc=$? if [ $rc -eq 0 ]; then return $rc fi - # NetworkManager 0.7.0 + # NetworkManager 0.9.0 $dbusSend --system --print-reply \ --dest=org.freedesktop.NetworkManager \ /org/freedesktop/NetworkManager \ - org.freedesktop.NetworkManager.Sleep boolean:true + org.freedesktop.NetworkManager.Enable boolean:false rc=$? if [ $rc -eq 0 ]; then return $rc @@ -610,20 +611,21 @@ WakeNetworkManager() dbusSend=`which dbus-send 2>/dev/null` rc=$? if [ $rc = 0 ]; then - # NetworkManager 0.8.0 + # NetworkManager 0.9.1 and above + earlier versions that honor + # the "Sleep" config boolean. $dbusSend --system --print-reply \ --dest=org.freedesktop.NetworkManager \ /org/freedesktop/NetworkManager \ - org.freedesktop.NetworkManager.Enable boolean:true + org.freedesktop.NetworkManager.Sleep boolean:false rc=$? if [ $rc = 0 ]; then return $rc fi - # NetworkManager 0.7.0 + # NetworkManager 0.9.0 $dbusSend --system --print-reply \ --dest=org.freedesktop.NetworkManager \ /org/freedesktop/NetworkManager \ - org.freedesktop.NetworkManager.Sleep boolean:false + org.freedesktop.NetworkManager.Enable boolean:true rc=$? if [ $rc = 0 ]; then return $rc From 4854674e3bce20215f313d5d1049654a468337ef Mon Sep 17 00:00:00 2001 From: Kruti Date: Fri, 7 Jun 2024 09:55:03 -0700 Subject: [PATCH 212/375] [Coverity]: UNINIT in resolutionSet finding from static application security testing (SAST) resolutionSet.c -- 1 issue reported in the file issue: capabilityArray not initialized or partially initialized when reaching the statement. impact: False-positive fix: suppress 'uninit_use_in_call' VMTools_WrapArray converts the capabilityArray to a GArray. The 'wrapped' array is allocated space for capabilityCount elements and only the first capabilityCount elements are COPIED from capabilityArray to the allocated GArray. As such, the uninitialized elements of the capabilityArray are never used to generate the returned GArray. While technically true (uninitialized) there is no reason to zero the array indexes from capabilityCount through to the end of the array as these elements are unused. --- .../services/plugins/resolutionSet/resolutionSet.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/services/plugins/resolutionSet/resolutionSet.c b/open-vm-tools/services/plugins/resolutionSet/resolutionSet.c index 4cc9bd164..d4f7293d7 100644 --- a/open-vm-tools/services/plugins/resolutionSet/resolutionSet.c +++ b/open-vm-tools/services/plugins/resolutionSet/resolutionSet.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 2008-2018 VMware, Inc. All rights reserved. + * Copyright (c) 2008-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -510,6 +511,12 @@ ResolutionSetCapabilities(gpointer src, ASSERT(capabilityCount <= RESOLUTION_SET_CAPABILITIES_MAX); + /* + * VMTools_WrapArray copies the first capabilityCount elements from + * capabilityArray to the returned GArray. The uninitialized elements are not + * used. + */ + /* coverity[uninit_use_in_call] */ return VMTools_WrapArray(capabilityArray, sizeof *capabilityArray, capabilityCount); From 642f553a707c6b8ac0bb8064fe1a96fdeaf66043 Mon Sep 17 00:00:00 2001 From: Kruti Date: Fri, 7 Jun 2024 09:55:03 -0700 Subject: [PATCH 213/375] Remove unused header files from the open-vm-tools source bundle. --- open-vm-tools/lib/include/miscSolaris.h | 47 ----- open-vm-tools/lib/include/syncEvent.h | 89 -------- open-vm-tools/lib/include/vm_basic_math.h | 197 ------------------ open-vm-tools/lib/include/vm_legal.h | 94 --------- .../libDeployPkg/libDeployPkg_version.h | 37 ---- .../libguestlib/vmguestlib_version.h | 39 ---- open-vm-tools/vgauth/common/createToken.h | 36 ---- open-vm-tools/vgauth/common/s4u2self.h | 33 --- open-vm-tools/vgauth/common/serviceUser.h | 37 ---- .../vgauth/public/VGAuthIdProvider.h | 185 ---------------- .../vgauth/service/vgauthService_version.h | 39 ---- 11 files changed, 833 deletions(-) delete mode 100644 open-vm-tools/lib/include/miscSolaris.h delete mode 100644 open-vm-tools/lib/include/syncEvent.h delete mode 100644 open-vm-tools/lib/include/vm_basic_math.h delete mode 100644 open-vm-tools/lib/include/vm_legal.h delete mode 100644 open-vm-tools/libDeployPkg/libDeployPkg_version.h delete mode 100644 open-vm-tools/libguestlib/vmguestlib_version.h delete mode 100644 open-vm-tools/vgauth/common/createToken.h delete mode 100644 open-vm-tools/vgauth/common/s4u2self.h delete mode 100644 open-vm-tools/vgauth/common/serviceUser.h delete mode 100644 open-vm-tools/vgauth/public/VGAuthIdProvider.h delete mode 100644 open-vm-tools/vgauth/service/vgauthService_version.h diff --git a/open-vm-tools/lib/include/miscSolaris.h b/open-vm-tools/lib/include/miscSolaris.h deleted file mode 100644 index c2676ada6..000000000 --- a/open-vm-tools/lib/include/miscSolaris.h +++ /dev/null @@ -1,47 +0,0 @@ -/********************************************************* - * Copyright (C) 2005-2017 VMware, Inc. All rights reserved. - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as published - * by the Free Software Foundation version 2.1 and no later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public - * License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - *********************************************************/ - -/* - *---------------------------------------------------------------------- - * - * miscSolaris -- - * - * Implementation of new Linux functions for Solaris. - * - *---------------------------------------------------------------------- - */ - -#ifndef _MISCSOLARIS_H_ -#define _MISCSOLARIS_H_ - -#define INCLUDE_ALLOW_USERLEVEL - -#if defined(__cplusplus) -extern "C" { -#endif - -int -daemon(int nochdir, int noclose); - -#if defined(__cplusplus) -} // extern "C" -#endif - -#endif /* _MISCSOLARIS_H_ */ - - diff --git a/open-vm-tools/lib/include/syncEvent.h b/open-vm-tools/lib/include/syncEvent.h deleted file mode 100644 index 8e4f13e0d..000000000 --- a/open-vm-tools/lib/include/syncEvent.h +++ /dev/null @@ -1,89 +0,0 @@ -/********************************************************* - * Copyright (C) 2004-2017 VMware, Inc. All rights reserved. - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as published - * by the Free Software Foundation version 2.1 and no later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public - * License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - *********************************************************/ - -/* - * syncEvent.h -- - * - * Implements a platform independent condition event that - * you can either wait on or pass to Poll() or your event loop. - * - * WARNING! - * This is an auto-reset event. So, you cannot use it for devices - * in Poll that may be holding a device lock. It works fine for Poll if - * you don't specify a lock when you register the handle with Poll(). - */ - -#ifndef _SYNC_EVENT_H_ -#define _SYNC_EVENT_H_ - -//#include "syncWaitQ.h" -#include "vm_atomic.h" - -#if defined(__cplusplus) -extern "C" { -#endif - - -#ifndef _WIN32 -typedef enum -{ - READ_FD_INDEX = 0, - WRITE_FD_INDEX = 1, - NUM_SYNC_EVENT_FDS = 2 -} SyncEventFDTypes; -#endif // _WIN32 - - -/* - * SyncEvent -- - */ -typedef struct SyncEvent { - /* - * Whether the waitqueue has been initialized; - */ - Bool initialized; - -#ifdef _WIN32 - HANDLE event; -#else - Atomic_uint32 signalled; - int fdList[NUM_SYNC_EVENT_FDS]; -#endif // #ifdef _WIN32 -} SyncEvent; - - -/* - * Be careful, on win64, handles are 64 bits, but Poll takes an int32. - */ -typedef int32 SyncEventSelectableHandle; - - -Bool SyncEvent_Init(SyncEvent *that); -void SyncEvent_Destroy(SyncEvent *that); - -void SyncEvent_Signal(SyncEvent *that); -Bool SyncEvent_TryWait(SyncEvent *that); -void SyncEvent_Wait(SyncEvent *that); - -SyncEventSelectableHandle SyncEvent_GetHandle(SyncEvent *that); - -#if defined(__cplusplus) -} // extern "C" -#endif - -#endif // #ifndef _SYNC_EVENT_H_ diff --git a/open-vm-tools/lib/include/vm_basic_math.h b/open-vm-tools/lib/include/vm_basic_math.h deleted file mode 100644 index 065ba368f..000000000 --- a/open-vm-tools/lib/include/vm_basic_math.h +++ /dev/null @@ -1,197 +0,0 @@ -/********************************************************* - * Copyright (C) 2008-2017 VMware, Inc. All rights reserved. - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as published - * by the Free Software Foundation version 2.1 and no later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public - * License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - *********************************************************/ - -/* - * vm_basic_math.h -- - * - * Standard mathematical macros for VMware source code. - */ - -#ifndef _VM_BASIC_MATH_H_ -#define _VM_BASIC_MATH_H_ - -#define INCLUDE_ALLOW_USERLEVEL - -#define INCLUDE_ALLOW_MODULE -#define INCLUDE_ALLOW_VMMON -#define INCLUDE_ALLOW_VMKERNEL -#define INCLUDE_ALLOW_VMKDRIVERS -#define INCLUDE_ALLOW_VMK_MODULE -#define INCLUDE_ALLOW_DISTRIBUTE -#define INCLUDE_ALLOW_VMCORE -#include "includeCheck.h" -#include "vm_basic_types.h" // For INLINE. -#include "vm_basic_asm.h" // For Div64... - -#if defined __cplusplus -extern "C" { -#endif - - -static INLINE uint32 -RatioOf(uint32 numer1, uint32 numer2, uint32 denom) -{ - uint64 numer = (uint64)numer1 * numer2; - /* Calculate "(numer1 * numer2) / denom" avoiding round-off errors. */ -#if defined(VMM) || !(defined(__i386__) || defined(__x86_64__)) - return numer / denom; -#else - uint32 ratio; - uint32 unused; - Div643232(numer, denom, &ratio, &unused); - return ratio; -#endif -} - -static INLINE uint32 -ExponentialAvg(uint32 avg, uint32 value, uint32 gainNumer, uint32 gainDenom) -{ - uint32 term1 = gainNumer * avg; - uint32 term2 = (gainDenom - gainNumer) * value; - return (term1 + term2) / gainDenom; -} - - -/* - *----------------------------------------------------------------------------- - * - * IsZeroOrPowerOfTwo -- - * IsZeroOrPowerOfTwo64 -- - * - * Results: - * TRUE iff the value is 0 or a power of two. - * - * Side effects: - * None. - * - *----------------------------------------------------------------------------- - */ - -static INLINE Bool -IsZeroOrPowerOfTwo64(uint64 x) -{ - return !(x & (x - 1)); -} - - -static INLINE Bool -IsZeroOrPowerOfTwo(uint32 x) // IN -{ - return !(x & (x - 1)); -} - - -static INLINE uint32 -GetPowerOfTwo(uint32 x) -{ - /* Returns next-greatest power-of-two. */ - uint32 power2 = 1; - while (x > power2) { - power2 = power2 << 1; - } - return power2; -} - - -#if !defined(_WIN32) && !defined(_WIN64) -/* - *----------------------------------------------------------------------------- - * - * RotateLeft32 -- - * - * Results: - * Value rotated to the left by 'shift' bits. - * - * Side effects: - * None. - * - *----------------------------------------------------------------------------- - */ -static INLINE uint32 -RotateLeft32(uint32 value, uint8 shift) -{ - return ((value << shift) | (value >> (32 - shift))); -} - - -/* - *----------------------------------------------------------------------------- - * - * RotateRight32 -- - * - * Results: - * Value rotated to the right by 'shift' bits. - * - * Side effects: - * None. - * - *----------------------------------------------------------------------------- - */ -static INLINE uint32 -RotateRight32(uint32 value, uint8 shift) -{ - return ((value >> shift) | (value << (32 - shift))); -} - - -/* - *----------------------------------------------------------------------------- - * - * RotateLeft64 -- - * - * Results: - * Value rotated to the left by 'shift' bits. - * - * Side effects: - * None. - * - *----------------------------------------------------------------------------- - */ -static INLINE uint64 -RotateLeft64(uint64 value, uint8 shift) -{ - return ((value << shift) | (value >> (64 - shift))); -} - - -/* - *----------------------------------------------------------------------------- - * - * RotateRight64 -- - * - * Results: - * Value rotated to the right by 'shift' bits. - * - * Side effects: - * None. - * - *----------------------------------------------------------------------------- - */ -static INLINE uint64 -RotateRight64(uint64 value, uint8 shift) -{ - return ((value >> shift) | (value << (64 - shift))); -} -#endif // if !defined(_WIN32) && !defined(_WIN64) - - -#if defined __cplusplus -} // extern "C" -#endif - -#endif // ifndef _VM_BASIC_MATH_H_ diff --git a/open-vm-tools/lib/include/vm_legal.h b/open-vm-tools/lib/include/vm_legal.h deleted file mode 100644 index 1d3f0fdbd..000000000 --- a/open-vm-tools/lib/include/vm_legal.h +++ /dev/null @@ -1,94 +0,0 @@ -/********************************************************* - * Copyright (c) 2006-2024 Broadcom. All Rights Reserved. - * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as published - * by the Free Software Foundation version 2.1 and no later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public - * License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - *********************************************************/ - -/* - * All the legalese that we display in About boxes and similar places. - */ - - -#ifndef VM_LEGAL_H -#define VM_LEGAL_H - -#include "vm_product.h" - -#ifndef WSTR -#define WSTR_(x) L ## x -#define WSTR(x) WSTR_(x) -#endif - - -/* - * NOTE: The following strings may be incorporated into MSGID strings. - * Updating them therefore may require updating translations and vmsg - * auditing files in bora/messages/ to avoid breaking the build. - */ -#define COPYRIGHT_YEARS "1998-2024" /* See the note above when changing. */ -#define COPYRIGHT_STRING "Copyright (C) " COPYRIGHT_YEARS " " COMPANY_NAME -#define RIGHT_RESERVED "All rights reserved." - -/* - * Use UTF8_COPYRIGHT_STRING_BASE when the COMPANY_NAME must be separated out - * to create a hyperlink. - */ -#define UTF8_COPYRIGHT_STRING_BASE "Copyright \302\251 " COPYRIGHT_YEARS -#define UTF8_COPYRIGHT_STRING UTF8_COPYRIGHT_STRING_BASE " " COMPANY_NAME - -/* - * A UTF-16 version of the copyright string. wchar_t is an - * implementation-defined type, but we can expect it to be UTF-16 on - * Windows. (Only Windows cares about UTF-16 anyway.) - */ -#ifdef _WIN32 -#if defined(VMX86_TOOLS) || defined(VMX86_VGAUTH) || defined(VMX86_SYSIMAGE) -/* - * XXX - Temporary fix for Windows user-mode binaries properties copyright. - */ -#define COMPANY_COPYRIGHT_NAME "Broadcom Inc. and/or its subsidiaries." - -#define UTF16_COPYRIGHT_STRING L"Copyright \x00A9 " WSTR(COPYRIGHT_YEARS) L" " \ - WSTR(COMPANY_COPYRIGHT_NAME) L" All Rights Reserved." -#else -#define UTF16_COPYRIGHT_STRING L"Copyright \x00A9 " WSTR(COPYRIGHT_YEARS) L" " WSTR(COMPANY_NAME) -#endif -#endif - - -/* - * Use PATENTS_STRING for showing the patents string in plaintext form. - * PATENTS_FMT_STRING can be used with PATENTS_URL for creating hyperlinks. - * - * The spaces that precede embedded newlines in the strings below are - * intentional. (See bug 1089068.) - */ -#define PATENTS_STRING_BASE \ - "This product is protected by U.S. and international copyright and \n" \ - "intellectual property laws. VMware products are covered by one or \n" \ - "more patents listed at " -#define PATENTS_STRING PATENTS_STRING_BASE "<" PATENTS_URL ">." -#define PATENTS_FMT_STRING PATENTS_STRING_BASE "%s." -#define PATENTS_URL "http://www.vmware.com/go/patents" - -#define TRADEMARK_STRING \ - "VMware is a registered trademark or trademark of VMware, Inc. in the \n" \ - "United States and/or other jurisdictions." -#define GENERIC_TRADEMARK_STRING \ - "All other marks and names mentioned herein may be trademarks of their \n" \ - "respective companies." - -#endif /* VM_LEGAL_H */ diff --git a/open-vm-tools/libDeployPkg/libDeployPkg_version.h b/open-vm-tools/libDeployPkg/libDeployPkg_version.h deleted file mode 100644 index f2ad8ef3d..000000000 --- a/open-vm-tools/libDeployPkg/libDeployPkg_version.h +++ /dev/null @@ -1,37 +0,0 @@ -/********************************************************* - * Copyright (C) 2014-2017 VMware, Inc. All rights reserved. - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as published - * by the Free Software Foundation version 2.1 and no later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public - * License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - *********************************************************/ - -/* - * libDeployPkg_version.h -- - * - * Version definitions for libDeployPkg. - */ - -#ifndef _LIBDEPLOYPKG_VERSION_H_ -#define _LIBDEPLOYPKG_VERSION_H_ - -/* - * This component's version is coupled with Tools versioning. The effect - * is that the version increments with each build, and with each Tools - * version bump. - */ -#include "vm_tools_version.h" -#define LIBDEPLOYPKG_VERSION_COMMAS TOOLS_VERSION_EXT_CURRENT_CSV -#define LIBDEPLOYPKG_VERSION_STRING TOOLS_VERSION_EXT_CURRENT_STR - -#endif /* _LIBDEPLOYPKG_VERSION_H_ */ diff --git a/open-vm-tools/libguestlib/vmguestlib_version.h b/open-vm-tools/libguestlib/vmguestlib_version.h deleted file mode 100644 index 9349bff7a..000000000 --- a/open-vm-tools/libguestlib/vmguestlib_version.h +++ /dev/null @@ -1,39 +0,0 @@ -/********************************************************* - * Copyright (C) 2007-2016 VMware, Inc. All rights reserved. - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as published - * by the Free Software Foundation version 2.1 and no later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public - * License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - *********************************************************/ - -/* - * vmguestlib_version.h -- - * - * Version definitions for GuestLib. - */ - -#ifndef _VMGUESTLIB_VERSION_H_ -#define _VMGUESTLIB_VERSION_H_ - -/* - * This component's version is coupled with Tools versioning. The effect - * is that the version increments with each build, and with each Tools - * version bump. If and when it becomes necessary to version the component - * manually, make sure that the version is bumped any time the component or - * its dependencies are changed. - */ -#include "vm_tools_version.h" -#define VMGUESTLIB_VERSION_COMMAS TOOLS_VERSION_EXT_CURRENT_CSV -#define VMGUESTLIB_VERSION_STRING TOOLS_VERSION_EXT_CURRENT_STR - -#endif /* _VMGUESTLIB_VERSION_H_ */ diff --git a/open-vm-tools/vgauth/common/createToken.h b/open-vm-tools/vgauth/common/createToken.h deleted file mode 100644 index a62b32bad..000000000 --- a/open-vm-tools/vgauth/common/createToken.h +++ /dev/null @@ -1,36 +0,0 @@ -/********************************************************* - * Copyright (C) 2011-2016 VMware, Inc. All rights reserved. - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as published - * by the Free Software Foundation version 2.1 and no later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public - * License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - *********************************************************/ - -/** - * @file winToken.h -- - * - * NtCReateToken() support. - * - */ - - -#ifndef _VGAUTH_CREATE_TOKEN_H_ -#define _VGAUTH_CREATE_TOKEN_H_ - -#include - -// obsolete NtCreateToken() wrappers -HANDLE WinToken_Create(const gchar *user); -HANDLE WinTokenCreateImpl(const gchar *user); - -#endif // _VGAUTH_CREATE_TOKEN_H_ diff --git a/open-vm-tools/vgauth/common/s4u2self.h b/open-vm-tools/vgauth/common/s4u2self.h deleted file mode 100644 index ba2c8a987..000000000 --- a/open-vm-tools/vgauth/common/s4u2self.h +++ /dev/null @@ -1,33 +0,0 @@ -/********************************************************* - * Copyright (C) 2012-2016 VMware, Inc. All rights reserved. - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as published - * by the Free Software Foundation version 2.1 and no later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public - * License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - *********************************************************/ - -/** - * @file s4u2self.h -- - * - * Code to use the Windows Service-for-User-to-Self extension. - */ - - -#ifndef _VGAUTH_S4U2SELF_H_ -#define _VGAUTH_S4U2SELF_H_ - -#include - -DWORD Win_CreateS4UTokenForUser(const char *userName, HANDLE *userTokenRet); - -#endif // _VGAUTH_S4U2SELF_H_ diff --git a/open-vm-tools/vgauth/common/serviceUser.h b/open-vm-tools/vgauth/common/serviceUser.h deleted file mode 100644 index ae2f2f1f5..000000000 --- a/open-vm-tools/vgauth/common/serviceUser.h +++ /dev/null @@ -1,37 +0,0 @@ -/********************************************************* - * Copyright (C) 2012-2016 VMware, Inc. All rights reserved. - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as published - * by the Free Software Foundation version 2.1 and no later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public - * License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - *********************************************************/ - -/** - * @file serviceUser.h -- - * - * Functions to manipulate a local account with privileges - * to call NtCreateToken() - */ - - -#ifndef _VGAUTH_SERVICEUSER_H_ -#define _VGAUTH_SERVICEUSER_H_ - -#include - -extern BOOL WinServiceUser_CreateTokenAccount(void); -extern BOOL WinServiceUser_DeleteTokenAccount(void); -extern BOOL WinServiceUser_CreateTokenForUser(const char *userName, - HANDLE *userTokenRet); - -#endif // _VGAUTH_SERVICEUSER_H_ diff --git a/open-vm-tools/vgauth/public/VGAuthIdProvider.h b/open-vm-tools/vgauth/public/VGAuthIdProvider.h deleted file mode 100644 index 8f25de2df..000000000 --- a/open-vm-tools/vgauth/public/VGAuthIdProvider.h +++ /dev/null @@ -1,185 +0,0 @@ -/********************************************************* - * Copyright (C) 2011-2016 VMware, Inc. All rights reserved. - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as published - * by the Free Software Foundation version 2.1 and no later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public - * License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - *********************************************************/ - -/** - * @file VGAuthIdProvider.h - * - * Client library identity provider management API definitions. - * - * @addtogroup vgauth_id VGAuth Identity Management - * @{ - * - */ -#ifndef _VGAUTHIDPROVIDER_H_ -#define _VGAUTHIDPROVIDER_H_ - -#ifdef __cplusplus -extern "C" { -#endif - -#include "VGAuthCommon.h" - -/** - * The types of subjects. Any is a special case. - */ -typedef enum { - /** The Subject field in a SAML token must match in the token verification process. */ - VGAUTH_SUBJECT_NAMED, - - /** Any Subject field in a SAML token can be matched in the token verification process. */ - VGAUTH_SUBJECT_ANY, -} VGAuthSubjectType; - - -/** - * VGAuthSubject is either ANY or NAMED, in which case it contains - * the Subject name. - * - * When authenticating a SAML token, the Subject is used to determine - * what guest user the SAML token can be authenticated as. If no - * entry in the IdProvider store is found using that Subject, then - * if the special ANY subject exists in the identity store, that entry - * will be used. - */ -typedef struct VGAuthSubject { - VGAuthSubjectType type; /**< The subject type. */ - union { - char *name; /**< The subject name, if type VGAUTH_SUBJECT_NAMED */ - } val; -} VGAuthSubject; - - -/** - * VGAuthSubjectInfo combines a subject and a comment. Each subject can - * have its own comment describing its use. - */ -typedef struct VGAuthSubjectInfo { - VGAuthSubject subject; /**< The subject. */ - char *comment; /**< User-supplied data to describe the subject. */ -} VGAuthSubjectInfo; - - -/** - * Describes all subjects that are associated with a certficate. - */ -typedef struct VGAuthIdProvider { - char *pemCert; /**< The provider's certficate in PEM format. */ - int numInfos; - VGAuthSubjectInfo *infos; /**< The SubjectInfos associated with the - certificate. */ -} VGAuthIdProvider; - - -/** - * Describes an entry in the IdProvider mapping file. - */ -typedef struct VGAuthMappedIdentity { - char *pemCert; /**< The provider's certificate in PEM format. */ - int numSubjects; /**< The number of Subjects associated with - the mapping file entry. */ - VGAuthSubject *subjects; /**< The Subjects associated with - the mapping file entry. */ - - char *userName; /**< The username associated with the mapping file entry. */ -} VGAuthMappedIdentity; - - -/* - * Adds the given VGAuthSubjectInfo associated with the pemCert - * to the identity store of @a userName. - * - * If addMapping is TRUE, also create an entry in the mapping file from - * the cert and subject to @a userName. - */ -VGAuthError VGAuth_AddSubject(VGAuthContext *ctx, - const char *userName, - VGAuthBool addMapping, - const char *pemCert, - VGAuthSubjectInfo *si, - int numExtraParams, - const VGAuthExtraParams *extraParams); - -/* - * Removes the VGAuthSubjectInfo from the @a userName identity provider for @a - * subject, also removing any associated mapping entry. - */ -VGAuthError VGAuth_RemoveSubject(VGAuthContext *ctx, - const char *userName, - const char *pemCert, - VGAuthSubject *subject, - int numExtraParams, - const VGAuthExtraParams *extraParams); -/* - * Removes all VGAuthIdentities with the matching PEM certificate from - * the @a userName identity store for all subjects, also removing any associated - * mapping entry. - */ -VGAuthError VGAuth_RemoveCert(VGAuthContext *ctx, - const char *userName, - const char *pemCert, - int numExtraParams, - const VGAuthExtraParams *extraParams); - -/* - * Lists all the VGAuthIdProvider from the identity store belonging - * to @a userName. - */ -VGAuthError VGAuth_QueryIdProviders(VGAuthContext *ctx, - const char *userName, - int numExtraParams, - const VGAuthExtraParams *extraParams, - int *num, // OUT - VGAuthIdProvider **idList); // OUT - -/* - * Lists all the certificates/subject pairs in the mapping file and their - * associated user. - */ -VGAuthError VGAuth_QueryMappedIdentities(VGAuthContext *ctx, - int numExtraParams, - const VGAuthExtraParams *extraParams, - int *num, // OUT - VGAuthMappedIdentity **miList); // OUT - -/* - * Data structure cleanup functions. - */ - -/* - * Frees an array of VGAuthIdProvider. - */ -void VGAuth_FreeIdProviderList(int num, VGAuthIdProvider *idList); - -/* - * Frees a VGAuthVGAuthSubjectInfo and contents. - */ -void VGAuth_FreeSubjectInfo(VGAuthSubjectInfo *si); - -/* - * Frees an array of VGAuthMappedIdentity. - */ -void VGAuth_FreeMappedIdentityList(int num, VGAuthMappedIdentity *miList); - -/** @} */ - -#ifdef __cplusplus -} /* extern "C" */ -#endif - -#endif // _VGAUTHIDPROVIDER_H_ - diff --git a/open-vm-tools/vgauth/service/vgauthService_version.h b/open-vm-tools/vgauth/service/vgauthService_version.h deleted file mode 100644 index 9ce67e733..000000000 --- a/open-vm-tools/vgauth/service/vgauthService_version.h +++ /dev/null @@ -1,39 +0,0 @@ -/********************************************************* - * Copyright (C) 2013-2016 VMware, Inc. All rights reserved. - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as published - * by the Free Software Foundation version 2.1 and no later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public - * License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - *********************************************************/ - -/* - * vgauthService_version.h -- - * - * Version definitions for the vgauthService program - */ - -#ifndef _VGAUTHSERVICE_VERSION_H_ -#define _VGAUTHSERVICE_VERSION_H_ - -/* - * This component's version is coupled with Tools versioning. The effect - * is that the version increments with each build, and with each Tools - * version bump. If and when it becomes necessary to version the component - * manually, make sure that the version is bumped any time the component or - * its dependencies are changed. - */ -#include "vm_tools_version.h" -#define VGAUTHSERVICE_VERSION_COMMAS TOOLS_VERSION_EXT_CURRENT_CSV -#define VGAUTHSERVICE_VERSION_STRING TOOLS_VERSION_EXT_CURRENT_STR - -#endif /* _VGAUTHSERVICE_VERSION_H_ */ From 3a1ddef19024ac0ec767e6f71b10b999aa7489a1 Mon Sep 17 00:00:00 2001 From: Kruti Date: Fri, 7 Jun 2024 09:55:03 -0700 Subject: [PATCH 214/375] Change to common source file not directly applicable to open-vm-tools. --- open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c | 7 ++++--- open-vm-tools/vgauth/test/README.txt | 8 ++++---- 2 files changed, 8 insertions(+), 7 deletions(-) diff --git a/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c b/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c index 917e49f4b..10e5cc83d 100644 --- a/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c +++ b/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c @@ -1424,9 +1424,10 @@ VerifySignature(xmlDocPtr doc, * dsigCtx->status can be at the wrong offset. So * dump the value of status, which should be either * 1 (xmlSecDSigStatusSucceeded) or 2 (xmlSecDSigStatusInvalid). - * If its something else, that's a sign there's a - * build issue and XMLSEC_NO_SIZE_T may be set at one layer but - * not the other. + * If its something else, that could be a sign that there's a build issue + * and that libxmlsec1 is using a different size type than its callers. + * Please see xmlSecSize changelog in + * https://www.aleksey.com/xmlsec/news.html * */ if (dsigCtx->status != xmlSecDSigStatusSucceeded) { diff --git a/open-vm-tools/vgauth/test/README.txt b/open-vm-tools/vgauth/test/README.txt index ae1d8a462..55790a8e0 100644 --- a/open-vm-tools/vgauth/test/README.txt +++ b/open-vm-tools/vgauth/test/README.txt @@ -31,7 +31,7 @@ * - SAML verification failed to init (xmlsec1 build issues) * - token fails to validate * - this test was run after 12/18/3015 - * - xmlsec1-config lies about how xmlsec1 was built - * some packages leave out -DXMLSEC_NO_SIZE_T, - * which can make some data structures a different size - * than in the library + * - libxmlsec1 may have been built using a different size type than + * its callers, which can make some data structures a different size + * than in the library. See xmlSecSize changelog in + * https://www.aleksey.com/xmlsec/news.html From 355c7a60cd6c323c290487a4ff4f290f84a3e913 Mon Sep 17 00:00:00 2001 From: Kruti Date: Fri, 7 Jun 2024 09:55:03 -0700 Subject: [PATCH 215/375] Verify the xmlsec version before passing the compiler flag "-DXMLSEC_NO_SIZE_T", as it has been deprecated since 1.3.3. The configure option "--enable-size-t" has been set to yes by default starting with 1.3.0. version < 1.3.0 : Add "-DXMLSEC_NO_SIZE_T" if size_t has a size other than 4 bytes. (There was no enable-size-t before 1.2.35 and the enable-size-t is "no" by default in [1.2.35, 1.3.0)) version >= 1.3.0 : Do not add "-DXMLSEC_NO_SIZE_T" (as enable-size-t is "yes" by default in version [1.3.0, 1.3.3) and no need to consider this option since 1.3.3) --- open-vm-tools/configure.ac | 23 +++++++++++++++++++---- 1 file changed, 19 insertions(+), 4 deletions(-) diff --git a/open-vm-tools/configure.ac b/open-vm-tools/configure.ac index 0bd0db12c..51a3da50d 100644 --- a/open-vm-tools/configure.ac +++ b/open-vm-tools/configure.ac @@ -1,5 +1,6 @@ ################################################################################ -### Copyright (c) 2007-2023 VMware, Inc. All rights reserved. +### Copyright (c) 2007-2024 Broadcom. All Rights Reserved. +### The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. ### ### Configure script for building the VMware OSS Tools. ### @@ -868,8 +869,13 @@ if test "$enable_vgauth" = "yes" ; then [AC_VMW_LIB_ERROR([XML2], [xml2])]) # Multiple distros built xmlsec1 with -DXMLSEC_NO_SIZE_T but -# their xmlssec1-config --cflags doesn't properly report it, -# so force it on. +# their xmlssec1-config --cflags doesn't properly report it. +# Force it on following the xmlSecSize changelog in below link: +# https://www.aleksey.com/xmlsec/news.html +# The xmlsec configure flag "enable_size_t" is "yes" by default +# since 1.3.0, and both the configure flag and CPP flag has been +# deprecated since 1.3.3, which means the size_t is used by default +# and no need to add CPP flag -DXMLSEC_NO_SIZE_T since 1.3.0. AC_VMW_DEFAULT_FLAGS([XMLSEC1]) AC_VMW_CHECK_LIB([xmlsec1], [XMLSEC1], @@ -878,7 +884,16 @@ if test "$enable_vgauth" = "yes" ; then [], [xmlsec/xmlsec.h], [xmlSecCheckVersionExt], - [XMLSEC1_CPPFLAGS="$XMLSEC1_CPPFLAGS -DXMLSEC_NO_SIZE_T"], + [XMLSEC1_VER=`pkg-config --modversion xmlsec1` + xmlsec1_major_version="`echo $XMLSEC1_VER | cut -f1 -d. | cut -f1 -d-`" + xmlsec1_minor_version="`echo $XMLSEC1_VER | cut -f2 -d. | cut -f1 -d-`" + xmlsec1_micro_version="`echo $XMLSEC1_VER | cut -f3 -d. | cut -f1 -d-`" + xmlsec1_version=`printf '%02d%02d%02d' $xmlsec1_major_version $xmlsec1_minor_version $xmlsec1_micro_version` + AC_CHECK_SIZEOF(size_t) + if test "$xmlsec1_version" -lt 010300 -a "$ac_cv_sizeof_size_t" -ne 4 ; then + XMLSEC1_CPPFLAGS="$XMLSEC1_CPPFLAGS -DXMLSEC_NO_SIZE_T" + fi + ], [AC_VMW_LIB_ERROR([XMLSEC1], [xmlsec1])]) fi From 881bbcb49fb435957ba3c2cf47aad460fa53a352 Mon Sep 17 00:00:00 2001 From: Kruti Date: Fri, 7 Jun 2024 09:55:03 -0700 Subject: [PATCH 216/375] Fix LOCK_EVASION issue found by Coverity scan. fileLogger.c -- 2 issues reported in file issue: MultiReader/SingleWriter lock race conditions between assign and check. fix: Mitigation more than fix. issue: Coverity seems confused by the MR/SW lock, but there is some data field assignment performed under the wrong lock to clean up. fix: Move assignment made under Read lock to Write lock. Moved setting the data->error status inside of writer lock block. Added re-checking the data->error status at reader -> writer and writer -> reader lock transitions. --- open-vm-tools/vgauth/service/fileLogger.c | 21 +++++++++++++++------ 1 file changed, 15 insertions(+), 6 deletions(-) diff --git a/open-vm-tools/vgauth/service/fileLogger.c b/open-vm-tools/vgauth/service/fileLogger.c index e38007700..49f60da43 100644 --- a/open-vm-tools/vgauth/service/fileLogger.c +++ b/open-vm-tools/vgauth/service/fileLogger.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 2011-2019 VMware, Inc. All rights reserved. + * Copyright (c) 2011-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -233,14 +234,17 @@ ServiceFileLogger_Log(const gchar *domain, */ g_rw_lock_reader_unlock(&data->lock); g_rw_lock_writer_lock(&data->lock); - if (data->file == NULL) { + if (data->file == NULL && !data->error) { data->file = ServiceFileLoggerOpen(data); + if (data->file == NULL) { + data->error = TRUE; + fprintf(stderr, "Unable to open log file %s\n", data->path); + } } g_rw_lock_writer_unlock(&data->lock); g_rw_lock_reader_lock(&data->lock); - if (data->file == NULL) { - data->error = TRUE; - fprintf(stderr, "Unable to open log file %s\n", data->path); + if (data->error) { + /* Error set here or in another thread */ goto exit; } } @@ -258,10 +262,15 @@ ServiceFileLogger_Log(const gchar *domain, /* Drop the reader lock, grab the writer lock and re-check. */ g_rw_lock_reader_unlock(&data->lock); g_rw_lock_writer_lock(&data->lock); - if (g_atomic_int_get(&data->logSize) >= data->maxSize) { + if (!data->error && data->file != NULL && + g_atomic_int_get(&data->logSize) >= data->maxSize) { fclose(data->file); data->append = FALSE; data->file = ServiceFileLoggerOpen(data); + if (data->file == NULL) { + data->error = TRUE; + fprintf(stderr, "Unable to reopen log file %s\n", data->path); + } } g_rw_lock_writer_unlock(&data->lock); g_rw_lock_reader_lock(&data->lock); From c7c731c64bc708d8f2ad25ec88011d735c900c5b Mon Sep 17 00:00:00 2001 From: Kruti Date: Fri, 7 Jun 2024 09:55:03 -0700 Subject: [PATCH 217/375] Stop the glib based logging to avoid nested logging from RpcChannel error. --- open-vm-tools/libvmtools/vmtoolsLog.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/open-vm-tools/libvmtools/vmtoolsLog.c b/open-vm-tools/libvmtools/vmtoolsLog.c index 3560080fc..d5f41b652 100644 --- a/open-vm-tools/libvmtools/vmtoolsLog.c +++ b/open-vm-tools/libvmtools/vmtoolsLog.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 2008-2021 VMware, Inc. All rights reserved. + * Copyright (c) 2008-2021,2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -2670,15 +2671,17 @@ VMTools_TeardownVmxGuestLog(void) /* * Acquire the same locks as VMTools_SetupVmxGuestLog. + * Stop the glib based logging to avoid nested logging + * from RpcChannel error. */ VMTools_AcquireLogStateLock(); - + StopGlibLogging(); g_rec_mutex_lock(&gVmxGuestLogMutex); DestroyRpcChannel(); g_rec_mutex_unlock(&gVmxGuestLogMutex); - + RestartGlibLogging(); VMTools_ReleaseLogStateLock(); } From ae9222da00e2d6f2214c04df17f2399e19fd0b06 Mon Sep 17 00:00:00 2001 From: Kruti Date: Fri, 7 Jun 2024 09:55:03 -0700 Subject: [PATCH 218/375] ProcManagerPosix.c: Direct child process's logs to stdio. Mutexes in lib/libvmtools/vmtoolsLog.c and glib could have been locked at fork time. The vmtoolsLog.c Debug(), Warning() and Panic()functions are not safe for child processes. - Direct the offspring process's logs to stdio. - Terminate the offspring process with _exit() or abort(). --- open-vm-tools/lib/procMgr/procMgrPosix.c | 218 +++++++++++++++++++---- 1 file changed, 186 insertions(+), 32 deletions(-) diff --git a/open-vm-tools/lib/procMgr/procMgrPosix.c b/open-vm-tools/lib/procMgr/procMgrPosix.c index 5a3f0d451..e761489cc 100644 --- a/open-vm-tools/lib/procMgr/procMgrPosix.c +++ b/open-vm-tools/lib/procMgr/procMgrPosix.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 1998-2022 VMware, Inc. All rights reserved. + * Copyright (c) 1998-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -103,6 +104,8 @@ static int const cSignals[] = { SIGUSR2, }; +static Bool gOffspringProcess = FALSE; + /* * Keeps track of the posix async proc info. @@ -142,6 +145,144 @@ Bool ProcMgr_PromoteEffectiveToReal(void); #endif +/* + * Mutexes in bora-vmsoft/apps/vmtoolslib/vmtoolsLog.c and glib could have + * been locked at fork time. vmtoolsLog.c Debug, Warning and Panic functions + * are not safe for offspring processes. A straightforward alternative for + * offspring process code paths is to invoke SAFE_DEBUG, SAFE_WARNING and + * SAFE_PANIC. +*/ + +#define SAFE_DEBUG(fmt, ...) \ + if (gOffspringProcess) { \ + OffspringDebug(fmt, ## __VA_ARGS__); \ + } else { \ + Debug(fmt, ## __VA_ARGS__); \ + } + +#define SAFE_WARNING(fmt, ...) \ + if (gOffspringProcess) { \ + OffspringWarning(fmt, ## __VA_ARGS__); \ + } else { \ + Warning(fmt, ## __VA_ARGS__); \ + } + + +/* + *---------------------------------------------------------------------- + * + * OffspringDebug -- + * + * Called by offspring processes to print a debug message to stdout. + * + * Results: + * None + * + * Side effects: + * None + * + *---------------------------------------------------------------------- + */ + +static void +OffspringDebug(const char *fmt, ...) +{ + va_list args; + + va_start(args, fmt); + vfprintf(stdout, fmt, args); + va_end(args); +} + + +/* + *---------------------------------------------------------------------- + * + * OffspringWarning -- + * + * Called by offspring processes to print a warning message to stderr. + * + * Results: + * None + * + * Side effects: + * None + * + *---------------------------------------------------------------------- + */ + +static void +OffspringWarning(const char *fmt, ...) +{ + va_list args; + + va_start(args, fmt); + vfprintf(stderr, fmt, args); + va_end(args); +} + + +#if !defined(USERWORLD) + +#define SAFE_PANIC(fmt, ...) \ + if (gOffspringProcess) { \ + OffspringPanic(fmt, ## __VA_ARGS__); \ + } else { \ + Panic(fmt, ## __VA_ARGS__); \ + } + + +/* + *---------------------------------------------------------------------- + * + * OffspringPanic -- + * + * Called by offspring processes to print an error message to stderr + * and abort. + * + * Results: + * None + * + * Side effects: + * None + * + *---------------------------------------------------------------------- + */ + +static void +OffspringPanic(const char *fmt, ...) +{ + char cwd[PATH_MAX]; + va_list args; + + va_start(args, fmt); + vfprintf(stderr, fmt, args); + va_end(args); + + /* + * Refer to bora-vmsoft/apps/vmtoolslib/vmtoolsLog.c::VMToolsLogPanic + */ + if (getcwd(cwd, sizeof cwd) != NULL) { + if (access(cwd, W_OK) == -1) { + /* + * Can't write to the working dir. chdir() to the user's home + * directory as an attempt to get a valid core dump. + */ + const char *home = getenv("HOME"); + if (home != NULL) { + if (chdir(home)) { + /* Just to make glibc headers happy. */ + } + } + } + } + + abort(); +} + +#endif + + /* *---------------------------------------------------------------------- * @@ -1436,13 +1577,13 @@ ProcMgrStartProcess(char const *cmd, // IN: UTF-8 encoded cmd */ if (!CodeSet_Utf8ToCurrent(cmd, strlen(cmd), &cmdCurrent, NULL)) { - Warning("Could not convert from UTF-8 to current\n"); + SAFE_WARNING("Could not convert from UTF-8 to current\n"); return -1; } if ((NULL != workingDir) && !CodeSet_Utf8ToCurrent(workingDir, strlen(workingDir), &workDir, NULL)) { - Warning("Could not convert workingDir from UTF-8 to current\n"); + SAFE_WARNING("Could not convert workingDir from UTF-8 to current\n"); return -1; } @@ -1485,7 +1626,7 @@ ProcMgrStartProcess(char const *cmd, // IN: UTF-8 encoded cmd pid = fork(); if (pid == -1) { - Warning("Unable to fork: %s.\n\n", strerror(errno)); + SAFE_WARNING("Unable to fork: %s.\n\n", strerror(errno)); } else if (pid == 0) { static const char bashShellPath[] = BASH_PATH; char *bashArgs[] = { "bash", "-c", cmdCurrent, NULL }; @@ -1494,6 +1635,11 @@ ProcMgrStartProcess(char const *cmd, // IN: UTF-8 encoded cmd const char *shellPath; char **args; + /* + * Child + */ + gOffspringProcess = TRUE; + /* * Check bug 772203. To start the program, we start the shell * and specify the program using the option '-c'. We should return the @@ -1518,10 +1664,6 @@ ProcMgrStartProcess(char const *cmd, // IN: UTF-8 encoded cmd args = bourneArgs; } - /* - * Child - */ - #ifdef __APPLE__ /* * On OS X with security fixes, we cannot revert the real uid if @@ -1533,14 +1675,15 @@ ProcMgrStartProcess(char const *cmd, // IN: UTF-8 encoded cmd * root. */ if (!ProcMgr_PromoteEffectiveToReal()) { - Panic("%s: Could not set real uid to effective\n", __FUNCTION__); + SAFE_PANIC("%s: Could not set real uid to effective\n", + __FUNCTION__); } #endif if (NULL != workDir) { if (chdir(workDir) != 0) { - Warning("%s: Could not chdir(%s) %s\n", __FUNCTION__, workDir, - strerror(errno)); + SAFE_WARNING("%s: Could not chdir(%s) %s\n", __FUNCTION__, + workDir, strerror(errno)); } } @@ -1551,8 +1694,8 @@ ProcMgrStartProcess(char const *cmd, // IN: UTF-8 encoded cmd } /* Failure */ - Panic("Unable to execute the \"%s\" shell command: %s.\n\n", - cmd, strerror(errno)); + SAFE_PANIC("Unable to execute the \"%s\" shell command: %s.\n\n", + cmd, strerror(errno)); } #endif @@ -1612,8 +1755,8 @@ ProcMgrWaitForProcCompletion(pid_t pid, // IN continue; } - Warning("Unable to wait for the process %"FMTPID" to terminate: " - "%s.\n\n", pid, strerror(errno)); + SAFE_WARNING("Unable to wait for the process %"FMTPID" to terminate: " + "%s.\n\n", pid, strerror(errno)); return FALSE; } @@ -1625,8 +1768,8 @@ ProcMgrWaitForProcCompletion(pid_t pid, // IN retVal = (WIFEXITED(childStatus) && WEXITSTATUS(childStatus) == 0); - Debug("Done waiting for process: %"FMTPID" (%s)\n", pid, - retVal ? "success" : "failure"); + SAFE_DEBUG("Done waiting for process: %"FMTPID" (%s)\n", pid, + retVal ? "success" : "failure"); return retVal; } @@ -1686,6 +1829,7 @@ ProcMgr_ExecAsync(char const *cmd, // IN: UTF-8 command line /* * Child */ + gOffspringProcess = TRUE; /* * shut down everything but stdio and the pipe() we just made. @@ -1702,6 +1846,16 @@ ProcMgr_ExecAsync(char const *cmd, // IN: UTF-8 command line } } + close(readFd); + + /* + * Child should not invoke parent's logging facilities as logging mutex + * could have been locked at fork time. Also, logging file descriptors + * have already been closed now. + * Child shall terminate with _exit() or abort() to avoid calling any + * functions registered with atexit() or on_exit() in the parent. + */ + if (Signal_SetGroupHandler(cSignals, olds, ARRAYSIZE(cSignals), #ifndef sun SIG_DFL @@ -1712,15 +1866,14 @@ ProcMgr_ExecAsync(char const *cmd, // IN: UTF-8 command line status = FALSE; } - close(readFd); - /* * Only run the program if we have not already experienced a failure. */ if (status) { childPid = ProcMgrStartProcess(cmd, userArgs ? userArgs->envp : NULL, - userArgs ? userArgs->workingDirectory : NULL); + userArgs ? userArgs->workingDirectory : + NULL); status = childPid != -1; } @@ -1729,14 +1882,14 @@ ProcMgr_ExecAsync(char const *cmd, // IN: UTF-8 command line * report the result pid back synchronously. */ if (write(writeFd, &childPid, sizeof childPid) == -1) { - Warning("Waiter unable to write back to parent.\n"); + SAFE_WARNING("Waiter unable to write back to parent.\n"); /* * This is quite bad, since the original process will block * waiting for data. Unfortunately, there isn't much to do * (other than trying some other IPC mechanism). */ - exit(-1); + _exit(-1); } if (status) { @@ -1745,35 +1898,36 @@ ProcMgr_ExecAsync(char const *cmd, // IN: UTF-8 command line * finishes executing. */ ASSERT(pid != -1); - status = ProcMgrWaitForProcCompletion(childPid, &validExitCode, &exitCode); + status = ProcMgrWaitForProcCompletion(childPid, &validExitCode, + &exitCode); } /* * We always have to send IPC back to caller, so that it does not * block waiting for data we'll never send. */ - Debug("Writing the command %s a success to fd %x\n", - status ? "was" : "was not", writeFd); + SAFE_DEBUG("Writing the command %s a success to fd %x\n", + status ? "was" : "was not", writeFd); if (write(writeFd, &status, sizeof status) == -1) { - Warning("Waiter unable to write back to parent\n"); + SAFE_WARNING("Waiter unable to write back to parent\n"); /* * This is quite bad, since the original process will block * waiting for data. Unfortunately, there isn't much to do * (other than trying some other IPC mechanism). */ - exit(-1); + _exit(-1); } if (write(writeFd, &exitCode, sizeof exitCode) == -1) { - Warning("Waiter unable to write back to parent\n"); + SAFE_WARNING("Waiter unable to write back to parent\n"); /* * This is quite bad, since the original process will block * waiting for data. Unfortunately, there isn't much to do * (other than trying some other IPC mechanism). */ - exit(-1); + _exit(-1); } close(writeFd); @@ -1789,7 +1943,7 @@ ProcMgr_ExecAsync(char const *cmd, // IN: UTF-8 command line exitCode = 0; } - exit(exitCode); + _exit(exitCode); } /* @@ -2460,12 +2614,12 @@ ProcMgr_PromoteEffectiveToReal(void) ret = setregid(gid, gid); if (ret < 0) { - Warning("Failed to setregid(%d) %d\n", gid, errno); + SAFE_WARNING("Failed to setregid(%d) %d\n", gid, errno); return FALSE; } ret = setreuid(uid, uid); if (ret < 0) { - Warning("Failed to setreuid(%d) %d\n", uid, errno); + SAFE_WARNING("Failed to setreuid(%d) %d\n", uid, errno); return FALSE; } From d87a3da2f1d60973cb67e6e65b38cb372b8397ef Mon Sep 17 00:00:00 2001 From: Kruti Date: Fri, 7 Jun 2024 09:55:03 -0700 Subject: [PATCH 219/375] Fix copyright years. --- open-vm-tools/libvmtools/vmtoolsLog.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/open-vm-tools/libvmtools/vmtoolsLog.c b/open-vm-tools/libvmtools/vmtoolsLog.c index d5f41b652..eb3e699e8 100644 --- a/open-vm-tools/libvmtools/vmtoolsLog.c +++ b/open-vm-tools/libvmtools/vmtoolsLog.c @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (c) 2008-2021,2024 Broadcom. All rights reserved. + * Copyright (c) 2008-2024 Broadcom. All rights reserved. * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it From 58c7fbfadca63bb61a793ae558f686a42e876505 Mon Sep 17 00:00:00 2001 From: Kruti Date: Fri, 7 Jun 2024 09:55:04 -0700 Subject: [PATCH 220/375] Maintain compatibility with libxml2.12.5 and later. --- open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c b/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c index 10e5cc83d..8572a7110 100644 --- a/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c +++ b/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c @@ -432,14 +432,6 @@ SAML_Init(void) */ LIBXML_TEST_VERSION - /* - * Tell libxml to do ID/REF lookups - * Tell libxml to complete attributes with defaults from the DTDs - */ - xmlLoadExtDtdDefaultValue = XML_DETECT_IDS | XML_COMPLETE_ATTRS; - xmlSubstituteEntitiesDefault(1); - - /* set up the xml2 error handler */ xmlSetGenericErrorFunc(NULL, XmlErrorHandler); @@ -1524,7 +1516,13 @@ VerifySAMLToken(const gchar *token, strlen(token), NULL, NULL, 0); #else - doc = xmlParseMemory(token, (int)strlen(token)); + /* + * Tell libxml to substitute the entities (XML_PARSE_NOENT). + * Tell libxml to load the external DTD (XML_PARSE_DTDLOAD). + * Tell libxml to add default attributes from the DTD (XML_PARSE_DTDATTR). + */ + doc = xmlReadMemory(token, (int)strlen(token), NULL, NULL, + XML_PARSE_NOENT | XML_PARSE_DTDATTR | XML_PARSE_DTDLOAD); #endif if ((NULL == doc) || (xmlDocGetRootElement(doc) == NULL)) { g_warning("Failed to parse document\n"); From e7e74316e2dc30c2f406ff31b63e34d7f8c6915b Mon Sep 17 00:00:00 2001 From: Kruti Date: Fri, 7 Jun 2024 09:55:04 -0700 Subject: [PATCH 221/375] [Coverity]: Fixes for issues found from static application security testing Adding coverity escapes for false-positive issues. hgfsServerParameters.c -- 1 issue reported. issue: Overrunning array of 5 bytes at byte offset 5 by dereferencing pointer "newName". impact: False-Positive fix: suppress 'overrun-local' vmhgfs-fuse/file.c -- 2 issues reported. issue: Overrunning array of n bytes at byte offset n by dereferencing pointer "newNameP" (n is 17 and 5 respectively for those 2 locations where the issue occured). impact: False-Positive fix: suppress 'overrun-local' vmhgfs-fuse/link.c -- 2 issues reported. issue: Overrunning array of n bytes at byte offset n by dereferencing pointer "fileNameP" (n is 17 and 5 respectively for those 2 locations where the issue occured). impact: False-Positive fix: suppress 'overrun-local' vmhgfs-fuse/transport.c -- 1 issue reported. issue: uninit_use_in_call: Using uninitialized value "reply" while calling HgfsCompleteReq() function. impact: Bug fix: Remove function, it is unused/dead code (transport.h too). --- .../lib/hgfsServer/hgfsServerParameters.c | 10 ++++- open-vm-tools/vmhgfs-fuse/file.c | 13 ++++++- open-vm-tools/vmhgfs-fuse/link.c | 15 ++++++- open-vm-tools/vmhgfs-fuse/transport.c | 39 +------------------ open-vm-tools/vmhgfs-fuse/transport.h | 4 +- 5 files changed, 39 insertions(+), 42 deletions(-) diff --git a/open-vm-tools/lib/hgfsServer/hgfsServerParameters.c b/open-vm-tools/lib/hgfsServer/hgfsServerParameters.c index 8b601829c..9836a3fea 100644 --- a/open-vm-tools/lib/hgfsServer/hgfsServerParameters.c +++ b/open-vm-tools/lib/hgfsServer/hgfsServerParameters.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 2010-2019 VMware, Inc. All rights reserved. + * Copyright (c) 2010-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -1968,6 +1969,13 @@ HgfsUnpackRenamePayloadV2(const HgfsRequestRenameV2 *requestV2, // IN: request p } else { newName = (const HgfsFileName *)((char *)(&requestV2->oldName + 1) + *cpOldNameLen); + /* + * The HgfsRequestRenameV2 structure overlay on the data has the old and + * new data interlaced rather. The newName pointer in the data is + * calculated as an offset from the oldName field. This confuses Coverity, + * there is no overrun here. + */ + /* coverity[overrun-local] */ if (!HgfsUnpackFileName(newName, extra, cpNewName, diff --git a/open-vm-tools/vmhgfs-fuse/file.c b/open-vm-tools/vmhgfs-fuse/file.c index f0323095a..b9b9a933f 100644 --- a/open-vm-tools/vmhgfs-fuse/file.c +++ b/open-vm-tools/vmhgfs-fuse/file.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 2013,2018-2019, 2023 VMware, Inc. All rights reserved. + * Copyright (c) 2013-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -1038,6 +1039,11 @@ HgfsRename(const char* from, const char* to) result = -EINVAL; goto out; } + /* + * The usage of the space allocated in req early in the function is kept + * in reqSize. If oldName length was 0 we're not causing an overrun. + */ + /* coverity[overrun-local] */ newNameP->length = result; reqSize += result; newNameP->flags = 0; @@ -1060,6 +1066,11 @@ HgfsRename(const char* from, const char* to) result = -EINVAL; goto out; } + /* + * The usage of the space allocated in req early in the function is kept + * in reqSize. If oldName length was 0 we're not causing an overrun. + */ + /* coverity[overrun-local] */ newNameP->length = result; reqSize += result; } diff --git a/open-vm-tools/vmhgfs-fuse/link.c b/open-vm-tools/vmhgfs-fuse/link.c index 3a6fc912c..9a607ca51 100644 --- a/open-vm-tools/vmhgfs-fuse/link.c +++ b/open-vm-tools/vmhgfs-fuse/link.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 2013,2019 VMware, Inc. All rights reserved. + * Copyright (c) 2013-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -90,6 +91,12 @@ HgfsPackSymlinkCreateRequest(const char* symlink, // IN: path of the link LOG(6, ("Target name: \"%s\"\n", fileNameP->name)); /* Convert target name to CPName-lite format. */ CPNameLite_ConvertTo(fileNameP->name, targetNameBytes - 1, '/'); + /* + * The req size is always sufficient to hold the request data. + * There is no overrun here, coverity has issue with how the data is + * packed (name fields data are interlaced). + */ + /* coverity[overrun-local] */ fileNameP->length = targetNameBytes - 1; fileNameP->flags = 0; fileNameP->fid = HGFS_INVALID_HANDLE; @@ -125,6 +132,12 @@ HgfsPackSymlinkCreateRequest(const char* symlink, // IN: path of the link LOG(6, ("Target name: \"%s\"\n", fileNameP->name)); /* Convert target name to CPName-lite format. */ CPNameLite_ConvertTo(fileNameP->name, targetNameBytes - 1, '/'); + /* + * The req size is always sufficient to hold the request data. + * There is no overrun here, coverity has issue with how the data is + * packed (name fields data are interlaced). + */ + /* coverity[overrun-local] */ fileNameP->length = targetNameBytes - 1; break; } diff --git a/open-vm-tools/vmhgfs-fuse/transport.c b/open-vm-tools/vmhgfs-fuse/transport.c index 22fa5a070..4ba451a5d 100644 --- a/open-vm-tools/vmhgfs-fuse/transport.c +++ b/open-vm-tools/vmhgfs-fuse/transport.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 2013,2019 VMware, Inc. All rights reserved. + * Copyright (c) 2013-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -266,42 +267,6 @@ HgfsTransportProcessPacket(char *receivedPacket, //IN: received packet } -/* - *---------------------------------------------------------------------- - * - * HgfsTransportBeforeExitingRecvThread -- - * - * The cleanup work to do before the recv thread exits, including - * completing pending requests with error. - * - * Results: - * None - * - * Side effects: - * None - * - *---------------------------------------------------------------------- - */ - -void -HgfsTransportBeforeExitingRecvThread(void) -{ - struct list_head *cur, *next; - - /* Walk through gHgfsPendingRequests queue and reply them with error. */ - pthread_mutex_lock(&gHgfsPendingRequestsLock); - list_for_each_safe(cur, next, &gHgfsPendingRequests) { - HgfsReq *req; - HgfsReply reply; - - req = list_entry(cur, HgfsReq, list); - LOG(6, ("Injecting error reply to req id: %d\n", req->id)); - HgfsCompleteReq(req, (char *)&reply, sizeof reply); - } - pthread_mutex_unlock(&gHgfsPendingRequestsLock); -} - - /* *---------------------------------------------------------------------- * diff --git a/open-vm-tools/vmhgfs-fuse/transport.h b/open-vm-tools/vmhgfs-fuse/transport.h index e8d92e05b..49b8677c5 100644 --- a/open-vm-tools/vmhgfs-fuse/transport.h +++ b/open-vm-tools/vmhgfs-fuse/transport.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 2013 VMware, Inc. All rights reserved. + * Copyright (c) 2013-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -58,6 +59,5 @@ void HgfsTransportExit(void); int HgfsTransportSendRequest(HgfsReq *req); void HgfsTransportProcessPacket(char *receivedPacket, size_t receivedSize); -void HgfsTransportBeforeExitingRecvThread(void); #endif // _HGFS_DRIVER_TRANSPORT_H_ From de8328ede8e7fd864e3d3cd677eab499514494e5 Mon Sep 17 00:00:00 2001 From: Kruti Date: Fri, 7 Jun 2024 10:08:25 -0700 Subject: [PATCH 222/375] Update the ChangeLog file with the changes in the 12.4.5 open-vm-tools release. - plus the 12.4.0 open-vm-tools release point in the ChangeLog. --- open-vm-tools/ChangeLog | 270 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 270 insertions(+) diff --git a/open-vm-tools/ChangeLog b/open-vm-tools/ChangeLog index 2717017e8..dd8c62766 100644 --- a/open-vm-tools/ChangeLog +++ b/open-vm-tools/ChangeLog @@ -1,3 +1,273 @@ +commit e7e74316e2dc30c2f406ff31b63e34d7f8c6915b +Author: Kruti +Date: Fri Jun 7 09:55:04 2024 -0700 + + [Coverity]: Fixes for issues found from static application security testing + + Adding coverity escapes for false-positive issues. + + hgfsServerParameters.c -- 1 issue reported. + issue: Overrunning array of 5 bytes at byte offset 5 by dereferencing + pointer "newName". + impact: False-Positive + fix: suppress 'overrun-local' + + vmhgfs-fuse/file.c -- 2 issues reported. + issue: Overrunning array of n bytes at byte offset n by dereferencing + pointer "newNameP" (n is 17 and 5 respectively for those 2 locations + where the issue occured). + impact: False-Positive + fix: suppress 'overrun-local' + + vmhgfs-fuse/link.c -- 2 issues reported. + issue: Overrunning array of n bytes at byte offset n by dereferencing + pointer "fileNameP" (n is 17 and 5 respectively for those 2 locations + where the issue occured). + impact: False-Positive + fix: suppress 'overrun-local' + + vmhgfs-fuse/transport.c -- 1 issue reported. + issue: uninit_use_in_call: Using uninitialized value "reply" while calling + HgfsCompleteReq() function. + impact: Bug + fix: Remove function, it is unused/dead code (transport.h too). + +commit 58c7fbfadca63bb61a793ae558f686a42e876505 +Author: Kruti +Date: Fri Jun 7 09:55:04 2024 -0700 + + Maintain compatibility with libxml2.12.5 and later. + +commit d87a3da2f1d60973cb67e6e65b38cb372b8397ef +Author: Kruti +Date: Fri Jun 7 09:55:03 2024 -0700 + + Fix copyright years. + +commit ae9222da00e2d6f2214c04df17f2399e19fd0b06 +Author: Kruti +Date: Fri Jun 7 09:55:03 2024 -0700 + + ProcManagerPosix.c: Direct child process's logs to stdio. + + Mutexes in lib/libvmtools/vmtoolsLog.c and glib could have been locked + at fork time. The vmtoolsLog.c Debug(), Warning() and Panic()functions + are not safe for child processes. + - Direct the offspring process's logs to stdio. + - Terminate the offspring process with _exit() or abort(). + +commit c7c731c64bc708d8f2ad25ec88011d735c900c5b +Author: Kruti +Date: Fri Jun 7 09:55:03 2024 -0700 + + Stop the glib based logging to avoid nested logging from RpcChannel error. + +commit 881bbcb49fb435957ba3c2cf47aad460fa53a352 +Author: Kruti +Date: Fri Jun 7 09:55:03 2024 -0700 + + Fix LOCK_EVASION issue found by Coverity scan. + + fileLogger.c -- 2 issues reported in file + issue: MultiReader/SingleWriter lock race conditions between assign and + check. + fix: Mitigation more than fix. + + issue: Coverity seems confused by the MR/SW lock, but there is some data + field assignment performed under the wrong lock to clean up. + fix: Move assignment made under Read lock to Write lock. + + Moved setting the data->error status inside of writer lock block. + + Added re-checking the data->error status at reader -> writer and + writer -> reader lock transitions. + +commit 355c7a60cd6c323c290487a4ff4f290f84a3e913 +Author: Kruti +Date: Fri Jun 7 09:55:03 2024 -0700 + + Verify the xmlsec version before passing the compiler + flag "-DXMLSEC_NO_SIZE_T", as it has been deprecated since 1.3.3. + + The configure option "--enable-size-t" has been set to yes by default starting + with 1.3.0. + + version < 1.3.0 : + Add "-DXMLSEC_NO_SIZE_T" if size_t has a size other than 4 bytes. + (There was no enable-size-t before 1.2.35 and the enable-size-t is + "no" by default in [1.2.35, 1.3.0)) + version >= 1.3.0 : + Do not add "-DXMLSEC_NO_SIZE_T" (as enable-size-t is "yes" by + default in version [1.3.0, 1.3.3) and no need to consider this + option since 1.3.3) + +commit 3a1ddef19024ac0ec767e6f71b10b999aa7489a1 +Author: Kruti +Date: Fri Jun 7 09:55:03 2024 -0700 + + Change to common source file not directly applicable to open-vm-tools. + +commit 642f553a707c6b8ac0bb8064fe1a96fdeaf66043 +Author: Kruti +Date: Fri Jun 7 09:55:03 2024 -0700 + + Remove unused header files from the open-vm-tools source bundle. + +commit 4854674e3bce20215f313d5d1049654a468337ef +Author: Kruti +Date: Fri Jun 7 09:55:03 2024 -0700 + + [Coverity]: UNINIT in resolutionSet finding from static application + security testing (SAST) + + resolutionSet.c -- 1 issue reported in the file + issue: capabilityArray not initialized or partially initialized when + reaching the statement. + impact: False-positive + fix: suppress 'uninit_use_in_call' + + VMTools_WrapArray converts the capabilityArray to a GArray. + The 'wrapped' array is allocated space for capabilityCount elements and + only the first capabilityCount elements are COPIED from capabilityArray + to the allocated GArray. As such, the uninitialized elements of the + capabilityArray are never used to generate the returned GArray. While + technically true (uninitialized) there is no reason to zero the array + indexes from capabilityCount through to the end of the array as these + elements are unused. + +commit 7db39873858ca26a285d5690ef25c0ffdb0d437d +Author: Kruti +Date: Fri Jun 7 09:55:03 2024 -0700 + + Update NetworkManager calls in suspend/resume scripts. + + Revise the NetworkManager calls in the Linux network script to + prefer using the Sleep method over the "Enable" method being used + to work around a bug in version 0.9.0. + + Pull request: https://github.com/vmware/open-vm-tools/pull/699 + Issue: https://github.com/vmware/open-vm-tools/issues/426 + +commit 0d4abd5e8b920058685199adc356836d0e4dd7f3 +Author: Kruti +Date: Fri Jun 7 09:55:03 2024 -0700 + + Fixes for issues found in Coverity scan. + + vgauth/serviceImpl/saml-xmlsec1.c + issue: 'string_null' for strlen(pemCert) + impact: False-positive + fix: suppress 'string_null' + issue: leaked_storage: certChain is not cleaned up on error. + impact: Memory is leaked on the error path. + fix: Add line before return to free certChain. + + vgauth/common/i18n.c + issue: 'leaked_storage' for "name" variable + impact: False-positive + fix: suppress 'leaked_storage' + + lib/file/file.c + issue: use_after_free for 'src' pointer + impact: False-positive + fix: suppress 'use_after_free' + + services/plugins/serviceDiscovery/serviceDiscovery.c + issue: overrun-local: gdpErrMsgs array contains one less entry then there are + enum defined. + impact: Valid but the function never return the GDP_ERR_MAX enum. + fix: in gdp.h, add an error entry for GDP_ERR_MAX this way gdpErrMsgs will + generate all entries. + + lib/file/fileLockPosix.c + issue: string_null for 'buffer' not being null terminated. + impact: False-positive + fix: suppress 'string_null' + +commit 912e76c343e876197ab597a303eced5685d05d2f +Author: Kruti +Date: Fri Jun 7 09:55:03 2024 -0700 + + Fix the SHELLCHECK_WARNING findings from static application security testing + (SAST) + + install/Linux/scripts/network: Multiple shellcheck issues found in the + Linux "network" script with the warning "Remove backticks to avoid + executing output (or use eval if intentional)." + + Removed the backticks from those corresponding lines of the script. + +commit 36108c65d3dbfaa7bf630076376252dcefcb1e80 +Author: Kruti +Date: Fri Jun 7 09:55:03 2024 -0700 + + Fix the Y2K38_SAFETY finding found by Coverity scan. + + Change the date type to 'long long' to make the size be 64 bits, + same as that of time_t. + +commit 539c497e2c29f6023cc17e3e382acc43598cfe33 +Author: Kruti +Date: Fri Jun 7 09:55:03 2024 -0700 + + [Coverity]: Fix the Y2K38_SAFETY findings from static application security + testing (SAST) + + guestInfoServer.c -- 2 issues reported in file + issue: casting time_t (64bits) to int (32bits) causing Y2K38_SAFETY. + impact: delta is a time delta in seconds, overflow if delta >= + (G_MAXINT/1000)+1 + fix: Remove cast on delta, cast both values as int64. + + issue: casting time_t to int for logging to a '%d'. + impact: delta is a time delta in seconds, not expected to overflow a 32 bit + int. + fix: Remove cast on delta, change string to use '%"FMT64"d' format and cast + the time_t to int64; time_t is defined as 'long int'. + + vixTools.c -- 7 issues reported in file + issue: casting time_t to int for convertion to string (xml) + impact: procStartTime is a time from epoch, it will overflow the int in Y2K38. + fix: Remove the cast, change the string to use '%"FMT64"d"' and cast the + time_t to int64; time_t is defined as 'long int'. + + issues: casting time_t to int in call to VixToolsPrintProcInfoEx. + impact: The times used are time from epoch and will be impacted by Y2K38. + fix: Change signature of VixToolsPrintProcInfoEx to take in time_t types. + Change VixToolsPrintProcInfoEx to use '%"FMT64"d' in string conversions. + and cast the time_t to int64; time_t is defined as 'long int'. + +commit 6b2f429a17b1256c32008d64785eb6d5242f5b23 +Author: Kruti +Date: Fri Jun 7 09:55:03 2024 -0700 + + Linux network log file permissions fix: 0644 to 0600 + Since release 11.3.5, on linux guests, the vmware-network.log file has root + default file creation permissions (0644) rather than the expected 0600 + permissions. + + Fix: + - Adding chmod 0600 on log file creation. + - Adding file creation before first logging. + - Adding handling of unset handler in case switch, default to file logging. + - Adding logging of unknown or bad handler, and using file logging as default. + - Default number of logfiles when network.maxOldLogFiles is set to 0. + +commit 83463bd3a458f83765fafab346e6d08562139b66 +Author: Kruti +Date: Fri Jun 7 09:55:03 2024 -0700 + + Setting the VMware Tools version to 12.4.5. + +commit 4fb3e03c17a7a7f72946bd41675722624fdc4106 +Author: John Wolfe +Date: Fri Mar 22 14:08:29 2024 -0700 + + open-vm-tools 12.4.0 released at this point. + ================================================= + Update of the ChangeLog with the final changes in preparation for + the open-vm-tools 12.4.0 release. + commit 619e61f96c0a82c0b3054122c81a62a29301bf1b Author: John Wolfe Date: Fri Mar 22 14:00:45 2024 -0700 From c7eb4e6a31205b31406b2c47c2731a6b298a4007 Mon Sep 17 00:00:00 2001 From: Kruti Date: Sun, 23 Jun 2024 23:14:56 -0700 Subject: [PATCH 223/375] Remove the twice-occurring incorrectly patched file content. --- open-vm-tools/Makefile.am | 78 -------------------------------- open-vm-tools/lib/Makefile.am | 78 -------------------------------- open-vm-tools/vgauth/Makefile.am | 22 --------- 3 files changed, 178 deletions(-) diff --git a/open-vm-tools/Makefile.am b/open-vm-tools/Makefile.am index 30cde8796..3ad409e8f 100644 --- a/open-vm-tools/Makefile.am +++ b/open-vm-tools/Makefile.am @@ -72,84 +72,6 @@ if HAVE_UDEV endif -install-data-local: - $(INSTALL) -d $(DESTDIR)/etc/vmware-tools/ - $(INSTALL) -m 644 $(srcdir)/tools.conf $(DESTDIR)/etc/vmware-tools/tools.conf.example - -################################################################################ -### Copyright (c) 2007-2021,2023 VMware, Inc. All rights reserved. -### -### Top-level Makefile for building the VMware OSS Tools. -### -### -### This program is free software; you can redistribute it and/or modify -### it under the terms of version 2 of the GNU General Public License as -### published by the Free Software Foundation. -### -### This program is distributed in the hope that it will be useful, -### but WITHOUT ANY WARRANTY; without even the implied warranty of -### MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -### GNU General Public License for more details. -### -### You should have received a copy of the GNU General Public License -### along with this program; if not, write to the Free Software -### Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA -################################################################################ - -# These flags get passed to aclocal when autoreconf calls it, and tell aclocal -# that all of our macros are in the 'm4' subdirectory. -ACLOCAL_AMFLAGS = -I m4 - -SUBDIRS = -SUBDIRS += lib -if LINUX - SUBDIRS += libguestStoreClient -endif -SUBDIRS += libvmtools -SUBDIRS += libhgfs -SUBDIRS += hgfsclient -if ENABLE_VGAUTH - SUBDIRS += vgauth - SUBDIRS += vgauthImport -endif -SUBDIRS += checkvm -SUBDIRS += libguestlib -if ENABLE_DEPLOYPKG - SUBDIRS += libDeployPkg -endif -SUBDIRS += rpctool -SUBDIRS += namespacetool -SUBDIRS += scripts -SUBDIRS += services -SUBDIRS += toolbox -if HAVE_X11 - SUBDIRS += vmware-user-suid-wrapper -endif -if HAVE_FUSE - SUBDIRS += vmblock-fuse - SUBDIRS += vmhgfs-fuse -endif -if !LINUX - SUBDIRS += vmblockmounter -endif -SUBDIRS += xferlogs -if ENABLE_TESTS - SUBDIRS += tests -endif -if WITH_KERNEL_MODULES - SUBDIRS += modules -endif -SUBDIRS += docs -if ENABLE_LIBAPPMONITOR - SUBDIRS += libappmonitor -endif - -if HAVE_UDEV - SUBDIRS += udev - SUBDIRS += vmwgfxctrl -endif - - install-data-local: $(INSTALL) -d $(DESTDIR)/etc/vmware-tools/ $(INSTALL) -m 644 $(srcdir)/tools.conf $(DESTDIR)/etc/vmware-tools/tools.conf.example diff --git a/open-vm-tools/lib/Makefile.am b/open-vm-tools/lib/Makefile.am index 41656d083..e37422cc1 100644 --- a/open-vm-tools/lib/Makefile.am +++ b/open-vm-tools/lib/Makefile.am @@ -76,81 +76,3 @@ SUBDIRS += wiper SUBDIRS += xdg -################################################################################ -### Copyright (c) 2007-2016,2020-2023 VMware, Inc. All rights reserved. -### -### This program is free software; you can redistribute it and/or modify -### it under the terms of version 2 of the GNU General Public License as -### published by the Free Software Foundation. -### -### This program is distributed in the hope that it will be useful, -### but WITHOUT ANY WARRANTY; without even the implied warranty of -### MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -### GNU General Public License for more details. -### -### You should have received a copy of the GNU General Public License -### along with this program; if not, write to the Free Software -### Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA -################################################################################ - -SUBDIRS = -SUBDIRS += guestRpc -SUBDIRS += auth -SUBDIRS += backdoor -if HAVE_VSOCK -SUBDIRS += asyncsocket -endif -SUBDIRS += sslDirect -SUBDIRS += pollGtk -SUBDIRS += poll -SUBDIRS += dataMap -SUBDIRS += hashMap -SUBDIRS += dict -SUBDIRS += dynxdr -SUBDIRS += err -SUBDIRS += file -SUBDIRS += foundryMsg -SUBDIRS += glibUtils -SUBDIRS += guestApp -if LINUX - SUBDIRS += guestStoreClientHelper - SUBDIRS += globalConfig -endif -SUBDIRS += hgfs -SUBDIRS += hgfsBd -SUBDIRS += hgfsHelper -SUBDIRS += hgfsServer -SUBDIRS += hgfsServerManagerGuest -SUBDIRS += hgfsServerPolicyGuest -if HAVE_GTKMM -SUBDIRS += hgfsUri -endif -SUBDIRS += impersonate -SUBDIRS += lock -SUBDIRS += message -SUBDIRS += misc -SUBDIRS += netUtil -SUBDIRS += nicInfo -SUBDIRS += panic -SUBDIRS += panicDefault -SUBDIRS += procMgr -SUBDIRS += rpcChannel -SUBDIRS += rpcIn -SUBDIRS += rpcOut -SUBDIRS += rpcVmx -if USE_SLASH_PROC - SUBDIRS += slashProc -endif -SUBDIRS += string -SUBDIRS += jsmn -SUBDIRS += stubs -SUBDIRS += syncDriver -SUBDIRS += system -SUBDIRS += unicode -SUBDIRS += user -SUBDIRS += vmCheck -SUBDIRS += vmSignal -SUBDIRS += wiper -SUBDIRS += xdg - - diff --git a/open-vm-tools/vgauth/Makefile.am b/open-vm-tools/vgauth/Makefile.am index ef160b99a..a984425bc 100644 --- a/open-vm-tools/vgauth/Makefile.am +++ b/open-vm-tools/vgauth/Makefile.am @@ -20,25 +20,3 @@ SUBDIRS += lib SUBDIRS += cli SUBDIRS += service SUBDIRS += test -################################################################################ -### Copyright (c) 2014-2017,2023 VMware, Inc. All rights reserved. -### -### This program is free software; you can redistribute it and/or modify -### it under the terms of version 2 of the GNU General Public License as -### published by the Free Software Foundation. -### -### This program is distributed in the hope that it will be useful, -### but WITHOUT ANY WARRANTY; without even the implied warranty of -### MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -### GNU General Public License for more details. -### -### You should have received a copy of the GNU General Public License -### along with this program; if not, write to the Free Software -### Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA -################################################################################ - -SUBDIRS = -SUBDIRS += lib -SUBDIRS += cli -SUBDIRS += service -SUBDIRS += test From 122221cdc184470a83e7a3f3b2f536222076db38 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 24 Jun 2024 08:57:13 -0700 Subject: [PATCH 224/375] Prepare for the open-vm-tools 12.4.5 release. - Update the tools version in the configure.ac. - Update the build numbers in the buldNumber.h. --- open-vm-tools/configure.ac | 4 ++-- open-vm-tools/lib/include/buildNumber.h | 12 ++++++------ 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/open-vm-tools/configure.ac b/open-vm-tools/configure.ac index 51a3da50d..26b2e9500 100644 --- a/open-vm-tools/configure.ac +++ b/open-vm-tools/configure.ac @@ -36,10 +36,10 @@ ### Initialization ### -TOOLS_VERSION="12.4.0" +TOOLS_VERSION="12.4.5" AC_INIT( [open-vm-tools], - [12.4.0], + [12.4.5], [open-vm-tools-devel@lists.sourceforge.net]) # In order to make this configure script auto-detect situations where diff --git a/open-vm-tools/lib/include/buildNumber.h b/open-vm-tools/lib/include/buildNumber.h index 0b528de83..592bba5d8 100644 --- a/open-vm-tools/lib/include/buildNumber.h +++ b/open-vm-tools/lib/include/buildNumber.h @@ -1,12 +1,12 @@ #define BUILD_NUMBER \ - "build-23259341" + "build-23787635" #define BUILD_NUMBER_NUMERIC \ - 23259341 + 23787635 #define BUILD_NUMBER_NUMERIC_STRING \ - "23259341" + "23787635" #define PRODUCT_BUILD_NUMBER \ - "product-build-48309" + "product-build-49651" #define PRODUCT_BUILD_NUMBER_NUMERIC \ - 48309 + 49651 #define PRODUCT_BUILD_NUMBER_NUMERIC_STRING \ - "48309" + "49651" From 26628e198f39b0972dabbeb70dddf153d89b438c Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 24 Jun 2024 09:08:34 -0700 Subject: [PATCH 225/375] Update of the ChangeLog with the final changes in preparation for the open-vm-tools 12.4.5 release. - plus fix for incorrectly patched files. - plus ChangeLog update of Jun 7, 2024. --- open-vm-tools/ChangeLog | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/open-vm-tools/ChangeLog b/open-vm-tools/ChangeLog index dd8c62766..335ae975b 100644 --- a/open-vm-tools/ChangeLog +++ b/open-vm-tools/ChangeLog @@ -1,3 +1,24 @@ +commit 122221cdc184470a83e7a3f3b2f536222076db38 +Author: Kruti +Date: Mon Jun 24 08:57:13 2024 -0700 + + Prepare for the open-vm-tools 12.4.5 release. + - Update the tools version in the configure.ac. + - Update the build numbers in the buldNumber.h. + +commit c7eb4e6a31205b31406b2c47c2731a6b298a4007 +Author: Kruti +Date: Sun Jun 23 23:14:56 2024 -0700 + + Remove the twice-occurring incorrectly patched file content. + +commit de8328ede8e7fd864e3d3cd677eab499514494e5 +Author: Kruti +Date: Fri Jun 7 10:08:25 2024 -0700 + + Update the ChangeLog file with the changes in the 12.4.5 open-vm-tools release. + - plus the 12.4.0 open-vm-tools release point in the ChangeLog. + commit e7e74316e2dc30c2f406ff31b63e34d7f8c6915b Author: Kruti Date: Fri Jun 7 09:55:04 2024 -0700 From a3467476cfe48df0fd0c97f492ff5c4d0131d5cd Mon Sep 17 00:00:00 2001 From: Kruti Date: Thu, 27 Jun 2024 17:56:42 -0700 Subject: [PATCH 226/375] Update the ReleaseNotes.md for the 12.4.5 open-vm-tools release. --- ReleaseNotes.md | 82 +++++++++++++++++++++++++++++++++++++------------ 1 file changed, 63 insertions(+), 19 deletions(-) diff --git a/ReleaseNotes.md b/ReleaseNotes.md index 1997f073a..a02c327e4 100644 --- a/ReleaseNotes.md +++ b/ReleaseNotes.md @@ -1,8 +1,8 @@ -# open-vm-tools 12.4.0 Release Notes +# open-vm-tools 12.4.5 Release Notes -Updated on: 21 March 2024 +Updated on: 27 June 2024 -open-vm-tools | 21 MARCH 2024 | Build 23259341 +open-vm-tools | 27 JUNE 2024 | Build 23787635 Check back for additions and updates to these release notes. @@ -11,8 +11,9 @@ Check back for additions and updates to these release notes. The release notes cover the following topics: * [What's New](#whatsnew) -* [End of Feature Support Notice](#endsupport) * [Internationalization](#i18n) +* [Product Support Notice](#suppnote) +* [End of Feature Support Notice](#endsupport) * [Guest Operating System Customization Support](#guestop) * [Interoperability Matrix](#interop) * [Resolved Issues](#resolvedissues) @@ -23,19 +24,13 @@ The release notes cover the following topics: * Please see the [Resolved Issues](#resolvedissues) and [Known Issues](#knownissues) sections below. -* A complete list of the granular changes in the open-vm-tools 12.4.0 release is available at: +* A complete list of the granular changes in the open-vm-tools 12.4.5 release is available at: - [open-vm-tools ChangeLog](https://github.com/vmware/open-vm-tools/blob/stable-12.4.0/open-vm-tools/ChangeLog) - -## End of Feature Support Notice - -* Discontinued: Using "xml-security-c" and "xerces-c" to build the VMware Guest Authentication Service (VGAuth) - - Starting with open-vm-tools 12.4.0, and going forward, the VGAuth service build will require the "xmlsec1" and "libxml2" development and runtime packages. If still using the "xml-security-c" and "xerces-c" open source projects to build open-vm-tools, you must make the change now. The open-vm-tools 12.3.x series will be the last version that can use "xml-security-c" and "xerces-c". + [open-vm-tools ChangeLog](https://github.com/vmware/open-vm-tools/blob/stable-12.4.5/open-vm-tools/ChangeLog) ## Internationalization -open-vm-tools 12.4.0 is available in the following languages: +open-vm-tools 12.4.5 is available in the following languages: * English * French @@ -47,6 +42,31 @@ open-vm-tools 12.4.0 is available in the following languages: * Simplified Chinese * Traditional Chinese +## Product Support Notice + +Beginning with the next major release, we will be reducing the number of supported localization languages. The three supported languages will be: + * Japanese + * Spanish + * French + +The following languages will no longer be supported: + * Italian + * German + * Brazilian Portuguese + * Traditional Chinese + * Korean + * Simplified Chinese + +Impact: + * Users who have been using the deprecated languages will no longer receive updates or support in these languages. + * All user interfaces, message catalogs, help documentation, and customer support will be available only in English or in the three supported languages mentioned above. + +## End of Feature Support Notice + +* **Discontinued: Using "xml-security-c" and "xerces-c" to build the VMware Guest Authentication Service (VGAuth)** + + Starting with open-vm-tools 12.4.0, and going forward, the VGAuth service build will require the "xmlsec1" and "libxml2" development and runtime packages. If still using the "xml-security-c" and "xerces-c" open source projects to build open-vm-tools, you must make the change now. The open-vm-tools 12.3.x series will be the last version that can use "xml-security-c" and "xerces-c". + ## Guest Operating System Customization Support The [Guest OS Customization Support Matrix](http://partnerweb.vmware.com/programs/guestOS/guest-os-customization-matrix.pdf) provides details about the guest operating systems supported for customization. @@ -57,17 +77,41 @@ The [VMware Product Interoperability Matrix](http://partnerweb.vmware.com/comp_ ## Resolved Issues -* **The following github.com/vmware/open-vm-tools pull request has been addressed** +* **A number of issues flagged by Coverity and ShellCheck have been addressed.** + + The changes include code fixes and Coverity escapes for reported false positives. + See the details in the [open-vm-tools ChangeLog](https://github.com/vmware/open-vm-tools/blob/stable-12.4.5/open-vm-tools/ChangeLog) for specific fix or false positive escape. + +* **Nested logging from RPCChannel error may hang the vmtoolsd process.** + + This issue has been fixed in this release. + +* **vmtoolsd child processes invoke parent's atexit handler.**** + + Fixed in this release by terminating child processes with _exit(). + +* **Mutexes in lib/libvmtools/vmtoolsLog.c and glib could have been locked at fork time. The vmtoolsLog.c Debug(), Warning() and Panic() functions are not safe for child processes.** + + Fixed in this release by directing child processes' logging to stdout. + +* **Permission on the vmware-network.log file incorrectly defaults to (0644).** + + Fixed in this release. The correct default is set to (0600). + +* **The NetworkManager calls in the Linux "network" script have been updated.** - * Power Ops: Attempt to execute file path only + Defaults to using the "Sleep" method over the "Enabled" method used to + work around a bug in NetworkManager version 0.9.0. - [Pull request #689](https://github.com/vmware/open-vm-tools/pull/689) + Resolves: + * [Pull request #699](https://github.com/vmware/open-vm-tools/pull/699) + * [Issue #426](https://github.com/vmware/open-vm-tools/issues/426) -* **A number of issues flagged by Coverity have been addressed.** +* **Unused header files have been dropped from the current open-vm-tools source.** -* **Add aliasing code to identify Miracle Linux by its former name of "asianux".** +* **Accomodate newer releases of libxml2 and xmlsec1.** - The Asianux Linux distribution rebranded itself as Miracle Linux. Since vSphere infrastructure recognizes "asianux" but not Miracle Linux, aliasing code was added to open-vm-tools to continue to identify Miracle Linux systems as "asianux". + The configure.ac and VGAuth code updated to avoid deprecated functions and build options based on OSS product version. ## Known Issues From 9b94132f54fbed0b86dce04ff4402d1d8fd059c3 Mon Sep 17 00:00:00 2001 From: Kruti Date: Thu, 27 Jun 2024 18:38:57 -0700 Subject: [PATCH 227/375] open-vm-tools 12.4.5 released at this point. ================================================= --- open-vm-tools/ChangeLog | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/open-vm-tools/ChangeLog b/open-vm-tools/ChangeLog index 335ae975b..e3e1b1808 100644 --- a/open-vm-tools/ChangeLog +++ b/open-vm-tools/ChangeLog @@ -1,3 +1,9 @@ +commit a3467476cfe48df0fd0c97f492ff5c4d0131d5cd +Author: Kruti +Date: Thu Jun 27 17:56:42 2024 -0700 + + Update the ReleaseNotes.md for the 12.4.5 open-vm-tools release. + commit 122221cdc184470a83e7a3f3b2f536222076db38 Author: Kruti Date: Mon Jun 24 08:57:13 2024 -0700 From 9bc336c8457ddf1bedb5c6ef8d2fde4b2d4a9d59 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 15 Jul 2024 02:56:36 -0700 Subject: [PATCH 228/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/x86cpuid.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/x86cpuid.h b/open-vm-tools/lib/include/x86cpuid.h index b7984b7c8..bc1da29df 100644 --- a/open-vm-tools/lib/include/x86cpuid.h +++ b/open-vm-tools/lib/include/x86cpuid.h @@ -600,7 +600,7 @@ FLAG( 7, 1, EAX, 3, 1, RAO_INT, NO, 0 ) \ FLAG( 7, 1, EAX, 4, 1, AVX_VNNI, YES, 20 ) \ FLAG( 7, 1, EAX, 5, 1, AVX512BF16, YES, 18 ) \ FLAG( 7, 1, EAX, 6, 1, LASS, NO, 0 ) \ -FLAG( 7, 1, EAX, 7, 1, CMPCCXADD, NO, 0 ) \ +FLAG( 7, 1, EAX, 7, 1, CMPCCXADD, YES, 22 ) \ FLAG( 7, 1, EAX, 8, 1, ARCH_PERFMON_EXT, NO, 0 ) \ FLAG( 7, 1, EAX, 10, 1, FAST_ZERO_MOVSB, YES, 20 ) \ FLAG( 7, 1, EAX, 11, 1, FAST_SHORT_STOSB, YES, 20 ) \ From e86e129392012521937a8439ab146e79515c5ff6 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 15 Jul 2024 02:56:37 -0700 Subject: [PATCH 229/375] Change to common header file not applicable to open-vm-tools. --- .../lib/include/vm_product_versions.h | 30 +++++++++---------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/open-vm-tools/lib/include/vm_product_versions.h b/open-vm-tools/lib/include/vm_product_versions.h index 8fc42e946..86cafbf64 100644 --- a/open-vm-tools/lib/include/vm_product_versions.h +++ b/open-vm-tools/lib/include/vm_product_versions.h @@ -82,7 +82,7 @@ #define PRODUCT_VERSION 1,1,5,PRODUCT_BUILD_NUMBER_NUMERIC #elif defined(VMX86_VPX) /* this should be kept in sync with the corresponding vpx branch. */ - #define PRODUCT_VERSION 8,0,3,PRODUCT_BUILD_NUMBER_NUMERIC + #define PRODUCT_VERSION 9,0,0,PRODUCT_BUILD_NUMBER_NUMERIC #elif defined(VMX86_HORIZON_VIEW) #define PRODUCT_VERSION 8,13,0,PRODUCT_BUILD_NUMBER_NUMERIC // VMX86_DESKTOP must be last because it is the default and is always defined. @@ -183,9 +183,9 @@ * 7.0.1-3.4: Patch 3 / quarterly release 3 * 7.0.2-5.5: Update 2 / quarterly release 5 */ -#define ESX_VERSION_MAJOR "8" +#define ESX_VERSION_MAJOR "9" #define ESX_VERSION_MINOR "0" -#define ESX_VERSION_MAINT "3" // 0 = Pre-release/GA, 3 = Update 3 +#define ESX_VERSION_MAINT "0" // 0 = Pre-release/GA, 3 = Update 3 #define ESX_VERSION_UPDATE ESX_VERSION_MAINT // ESX's own update level #define ESX_VERSION ESX_VERSION_MAJOR "." ESX_VERSION_MINOR "." \ @@ -240,7 +240,7 @@ */ #define FUSION_VERSION "e.x.p" -#define VIM_VERSION "8.0.3" +#define VIM_VERSION "9.0.0" /* *For smooth version bump up for quaterly releases, we need to have a fallback *mechanism to previous version in all those components which perform version @@ -270,15 +270,15 @@ 6.0.0,\ 6.5.0" // Put VPX_VERSION first, because vpx/make/defs.mk doesn't check for suffix. -#define VPX_VERSION "8.0.3" -#define VPX_VERSION_MAJOR "8" +#define VPX_VERSION "9.0.0" +#define VPX_VERSION_MAJOR "9" #define VPX_VERSION_MINOR "0" -#define VPX_VERSION_MAINT "3" +#define VPX_VERSION_MAINT "0" #define VPX_VERSION_PATCH "00000" #define VPX_VERSION_THIRD_PARTY VPX_VERSION_MAJOR VPX_VERSION_MINOR \ VPX_VERSION_MAINT //MARKER_FAST_REMOVE_START -#define VPX_VERSION_NUMERIC 8,0,3,PRODUCT_BUILD_NUMBER_NUMERIC +#define VPX_VERSION_NUMERIC 9,0,0,PRODUCT_BUILD_NUMBER_NUMERIC //MARKER_FAST_REMOVE_END //MARKER_FAST_UNCOMMENT_START //#define VPX_VERSION_NUMERIC gVpxVersionNumeric @@ -288,15 +288,15 @@ #define VPX_MIN_HOST_VERSION "6.7.0" #define MAX_SUPPORTED_VI_VERSION "6.6" //from ovfTool/src/supportedVersions.h -#define VCDB_CURRENT_SCHEMA_VERSION 803 // from PitCADatabase.h +#define VCDB_CURRENT_SCHEMA_VERSION 900 // from PitCADatabase.h #define VPX_RELEASE_UPDATE "0" /* 0 = Pre-release/GA, 1 = Update 1 */ #define VPX_RELEASE_PATCH "0" /* 0 = experimental */ #define VPX_RELEASE VPX_RELEASE_UPDATE "." VPX_RELEASE_PATCH /* expected database version for current release */ -#define VPXD_VDB_DB_VERSION_ID 803 -#define VPXD_VDB_DB_VERSION_VALUE "VirtualCenter Database 8.0" +#define VPXD_VDB_DB_VERSION_ID 900 +#define VPXD_VDB_DB_VERSION_VALUE "VirtualCenter Database 9.0" /* * OSM Release Version for OSS/TP usage tracking and ticket filing @@ -316,7 +316,7 @@ #define HORIZONOSOT_VERSION "1.2.2303" #define HORIZONVMDS_VERSION "1.0.0" -#define INTEGRITY_VERSION "8.0.3" /* Should use VPX_VERSION? */ +#define INTEGRITY_VERSION "9.0.0" /* Should use VPX_VERSION? */ #define SVA_VERSION "1.0.0" #define SSO_VERSION "1.0.0" #define SDK_VERSION "4.1.0" @@ -343,10 +343,10 @@ //#define NETDUMP_FILE_VERSION gNetdumpFileVersion //MARKER_FAST_UNCOMMENT_END -#define VDDK_VERSION "8.0.3" -#define VDDK_VERSION_MAJOR 8 +#define VDDK_VERSION "9.0.0" +#define VDDK_VERSION_MAJOR 9 #define VDDK_VERSION_MINOR 0 -#define VDDK_VERSION_MAINT 3 +#define VDDK_VERSION_MAINT 0 //MARKER_FAST_REMOVE_START #define VDDK_FILE_VERSION VDDK_VERSION_MAJOR,VDDK_VERSION_MINOR,\ From 3bf397e2a039772cdc62d6a7248a38388d4a58d2 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 15 Jul 2024 02:56:37 -0700 Subject: [PATCH 230/375] Change to common source files not applicable to open-vm-tools. --- open-vm-tools/lib/include/guest_os.h | 1 + open-vm-tools/lib/misc/hostinfoPosix.c | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/guest_os.h b/open-vm-tools/lib/include/guest_os.h index 56317c846..89ee3eb33 100644 --- a/open-vm-tools/lib/include/guest_os.h +++ b/open-vm-tools/lib/include/guest_os.h @@ -340,6 +340,7 @@ Bool Gos_InSetArray(uint32 gos, const uint32 *set); #define STR_OS_MANDRAKE "mandrake" #define STR_OS_MANDRAKE_FULL "Mandrake Linux" #define STR_OS_MANDRIVA "mandriva" +#define STR_OS_MIRACLE_LINUX "miraclelinux" #define STR_OS_MKLINUX "MkLinux" #define STR_OS_NOVELL "nld" #define STR_OS_NOVELL_FULL "Novell Linux Desktop 9" diff --git a/open-vm-tools/lib/misc/hostinfoPosix.c b/open-vm-tools/lib/misc/hostinfoPosix.c index d8609805c..4e93a9b1e 100644 --- a/open-vm-tools/lib/misc/hostinfoPosix.c +++ b/open-vm-tools/lib/misc/hostinfoPosix.c @@ -1422,7 +1422,7 @@ static const ShortNameSet shortNameArray[] = { { "linux-ppc", STR_OS_LINUX_PPC, HostinfoGenericSetShortName }, { "mandrake", STR_OS_MANDRAKE, HostinfoGenericSetShortName }, { "mandriva", STR_OS_MANDRIVA, HostinfoGenericSetShortName }, -{ "miracle linux", NULL, HostinfoSetAsianuxShortName }, +{ "miracle linux", STR_OS_MIRACLE_LINUX, HostinfoGenericSetShortName }, { "mklinux", STR_OS_MKLINUX, HostinfoGenericSetShortName }, { "opensuse", STR_OS_OPENSUSE, HostinfoGenericSetShortName }, { "oracle", NULL, HostinfoSetOracleShortName }, From 5cb816ddf7b4278f4fe7574180a7b1fbf5693e08 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 15 Jul 2024 02:56:37 -0700 Subject: [PATCH 231/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/log.h | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/open-vm-tools/lib/include/log.h b/open-vm-tools/lib/include/log.h index aca53c889..76f66eea5 100644 --- a/open-vm-tools/lib/include/log.h +++ b/open-vm-tools/lib/include/log.h @@ -404,12 +404,13 @@ Log_NewCustomOutput(const char *instanceName, int minLogLevel); typedef struct { - uint8 level; - Bool additionalLine; + uint8 level; + uint32 group; + Bool additionalLine; size_t msgLen; - char timeStamp[64]; - char threadName[32]; - char opID[LOG_MAX_OPID_LENGTH + 1]; // Will be empty string on hosted products + char timeStamp[64]; + char threadName[32]; + char opID[LOG_MAX_OPID_LENGTH + 1]; // Will be empty string on hosted products } LogLineMetadata; typedef void (LogCustomMsgFuncEx)(const LogLineMetadata * const metadata, From 879e7e7600d219e6be04baae3a0903802265be38 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 15 Jul 2024 02:56:37 -0700 Subject: [PATCH 232/375] Change to common source files not applicable to open-vm-tools. --- open-vm-tools/lib/include/guest_os.h | 1 + open-vm-tools/lib/misc/hostinfoPosix.c | 1 + 2 files changed, 2 insertions(+) diff --git a/open-vm-tools/lib/include/guest_os.h b/open-vm-tools/lib/include/guest_os.h index 89ee3eb33..727b5639b 100644 --- a/open-vm-tools/lib/include/guest_os.h +++ b/open-vm-tools/lib/include/guest_os.h @@ -330,6 +330,7 @@ Bool Gos_InSetArray(uint32 gos, const uint32 *set); #define STR_OS_DEBIAN "debian" #define STR_OS_FEDORA "Fedora" #define STR_OS_FLATCAR "flatcar" +#define STR_OS_FUSION_OS "fusionos" #define STR_OS_GENTOO "Gentoo" #define STR_OS_IMMUNIX "Immunix" #define STR_OS_LINUX "linux" diff --git a/open-vm-tools/lib/misc/hostinfoPosix.c b/open-vm-tools/lib/misc/hostinfoPosix.c index 4e93a9b1e..386fbd94b 100644 --- a/open-vm-tools/lib/misc/hostinfoPosix.c +++ b/open-vm-tools/lib/misc/hostinfoPosix.c @@ -1416,6 +1416,7 @@ static const ShortNameSet shortNameArray[] = { { "enterprise linux", NULL, HostinfoSetOracleShortName }, { "fedora", STR_OS_FEDORA, HostinfoGenericSetShortName }, { "flatcar", STR_OS_FLATCAR, HostinfoGenericSetShortName }, +{ "fusionos", STR_OS_FUSION_OS, HostinfoGenericSetShortName }, { "gentoo", STR_OS_GENTOO, HostinfoGenericSetShortName }, { "immunix", STR_OS_IMMUNIX, HostinfoGenericSetShortName }, { "linux-from-scratch", STR_OS_LINUX_FROM_SCRATCH, HostinfoGenericSetShortName }, From e44d22a272e99890f04ed14a55ec53facaabf7fb Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 15 Jul 2024 02:56:37 -0700 Subject: [PATCH 233/375] Update vmware-user.desktop.in and delete vmware-user.desktop. Update settings for vmware-user.desktop.in: - Remove Encoding since it's deprecated. - Uncomment NoDisplay=True since the bug related to it was fixed a while ago. Delete bora-vmsoft/install/common/vmware-user.desktop as it is no longer needed. In open-vm-tools, vmware-user.desktop is generated from vmware-user.desktop.in. Pull request: https://github.com/vmware/open-vm-tools/pull/668 --- open-vm-tools/AUTHORS | 5 ++++- .../vmware-user-suid-wrapper/vmware-user.desktop.in | 4 +--- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/open-vm-tools/AUTHORS b/open-vm-tools/AUTHORS index a744081a9..b871a0235 100644 --- a/open-vm-tools/AUTHORS +++ b/open-vm-tools/AUTHORS @@ -96,5 +96,8 @@ Yun Zheng Hu Power Ops: Attempt to execute file path only - https://github.com/vmware/open-vm-tools/pull/689 Joseph Allen Updated NetworkManager calls in suspend/resume scripts - https://github.com/vmware/open-vm-tools/pull/699 + - https://github.com/vmware/open-vm-tools/pull/699 + +Brennan Kinney Revise settings for vmware-user.desktop + - https://github.com/vmware/open-vm-tools/pull/668 diff --git a/open-vm-tools/vmware-user-suid-wrapper/vmware-user.desktop.in b/open-vm-tools/vmware-user-suid-wrapper/vmware-user.desktop.in index 50149be7e..0518acd70 100644 --- a/open-vm-tools/vmware-user-suid-wrapper/vmware-user.desktop.in +++ b/open-vm-tools/vmware-user-suid-wrapper/vmware-user.desktop.in @@ -1,9 +1,7 @@ [Desktop Entry] Type=Application -Encoding=UTF-8 Exec=_bindir_/vmware-user-suid-wrapper Name=VMware User Agent -# KDE bug 190522: KDE does not autostart items with NoDisplay=true... -# NoDisplay=true +NoDisplay=true X-KDE-autostart-phase=1 From add970dae8e60ce4a3c98c5fd6b7c7c7d5138066 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 15 Jul 2024 02:56:37 -0700 Subject: [PATCH 234/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/x86cpuid.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/x86cpuid.h b/open-vm-tools/lib/include/x86cpuid.h index bc1da29df..d166f82d0 100644 --- a/open-vm-tools/lib/include/x86cpuid.h +++ b/open-vm-tools/lib/include/x86cpuid.h @@ -609,7 +609,7 @@ FLAG( 7, 1, EAX, 19, 1, WRMSRNS, NO, 0 ) \ FLAG( 7, 1, EAX, 21, 1, AMX_FP16, YES, 21 ) \ FLAG( 7, 1, EAX, 22, 1, HRESET, NO, 0 ) \ FLAG( 7, 1, EAX, 23, 1, AVX_IFMA, YES, FUT ) \ -FLAG( 7, 1, EAX, 26, 1, LAM, NO, 0 ) \ +FLAG( 7, 1, EAX, 26, 1, LAM, YES, 22 ) \ FLAG( 7, 1, EAX, 27, 1, MSRLIST, NO, 0 ) \ FLAG( 7, 1, EBX, 0, 1, LEAF7_PPIN, NO, 0 ) \ FLAG( 7, 1, EDX, 4, 1, AVX_VNNI_INT8, YES, FUT ) \ From aa9d798ac82e84bfdf2bb9101c689338cbfb6dfe Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 15 Jul 2024 02:56:37 -0700 Subject: [PATCH 235/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/x86cpuid.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/open-vm-tools/lib/include/x86cpuid.h b/open-vm-tools/lib/include/x86cpuid.h index d166f82d0..fd5beecc4 100644 --- a/open-vm-tools/lib/include/x86cpuid.h +++ b/open-vm-tools/lib/include/x86cpuid.h @@ -1491,6 +1491,8 @@ FLAG( 821, 0, EAX, 11, 1, AMD_FAST_SHORT_CMPSB, YES, 20 ) \ FLAG( 821, 0, EAX, 13, 1, PREFETCHCTL_MSR, NO, 0 ) \ FLAG( 821, 0, EAX, 17, 1, CPL3_CPUID_GP, NO, 0 ) \ FLAG( 821, 0, EAX, 18, 1, EPSF, NO, 0 ) \ +FLAG( 821, 0, EAX, 19, 1, FAST_REP_SCASB, YES, 22 ) \ +FLAG( 821, 0, EAX, 20, 1, LEAF821_PREFETCHI, YES, 22 ) \ FIELD(821, 0, EBX, 0, 12, MICROCODE_PATCH_SIZE, NO, 0 ) /* LEVEL, SUB-LEVEL, REG, POS, SIZE, NAME, MON SUPP, HWV */ From 2ad2337e413d65eb88db85740d5515505db16d86 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 15 Jul 2024 02:56:37 -0700 Subject: [PATCH 236/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/x86cpuid.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/open-vm-tools/lib/include/x86cpuid.h b/open-vm-tools/lib/include/x86cpuid.h index fd5beecc4..2dbd5dc66 100644 --- a/open-vm-tools/lib/include/x86cpuid.h +++ b/open-vm-tools/lib/include/x86cpuid.h @@ -608,12 +608,12 @@ FLAG( 7, 1, EAX, 12, 1, FAST_SHORT_CMPSB_SCASB, YES, 20 ) \ FLAG( 7, 1, EAX, 19, 1, WRMSRNS, NO, 0 ) \ FLAG( 7, 1, EAX, 21, 1, AMX_FP16, YES, 21 ) \ FLAG( 7, 1, EAX, 22, 1, HRESET, NO, 0 ) \ -FLAG( 7, 1, EAX, 23, 1, AVX_IFMA, YES, FUT ) \ +FLAG( 7, 1, EAX, 23, 1, AVX_IFMA, YES, 22 ) \ FLAG( 7, 1, EAX, 26, 1, LAM, YES, 22 ) \ FLAG( 7, 1, EAX, 27, 1, MSRLIST, NO, 0 ) \ FLAG( 7, 1, EBX, 0, 1, LEAF7_PPIN, NO, 0 ) \ -FLAG( 7, 1, EDX, 4, 1, AVX_VNNI_INT8, YES, FUT ) \ -FLAG( 7, 1, EDX, 5, 1, AVX_NE_CONVERT, YES, FUT ) \ +FLAG( 7, 1, EDX, 4, 1, AVX_VNNI_INT8, YES, 22 ) \ +FLAG( 7, 1, EDX, 5, 1, AVX_NE_CONVERT, YES, 22 ) \ FLAG( 7, 1, EDX, 8, 1, AMX_COMPLEX, NO, 0 ) \ FLAG( 7, 1, EDX, 14, 1, PREFETCHI, YES, 21 ) \ FLAG( 7, 1, EDX, 18, 1, CET_SSS, NO, 0 ) \ From abe5c72317031ad2eceb21038cca2e67431a4a79 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 15 Jul 2024 02:56:37 -0700 Subject: [PATCH 237/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/modules/shared/vmxnet/vmnet_def.h | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/modules/shared/vmxnet/vmnet_def.h b/open-vm-tools/modules/shared/vmxnet/vmnet_def.h index 056e53389..17a707680 100644 --- a/open-vm-tools/modules/shared/vmxnet/vmnet_def.h +++ b/open-vm-tools/modules/shared/vmxnet/vmnet_def.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 2004-2014,2017-2019,2021,2022 VMware, Inc. All rights reserved. + * Copyright (c) 2004-2024 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -125,4 +126,11 @@ #define VMNET_CAP_K2K_NIC CONST64U(0x4000000000000000) /* Nic used for Kernel-to-Kernel communication */ #define VMNET_CAP_LEGACY CONST64U(0x8000000000000000) /* Uplink is compatible with vmklinux drivers */ +/* Used by strict latency enabled vNIC to disable the hardware offloads. */ +typedef enum Vmxnet3OffloadDisable { + VMXNET3_OFFLOAD_DISABLE_NONE, + VMXNET3_OFFLOAD_DISABLE_TSO, + VMXNET3_OFFLOAD_DISABLE_LRO, + VMXNET3_OFFLOAD_DISABLE_TSO_LRO +} Vmxnet3OffloadDisable; #endif // _VMNET_DEF_H_ From 0d6b03ce9ee20260998dabef3fcc7b484d2935a5 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 15 Jul 2024 02:56:37 -0700 Subject: [PATCH 238/375] Change to common source files not applicable to open-vm-tools at this time. --- open-vm-tools/Makefile.am | 6 +++++- open-vm-tools/lib/Makefile.am | 4 +++- open-vm-tools/services/vmtoolsd/Makefile.am | 4 +++- 3 files changed, 11 insertions(+), 3 deletions(-) diff --git a/open-vm-tools/Makefile.am b/open-vm-tools/Makefile.am index 3ad409e8f..cfad21cc9 100644 --- a/open-vm-tools/Makefile.am +++ b/open-vm-tools/Makefile.am @@ -1,5 +1,7 @@ ################################################################################ -### Copyright (c) 2007-2021,2023 VMware, Inc. All rights reserved. +### Copyright (c) 2007-2024 Broadcom. All Rights Reserved. +### Broadcom Confidential. The term "Broadcom" refers to Broadcom Inc. +### and/or its subsidiaries. ### ### Top-level Makefile for building the VMware OSS Tools. ### @@ -39,6 +41,8 @@ SUBDIRS += libguestlib if ENABLE_DEPLOYPKG SUBDIRS += libDeployPkg endif + + SUBDIRS += rpctool SUBDIRS += namespacetool SUBDIRS += scripts diff --git a/open-vm-tools/lib/Makefile.am b/open-vm-tools/lib/Makefile.am index e37422cc1..ff0512c79 100644 --- a/open-vm-tools/lib/Makefile.am +++ b/open-vm-tools/lib/Makefile.am @@ -1,5 +1,7 @@ ################################################################################ -### Copyright (c) 2007-2016,2020-2023 VMware, Inc. All rights reserved. +### Copyright (c) 2007-2024 Broadcom. All Rights Reserved. +### Broadcom Confidential. The term "Broadcom" refers to Broadcom Inc. +### and/or its subsidiaries. ### ### This program is free software; you can redistribute it and/or modify ### it under the terms of version 2 of the GNU General Public License as diff --git a/open-vm-tools/services/vmtoolsd/Makefile.am b/open-vm-tools/services/vmtoolsd/Makefile.am index 7eb0e47bd..c3507529d 100644 --- a/open-vm-tools/services/vmtoolsd/Makefile.am +++ b/open-vm-tools/services/vmtoolsd/Makefile.am @@ -1,5 +1,7 @@ ################################################################################ -### Copyright (c) 2009-2021,2023 VMware, Inc. All rights reserved. +### Copyright (c) 2009-2024 Broadcom. All Rights Reserved. +### Broadcom Confidential. The term "Broadcom" refers to Broadcom Inc. +### and/or its subsidiaries. ### ### This program is free software; you can redistribute it and/or modify ### it under the terms of version 2 of the GNU General Public License as From 2ecb5a9bedcc6ddd6a19dd3b24ca577e463c6257 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 15 Jul 2024 02:56:38 -0700 Subject: [PATCH 239/375] Change to common source files not applicable to open-vm-tools. --- open-vm-tools/lib/include/guest_os.h | 1 + open-vm-tools/lib/misc/hostinfoPosix.c | 1 + 2 files changed, 2 insertions(+) diff --git a/open-vm-tools/lib/include/guest_os.h b/open-vm-tools/lib/include/guest_os.h index 727b5639b..e85d649b8 100644 --- a/open-vm-tools/lib/include/guest_os.h +++ b/open-vm-tools/lib/include/guest_os.h @@ -333,6 +333,7 @@ Bool Gos_InSetArray(uint32 gos, const uint32 *set); #define STR_OS_FUSION_OS "fusionos" #define STR_OS_GENTOO "Gentoo" #define STR_OS_IMMUNIX "Immunix" +#define STR_OS_KYLIN_LINUX "kylinlinux" #define STR_OS_LINUX "linux" #define STR_OS_LINUX_FROM_SCRATCH "Linux-From-Scratch" #define STR_OS_LINUX_FULL "Other Linux" diff --git a/open-vm-tools/lib/misc/hostinfoPosix.c b/open-vm-tools/lib/misc/hostinfoPosix.c index 386fbd94b..9bacef186 100644 --- a/open-vm-tools/lib/misc/hostinfoPosix.c +++ b/open-vm-tools/lib/misc/hostinfoPosix.c @@ -1419,6 +1419,7 @@ static const ShortNameSet shortNameArray[] = { { "fusionos", STR_OS_FUSION_OS, HostinfoGenericSetShortName }, { "gentoo", STR_OS_GENTOO, HostinfoGenericSetShortName }, { "immunix", STR_OS_IMMUNIX, HostinfoGenericSetShortName }, +{ "kylin linux", STR_OS_KYLIN_LINUX, HostinfoGenericSetShortName }, { "linux-from-scratch", STR_OS_LINUX_FROM_SCRATCH, HostinfoGenericSetShortName }, { "linux-ppc", STR_OS_LINUX_PPC, HostinfoGenericSetShortName }, { "mandrake", STR_OS_MANDRAKE, HostinfoGenericSetShortName }, From b4c81e8fb510f6b978973975246d1bba78a2361a Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 15 Jul 2024 02:56:38 -0700 Subject: [PATCH 240/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/x86cpuid.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/x86cpuid.h b/open-vm-tools/lib/include/x86cpuid.h index 2dbd5dc66..484f910e3 100644 --- a/open-vm-tools/lib/include/x86cpuid.h +++ b/open-vm-tools/lib/include/x86cpuid.h @@ -1324,7 +1324,7 @@ CPUID_8A_EDX_14 \ FLAG( 8A, 0, EDX, 15, 1, SVM_V_VMSAVE_VMLOAD, NO, 0 ) \ FLAG( 8A, 0, EDX, 16, 1, SVM_VGIF, NO, 0 ) \ FLAG( 8A, 0, EDX, 17, 1, SVM_GMET, YES, 17 ) \ -FLAG( 8A, 0, EDX, 18, 1, SVMEDX_RSVD3, NO, 0 ) \ +FLAG( 8A, 0, EDX, 18, 1, SVM_x2AVIC, NO, 0 ) \ FLAG( 8A, 0, EDX, 19, 1, SVM_SSS, YES, 20 ) \ FLAG( 8A, 0, EDX, 20, 1, SVM_GUEST_SPEC_CTRL, NO, 0 ) \ FLAG( 8A, 0, EDX, 21, 1, SVM_NON_WRITEABLE_PT, NO, 0 ) \ From 621013de8d6e98ccb9e45b69ed26ede7b460500e Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 15 Jul 2024 02:56:38 -0700 Subject: [PATCH 241/375] Change to common header file not applicable to open-vm-tools. --- .../modules/shared/vmxnet/vmxnet_def.h | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/modules/shared/vmxnet/vmxnet_def.h b/open-vm-tools/modules/shared/vmxnet/vmxnet_def.h index e94faf98f..3a3b6d6d3 100644 --- a/open-vm-tools/modules/shared/vmxnet/vmxnet_def.h +++ b/open-vm-tools/modules/shared/vmxnet/vmxnet_def.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 1999-2014 VMware, Inc. All rights reserved. + * Copyright (c) 1999-2024 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -167,6 +168,21 @@ typedef uint32 Vmxnet_DDMagic; /* packet byte value */ #define VMXNET_PM_OPCODE_END 0 /* args: */ +/* + * The strict latency configuration + */ +#define VMXNET3_SL_MIN_QUEUES 1 +#define VMXNET3_SL_MAX_QUEUES 32 +#define VMXNET3_SL_MIN_RING_DESC_SIZE 128 +#define VMXNET3_SL_MAX_RING_DESC_SIZE 2048 +#define VMXNET3_SL_RING_SIZE_INCREMENT_UNIT 64 +#define VMXNET3_SL_DEFAULT_LATENCY_MEASUREMENT 1 +#define VMXNET3_SL_DEFAULT_TX_QUEUES 1 +#define VMXNET3_SL_DEFAULT_RX_QUEUES 1 +#define VMXNET3_SL_DEFAULT_TX_RING_DESC_SIZE 256 +#define VMXNET3_SL_DEFAULT_RX_RING_DESC_SIZE 256 +#define VMXNET3_SL_DEFAULT_DISABLE_OFFLOADS "TSO_LRO" + typedef union Vmxnet_WakePktCmd { uint32 pktData : 32; struct { From 95ba5d3d67b94f9f30aab6665728c7145e432a55 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 15 Jul 2024 02:56:38 -0700 Subject: [PATCH 242/375] Change to common header files not applicable to open-vm-tools. --- open-vm-tools/lib/include/util.h | 29 ++++++++++++++-------------- open-vm-tools/lib/include/utilZero.h | 21 +++++++++++--------- 2 files changed, 27 insertions(+), 23 deletions(-) diff --git a/open-vm-tools/lib/include/util.h b/open-vm-tools/lib/include/util.h index 625aa7d43..1e8622989 100644 --- a/open-vm-tools/lib/include/util.h +++ b/open-vm-tools/lib/include/util.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 1998-2019 VMware, Inc. All rights reserved. + * Copyright (c) 1998-2024 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -30,21 +31,21 @@ #define INCLUDE_ALLOW_VMCORE #include "includeCheck.h" -#include -#include #ifndef VMKBOOT -#include -#endif - -#ifdef _WIN32 - #ifdef USERLEVEL - #include /* Needed for MBCS string functions */ - #include /* for definition of HANDLE */ + #include + #include + #include + + #ifdef _WIN32 + #ifdef USERLEVEL + #include /* Needed for MBCS string functions */ + #include /* for definition of HANDLE */ + #endif + #else + #include + #include + #include "errno.h" #endif -#else - #include - #include - #include "errno.h" #endif #include "vm_assert.h" #include "vm_basic_defs.h" diff --git a/open-vm-tools/lib/include/utilZero.h b/open-vm-tools/lib/include/utilZero.h index 0f8df7274..5107c6ac2 100644 --- a/open-vm-tools/lib/include/utilZero.h +++ b/open-vm-tools/lib/include/utilZero.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 2017 VMware, Inc. All rights reserved. + * Copyright (c) 2017-2024 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -31,14 +32,16 @@ #define INCLUDE_ALLOW_VMCORE #include "includeCheck.h" -#include -#ifndef VMKBOOT -#include -#endif -#ifndef _WIN32 - #include - #include - #include +#ifdef VMKBOOT + #include "vm_libc.h" +#else + #include + #include + #ifndef _WIN32 + #include + #include + #include + #endif #endif #include "vm_assert.h" From c22f4ebfe44a1798c2b5c445ca49cb96d2a2385f Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 15 Jul 2024 02:56:38 -0700 Subject: [PATCH 243/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vmci_defs.h | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/vmci_defs.h b/open-vm-tools/lib/include/vmci_defs.h index a111ec1ba..c522db787 100644 --- a/open-vm-tools/lib/include/vmci_defs.h +++ b/open-vm-tools/lib/include/vmci_defs.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 2005-2019,2021 VMware, Inc. All rights reserved. + * Copyright (c) 2005-2024 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -115,10 +116,21 @@ typedef enum VMCIIntrType { * memory that can be used for queue pairs. Since each queue pair * consists of at least two pages, the memory limit also dictates the * number of queue pairs a guest can create. + * With the addition of a configurable max QP memory limit (see comment + * for VMCI_MAX_GUEST_QP_MEMORY_CONFIG_MAX), VMCI_MAX_GUEST_QP_COUNT + * will continue to the based off VMCI_MAX_GUEST_QP_MEMORY and not + * adjusted according to the configured max QP memory limit. */ #define VMCI_MAX_GUEST_QP_MEMORY (128 * 1024 * 1024) #define VMCI_MAX_GUEST_QP_COUNT (VMCI_MAX_GUEST_QP_MEMORY / PAGE_SIZE / 2) +/* + * VMX config option vmci.qpMemoryLimit can be used to set the max QP memory + * limit. This value is restricted to a maximum of 1024 MiB. This VMX config + * option is currently only valid for FSVMs. + */ +#define VMCI_MAX_GUEST_QP_MEMORY_CONFIG_MAX (1024 * 1024 * 1024) + /* * There can be at most PAGE_SIZE doorbells since there is one doorbell * per byte in the doorbell bitmap page. From 0e8e439e9fa4f1b196fd40251db0e948cde52ce5 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 15 Jul 2024 02:56:38 -0700 Subject: [PATCH 244/375] Change to common source files not applicable to open-vm-tools. --- open-vm-tools/lib/include/guest_os.h | 6 ++++-- open-vm-tools/lib/include/guest_os_tables.h | 3 ++- open-vm-tools/lib/misc/hostinfoPosix.c | 1 + 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/open-vm-tools/lib/include/guest_os.h b/open-vm-tools/lib/include/guest_os.h index e85d649b8..9986ecadc 100644 --- a/open-vm-tools/lib/include/guest_os.h +++ b/open-vm-tools/lib/include/guest_os.h @@ -235,7 +235,8 @@ Bool Gos_InSetArray(uint32 gos, const uint32 *set); #define ALL6XLINUX64 BS(OTHER6XLINUX_64), BS(OTHER6XLINUX_ARM_64), \ BS(RHEL10_64), BS(RHEL10_ARM_64), \ - BS(ORACLE10_64), BS(PROLINUX_64) + BS(ORACLE10_64), BS(PROLINUX_64), \ + BS(PARDUS_64) #define ALL7XLINUX32 BS(OTHER7XLINUX) @@ -367,6 +368,7 @@ Bool Gos_InSetArray(uint32 gos, const uint32 *set); #define STR_OS_OTHER_6X_FULL "Other Linux 6.x kernel" #define STR_OS_OTHER_7X "other7xlinux" #define STR_OS_OTHER_7X_FULL "Other Linux 7.x and later kernel" +#define STR_OS_PARDUS "pardus" #define STR_OS_PHOTON "vmware-photon" #define STR_OS_PHOTON_FULL "VMware Photon OS" #define STR_OS_PROLINUX "prolinux" @@ -375,7 +377,7 @@ Bool Gos_InSetArray(uint32 gos, const uint32 *set); #define STR_OS_RED_HAT "redhat" #define STR_OS_RED_HAT_EN "rhel" #define STR_OS_RED_HAT_FULL "Red Hat Linux" -#define STR_OS_ROCKY_LINUX "rockyLinux" +#define STR_OS_ROCKY_LINUX "rockyLinux" #define STR_OS_SLACKWARE "Slackware" #define STR_OS_SLES "sles" #define STR_OS_SUSE "suse" diff --git a/open-vm-tools/lib/include/guest_os_tables.h b/open-vm-tools/lib/include/guest_os_tables.h index 1f46e2f17..f6b382750 100644 --- a/open-vm-tools/lib/include/guest_os_tables.h +++ b/open-vm-tools/lib/include/guest_os_tables.h @@ -190,7 +190,8 @@ extern "C" { GOT(GUEST_OS_ROCKY_LINUX_ARM_64) \ GOT(GUEST_OS_ALMA_LINUX_64) \ GOT(GUEST_OS_ALMA_LINUX_ARM_64) \ - GOT(GUEST_OS_PROLINUX_64) + GOT(GUEST_OS_PROLINUX_64) \ + GOT(GUEST_OS_PARDUS_64) /* diff --git a/open-vm-tools/lib/misc/hostinfoPosix.c b/open-vm-tools/lib/misc/hostinfoPosix.c index 9bacef186..8002c6f25 100644 --- a/open-vm-tools/lib/misc/hostinfoPosix.c +++ b/open-vm-tools/lib/misc/hostinfoPosix.c @@ -1428,6 +1428,7 @@ static const ShortNameSet shortNameArray[] = { { "mklinux", STR_OS_MKLINUX, HostinfoGenericSetShortName }, { "opensuse", STR_OS_OPENSUSE, HostinfoGenericSetShortName }, { "oracle", NULL, HostinfoSetOracleShortName }, +{ "pardus", STR_OS_PARDUS, HostinfoGenericSetShortName }, { "pld", STR_OS_PLD, HostinfoGenericSetShortName }, { "prolinux", STR_OS_PROLINUX, HostinfoGenericSetShortName }, { "rocky linux", STR_OS_ROCKY_LINUX, HostinfoGenericSetShortName }, From 0ae5e008d7f18600d424e3335da54ee3e09f77bd Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 15 Jul 2024 02:56:38 -0700 Subject: [PATCH 245/375] Change to common source file not applicable to open-vm-tools at this time. --- open-vm-tools/services/vmtoolsd/mainLoop.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/services/vmtoolsd/mainLoop.c b/open-vm-tools/services/vmtoolsd/mainLoop.c index 5217be5da..1ae277eac 100644 --- a/open-vm-tools/services/vmtoolsd/mainLoop.c +++ b/open-vm-tools/services/vmtoolsd/mainLoop.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 2008-2023 VMware, Inc. All rights reserved. + * Copyright (c) 2008-2024 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -49,6 +50,7 @@ (defined(__linux__) && !defined(USERWORLD)) # include "vmware/tools/guestStore.h" # include "globalConfig.h" + #endif /* @@ -126,6 +128,7 @@ ToolsCoreCleanup(ToolsServiceState *state) * blocked in client lib synchronous recv() call. */ ToolsPluginSvcGuestStore_Shutdown(&state->ctx); + } #endif From 4a8e42d35fcafb5d3ce77e5ea0e42887307172da Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 15 Jul 2024 02:56:38 -0700 Subject: [PATCH 246/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/backdoor_def.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/backdoor_def.h b/open-vm-tools/lib/include/backdoor_def.h index 6c44be4b1..e5246e9fd 100644 --- a/open-vm-tools/lib/include/backdoor_def.h +++ b/open-vm-tools/lib/include/backdoor_def.h @@ -244,7 +244,7 @@ extern "C" { # define BDOOR_CMD_PRECISIONCLOCK_ADJTIME 2 # define BDOOR_CMD_PRECISIONCLOCK_ADJFREQ 3 # define BDOOR_CMD_PRECISIONCLOCK_NUMCMDS 4 -#define BDOOR_CMD_COREDUMP_UNSYNC 98 /* Devel only. For VMM cores */ +//#define BDOOR_CMD_COREDUMP_UNSYNC 98 /* Not in use. PR 3328536. */ #define BDOOR_CMD_APPLE_GPU_RES_SET 99 #define BDOOR_CMD_GETBUILDNUM 100 #define BDOOR_CMD_GETENTROPY 101 /* Configurable, off by default. */ From 8ab40432f52747946fe007bf2bd2afc60875ee0a Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 15 Jul 2024 02:56:38 -0700 Subject: [PATCH 247/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/x86_basic_defs.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/open-vm-tools/lib/include/x86_basic_defs.h b/open-vm-tools/lib/include/x86_basic_defs.h index c9693a768..48fc7ea33 100644 --- a/open-vm-tools/lib/include/x86_basic_defs.h +++ b/open-vm-tools/lib/include/x86_basic_defs.h @@ -195,6 +195,8 @@ /* * exception error codes */ +#define EXC_VEC_MIN 0 +#define EXC_VEC_MAX 31 #define EXC_DE 0 #define EXC_DB 1 From 567b94a40a5fe8f478dfe37b3b87fc9106028e45 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 15 Jul 2024 02:56:39 -0700 Subject: [PATCH 248/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/x86_basic_defs.h | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/open-vm-tools/lib/include/x86_basic_defs.h b/open-vm-tools/lib/include/x86_basic_defs.h index 48fc7ea33..a3ad34fa5 100644 --- a/open-vm-tools/lib/include/x86_basic_defs.h +++ b/open-vm-tools/lib/include/x86_basic_defs.h @@ -20,7 +20,7 @@ /* * x86_basic_defs.h -- * - * Basic macros describing the x86 architecture. + * Basic macros describing the x86 architecture. */ #ifndef _X86_BASIC_DEFS_H_ @@ -36,12 +36,12 @@ #define INCLUDE_ALLOW_VMCORE #include "includeCheck.h" -#define X86_MAX_INSTR_LEN 15 /* Max byte length of an x86 instruction. */ +#define X86_MAX_INSTR_LEN 15 /* Max byte length of an x86 instruction */ #define NUM_IDT_VECTORS 256 /* - * control registers + * Control registers */ #define CR0_PE 0x00000001 @@ -115,7 +115,7 @@ #define CR8_RESERVED CONST64U(0xfffffffffffffff0) /* - * Debug registers. + * Debug registers */ #define DR_COUNT 4 @@ -193,7 +193,7 @@ #define DEBUG_STATUS_BT (1<<15) /* - * exception error codes + * Exception vectors */ #define EXC_VEC_MIN 0 #define EXC_VEC_MAX 31 @@ -218,17 +218,19 @@ #define EXC_XF 19 // SIMD exception. #define EXC_VE 20 // Virtualization exception - VT only. #define EXC_CP 21 // Control Protection exception. +#define EXC_HV 28 // Hypervisor injection exception (SVM only) #define EXC_VC 29 // VMM communication exception (SVM / SEV-ES only). #define EXC_SX 30 // Security exception (SVM only). -/* Bitmap of the exception vectors that have associated error codes. */ +/* Bitmap of the exception vectors that have associated error codes */ #define EXC_WITH_ERR_CODE_MASK ((1u << EXC_DF) | (1u << EXC_TS) | \ (1u << EXC_NP) | (1u << EXC_SS) | \ (1u << EXC_GP) | (1u << EXC_PF) | \ - (1u << EXC_AC) | (1u << EXC_CP)) + (1u << EXC_AC) | (1u << EXC_CP) | \ + (1u << EXC_VC) | (1u << EXC_SX)) /* - * eflag/rflag definitions. + * eflag/rflag definitions */ #define EFLAGS_IOPL_SHIFT 12 @@ -277,14 +279,14 @@ typedef enum x86_FLAGS { } x86_FLAGS; /* - * MPX bound configuration registers + * MPX bound configuration registers */ #define BNDCFG_EN 0x00000001 #define BNDCFG_BNDPRSV 0x00000002 #define BNDCFG_RSVD 0x00000ffc #define BNDCFG_BDBASE CONST64U(0xfffffffffffff000) -/* Reset state of RIP. */ +/* Reset state of RIP */ #define RESET_RIP 0xfff0 #define RESET_RIP_TDX 0xfffffff0 /* Reset RIP for TDX protected mode boot. */ From 88c4194d2c6fb1804159cd36dd7d68e984afc495 Mon Sep 17 00:00:00 2001 From: Kruti Date: Mon, 15 Jul 2024 03:00:20 -0700 Subject: [PATCH 249/375] Update ChangeLog with the granular push of July 15, 2024. - plus ChangeLog update of May 28, 2024. --- open-vm-tools/ChangeLog | 145 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 145 insertions(+) diff --git a/open-vm-tools/ChangeLog b/open-vm-tools/ChangeLog index aa00a8aaa..71fee94d3 100644 --- a/open-vm-tools/ChangeLog +++ b/open-vm-tools/ChangeLog @@ -1,3 +1,148 @@ +commit 567b94a40a5fe8f478dfe37b3b87fc9106028e45 +Author: Kruti +Date: Mon Jul 15 02:56:39 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit 8ab40432f52747946fe007bf2bd2afc60875ee0a +Author: Kruti +Date: Mon Jul 15 02:56:38 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit 4a8e42d35fcafb5d3ce77e5ea0e42887307172da +Author: Kruti +Date: Mon Jul 15 02:56:38 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit 0ae5e008d7f18600d424e3335da54ee3e09f77bd +Author: Kruti +Date: Mon Jul 15 02:56:38 2024 -0700 + + Change to common source file not applicable to open-vm-tools at this time. + +commit 0e8e439e9fa4f1b196fd40251db0e948cde52ce5 +Author: Kruti +Date: Mon Jul 15 02:56:38 2024 -0700 + + Change to common source files not applicable to open-vm-tools. + +commit c22f4ebfe44a1798c2b5c445ca49cb96d2a2385f +Author: Kruti +Date: Mon Jul 15 02:56:38 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit 95ba5d3d67b94f9f30aab6665728c7145e432a55 +Author: Kruti +Date: Mon Jul 15 02:56:38 2024 -0700 + + Change to common header files not applicable to open-vm-tools. + +commit 621013de8d6e98ccb9e45b69ed26ede7b460500e +Author: Kruti +Date: Mon Jul 15 02:56:38 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit b4c81e8fb510f6b978973975246d1bba78a2361a +Author: Kruti +Date: Mon Jul 15 02:56:38 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit 2ecb5a9bedcc6ddd6a19dd3b24ca577e463c6257 +Author: Kruti +Date: Mon Jul 15 02:56:38 2024 -0700 + + Change to common source files not applicable to open-vm-tools. + +commit 0d6b03ce9ee20260998dabef3fcc7b484d2935a5 +Author: Kruti +Date: Mon Jul 15 02:56:37 2024 -0700 + + Change to common source files not applicable to open-vm-tools at this time. + +commit abe5c72317031ad2eceb21038cca2e67431a4a79 +Author: Kruti +Date: Mon Jul 15 02:56:37 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit 2ad2337e413d65eb88db85740d5515505db16d86 +Author: Kruti +Date: Mon Jul 15 02:56:37 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit aa9d798ac82e84bfdf2bb9101c689338cbfb6dfe +Author: Kruti +Date: Mon Jul 15 02:56:37 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit add970dae8e60ce4a3c98c5fd6b7c7c7d5138066 +Author: Kruti +Date: Mon Jul 15 02:56:37 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit e44d22a272e99890f04ed14a55ec53facaabf7fb +Author: Kruti +Date: Mon Jul 15 02:56:37 2024 -0700 + + Update vmware-user.desktop.in and delete vmware-user.desktop. + + Update settings for vmware-user.desktop.in: + - Remove Encoding since it's deprecated. + - Uncomment NoDisplay=True since the bug related to it was fixed + a while ago. + + Delete bora-vmsoft/install/common/vmware-user.desktop as it is no + longer needed. In open-vm-tools, vmware-user.desktop is generated from + vmware-user.desktop.in. + + Pull request: https://github.com/vmware/open-vm-tools/pull/668 + +commit 879e7e7600d219e6be04baae3a0903802265be38 +Author: Kruti +Date: Mon Jul 15 02:56:37 2024 -0700 + + Change to common source files not applicable to open-vm-tools. + +commit 5cb816ddf7b4278f4fe7574180a7b1fbf5693e08 +Author: Kruti +Date: Mon Jul 15 02:56:37 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit 3bf397e2a039772cdc62d6a7248a38388d4a58d2 +Author: Kruti +Date: Mon Jul 15 02:56:37 2024 -0700 + + Change to common source files not applicable to open-vm-tools. + +commit e86e129392012521937a8439ab146e79515c5ff6 +Author: Kruti +Date: Mon Jul 15 02:56:37 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit 9bc336c8457ddf1bedb5c6ef8d2fde4b2d4a9d59 +Author: Kruti +Date: Mon Jul 15 02:56:36 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit 515e38c175e0a642865c663334932b2247414d87 +Author: Kruti +Date: Tue May 28 02:35:23 2024 -0700 + + Update ChangeLog with the granular push of May 26, 2024. + - plus Copyright pattern update of file x86_basic_defs.h + - plus ChangeLog update of May 20, 2024. + commit fa9c8fb804f47536cddcdca1365b79477dccff88 Author: Kruti Date: Tue May 28 02:00:20 2024 -0700 From 582763347e3384a1fa1abb77a6b9c20d7c353753 Mon Sep 17 00:00:00 2001 From: Ravindra Kumar Date: Thu, 15 Aug 2024 18:51:54 -0700 Subject: [PATCH 250/375] Update README.md Updated open-vm-tools functionality and plugin details --- README.md | 46 +++++++++++++++++++++++++++++----------------- 1 file changed, 29 insertions(+), 17 deletions(-) diff --git a/README.md b/README.md index c9b84e2b9..ca2389515 100644 --- a/README.md +++ b/README.md @@ -4,35 +4,47 @@ open-vm-tools is a set of services and modules that enable several features in V open-vm-tools enables the following features in VMware products: -- The ability to perform virtual machine power operations gracefully. -- Execution of VMware provided or user configured scripts in guests during various power operations. -- The ability to run programs, commands and file system operation in guests to enhance guest automation. -- Authentication for guest operations. -- Periodic collection of network, disk, and memory usage information from the guest. -- Generation of heartbeat from guests to hosts so VMware's HA solution can determine guests' availability. -- Clock synchronization between guests and hosts or client desktops. -- Quiescing guest file systems to allow hosts to capture file-system-consistent guest snapshots. +- Graceful execution of power operations (reboot and shutdown) in the guest. +- Execution of built-in or user configured scripts in the guest during various power operations. +- Running programs, commands and file system operations in the guest to enhance guest automation. +- Authentication for guest operations. +- Generation of heartbeat from guest to host for vSphere HA solution to determine guest's availabilty. +- Clock synchronization between guest and host. +- Quiescing guest file systems to allow host to capture file-system-consistent guest snapshot. - Execution of pre-freeze and post-thaw scripts while quiescing guest file systems. -- The ability to customize guest operating systems immediately after powering on virtual machines. -- Enabling shared folders between host and guest file systems on VMware Workstation and VMware Fusion. -- Copying and pasting text, graphics, and files between guests and hosts or client desktops. +- Customization of the guest immediately after power on. +- Periodic collection of network, disk, and memory usage information from the guest. +- Resizing the graphical desktop screen of the guest. +- Shared Folders operations between host and guest file systems on VMware Workstation and VMware Fusion. +- Copying and pasting text, graphics, and files between guest and host or client desktops. +- Dragging and dropping files between guest and host UI. +- Periodic collection of running applications, services, and containers in the guest. +- Accessing content from GuestStore. +- Publishing data to Guest Data Publisher. +- Managing Salt-Minion desired state specified in a guest variable. ## Can you provide more details on the actual code being released? The following components have been released as open source software: - Linux, Solaris and FreeBSD drivers for various devices and file system access. -- The memory balloon driver for reclaiming memory from guests. - The PowerOps plugin to perform graceful power operation and run power scripts. -- The VIX plugin to run programs and commands, and perform file system operations in guests. -- The GuestInfo plugin to periodically collect various statistics from guests. +- The VIX plugin to run programs and commands, and perform file system operations in guest. +- The GuestInfo plugin to periodically collect various statistics from guest. - The TimeSync plugin to perform time synchronization. - The dndcp plugin to support drag and drop, and text and file copy/paste operations. - The ResolutionSet plugin to adjust guest screen resolutions automatically based on window sizes. +- The vmbackup plugin to support quiesced snapshot operation. +- The GuestStore plugin to support GuestStore operation. +- The gdp plugin to support guest data publishing operation. +- The AppInfo plugin to periodically collect application information. +- The ServiceDiscovery plugin to periodically collect service information. +- The ContainerInfo plugin to periodically collect container information. +- The ComponentMgr plugin to handle desired state operations. - The guest authentication service. - The toolbox command to perform disk wiping and shrinking, manage power scripts, and time synchronization. -- The guest SDK libraries to provide information about virtual machines to guests. -- Clients and servers for shared folders support. +- The guest SDK libraries to provide information about virtual machine to guest. +- Client and server for shared folders support. - Multiple monitor support. -- The GTK Toolbox UI. +- Other utilities. ## Is open-vm-tools available with Linux distributions? Yes. open-vm-tools packages for user space components are available with new versions of major Linux distributions, and are installed as part of the OS installation in several cases. Please refer to VMware KB article http://kb.vmware.com/kb/2073803 for details. All leading Linux vendors support open-vm-tools and bundle it with their products. For information about OS compatibility for open-vm-tools, see the From ff667e91221c0c7a3ac5c88506ae1d0f4fff5243 Mon Sep 17 00:00:00 2001 From: John Wolfe Date: Thu, 15 Aug 2024 20:15:19 -0700 Subject: [PATCH 251/375] Update README.md - Pick up the README.md file from the "devel" branch. --- README.md | 46 +++++++++++++++++++++++++++++----------------- 1 file changed, 29 insertions(+), 17 deletions(-) diff --git a/README.md b/README.md index c9b84e2b9..ca2389515 100644 --- a/README.md +++ b/README.md @@ -4,35 +4,47 @@ open-vm-tools is a set of services and modules that enable several features in V open-vm-tools enables the following features in VMware products: -- The ability to perform virtual machine power operations gracefully. -- Execution of VMware provided or user configured scripts in guests during various power operations. -- The ability to run programs, commands and file system operation in guests to enhance guest automation. -- Authentication for guest operations. -- Periodic collection of network, disk, and memory usage information from the guest. -- Generation of heartbeat from guests to hosts so VMware's HA solution can determine guests' availability. -- Clock synchronization between guests and hosts or client desktops. -- Quiescing guest file systems to allow hosts to capture file-system-consistent guest snapshots. +- Graceful execution of power operations (reboot and shutdown) in the guest. +- Execution of built-in or user configured scripts in the guest during various power operations. +- Running programs, commands and file system operations in the guest to enhance guest automation. +- Authentication for guest operations. +- Generation of heartbeat from guest to host for vSphere HA solution to determine guest's availabilty. +- Clock synchronization between guest and host. +- Quiescing guest file systems to allow host to capture file-system-consistent guest snapshot. - Execution of pre-freeze and post-thaw scripts while quiescing guest file systems. -- The ability to customize guest operating systems immediately after powering on virtual machines. -- Enabling shared folders between host and guest file systems on VMware Workstation and VMware Fusion. -- Copying and pasting text, graphics, and files between guests and hosts or client desktops. +- Customization of the guest immediately after power on. +- Periodic collection of network, disk, and memory usage information from the guest. +- Resizing the graphical desktop screen of the guest. +- Shared Folders operations between host and guest file systems on VMware Workstation and VMware Fusion. +- Copying and pasting text, graphics, and files between guest and host or client desktops. +- Dragging and dropping files between guest and host UI. +- Periodic collection of running applications, services, and containers in the guest. +- Accessing content from GuestStore. +- Publishing data to Guest Data Publisher. +- Managing Salt-Minion desired state specified in a guest variable. ## Can you provide more details on the actual code being released? The following components have been released as open source software: - Linux, Solaris and FreeBSD drivers for various devices and file system access. -- The memory balloon driver for reclaiming memory from guests. - The PowerOps plugin to perform graceful power operation and run power scripts. -- The VIX plugin to run programs and commands, and perform file system operations in guests. -- The GuestInfo plugin to periodically collect various statistics from guests. +- The VIX plugin to run programs and commands, and perform file system operations in guest. +- The GuestInfo plugin to periodically collect various statistics from guest. - The TimeSync plugin to perform time synchronization. - The dndcp plugin to support drag and drop, and text and file copy/paste operations. - The ResolutionSet plugin to adjust guest screen resolutions automatically based on window sizes. +- The vmbackup plugin to support quiesced snapshot operation. +- The GuestStore plugin to support GuestStore operation. +- The gdp plugin to support guest data publishing operation. +- The AppInfo plugin to periodically collect application information. +- The ServiceDiscovery plugin to periodically collect service information. +- The ContainerInfo plugin to periodically collect container information. +- The ComponentMgr plugin to handle desired state operations. - The guest authentication service. - The toolbox command to perform disk wiping and shrinking, manage power scripts, and time synchronization. -- The guest SDK libraries to provide information about virtual machines to guests. -- Clients and servers for shared folders support. +- The guest SDK libraries to provide information about virtual machine to guest. +- Client and server for shared folders support. - Multiple monitor support. -- The GTK Toolbox UI. +- Other utilities. ## Is open-vm-tools available with Linux distributions? Yes. open-vm-tools packages for user space components are available with new versions of major Linux distributions, and are installed as part of the OS installation in several cases. Please refer to VMware KB article http://kb.vmware.com/kb/2073803 for details. All leading Linux vendors support open-vm-tools and bundle it with their products. For information about OS compatibility for open-vm-tools, see the From a5f761ab56eb7afbb885e4ec57062657cfe0f171 Mon Sep 17 00:00:00 2001 From: Kruti Date: Tue, 27 Aug 2024 02:10:59 -0700 Subject: [PATCH 252/375] Change to common source file not applicable to open-vm-tools. --- open-vm-tools/lib/lock/ul.c | 21 +++++++++++++++++++-- 1 file changed, 19 insertions(+), 2 deletions(-) diff --git a/open-vm-tools/lib/lock/ul.c b/open-vm-tools/lib/lock/ul.c index 14c8d4b62..d376a98af 100644 --- a/open-vm-tools/lib/lock/ul.c +++ b/open-vm-tools/lib/lock/ul.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 2009-2019 VMware, Inc. All rights reserved. + * Copyright (c) 2009-2024 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -310,7 +311,23 @@ MXUserDumpAndPanic(MXUserHeader *header, // IN: MXUser_SetInPanic(); } - (*header->dumpFunc)(header); + if (header->badHeader) { + Warning("%s: Corrupt lock @ %p\n", __FUNCTION__, header); + + Warning("\tname %p\n", header->name); + Warning("\tsignature 0x%X\n", header->signature); + Warning("\trank 0x%X\n", header->rank); + + Warning("\tdumpFunc %p\n", header->dumpFunc); + Warning("\tstatsFunc %p\n", header->statsFunc); + + Warning("\titem.next %p\n", header->item.next); + Warning("\titem.prev %p\n", header->item.prev); + + Warning("\tserial number %"FMT64"u\n", header->serialNumber); + } else { + (*header->dumpFunc)(header); + } va_start(ap, fmt); msg = Str_SafeVasprintf(NULL, fmt, ap); From 4bdc04df610cebde943967dc2042f90b6597d2ad Mon Sep 17 00:00:00 2001 From: Kruti Date: Tue, 27 Aug 2024 02:10:59 -0700 Subject: [PATCH 253/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vmware/guestrpc/containerInfo.h | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/open-vm-tools/lib/include/vmware/guestrpc/containerInfo.h b/open-vm-tools/lib/include/vmware/guestrpc/containerInfo.h index f22edbcf8..0519b8860 100644 --- a/open-vm-tools/lib/include/vmware/guestrpc/containerInfo.h +++ b/open-vm-tools/lib/include/vmware/guestrpc/containerInfo.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 2021 VMware, Inc. All rights reserved. + * Copyright (c) 2021-2024 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -47,6 +48,7 @@ #define CONTAINERINFO_KEY "containerinfo" #define CONTAINERINFO_GUESTVAR_KEY "vmtools." CONTAINERINFO_KEY +#define CONTAINERINFO_GUESTINFO_KEY "guestinfo." CONTAINERINFO_GUESTVAR_KEY #define CONTAINERINFO_VERSION_1 1 #define CONTAINERINFO_KEY_VERSION "version" #define CONTAINERINFO_KEY_UPDATE_COUNTER "updateCounter" @@ -55,4 +57,4 @@ /* clang-format on */ -#endif \ No newline at end of file +#endif From 649d27de9347ee507e3e863b43e861b48e5f0506 Mon Sep 17 00:00:00 2001 From: Kruti Date: Tue, 27 Aug 2024 02:10:59 -0700 Subject: [PATCH 254/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_product_versions.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/vm_product_versions.h b/open-vm-tools/lib/include/vm_product_versions.h index 86cafbf64..afa39a370 100644 --- a/open-vm-tools/lib/include/vm_product_versions.h +++ b/open-vm-tools/lib/include/vm_product_versions.h @@ -285,7 +285,7 @@ //MARKER_FAST_UNCOMMENT_END // Last supported ESX version by VC. -#define VPX_MIN_HOST_VERSION "6.7.0" +#define VPX_MIN_HOST_VERSION "7.0.0" #define MAX_SUPPORTED_VI_VERSION "6.6" //from ovfTool/src/supportedVersions.h #define VCDB_CURRENT_SCHEMA_VERSION 900 // from PitCADatabase.h From bcc1be6f36d8a3d69c8a86f533d6deb27e6f2fda Mon Sep 17 00:00:00 2001 From: Kruti Date: Tue, 27 Aug 2024 02:10:59 -0700 Subject: [PATCH 255/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_basic_defs.h | 22 +++++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/vm_basic_defs.h b/open-vm-tools/lib/include/vm_basic_defs.h index 2a7039c2d..03620f599 100644 --- a/open-vm-tools/lib/include/vm_basic_defs.h +++ b/open-vm-tools/lib/include/vm_basic_defs.h @@ -274,7 +274,7 @@ Max(int a, int b) #define VMW_PAGE_SHIFT PAGE_SHIFT_4KB #define VMW_PAGE_SIZE PAGE_SIZE_4KB #else - #error + #error Could not determine page size information for this compiler. #endif #ifndef PAGE_SHIFT @@ -629,11 +629,27 @@ typedef int pid_t; #endif #undef ARM64_ONLY +#if defined(_MSC_VER) +/* + * Old MSVC versions (such as MSVC 14.29.30133, used to build Workstation's + * offset checker) are notorious to have non-standard __VA_ARGS__ handling. + */ +#if defined(VMX86_DESKTOP) && (_MSC_VER > 1929) +#pragma message("ERROR: Compiler version: " XSTR(_MSC_VER)) +#pragma message("ERROR: PR 3405101: Is __VA_ARGS__ hack needed for Arm & x86?") +#endif +#ifdef VM_ARM_64 +#define ARM64_ONLY(x) x +#else +#define ARM64_ONLY(x) +#endif +#else #ifdef VM_ARM_64 #define ARM64_ONLY(...) __VA_ARGS__ #else #define ARM64_ONLY(...) #endif +#endif #undef X86_ONLY #ifdef _MSC_VER @@ -641,6 +657,10 @@ typedef int pid_t; * Old MSVC versions (such as MSVC 14.29.30133, used to build Workstation's * offset checker) are notorious to have non-standard __VA_ARGS__ handling. */ +#if defined(VMX86_DESKTOP) && (_MSC_VER > 1929) +#pragma message("ERROR: Compiler version: " XSTR(_MSC_VER)) +#pragma message("ERROR: PR 3405101: Is __VA_ARGS__ hack needed for Arm & x86?") +#endif #ifdef VM_X86_ANY #define X86_ONLY(x) x #else From 159107b8027f122f8502adafbbc8ffc56b4ff7d7 Mon Sep 17 00:00:00 2001 From: Kruti Date: Tue, 27 Aug 2024 02:10:59 -0700 Subject: [PATCH 256/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/x86cpuid.h | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/x86cpuid.h b/open-vm-tools/lib/include/x86cpuid.h index 484f910e3..ebb1ac66f 100644 --- a/open-vm-tools/lib/include/x86cpuid.h +++ b/open-vm-tools/lib/include/x86cpuid.h @@ -510,6 +510,9 @@ FLAG( 6, 0, EDX, 1, 1, ENERGY_CAP_REPORTING, NO, 0 ) \ FIELD( 6, 0, EDX, 8, 4, HW_FEEDBACK_SIZE, NO, 0 ) \ FIELD( 6, 0, EDX, 16, 16, HW_FEEDBACK_INDEX, NO, 0 ) +#define CPUID_7_2_EDX_7 \ +FLAG( 7, 2, EDX, 7, 1, LEAF_7_2_EDX_RSVD, NO, 0) + /* LEVEL, SUB-LEVEL, REG, POS, SIZE, NAME, MON SUPP, HWV */ #define CPUID_FIELD_DATA_LEVEL_7 \ FIELD( 7, 0, EAX, 0, 32, LEAF_7_MAX_SUBLEVEL, YES, 18 ) \ @@ -623,7 +626,8 @@ FLAG( 7, 2, EDX, 2, 1, RRSBA_CTRL, YES, 21 ) \ FLAG( 7, 2, EDX, 3, 1, DDPD_U, YES, 21 ) \ FLAG( 7, 2, EDX, 4, 1, BHI_CTRL, YES, 21 ) \ FLAG( 7, 2, EDX, 5, 1, MCDT_NO, NO, 0 ) \ -FLAG( 7, 2, EDX, 6, 1, UC_LOCK_DISABLE, NO, 0 ) +FLAG( 7, 2, EDX, 6, 1, UC_LOCK_DISABLE, NO, 0 ) \ +CPUID_7_2_EDX_7 /* LEVEL, SUB-LEVEL, REG, POS, SIZE, NAME, MON SUPP, HWV */ #define CPUID_FIELD_DATA_LEVEL_9 \ From 6e7206dbd9be10e1c0853a4ac8b9982e3d307a7e Mon Sep 17 00:00:00 2001 From: Kruti Date: Tue, 27 Aug 2024 02:11:00 -0700 Subject: [PATCH 257/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_product_versions.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/vm_product_versions.h b/open-vm-tools/lib/include/vm_product_versions.h index afa39a370..1451636e4 100644 --- a/open-vm-tools/lib/include/vm_product_versions.h +++ b/open-vm-tools/lib/include/vm_product_versions.h @@ -376,7 +376,7 @@ #define PRECHECK_VERSION "e.x.p" #define VHSESDK_VERSION "1.0.0" #define VIEWVC_VERSION "14.0.2" -#define WCP_VERSION "0.1.9" +#define WCP_VERSION "0.1.10" #define VSTATS_VERSION "0.0.1" #define XVP_VERSION "1.0.0" /* From 0a0b23a5080bf6ccb58c69b9b214e0c25c628173 Mon Sep 17 00:00:00 2001 From: Kruti Date: Tue, 27 Aug 2024 02:11:00 -0700 Subject: [PATCH 258/375] Change to common source files not applicable to open-vm-tools. --- open-vm-tools/lib/include/conf.h | 5 ++-- open-vm-tools/tools.conf | 44 ++++++++++++++++---------------- 2 files changed, 25 insertions(+), 24 deletions(-) diff --git a/open-vm-tools/lib/include/conf.h b/open-vm-tools/lib/include/conf.h index 3778cf1c3..b48fd7754 100644 --- a/open-vm-tools/lib/include/conf.h +++ b/open-vm-tools/lib/include/conf.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 2002-2023 VMware, Inc. All rights reserved. + * Copyright (c) 2002-2024 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -697,7 +698,7 @@ #define CONFGROUPNAME_AMSI "giamsi" /* Default state of AMSI config*/ -#define VSEP_DEFAULT_AMSI_STATE FALSE +#define VSEP_DEFAULT_AMSI_STATE TRUE /** * Defines user-defined maximum AMSI client connections. diff --git a/open-vm-tools/tools.conf b/open-vm-tools/tools.conf index 210ed7b5f..4ce439230 100644 --- a/open-vm-tools/tools.conf +++ b/open-vm-tools/tools.conf @@ -1,4 +1,7 @@ -# Copyright (c) 2019-2023 VMware, Inc. All rights reserved. +/* ************************************************************************ + * Copyright (c) 2019-2024 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. + * *************************************************************************/ # "CAUTION: tools.conf is highly syntax sensitive file. Use extreme caution # while editing it. If modified, it is automatically re-loaded by @@ -546,24 +549,21 @@ # The giamsi plugin for the Windows AntiMalware Scan Interface (AMSI) configuration. -# By default the fileless AMSI is disabled. -# To enable the AMSI plugin set -#enabled=true - -# By default, the maximum client connections supported is 8. -# The values in range are 8 Date: Tue, 27 Aug 2024 02:11:00 -0700 Subject: [PATCH 259/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/guest_os.h | 2 +- open-vm-tools/lib/include/guest_os_tables.h | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/guest_os.h b/open-vm-tools/lib/include/guest_os.h index 9986ecadc..6af88c45d 100644 --- a/open-vm-tools/lib/include/guest_os.h +++ b/open-vm-tools/lib/include/guest_os.h @@ -271,7 +271,7 @@ Bool Gos_InSetArray(uint32 gos, const uint32 *set); BS(DARWIN17_64), BS(DARWIN18_64), \ BS(DARWIN19_64), BS(DARWIN20_64), \ BS(DARWIN21_64), BS(DARWIN22_64), \ - BS(DARWIN23_64) + BS(DARWIN23_64), BS(DARWIN24_64) #define ALLDARWIN ALLDARWIN32, ALLDARWIN64 diff --git a/open-vm-tools/lib/include/guest_os_tables.h b/open-vm-tools/lib/include/guest_os_tables.h index f6b382750..3a3e1fc0b 100644 --- a/open-vm-tools/lib/include/guest_os_tables.h +++ b/open-vm-tools/lib/include/guest_os_tables.h @@ -145,6 +145,7 @@ extern "C" { GOT(GUEST_OS_DARWIN21_64) /* Mac OS 12 */ \ GOT(GUEST_OS_DARWIN22_64) /* Mac OS 13 */ \ GOT(GUEST_OS_DARWIN23_64) /* Mac OS 14 */ \ + GOT(GUEST_OS_DARWIN24_64) /* Mac OS 15 */ \ GOT(GUEST_OS_OPENSERVER_5_AND_6) \ GOT(GUEST_OS_UNIXWARE7) \ GOT(GUEST_OS_NETWARE4) \ From d9a88f25df7cab16374c7ed0c1bc2b4640df22c8 Mon Sep 17 00:00:00 2001 From: Kruti Date: Tue, 27 Aug 2024 02:11:00 -0700 Subject: [PATCH 260/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/x86cpuid.h | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/x86cpuid.h b/open-vm-tools/lib/include/x86cpuid.h index ebb1ac66f..8536859b8 100644 --- a/open-vm-tools/lib/include/x86cpuid.h +++ b/open-vm-tools/lib/include/x86cpuid.h @@ -1337,7 +1337,9 @@ FLAG( 8A, 0, EDX, 24, 1, SVM_TLB_CTL, NO, 0 ) \ FLAG( 8A, 0, EDX, 25, 1, SVM_NMI_VIRT, NO, 0 ) \ FLAG( 8A, 0, EDX, 26, 1, SVM_IBS_VIRT, NO, 0 ) \ FLAG( 8A, 0, EDX, 27, 1, SVM_EXTLVT_OFFSET_FAULT, NO, 0 ) \ -FLAG( 8A, 0, EDX, 28, 1, SVM_VMCB_ADDR_CHK, NO, 0 ) +FLAG( 8A, 0, EDX, 28, 1, SVM_VMCB_ADDR_CHK, NO, 0 ) \ +FLAG( 8A, 0, EDX, 29, 1, SVM_BUS_LOCK_THRESHOLD, NO, 0 ) \ +FLAG( 8A, 0, EDX, 30, 1, SVM_IDLE_HLT, NO, 0 ) /* LEVEL, SUB-LEVEL, REG, POS, SIZE, NAME, MON SUPP, HWV */ #define CPUID_FIELD_DATA_LEVEL_819 \ From 97a7efcc67eb37628181666a642a439cf4bc0bab Mon Sep 17 00:00:00 2001 From: Kruti Date: Tue, 27 Aug 2024 02:11:00 -0700 Subject: [PATCH 261/375] Change to common source file not applicable to open-vm-tools. --- open-vm-tools/lib/file/filePosix.c | 22 +++++++++++++++++----- 1 file changed, 17 insertions(+), 5 deletions(-) diff --git a/open-vm-tools/lib/file/filePosix.c b/open-vm-tools/lib/file/filePosix.c index a62a0b2bf..f49b97fce 100644 --- a/open-vm-tools/lib/file/filePosix.c +++ b/open-vm-tools/lib/file/filePosix.c @@ -1611,6 +1611,8 @@ File_GetVMFSLockInfo(const char *path, // IN FS3_FileDescriptor *fileDesc = (FS3_FileDescriptor *)&dumpArgs.result.descriptor; FS3_DiskLock *diskLock = FS3_DISKLOCK(&fileDesc->lockBlock); + const UUID *theOwner; + if (dumpArgs.result.descriptorLength < sizeof(FS3_FileDescriptor)) { /* This should not happen. */ Log(LGPFX" %s: VMFS file descriptor size %u too small (need " @@ -1635,14 +1637,24 @@ File_GetVMFSLockInfo(const char *path, // IN goto exit; } - *outVMFSMacAddr = Str_SafeAsprintf(NULL, FS_UUID_FMTSTR, - FS_UUID_VAARGS(diskLock->numHolders == 0 ? - &diskLock->owner : &diskLock->holders[0].uid)); + if (diskLock->numHolders == 0) { + theOwner = &diskLock->owner; + } else { + theOwner = &diskLock->holders[0].uid; + } } else { /* Exclusive lock, so there is only one owner. */ - *outVMFSMacAddr = Str_SafeAsprintf(NULL, FS_UUID_FMTSTR, - FS_UUID_VAARGS(&diskLock->owner)); + theOwner = &diskLock->owner; } + + *outVMFSMacAddr = Str_SafeAsprintf(NULL, + "%02x:%02x:%02x:%02x:%02x:%02x", + theOwner->macAddr[0], + theOwner->macAddr[1], + theOwner->macAddr[2], + theOwner->macAddr[3], + theOwner->macAddr[4], + theOwner->macAddr[5]); } ret = 0; From c401bc0af27dd6928970cad4f6af5f22d48dc7a7 Mon Sep 17 00:00:00 2001 From: Kruti Date: Tue, 27 Aug 2024 02:11:00 -0700 Subject: [PATCH 262/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_product_versions.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/open-vm-tools/lib/include/vm_product_versions.h b/open-vm-tools/lib/include/vm_product_versions.h index 1451636e4..4af5e9aeb 100644 --- a/open-vm-tools/lib/include/vm_product_versions.h +++ b/open-vm-tools/lib/include/vm_product_versions.h @@ -356,11 +356,11 @@ //#define VDDK_FILE_VERSION gVddkFileVersion //MARKER_FAST_UNCOMMENT_END -#define OVFTOOL_VERSION "4.6.3" +#define OVFTOOL_VERSION "4.7.0" #define VCSA_INSTALLER_VERSION "1.0.0" //MARKER_FAST_REMOVE_START -#define OVFTOOL_FILE_VERSION 4,6,3,PRODUCT_BUILD_NUMBER_NUMERIC +#define OVFTOOL_FILE_VERSION 4,7,0,PRODUCT_BUILD_NUMBER_NUMERIC //MARKER_FAST_REMOVE_END //MARKER_FAST_UNCOMMENT_START //#define OVFTOOL_FILE_VERSION gOvftoolFileVersion From 86b308ab9eb8e4c3e154b30861cb66802c9e4624 Mon Sep 17 00:00:00 2001 From: Kruti Date: Tue, 27 Aug 2024 02:11:00 -0700 Subject: [PATCH 263/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_basic_types.h | 24 +++++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/vm_basic_types.h b/open-vm-tools/lib/include/vm_basic_types.h index 0a36e3246..e0c38ed95 100644 --- a/open-vm-tools/lib/include/vm_basic_types.h +++ b/open-vm-tools/lib/include/vm_basic_types.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 1998-2023 VMware, Inc. All rights reserved. + * Copyright (c) 1998-2024 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -961,6 +962,27 @@ typedef void * UserVA; #define ALIGNED(n) #endif +#ifndef __has_attribute +# define __has_attribute(x) 0 +#endif + +/* + * COUNTED_BY attribute may be attached to the C99 flexible array + * member of a structure. It indicates that the number of the elements + * of the array is given by the field "member" in the same structure as + * the flexible array member. Compilers may use this information to + * improve detection of object size information for such structures + * and provide better results in compile-time diagnostics and runtime + * features like the array bound sanitizer. + * + * https://people.kernel.org/kees/bounded-flexible-arrays-in-c + */ + +#if __has_attribute(__counted_by__) +# define COUNTED_BY(member) __attribute__((__counted_by__(member))) +#else +# define COUNTED_BY(member) +#endif /* * Once upon a time, this was used to silence compiler warnings that From 5413628f892125da221bd180bfb861b3e773159c Mon Sep 17 00:00:00 2001 From: Kruti Date: Tue, 27 Aug 2024 02:11:00 -0700 Subject: [PATCH 264/375] Annotate the os-release guest identification function HostinfoOsRelease() The HostinfoOsRelease() function examines the os-release standard file(s) to collect distro identification data of interest. This is open-source and users can legally modify the code changing the standard file priority order or accessing other files. Any such change breaks compliance with the os-release standard and may cause confusion in the field. The function header has been updated to remind users of this issue. --- open-vm-tools/lib/misc/hostinfoPosix.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/open-vm-tools/lib/misc/hostinfoPosix.c b/open-vm-tools/lib/misc/hostinfoPosix.c index 8002c6f25..542195776 100644 --- a/open-vm-tools/lib/misc/hostinfoPosix.c +++ b/open-vm-tools/lib/misc/hostinfoPosix.c @@ -1821,6 +1821,11 @@ HostinfoGetCmdOutput(const char *cmd) // IN: * * https://www.linux.org/docs/man5/os-release.html * + * IF THIS ROUTINE IS MODIFIED IN ANY WAY - DIRECTLY OR INDIRECTLY - TO + * USE FILES OTHER THAN THOSE OFFICIALLY SANCTIONED BY THE os-release + * STANDARD, THE CODE IS NO LONGER IN COMPLIANCE WITH THE os-release + * STANDARD AND VMware IS NOT RESPONSIBLE FOR THE BEHAVIOR THAT RESULTS. + * * Return value: * -1 Failure. No data returned. * 0..n Success. A "score", the number of interesting pieces of data From 26ed84ded19e61801b752f3a606187ea2745e57a Mon Sep 17 00:00:00 2001 From: Kruti Date: Tue, 27 Aug 2024 02:11:00 -0700 Subject: [PATCH 265/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/x86cpuid.h | 39 +++++++++++++++++++++++++--- 1 file changed, 35 insertions(+), 4 deletions(-) diff --git a/open-vm-tools/lib/include/x86cpuid.h b/open-vm-tools/lib/include/x86cpuid.h index 8536859b8..1b8241129 100644 --- a/open-vm-tools/lib/include/x86cpuid.h +++ b/open-vm-tools/lib/include/x86cpuid.h @@ -165,6 +165,7 @@ typedef struct CPUIDQuery { CPUIDLEVEL(TRUE, 20, 0x20, 1, 20) \ CPUIDLEVEL(TRUE, 21, 0x21, 1, 20) \ CPUIDLEVEL(TRUE, 23, 0x23, 4, 21) \ + CPUIDLEVEL(TRUE, 24, 0x24, 1, 22) \ CPUIDLEVEL(FALSE, 400, 0x40000000, 0, 0) \ CPUIDLEVEL(FALSE, 401, 0x40000001, 0, 0) \ CPUIDLEVEL(FALSE, 402, 0x40000002, 0, 0) \ @@ -471,6 +472,7 @@ FIELD( 5, 0, EAX, 0, 16, MWAIT_MIN_SIZE, NA, 0 ) \ FIELD( 5, 0, EBX, 0, 16, MWAIT_MAX_SIZE, NA, 0 ) \ FLAG( 5, 0, ECX, 0, 1, MWAIT_EXTENSIONS, NA, 0 ) \ FLAG( 5, 0, ECX, 1, 1, MWAIT_INTR_BREAK, NA, 0 ) \ +FLAG( 5, 0, ECX, 3, 1, MONITORLESS_MWAIT, NA, 0 ) \ FIELD( 5, 0, EDX, 0, 4, MWAIT_C0_SUBSTATE, NA, 0 ) \ FIELD( 5, 0, EDX, 4, 4, MWAIT_C1_SUBSTATE, NA, 0 ) \ FIELD( 5, 0, EDX, 8, 4, MWAIT_C2_SUBSTATE, NA, 0 ) \ @@ -498,6 +500,7 @@ FLAG( 6, 0, EAX, 17, 1, HWP_FLEXIBLE, NO, 0 ) \ FLAG( 6, 0, EAX, 18, 1, HWP_FAST_ACCESS, NO, 0 ) \ FLAG( 6, 0, EAX, 19, 1, HW_FEEDBACK, NO, 0 ) \ FLAG( 6, 0, EAX, 20, 1, HWP_IGNORE_IDLE_REQUEST, NO, 0 ) \ +FLAG( 6, 0, EAX, 22, 1, HWP_CTL_MSR, NO, 0 ) \ FLAG( 6, 0, EAX, 23, 1, HW_FEEDBACK_ENHANCED, NO, 0 ) \ FLAG( 6, 0, EAX, 24, 1, HWP_THERM_INTERRUPT_MSR, NO, 0 ) \ FIELD( 6, 0, EBX, 0, 4, NUM_INTR_THRESHOLDS, NO, 0 ) \ @@ -510,9 +513,6 @@ FLAG( 6, 0, EDX, 1, 1, ENERGY_CAP_REPORTING, NO, 0 ) \ FIELD( 6, 0, EDX, 8, 4, HW_FEEDBACK_SIZE, NO, 0 ) \ FIELD( 6, 0, EDX, 16, 16, HW_FEEDBACK_INDEX, NO, 0 ) -#define CPUID_7_2_EDX_7 \ -FLAG( 7, 2, EDX, 7, 1, LEAF_7_2_EDX_RSVD, NO, 0) - /* LEVEL, SUB-LEVEL, REG, POS, SIZE, NAME, MON SUPP, HWV */ #define CPUID_FIELD_DATA_LEVEL_7 \ FIELD( 7, 0, EAX, 0, 32, LEAF_7_MAX_SUBLEVEL, YES, 18 ) \ @@ -599,6 +599,9 @@ FLAG( 7, 0, EDX, 28, 1, FCMD, YES, 9 ) \ FLAG( 7, 0, EDX, 29, 1, ARCH_CAPABILITIES, ANY, 9 ) \ FLAG( 7, 0, EDX, 30, 1, CORE_CAPABILITIES, NO, 0 ) \ FLAG( 7, 0, EDX, 31, 1, SSBD, YES, 9 ) \ +FLAG( 7, 1, EAX, 0, 1, SHA512, NO, 0 ) \ +FLAG( 7, 1, EAX, 1, 1, SM3, NO, 0 ) \ +FLAG( 7, 1, EAX, 2, 1, SM4, NO, 0 ) \ FLAG( 7, 1, EAX, 3, 1, RAO_INT, NO, 0 ) \ FLAG( 7, 1, EAX, 4, 1, AVX_VNNI, YES, 20 ) \ FLAG( 7, 1, EAX, 5, 1, AVX512BF16, YES, 18 ) \ @@ -608,17 +611,24 @@ FLAG( 7, 1, EAX, 8, 1, ARCH_PERFMON_EXT, NO, 0 ) \ FLAG( 7, 1, EAX, 10, 1, FAST_ZERO_MOVSB, YES, 20 ) \ FLAG( 7, 1, EAX, 11, 1, FAST_SHORT_STOSB, YES, 20 ) \ FLAG( 7, 1, EAX, 12, 1, FAST_SHORT_CMPSB_SCASB, YES, 20 ) \ +FLAG( 7, 1, EAX, 17, 1, FRED, NO, 0 ) \ +FLAG( 7, 1, EAX, 18, 1, LKGS, NO, 0 ) \ FLAG( 7, 1, EAX, 19, 1, WRMSRNS, NO, 0 ) \ +FLAG( 7, 1, EAX, 20, 1, NMI_SRC, NO, 0 ) \ FLAG( 7, 1, EAX, 21, 1, AMX_FP16, YES, 21 ) \ FLAG( 7, 1, EAX, 22, 1, HRESET, NO, 0 ) \ FLAG( 7, 1, EAX, 23, 1, AVX_IFMA, YES, 22 ) \ FLAG( 7, 1, EAX, 26, 1, LAM, YES, 22 ) \ FLAG( 7, 1, EAX, 27, 1, MSRLIST, NO, 0 ) \ FLAG( 7, 1, EBX, 0, 1, LEAF7_PPIN, NO, 0 ) \ +FLAG( 7, 1, EBX, 1, 1, PBNDKB, NO, 0 ) \ FLAG( 7, 1, EDX, 4, 1, AVX_VNNI_INT8, YES, 22 ) \ FLAG( 7, 1, EDX, 5, 1, AVX_NE_CONVERT, YES, 22 ) \ FLAG( 7, 1, EDX, 8, 1, AMX_COMPLEX, NO, 0 ) \ +FLAG( 7, 1, EDX, 10, 1, AVX_VNNI_INT16, NO, 0 ) \ +FLAG( 7, 1, EDX, 13, 1, UTMR, NO, 0 ) \ FLAG( 7, 1, EDX, 14, 1, PREFETCHI, YES, 21 ) \ +FLAG( 7, 1, EDX, 15, 1, USER_MSR, NO, 0 ) \ FLAG( 7, 1, EDX, 18, 1, CET_SSS, NO, 0 ) \ FLAG( 7, 2, EDX, 0, 1, PSFD, YES, 20 ) \ FLAG( 7, 2, EDX, 1, 1, IPRED_CTRL, YES, 21 ) \ @@ -627,7 +637,9 @@ FLAG( 7, 2, EDX, 3, 1, DDPD_U, YES, 21 ) \ FLAG( 7, 2, EDX, 4, 1, BHI_CTRL, YES, 21 ) \ FLAG( 7, 2, EDX, 5, 1, MCDT_NO, NO, 0 ) \ FLAG( 7, 2, EDX, 6, 1, UC_LOCK_DISABLE, NO, 0 ) \ -CPUID_7_2_EDX_7 +FLAG( 7, 2, EDX, 7, 1, MONITOR_MITG_NO, NO, 0 ) \ +FLAG( 7, 2, EDX, 19, 1, AVX10, NO, 0 ) \ +FLAG( 7, 2, EDX, 21, 1, APX_F, NO, 0 ) /* LEVEL, SUB-LEVEL, REG, POS, SIZE, NAME, MON SUPP, HWV */ #define CPUID_FIELD_DATA_LEVEL_9 \ @@ -849,15 +861,20 @@ FLAG( 14, 0, EBX, 5, 1, PT_POWER_EVENT, NO, 0 ) \ FLAG( 14, 0, EBX, 6, 1, PT_PSB_PMI, NO, 0 ) \ FLAG( 14, 0, EBX, 7, 1, PT_EVENT_TRACE_ENABLE, NO, 0 ) \ FLAG( 14, 0, EBX, 8, 1, PT_TNT_DISABLE, NO, 0 ) \ +FLAG( 14, 0, EBX, 9, 1, PT_TRIGGERING, NO, 0 ) \ FLAG( 14, 0, ECX, 0, 1, PT_TOPA, NO, 0 ) \ FLAG( 14, 0, ECX, 1, 1, PT_TOPA_MULTI, NO, 0 ) \ FLAG( 14, 0, ECX, 2, 1, PT_SRO, NO, 0 ) \ FLAG( 14, 0, ECX, 3, 1, PT_TRACE_TRANS, NO, 0 ) \ FLAG( 14, 0, ECX, 31, 1, PT_LIP, NO, 0 ) \ FIELD( 14, 1, EAX, 0, 3, PT_NUM_ADDR_RANGES, NO, 0 ) \ +FIELD( 14, 1, EAX, 8, 3, PT_NUM_RTIT_TRIGGERS, NO, 0 ) \ FIELD( 14, 1, EAX, 16, 16, PT_AVAIL_MTC_ENCS, NO, 0 ) \ FIELD( 14, 1, EBX, 0, 16, PT_AVAIL_CYC_THRESH_ENCS, NO, 0 ) \ FIELD( 14, 1, EBX, 16, 16, PT_AVAIL_PSB_FREQ_ENCS, NO, 0 ) \ +FLAG( 14, 1, ECX, 0, 1, PT_TRIG_ACTION_ATTR, NO, 0 ) \ +FLAG( 14, 1, ECX, 1, 1, PT_TRIG_PAUSE_RESUME, NO, 0 ) \ +FLAG( 14, 1, ECX, 15, 1, PT_TRIG_DR_MATCH, NO, 0 ) /* LEVEL, SUB-LEVEL, REG, POS, SIZE, NAME, MON SUPP, HWV */ #define CPUID_FIELD_DATA_LEVEL_15 \ @@ -984,8 +1001,13 @@ FIELD( 21, 0, EDX, 0, 32, TDX_VENDOR2, NO, 0 ) FIELD( 23, 0, EAX, 0, 32, ARCH_PMC_MAX_SUBLEAF, NO, 0 ) \ FLAG( 23, 0, EBX, 0, 1, ARCH_PMC_UNITMASK2, NO, 0 ) \ FLAG( 23, 0, EBX, 1, 1, ARCH_PMC_ZBIT, NO, 0 ) \ +FIELD( 23, 0, ECX, 0, 8, ARCH_PMC_SLOTS_PER_CYCLE, NO, 0 ) \ FIELD( 23, 1, EAX, 0, 32, ARCH_PMC_GEN_BITMAP, NO, 0 ) \ FIELD( 23, 1, EBX, 0, 32, ARCH_PMC_FIXED_BITMAP, NO, 0 ) \ +FIELD( 23, 2, EAX, 0, 32, ARCH_PMC_GEN_RELOADABLE_BITMAP, NO, 0 ) \ +FIELD( 23, 2, EBX, 0, 32, ARCH_PMC_FIXED_RELOADABLE_BITMAP, NO, 0 ) \ +FIELD( 23, 2, ECX, 0, 32, ARCH_PMC_GEN_CAN_RELOAD_BITMAP, NO, 0 ) \ +FIELD( 23, 2, EDX, 0, 32, ARCH_PMC_FIXED_CAN_RELOAD_BITMAP, NO, 0 ) \ FLAG( 23, 3, EAX, 0, 1, ARCH_PMC_CORE_CYCLES, NO, 0 ) \ FLAG( 23, 3, EAX, 1, 1, ARCH_PMC_INSTR_RETIRED, NO, 0 ) \ FLAG( 23, 3, EAX, 2, 1, ARCH_PMC_REF_CYCLES, NO, 0 ) \ @@ -999,6 +1021,14 @@ FLAG( 23, 3, EAX, 9, 1, ARCH_PMC_TOPDOWN_BAD_SPEC, NO, 0 ) \ FLAG( 23, 3, EAX, 10, 1, ARCH_PMC_TOPDOWN_FRONTEND, NO, 0 ) \ FLAG( 23, 3, EAX, 11, 1, ARCH_PMC_TOPDOWN_RETIRE, NO, 0 ) +/* LEVEL, SUB-LEVEL, REG, POS, SIZE, NAME, MON SUPP, HWV */ +#define CPUID_FIELD_DATA_LEVEL_24 \ +FIELD( 24, 0, EAX, 0, 32, AVX10_MAX_SUBLEAF, NO, 0 ) \ +FIELD( 24, 0, EBX, 0, 8, AVX10_VERSION, NO, 0 ) \ +FLAG( 24, 0, EBX, 16, 1, AVX10_128, NO, 0 ) \ +FLAG( 24, 0, EBX, 17, 1, AVX10_256, NO, 0 ) \ +FLAG( 24, 0, EBX, 18, 1, AVX10_512, NO, 0 ) + /* LEVEL, SUB-LEVEL, REG, POS, SIZE, NAME, MON SUPP, HWV */ #define CPUID_FIELD_DATA_LEVEL_400 \ FIELD(400, 0, EAX, 0, 32, MAX_HYP_LEVEL, NA, 0 ) \ @@ -1561,6 +1591,7 @@ FIELD(826, 0, EDX, 0, 32, AMD_TOPOLOGY_EXT_APIC_ID, NA, 0 ) CPUID_FIELD_DATA_LEVEL_20 \ CPUID_FIELD_DATA_LEVEL_21 \ CPUID_FIELD_DATA_LEVEL_23 \ + CPUID_FIELD_DATA_LEVEL_24 \ CPUID_FIELD_DATA_LEVEL_400 \ CPUID_FIELD_DATA_LEVEL_401 \ CPUID_FIELD_DATA_LEVEL_402 \ From 2197581c0da08a4a574703cf56eca39c90ad1a40 Mon Sep 17 00:00:00 2001 From: Kruti Date: Tue, 27 Aug 2024 02:11:00 -0700 Subject: [PATCH 266/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_product_versions.h | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/open-vm-tools/lib/include/vm_product_versions.h b/open-vm-tools/lib/include/vm_product_versions.h index 4af5e9aeb..345ee0a75 100644 --- a/open-vm-tools/lib/include/vm_product_versions.h +++ b/open-vm-tools/lib/include/vm_product_versions.h @@ -525,14 +525,14 @@ # define PRODUCT_LICENSE_VERSION "0.0" #else # if defined(VMX86_SERVER) -# define PRODUCT_LICENSE_VERSION "8.0" +# define PRODUCT_LICENSE_VERSION "9.0" # elif defined(VMX86_VMRC) /* check VMX86_VMRC before VMX86_DESKTOP */ # define PRODUCT_LICENSE_VERSION PRODUCT_VMRC_VERSION_STRING_FOR_LICENSE # elif defined(VMX86_FLEX) /* check VMX86_FLEX before VMX86_DESKTOP */ # define PRODUCT_LICENSE_VERSION PRODUCT_FLEX_VERSION_STRING_FOR_LICENSE # elif defined(VMX86_VPX) -# define PRODUCT_LICENSE_VERSION "8.0" -# define PRODUCT_LICENSE_FILE_VERSION "8.0.5.1" +# define PRODUCT_LICENSE_VERSION "9.0" +# define PRODUCT_LICENSE_FILE_VERSION "9.0.0.0" # elif defined(VMX86_SDK) # define PRODUCT_LICENSE_VERSION "1.0" # elif defined(VMX86_P2V) @@ -549,8 +549,8 @@ # endif # define PRODUCT_VERSION_STRING_FOR_LICENSE PRODUCT_LICENSE_VERSION #endif -#define PRODUCT_ESX_LICENSE_VERSION "8.0" -#define PRODUCT_ESX_LICENSE_FILE_VERSION "8.0.5.0" +#define PRODUCT_ESX_LICENSE_VERSION "9.0" +#define PRODUCT_ESX_LICENSE_FILE_VERSION "9.0.0.0" /* * The configuration file version string should be changed From 21a843e74da24401049f40efeb313a858de53b07 Mon Sep 17 00:00:00 2001 From: Kruti Date: Tue, 27 Aug 2024 02:11:00 -0700 Subject: [PATCH 267/375] Change to common source files not applicable to open-vm-tools. --- .../plugins/dndcp/stringxx/autoCPtr.hh | 93 +++++-------------- .../services/plugins/dndcp/stringxx/string.cc | 13 ++- .../plugins/dndcp/stringxx/ubstr_t.hh | 7 +- 3 files changed, 35 insertions(+), 78 deletions(-) diff --git a/open-vm-tools/services/plugins/dndcp/stringxx/autoCPtr.hh b/open-vm-tools/services/plugins/dndcp/stringxx/autoCPtr.hh index c78eb509c..4cf706f75 100644 --- a/open-vm-tools/services/plugins/dndcp/stringxx/autoCPtr.hh +++ b/open-vm-tools/services/plugins/dndcp/stringxx/autoCPtr.hh @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 2014-2018 VMware, Inc. All rights reserved. + * Copyright (c) 2014-2024 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -16,80 +17,36 @@ * *********************************************************/ +#ifndef AUTOCPTR_HH +#define AUTOCPTR_HH + +#include + + /* - * autoCPtr.hh -- + *----------------------------------------------------------------------------- + * + * auto_unique -- * - * A simple, std::auto_ptr-like class for managing memory usually - * allocated by C functions. + * A helper function to create and return std::unique_ptr objects with + * deduced types. * - * Unlike std::auto_ptr, allows providing a customer deleter and disallows - * copying. This is basically a wanna-be std::unique_ptr for platforms - * that don't have C++11 available yet. + * Returns: + * Returns the constructed std::unique_ptr. * - * XXX: When everything uses C++11, this can be replaced with - * std::unique_ptr. + * Usage: + * auto foo = auto_unique(AllocateFoo(), DeleteFoo); + * + *----------------------------------------------------------------------------- */ -#ifndef AUTOCPTR_HH -#define AUTOCPTR_HH - -#include -#include - - -template -class AutoCPtr +template> +std::unique_ptr +auto_unique(T* p, // IN + Deleter deleter = Deleter()) // IN/OPT { -private: - typedef AutoCPtr SelfType; - -public: - explicit AutoCPtr(T* p = NULL, // IN/OPT - FreeFunc f = std::free) // IN/OPT - : mP(p), - mFree(f) - { - } - - ~AutoCPtr() { mFree(mP); } - - void reset(T* p = NULL) // IN/OPT - { - if (p == mP) { - return; - } - - SelfType copy(mP, mFree); - mP = p; - } - - T* release() - { - T* p = mP; - mP = NULL; - return p; - } - - T* get() const { return mP; } - T* operator->() const { return mP; } - T& operator*() const { return *mP; } - - void swap(SelfType& other) // IN/OUT - { - using std::swap; - swap(mP, other.mP); - swap(mFree, other.mFree); - } - -private: - T* mP; - FreeFunc mFree; - -private: - // Non-copyable. - AutoCPtr(const SelfType&); - SelfType& operator=(const SelfType&); -}; + return {p, deleter}; +} #endif // AUTOCPTR_HH diff --git a/open-vm-tools/services/plugins/dndcp/stringxx/string.cc b/open-vm-tools/services/plugins/dndcp/stringxx/string.cc index 9b7fea7c8..bd6da4848 100644 --- a/open-vm-tools/services/plugins/dndcp/stringxx/string.cc +++ b/open-vm-tools/services/plugins/dndcp/stringxx/string.cc @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 2008-2019,2022 VMware, Inc. All rights reserved. + * Copyright (c) 2008-2024 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -169,7 +170,7 @@ string::string(const _bstr_t &s) // IN return; } - mUstr = AutoCPtr( + mUstr = auto_unique( Unicode_AllocWithUTF16(static_cast(s)), free).get(); ASSERT(Validate(mUstr)); @@ -240,8 +241,7 @@ string::string(const utf16_t *s) // IN */ mUtf16Cache = Unicode_UTF16Strdup(s); - mUstr = AutoCPtr(Unicode_AllocWithUTF16(s), - free).get(); + mUstr = auto_unique(Unicode_AllocWithUTF16(s), free).get(); ASSERT(Validate(mUstr)); } @@ -273,8 +273,7 @@ string::string(const char *s, // IN return; } - mUstr = AutoCPtr(Unicode_Alloc(s, encoding), - free).get(); + mUstr = auto_unique(Unicode_Alloc(s, encoding), free).get(); ASSERT(Validate(mUstr)); } @@ -2194,7 +2193,7 @@ CopyAndFree(char* utf8, // IN void (*freeFunc)(void*)) // IN/OPT { ASSERT(utf8 != NULL); - return AutoCPtr(utf8, freeFunc).get(); + return auto_unique(utf8, freeFunc).get(); } diff --git a/open-vm-tools/services/plugins/dndcp/stringxx/ubstr_t.hh b/open-vm-tools/services/plugins/dndcp/stringxx/ubstr_t.hh index 9713ee8ff..74f55f8b8 100644 --- a/open-vm-tools/services/plugins/dndcp/stringxx/ubstr_t.hh +++ b/open-vm-tools/services/plugins/dndcp/stringxx/ubstr_t.hh @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 2008-2019,2021-2023 VMware, Inc. All rights reserved. + * Copyright (c) 2008-2024 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -238,7 +239,7 @@ ubstr_t::ubstr_t(const char *s) // IN: A UTF-8-encoded string. if (s != NULL) { // Since we already have the UTF-8 version of the string, cache it now. mUTF8 = std::shared_ptr(new UTF8Data(Util_SafeStrdup(s))); - mBstr = AutoCPtr(Unicode_GetAllocUTF16(s), free).get(); + mBstr = auto_unique(Unicode_GetAllocUTF16(s), free).get(); } } @@ -815,7 +816,7 @@ ubstr_t::GetUTF8Cache() } if (mUTF8->Get() == NULL) { - AutoCPtr utf8Str( + auto utf8Str = auto_unique( Unicode_AllocWithUTF16(static_cast(mBstr)), free); mUTF8->Set(utf8Str.get()); From 25fe7db3739a021103b4dca64255531be02602cd Mon Sep 17 00:00:00 2001 From: Kruti Date: Tue, 27 Aug 2024 02:27:38 -0700 Subject: [PATCH 268/375] Update copyright pattern for tools.conf. --- open-vm-tools/tools.conf | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/open-vm-tools/tools.conf b/open-vm-tools/tools.conf index 4ce439230..046266d7f 100644 --- a/open-vm-tools/tools.conf +++ b/open-vm-tools/tools.conf @@ -1,7 +1,7 @@ -/* ************************************************************************ - * Copyright (c) 2019-2024 Broadcom. All Rights Reserved. - * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. - * *************************************************************************/ +# ************************************************************************ +# Copyright (c) 2019-2024 Broadcom. All Rights Reserved. +# The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. +# ************************************************************************* # "CAUTION: tools.conf is highly syntax sensitive file. Use extreme caution # while editing it. If modified, it is automatically re-loaded by @@ -566,4 +566,4 @@ # The range of values supported are 4096 Date: Tue, 27 Aug 2024 02:31:46 -0700 Subject: [PATCH 269/375] Update ChangeLog with the granular push of Aug 27, 2024. - plus Copyright pattern update of file tools.conf - plus README.md update of Aug 15, 2024. - plus ChangeLog update of July 15, 2024. --- open-vm-tools/ChangeLog | 124 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 124 insertions(+) diff --git a/open-vm-tools/ChangeLog b/open-vm-tools/ChangeLog index 71fee94d3..86e2d888b 100644 --- a/open-vm-tools/ChangeLog +++ b/open-vm-tools/ChangeLog @@ -1,3 +1,127 @@ +commit 25fe7db3739a021103b4dca64255531be02602cd +Author: Kruti +Date: Tue Aug 27 02:27:38 2024 -0700 + + Update copyright pattern for tools.conf. + +commit 21a843e74da24401049f40efeb313a858de53b07 +Author: Kruti +Date: Tue Aug 27 02:11:00 2024 -0700 + + Change to common source files not applicable to open-vm-tools. + +commit 2197581c0da08a4a574703cf56eca39c90ad1a40 +Author: Kruti +Date: Tue Aug 27 02:11:00 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit 26ed84ded19e61801b752f3a606187ea2745e57a +Author: Kruti +Date: Tue Aug 27 02:11:00 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit 5413628f892125da221bd180bfb861b3e773159c +Author: Kruti +Date: Tue Aug 27 02:11:00 2024 -0700 + + Annotate the os-release guest identification function HostinfoOsRelease() + + The HostinfoOsRelease() function examines the os-release standard file(s) to + collect distro identification data of interest. This is open-source and users + can legally modify the code changing the standard file priority order or + accessing other files. Any such change breaks compliance with the os-release + standard and may cause confusion in the field. + The function header has been updated to remind users of this issue. + +commit 86b308ab9eb8e4c3e154b30861cb66802c9e4624 +Author: Kruti +Date: Tue Aug 27 02:11:00 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit c401bc0af27dd6928970cad4f6af5f22d48dc7a7 +Author: Kruti +Date: Tue Aug 27 02:11:00 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit 97a7efcc67eb37628181666a642a439cf4bc0bab +Author: Kruti +Date: Tue Aug 27 02:11:00 2024 -0700 + + Change to common source file not applicable to open-vm-tools. + +commit d9a88f25df7cab16374c7ed0c1bc2b4640df22c8 +Author: Kruti +Date: Tue Aug 27 02:11:00 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit 41d772c7ea21442f447872f52ec2fb7bd92d98b3 +Author: Kruti +Date: Tue Aug 27 02:11:00 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit 0a0b23a5080bf6ccb58c69b9b214e0c25c628173 +Author: Kruti +Date: Tue Aug 27 02:11:00 2024 -0700 + + Change to common source files not applicable to open-vm-tools. + +commit 6e7206dbd9be10e1c0853a4ac8b9982e3d307a7e +Author: Kruti +Date: Tue Aug 27 02:11:00 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit 159107b8027f122f8502adafbbc8ffc56b4ff7d7 +Author: Kruti +Date: Tue Aug 27 02:10:59 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit bcc1be6f36d8a3d69c8a86f533d6deb27e6f2fda +Author: Kruti +Date: Tue Aug 27 02:10:59 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit 649d27de9347ee507e3e863b43e861b48e5f0506 +Author: Kruti +Date: Tue Aug 27 02:10:59 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit 4bdc04df610cebde943967dc2042f90b6597d2ad +Author: Kruti +Date: Tue Aug 27 02:10:59 2024 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit a5f761ab56eb7afbb885e4ec57062657cfe0f171 +Author: Kruti +Date: Tue Aug 27 02:10:59 2024 -0700 + + Change to common source file not applicable to open-vm-tools. + +commit 582763347e3384a1fa1abb77a6b9c20d7c353753 +Author: Ravindra Kumar +Date: Thu Aug 15 18:51:54 2024 -0700 + + Update README.md + + Updated open-vm-tools functionality and plugin details + +commit 88c4194d2c6fb1804159cd36dd7d68e984afc495 +Author: Kruti +Date: Mon Jul 15 03:00:20 2024 -0700 + + Update ChangeLog with the granular push of July 15, 2024. + - plus ChangeLog update of May 28, 2024. + commit 567b94a40a5fe8f478dfe37b3b87fc9106028e45 Author: Kruti Date: Mon Jul 15 02:56:39 2024 -0700 From a167dff31e77d9599454667220b23dac304fed46 Mon Sep 17 00:00:00 2001 From: John Wolfe Date: Tue, 24 Sep 2024 14:31:17 -0700 Subject: [PATCH 270/375] ==================================================================== The "stable-12.5.x" branch was created from the "devel" branch here. ==================================================================== Update the ChangeLog with the ChangeLog update of Aug 27, 2024. --- open-vm-tools/ChangeLog | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/open-vm-tools/ChangeLog b/open-vm-tools/ChangeLog index 86e2d888b..a2b15a0cd 100644 --- a/open-vm-tools/ChangeLog +++ b/open-vm-tools/ChangeLog @@ -1,3 +1,12 @@ +commit 764f00f3c3393e8043ba87c2b63d1df670755c95 +Author: Kruti +Date: Tue Aug 27 02:31:46 2024 -0700 + + Update ChangeLog with the granular push of Aug 27, 2024. + - plus Copyright pattern update of file tools.conf + - plus README.md update of Aug 15, 2024. + - plus ChangeLog update of July 15, 2024. + commit 25fe7db3739a021103b4dca64255531be02602cd Author: Kruti Date: Tue Aug 27 02:27:38 2024 -0700 From a240f6a1d75c4fbacb1e9364ff48dfce304a23dc Mon Sep 17 00:00:00 2001 From: Kruti Date: Thu, 3 Oct 2024 22:57:50 -0700 Subject: [PATCH 271/375] Ignore deprecated warning for LIBXML2 APIs xmlFileXXX. CVE-2024-40896 has been fixed in the following libxml2 releases. - 2.13.3 - 2.12.9 - 2.11.9 The libxml2 version 2.13.0 has deprecated the xmlFileMatch, UserXmlFileOpen, xmlFileRead, xmlFileClose callback functions. This change suppresses a "deprecated-declaration" warning when these functions are invoked. --- .../vgauth/serviceImpl/saml-xmlsec1.c | 20 +++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c b/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c index 8572a7110..7de27aa44 100644 --- a/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c +++ b/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c @@ -35,6 +35,22 @@ #include #include +// PR 3416639, xmlFile* APIs were deprecated in libxml2 2.13.0 +// Ignore the deprecated warnings after updating libxml2 to 2.13.3 +// ToDo: Define the deprecated APIs locally and remove the +// XML_IGNORE_DEPRECATION_WARNINGS +#ifdef _WIN32 +#define XML_IGNORE_DEPRECATION_WARNINGS \ + __pragma(warning(push)) \ + __pragma(warning(disable : 4996)) +#define XML_POP_WARNINGS __pragma(warning(pop)) +#else +#define XML_IGNORE_DEPRECATION_WARNINGS \ + _Pragma("GCC diagnostic push") \ + _Pragma("GCC diagnostic ignored \"-Wdeprecated-declarations\"") +#define XML_POP_WARNINGS _Pragma("GCC diagnostic pop") +#endif + #include #include #include @@ -120,7 +136,9 @@ UserXmlFileOpen(const char *filename) unescaped = xmlURIUnescapeString(filename, 0, NULL); if (unescaped != NULL) { g_debug("%s: Opening file \"%s\"\n", __FUNCTION__, unescaped); +XML_IGNORE_DEPRECATION_WARNINGS retval = xmlFileOpen(unescaped); +XML_POP_WARNINGS xmlFree(unescaped); } @@ -438,8 +456,10 @@ SAML_Init(void) /* * Register user defined UserXmlFileOpen */ +XML_IGNORE_DEPRECATION_WARNINGS xmlRegisterInputCallbacks(xmlFileMatch, UserXmlFileOpen, xmlFileRead, xmlFileClose); +XML_POP_WARNINGS /* * Load schemas From a2ff5f28720eca493c5369448b48d1ad595e368b Mon Sep 17 00:00:00 2001 From: Kruti Date: Thu, 3 Oct 2024 22:57:50 -0700 Subject: [PATCH 272/375] open-vm-tools l10n message updates --- open-vm-tools/services/vmtoolsd/l10n/es.vmsg | 2 +- open-vm-tools/services/vmtoolsd/l10n/it.vmsg | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/open-vm-tools/services/vmtoolsd/l10n/es.vmsg b/open-vm-tools/services/vmtoolsd/l10n/es.vmsg index a0c75d155..39ca5b2cc 100644 --- a/open-vm-tools/services/vmtoolsd/l10n/es.vmsg +++ b/open-vm-tools/services/vmtoolsd/l10n/es.vmsg @@ -22,7 +22,7 @@ cmdline.background.pidfile = "archivo pid" cmdline.blockfd = "Descriptor del archivo para el sistema de archivos de bloqueo de VMware." -cmdline.blockfd.fd = "descriptor del archivo" +cmdline.blockfd.fd = "fd" cmdline.commonpath = "Ruta al directorio de complementos frecuentes." diff --git a/open-vm-tools/services/vmtoolsd/l10n/it.vmsg b/open-vm-tools/services/vmtoolsd/l10n/it.vmsg index 159f5f58e..3f63eb556 100644 --- a/open-vm-tools/services/vmtoolsd/l10n/it.vmsg +++ b/open-vm-tools/services/vmtoolsd/l10n/it.vmsg @@ -22,7 +22,7 @@ cmdline.background.pidfile = "file pid" cmdline.blockfd = "Descrittore file per il file system di blocco VMware." -cmdline.blockfd.fd = "descrittore file" +cmdline.blockfd.fd = "fd" cmdline.commonpath = "Percorso della directory plugin comune." From e54a2d61657e3c4c0fd4299cc5c830b4263e27bd Mon Sep 17 00:00:00 2001 From: Kruti Date: Thu, 3 Oct 2024 23:17:34 -0700 Subject: [PATCH 273/375] Correct missed 2024 copyright update. --- open-vm-tools/services/vmtoolsd/l10n/es.vmsg | 3 ++- open-vm-tools/services/vmtoolsd/l10n/it.vmsg | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/open-vm-tools/services/vmtoolsd/l10n/es.vmsg b/open-vm-tools/services/vmtoolsd/l10n/es.vmsg index 39ca5b2cc..a68eb854c 100644 --- a/open-vm-tools/services/vmtoolsd/l10n/es.vmsg +++ b/open-vm-tools/services/vmtoolsd/l10n/es.vmsg @@ -1,5 +1,6 @@ ########################################################## -# Copyright (C) 2010, 2020-2021 VMware, Inc. All rights reserved. +# Copyright (c) 2010-2024 Broadcom. All Rights Reserved. +# The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. # # This program is free software; you can redistribute it and/or modify it # under the terms of the GNU Lesser General Public License as published diff --git a/open-vm-tools/services/vmtoolsd/l10n/it.vmsg b/open-vm-tools/services/vmtoolsd/l10n/it.vmsg index 3f63eb556..c23556995 100644 --- a/open-vm-tools/services/vmtoolsd/l10n/it.vmsg +++ b/open-vm-tools/services/vmtoolsd/l10n/it.vmsg @@ -1,5 +1,6 @@ ########################################################## -# Copyright (C) 2010, 2020-2021 VMware, Inc. All rights reserved. +# Copyright (c) 2010-2024 Broadcom. All Rights Reserved. +# The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. # # This program is free software; you can redistribute it and/or modify it # under the terms of the GNU Lesser General Public License as published From 412a4b1db38627062a8ebb955b0d483edee0a1ff Mon Sep 17 00:00:00 2001 From: Kruti Date: Thu, 3 Oct 2024 23:34:31 -0700 Subject: [PATCH 274/375] Update ChangeLog with the granular push of Oct 03, 2024. - plus copyright update - plus ChangeLog update of Sep 24, 2024. --- open-vm-tools/ChangeLog | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) diff --git a/open-vm-tools/ChangeLog b/open-vm-tools/ChangeLog index a2b15a0cd..b953588fc 100644 --- a/open-vm-tools/ChangeLog +++ b/open-vm-tools/ChangeLog @@ -1,3 +1,40 @@ +commit e54a2d61657e3c4c0fd4299cc5c830b4263e27bd +Author: Kruti +Date: Thu Oct 3 23:17:34 2024 -0700 + + Correct missed 2024 copyright update. + +commit a2ff5f28720eca493c5369448b48d1ad595e368b +Author: Kruti +Date: Thu Oct 3 22:57:50 2024 -0700 + + open-vm-tools l10n message updates + +commit a240f6a1d75c4fbacb1e9364ff48dfce304a23dc +Author: Kruti +Date: Thu Oct 3 22:57:50 2024 -0700 + + Ignore deprecated warning for LIBXML2 APIs xmlFileXXX. + + CVE-2024-40896 has been fixed in the following libxml2 releases. + - 2.13.3 + - 2.12.9 + - 2.11.9 + + The libxml2 version 2.13.0 has deprecated the xmlFileMatch, UserXmlFileOpen, + xmlFileRead, xmlFileClose callback functions. This change suppresses a + "deprecated-declaration" warning when these functions are invoked. + +commit a167dff31e77d9599454667220b23dac304fed46 +Author: John Wolfe +Date: Tue Sep 24 14:31:17 2024 -0700 + + ==================================================================== + The "stable-12.5.x" branch was created from the "devel" branch here. + ==================================================================== + + Update the ChangeLog with the ChangeLog update of Aug 27, 2024. + commit 764f00f3c3393e8043ba87c2b63d1df670755c95 Author: Kruti Date: Tue Aug 27 02:31:46 2024 -0700 From 96094bb1a59c67af99d31d5acfdc731f14109e47 Mon Sep 17 00:00:00 2001 From: Kruti Date: Wed, 9 Oct 2024 19:47:45 -0700 Subject: [PATCH 275/375] Prepare for the open-vm-tools 12.5.0 release. - Update the tools version in the configure.ac. - Update the build numbers in the buldNumber.h. --- open-vm-tools/configure.ac | 4 ++-- open-vm-tools/lib/include/buildNumber.h | 12 ++++++------ 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/open-vm-tools/configure.ac b/open-vm-tools/configure.ac index fe366ed97..d71977afc 100644 --- a/open-vm-tools/configure.ac +++ b/open-vm-tools/configure.ac @@ -36,10 +36,10 @@ ### Initialization ### -TOOLS_VERSION="11.2.0" +TOOLS_VERSION="12.5.0" AC_INIT( [open-vm-tools], - [11.2.0], + [12.5.0], [open-vm-tools-devel@lists.sourceforge.net]) # In order to make this configure script auto-detect situations where diff --git a/open-vm-tools/lib/include/buildNumber.h b/open-vm-tools/lib/include/buildNumber.h index 523eb3253..ada114228 100644 --- a/open-vm-tools/lib/include/buildNumber.h +++ b/open-vm-tools/lib/include/buildNumber.h @@ -1,12 +1,12 @@ #define BUILD_NUMBER \ - "build-15943241" + "build-24276846" #define BUILD_NUMBER_NUMERIC \ - 15943241 + 24276846 #define BUILD_NUMBER_NUMERIC_STRING \ - "15943241" + "24276846" #define PRODUCT_BUILD_NUMBER \ - "product-build-19694" + "product-build-51152" #define PRODUCT_BUILD_NUMBER_NUMERIC \ - 19694 + 51152 #define PRODUCT_BUILD_NUMBER_NUMERIC_STRING \ - "19694" + "51152" From ef2095ffda17a766a65bf39d61f4cdb9c735fa62 Mon Sep 17 00:00:00 2001 From: Kruti Date: Wed, 9 Oct 2024 20:49:01 -0700 Subject: [PATCH 276/375] Update the ReleaseNotes.md for the 12.5.0 open-vm-tools release. --- ReleaseNotes.md | 154 ++++++++++++++++++++++++++++++------------------ 1 file changed, 98 insertions(+), 56 deletions(-) diff --git a/ReleaseNotes.md b/ReleaseNotes.md index 6f4ce1c57..c458d73c4 100644 --- a/ReleaseNotes.md +++ b/ReleaseNotes.md @@ -1,56 +1,98 @@ -#open-vm-tools 10.0.0 Release Notes - -Updated on 1 SEP 2015 -##What's in the Release Notes -The release notes cover the following topics: - -- What's New -- Internationalization -- Compatibility -- Installation and Upgrades for This Release -- Known Issues - -##What's New -VMware Tools is a suite of utilities that enhances the performance of the virtual machine's guest operating system and improves management of the virtual machine. Read about the new and enhanced features in this release below: - -- **Common versioning**: Infrastructure changes to enable reporting of the true version of open-vm-tools. This feature is dependent on host support. -- **Quiesced snapshots enhancements for Linux guests running IO workload**: Robustness related enhancements in quiesced snapshot operation. The _vmtoolsd_ service supports caching of log messages when guest IO has been quiesced. Enhancements in the _vmbackup_ plugin use a separate thread to quiesce the guest OS to avoid timeout issues due to heavy I/O in the guest. -- **Shared Folders**: For Linux distributions with kernel version 4.0.0 and higher, there is a new FUSE based Shared Folders client which is used as a replacement for the kernel mode client. -- **ESXi Serviceability**: Default _vmtoolsd_ logging is directed to a file instead of syslog. _vmware-toolbox-cmd_ is enhanced for setting _vmtoolsd_ logging levels. -- **GuestInfo Enhancements**: Plugin enhancements to report more than 64 IP addresses from the guest. These enhancements will be available only after upgrading the host because the guest IP addresses limit also exists on the host side. - -## Internationalization -open-vm-tools 10.0.0 supports the following languages: - -- English -- French -- German -- Spanish -- Italian -- Japanese -- Korean -- Simplified Chinese -- Traditional Chinese - -## Compatibility -open-vm-tools 10.0.0 is compatible with all supported versions of VMware vSphere, VMware Workstation 12.0 and VMware Fusion 8.0. -## Installation and Upgrades for This Release -The steps to install open-vm-tools vary depending on your VMware product and the guest operating system you have installed. For general steps to install open-vm-tools in most VMware products, see https://github.com/vmware/open-vm-tools/blob/master/README.md -## Known Issues -The known issues are as follows: - -- **The status of IPv6 address is displayed as "unknown"** - - The status of IPv6 address from vim-cmd is displayed as "unknown" even when the address is valid. - - Workaround: None -- **TextCopyPaste between host and guest systems fail** - - Copy and Paste of text between host and guest systems fail if the text size 50KB or higher. - - Workaround: Copy and Paste smaller amounts of text. -- **Definition of the field _ipAddress_ in guestinfo is ambiguous** - - The field _ipAddress_ is defined as "Primary IP address assigned to the guest operating system, if known". - - Workaround: The field _ipAddress_ in this context for Linux is defined as the first IP address fetched by open-vm-tools. +# open-vm-tools 12.5.0 Release Notes + +Updated on: 8 October 2024 + +open-vm-tools | 8 OCTOBER 2024 | Build 24276846 + +Check back for additions and updates to these release notes. + +## What's in the Release Notes + +The release notes cover the following topics: + +* [What's New](#whatsnew) +* [Internationalization](#i18n) +* [Product Support Notice](#suppnote) +* [Guest Operating System Customization Support](#guestop) +* [Interoperability Matrix](#interop) +* [Resolved Issues](#resolvedissues) +* [Known Issues](#knownissues) + +## What's New + + +* Please see the [Resolved Issues](#resolvedissues) and [Known Issues](#knownissues) sections below. + +* A complete list of the granular changes in the open-vm-tools 12.5.0 release is available at: + + [open-vm-tools ChangeLog](https://github.com/vmware/open-vm-tools/blob/stable-12.5.0/open-vm-tools/ChangeLog) + +## Internationalization + +open-vm-tools 12.5.0 is available in the following languages: + +* English +* French +* German +* Spanish +* Italian +* Japanese +* Korean +* Simplified Chinese +* Traditional Chinese + +## Product Support Notice + +Beginning with the next major release, we will be reducing the number of supported localization languages. The three supported languages will be: + * Japanese + * Spanish + * French + +The following languages will no longer be supported: + * Italian + * German + * Brazilian Portuguese + * Traditional Chinese + * Korean + * Simplified Chinese + +Impact: + * Users who have been using the deprecated languages will no longer receive updates or support in these languages. + * All user interfaces, message catalogs, help documentation, and customer support will be available only in English or in the three supported languages mentioned above. + +## Guest Operating System Customization Support + +The [Guest OS Customization Support Matrix](http://partnerweb.vmware.com/programs/guestOS/guest-os-customization-matrix.pdf) provides details about the guest operating systems supported for customization. + + +## Interoperability Matrix + +The [VMware Product Interoperability Matrix](http://partnerweb.vmware.com/comp_guide2/sim/interop_matrix.php) provides details about the compatibility of current and earlier versions of VMware Products.  + +## Resolved Issues + +* **The following github.com/vmware/open-vm-tools pull request has been addressed.** + + * Revise settings for vmware-user.desktop + + [Pull request #668](https://github.com/vmware/open-vm-tools/pull/668) + +* **Accomodate newer releases of libxml2 and xmlsec1.** + + The configure.ac and VGAuth code updated to avoid deprecated functions and build options based on OSS product version. + +## Known Issues + +* **Shared Folders mount is unavailable on Linux VM.** + + If the **Shared Folders** feature is enabled on a Linux VM while it is powered off, the shared folders mount is not available on restart. + + Note: This issue is applicable to open-vm-tools running on VMware Workstation and VMware Fusion. + + Workaround: + + If the VM is powered on, disable and enable the **Shared Folders** feature from the interface. For resolving the issue permanently, edit **/etc/fstab** and add an entry to mount the Shared Folders automatically on boot. For example, add the line: + + vmhgfs-fuse /mnt/hgfs fuse defaults,allow_other 0 0 + + For more information on how to configure VMware Tools Shared Folders, see [KB 60262](https://kb.vmware.com/s/article/60262) From 05afe0ae703d6027325059876528fe3b04fdf386 Mon Sep 17 00:00:00 2001 From: Kruti Date: Thu, 10 Oct 2024 06:12:07 -0700 Subject: [PATCH 277/375] ================================================= open-vm-tools 12.5.0 released at this point. ================================================= Update of the ChangeLog with the final changes in preparation for the open-vm-tools 12.5.0 release. --- open-vm-tools/ChangeLog | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/open-vm-tools/ChangeLog b/open-vm-tools/ChangeLog index b953588fc..1ddc8134d 100644 --- a/open-vm-tools/ChangeLog +++ b/open-vm-tools/ChangeLog @@ -1,3 +1,25 @@ +commit ef2095ffda17a766a65bf39d61f4cdb9c735fa62 +Author: Kruti +Date: Wed Oct 9 20:49:01 2024 -0700 + + Update the ReleaseNotes.md for the 12.5.0 open-vm-tools release. + +commit 96094bb1a59c67af99d31d5acfdc731f14109e47 +Author: Kruti +Date: Wed Oct 9 19:47:45 2024 -0700 + + Prepare for the open-vm-tools 12.5.0 release. + - Update the tools version in the configure.ac. + - Update the build numbers in the buldNumber.h. + +commit 412a4b1db38627062a8ebb955b0d483edee0a1ff +Author: Kruti +Date: Thu Oct 3 23:34:31 2024 -0700 + + Update ChangeLog with the granular push of Oct 03, 2024. + - plus copyright update + - plus ChangeLog update of Sep 24, 2024. + commit e54a2d61657e3c4c0fd4299cc5c830b4263e27bd Author: Kruti Date: Thu Oct 3 23:17:34 2024 -0700 From f2ca37ef3510543172657b82493d1eceefa9a134 Mon Sep 17 00:00:00 2001 From: Kruti Date: Thu, 10 Oct 2024 08:05:07 -0700 Subject: [PATCH 278/375] Update ChangeLog with the open-vm-tools 12.5.0 release marker. --- open-vm-tools/ChangeLog | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/open-vm-tools/ChangeLog b/open-vm-tools/ChangeLog index 1ddc8134d..9e9f9c471 100644 --- a/open-vm-tools/ChangeLog +++ b/open-vm-tools/ChangeLog @@ -1,3 +1,14 @@ +commit 05afe0ae703d6027325059876528fe3b04fdf386 +Author: Kruti +Date: Thu Oct 10 06:12:07 2024 -0700 + + ================================================= + open-vm-tools 12.5.0 released at this point. + ================================================= + + Update of the ChangeLog with the final changes in preparation for + the open-vm-tools 12.5.0 release. + commit ef2095ffda17a766a65bf39d61f4cdb9c735fa62 Author: Kruti Date: Wed Oct 9 20:49:01 2024 -0700 From 739c5a2f4bfd4cdda491e6a6f6869d88c0bd6972 Mon Sep 17 00:00:00 2001 From: John Wolfe Date: Thu, 10 Oct 2024 13:34:03 -0700 Subject: [PATCH 279/375] Get correct vm_tools_version.h for the merge from stable-12.5.x --- open-vm-tools/lib/include/vm_tools_version.h | 13 +++---------- 1 file changed, 3 insertions(+), 10 deletions(-) diff --git a/open-vm-tools/lib/include/vm_tools_version.h b/open-vm-tools/lib/include/vm_tools_version.h index 21a75792d..ec7047fbb 100644 --- a/open-vm-tools/lib/include/vm_tools_version.h +++ b/open-vm-tools/lib/include/vm_tools_version.h @@ -1793,16 +1793,9 @@ TOOLS_VERSION_UINT_TO_COMPONENTS(const ToolsVersion toolsVersion, // IN #define TOOLS_VERSION_NEXT_V_MNR 5 #define TOOLS_VERSION_NEXT_V_BASE 0 -#ifndef RC_INVOKED -#define TOOLS_VERSION_SOCKET_WRENCH_UPDATE1 TOOLS_VERSION_TO_UINT(TOOLS_VERSION_SOCKET_WRENCH_UPDATE1_V) -#endif /* RC_INVOKED */ -#define TOOLS_VERSION_SOCKET_WRENCH_UPDATE1_V_MJR 12 -#define TOOLS_VERSION_SOCKET_WRENCH_UPDATE1_V_MNR 4 -#define TOOLS_VERSION_SOCKET_WRENCH_UPDATE1_V_BASE 5 - -#define TOOLS_VERSION_CURRENT TOOLS_VERSION_SOCKET_WRENCH_UPDATE1 -#define TOOLS_VERSION_CURRENT_STR TOOLS_VERSION_TO_STR(TOOLS_VERSION_SOCKET_WRENCH_UPDATE1) -#define TOOLS_VERSION_CURRENT_CSV TOOLS_VERSION_TO_CSV(TOOLS_VERSION_SOCKET_WRENCH_UPDATE1) +#define TOOLS_VERSION_CURRENT TOOLS_VERSION_NEXT +#define TOOLS_VERSION_CURRENT_STR TOOLS_VERSION_TO_STR(TOOLS_VERSION_NEXT) +#define TOOLS_VERSION_CURRENT_CSV TOOLS_VERSION_TO_CSV(TOOLS_VERSION_NEXT) /* * The extended Tools version is the current Tools version with the From b0686fded2146418ea2f91a18c9f621e287942af Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:49 -0800 Subject: [PATCH 280/375] Record the use of tools version 12.1.1 for the MacOS tools patch release. The last darwin.iso for MacOS guests was at version 12.1.0. A subsequent security issues was fixed in VMware Tools patch 12.1.1 (only darwin.iso). Adding use of that version number as TOOLS_VERSION_MITER_SAW_PATCH1 in lib/include/vm_tools_version.h. --- open-vm-tools/lib/include/vm_tools_version.h | 7 +++++++ open-vm-tools/services/plugins/gdp/gdpPlugin.c | 2 +- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/vm_tools_version.h b/open-vm-tools/lib/include/vm_tools_version.h index ec7047fbb..6c95f342e 100644 --- a/open-vm-tools/lib/include/vm_tools_version.h +++ b/open-vm-tools/lib/include/vm_tools_version.h @@ -1730,6 +1730,13 @@ TOOLS_VERSION_UINT_TO_COMPONENTS(const ToolsVersion toolsVersion, // IN #define TOOLS_VERSION_MITER_SAW_RELEASE_V_MNR 1 #define TOOLS_VERSION_MITER_SAW_RELEASE_V_BASE 0 +#ifndef RC_INVOKED +#define TOOLS_VERSION_MITER_SAW_PATCH1 TOOLS_VERSION_TO_UINT(TOOLS_VERSION_MITER_SAW_PATCH1_V) +#endif /* RC_INVOKED */ +#define TOOLS_VERSION_MITER_SAW_PATCH1_V_MJR 12 +#define TOOLS_VERSION_MITER_SAW_PATCH1_V_MNR 1 +#define TOOLS_VERSION_MITER_SAW_PATCH1_V_BASE 1 + #ifndef RC_INVOKED #define TOOLS_VERSION_MITER_SAW_UPDATE1 TOOLS_VERSION_TO_UINT(TOOLS_VERSION_MITER_SAW_UPDATE1_V) #endif /* RC_INVOKED */ diff --git a/open-vm-tools/services/plugins/gdp/gdpPlugin.c b/open-vm-tools/services/plugins/gdp/gdpPlugin.c index 9f5e15e88..412c016f6 100644 --- a/open-vm-tools/services/plugins/gdp/gdpPlugin.c +++ b/open-vm-tools/services/plugins/gdp/gdpPlugin.c @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (c) 2020-2021,2023-2024 Broadcom. All rights reserved. + * Copyright (c) 2020-2021,2023-2024 Broadcom. All Rights Reserved. * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it From d2c4e63ec275f18454b1539d05bc7410957ea13c Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:49 -0800 Subject: [PATCH 281/375] Change to common source files not applicable to open-vm-tools. --- open-vm-tools/lib/include/rpcvmx.h | 35 +++++++++--- open-vm-tools/lib/rpcVmx/rpcvmx.c | 89 ++++++++++++++++++++++++++---- 2 files changed, 106 insertions(+), 18 deletions(-) diff --git a/open-vm-tools/lib/include/rpcvmx.h b/open-vm-tools/lib/include/rpcvmx.h index 42d1b0404..d31330cfe 100644 --- a/open-vm-tools/lib/include/rpcvmx.h +++ b/open-vm-tools/lib/include/rpcvmx.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 2004-2019 VMware, Inc. All rights reserved. + * Copyright (c) 2004-2024 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -25,7 +26,9 @@ * * NB: This library is *NOT* threadsafe, so if you want to avoid * corrupting your log statements or other screwups, add your own - * locking around calls to RpcVMX_Log. + * locking around calls to RpcVMX_Log. The exception is + * RpcVMX_LogVWithBuffer which does not use any global state but + * requires the caller to manage its own buffers. */ #ifndef _RPCVMX_H_ @@ -37,6 +40,13 @@ #include "rpcvmxext.h" #define RPCVMX_MAX_LOG_LEN (2048) /* 2kb max - make it dynamic? */ +#define RPCVMX_LOG_BUFSIZE (RPCVMX_MAX_LOG_LEN + sizeof "log") + +typedef struct RpcVMXState { + char logBuf[RPCVMX_LOG_BUFSIZE]; + unsigned int logOffset; +} RpcVMXState; + /* * Set a prefix to prepend to any future log statements. @@ -49,28 +59,39 @@ void RpcVMX_LogSetPrefix(const char *prefix); const char *RpcVMX_LogGetPrefix(const char *prefix); /* - * Save as RpcVMX_Log but takes a va_list instead of inline arguments. + * Same as RpcVMX_Log but takes a va_list instead of inline arguments. + */ +void RpcVMX_LogV(const char *fmt, + va_list args); + +/* + * Same as RpcVMX_LogV but uses the caller-specified buffer to back the log. */ -void RpcVMX_LogV(const char *fmt, va_list args); +void RpcVMX_LogVWithBuffer(RpcVMXState *rpcBuffer, + const char *fmt, + va_list args); /* * Get the value of "guestinfo.$key" in the host VMX dictionary and return it. * Returns the default if the key is not set. */ -char *RpcVMX_ConfigGetString(const char *defval, const char *key); +char *RpcVMX_ConfigGetString(const char *defval, + const char *key); /* * Same as _ConfigGetString, but convert the value to a 32-bit quantity. * XXX Returns 0, *NOT* the default, if the key was set but the value could * not be converted to an int32. */ -int32 RpcVMX_ConfigGetLong(int32 defval, const char *key); +int32 RpcVMX_ConfigGetLong(int32 defval, + const char *key); /* * Same as _ConfigGetString, but convert the value to a Bool. Returns the * default value if the key was set but could not be converted. */ -Bool RpcVMX_ConfigGetBool(Bool defval, const char *key); +Bool RpcVMX_ConfigGetBool(Bool defval, + const char *key); #endif /* _VMXRPC_H_ */ diff --git a/open-vm-tools/lib/rpcVmx/rpcvmx.c b/open-vm-tools/lib/rpcVmx/rpcvmx.c index 5bd1a19f3..c3ffca613 100644 --- a/open-vm-tools/lib/rpcVmx/rpcvmx.c +++ b/open-vm-tools/lib/rpcVmx/rpcvmx.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 2004-2018,2019,2021,2023 VMware, Inc. All rights reserved. + * Copyright (c) 2004-2024 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -32,11 +33,6 @@ #include "rpcvmx.h" -typedef struct { - char logBuf[RPCVMX_MAX_LOG_LEN + sizeof "log"]; - unsigned int logOffset; -} RpcVMXState; - static RpcVMXState RpcVMX = { "log ", sizeof "log" }; @@ -153,7 +149,8 @@ RpcVMX_Log(const char *fmt, ...) */ void -RpcVMX_LogV(const char *fmt, va_list args) +RpcVMX_LogV(const char *fmt, + va_list args) { int payloadLen; char receiveBuffer[16]; @@ -184,6 +181,72 @@ RpcVMX_LogV(const char *fmt, va_list args) } +/* + *---------------------------------------------------------------------------- + * + * RpcVMX_LogVWithBuffer -- + * + * Construct an output string using the provided format string and + * argument list, then send it to the VMX using the RPCI "log" command. + * + * Uses the caller-provided buffer to back the log, rather than the + * global RpcVMXState. + * + * Results: + * None. + * + * Side effects: + * Sends the log command described above. + * + *---------------------------------------------------------------------------- + */ + +void +RpcVMX_LogVWithBuffer(RpcVMXState *rpcBuffer, // IN/OUT + const char *fmt, // IN + va_list args) // IN +{ + int payloadLen; + char receiveBuffer[16]; + + if (rpcBuffer == NULL || fmt == NULL) { + return; + } + + if (rpcBuffer->logOffset >= sizeof rpcBuffer->logBuf) { + /* + * The RpcVMXState is not valid, because the prefix is taking up the + * entire buffer. Since we can't log any actual message, silently fail. + */ + return; + } + + payloadLen = Str_Vsnprintf(rpcBuffer->logBuf + rpcBuffer->logOffset, + sizeof rpcBuffer->logBuf - rpcBuffer->logOffset, + fmt, args); + + if (payloadLen < 1) { + /* + * Overflow. We need more space in the buffer. Just set the length to + * the buffer size and send the (truncated) log message. + */ + payloadLen = sizeof rpcBuffer->logBuf - rpcBuffer->logOffset; + } + + /* + * Use a pre-allocated receive buffer so that it's possible to + * perform the log without needing to call malloc. This makes + * RpcVMX_LogVWithBuffer suitable to be used in Windows kernel interrupt + * handlers. (It also makes it faster.) The log command only ever + * returns two character strings "1 " on success and "0 " on + * failure, so we don't need a sizeable buffer. + */ + RpcOut_SendOneRawPreallocated(rpcBuffer->logBuf, + (size_t)rpcBuffer->logOffset + payloadLen, + receiveBuffer, sizeof receiveBuffer); +} + + /* *---------------------------------------------------------------------------- * @@ -204,7 +267,8 @@ RpcVMX_LogV(const char *fmt, va_list args) */ char * -RpcVMX_ConfigGetString(const char *defval, const char *var) +RpcVMX_ConfigGetString(const char *defval, + const char *var) { char *value; if (!RpcOut_sendOne(&value, NULL, "info-get guestinfo.%s", var)) { @@ -248,7 +312,8 @@ RpcVMX_ConfigGetString(const char *defval, const char *var) */ Bool -RpcVMX_ConfigGetBool(Bool defval, const char *var) +RpcVMX_ConfigGetBool(Bool defval, + const char *var) { char *value = RpcVMX_ConfigGetString(NULL, var); Bool ret = defval; @@ -288,7 +353,8 @@ RpcVMX_ConfigGetBool(Bool defval, const char *var) */ int32 -RpcVMX_ConfigGetLong(int32 defval, const char *var) +RpcVMX_ConfigGetLong(int32 defval, + const char *var) { char *value = RpcVMX_ConfigGetString(NULL, var); int32 ret = defval; @@ -320,7 +386,8 @@ RpcVMX_ConfigGetLong(int32 defval, const char *var) */ void -RpcVMX_ReportDriverVersion(const char *drivername, const char *versionString) +RpcVMX_ReportDriverVersion(const char *drivername, + const char *versionString) { char setVersionCmd[128]; Str_Sprintf(setVersionCmd, sizeof(setVersionCmd), From 53cdb3d65f2b62f164807a3fba397c41044ce8c3 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:49 -0800 Subject: [PATCH 282/375] Ignore deprecated warning for LIBXML2 APIs xmlFileXXX. CVE-2024-40896 has been fixed in the following libxml2 releases. - 2.13.3 - 2.12.9 - 2.11.9 The libxml2 version 2.13.0 has deprecated the xmlFileMatch, UserXmlFileOpen, xmlFileRead, xmlFileClose callback functions. This change suppresses a "deprecated-declaration" warning when these functions are invoked. --- .../vgauth/serviceImpl/saml-xmlsec1.c | 20 +++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c b/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c index 8572a7110..7de27aa44 100644 --- a/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c +++ b/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c @@ -35,6 +35,22 @@ #include #include +// PR 3416639, xmlFile* APIs were deprecated in libxml2 2.13.0 +// Ignore the deprecated warnings after updating libxml2 to 2.13.3 +// ToDo: Define the deprecated APIs locally and remove the +// XML_IGNORE_DEPRECATION_WARNINGS +#ifdef _WIN32 +#define XML_IGNORE_DEPRECATION_WARNINGS \ + __pragma(warning(push)) \ + __pragma(warning(disable : 4996)) +#define XML_POP_WARNINGS __pragma(warning(pop)) +#else +#define XML_IGNORE_DEPRECATION_WARNINGS \ + _Pragma("GCC diagnostic push") \ + _Pragma("GCC diagnostic ignored \"-Wdeprecated-declarations\"") +#define XML_POP_WARNINGS _Pragma("GCC diagnostic pop") +#endif + #include #include #include @@ -120,7 +136,9 @@ UserXmlFileOpen(const char *filename) unescaped = xmlURIUnescapeString(filename, 0, NULL); if (unescaped != NULL) { g_debug("%s: Opening file \"%s\"\n", __FUNCTION__, unescaped); +XML_IGNORE_DEPRECATION_WARNINGS retval = xmlFileOpen(unescaped); +XML_POP_WARNINGS xmlFree(unescaped); } @@ -438,8 +456,10 @@ SAML_Init(void) /* * Register user defined UserXmlFileOpen */ +XML_IGNORE_DEPRECATION_WARNINGS xmlRegisterInputCallbacks(xmlFileMatch, UserXmlFileOpen, xmlFileRead, xmlFileClose); +XML_POP_WARNINGS /* * Load schemas From 9399035e31c6fe96ba420da01a66085673aeea58 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:49 -0800 Subject: [PATCH 283/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_tools_version.h | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/vm_tools_version.h b/open-vm-tools/lib/include/vm_tools_version.h index 6c95f342e..1e876a6c7 100644 --- a/open-vm-tools/lib/include/vm_tools_version.h +++ b/open-vm-tools/lib/include/vm_tools_version.h @@ -1793,11 +1793,18 @@ TOOLS_VERSION_UINT_TO_COMPONENTS(const ToolsVersion toolsVersion, // IN #define TOOLS_VERSION_SOCKET_WRENCH_UPDATE1_V_MNR 4 #define TOOLS_VERSION_SOCKET_WRENCH_UPDATE1_V_BASE 5 +#ifndef RC_INVOKED +#define TOOLS_VERSION_PLIERS_RELEASE TOOLS_VERSION_TO_UINT(TOOLS_VERSION_PLIERS_RELEASE_V) +#endif /* RC_INVOKED */ +#define TOOLS_VERSION_PLIERS_RELEASE_V_MJR 12 +#define TOOLS_VERSION_PLIERS_RELEASE_V_MNR 5 +#define TOOLS_VERSION_PLIERS_RELEASE_V_BASE 0 + #ifndef RC_INVOKED #define TOOLS_VERSION_NEXT TOOLS_VERSION_TO_UINT(TOOLS_VERSION_NEXT_V) #endif /* RC_INVOKED */ #define TOOLS_VERSION_NEXT_V_MJR 12 -#define TOOLS_VERSION_NEXT_V_MNR 5 +#define TOOLS_VERSION_NEXT_V_MNR 6 #define TOOLS_VERSION_NEXT_V_BASE 0 #define TOOLS_VERSION_CURRENT TOOLS_VERSION_NEXT From 37281c1a4e85a9e4dbe313030d6b985aecccf466 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:49 -0800 Subject: [PATCH 284/375] open-vm-tools l10n message updates --- open-vm-tools/services/vmtoolsd/l10n/es.vmsg | 2 +- open-vm-tools/services/vmtoolsd/l10n/it.vmsg | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/open-vm-tools/services/vmtoolsd/l10n/es.vmsg b/open-vm-tools/services/vmtoolsd/l10n/es.vmsg index a0c75d155..39ca5b2cc 100644 --- a/open-vm-tools/services/vmtoolsd/l10n/es.vmsg +++ b/open-vm-tools/services/vmtoolsd/l10n/es.vmsg @@ -22,7 +22,7 @@ cmdline.background.pidfile = "archivo pid" cmdline.blockfd = "Descriptor del archivo para el sistema de archivos de bloqueo de VMware." -cmdline.blockfd.fd = "descriptor del archivo" +cmdline.blockfd.fd = "fd" cmdline.commonpath = "Ruta al directorio de complementos frecuentes." diff --git a/open-vm-tools/services/vmtoolsd/l10n/it.vmsg b/open-vm-tools/services/vmtoolsd/l10n/it.vmsg index 159f5f58e..3f63eb556 100644 --- a/open-vm-tools/services/vmtoolsd/l10n/it.vmsg +++ b/open-vm-tools/services/vmtoolsd/l10n/it.vmsg @@ -22,7 +22,7 @@ cmdline.background.pidfile = "file pid" cmdline.blockfd = "Descrittore file per il file system di blocco VMware." -cmdline.blockfd.fd = "descrittore file" +cmdline.blockfd.fd = "fd" cmdline.commonpath = "Percorso della directory plugin comune." From e0af58914539ace4c6e8005146a40cd31f1e537a Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:49 -0800 Subject: [PATCH 285/375] Change to common source files not applicable to open-vm-tools. --- .../lib/include/vmware/tools/plugin.h | 15 +++- .../services/plugins/gdp/gdpPlugin.c | 79 ++++++++++++++++++- .../serviceDiscovery/serviceDiscovery.c | 9 ++- open-vm-tools/services/vmtoolsd/mainLoop.c | 8 ++ open-vm-tools/services/vmtoolsd/serviceObj.c | 13 ++- open-vm-tools/tests/testPlugin/testPlugin.c | 28 ++++++- 6 files changed, 143 insertions(+), 9 deletions(-) diff --git a/open-vm-tools/lib/include/vmware/tools/plugin.h b/open-vm-tools/lib/include/vmware/tools/plugin.h index 91c74e181..1ce450444 100644 --- a/open-vm-tools/lib/include/vmware/tools/plugin.h +++ b/open-vm-tools/lib/include/vmware/tools/plugin.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 2008-2020,2023 VMware, Inc. All rights reserved. + * Copyright (c) 2008-2024 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -190,6 +191,18 @@ ToolsCore_LogState(guint level, */ #define TOOLS_CORE_SIG_SET_OPTION "tcs_set_option" +/** + * Signal sent when the service is going to be shutdown. Allow for listeners to + * prepare for a pending shutdown. Signal occurs before the service thread pool + * gets shutdown. The signal handler must not perform long running and/or + * blocking operation, as well as not perform core resource releases. + * + * @param[in] src The source object. + * @param[in] ctx ToolsAppCtx *: The application context. + * @param[in] data Client data. + */ +#define TOOLS_CORE_SIG_PRE_SHUTDOWN "tcs_pre_shutdown" + /** * Signal sent when shutting down the service. * diff --git a/open-vm-tools/services/plugins/gdp/gdpPlugin.c b/open-vm-tools/services/plugins/gdp/gdpPlugin.c index 412c016f6..563071c43 100644 --- a/open-vm-tools/services/plugins/gdp/gdpPlugin.c +++ b/open-vm-tools/services/plugins/gdp/gdpPlugin.c @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (c) 2020-2021,2023-2024 Broadcom. All Rights Reserved. + * Copyright (c) 2020-2024 Broadcom. All Rights Reserved. * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it @@ -364,6 +364,10 @@ typedef struct PluginState { * FALSE: otherwise * Transitions from FALSE to TRUE only */ + Atomic_Bool stopping; /* TRUE : Guest data publishing is stopping + * FALSE: otherwise + * Transitions from FALSE to TRUE only */ + GdpEvent eventConfig; /* The config event object: * Signalled to update config */ } PluginState; @@ -3183,6 +3187,7 @@ GdpInit(ToolsAppCtx *ctx) // IN { gPluginState.ctx = ctx; Atomic_WriteBool(&gPluginState.started, FALSE); + Atomic_WriteBool(&gPluginState.stopping, FALSE); #if defined(_WIN32) gPluginState.wsaStarted = FALSE; @@ -3295,7 +3300,31 @@ GdpStart(void) GdpThreadTask, GdpThreadInterrupt, NULL, NULL)) { - g_critical("%s: Failed to start the gdp task thread.\n", __FUNCTION__); + /* + * Is the failure to start caused by pending service stop? + * - stopping is true if a pre-shutdown signal was handled + * - stopped is true if a shutdown signal was handled + * + * During the transition from stopping to stopped, the thread pool can + * be/become inactive resulting in a failure to start the gdp task thread. + * + * This is an expected failure, log it as a warning. + */ + if (Atomic_ReadBool(&gPluginState.stopping)) { + g_debug( + "%s: gdp: start=%s, stop=%s, pre=%s; task: pool=%s\n", + __FUNCTION__, + Atomic_ReadBool(&gPluginState.started) ? "true" : "false", + Atomic_ReadBool(&gPluginState.stopped) ? "true" : "false", + Atomic_ReadBool(&gPluginState.stopping) ? "true" : "false", + (ToolsCorePool_GetPool(gPluginState.ctx) == NULL) ? "no":"yes"); + + g_warning("%s: Failed to start the gdp task thread.\n", + __FUNCTION__); + } else { + g_critical("%s: Failed to start the gdp task thread.\n", + __FUNCTION__); + } goto exit; } @@ -3415,14 +3444,29 @@ GdpPublish(gint64 createTime, // IN g_mutex_lock(&gPublishState.mutex); - if (Atomic_ReadBool(&gPluginState.stopped)) { + if (Atomic_ReadBool(&gPluginState.stopping)) { + /* + * Do not publish when publishing is stopped or gdp is stopping in + * preparation for stopping. + */ + g_debug( + "%s: gdp: start=%s, stop=%s, pre=%s; task: pool=%s\n", + __FUNCTION__, + Atomic_ReadBool(&gPluginState.started) ? "true" : "false", + Atomic_ReadBool(&gPluginState.stopped) ? "true" : "false", + Atomic_ReadBool(&gPluginState.stopping) ? "true" : "false", + (ToolsCorePool_GetPool(gPluginState.ctx) == NULL) ? "no":"yes"); gdpErr = GDP_ERROR_STOP; goto exit; } if (!Atomic_ReadBool(&gPluginState.started) && !GdpStart()) { - gdpErr = GDP_ERROR_GENERAL; + if (Atomic_ReadBool(&gPluginState.stopping)) { + gdpErr = GDP_ERROR_STOP; + } else { + gdpErr = GDP_ERROR_GENERAL; + } goto exit; } @@ -3482,6 +3526,31 @@ GdpConfReload(gpointer src, // IN } +/* + ****************************************************************************** + * GdpPreShutdown -- + * + * Prepare for shutdown. Set 'stopping' to TRUE to prevent new publications, + * or starting the gdp task thread in the case of a first publication. + * + * @param[in] src The source object, unused + * @param[in] ctx The application context + * @param[in] data Unused + * + ****************************************************************************** + */ + +static void +GdpPreShutdown(gpointer src, // IN + ToolsAppCtx *ctx, // IN + gpointer data) // IN +{ + g_info("%s: Entering ...\n", __FUNCTION__); + Atomic_WriteBool(&gPluginState.stopping, TRUE); + g_debug("%s: Exiting ...\n", __FUNCTION__); +} + + /* ****************************************************************************** * GdpShutdown -- @@ -3505,6 +3574,7 @@ GdpShutdown(gpointer src, // IN Atomic_ReadBool(&gPluginState.stopped)); g_object_set(ctx->serviceObj, TOOLS_PLUGIN_SVC_PROP_GDP, NULL, NULL); GdpDestroy(); + g_debug("%s: Exiting ...\n", __FUNCTION__); } @@ -3564,6 +3634,7 @@ ToolsOnLoad(ToolsAppCtx *ctx) // IN ToolsPluginSignalCb sigs[] = { { TOOLS_CORE_SIG_CONF_RELOAD, GdpConfReload, NULL }, + { TOOLS_CORE_SIG_PRE_SHUTDOWN, GdpPreShutdown, NULL }, { TOOLS_CORE_SIG_SHUTDOWN, GdpShutdown, NULL }, }; ToolsAppReg regs[] = { diff --git a/open-vm-tools/services/plugins/serviceDiscovery/serviceDiscovery.c b/open-vm-tools/services/plugins/serviceDiscovery/serviceDiscovery.c index e35f1c008..0da598f13 100644 --- a/open-vm-tools/services/plugins/serviceDiscovery/serviceDiscovery.c +++ b/open-vm-tools/services/plugins/serviceDiscovery/serviceDiscovery.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 2020-2021,2023 VMware, Inc. All rights reserved. + * Copyright (c) 2020-2024 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -369,8 +370,12 @@ SendData(ToolsAppCtx *ctx, if (gdpErr != GDP_ERROR_SUCCESS) { g_info("%s: ToolsPluginSvcGdp_Publish error: %s\n", __FUNCTION__, gdpErrMsgs[gdpErr]); - /* NOTE to SD maintainer: gdpErr == GDP_ERROR_NO_SUBSCRIBERS to be handled here when ready*/ + /* + * NOTE to SD maintainer: + * GDP_ERROR_NO_SUBSCRIBERS to be handled here when ready + */ if (gdpErr == GDP_ERROR_STOP || + gdpErr == GDP_ERROR_GENERAL || gdpErr == GDP_ERROR_UNREACH || gdpErr == GDP_ERROR_TIMEOUT) { gSkipThisTask = TRUE; diff --git a/open-vm-tools/services/vmtoolsd/mainLoop.c b/open-vm-tools/services/vmtoolsd/mainLoop.c index 1ae277eac..44ab42655 100644 --- a/open-vm-tools/services/vmtoolsd/mainLoop.c +++ b/open-vm-tools/services/vmtoolsd/mainLoop.c @@ -120,6 +120,13 @@ static gboolean gGlobalConfStarted = FALSE; static void ToolsCoreCleanup(ToolsServiceState *state) { + g_info("%s: Entering\n", __FUNCTION__); + /* + * Emit the early shutdown signal. + */ + g_signal_emit_by_name(state->ctx.serviceObj, + TOOLS_CORE_SIG_PRE_SHUTDOWN, + &state->ctx); #if (defined(_WIN32) && !defined(_ARM64_)) || \ (defined(__linux__) && !defined(USERWORLD)) if (state->mainService) { @@ -1219,6 +1226,7 @@ ToolsCore_Setup(ToolsServiceState *state) ToolsCoreService_RegisterProperty(state->ctx.serviceObj, &ctxProp); g_object_set(state->ctx.serviceObj, TOOLS_CORE_PROP_CTX, &state->ctx, NULL); + /* Initialize the environment from config. */ ToolsCoreInitEnv(&state->ctx); ToolsCorePool_Init(&state->ctx); diff --git a/open-vm-tools/services/vmtoolsd/serviceObj.c b/open-vm-tools/services/vmtoolsd/serviceObj.c index 0df4acba6..f5a084e6b 100644 --- a/open-vm-tools/services/vmtoolsd/serviceObj.c +++ b/open-vm-tools/services/vmtoolsd/serviceObj.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 2008-2019, 2021 VMware, Inc. All rights reserved. + * Copyright (c) 2008-2024 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -378,6 +379,16 @@ ToolsCore_Service_class_init(gpointer _klass, G_TYPE_POINTER, G_TYPE_STRING, G_TYPE_STRING); + g_signal_new(TOOLS_CORE_SIG_PRE_SHUTDOWN, + G_OBJECT_CLASS_TYPE(klass), + G_SIGNAL_RUN_LAST, + 0, + NULL, + NULL, + g_cclosure_marshal_VOID__POINTER, + G_TYPE_NONE, + 1, + G_TYPE_POINTER); g_signal_new(TOOLS_CORE_SIG_SHUTDOWN, G_OBJECT_CLASS_TYPE(klass), G_SIGNAL_RUN_LAST, diff --git a/open-vm-tools/tests/testPlugin/testPlugin.c b/open-vm-tools/tests/testPlugin/testPlugin.c index 5229e9a87..f63bf993b 100644 --- a/open-vm-tools/tests/testPlugin/testPlugin.c +++ b/open-vm-tools/tests/testPlugin/testPlugin.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 2008-2016 VMware, Inc. All rights reserved. + * Copyright (c) 2008-2024 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -227,6 +228,30 @@ TestPluginServiceControl(gpointer src, #endif +/** + * Handles a pre-shutdown callback; just logs debug information. This is called + * at the start of a service shutdown prior to the shut down signal, and should + * be used to prepare for an incoming shutdown signal. + * + * @param[in] src The source object. + * @param[in] ctx The app context. + * @param[in] plugin Plugin registration data. + */ + +static void +TestPluginPreShutdown(gpointer src, + ToolsAppCtx *ctx, + ToolsPluginData *plugin) +{ + vm_debug("pre-shutdown signal."); + CU_ASSERT(gInvalidSigError); + CU_ASSERT(gInvalidAppError); + CU_ASSERT(gInvalidAppProvider); + CU_ASSERT(gValidAppRegistration); +} + + + /** * Handles a shutdown callback; just logs debug information. This is called * before the service is shut down, and should be used to clean up any resources @@ -375,6 +400,7 @@ ToolsOnLoad(ToolsAppCtx *ctx) }; ToolsPluginSignalCb sigs[] = { { TOOLS_CORE_SIG_RESET, TestPluginReset, ®Data }, + { TOOLS_CORE_SIG_SHUTDOWN, TestPluginPreShutdown, ®Data }, { TOOLS_CORE_SIG_SHUTDOWN, TestPluginShutdown, ®Data }, { TOOLS_CORE_SIG_CAPABILITIES, TestPluginCapabilities, ®Data }, { TOOLS_CORE_SIG_SET_OPTION, TestPluginSetOption, ®Data }, From 7e249e741c5de5766ed060394806760a3e782c4f Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:49 -0800 Subject: [PATCH 286/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/x86cpuid.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/open-vm-tools/lib/include/x86cpuid.h b/open-vm-tools/lib/include/x86cpuid.h index 1b8241129..5a6b4292a 100644 --- a/open-vm-tools/lib/include/x86cpuid.h +++ b/open-vm-tools/lib/include/x86cpuid.h @@ -820,7 +820,7 @@ FLAG( 12, 0, EAX, 5, 1, SGX_OVERSUB_ENCLV, NO, 0 ) \ FLAG( 12, 0, EAX, 6, 1, SGX_OVERSUB_ENCLS, NO, 0 ) \ FLAG( 12, 0, EAX, 7, 1, SGX_EVERIFYREPORT2, ANY, FUT ) \ FLAG( 12, 0, EAX, 10, 1, SGX_EUPDATESVN, NO, 0 ) \ -FLAG( 12, 0, EAX, 11, 1, SGX_EDECCSSA, ANY, FUT ) \ +FLAG( 12, 0, EAX, 11, 1, SGX_EDECCSSA, ANY, 22 ) \ FLAG( 12, 0, EBX, 0, 1, SGX_MISCSELECT_EXINFO, ANY, FUT ) \ FLAG( 12, 0, EBX, 1, 1, SGX_MISCSELECT_CPINFO, ANY, FUT ) \ FIELD( 12, 0, EDX, 0, 8, MAX_ENCLAVE_SIZE_NOT64, ANY, 17 ) \ @@ -833,7 +833,7 @@ FLAG( 12, 1, EAX, 6, 1, SECS_ATTRIBUTES_CET, NO, 0 ) \ FLAG( 12, 1, EAX, 7, 1, SECS_ATTRIBUTES_KSS, ANY, 17 ) \ FLAG( 12, 1, EAX, 8, 1, SECS_ATTRIBUTES_LAM_U57, NO, 0 ) \ FLAG( 12, 1, EAX, 9, 1, SECS_ATTRIBUTES_LAM_U48, NO, 0 ) \ -FLAG( 12, 1, EAX, 10, 1, SECS_ATTRIBUTES_AEXNOTIFY, ANY, FUT ) \ +FLAG( 12, 1, EAX, 10, 1, SECS_ATTRIBUTES_AEXNOTIFY, ANY, 22 ) \ FIELD( 12, 1, ECX, 0, 32, SECS_ATTRIBUTES_XFRM_LOW, ANY, 17 ) \ FIELD( 12, 1, EDX, 0, 32, SECS_ATTRIBUTES_XFRM_HIGH, ANY, 17 ) \ FIELD( 12, 2, EAX, 0, 4, EPC00_VALID, ANY, 17 ) \ From a9fb794bc379355aaa58be97c15098e247296652 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:49 -0800 Subject: [PATCH 287/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/backdoor_def.h | 1 + 1 file changed, 1 insertion(+) diff --git a/open-vm-tools/lib/include/backdoor_def.h b/open-vm-tools/lib/include/backdoor_def.h index e5246e9fd..9b85f3f58 100644 --- a/open-vm-tools/lib/include/backdoor_def.h +++ b/open-vm-tools/lib/include/backdoor_def.h @@ -174,6 +174,7 @@ extern "C" { # define BDOOR_CMD_FAS_EXIT_BOOT_SERVICES 13 # define BDOOR_CMD_FAS_GET_API_ENABLES 14 # define BDOOR_CMD_FAS_UNACCEPTED_MEM_ENABLED 15 +# define BDOOR_CMD_FAS_GET_DMA_PROT_ENABLED 16 #define BDOOR_CMD_SENDPSHAREHINTS 66 /* Not in use. Deprecated. */ #define BDOOR_CMD_ENABLE_USB_MOUSE 67 #define BDOOR_CMD_GET_VCPU_INFO 68 From 8d64a254d1fd8df7c53e7bb65dee3c987fdaee87 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:49 -0800 Subject: [PATCH 288/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_basic_defs.h | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/open-vm-tools/lib/include/vm_basic_defs.h b/open-vm-tools/lib/include/vm_basic_defs.h index 03620f599..d7933515a 100644 --- a/open-vm-tools/lib/include/vm_basic_defs.h +++ b/open-vm-tools/lib/include/vm_basic_defs.h @@ -633,8 +633,10 @@ typedef int pid_t; /* * Old MSVC versions (such as MSVC 14.29.30133, used to build Workstation's * offset checker) are notorious to have non-standard __VA_ARGS__ handling. + * The current latest Visual Studio 2022 17.10 (MSVC 19.40/_MSC_VER 1940) + * has not fixed the defect yet. */ -#if defined(VMX86_DESKTOP) && (_MSC_VER > 1929) +#if defined(VMX86_DESKTOP) && (_MSC_VER > 1940) #pragma message("ERROR: Compiler version: " XSTR(_MSC_VER)) #pragma message("ERROR: PR 3405101: Is __VA_ARGS__ hack needed for Arm & x86?") #endif @@ -656,8 +658,10 @@ typedef int pid_t; /* * Old MSVC versions (such as MSVC 14.29.30133, used to build Workstation's * offset checker) are notorious to have non-standard __VA_ARGS__ handling. + * The current latest Visual Studio 2022 17.10 (MSVC 19.40/_MSC_VER 1940) + * has not fixed the defect yet. */ -#if defined(VMX86_DESKTOP) && (_MSC_VER > 1929) +#if defined(VMX86_DESKTOP) && (_MSC_VER > 1940) #pragma message("ERROR: Compiler version: " XSTR(_MSC_VER)) #pragma message("ERROR: PR 3405101: Is __VA_ARGS__ hack needed for Arm & x86?") #endif From eabb07b39e7a3d7f873445520ee8630262a83bfd Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:49 -0800 Subject: [PATCH 289/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_assert.h | 70 +++++++++++++++++---------- 1 file changed, 45 insertions(+), 25 deletions(-) diff --git a/open-vm-tools/lib/include/vm_assert.h b/open-vm-tools/lib/include/vm_assert.h index d633af483..54446d1d4 100644 --- a/open-vm-tools/lib/include/vm_assert.h +++ b/open-vm-tools/lib/include/vm_assert.h @@ -113,14 +113,20 @@ extern "C" { # if defined (VMKPANIC) # include "vmk_assert.h" # else /* !VMKPANIC */ -# define _ASSERT_PANIC(name) \ - Panic(_##name##Fmt "\n", __FILE__, __LINE__) -# define _ASSERT_PANIC_BUG(bug, name) \ - Panic(_##name##Fmt " bugNr=%d\n", __FILE__, __LINE__, bug) -# define _ASSERT_PANIC_NORETURN(name) \ - Panic(_##name##Fmt "\n", __FILE__, __LINE__) -# define _ASSERT_PANIC_BUG_NORETURN(bug, name) \ - Panic(_##name##Fmt " bugNr=%d\n", __FILE__, __LINE__, bug) + /* + * N.B. comma-eliding `## __VA_ARGS__` is supported by gcc and the + * latest versions of MSVC. + */ +# define _ASSERT_PANIC(name, fmt, ...) \ + Panic(_##name##Fmt " " fmt "\n", __FILE__, __LINE__, ## __VA_ARGS__) +# define _ASSERT_PANIC_BUG(bug, name, fmt, ...) \ + Panic(_##name##Fmt " bugNr=%d " fmt "\n", __FILE__, __LINE__, bug, \ + ## __VA_ARGS__) +# define _ASSERT_PANIC_NORETURN(name, fmt, ...) \ + Panic(_##name##Fmt " " fmt "\n", __FILE__, __LINE__, ## __VA_ARGS__) +# define _ASSERT_PANIC_BUG_NORETURN(bug, name, fmt, ...) \ + Panic(_##name##Fmt " bugNr=%d " fmt "\n", __FILE__, __LINE__, bug, \ + ## __VA_ARGS__) # endif /* VMKPANIC */ #endif @@ -201,11 +207,24 @@ void WarningThrottled(uint32 *count, const char *fmt, ...) PRINTF_DECL(2, 3); * class invariants, data structure invariants, etc. * * ASSERT() is special cased because of interaction with Windows DDK. + * + * We're passing `AssertAssert, "" __VA_ARGS__` in `ASSERT(cond, ...)` + * to `_ASSERT_PANIC(name, fmt, ...)` to be able to handle both + * simple `ASSERT(cond)` and more elaborate `ASSERT(cond, msg)` and + * `ASSERT(cond, msg, args)`. + * That is, when there are no optional arguments in ASSERT()'s `...`, + * _ASSERT_PANIC()'s `fmt` receives an empty string literal (""). + * OTOH, when there's at least one optional argument in ASSERT()'s `...` + * [the first of them is also expected to be a string literal and should + * be like the format string passed to printf()], "" and the string literal + * of the first optional argument get concatenated into one string literal + * that is then passed to _ASSERT_PANIC()'s `fmt`. */ # undef ASSERT -# define ASSERT(cond) ASSERT_IFNOT(cond, _ASSERT_PANIC(AssertAssert)) -# define ASSERT_BUG(bug, cond) \ - ASSERT_IFNOT(cond, _ASSERT_PANIC_BUG(bug, AssertAssert)) +# define ASSERT(cond, ...) \ + ASSERT_IFNOT(cond, _ASSERT_PANIC(AssertAssert, "" __VA_ARGS__)) +# define ASSERT_BUG(bug, cond, ...) \ + ASSERT_IFNOT(cond, _ASSERT_PANIC_BUG(bug, AssertAssert, "" __VA_ARGS__)) #endif /* @@ -218,10 +237,11 @@ void WarningThrottled(uint32 *count, const char *fmt, ...) PRINTF_DECL(2, 3); * that it need not be handled. */ #undef VERIFY -#define VERIFY(cond) \ - ASSERT_IFNOT(cond, _ASSERT_PANIC_NORETURN(AssertVerify)) -#define VERIFY_BUG(bug, cond) \ - ASSERT_IFNOT(cond, _ASSERT_PANIC_BUG_NORETURN(bug, AssertVerify)) +#define VERIFY(cond, ...) \ + ASSERT_IFNOT(cond, _ASSERT_PANIC_NORETURN(AssertVerify, "" __VA_ARGS__)) +#define VERIFY_BUG(bug, cond, ...) \ + ASSERT_IFNOT(cond, _ASSERT_PANIC_BUG_NORETURN(bug, AssertVerify, \ + "" __VA_ARGS__)) /* * NOT IMPLEMENTED is useful to indicate that a codepath has not yet @@ -240,16 +260,16 @@ void WarningThrottled(uint32 *count, const char *fmt, ...) PRINTF_DECL(2, 3); ASSERT_IFNOT(cond, NOT_IMPLEMENTED()) #if defined VMKPANIC || defined VMM -# define NOT_IMPLEMENTED() _ASSERT_PANIC_NORETURN(AssertNotImplemented) +# define NOT_IMPLEMENTED() _ASSERT_PANIC_NORETURN(AssertNotImplemented, "") #else -# define NOT_IMPLEMENTED() _ASSERT_PANIC(AssertNotImplemented) +# define NOT_IMPLEMENTED() _ASSERT_PANIC(AssertNotImplemented, "") #endif #if defined VMM # define NOT_IMPLEMENTED_BUG(bug) \ - _ASSERT_PANIC_BUG_NORETURN(bug, AssertNotImplemented) + _ASSERT_PANIC_BUG_NORETURN(bug, AssertNotImplemented, "") #else -# define NOT_IMPLEMENTED_BUG(bug) _ASSERT_PANIC_BUG(bug, AssertNotImplemented) +# define NOT_IMPLEMENTED_BUG(bug) _ASSERT_PANIC_BUG(bug, AssertNotImplemented, "") #endif /* @@ -262,9 +282,9 @@ void WarningThrottled(uint32 *count, const char *fmt, ...) PRINTF_DECL(2, 3); * On debug builds, NOT_REACHED is a Panic with a fixed string. */ #if defined VMKPANIC || defined VMM -# define NOT_REACHED() _ASSERT_PANIC_NORETURN(AssertNotReached) +# define NOT_REACHED() _ASSERT_PANIC_NORETURN(AssertNotReached, "") #else -# define NOT_REACHED() _ASSERT_PANIC(AssertNotReached) +# define NOT_REACHED() _ASSERT_PANIC(AssertNotReached, "") #endif #if !defined VMKERNEL && !defined VMKBOOT && !defined VMKERNEL_MODULE @@ -277,8 +297,8 @@ void WarningThrottled(uint32 *count, const char *fmt, ...) PRINTF_DECL(2, 3); * Despite its name, ASSERT_MEM_ALLOC is present in both debug and release * builds. */ -# define ASSERT_MEM_ALLOC(cond) \ - ASSERT_IFNOT(cond, _ASSERT_PANIC(AssertMemAlloc)) +# define ASSERT_MEM_ALLOC(cond, ...) \ + ASSERT_IFNOT(cond, _ASSERT_PANIC(AssertMemAlloc, "" __VA_ARGS__)) #endif /* @@ -323,8 +343,8 @@ void WarningThrottled(uint32 *count, const char *fmt, ...) PRINTF_DECL(2, 3); #if !defined VMX86_DEBUG // { # undef ASSERT -# define ASSERT(cond) ((void)0) -# define ASSERT_BUG(bug, cond) ((void)0) +# define ASSERT(cond, ...) ((void)0) +# define ASSERT_BUG(bug, cond, ...) ((void)0) /* * NOT_REACHED on debug builds is a Panic; but on release From d07e65cf24aa185f5e39c5a4158fdcfa75c098e0 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:49 -0800 Subject: [PATCH 290/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/guest_os_tables.h | 1 + 1 file changed, 1 insertion(+) diff --git a/open-vm-tools/lib/include/guest_os_tables.h b/open-vm-tools/lib/include/guest_os_tables.h index 3a3e1fc0b..d042ee74f 100644 --- a/open-vm-tools/lib/include/guest_os_tables.h +++ b/open-vm-tools/lib/include/guest_os_tables.h @@ -374,6 +374,7 @@ extern "C" { GOKM("asianux7-64", asianux7_64Guest, TRUE) \ GOKM("asianux8-64", asianux8_64Guest, TRUE) \ GOKM("asianux9-64", asianux9_64Guest, TRUE) \ + GOKM("miraclelinux-64", miraclelinux_64Guest, TRUE) \ GOKM("nld9", nld9Guest, TRUE) \ GOKM("oes", oesGuest, TRUE) \ GOKM("sjds", sjdsGuest, TRUE) \ From fcfddd041777b07a849a18daf9550f90b8f24ce1 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:49 -0800 Subject: [PATCH 291/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/guest_os_tables.h | 1 + 1 file changed, 1 insertion(+) diff --git a/open-vm-tools/lib/include/guest_os_tables.h b/open-vm-tools/lib/include/guest_os_tables.h index d042ee74f..24d19ad9d 100644 --- a/open-vm-tools/lib/include/guest_os_tables.h +++ b/open-vm-tools/lib/include/guest_os_tables.h @@ -446,6 +446,7 @@ extern "C" { GOKM("vmkernel65", vmkernel65Guest, TRUE) \ GOKM("vmkernel7", vmkernel7Guest, TRUE) \ GOKM("vmkernel8", vmkernel8Guest, TRUE) \ + GOKM("vmkernel9", vmkernel9Guest, TRUE) \ /* Other guests */ \ GOKM("dos", dosGuest, TRUE) \ GOKM("os2", os2Guest, TRUE) \ From fef434d5893befa038a00a633e0084566aa528f9 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:49 -0800 Subject: [PATCH 292/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/x86cpuid.h | 35 ++++++++++++++++++++-------- 1 file changed, 25 insertions(+), 10 deletions(-) diff --git a/open-vm-tools/lib/include/x86cpuid.h b/open-vm-tools/lib/include/x86cpuid.h index 5a6b4292a..62da3b761 100644 --- a/open-vm-tools/lib/include/x86cpuid.h +++ b/open-vm-tools/lib/include/x86cpuid.h @@ -2684,32 +2684,47 @@ CPUID_IsHypervisorLevel(uint32 level) return (level & 0xffffff00) == 0x40000000; } + /* *---------------------------------------------------------------------- * - * CPUID_LevelUsesEcx -- + * CPUID_LevelMaxRsvd -- * - * Returns TRUE for leaves that support input ECX != 0 (subleaves). + * Returns maximum number of reserved sub-leaves for a given CPUID leaf. * *---------------------------------------------------------------------- */ -static INLINE Bool -CPUID_LevelUsesEcx(uint32 level) { +static INLINE uint32 +CPUID_LevelMaxRsvd(uint32 level) { switch (level) { -#define CPUIDLEVEL(t, s, v, c, h) \ - case v: \ - return c != 0; +#define CPUIDLEVEL(t, s, v, c, h) \ + case v: \ + return c; CPUID_KNOWN_LEVELS #undef CPUIDLEVEL - - default: - return FALSE; } + return 0; +} + + +/* + *---------------------------------------------------------------------- + * + * CPUID_LevelUsesEcx -- + * + * Returns TRUE for leaves that support input ECX != 0 (subleaves). + * + *---------------------------------------------------------------------- + */ + +static INLINE Bool +CPUID_LevelUsesEcx(uint32 level) { + return CPUID_LevelMaxRsvd(level) != 0; } #ifdef _MSC_VER From 19cd19f7df18710b94bcd36c30801a440115ff22 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:49 -0800 Subject: [PATCH 293/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/guest_os_tables.h | 1 + 1 file changed, 1 insertion(+) diff --git a/open-vm-tools/lib/include/guest_os_tables.h b/open-vm-tools/lib/include/guest_os_tables.h index 24d19ad9d..c08d088d1 100644 --- a/open-vm-tools/lib/include/guest_os_tables.h +++ b/open-vm-tools/lib/include/guest_os_tables.h @@ -406,6 +406,7 @@ extern "C" { GOKM("amazonlinux3-64", amazonlinux3_64Guest, TRUE) \ GOKM("almalinux-64", almalinux_64Guest, TRUE) \ GOKM("rockylinux-64", rockylinux_64Guest, TRUE) \ + GOKM("prolinux-64", prolinux_64Guest, TRUE) \ GOKM("CRXPod1-64", crxPod1Guest, TRUE) \ GOKM("CRXSys1-64", crxSys1Guest, TRUE) \ /* Netware guests */ \ From b3661ca9b18c3bc56078cf232314b5c27b12ad80 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:49 -0800 Subject: [PATCH 294/375] Add VMW_FALLTHROUGH in linuxDeployment.c to avoid compiler warning The switch case DEPLOYPKG_STATUS_CLOUD_INIT_DELEGATED was designed to fall-through to case DEPLOYPKG_STATUS_SUCCESS. Add VMW_FALLTHROUGH to avoid compiler warning. --- open-vm-tools/libDeployPkg/linuxDeployment.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/open-vm-tools/libDeployPkg/linuxDeployment.c b/open-vm-tools/libDeployPkg/linuxDeployment.c index d31d52927..44cac8ef4 100644 --- a/open-vm-tools/libDeployPkg/linuxDeployment.c +++ b/open-vm-tools/libDeployPkg/linuxDeployment.c @@ -38,6 +38,7 @@ #include #include #include "str.h" +#include "vm_basic_defs.h" #include "mspackWrapper.h" #include "deployPkg/deployPkgFormat.h" @@ -2103,6 +2104,7 @@ DeployPkg_DeployPackageFromFile(const char* file) */ sLog(log_info, "Deployment delegated to Cloud-init. Returning success."); + VMW_FALLTHROUGH(); case DEPLOYPKG_STATUS_SUCCESS: retStatus = 0; break; From 14431821730e5766062c96e3779d42f8ae62e4de Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:50 -0800 Subject: [PATCH 295/375] Change to common source files not applicable to open-vm-tools. --- open-vm-tools/lib/file/fileLockPrimitive.c | 18 +++++++++++++++--- open-vm-tools/lib/include/file.h | 6 ++++-- 2 files changed, 19 insertions(+), 5 deletions(-) diff --git a/open-vm-tools/lib/file/fileLockPrimitive.c b/open-vm-tools/lib/file/fileLockPrimitive.c index 2cd4e645e..e550483df 100644 --- a/open-vm-tools/lib/file/fileLockPrimitive.c +++ b/open-vm-tools/lib/file/fileLockPrimitive.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 2007-2021,2023 VMware, Inc. All rights reserved. + * Copyright (c) 2007-2024 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -54,6 +55,7 @@ #include "vm_atomic.h" #include "util.h" #include "hostType.h" +#include "userlock.h" #include "unicodeOperations.h" @@ -1212,8 +1214,16 @@ FileLockMakeDirectory(const char *pathName) // IN: #if !defined(_WIN32) mode_t save; + static Atomic_Ptr lckStorage; - save = umask(0); + /* Get and take lock to serial this routine. */ + MXUserExclLock *lck = MXUser_CreateSingletonExclLock(&lckStorage, + "fileLockMakeDirectory", + RANK_LEAF); + + MXUser_AcquireExclLock(lck); + + save = umask(0); // Disable masking; save current value #endif ASSERT(pathName != NULL); @@ -1221,7 +1231,9 @@ FileLockMakeDirectory(const char *pathName) // IN: err = FileCreateDirectoryRobust(pathName, 0777); #if !defined(_WIN32) - umask(save); + umask(save); // Restore previous value + + MXUser_ReleaseExclLock(lck); #endif return err; diff --git a/open-vm-tools/lib/include/file.h b/open-vm-tools/lib/include/file.h index 726d5c14d..d863ba9a8 100644 --- a/open-vm-tools/lib/include/file.h +++ b/open-vm-tools/lib/include/file.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 1998-2020,2023 VMware, Inc. All rights reserved. + * Copyright (c) 1998-2024 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -381,7 +382,8 @@ int File_MakeSafeTemp(const char *tag, Bool File_DoesVolumeSupportAcls(const char *pathName); -Bool File_IsSubPathOf(const char *base, const char *path); +Bool File_IsSubPathOf(const char *base, + const char *path); Bool File_DoesVolumeSupportConvertBlocks(const char *pathName); From 1d9388e4133204652a1fb7373d53deb5c3cc2a38 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:50 -0800 Subject: [PATCH 296/375] Change to common source file not applicable to open-vm-tools. --- open-vm-tools/lib/file/fileLockPrimitive.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/lib/file/fileLockPrimitive.c b/open-vm-tools/lib/file/fileLockPrimitive.c index e550483df..193fc3693 100644 --- a/open-vm-tools/lib/file/fileLockPrimitive.c +++ b/open-vm-tools/lib/file/fileLockPrimitive.c @@ -1214,6 +1214,7 @@ FileLockMakeDirectory(const char *pathName) // IN: #if !defined(_WIN32) mode_t save; + mode_t check; static Atomic_Ptr lckStorage; /* Get and take lock to serial this routine. */ @@ -1231,7 +1232,9 @@ FileLockMakeDirectory(const char *pathName) // IN: err = FileCreateDirectoryRobust(pathName, 0777); #if !defined(_WIN32) - umask(save); // Restore previous value + check = umask(save); // Restore previous value; 0 should be returned + + ASSERT(check == 0); MXUser_ReleaseExclLock(lck); #endif From 336eddbe12a78ee34b114d41ff2a63a7a359b288 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:50 -0800 Subject: [PATCH 297/375] Change to common source files not applicable to open-vm-tools at this time. --- open-vm-tools/configure.ac | 1 + open-vm-tools/tests/Makefile.am | 4 +++- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/configure.ac b/open-vm-tools/configure.ac index fe366ed97..b476c0e43 100644 --- a/open-vm-tools/configure.ac +++ b/open-vm-tools/configure.ac @@ -1897,6 +1897,7 @@ AC_CONFIG_FILES([ \ + ### ### Output ### diff --git a/open-vm-tools/tests/Makefile.am b/open-vm-tools/tests/Makefile.am index 4203dd998..4e65943a4 100644 --- a/open-vm-tools/tests/Makefile.am +++ b/open-vm-tools/tests/Makefile.am @@ -1,5 +1,7 @@ ################################################################################ -### Copyright (c) 2009-2016,2022,2023 VMware, Inc. All rights reserved. +### Copyright (c) 2009-2024 Broadcom. All Rights Reserved. +### Broadcom Confidential. The term "Broadcom" refers to Broadcom Inc. +### and/or its subsidiaries. ### ### This program is free software; you can redistribute it and/or modify ### it under the terms of version 2 of the GNU General Public License as From 206e3529b31604cf971b1400d0c9fad03e5f353d Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:50 -0800 Subject: [PATCH 298/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_basic_defs.h | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/open-vm-tools/lib/include/vm_basic_defs.h b/open-vm-tools/lib/include/vm_basic_defs.h index d7933515a..90ac5cd75 100644 --- a/open-vm-tools/lib/include/vm_basic_defs.h +++ b/open-vm-tools/lib/include/vm_basic_defs.h @@ -853,11 +853,17 @@ typedef int pid_t; #else #define ulm_esx 0 #endif +#ifdef ULM_LIN +#define ulm_lin 1 +#else +#define ulm_lin 0 +#endif #else #define vmx86_ulm 0 #define ulm_mac 0 #define ulm_win 0 #define ulm_esx 0 +#define ulm_lin 0 #define ULM_ONLY(x) #endif From 263c766653f875b288e749267a537289e42f3fd6 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:50 -0800 Subject: [PATCH 299/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/guest_os_tables.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/guest_os_tables.h b/open-vm-tools/lib/include/guest_os_tables.h index c08d088d1..6bd4d7fb3 100644 --- a/open-vm-tools/lib/include/guest_os_tables.h +++ b/open-vm-tools/lib/include/guest_os_tables.h @@ -406,7 +406,8 @@ extern "C" { GOKM("amazonlinux3-64", amazonlinux3_64Guest, TRUE) \ GOKM("almalinux-64", almalinux_64Guest, TRUE) \ GOKM("rockylinux-64", rockylinux_64Guest, TRUE) \ - GOKM("prolinux-64", prolinux_64Guest, TRUE) \ + GOKM("prolinux-64", prolinux_64Guest, TRUE) \ + GOKM("kylinlinux-64", kylinlinux_64Guest, TRUE) \ GOKM("CRXPod1-64", crxPod1Guest, TRUE) \ GOKM("CRXSys1-64", crxSys1Guest, TRUE) \ /* Netware guests */ \ From 1a3cb2bdf53e113ca4e2129b1eca7da52765a4db Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:50 -0800 Subject: [PATCH 300/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/x86cpuid.h | 22 ++++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) diff --git a/open-vm-tools/lib/include/x86cpuid.h b/open-vm-tools/lib/include/x86cpuid.h index 62da3b761..fadfc97ca 100644 --- a/open-vm-tools/lib/include/x86cpuid.h +++ b/open-vm-tools/lib/include/x86cpuid.h @@ -957,10 +957,10 @@ FLAG( 1C, 0, EBX, 2, 1, LBR_CALL_STACK_MODE, YES, 20 ) \ FLAG( 1C, 0, ECX, 0, 1, LBR_MISPREDICT, YES, 20 ) \ FLAG( 1C, 0, ECX, 1, 1, LBR_TIMED_LBRS, YES, 20 ) \ FLAG( 1C, 0, ECX, 2, 1, LBR_BRANCH_TYPE, YES, 20 ) \ -FLAG( 1C, 0, ECX, 16, 1, LBR_EVENT_LOGGING_PMC0, NO, 0 ) \ -FLAG( 1C, 0, ECX, 17, 1, LBR_EVENT_LOGGING_PMC1, NO, 0 ) \ -FLAG( 1C, 0, ECX, 18, 1, LBR_EVENT_LOGGING_PMC2, NO, 0 ) \ -FLAG( 1C, 0, ECX, 19, 1, LBR_EVENT_LOGGING_PMC3, NO, 0 ) +FLAG( 1C, 0, ECX, 16, 1, LBR_EVENT_LOGGING_PMC0, YES, 22 ) \ +FLAG( 1C, 0, ECX, 17, 1, LBR_EVENT_LOGGING_PMC1, YES, 22 ) \ +FLAG( 1C, 0, ECX, 18, 1, LBR_EVENT_LOGGING_PMC2, YES, 22 ) \ +FLAG( 1C, 0, ECX, 19, 1, LBR_EVENT_LOGGING_PMC3, YES, 22 ) /* LEVEL, SUB-LEVEL, REG, POS, SIZE, NAME, MON SUPP, HWV */ #define CPUID_FIELD_DATA_LEVEL_1D \ @@ -1916,6 +1916,10 @@ CPUIDCheck(int32 eaxIn, int32 eaxInCheck, #define CPUID_MODEL_ZEN2_7F 0x7F // Ryzen3: max model #define CPUID_MODEL_ZEN3_00 0x00 // family == CPUID_FAMILY_ZEN3 #define CPUID_MODEL_ZEN3_0F 0x0F // Max Zen3 model +#define CPUID_MODEL_ZEN4_10 0x10 // family == CPUID_FAMILY_ZEN3 +#define CPUID_MODEL_ZEN4_1F 0x1F // Max Zen4 model +#define CPUID_MODEL_ZEN4_A0 0xA0 // family == CPUID_FAMILY_ZEN3 +#define CPUID_MODEL_ZEN4_AF 0xAF // Zen4 D: max model /* AMD stepping information */ #define CPUID_STEPPING_ZEN_NAPLES_B2 0x02 // Zen Naples ZP-B2 @@ -2647,6 +2651,16 @@ CPUID_MODEL_IS_ZEN3(uint32 eax) CPUID_EFFECTIVE_MODEL(eax) <= CPUID_MODEL_ZEN3_0F; } +static INLINE Bool +CPUID_MODEL_IS_ZEN4(uint32 eax) +{ + return CPUID_EFFECTIVE_FAMILY(eax) == CPUID_FAMILY_ZEN3 && + ((CPUID_EFFECTIVE_MODEL(eax) >= CPUID_MODEL_ZEN4_10 && + CPUID_EFFECTIVE_MODEL(eax) <= CPUID_MODEL_ZEN4_1F) || + (CPUID_EFFECTIVE_MODEL(eax) >= CPUID_MODEL_ZEN4_A0 && + CPUID_EFFECTIVE_MODEL(eax) <= CPUID_MODEL_ZEN4_AF)); +} + #define CPUID_LEAF4_CACHE_TYPE_NULL 0 #define CPUID_LEAF4_CACHE_TYPE_DATA 1 From e7a634e4fb8747642cd9d3a6cdf4bb8d5848f0dd Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:50 -0800 Subject: [PATCH 301/375] Change to common source file not applicable to open-vm-tools. --- open-vm-tools/lib/file/fileIOPosix.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/open-vm-tools/lib/file/fileIOPosix.c b/open-vm-tools/lib/file/fileIOPosix.c index 492a4bf4a..4dedb08fc 100644 --- a/open-vm-tools/lib/file/fileIOPosix.c +++ b/open-vm-tools/lib/file/fileIOPosix.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 1998-2022 VMware, Inc. All rights reserved. + * Copyright (c) 1998-2024 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -358,11 +359,11 @@ FileIO_OptionalSafeInitialize(void) */ void -FileIO_Invalidate(FileIODescriptor *fd) // OUT: +FileIO_Invalidate(FileIODescriptor *fd) // IN/OUT: { ASSERT(fd != NULL); - (memset)(fd, 0, sizeof *fd); + memset(fd, 0, sizeof *fd); fd->posix = -1; } From 74c9458d2a1cf2107583ed77931ff1fe2f4e3095 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:50 -0800 Subject: [PATCH 302/375] Change to common source file not applicable to open-vm-tools at this time. --- open-vm-tools/services/vmtoolsd/cmdLine.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/open-vm-tools/services/vmtoolsd/cmdLine.c b/open-vm-tools/services/vmtoolsd/cmdLine.c index dbd2c7661..0c276929f 100644 --- a/open-vm-tools/services/vmtoolsd/cmdLine.c +++ b/open-vm-tools/services/vmtoolsd/cmdLine.c @@ -68,7 +68,7 @@ ToolsCoreRunCommand(const gchar *option, VMTools_AttachConsole(); #endif if (VmCheck_IsVirtualWorld()) { - char *result = NULL; + char *result; Bool status = RpcChannel_SendOne(&result, NULL, "%s", value); if (!status) { @@ -109,7 +109,7 @@ ToolsCoreRunCommandFromFile(const gchar *option, VMTools_AttachConsole(); #endif if (VmCheck_IsVirtualWorld()) { - char *result = NULL; + char *result; Bool status; gchar *fileContents = NULL; From ef6e01f8eb50245ca9fb3700666d6ed6e636f1ed Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:50 -0800 Subject: [PATCH 303/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/x86cpuid.h | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/open-vm-tools/lib/include/x86cpuid.h b/open-vm-tools/lib/include/x86cpuid.h index fadfc97ca..7bb5dfed7 100644 --- a/open-vm-tools/lib/include/x86cpuid.h +++ b/open-vm-tools/lib/include/x86cpuid.h @@ -104,10 +104,10 @@ typedef struct CPUIDReply { } CPUIDReply; typedef struct CPUIDQuery { - uint32 eax; // IN - uint32 ecx; // IN - uint32 numLogicalCPUs; // IN/OUT - CPUIDReply logicalCPUs[0]; // OUT + uint32 eax; // IN + uint32 ecx; // IN + uint32 numLogicalCPUs; // IN/OUT + CPUIDReply logicalCPUs[] COUNTED_BY(numLogicalCPUs); // OUT } CPUIDQuery; #pragma pack(pop) #endif From 4a982fdeabac0e9b0ad088bf45f66fb7bd0d0de7 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:50 -0800 Subject: [PATCH 304/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_product_versions.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/open-vm-tools/lib/include/vm_product_versions.h b/open-vm-tools/lib/include/vm_product_versions.h index 345ee0a75..684ec05fd 100644 --- a/open-vm-tools/lib/include/vm_product_versions.h +++ b/open-vm-tools/lib/include/vm_product_versions.h @@ -274,7 +274,7 @@ #define VPX_VERSION_MAJOR "9" #define VPX_VERSION_MINOR "0" #define VPX_VERSION_MAINT "0" -#define VPX_VERSION_PATCH "00000" +#define VPX_VERSION_PATCH "0000" #define VPX_VERSION_THIRD_PARTY VPX_VERSION_MAJOR VPX_VERSION_MINOR \ VPX_VERSION_MAINT //MARKER_FAST_REMOVE_START @@ -285,7 +285,7 @@ //MARKER_FAST_UNCOMMENT_END // Last supported ESX version by VC. -#define VPX_MIN_HOST_VERSION "7.0.0" +#define VPX_MIN_HOST_VERSION "8.0.0" #define MAX_SUPPORTED_VI_VERSION "6.6" //from ovfTool/src/supportedVersions.h #define VCDB_CURRENT_SCHEMA_VERSION 900 // from PitCADatabase.h From d5f77afbcd30e47eec6f41db9bcd44fa6c629a3e Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:50 -0800 Subject: [PATCH 305/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/x86cpuid.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/x86cpuid.h b/open-vm-tools/lib/include/x86cpuid.h index 7bb5dfed7..71c6b9561 100644 --- a/open-vm-tools/lib/include/x86cpuid.h +++ b/open-vm-tools/lib/include/x86cpuid.h @@ -624,7 +624,7 @@ FLAG( 7, 1, EBX, 0, 1, LEAF7_PPIN, NO, 0 ) \ FLAG( 7, 1, EBX, 1, 1, PBNDKB, NO, 0 ) \ FLAG( 7, 1, EDX, 4, 1, AVX_VNNI_INT8, YES, 22 ) \ FLAG( 7, 1, EDX, 5, 1, AVX_NE_CONVERT, YES, 22 ) \ -FLAG( 7, 1, EDX, 8, 1, AMX_COMPLEX, NO, 0 ) \ +FLAG( 7, 1, EDX, 8, 1, AMX_COMPLEX, YES, 22 ) \ FLAG( 7, 1, EDX, 10, 1, AVX_VNNI_INT16, NO, 0 ) \ FLAG( 7, 1, EDX, 13, 1, UTMR, NO, 0 ) \ FLAG( 7, 1, EDX, 14, 1, PREFETCHI, YES, 21 ) \ From c81edc381769b6c62d38679201085b595e53ac3f Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:50 -0800 Subject: [PATCH 306/375] Bump tools version to 13.0.0 on main The next VMWare Tools product release is to be version 13.0.0. Switching the version of tools on main from the current development version 12.6.0 to 13.0.0. --- open-vm-tools/lib/include/vm_tools_version.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/open-vm-tools/lib/include/vm_tools_version.h b/open-vm-tools/lib/include/vm_tools_version.h index 1e876a6c7..cff3f2f56 100644 --- a/open-vm-tools/lib/include/vm_tools_version.h +++ b/open-vm-tools/lib/include/vm_tools_version.h @@ -1803,8 +1803,8 @@ TOOLS_VERSION_UINT_TO_COMPONENTS(const ToolsVersion toolsVersion, // IN #ifndef RC_INVOKED #define TOOLS_VERSION_NEXT TOOLS_VERSION_TO_UINT(TOOLS_VERSION_NEXT_V) #endif /* RC_INVOKED */ -#define TOOLS_VERSION_NEXT_V_MJR 12 -#define TOOLS_VERSION_NEXT_V_MNR 6 +#define TOOLS_VERSION_NEXT_V_MJR 13 +#define TOOLS_VERSION_NEXT_V_MNR 0 #define TOOLS_VERSION_NEXT_V_BASE 0 #define TOOLS_VERSION_CURRENT TOOLS_VERSION_NEXT From 29b3c1bcb31c51ac6ec276630990bf0a549c5cc0 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:50 -0800 Subject: [PATCH 307/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/x86cpuid.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/x86cpuid.h b/open-vm-tools/lib/include/x86cpuid.h index 71c6b9561..b9bedf59e 100644 --- a/open-vm-tools/lib/include/x86cpuid.h +++ b/open-vm-tools/lib/include/x86cpuid.h @@ -613,7 +613,7 @@ FLAG( 7, 1, EAX, 11, 1, FAST_SHORT_STOSB, YES, 20 ) \ FLAG( 7, 1, EAX, 12, 1, FAST_SHORT_CMPSB_SCASB, YES, 20 ) \ FLAG( 7, 1, EAX, 17, 1, FRED, NO, 0 ) \ FLAG( 7, 1, EAX, 18, 1, LKGS, NO, 0 ) \ -FLAG( 7, 1, EAX, 19, 1, WRMSRNS, NO, 0 ) \ +FLAG( 7, 1, EAX, 19, 1, WRMSRNS, YES, 22 ) \ FLAG( 7, 1, EAX, 20, 1, NMI_SRC, NO, 0 ) \ FLAG( 7, 1, EAX, 21, 1, AMX_FP16, YES, 21 ) \ FLAG( 7, 1, EAX, 22, 1, HRESET, NO, 0 ) \ From 4722a04f7eb2ca91aaed3af3b52c9d94f7f9645e Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:51 -0800 Subject: [PATCH 308/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/x86_basic_defs.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/x86_basic_defs.h b/open-vm-tools/lib/include/x86_basic_defs.h index a3ad34fa5..ab79ea2d0 100644 --- a/open-vm-tools/lib/include/x86_basic_defs.h +++ b/open-vm-tools/lib/include/x86_basic_defs.h @@ -111,7 +111,7 @@ #define CR4_UINTR 0x02000000 #define CR4_LASS 0x08000000 #define CR4_LAM_SUP 0x10000000 -#define CR4_RESERVED CONST64U(0xffffffffee089000) +#define CR4_RESERVED CONST64U(0xffffffffe6089000) #define CR8_RESERVED CONST64U(0xfffffffffffffff0) /* From 76f6e5c391002e43b2c020b9ed4e970ee0174ccc Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:51 -0800 Subject: [PATCH 309/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/guest_os_tables.h | 1 + 1 file changed, 1 insertion(+) diff --git a/open-vm-tools/lib/include/guest_os_tables.h b/open-vm-tools/lib/include/guest_os_tables.h index 6bd4d7fb3..71760b2f1 100644 --- a/open-vm-tools/lib/include/guest_os_tables.h +++ b/open-vm-tools/lib/include/guest_os_tables.h @@ -405,6 +405,7 @@ extern "C" { GOKM("amazonlinux2-64", amazonlinux2_64Guest, TRUE) \ GOKM("amazonlinux3-64", amazonlinux3_64Guest, TRUE) \ GOKM("almalinux-64", almalinux_64Guest, TRUE) \ + GOKM("fusionos-64", fusionos_64Guest, TRUE) \ GOKM("rockylinux-64", rockylinux_64Guest, TRUE) \ GOKM("prolinux-64", prolinux_64Guest, TRUE) \ GOKM("kylinlinux-64", kylinlinux_64Guest, TRUE) \ From f6bcb8764fcfa799d2c0613743495085bbe6521d Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:51 -0800 Subject: [PATCH 310/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/guest_os_tables.h | 1 + 1 file changed, 1 insertion(+) diff --git a/open-vm-tools/lib/include/guest_os_tables.h b/open-vm-tools/lib/include/guest_os_tables.h index 71760b2f1..3947e9ce9 100644 --- a/open-vm-tools/lib/include/guest_os_tables.h +++ b/open-vm-tools/lib/include/guest_os_tables.h @@ -375,6 +375,7 @@ extern "C" { GOKM("asianux8-64", asianux8_64Guest, TRUE) \ GOKM("asianux9-64", asianux9_64Guest, TRUE) \ GOKM("miraclelinux-64", miraclelinux_64Guest, TRUE) \ + GOKM("pardus-64", pardus_64Guest, TRUE) \ GOKM("nld9", nld9Guest, TRUE) \ GOKM("oes", oesGuest, TRUE) \ GOKM("sjds", sjdsGuest, TRUE) \ From eeb78ef9a10f321178d04d67d0f789cd39c8a174 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:51 -0800 Subject: [PATCH 311/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/x86cpuid.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/x86cpuid.h b/open-vm-tools/lib/include/x86cpuid.h index b9bedf59e..0854fe804 100644 --- a/open-vm-tools/lib/include/x86cpuid.h +++ b/open-vm-tools/lib/include/x86cpuid.h @@ -605,7 +605,7 @@ FLAG( 7, 1, EAX, 2, 1, SM4, NO, 0 ) \ FLAG( 7, 1, EAX, 3, 1, RAO_INT, NO, 0 ) \ FLAG( 7, 1, EAX, 4, 1, AVX_VNNI, YES, 20 ) \ FLAG( 7, 1, EAX, 5, 1, AVX512BF16, YES, 18 ) \ -FLAG( 7, 1, EAX, 6, 1, LASS, NO, 0 ) \ +FLAG( 7, 1, EAX, 6, 1, LASS, YES, 22 ) \ FLAG( 7, 1, EAX, 7, 1, CMPCCXADD, YES, 22 ) \ FLAG( 7, 1, EAX, 8, 1, ARCH_PERFMON_EXT, NO, 0 ) \ FLAG( 7, 1, EAX, 10, 1, FAST_ZERO_MOVSB, YES, 20 ) \ From 477886b720ad44ae632e0a1ffa9a3fe8f84730b7 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:51 -0800 Subject: [PATCH 312/375] With this modification to VMware Tools Support script, the files listed under "logging" section in tools.conf file are additionally bundled into tar archive. --- open-vm-tools/scripts/common/vm-support | 55 ++++++++++++++++++- open-vm-tools/toolbox/l10n/en.vmsg | 5 +- open-vm-tools/toolbox/toolboxcmd-config.c | 67 +++++++++++++++++------ 3 files changed, 106 insertions(+), 21 deletions(-) diff --git a/open-vm-tools/scripts/common/vm-support b/open-vm-tools/scripts/common/vm-support index f949d6bd4..9813ac614 100644 --- a/open-vm-tools/scripts/common/vm-support +++ b/open-vm-tools/scripts/common/vm-support @@ -1,6 +1,7 @@ #!/bin/sh ########################################################## -# Copyright (c) 2006-2022 VMware, Inc. All rights reserved. +# Copyright (c) 2006-2024 Broadcom. All Rights Reserved. +# The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. # # This program is free software; you can redistribute it and/or modify it # under the terms of the GNU Lesser General Public License as published @@ -133,6 +134,54 @@ addfiles() } +# Get the log files mentioned in the logging section of tools.conf. Get the log +# archive file names +# The archive logic for these logs files seems to be this. Below is one example: +# if vmtoolsd.data = vmtoolsd.log +# then the file is backed up as vmtoolsd.1.log vmtoolsd.2.log etc +# if vmtoolsd.data = vmtoolsdlog +# then the file is backed up as vmtoolsdlog.1 vmtoolsdlog.2 etc +# if vmtoolsd.data = vmtoolsdlog.a +# then the file is backed up as vmtoolsdlog.1.a vmtoolsdlog.2.a etc +addLogFiles() +{ + IFS="" + vmware-toolbox-cmd config get logging | grep "\.data =" | cut -d"=" -f2 | while read -r logFile; do + logFile=`eval echo "$logFile"` + if [ -z "$logFile" ]; then + continue + fi + + # trim the leading spaces + logFile=`echo $logFile | sed 's/^ *//'` + dirName=`dirname $logFile` + fileName=`basename $logFile` + + #find and add the current logs + find "$dirName" -maxdepth 1 -name "$fileName" -print | while read -r logFile; do + addfile "$logFile" + done + + # File prefix is the part that is before the last '.' in the file name + fileNamePrefix=`echo $fileName | rev | cut -d"." -f2- | rev` + + # File suffix is the part that is after the last '.' in the file name + fileNameSuffix=`echo $fileName | rev | cut -s -d"." -f1 | rev` + # Add numbers after the prefix to get all the backed up file names + # Also add the .suffix if suffix exists + if [ -z "$fileNameSuffix" ]; then + fileName="${fileNamePrefix}.*[0-9]" + else + fileName="${fileNamePrefix}.*[0-9].${fileNameSuffix}" + fi + + find "$dirName" -maxdepth 1 -name "$fileName" -print | while read -r logFile; do + addfile "$logFile" + done + done +} + + # runcmd($out, $cmd): executes the command redirected to a file runcmd() { @@ -191,6 +240,8 @@ stageLinux() runcmd "/tmp/apt-list.txt" apt list fi runcmd "/tmp/free.txt" free + + addLogFiles } @@ -254,7 +305,7 @@ collectNetworkDetails() export PATH=/bin:/sbin:/usr/bin:/usr/sbin TARFILE=vm-`date +%Y-%m-%d`.$$.tar.gz -VER=0.95 +VER=0.96 # Parse args for option in $@ diff --git a/open-vm-tools/toolbox/l10n/en.vmsg b/open-vm-tools/toolbox/l10n/en.vmsg index fda9d9fd6..4962cf172 100644 --- a/open-vm-tools/toolbox/l10n/en.vmsg +++ b/open-vm-tools/toolbox/l10n/en.vmsg @@ -1,5 +1,6 @@ ########################################################## -# Copyright (c) 2010-2017,2020-2021 VMware, Inc. All rights reserved. +# Copyright (c) 2010-2024 Broadcom. All Rights Reserved. +# The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. # # This program is free software; you can redistribute it and/or modify it # under the terms of the GNU Lesser General Public License as published @@ -92,7 +93,7 @@ error.novirtual = "%1$s must be run inside a virtual machine.\n" error.unknown = "%1$s: Unknown %2$s '%3$s'\n" -help.config = "%1$s: modify Tools configuration\nUsage: %2$s %3$s \n\nSubcommands:\n get
: display current value for \n NOTE: If the is not present in tools.conf, its\n value from the global configuration is returned if present\n set
: set to \n\n remove
: remove \n\n
can be any supported section, such as logging, guestoperations or guestinfo.\n can be any configuration key.\n can be any value.\n" +help.config = "%1$s: modify Tools configuration\nUsage: %2$s %3$s \n\nSubcommands:\n get
: display all the key values in the
\n get
: display current value for \n NOTE: If the is not present in tools.conf, its\n value from the global configuration is returned if present\n set
: set to \n\n remove
: remove \n\n
can be any supported section, such as logging, guestoperations or guestinfo.\n can be any configuration key.\n can be any value.\n" help.device = "%1$s: functions related to the virtual machine's hardware devices\nUsage: %2$s %3$s [args]\ndev is the name of the device.\n\nSubcommands:\n enable : enable the device dev\n disable : disable the device dev\n list: list all available devices\n status : print the status of a device\n" diff --git a/open-vm-tools/toolbox/toolboxcmd-config.c b/open-vm-tools/toolbox/toolboxcmd-config.c index 8e7b03509..586567a72 100644 --- a/open-vm-tools/toolbox/toolboxcmd-config.c +++ b/open-vm-tools/toolbox/toolboxcmd-config.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 2016,2020-2021 VMware, Inc. All rights reserved. + * Copyright (c) 2016-2024 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -32,6 +33,7 @@ #include "vmware/tools/i18n.h" #include "vmware/tools/utils.h" #include "vmware/tools/log.h" +#include "vm_assert.h" /* @@ -108,7 +110,6 @@ ConfigGet(const char *section, // section { GKeyFile *confDict = NULL; int ret = EXIT_SUCCESS; - gchar *value = NULL; VMTools_LoadConfig(NULL, G_KEY_FILE_KEEP_COMMENTS | G_KEY_FILE_KEEP_TRANSLATIONS, @@ -117,20 +118,44 @@ ConfigGet(const char *section, // section if (confDict) { TOOLBOXCMD_LOAD_GLOBALCONFIG(confDict) - value = g_key_file_get_string(confDict, section, - key, NULL); - } else { - ret = EX_UNAVAILABLE; - } - if (value) { - g_print("[%s] %s = %s\n", section, key, value); + // If there is no key, get all the key value pairs in the section + if (key == NULL) { + gchar **keys; + gsize numKeys; + GError *err = NULL; + int index; + + keys = g_key_file_get_keys(confDict, section, &numKeys, &err); + if (err) { + g_print("[%s] UNSET\n", section); + } else { + g_print("[%s]\n", section); + for (index = 0; index < numKeys; index++) { + gchar *value = g_key_file_get_string(confDict, + section, keys[index], NULL); + ASSERT(value != NULL); + if (value) { + g_print("%s = %s\n", keys[index], value); + } + g_free(value); + } + } + g_strfreev(keys); + } else { + gchar *value = g_key_file_get_string(confDict, section, key, NULL); + if (value) { + g_print("[%s] %s = %s\n", section, key, value); + } else { + g_print("[%s] %s UNSET\n", section, key); + } + g_free(value); + } } else { - g_print("[%s] %s UNSET\n", section, key); + ret = EX_UNAVAILABLE; } g_key_file_free(confDict); - g_free(value); return ret; } @@ -223,23 +248,30 @@ Config_Command(char **argv, // IN: Command line arguments SU_(arg.config.operation, "config operation")); return EX_USAGE; } + op = argv[optind]; if ((optind + 1) >= argc) { ToolsCmd_MissingEntityError(argv[0], SU_(arg.config.section, "config section")); return EX_USAGE; } + section = argv[optind + 1]; if ((optind + 2) >= argc) { - ToolsCmd_MissingEntityError(argv[0], + /* + * For 'get' operation, key is optional + * With no key, 'get' operation prints all key-value pairs in that section + */ + if (toolbox_strcmp(op, "get") != 0) { + ToolsCmd_MissingEntityError(argv[0], SU_(arg.config.key, "config key")); - return EX_USAGE; + return EX_USAGE; + } + key = NULL; + } else { + key = argv[optind + 2]; } - op = argv[optind]; - section = argv[optind + 1]; - key = argv[optind + 2]; - if (toolbox_strcmp(op, "set") == 0) { const char *value; @@ -288,6 +320,7 @@ Config_Help(const char *progName, // IN: The name of the program obtained from a "%s: modify Tools configuration\n" "Usage: %s %s \n\n" "Subcommands:\n" + " get
: display all the key values in the
\n" " get
: display current value for \n" " NOTE: If the is not present in tools.conf, its\n" " value from the global configuration is returned if present\n" From 70bc05adbaff8e81102141b7b7ecd4f07b0427d3 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:51 -0800 Subject: [PATCH 313/375] Change to common header files not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_product.h | 7 +--- .../lib/include/vm_product_versions.h | 39 ------------------- 2 files changed, 2 insertions(+), 44 deletions(-) diff --git a/open-vm-tools/lib/include/vm_product.h b/open-vm-tools/lib/include/vm_product.h index dc037c4e8..12d3dd5fa 100644 --- a/open-vm-tools/lib/include/vm_product.h +++ b/open-vm-tools/lib/include/vm_product.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 2006-2022 VMware, Inc. All rights reserved. + * Copyright (c) 2006-2024 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -198,7 +199,6 @@ || defined(VMX86_SERVER) \ || defined(VMKBOOT) \ || defined(VMX86_DESKTOP) \ - || defined(VMX86_HORIZON_VIEW) \ || defined(VMX86_VPX) \ || defined(VMX86_SDK) \ || defined(VMX86_TOOLS) \ @@ -272,9 +272,6 @@ # define PRODUCT_SHORT_NAME PRODUCT_NETDUMP_NAME #elif defined(VMX86_HBR_SERVER) # define PRODUCT_SHORT_NAME PRODUCT_HBR_SERVER_NAME -#elif defined(VMX86_HORIZON_VIEW) -// Do not change product name; many consumers depend on it. -# define PRODUCT_SHORT_NAME PRODUCT_VIEW_NAME #elif defined(VMX86_VMCF) # define PRODUCT_SHORT_NAME PRODUCT_VMCF_NAME #elif defined(VMX86_INTEGRITY) diff --git a/open-vm-tools/lib/include/vm_product_versions.h b/open-vm-tools/lib/include/vm_product_versions.h index 684ec05fd..3a3c66f1a 100644 --- a/open-vm-tools/lib/include/vm_product_versions.h +++ b/open-vm-tools/lib/include/vm_product_versions.h @@ -83,8 +83,6 @@ #elif defined(VMX86_VPX) /* this should be kept in sync with the corresponding vpx branch. */ #define PRODUCT_VERSION 9,0,0,PRODUCT_BUILD_NUMBER_NUMERIC -#elif defined(VMX86_HORIZON_VIEW) - #define PRODUCT_VERSION 8,13,0,PRODUCT_BUILD_NUMBER_NUMERIC // VMX86_DESKTOP must be last because it is the default and is always defined. #elif defined(VMX86_DESKTOP) // WORKSTATION_VERSION_NUMBER below has to match this @@ -313,9 +311,6 @@ // esxcli #define ESXCLI_VERSION "8.0.0" -#define HORIZONOSOT_VERSION "1.2.2303" -#define HORIZONVMDS_VERSION "1.0.0" - #define INTEGRITY_VERSION "9.0.0" /* Should use VPX_VERSION? */ #define SVA_VERSION "1.0.0" #define SSO_VERSION "1.0.0" @@ -333,7 +328,6 @@ #define DDK_VERSION "e.x.p" #define VIPERL_VERSION "7.0.0" #define RCLI_VERSION "7.0.0" -#define VDM_VERSION "e.x.p" #define NETDUMP_VERSION "5.1.0" //MARKER_FAST_REMOVE_START @@ -379,33 +373,6 @@ #define WCP_VERSION "0.1.10" #define VSTATS_VERSION "0.0.1" #define XVP_VERSION "1.0.0" -/* - * All of these components should follow the current version of View, except - * Horizon DaaS Agent and mfw which have their own version. - * SCons parsing code requires that each line have a version string, so we - * can't just do something like #define RDESDK_VERSION VIEW_VERSION" - */ -#define VIEW_CLIENT_VERSION "8.13.0" -#define VIEW_CLIENT_VERSION_NUMBER VIEW_CLIENT_VERSION -#define VIEW_VERSION "8.13.0" -#define RDE_RFT_ALL_VERSION "8.13.0" -#define RDE_RFT_REL_VERSION "8.13.0" -#define RDESDKREL_VERSION "8.13.0" -#define MKSVCHANDEV_VERSION "15.13.0" -#define TSMMRDEV_VERSION "8.13.0" -#define RDF_VERSION "8.13.0" -#define HORIZON_DAAS_AGENT_VERSION "24.1.0" -#define HORIZON_USB_AGENT_VERSION "11.13.0" -#define HORIZON_UPDATETOOL_VERSION "2.0.9" -#define MFW_VERSION "16.9.0" -#define HORIZONTOOL_VERSION "16.13.0" - -/* - * This is the Horizon Marketing version which is shared between - * Horizon Client, Agent and Server. It is set in the format of - * YYMM of the targeted release date. - */ -#define HORIZON_YYMM_VERSION "2403" #ifndef MAKESTR #define MAKESTR(x) #x @@ -462,12 +429,6 @@ # define PRODUCT_VERSION_NUMBER VDDK_VERSION #elif defined(VMX86_HBR_SERVER) # define PRODUCT_VERSION_NUMBER ESX_VERSION -#elif defined(VMX86_HORIZON_VIEW) -# if defined(VDM_CLIENT) -# define PRODUCT_VERSION_NUMBER VIEW_CLIENT_VERSION -# else -# define PRODUCT_VERSION_NUMBER VIEW_VERSION -# endif #elif defined(VMX86_INTEGRITY) # define PRODUCT_VERSION_NUMBER INTEGRITY_VERSION #elif defined(VMX86_VGAUTH) From bc6ea576ac000232dc0438ead455b266280ffa0f Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:51 -0800 Subject: [PATCH 314/375] Change to common source files not applicable to open-vm-tools. --- open-vm-tools/services/plugins/dndcp/dnd/dnd.h | 18 +++--------------- .../services/plugins/dndcp/dnd/dndCPMsgV4.c | 7 +++---- .../services/plugins/dndcp/dnd/dndCPMsgV4.h | 11 ++--------- 3 files changed, 8 insertions(+), 28 deletions(-) diff --git a/open-vm-tools/services/plugins/dndcp/dnd/dnd.h b/open-vm-tools/services/plugins/dndcp/dnd/dnd.h index a1bcbb0ff..f6b950351 100644 --- a/open-vm-tools/services/plugins/dndcp/dnd/dnd.h +++ b/open-vm-tools/services/plugins/dndcp/dnd/dnd.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 2005-2021 VMware, Inc. All rights reserved. + * Copyright (c) 2005-2024 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -55,13 +56,9 @@ extern "C" { #define DNDMSG_HEADERSIZE_V3 ((3 * sizeof (uint32)) + (1 * sizeof (uint8))) /* * Hard limits we never want to exceed. The maximum size of a serializied - * DnDMsg. Close to 4M for Workstion/Fusion, 4G for Horzion. + * DnDMsg. Close to 4M for Workstion/Fusion. */ -#ifdef VMX86_HORIZON_VIEW -#define DNDMSG_MAX_ARGSZ (0xffffffff - DNDMSG_HEADERSIZE_V3) -#else #define DNDMSG_MAX_ARGSZ ((1 << 22) - DNDMSG_HEADERSIZE_V3) -#endif /* The maximum number of arguments we can hold */ #define DNDMSG_MAX_ARGS 64 @@ -202,17 +199,8 @@ typedef struct DnDTransportBuffer { } DnDTransportBuffer; #define DND_TRANSPORT_PACKET_HEADER_SIZE (5 * sizeof(uint32)) -#ifdef VMX86_HORIZON_VIEW -/* - * For Horizon DnD, expand the message size to almost 16M, which provides - * better DnD Performance on text/rich text/image etc. dragging and dropping - * per current performance tuning. - */ -#define DND_MAX_TRANSPORT_PACKET_SIZE ((1 << 24) - 100) -#else /* Close to 64k (maximum guestRpc message size). Leave some space for guestRpc header. */ #define DND_MAX_TRANSPORT_PACKET_SIZE ((1 << 16) - 100) -#endif #define DND_MAX_TRANSPORT_PACKET_PAYLOAD_SIZE (DND_MAX_TRANSPORT_PACKET_SIZE - \ DND_TRANSPORT_PACKET_HEADER_SIZE) diff --git a/open-vm-tools/services/plugins/dndcp/dnd/dndCPMsgV4.c b/open-vm-tools/services/plugins/dndcp/dnd/dndCPMsgV4.c index 1c6acb68a..70e4c5cad 100644 --- a/open-vm-tools/services/plugins/dndcp/dnd/dndCPMsgV4.c +++ b/open-vm-tools/services/plugins/dndcp/dnd/dndCPMsgV4.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 2010-2019 VMware, Inc. All rights reserved. + * Copyright (c) 2010-2024 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -73,11 +74,9 @@ DnDCPMsgV4IsPacketValid(const uint8 *packet, * * binarySize should be smaller than DND_CP_MSG_MAX_BINARY_SIZE_V4, so that * integer overflow is not possible since DND_CP_MSG_MAX_BINARY_SIZE_V4 * 2 - * is guaranteed to be less than MAX_UINT32. Horizon removes this limitation + * is guaranteed to be less than MAX_UINT32. */ -#ifndef VMX86_HORIZON_VIEW ASSERT_ON_COMPILE(DND_CP_MSG_MAX_BINARY_SIZE_V4 <= MAX_UINT32 / 2); -#endif if (msgHdr->payloadOffset > msgHdr->binarySize || msgHdr->payloadSize > msgHdr->binarySize || msgHdr->payloadOffset + msgHdr->payloadSize > msgHdr->binarySize) { diff --git a/open-vm-tools/services/plugins/dndcp/dnd/dndCPMsgV4.h b/open-vm-tools/services/plugins/dndcp/dnd/dndCPMsgV4.h index 8be9fdb84..603bbcb2f 100644 --- a/open-vm-tools/services/plugins/dndcp/dnd/dndCPMsgV4.h +++ b/open-vm-tools/services/plugins/dndcp/dnd/dndCPMsgV4.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 2010-2021 VMware, Inc. All rights reserved. + * Copyright (c) 2010-2024 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -216,16 +217,8 @@ typedef struct DnDCPMsgHdrV4 { #define DND_CP_MSG_HEADERSIZE_V4 (sizeof (DnDCPMsgHdrV4)) #define DND_CP_PACKET_MAX_PAYLOAD_SIZE_V4 (DND_MAX_TRANSPORT_PACKET_SIZE - \ DND_CP_MSG_HEADERSIZE_V4) -#ifdef VMX86_HORIZON_VIEW -/* - * Horizon has no hard limit, but the size field is type of uint32, - * 4G-1(0xffffffff) is the maximum size represented. - */ -#define DND_CP_MSG_MAX_BINARY_SIZE_V4 0xffffffff -#else // Workstation/fusion have hard limit in size(4M) of DnD Msg, refer to dnd.h #define DND_CP_MSG_MAX_BINARY_SIZE_V4 (1 << 22) -#endif /* DnD version 4 message. */ typedef struct DnDCPMsgV4 { From d55893a0b9971a410ea84afd1b1de40ef3467861 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:51 -0800 Subject: [PATCH 315/375] Change to common source file not applicable to open-vm-tools. --- .../vgauth/serviceImpl/saml-xmlsec1.c | 81 ------------------- 1 file changed, 81 deletions(-) diff --git a/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c b/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c index 7de27aa44..7bf70fa74 100644 --- a/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c +++ b/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c @@ -32,24 +32,6 @@ #include #include #include -#include -#include - -// PR 3416639, xmlFile* APIs were deprecated in libxml2 2.13.0 -// Ignore the deprecated warnings after updating libxml2 to 2.13.3 -// ToDo: Define the deprecated APIs locally and remove the -// XML_IGNORE_DEPRECATION_WARNINGS -#ifdef _WIN32 -#define XML_IGNORE_DEPRECATION_WARNINGS \ - __pragma(warning(push)) \ - __pragma(warning(disable : 4996)) -#define XML_POP_WARNINGS __pragma(warning(pop)) -#else -#define XML_IGNORE_DEPRECATION_WARNINGS \ - _Pragma("GCC diagnostic push") \ - _Pragma("GCC diagnostic ignored \"-Wdeprecated-declarations\"") -#define XML_POP_WARNINGS _Pragma("GCC diagnostic pop") -#endif #include #include @@ -101,61 +83,6 @@ static xmlSchemaValidCtxtPtr gSchemaValidateCtx = NULL; #define SAML_SCHEMA_FILENAME "saml-schema-assertion-2.0.xsd" -/* - ****************************************************************************** - * UserXmlFileOpen -- */ /** - * - * User defined version of libxml2 export xmlFileOpen. - * - * This function opens a file with its unescaped name only. - * - * xmlInitParser() calls xmlRegisterDefaultInputCallbacks() which calls - * xmlRegisterInputCallbacks(xmlFileMatch, xmlFileOpen, - * xmlFileRead, xmlFileClose) - * - * UserXmlFileOpen is registered at the end of the xmlInputCallback table by - * xmlRegisterInputCallbacks(xmlFileMatch, UserXmlFileOpen, - * xmlFileRead, xmlFileClose) - * - * Based on libxml2 xmlIO.c, precedence is given to user defined handlers. - * - * @param[in] filename The URI file name. - * - * @return A handler or NULL in case of failure. - ****************************************************************************** - */ - -static void * -UserXmlFileOpen(const char *filename) -{ - char *unescaped; - void *retval = NULL; - - g_debug("%s: Incoming file name is \"%s\"\n", __FUNCTION__, filename); - - unescaped = xmlURIUnescapeString(filename, 0, NULL); - if (unescaped != NULL) { - g_debug("%s: Opening file \"%s\"\n", __FUNCTION__, unescaped); -XML_IGNORE_DEPRECATION_WARNINGS - retval = xmlFileOpen(unescaped); -XML_POP_WARNINGS - xmlFree(unescaped); - } - - if (retval == NULL) { - g_warning("%s: Failed to open file \"%s\"\n", __FUNCTION__, filename); - /* - * Do not retry xmlFileOpen(filename) here. - * Calling system API to open escaped file paths is risky. This can - * cause unexpected not-secured paths being accessed and expose - * privilege escalation vulnerabilities. - */ - } - - return retval; -} - - /* * Hack to test expired tokens and by-pass the time checks. * @@ -453,14 +380,6 @@ SAML_Init(void) /* set up the xml2 error handler */ xmlSetGenericErrorFunc(NULL, XmlErrorHandler); - /* - * Register user defined UserXmlFileOpen - */ -XML_IGNORE_DEPRECATION_WARNINGS - xmlRegisterInputCallbacks(xmlFileMatch, UserXmlFileOpen, - xmlFileRead, xmlFileClose); -XML_POP_WARNINGS - /* * Load schemas */ From 5302f26521d59807bbfb067c436b5238ec202833 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:51 -0800 Subject: [PATCH 316/375] Change to common source file not applicable to open-vm-tools at this time. --- open-vm-tools/configure.ac | 1 + 1 file changed, 1 insertion(+) diff --git a/open-vm-tools/configure.ac b/open-vm-tools/configure.ac index b476c0e43..4ad8178b0 100644 --- a/open-vm-tools/configure.ac +++ b/open-vm-tools/configure.ac @@ -1898,6 +1898,7 @@ AC_CONFIG_FILES([ \ + ### ### Output ### From c4c228bc7cc452a881d0b370c64f4709ee541e68 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:51 -0800 Subject: [PATCH 317/375] Change to common source file not applicable to open-vm-tools at this time. --- open-vm-tools/services/vmtoolsd/toolsRpc.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/services/vmtoolsd/toolsRpc.c b/open-vm-tools/services/vmtoolsd/toolsRpc.c index d5a115b91..f8ddd30fe 100644 --- a/open-vm-tools/services/vmtoolsd/toolsRpc.c +++ b/open-vm-tools/services/vmtoolsd/toolsRpc.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 2008-2020 VMware, Inc. All rights reserved. + * Copyright (c) 2008-2024 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -45,6 +46,8 @@ #include "vmci_sockets.h" #endif + + /** * Take action after an RPC channel reset. * @@ -96,6 +99,8 @@ ToolsCoreCheckReset(RpcChannel *chan, g_signal_emit_by_name(state->ctx.serviceObj, TOOLS_CORE_SIG_RESET, &state->ctx); + + #if defined(__linux__) if (state->mainService) { /* From 41da23f6b63b1e768006ab566958fbeb62697e4e Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:51 -0800 Subject: [PATCH 318/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/x86cpuid.h | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/open-vm-tools/lib/include/x86cpuid.h b/open-vm-tools/lib/include/x86cpuid.h index 0854fe804..8074410e4 100644 --- a/open-vm-tools/lib/include/x86cpuid.h +++ b/open-vm-tools/lib/include/x86cpuid.h @@ -1802,6 +1802,7 @@ CPUIDCheck(int32 eaxIn, int32 eaxInCheck, #define CPUID_FAMILY_KYOTO 0x16 // Note: Jaguar microarch #define CPUID_FAMILY_ZEN 0x17 #define CPUID_FAMILY_ZEN3 0x19 +#define CPUID_FAMILY_ZEN5 0x1A /* Effective VIA CPU Families */ #define CPUID_FAMILY_C7 6 @@ -1920,6 +1921,10 @@ CPUIDCheck(int32 eaxIn, int32 eaxInCheck, #define CPUID_MODEL_ZEN4_1F 0x1F // Max Zen4 model #define CPUID_MODEL_ZEN4_A0 0xA0 // family == CPUID_FAMILY_ZEN3 #define CPUID_MODEL_ZEN4_AF 0xAF // Zen4 D: max model +#define CPUID_MODEL_ZEN5_00 0x00 // family == CPUID_FAMILY_ZEN5 +#define CPUID_MODEL_ZEN5_0F 0x0F // Max Zen5 model +#define CPUID_MODEL_ZEN5_10 0x10 // family == CPUID_FAMILY_ZEN5 +#define CPUID_MODEL_ZEN5_1F 0x1F // Zen5 D: max model /* AMD stepping information */ #define CPUID_STEPPING_ZEN_NAPLES_B2 0x02 // Zen Naples ZP-B2 @@ -2515,6 +2520,11 @@ CPUID_FAMILY_IS_ZEN3(uint32 eax) return CPUID_EFFECTIVE_FAMILY(eax) == CPUID_FAMILY_ZEN3; } +static INLINE Bool +CPUID_FAMILY_IS_ZEN5(uint32 eax) +{ + return CPUID_EFFECTIVE_FAMILY(eax) == CPUID_FAMILY_ZEN5; +} /* * AMD Barcelona (of either Opteron or Phenom kind). @@ -2661,6 +2671,12 @@ CPUID_MODEL_IS_ZEN4(uint32 eax) CPUID_EFFECTIVE_MODEL(eax) <= CPUID_MODEL_ZEN4_AF)); } +static INLINE Bool +CPUID_MODEL_IS_ZEN5(uint32 eax) +{ + return CPUID_EFFECTIVE_FAMILY(eax) == CPUID_FAMILY_ZEN5 && + CPUID_EFFECTIVE_MODEL(eax) <= CPUID_MODEL_ZEN5_1F; +} #define CPUID_LEAF4_CACHE_TYPE_NULL 0 #define CPUID_LEAF4_CACHE_TYPE_DATA 1 From d9114284d9a9c2a186ef10d59dd3be1dfe99e107 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:51 -0800 Subject: [PATCH 319/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/services/plugins/dndcp/stringxx/ubstr_t.hh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/open-vm-tools/services/plugins/dndcp/stringxx/ubstr_t.hh b/open-vm-tools/services/plugins/dndcp/stringxx/ubstr_t.hh index 74f55f8b8..e5ef0de95 100644 --- a/open-vm-tools/services/plugins/dndcp/stringxx/ubstr_t.hh +++ b/open-vm-tools/services/plugins/dndcp/stringxx/ubstr_t.hh @@ -238,7 +238,7 @@ ubstr_t::ubstr_t(const char *s) // IN: A UTF-8-encoded string. { if (s != NULL) { // Since we already have the UTF-8 version of the string, cache it now. - mUTF8 = std::shared_ptr(new UTF8Data(Util_SafeStrdup(s))); + mUTF8 = std::make_shared(Util_SafeStrdup(s)); mBstr = auto_unique(Unicode_GetAllocUTF16(s), free).get(); } } @@ -283,7 +283,7 @@ ubstr_t::ubstr_t(const ubstr_t& s) // IN mUTF8(s.mUTF8) { if (static_cast(mBstr) != NULL && !mUTF8) { - mUTF8 = s.mUTF8 = std::shared_ptr(new UTF8Data()); + mUTF8 = s.mUTF8 = std::make_shared(); } } @@ -812,7 +812,7 @@ ubstr_t::GetUTF8Cache() } if (!mUTF8) { - mUTF8 = std::shared_ptr(new UTF8Data()); + mUTF8 = std::make_shared(); } if (mUTF8->Get() == NULL) { From 1c9d3500fab0657aeb1fcb16f6f72ff9e80efbe4 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:51 -0800 Subject: [PATCH 320/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_product_versions.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/vm_product_versions.h b/open-vm-tools/lib/include/vm_product_versions.h index 3a3c66f1a..d65a98a18 100644 --- a/open-vm-tools/lib/include/vm_product_versions.h +++ b/open-vm-tools/lib/include/vm_product_versions.h @@ -272,7 +272,7 @@ #define VPX_VERSION_MAJOR "9" #define VPX_VERSION_MINOR "0" #define VPX_VERSION_MAINT "0" -#define VPX_VERSION_PATCH "0000" +#define VPX_VERSION_PATCH "0" #define VPX_VERSION_THIRD_PARTY VPX_VERSION_MAJOR VPX_VERSION_MINOR \ VPX_VERSION_MAINT //MARKER_FAST_REMOVE_START From bdd06ce8fc580f0ef8accff5cfc2852fae115aa5 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:52 -0800 Subject: [PATCH 321/375] Change to common source files not applicable to open-vm-tools. --- open-vm-tools/lib/include/rpcvmx.h | 40 +++++-- open-vm-tools/lib/rpcVmx/rpcvmx.c | 179 +++++++++++++++++++++++------ 2 files changed, 172 insertions(+), 47 deletions(-) diff --git a/open-vm-tools/lib/include/rpcvmx.h b/open-vm-tools/lib/include/rpcvmx.h index d31330cfe..965e21d01 100644 --- a/open-vm-tools/lib/include/rpcvmx.h +++ b/open-vm-tools/lib/include/rpcvmx.h @@ -24,11 +24,19 @@ * Tools code) that provides some useful VMX interaction capability, e.g. * logging to the VM's VMX log, querying config variables, etc. * - * NB: This library is *NOT* threadsafe, so if you want to avoid - * corrupting your log statements or other screwups, add your own - * locking around calls to RpcVMX_Log. The exception is - * RpcVMX_LogVWithBuffer which does not use any global state but - * requires the caller to manage its own buffers. + * Thread safety: + * 1. This library in general is *NOT* threadsafe. Users of + * RpcVMX_Log/RpcVMX_LogV and RpcVMX_LogSetPrefix should protect + * this usage externally with their own locking, and any other + * requirements for thread safety should be carefully audited. + * + * 2. If thread safety around logging is required at a finer-grained + * level than a single external lock, callers should allocate + * buffers externally and then initialize them with + * RpcVMX_InitLogBackingBuffer. These buffers should be externally + * protected in some way such that they are only used by one thread + * at a time, and passed into RpcVMX_LogVWithBuffer at logging + * time. */ #ifndef _RPCVMX_H_ @@ -39,14 +47,13 @@ #include "vm_basic_types.h" #include "rpcvmxext.h" -#define RPCVMX_MAX_LOG_LEN (2048) /* 2kb max - make it dynamic? */ -#define RPCVMX_LOG_BUFSIZE (RPCVMX_MAX_LOG_LEN + sizeof "log") +#define RPCVMX_DEFAULT_LOG_BUFSIZE (2048 + sizeof "log") -typedef struct RpcVMXState { - char logBuf[RPCVMX_LOG_BUFSIZE]; +typedef struct RpcVMXLogBuffer { + char * logBuf; + unsigned int logBufSizeBytes; unsigned int logOffset; -} RpcVMXState; - +} RpcVMXLogBuffer; /* * Set a prefix to prepend to any future log statements. @@ -58,6 +65,15 @@ void RpcVMX_LogSetPrefix(const char *prefix); */ const char *RpcVMX_LogGetPrefix(const char *prefix); +/* + * Initialize the given log buffer struct with the given caller-allocated + * backing buffer and prefix string. + */ +Bool RpcVMX_InitLogBackingBuffer(RpcVMXLogBuffer *bufferOut, + char *logBuf, + unsigned int logBufSizeBytes, + const char *prefix); + /* * Same as RpcVMX_Log but takes a va_list instead of inline arguments. */ @@ -67,7 +83,7 @@ void RpcVMX_LogV(const char *fmt, /* * Same as RpcVMX_LogV but uses the caller-specified buffer to back the log. */ -void RpcVMX_LogVWithBuffer(RpcVMXState *rpcBuffer, +void RpcVMX_LogVWithBuffer(RpcVMXLogBuffer *rpcBuffer, const char *fmt, va_list args); diff --git a/open-vm-tools/lib/rpcVmx/rpcvmx.c b/open-vm-tools/lib/rpcVmx/rpcvmx.c index c3ffca613..d0c8bcd5a 100644 --- a/open-vm-tools/lib/rpcVmx/rpcvmx.c +++ b/open-vm-tools/lib/rpcVmx/rpcvmx.c @@ -33,7 +33,19 @@ #include "rpcvmx.h" -static RpcVMXState RpcVMX = { "log ", sizeof "log" }; +/* + * Global shared buffer state used to back RPCI log calls made through + * RpcVMX_Log and RpcVMX_LogV. + */ +static char gRpcVmxLogBackingBuffer[RPCVMX_DEFAULT_LOG_BUFSIZE] = "log "; +static RpcVMXLogBuffer gRpcVmxLog = { &gRpcVmxLogBackingBuffer[0], + RPCVMX_DEFAULT_LOG_BUFSIZE, + sizeof "log" }; + +static Bool RpcVMXBufferSetPrefix(char *logBackingBuffer, + unsigned int logBackingBufferSizeBytes, + const char *prefix, + unsigned int *logOffsetOut); /* @@ -41,17 +53,18 @@ static RpcVMXState RpcVMX = { "log ", sizeof "log" }; * * RpcVMX_LogSetPrefix * - * Allows callers to set a prefix to prepend to the log output. If the - * prefix overflows the (static) prefix space available, it is rejected - * and the prefix is reset to nothing. Each call to VMXLog_SetPrefix - * replaces the previously set prefix. + * Allows callers to set a prefix to prepend to the log output, for calls + * to RpcVMX_Log and RpcVMX_LogV. If the prefix overflows the (static) + * prefix space available, it is rejected and the prefix is reset to + * nothing. Each call to VMXLog_SetPrefix replaces the previously set + * prefix. * * Results: - * TRUE if the prefix was accepted, FALSE otherwise. + * None. * * Side effects: - * All subsequent calls to RpcVMX_Log() will have the prefix string - * prepended. + * All subsequent calls to RpcVMX_Log() and RpcVMX_LogV() will have the + * prefix string prepended. * *---------------------------------------------------------------------------- */ @@ -59,20 +72,8 @@ static RpcVMXState RpcVMX = { "log ", sizeof "log" }; void RpcVMX_LogSetPrefix(const char *prefix) { - size_t prefixLen = strlen(prefix); - - if (prefixLen + sizeof "log" >= sizeof RpcVMX.logBuf - 1) { - /* - * Somebody passed a huge prefix. Don't do that! - */ - RpcVMX.logOffset = sizeof "log"; - return; - } - Str_Strcpy(RpcVMX.logBuf + sizeof "log", - prefix, - sizeof RpcVMX.logBuf - sizeof "log"); - - RpcVMX.logOffset = (unsigned int)(sizeof "log" + prefixLen); + RpcVMXBufferSetPrefix(gRpcVmxLog.logBuf, gRpcVmxLog.logBufSizeBytes, prefix, + &gRpcVmxLog.logOffset); } @@ -99,11 +100,119 @@ RpcVMX_LogGetPrefix(const char *prefix) { UNUSED_VARIABLE(prefix); - RpcVMX.logBuf[RpcVMX.logOffset] = '\0'; - return RpcVMX.logBuf + sizeof "log"; + gRpcVmxLog.logBuf[gRpcVmxLog.logOffset] = '\0'; + return gRpcVmxLog.logBuf + sizeof "log"; } +/* + *--------------------------------------------------------------------------- + * + * RpcVMXBufferSetPrefix -- + * + * Internal helper function to set the prefix string for a log buffer. + * + * Results: + * Returns TRUE iff the prefix was successfully set. + * + * On success, writes the buffer index immediately following "log {PREFIX}" + * to *logOffsetOut. + * + * Side effects: + * All subsequent calls to the RpcVMX_Log* functions using the new + * backing buffer will have the prefix string prepended. + * + *--------------------------------------------------------------------------- + */ + +static Bool +RpcVMXBufferSetPrefix(char *logBackingBuffer, // OUT + unsigned int logBackingBufferSizeBytes, // IN + const char *prefix, // IN + unsigned int *logOffsetOut) // OUT +{ + size_t prefixLen; + + if (logBackingBuffer == NULL || prefix == NULL || logOffsetOut == NULL) { + return FALSE; + } + + *logOffsetOut = 0; + + prefixLen = strlen(prefix); + + if (prefixLen + sizeof "log" >= logBackingBufferSizeBytes - 1) { + return FALSE; + } + + Str_Strcpy(logBackingBuffer + sizeof "log", prefix, + logBackingBufferSizeBytes - sizeof "log"); + + *logOffsetOut = (unsigned int)(sizeof "log" + prefixLen); + + return TRUE; +} + + +/* + *---------------------------------------------------------------------------- + * + * RpcVMX_InitLogBackingBuffer -- + * + * Initialize the given log buffer struct with the given caller-allocated + * backing buffer and prefix string. + * + * Results: + * Returns TRUE if the provided RpcVMXBuffer was initialized successfully, + * or FALSE if initialization failed and the RpcVMXBuffer should not be + * used. + * + * Side effects: + * All subsequent calls to the RpcVMX_Log* functions using the new + * backing buffer will have the prefix string prepended. + * + *---------------------------------------------------------------------------- + */ + +Bool +RpcVMX_InitLogBackingBuffer(RpcVMXLogBuffer *bufferOut, // OUT + char *logBuf, // IN + unsigned int logBufSizeBytes, // IN + const char *prefix) // IN +{ + unsigned int prefixLogOffset = 0; + + if (bufferOut == NULL || logBuf == NULL || prefix == NULL || + logBufSizeBytes < sizeof "log ") { + return FALSE; + } + + bufferOut->logBuf = logBuf; + bufferOut->logBufSizeBytes = logBufSizeBytes; + + memset(bufferOut->logBuf, 0, bufferOut->logBufSizeBytes); + + /* + * Copy in the RPCI command prefix "log ". + */ + Str_Strcpy(bufferOut->logBuf, "log ", + logBufSizeBytes - sizeof "log "); + bufferOut->logOffset = sizeof "log"; + + /* + * Copy in the provided logging prefix after the initial "log ". + */ + if (RpcVMXBufferSetPrefix(bufferOut->logBuf, bufferOut->logBufSizeBytes, + prefix, &prefixLogOffset)) { + bufferOut->logOffset = prefixLogOffset; + return TRUE; + } + + return FALSE; +} + + + /* *---------------------------------------------------------------------------- * @@ -155,8 +264,8 @@ RpcVMX_LogV(const char *fmt, int payloadLen; char receiveBuffer[16]; - payloadLen = Str_Vsnprintf(RpcVMX.logBuf + RpcVMX.logOffset, - sizeof RpcVMX.logBuf - RpcVMX.logOffset, + payloadLen = Str_Vsnprintf(gRpcVmxLog.logBuf + gRpcVmxLog.logOffset, + gRpcVmxLog.logBufSizeBytes - gRpcVmxLog.logOffset, fmt, args); if (payloadLen < 1) { @@ -164,7 +273,7 @@ RpcVMX_LogV(const char *fmt, * Overflow. We need more space in the buffer. Just set the length to * the buffer size and send the (truncated) log message. */ - payloadLen = sizeof RpcVMX.logBuf - RpcVMX.logOffset; + payloadLen = gRpcVmxLog.logBufSizeBytes - gRpcVmxLog.logOffset; } /* @@ -175,8 +284,8 @@ RpcVMX_LogV(const char *fmt, * returns two character strings "1 " on success and "0 " on * failure, so we don't need a sizeable buffer. */ - RpcOut_SendOneRawPreallocated(RpcVMX.logBuf, - (size_t)RpcVMX.logOffset + payloadLen, + RpcOut_SendOneRawPreallocated(gRpcVmxLog.logBuf, + (size_t)gRpcVmxLog.logOffset + payloadLen, receiveBuffer, sizeof receiveBuffer); } @@ -190,7 +299,7 @@ RpcVMX_LogV(const char *fmt, * argument list, then send it to the VMX using the RPCI "log" command. * * Uses the caller-provided buffer to back the log, rather than the - * global RpcVMXState. + * global gRpcVmxLog. * * Results: * None. @@ -202,7 +311,7 @@ RpcVMX_LogV(const char *fmt, */ void -RpcVMX_LogVWithBuffer(RpcVMXState *rpcBuffer, // IN/OUT +RpcVMX_LogVWithBuffer(RpcVMXLogBuffer *rpcBuffer, // IN/OUT const char *fmt, // IN va_list args) // IN { @@ -213,16 +322,16 @@ RpcVMX_LogVWithBuffer(RpcVMXState *rpcBuffer, // IN/OUT return; } - if (rpcBuffer->logOffset >= sizeof rpcBuffer->logBuf) { + if (rpcBuffer->logOffset >= rpcBuffer->logBufSizeBytes) { /* - * The RpcVMXState is not valid, because the prefix is taking up the + * The RpcVMXLogBuffer is not valid, because the prefix is taking up the * entire buffer. Since we can't log any actual message, silently fail. */ return; } payloadLen = Str_Vsnprintf(rpcBuffer->logBuf + rpcBuffer->logOffset, - sizeof rpcBuffer->logBuf - rpcBuffer->logOffset, + rpcBuffer->logBufSizeBytes - rpcBuffer->logOffset, fmt, args); if (payloadLen < 1) { @@ -230,7 +339,7 @@ RpcVMX_LogVWithBuffer(RpcVMXState *rpcBuffer, // IN/OUT * Overflow. We need more space in the buffer. Just set the length to * the buffer size and send the (truncated) log message. */ - payloadLen = sizeof rpcBuffer->logBuf - rpcBuffer->logOffset; + payloadLen = rpcBuffer->logBufSizeBytes - rpcBuffer->logOffset; } /* From a7c7bd3ff8fdf85dac4df1be3d275f22cd8fda0a Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:52 -0800 Subject: [PATCH 322/375] vm_support update: gather log files based on the current tools.conf configuration The script's revised logic replaces the (s) in the data field value (logfile name) with a wildcard ('*') character, and it escapes the '$' sign in the sed match pattern to match the '${\}' syntax in the data field. The usage/help message for the subcommand "get \section> [key]" has also been updated. --- open-vm-tools/scripts/common/vm-support | 24 +++++++++++++---------- open-vm-tools/toolbox/l10n/en.vmsg | 2 +- open-vm-tools/toolbox/toolboxcmd-config.c | 5 ++--- 3 files changed, 17 insertions(+), 14 deletions(-) diff --git a/open-vm-tools/scripts/common/vm-support b/open-vm-tools/scripts/common/vm-support index 9813ac614..481747e18 100644 --- a/open-vm-tools/scripts/common/vm-support +++ b/open-vm-tools/scripts/common/vm-support @@ -136,6 +136,9 @@ addfiles() # Get the log files mentioned in the logging section of tools.conf. Get the log # archive file names +# The 3 $variables in tools.conf that are expanded by components using them are +# ${USER}, ${PID}, ${IDX} +# Any other $vars are treated literally # The archive logic for these logs files seems to be this. Below is one example: # if vmtoolsd.data = vmtoolsd.log # then the file is backed up as vmtoolsd.1.log vmtoolsd.2.log etc @@ -146,18 +149,19 @@ addfiles() addLogFiles() { IFS="" - vmware-toolbox-cmd config get logging | grep "\.data =" | cut -d"=" -f2 | while read -r logFile; do - logFile=`eval echo "$logFile"` - if [ -z "$logFile" ]; then - continue - fi - - # trim the leading spaces - logFile=`echo $logFile | sed 's/^ *//'` + # get the key value pair from tools.conf + # Replace the $variables in the data field value (logfile name) with a + # wildcard ('\*') character. Remove the leading whitespaces from the resulting + # value. The '$' is escaped in the sed match pattern to match + # '${\}' literally. + vmware-toolbox-cmd config get logging | grep "\.data =" | cut -d"=" -f2 | sed 's/\${.*}/\\\*/g' | sed 's/^ *//' | while read -r logFile; do dirName=`dirname $logFile` fileName=`basename $logFile` - #find and add the current logs + # Remove the escape char \ that was added above + fileName=$(echo $fileName | sed 's/\\//g') + + # find and add the current logs find "$dirName" -maxdepth 1 -name "$fileName" -print | while read -r logFile; do addfile "$logFile" done @@ -305,7 +309,7 @@ collectNetworkDetails() export PATH=/bin:/sbin:/usr/bin:/usr/sbin TARFILE=vm-`date +%Y-%m-%d`.$$.tar.gz -VER=0.96 +VER=0.97 # Parse args for option in $@ diff --git a/open-vm-tools/toolbox/l10n/en.vmsg b/open-vm-tools/toolbox/l10n/en.vmsg index 4962cf172..d9ff86c03 100644 --- a/open-vm-tools/toolbox/l10n/en.vmsg +++ b/open-vm-tools/toolbox/l10n/en.vmsg @@ -93,7 +93,7 @@ error.novirtual = "%1$s must be run inside a virtual machine.\n" error.unknown = "%1$s: Unknown %2$s '%3$s'\n" -help.config = "%1$s: modify Tools configuration\nUsage: %2$s %3$s \n\nSubcommands:\n get
: display all the key values in the
\n get
: display current value for \n NOTE: If the is not present in tools.conf, its\n value from the global configuration is returned if present\n set
: set to \n\n remove
: remove \n\n
can be any supported section, such as logging, guestoperations or guestinfo.\n can be any configuration key.\n can be any value.\n" +help.config = "%1$s: modify Tools configuration\nUsage: %2$s %3$s \n\nSubcommands:\n get
[key] : display current value for given or display values for all keys in
\n NOTE: If the is not present in tools.conf, its\n value from the global configuration is returned if present\n set
: set to \n remove
: remove \n\n
can be any supported section, such as logging, guestoperations or guestinfo.\n can be any configuration key.\n can be any value.\n" help.device = "%1$s: functions related to the virtual machine's hardware devices\nUsage: %2$s %3$s [args]\ndev is the name of the device.\n\nSubcommands:\n enable : enable the device dev\n disable : disable the device dev\n list: list all available devices\n status : print the status of a device\n" diff --git a/open-vm-tools/toolbox/toolboxcmd-config.c b/open-vm-tools/toolbox/toolboxcmd-config.c index 586567a72..fb7e7259c 100644 --- a/open-vm-tools/toolbox/toolboxcmd-config.c +++ b/open-vm-tools/toolbox/toolboxcmd-config.c @@ -320,11 +320,10 @@ Config_Help(const char *progName, // IN: The name of the program obtained from a "%s: modify Tools configuration\n" "Usage: %s %s \n\n" "Subcommands:\n" - " get
: display all the key values in the
\n" - " get
: display current value for \n" + " get
[key] : display current value for given or display values for all keys in
\n" " NOTE: If the is not present in tools.conf, its\n" " value from the global configuration is returned if present\n" - " set
: set to \n\n" + " set
: set to \n" " remove
: remove \n\n" "
can be any supported section, such as logging, guestoperations or guestinfo.\n" " can be any configuration key.\n" From e3a7d9b2e19ef2fefbf3ce7eebe239d73eadc08b Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:52 -0800 Subject: [PATCH 323/375] Change to common source file not applicable to open-vm-tools. --- open-vm-tools/lib/asyncsocket/asyncSocketBase.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/lib/asyncsocket/asyncSocketBase.c b/open-vm-tools/lib/asyncsocket/asyncSocketBase.c index 6d9674b54..44eb8a434 100644 --- a/open-vm-tools/lib/asyncsocket/asyncSocketBase.c +++ b/open-vm-tools/lib/asyncsocket/asyncSocketBase.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 2016-2022 VMware, Inc. All rights reserved. + * Copyright (c) 2016-2024 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -689,6 +690,7 @@ AsyncSocketCancelRecv(AsyncSocket *asock, // IN asock->recvFn = NULL; asock->recvPos = 0; asock->recvLen = 0; + asock->recvFireOnPartial = FALSE; } From b9c236471f9b6de7b6e5dbba57ef6b70f8a20672 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:52 -0800 Subject: [PATCH 324/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_basic_defs.h | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/open-vm-tools/lib/include/vm_basic_defs.h b/open-vm-tools/lib/include/vm_basic_defs.h index 90ac5cd75..9941e68b8 100644 --- a/open-vm-tools/lib/include/vm_basic_defs.h +++ b/open-vm-tools/lib/include/vm_basic_defs.h @@ -1029,18 +1029,21 @@ typedef int pid_t; #define VMW_CLANG_ANALYZER_NORETURN() ((void)0) #endif -/* VMW_FALLTHROUGH +/* + * VMW_FALLTHROUGH * * Instructs capable compilers to not warn when a case label of a * 'switch' statement falls through to the next label. * * If not a matched compiler, expands to nothing. */ -#if (defined(__GNUC__) && (__GNUC__ >= 9)) || \ - (defined(__clang__) && (__clang_major__ >= 13)) -#define VMW_FALLTHROUGH() __attribute__((fallthrough)) +#if __cplusplus >= 201703L + #define VMW_FALLTHROUGH() [[fallthrough]] +#elif (defined(__GNUC__) && (__GNUC__ >= 9)) || \ + (defined(__clang__) && (__clang_major__ >= 13)) + #define VMW_FALLTHROUGH() __attribute__((fallthrough)) #else -#define VMW_FALLTHROUGH() + #define VMW_FALLTHROUGH() #endif #endif // ifndef _VM_BASIC_DEFS_H_ From e36d82b4c9fd98134b3232f2ab66d53e1514f9b3 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:52 -0800 Subject: [PATCH 325/375] Change to common source file not applicable to open-vm-tools at this time. --- open-vm-tools/services/plugins/desktopEvents/x11Lock.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/services/plugins/desktopEvents/x11Lock.c b/open-vm-tools/services/plugins/desktopEvents/x11Lock.c index fe791043a..53b44bde1 100644 --- a/open-vm-tools/services/plugins/desktopEvents/x11Lock.c +++ b/open-vm-tools/services/plugins/desktopEvents/x11Lock.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 2010-2018,2022 VMware, Inc. All rights reserved. + * Copyright (c) 2010-2024 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published From 7a400deb151522767b80d7d02606325814c34998 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:52 -0800 Subject: [PATCH 326/375] Change to common header files not applicable to open-vm-tools. --- open-vm-tools/lib/asyncsocket/asyncSocketVTable.h | 9 +++------ open-vm-tools/lib/include/loglevel_userVars.h | 1 - 2 files changed, 3 insertions(+), 7 deletions(-) diff --git a/open-vm-tools/lib/asyncsocket/asyncSocketVTable.h b/open-vm-tools/lib/asyncsocket/asyncSocketVTable.h index 04d161a62..c344b56d1 100644 --- a/open-vm-tools/lib/asyncsocket/asyncSocketVTable.h +++ b/open-vm-tools/lib/asyncsocket/asyncSocketVTable.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 2011,2014-2017,2019-2023 VMware, Inc. All rights reserved. + * Copyright (c) 2011-2024 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -30,6 +31,7 @@ * *********************************************************/ + #ifndef __ASYNC_SOCKET_VTABLE_H__ #define __ASYNC_SOCKET_VTABLE_H__ @@ -41,14 +43,9 @@ /* * If we change the AsyncSocketVTable, we also need to change the follow files: - * apps/asyncSocketProxy/asyncVvcSocket.c - * lib/blastSockets/asyncBweSocket.c - * lib/blastSockets/asyncProxySocket.c * lib/asyncsocket/asyncsocket.c * lib/asyncsocket/asyncWebSocket.c * lib/asyncsocket/asyncNamedPipe.c - * lib/udpfec/fecAsyncSocket.c - * lib/udpfec/fecAsyncSslSocket.c * devices/vsock/asyncVmciSocket.c */ typedef struct AsyncSocketVTable { diff --git a/open-vm-tools/lib/include/loglevel_userVars.h b/open-vm-tools/lib/include/loglevel_userVars.h index 2831d6ba6..d7ff796fb 100644 --- a/open-vm-tools/lib/include/loglevel_userVars.h +++ b/open-vm-tools/lib/include/loglevel_userVars.h @@ -268,7 +268,6 @@ LOGLEVEL_VAR(tpm2emu), \ LOGLEVEL_VAR(tpm2Verification), \ LOGLEVEL_VAR(txt), \ - LOGLEVEL_VAR(udpfec), /* lib/udpfec */ \ LOGLEVEL_VAR(uhci), \ LOGLEVEL_VAR(undopoint), \ LOGLEVEL_VAR(unityMsg), /* mks/remote/vdpUnityVmdb */ \ From 056f68d8a40874ed6fb21ba101d30962f9f87fc1 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:52 -0800 Subject: [PATCH 327/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_basic_defs.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/vm_basic_defs.h b/open-vm-tools/lib/include/vm_basic_defs.h index 9941e68b8..3ddf4d77f 100644 --- a/open-vm-tools/lib/include/vm_basic_defs.h +++ b/open-vm-tools/lib/include/vm_basic_defs.h @@ -1037,7 +1037,7 @@ typedef int pid_t; * * If not a matched compiler, expands to nothing. */ -#if __cplusplus >= 201703L +#if defined __cplusplus && __cplusplus >= 201703L #define VMW_FALLTHROUGH() [[fallthrough]] #elif (defined(__GNUC__) && (__GNUC__ >= 9)) || \ (defined(__clang__) && (__clang_major__ >= 13)) From 0f0a1389b908b1357e22c2fc3cbd4e597e20465e Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:52 -0800 Subject: [PATCH 328/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_product_versions.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/vm_product_versions.h b/open-vm-tools/lib/include/vm_product_versions.h index d65a98a18..0cdbedf89 100644 --- a/open-vm-tools/lib/include/vm_product_versions.h +++ b/open-vm-tools/lib/include/vm_product_versions.h @@ -370,7 +370,7 @@ #define PRECHECK_VERSION "e.x.p" #define VHSESDK_VERSION "1.0.0" #define VIEWVC_VERSION "14.0.2" -#define WCP_VERSION "0.1.10" +#define WCP_VERSION "0.2.0" #define VSTATS_VERSION "0.0.1" #define XVP_VERSION "1.0.0" From 9a3b3e52e0002f0fe71cc7958ceda81938afd0c4 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:52 -0800 Subject: [PATCH 329/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_basic_asm_x86_common.h | 11 ++--------- 1 file changed, 2 insertions(+), 9 deletions(-) diff --git a/open-vm-tools/lib/include/vm_basic_asm_x86_common.h b/open-vm-tools/lib/include/vm_basic_asm_x86_common.h index 362350971..37a4b138f 100644 --- a/open-vm-tools/lib/include/vm_basic_asm_x86_common.h +++ b/open-vm-tools/lib/include/vm_basic_asm_x86_common.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 2013-2022 VMware, Inc. All rights reserved. + * Copyright (c) 2013-2024 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -141,14 +142,6 @@ OUT32(uint16 port, uint32 value) { __outdword(port, value); } - -#ifndef VM_X86_64 -#ifdef NEAR -#undef NEAR -#endif - -#endif // VM_X86_64 - static INLINE unsigned int GetCallerEFlags(void) { From 0a7ba9d95741d65c616d6368ecd9fb59113c95c6 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:52 -0800 Subject: [PATCH 330/375] Change to common source files not applicable to open-vm-tools. --- open-vm-tools/lib/dict/dictll.c | 60 +++++++++++++++--------------- open-vm-tools/lib/include/dictll.h | 19 +++++++--- 2 files changed, 43 insertions(+), 36 deletions(-) diff --git a/open-vm-tools/lib/dict/dictll.c b/open-vm-tools/lib/dict/dictll.c index 88ea859fa..d4541ad0f 100644 --- a/open-vm-tools/lib/dict/dictll.c +++ b/open-vm-tools/lib/dict/dictll.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 1998-2017 VMware, Inc. All rights reserved. + * Copyright (c) 1998-2024 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -19,7 +20,7 @@ /* * dictll.c -- * - * Low-level dictionary format --hpreg + * Low-level dictionary format. */ @@ -37,7 +38,7 @@ #define UTF8_BOM "\xEF\xBB\xBF" -/* Duplicate a buffer --hpreg. The result is NUL-terminated */ +/* Duplicate a buffer. The result is NUL-terminated */ static void * BufDup(void const * const bufIn, // IN: buffer to duplicate unsigned int const sizeIn) // IN: buffer size in bytes @@ -59,7 +60,7 @@ BufDup(void const * const bufIn, // IN: buffer to duplicate * * Walk -- * - * While 'bufIn' points to a byte in 'sentinel', increment it --hpreg + * While 'bufIn' points to a byte in 'sentinel', increment it. * * Note: * If your 'bufIn' is a NUL-terminated C string, you should rather make sure @@ -83,7 +84,7 @@ Walk(void const * const bufIn, // IN buf = (char const *)bufIn; ASSERT(buf); - /* Unsigned does matter --hpreg */ + /* Unsigned does matter. */ while (sentinel[(unsigned char)*buf]) { buf++; } @@ -146,7 +147,7 @@ DictLL_UnmarshalLine(const char *buf, // IN: buffer to parse char **name, // OUT: malloc()'d name or NULL char **value) // OUT: malloc()'d value or NULL { - /* Space and tab --hpreg */ + /* Space and tab. */ static int const ws_in[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, @@ -165,7 +166,7 @@ DictLL_UnmarshalLine(const char *buf, // IN: buffer to parse 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, }; - /* Everything but NUL, space, tab and pound --hpreg */ + /* Everything but NUL, space, tab and pound. */ static int const wsp_out[] = { 0, 1, 1, 1, 1, 1, 1, 1, 1, 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, @@ -184,7 +185,7 @@ DictLL_UnmarshalLine(const char *buf, // IN: buffer to parse 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, }; - /* Everything but NUL, space, tab, pound and equal --hpreg */ + /* Everything but NUL, space, tab, pound and equal. */ static int const wspe_out[] = { 0, 1, 1, 1, 1, 1, 1, 1, 1, 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, @@ -203,7 +204,7 @@ DictLL_UnmarshalLine(const char *buf, // IN: buffer to parse 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, }; - /* Everything but NUL and double quote --hpreg */ + /* Everything but NUL and double quote. */ static int const q_out[] = { 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, @@ -257,7 +258,7 @@ DictLL_UnmarshalLine(const char *buf, // IN: buffer to parse /* Make local copy of line. */ myLine = BufDup(buf, lineEnd - buf); - /* Check if the line is well-formed --hpreg */ + /* Check if the line is well-formed. */ nBegin = Walk(myLine, ws_in); nEnd = Walk(nBegin, wspe_out); tmp = Walk(nEnd, ws_in); @@ -285,7 +286,7 @@ DictLL_UnmarshalLine(const char *buf, // IN: buffer to parse goto weird; } - /* The line is well-formed. Extract the name and value --hpreg */ + /* The line is well-formed. Extract the name and value. */ myName = BufDup(nBegin, nEnd - nBegin); myValue = Escape_Undo('|', vBegin, vEnd - vBegin, NULL); @@ -298,7 +299,7 @@ DictLL_UnmarshalLine(const char *buf, // IN: buffer to parse return nextLine; weird: - /* The line is not well-formed. Let the upper layers handle it --hpreg */ + /* The line is not well-formed. Let the upper layers handle it. */ *line = myLine; *name = NULL; @@ -313,22 +314,24 @@ DictLL_UnmarshalLine(const char *buf, // IN: buffer to parse * * DictLL_ReadLine -- * - * Read the next line from a dictionary file --hpreg + * Read the next line from a dictionary file. * * Results: - * 2 on success: '*line' is the allocated line - * If the line is well-formed, then '*name' and '*value' are - * allocated strings. Otherwise they are both NULL. - * 1 if there is no next line (end of stream) - * 0 on failure: errno is set accordingly + * DictLL_ReadLineSuccess on success. `*line` is the allocated line. If + * line is well-formed, then `*name` and `*value` are allocated strings. + * Otherwise they are both NULL. + * + * DictLL_ReadLineEOF if there is no next line (end of stream). + * + * DictLL_ReadLineError on failure. errno is set accordingly. * * Side effects: * None * *----------------------------------------------------------------------------- */ - -int + +DictLL_ReadLineResult DictLL_ReadLine(FILE *stream, // IN: stream to read char **line, // OUT: malloc()'d line or null pointer char **name, // OUT: malloc()'d name or null pointer @@ -348,10 +351,10 @@ DictLL_ReadLine(FILE *stream, // IN: stream to read switch (StdIO_ReadNextLine(stream, &myLine, 0, &myLineLen)) { case StdIO_Error: - return 0; + return DictLL_ReadLineError; case StdIO_EOF: - return 1; + return DictLL_ReadLineEOF; case StdIO_Success: if (DictLL_UnmarshalLine(myLine, myLineLen, @@ -359,10 +362,7 @@ DictLL_ReadLine(FILE *stream, // IN: stream to read *line = BufDup("", 0); } free(myLine); - return 2; - - default: - NOT_IMPLEMENTED(); + return DictLL_ReadLineSuccess; } NOT_REACHED(); } @@ -396,7 +396,7 @@ DictLL_MarshalLine(DynBuf *output, // IN/OUT: output buffer if (name) { /* * Double quote, pipe, 0x7F, and all control characters but - * tab --hpreg + * tab. * 0x80 to 0xff are unescaped so characters in encodings * like UTF-8 will be displayed normally. */ @@ -420,7 +420,7 @@ DictLL_MarshalLine(DynBuf *output, // IN/OUT: output buffer }; char *evalue; - /* Write a well-formed line --hpreg */ + /* Write a well-formed line. */ evalue = Escape_Do('|', toEscape, value, (uint32)strlen(value), &size); if ( !DynBuf_Append(output, name, (uint32)strlen(name)) @@ -433,7 +433,7 @@ DictLL_MarshalLine(DynBuf *output, // IN/OUT: output buffer } free(evalue); } else { - /* Write the line as passed from the upper layers --hpreg */ + /* Write the line as passed from the upper layers. */ size = (uint32)strlen(value); if (size && !DynBuf_Append(output, value, size)) { @@ -443,7 +443,7 @@ DictLL_MarshalLine(DynBuf *output, // IN/OUT: output buffer /* * Win32 takes care of adding the \r (XXX this assumes that the stream - * is opened in ascii mode) --hpreg + * is opened in ascii mode). */ if (!DynBuf_Append(output, "\n", 1)) { return FALSE; diff --git a/open-vm-tools/lib/include/dictll.h b/open-vm-tools/lib/include/dictll.h index ad05f9694..26d2c5090 100644 --- a/open-vm-tools/lib/include/dictll.h +++ b/open-vm-tools/lib/include/dictll.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 1998-2017 VMware, Inc. All rights reserved. + * Copyright (c) 1998-2024 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -19,11 +20,11 @@ /* * dictll.h -- * - * Low-level dictionary format --hpreg + * Low-level dictionary format. */ -#ifndef __DICTLL_H__ -# define __DICTLL_H__ +#ifndef VMWARE_DICTLL_H +#define VMWARE_DICTLL_H #include "vm_basic_types.h" #include "dynbuf.h" @@ -32,7 +33,13 @@ extern "C" { #endif -int +typedef enum { + DictLL_ReadLineError, + DictLL_ReadLineEOF, + DictLL_ReadLineSuccess, +} DictLL_ReadLineResult; + +DictLL_ReadLineResult DictLL_ReadLine(FILE *stream, // IN char **line, // OUT char **name, // OUT @@ -63,4 +70,4 @@ DictLL_ReadUTF8BOM(FILE *file); // IN/OUT } // extern "C" #endif -#endif /* __DICTLL_H__ */ +#endif /* VMWARE_DICTLL_H */ From 75bb54af8c896bc27724353064f85de2ad986539 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:53 -0800 Subject: [PATCH 331/375] Change to common source files not applicable to open-vm-tools. --- open-vm-tools/services/vmtoolsd/l10n/de.vmsg | 77 ------- open-vm-tools/services/vmtoolsd/l10n/it.vmsg | 77 ------- open-vm-tools/services/vmtoolsd/l10n/ko.vmsg | 77 ------- .../services/vmtoolsd/l10n/zh_CN.vmsg | 77 ------- .../services/vmtoolsd/l10n/zh_TW.vmsg | 77 ------- open-vm-tools/toolbox/l10n/de.vmsg | 206 ------------------ open-vm-tools/toolbox/l10n/it.vmsg | 206 ------------------ open-vm-tools/toolbox/l10n/ko.vmsg | 206 ------------------ open-vm-tools/toolbox/l10n/zh_CN.vmsg | 206 ------------------ open-vm-tools/toolbox/l10n/zh_TW.vmsg | 206 ------------------ open-vm-tools/vgauth/cli/l10n/de.vmsg | 90 -------- open-vm-tools/vgauth/cli/l10n/it.vmsg | 90 -------- open-vm-tools/vgauth/cli/l10n/ko.vmsg | 90 -------- open-vm-tools/vgauth/cli/l10n/zh_CN.vmsg | 90 -------- open-vm-tools/vgauth/cli/l10n/zh_TW.vmsg | 90 -------- open-vm-tools/vgauth/lib/l10n/de.vmsg | 21 -- open-vm-tools/vgauth/lib/l10n/it.vmsg | 21 -- open-vm-tools/vgauth/lib/l10n/ko.vmsg | 21 -- open-vm-tools/vgauth/lib/l10n/zh_CN.vmsg | 21 -- open-vm-tools/vgauth/lib/l10n/zh_TW.vmsg | 21 -- open-vm-tools/vgauth/service/l10n/de.vmsg | 46 ---- open-vm-tools/vgauth/service/l10n/it.vmsg | 46 ---- open-vm-tools/vgauth/service/l10n/ko.vmsg | 46 ---- open-vm-tools/vgauth/service/l10n/zh_CN.vmsg | 46 ---- open-vm-tools/vgauth/service/l10n/zh_TW.vmsg | 46 ---- 25 files changed, 2200 deletions(-) diff --git a/open-vm-tools/services/vmtoolsd/l10n/de.vmsg b/open-vm-tools/services/vmtoolsd/l10n/de.vmsg index 41b2004a2..e69de29bb 100644 --- a/open-vm-tools/services/vmtoolsd/l10n/de.vmsg +++ b/open-vm-tools/services/vmtoolsd/l10n/de.vmsg @@ -1,77 +0,0 @@ -########################################################## -# Copyright (C) 2010, 2020-2021 VMware, Inc. All rights reserved. -# -# This program is free software; you can redistribute it and/or modify it -# under the terms of the GNU Lesser General Public License as published -# by the Free Software Foundation version 2.1 and no later version. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY -# or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public -# License for more details. -# -# You should have received a copy of the GNU Lesser General Public License -# along with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. -# -########################################################## - -cmdline.background = "Wird im Hintergrund ausgeführt und erstellt eine pid-Datei." - -cmdline.background.pidfile = "pidfile" - -cmdline.blockfd = "Dateideskriptor für das Dateisystem, das VMware blockiert." - -cmdline.blockfd.fd = "fd" - -cmdline.commonpath = "Pfad zum Plug-In-Verzeichnis." - -cmdline.config = "Verwendet die Konfigurationsdatei im angegebenen Pfad." - -cmdline.debug = "Wird unter Verwendung des angegebenen Plug-Ins im Debug-Modus ausgeführt." - -cmdline.displayname = "Anzeigename des Dienstes (wird nur mit -i verwendet)." - -cmdline.displayname.argument = "Name" - -cmdline.install = "Installiert den Dienst mit dem Service Control Manager (SCM)." - -cmdline.install.args = "args" - -cmdline.forceQuit = "Stoppt eine laufende Instanz eines Tools-Dienstes." - -cmdline.log = "Ignoriert; für Abwärtskompatibilität beibehalten." - -cmdline.name = "Name des Dienstes, der gestartet wird." - -cmdline.name.argument = "svcname" - -cmdline.path = "Pfad" - -cmdline.pluginpath = "Pfad des Plug-In-Verzeichnisses." - -cmdline.rpc = "Sendet einen RPC-Befehl an den Host und wird beendet." - -cmdline.rpc.command = "Befehl" - -cmdline.rpcerror = "Befehl konnte nicht an VMware-Hypervisor gesendet werden." - -cmdline.cmdfile = "Sendet einen RPC-Befehl aus einer Datei an den Host und wird beendet." - -cmdline.cmdfile.command = "Befehlsdatei" - -cmdline.cmdfile.rpcerror = "Befehl konnte nicht aus Datei an VMware-Hypervisor gesendet werden." - -cmdline.cmdfile.read = "Befehl kann nicht aus Datei %1$s gelesen werden.\n" - - -cmdline.state = "Führt einen Dump des internen Zustands der Instanz eines laufenden Dienstes in die Protokolle aus." - -cmdline.uinputfd = "Dateideskriptor für das Eingabegerät" - -cmdline.uinputfd.fd = "fd" - -cmdline.uninstall = "Deinstalliert den Dienst vom Service Control Manager (SCM)." - -cmdline.version = "Druckt die Version des Daemons und wird beendet." - diff --git a/open-vm-tools/services/vmtoolsd/l10n/it.vmsg b/open-vm-tools/services/vmtoolsd/l10n/it.vmsg index 3f63eb556..e69de29bb 100644 --- a/open-vm-tools/services/vmtoolsd/l10n/it.vmsg +++ b/open-vm-tools/services/vmtoolsd/l10n/it.vmsg @@ -1,77 +0,0 @@ -########################################################## -# Copyright (C) 2010, 2020-2021 VMware, Inc. All rights reserved. -# -# This program is free software; you can redistribute it and/or modify it -# under the terms of the GNU Lesser General Public License as published -# by the Free Software Foundation version 2.1 and no later version. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY -# or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public -# License for more details. -# -# You should have received a copy of the GNU Lesser General Public License -# along with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. -# -########################################################## - -cmdline.background = "Viene eseguito in background e crea un file pid." - -cmdline.background.pidfile = "file pid" - -cmdline.blockfd = "Descrittore file per il file system di blocco VMware." - -cmdline.blockfd.fd = "fd" - -cmdline.commonpath = "Percorso della directory plugin comune." - -cmdline.config = "Utilizza il file di configurazione disponibile nel percorso specificato." - -cmdline.debug = "Viene eseguito in modalità debug, utilizzando il plugin specificato." - -cmdline.displayname = "Nome visualizzato del servizio (utilizzato solo con -i)." - -cmdline.displayname.argument = "nome" - -cmdline.install = "Installa il servizio in Gestione controllo servizi." - -cmdline.install.args = "argomenti" - -cmdline.forceQuit = "Interrompe un'istanza in esecuzione di un servizio di Tools." - -cmdline.log = "Ignorato, mantenuto per la compatibilità con versioni precedenti." - -cmdline.name = "Nome del servizio che sta per essere avviato." - -cmdline.name.argument = "nome servizio" - -cmdline.path = "percorso" - -cmdline.pluginpath = "Percorso della directory plugin." - -cmdline.rpc = "Invia all'host un comando RPC ed esce." - -cmdline.rpc.command = "comando" - -cmdline.rpcerror = "Impossibile inviare il comando al supervisore VMware." - -cmdline.cmdfile = "Invia un comando RPC da un file all'host ed esce." - -cmdline.cmdfile.command = "file di comando" - -cmdline.cmdfile.rpcerror = "Impossibile inviare il comando dal file all'hypervisor VMware." - -cmdline.cmdfile.read = "Impossibile leggere il comando dal file %1$s.\n" - - -cmdline.state = "Invia ai registri lo stato interno di un'istanza del servizio in esecuzione." - -cmdline.uinputfd = "Descrittore file per il dispositivo di input." - -cmdline.uinputfd.fd = "fd" - -cmdline.uninstall = "Disinstalla il servizio da Gestione controllo servizi." - -cmdline.version = "Stampa la versione daemon ed esce." - diff --git a/open-vm-tools/services/vmtoolsd/l10n/ko.vmsg b/open-vm-tools/services/vmtoolsd/l10n/ko.vmsg index 16bcbefe4..e69de29bb 100644 --- a/open-vm-tools/services/vmtoolsd/l10n/ko.vmsg +++ b/open-vm-tools/services/vmtoolsd/l10n/ko.vmsg @@ -1,77 +0,0 @@ -########################################################## -# Copyright (C) 2010, 2020-2021 VMware, Inc. All rights reserved. -# -# This program is free software; you can redistribute it and/or modify it -# under the terms of the GNU Lesser General Public License as published -# by the Free Software Foundation version 2.1 and no later version. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY -# or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public -# License for more details. -# -# You should have received a copy of the GNU Lesser General Public License -# along with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. -# -########################################################## - -cmdline.background = "백그라운드로 실행하고 pid 파일을 생성합니다." - -cmdline.background.pidfile = "pidfile" - -cmdline.blockfd = "VMware 차단 fs에 대한 파일 설명자입니다." - -cmdline.blockfd.fd = "fd" - -cmdline.commonpath = "일반 플러그인 디렉토리에 대한 경로입니다." - -cmdline.config = "지정된 경로에 있는 구성 파일을 사용합니다." - -cmdline.debug = "지정된 플러그인을 사용하여 디버그 모드를 실행합니다." - -cmdline.displayname = "서비스 표시 이름입니다(-i와 함께 사용)." - -cmdline.displayname.argument = "이름" - -cmdline.install = "서비스 제어 관리자를 사용하여 서비스를 설치합니다." - -cmdline.install.args = "args" - -cmdline.forceQuit = "실행 중인 VMware Tools 서비스의 인스턴스를 중지합니다." - -cmdline.log = "무시되며, 이전 버전과의 호환성을 위해 유지됩니다." - -cmdline.name = "시작될 서비스의 이름입니다." - -cmdline.name.argument = "svcname" - -cmdline.path = "경로" - -cmdline.pluginpath = "플러그인 디렉토리에 대한 경로입니다." - -cmdline.rpc = "RPC 명령을 호스트에 보내고 종료합니다." - -cmdline.rpc.command = "명령" - -cmdline.rpcerror = "VMware 하이퍼바이저에 명령을 보낼 수 없습니다." - -cmdline.cmdfile = "파일에서 RPC 명령을 호스트에 보내고 종료합니다." - -cmdline.cmdfile.command = "명령 파일" - -cmdline.cmdfile.rpcerror = "파일에서 VMware 하이퍼바이저에 명령을 보낼 수 없습니다." - -cmdline.cmdfile.read = "%1$s 파일에서 명령을 읽을 수 없습니다.\n" - - -cmdline.state = "실행 중인 서비스 인스턴스의 내부 상태를 로그에 덤프합니다." - -cmdline.uinputfd = "uinput 장치에 대한 파일 설명자입니다." - -cmdline.uinputfd.fd = "fd" - -cmdline.uninstall = "서비스 제어 관리자에서 서비스를 제거합니다." - -cmdline.version = "대몬 버전을 출력하고 종료합니다." - diff --git a/open-vm-tools/services/vmtoolsd/l10n/zh_CN.vmsg b/open-vm-tools/services/vmtoolsd/l10n/zh_CN.vmsg index ab91986d9..e69de29bb 100644 --- a/open-vm-tools/services/vmtoolsd/l10n/zh_CN.vmsg +++ b/open-vm-tools/services/vmtoolsd/l10n/zh_CN.vmsg @@ -1,77 +0,0 @@ -########################################################## -# Copyright (C) 2010, 2020-2021 VMware, Inc. All rights reserved. -# -# This program is free software; you can redistribute it and/or modify it -# under the terms of the GNU Lesser General Public License as published -# by the Free Software Foundation version 2.1 and no later version. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY -# or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public -# License for more details. -# -# You should have received a copy of the GNU Lesser General Public License -# along with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. -# -########################################################## - -cmdline.background = "在后台运行,并创建 pid 文件。" - -cmdline.background.pidfile = "pidfile" - -cmdline.blockfd = "VMware blocking fs 的文件描述符。" - -cmdline.blockfd.fd = "fd" - -cmdline.commonpath = "公用插件目录路径。" - -cmdline.config = "使用位于给定路径的配置文件。" - -cmdline.debug = "使用给定插件以调试模式运行。" - -cmdline.displayname = "服务显示名称 (仅与 -i 一起使用)。" - -cmdline.displayname.argument = "名称" - -cmdline.install = "使用服务控制管理器安装服务。" - -cmdline.install.args = "args" - -cmdline.forceQuit = "停止正在运行的 Tools 服务的实例。" - -cmdline.log = "已忽略,保留用于实现向后兼容性。" - -cmdline.name = "正在启动的服务的名称。" - -cmdline.name.argument = "svcname" - -cmdline.path = "路径" - -cmdline.pluginpath = "到插件目录的路径。" - -cmdline.rpc = "向主机发送 RPC 命令,然后退出。" - -cmdline.rpc.command = "命令" - -cmdline.rpcerror = "无法向 VMware 管理程序发送命令。" - -cmdline.cmdfile = "通过文件向主机发送 RPC 命令,然后退出。" - -cmdline.cmdfile.command = "命令文件" - -cmdline.cmdfile.rpcerror = "无法通过文件向 VMware 管理程序发送命令。" - -cmdline.cmdfile.read = "无法从文件 %1$s 中读取命令。\n" - - -cmdline.state = "将正在运行的服务实例的内部状况转储到日志。" - -cmdline.uinputfd = "uinput 设备的文件描述符。" - -cmdline.uinputfd.fd = "fd" - -cmdline.uninstall = "从服务控制管理器卸载服务。" - -cmdline.version = "打印守护进程版本,然后退出。" - diff --git a/open-vm-tools/services/vmtoolsd/l10n/zh_TW.vmsg b/open-vm-tools/services/vmtoolsd/l10n/zh_TW.vmsg index 4d04a60c4..e69de29bb 100644 --- a/open-vm-tools/services/vmtoolsd/l10n/zh_TW.vmsg +++ b/open-vm-tools/services/vmtoolsd/l10n/zh_TW.vmsg @@ -1,77 +0,0 @@ -########################################################## -# Copyright (C) 2010, 2020-2021 VMware, Inc. All rights reserved. -# -# This program is free software; you can redistribute it and/or modify it -# under the terms of the GNU Lesser General Public License as published -# by the Free Software Foundation version 2.1 and no later version. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY -# or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public -# License for more details. -# -# You should have received a copy of the GNU Lesser General Public License -# along with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. -# -########################################################## - -cmdline.background = "在背景中執行並建立 pid 檔案。" - -cmdline.background.pidfile = "pidfile" - -cmdline.blockfd = "VMware 封鎖 fs 的檔案描述元。" - -cmdline.blockfd.fd = "fd" - -cmdline.commonpath = "一般外掛程式目錄的路徑。" - -cmdline.config = "使用指定路徑下的組態檔。" - -cmdline.debug = "使用指定外掛程式以偵錯模式執行。" - -cmdline.displayname = "服務顯示名稱 (僅與 -i 搭配使用)。" - -cmdline.displayname.argument = "名稱" - -cmdline.install = "透過服務控制管理員安裝服務。" - -cmdline.install.args = "args" - -cmdline.forceQuit = "停止工具服務的執行中執行個體。" - -cmdline.log = "已略過,保留用於向後相容性。" - -cmdline.name = "啟動中服務的名稱。" - -cmdline.name.argument = "svcname" - -cmdline.path = "路徑" - -cmdline.pluginpath = "外掛程式目錄的路徑。" - -cmdline.rpc = "向主機傳送 RPC 命令,然後結束。" - -cmdline.rpc.command = "命令" - -cmdline.rpcerror = "無法向 VMware Hypervisor 傳送命令。" - -cmdline.cmdfile = "從檔案向主機傳送 RPC 命令,然後結束。" - -cmdline.cmdfile.command = "命令檔案" - -cmdline.cmdfile.rpcerror = "無法從檔案向 VMware Hypervisor 傳送命令。" - -cmdline.cmdfile.read = "無法從檔案 %1$s 讀取命令。\n" - - -cmdline.state = "將執行中服務執行個體的內部狀態傾印到記錄。" - -cmdline.uinputfd = "uinput 裝置的檔案描述元。" - -cmdline.uinputfd.fd = "fd" - -cmdline.uninstall = "從服務控制管理員解除安裝服務。" - -cmdline.version = "列印精靈版本,然後結束。" - diff --git a/open-vm-tools/toolbox/l10n/de.vmsg b/open-vm-tools/toolbox/l10n/de.vmsg index aad98ffc9..e69de29bb 100644 --- a/open-vm-tools/toolbox/l10n/de.vmsg +++ b/open-vm-tools/toolbox/l10n/de.vmsg @@ -1,206 +0,0 @@ -########################################################## -# Copyright (c) 2010-2017,2020-2022 VMware, Inc. All rights reserved. -# -# This program is free software; you can redistribute it and/or modify it -# under the terms of the GNU Lesser General Public License as published -# by the Free Software Foundation version 2.1 and no later version. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY -# or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public -# License for more details. -# -# You should have received a copy of the GNU Lesser General Public License -# along with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. -# -########################################################## - -arg.command = "Befehl" - -arg.config.key = "Konfigurationsschlüssel" - -arg.config.operation = "Konfigurationsvorgang" - -arg.config.section = "Konfigurationsabschnitt" - -arg.config.value = "Konfigurationswert" - -arg.devicename = "Gerätename" - -arg.info.class = "info-Infoklasse" - -arg.info.subcommand = "info-Vorgang" - -arg.logging.level = "Ebene der Protokollierung" - -arg.logging.service = "Dienstname der Protokollierung" - -arg.logging.subcommand = "Vorgang der Protokollierung" - -arg.mountpoint = "Mount-Punkt" - -arg.scriptpath = "Skriptpfad" - -arg.scripttype = "Skripttyp" - -arg.subcommand = "Unterbefehl" - -device.connect.error = "Gerät '%1$s' kann nicht angeschlossen werden.\n" - -device.disconnect.error = "Das Gerät '%1$s' kann nicht getrennt werden.\n" - -device.notfound = "Fehler beim Abrufen der Schnittstelleninformationen: Gerät nicht gefunden.\n" - -disk.shrink.canceled = "Vorgang zum Verkleinern der Festplatte abgebrochen.\n" - -disk.shrink.complete = "Vorgang zum Verkleinern der Festplatte abgeschlossen.\n" - -disk.shrink.conflict = "Fehler: Die Toolbox betrachtet die Festplattenverkleinerung als aktiviert, während der Host die Funktion als deaktiviert behandelt.\n\n Schließen Sie die Toolbox und öffnen Sie sie erneut, um eine Synchronisierung mit dem Host vorzunehmen.\n" - -disk.shrink.disabled = "Das Verkleinern von Festplatten ist für diese virtuelle Maschine deaktiviert.\n\nDie Verkleinerung ist für verknüpfte Klone, übergeordnete Elemente verknüpfter Klone, \nFestplatten mit vorab zugewiesenem Speicherplatz, Snapshots oder aufgrund weiterer Faktoren deaktiviert. \nWeitere Informationen finden Sie im Benutzerhandbuch.\n" - -disk.shrink.error = "Fehler beim Verkleinern der Festplatte: %1$s\n" - -disk.shrink.incomplete = "Vorgang zum Verkleinern der Festplatte nicht abgeschlossen.\n" - -disk.shrink.partition.error = "Partitionsdaten konnten nicht erfasst werden.\n" - -disk.shrink.partition.notfound = "Die Partition %1$s wurde nicht gefunden\n" - -disk.shrink.partition.unsupported = "Die Partition %1$s kann nicht verkleinert werden\n" - -disk.shrink.unavailable = "Die Verkleinerungsfunktion ist nicht verfügbar,\n\nweil Sie entweder eine alte Version eines VMware-Produkts ausführen oder weil zu viele Kommunikationskanäle offen sind.\n\nWenn Sie eine alte Version eines VMware-Produkts ausführen, sollten Sie ein Upgrade in Erwägung ziehen.\n\nWenn zu viele Kommunikationskanäle geöffnet sind, sollten Sie Ihre virtuelle Maschine aus- und anschließend wieder einschalten.\n" - -disk.shrink.ignoreFreeSpaceWarnings = "Ignorieren Sie während des Verkleinerungsvorgangs etwaige Warnungen bezüglich des Speicherplatzes.\n" - -disk.wipe.ignoreFreeSpaceWarnings = "Ignorieren Sie während des Wiper-Vorgangs etwaige Warnungen bezüglich des Speicherplatzes.\n" - -disk.wiper.file.error = "Fehler, Erstellen der Wiper-Datei nicht möglich.\n" - -disk.wiper.progress = "\rProgress: %1$d" - -error.message = "Fehler: %1$s\n" - -error.missing = "%1$s: %2$s fehlt\n" - -error.noadmin.posix = "%1$s: Sie müssen root-Benutzer sein, um die %2$s-Vorgänge auszuführen.\n" - -error.noadmin.win = "%1$s: Zum Ausführen der %2$s-Vorgänge sind Administratorberechtigungen erforderlich.\nVerwenden Sie eine Administrator-Eingabeaufforderung, um diese Aufgaben abzuschließen.\n" - -error.novirtual = "%1$s muss innerhalb einer virtuellen Maschine ausgeführt werden.\n" - -error.unknown = "%1$s: %2$s '%3$s' unbekannt\n" - -help.config = "%1$s: Tools-Konfiguration bearbeiten\nNutzung: %2$s %3$s \n\nUnterbefehle:\n get : Aktuellen Wert für anzeigen\n HINWEIS: Wenn der in tools.conf nicht vorhanden ist, wird\n sein Wert aus der globalen Konfiguration zurückgegeben, falls vorhanden\n set : auf einstellen\n\n remove : entfernen\n\n kann ein beliebiger unterstützter Abschnitt sein, z. B. logging, guestoperations oder guestinfo.\n kann ein beliebiger Konfigurationsschlüssel sein.\n kann ein beliebiger Wert sein.\n" - -help.device = "%1$s: Funktionen für die Hardwaregeräte der virtuellen Maschine\nNutzung: %2$s %3$s [Argumente]\n'dev' ist der Name des Geräts.\n\nUnterbefehle:\n enable : Aktivieren des Geräts 'dev' \n disable : Deaktivieren des Geräts 'dev'\n list: Auflisten aller verfügbaren Geräte\n status : Ausgeben des Status eines Geräts\n" - -help.disk = "%1$s: Führt Verkleinerungen von Festplatten durch\nNutzung: %2$s %3$s [Argumente]\n\nUnterbefehle:\n list: Auflisten der verfügbaren Speicherorte\n shrink : Löschen und Verkleinern eines Dateisystems am angegebenen Speicherort\n shrinkonly: Verkleinern alle Festplatten\n wipe : Löschen eines Dateisystems am angegebenen Speicherort\n" - -help.globalconf = "%1$s: Globale Konfigurationsdownloads aus GuestStore verwalten\nNutzung: %2$s %3$s \n\nUnterbefehle nur für ESX-Gäste:\n enable: Globales Konfigurationsmodul aktivieren\n disable: Globales Konfigurationsmodul deaktivieren\n refresh: Neuen Download der globalen Konfiguration aus dem GuestStore auslösen\n status: Status des globalen Konfigurationsmodul drucken\n" - -help.gueststore = "%1$s: Ressourceninhalt aus dem GuestStore abrufen\nNutzung: %2$s %3$s \n\nUnterbefehle nur für ESX-Gäste:\n getcontent : Ressourceninhalt aus dem GuestStore abrufen un in Ausgabedatei speichern.\n\n startet mit / und stellt eine eindeutige Ressource im GuestStore dar. Wenn er mit / endet, wird standardmäßig die zugrunde liegende Ressource 'metadata.json' abgerufen.\n ist der Pfad zu einer Datei, in der der Ressourceninhalt gespeichert werden soll.\n" - -help.hint = "Siehe '%1$s %2$s%3$s%4$s' für weitere Informationen.\n" - -help.info = "%1$s: Aktualisieren von Gastbetriebssysteminformationen auf dem Host\nNutzung: %2$s %3$s update \n\nUnterbefehle:\n update < Infoklasse >: Aktualisieren von durch ermittelte Informationen\n< Infoklasse > kann 'network' sein\n" - -help.logging = "%1$s: Tools-Protokollierung verändern\nNutzung: %2$s %3$s level \n\nUnterbefehle:\n get : Aktuelle Ebene anzeigen\n HINWEIS: Wenn die Ebene in tools.conf nicht vorhanden ist, wird ihr\n Wert aus der globalen Konfiguration zurückgegeben, falls vorhanden\n set : Aktuelle Ebene festlegen\n\n kann jeder unterstützte Dienst sein wie vmsvc oder vmusr\n kann für einen Fehler, ein kritisches Ereignis, eine Warnung, Info, Meldung oder ein Debugging stehen\n Standard ist %4$s\n" - -help.main = "Nutzung: %1$s [Optionen] [Unterbefehl]\nWenn Sie Hilfe zu einem bestimmten Befehl benötigen, geben Sie '%2$s %3$s ' ein.\nGeben Sie '%4$s -v' ein, um die VMware Tools-Version anzuzeigen.\nVerwenden Sie die Option '-q' zum Unterdrücken der stdout-Ausgabe.\nFür die meisten Befehle gibt es Unterbefehle.\n\nVerfügbare Befehle:\n config\n device\n disk (nicht auf allen Betriebssystemen verfügbar)\n globalconf (nicht auf allen Betriebssystemen verfügbar)\n gueststore (nicht auf allen Betriebssystemen verfügbar)\n info\n logging\n script\n stat\n timesync\n upgrade (nicht auf allen Betriebssystemen verfügbar)\n" - -help.script = "%1$s: Steuerung der Skripts, die als Reaktion auf Betriebsvorgänge ausgeführt werden\nNutzung: %2$s %3$s [Argumente]\n\nUnterbefehle:\n enable: Angegebenes Skript aktivieren und dessen Pfad auf den Standardpfad zurücksetzen\n disable: Angegebenes Skript deaktivieren\n set : Angegebenes Skript auf den angegebenen Pfad festlegen\n default: Standardpfad an das angegebene Skript ausgeben\n current: Aktuellen Pfad des angegebenen Skripts ausgeben\n HINWEIS: Wenn der Pfad in tools.conf nicht vorhanden ist, wird dessen\n Wert aus der globalen Konfiguration zurückgegeben, falls vorhanden\n" - -help.stat = "%1$s: Drucken von hilfreichen Gast- und Hostinformationen\nNutzung: %2$s %3$s \n\nUnterbefehle:\n hosttime: Ausgeben der Hostuhrzeit\n speed: Ausgeben der CPU-Geschwindigkeit in MHz\nUnterbefehle nur für ESX-Gäste:\n sessionid: Ausgeben der aktuellen Sitzungs-ID\n balloon: Ausgeben der Balloon-Arbeitsspeicher-Informationen\n swap: Ausgeben der Auslagerungsinformationen für den Arbeitsspeicher\n memlimit: Ausgeben des Arbeitsspeicher-Limits\n memres: Ausgeben der Arbeitsspeicherreservierung\n cpures: Ausgeben der CPU-Reservierung\n cpulimit: Ausgeben des CPU-Limits\n raw [ ]: Drucken von statistischen Rohdaten\n steht für 'text', 'json', 'xml' oder 'yaml'.\n beinhaltet session, host, resources, vscsi und\n vnet (einige Statistiken wie vsci bestehen aus zwei Wörtern, z. B. 'vscsi scsi0:0').\n Druckt verfügbare Statistiken wenn für und \n keine Argumente angegeben wurden.\n" - -help.timesync = "%1$s: Funktionen für die Steuerung der Zeitsynchronisierung auf dem Gastbetriebssystem\Nutzung: %2$s %3$s \n\nUnterbefehle:\n enable: Aktivieren der Zeitsynchronisierung\n disable: Deaktivieren der Zeitsynchronisierung\n status: Ausgeben des Status der Zeitsynchronisierung\n" - -help.upgrade = "%1$s: Funktionen für das Upgrade von VMware Tools.\nNutzung: %2$s %3$s [Argumente]\nUnterbefehle:\n status: Überprüfen des Upgrade-Status für VMware Tools.\n start: Starten eines automatischen Upgrade von VMware Tools.\n\nDamit die Upgrades funktionieren, muss der VMware Tools-Dienst ausgeführt werden.\n" - -globalconf.refresh.failed = "'%1$s' ist fehlgeschlagen, da das globalconf-Modul deaktiviert ist.\n" - -globalconf.start_vmtools = "%1$s: Dienst %2$s wird gestartet.\n" - -globalconf.status = "Der Status des globalconf-Modul lautet '%1$s'\n" - -globalconf.stop_vmtools = "%1$s: Dienst %2$s wird angehalten.\n" - -globalconf.update_config = "%1$s: Die Konfiguration wird aktualisiert.\n" - -gueststore.content_size = "Größe des Inhalts in Byte: " - -gueststore.error.client_lib = "'%1$s' ist fehlgeschlagen, Fehler in der GuestStore-Client-Bibliothek: %2$s.\n" - -gueststore.progress = "\rFortschritt: %1$d%%" - -option.disabled = "Deaktiviert" - -option.enabled = "Aktiviert" - -result.error.failed = "'%1$s' ist fehlgeschlagen. Weitere Informationen finden Sie im %2$s-Protokoll.\n" - -result.succeeded = "'%1$s' war erfolgreich.\n" - -script.notfound = "%1$s ist nicht vorhanden.\n" - -script.operation = "Vorgang" - -script.unknownop = "Kein Skript für den Vorgang %1$s.\n" - -script.write.error = "Fehler beim Schreiben der Konfiguration: %1$s\n" - -stat.balloon.failed = "Balloon-Arbeitsspeicher konnte nicht abgerufen werden: %1$s\n" - -stat.cpumax.failed = "CPU-Limit konnte nicht abgerufen werden: %1$s\n" - -stat.cpumin.failed = "CPU-Mindestwert konnte nicht abgerufen werden: %1$s\n" - -stat.formattime.failed = "Hostuhrzeit kann nicht formatiert werden.\n" - -stat.get.failed = "Statistiken konnten nicht abgerufen werden: %1$s\n" - -stat.getsession.failed = "Sitzungs-ID konnte nicht abgerufen werden: %1$s\n" - -stat.getspeed.failed = "Prozessorgeschwindigkeit nicht abrufbar.\n" - -stat.gettime.failed = "Hostuhrzeit konnte nicht abgerufen werden.\n" - -stat.maxmem.failed = "Arbeitsspeicher-Limit konnte nicht abgerufen werden: %1$s\n" - -stat.memres.failed = "Arbeitsspeicherreservierung konnte nicht abgerufen werden: %1$s\n" - -stat.memswap.failed = "Ausgelagerter Arbeitsspeicher konnte nicht abgerufen werden: %1$s\n" - -stat.openhandle.failed = "OpenHandle fehlgeschlagen: %1$s\n" - -stat.update.failed = "UpdateInfo fehlgeschlagen: %1$s\n" - -stat.processorSpeed.info = "%1$u MHz\n" - -stat.memoryBalloon.info = "%1$u MB\n" - -stat.memoryReservation.info = "%1$u MB\n" - -stat.memorySwapped.info = "%1$u MB\n" - -stat.memoryLimit.info = "%1$u MB\n" - -stat.cpuReservation.info = "%1$u MHz\n" - -stat.cpuLimit.info = "%1$u MHz\n" - -upgrade.available = "Eine neue Version von VMware Tools steht zur Verfügung.\n" - -upgrade.error.check_error = "Fehler beim Überprüfen der Verfügbarkeit von Upgrades.\n" - -upgrade.error.error = "Fehler beim Starten des Upgrades von VMware Tools.\n" - -upgrade.error.not_supported = "Der Host unterstützt kein automatisches Upgrade von VMware Tools.\n" - -upgrade.error.unknown_reply = "Unerwartete Antwort vom Host: %1$s\n" - -upgrade.started = "Das Upgrade wird durchgeführt.\n" - -upgrade.uptodate = "VMware Tools ist auf dem neuesten Stand.\n" - diff --git a/open-vm-tools/toolbox/l10n/it.vmsg b/open-vm-tools/toolbox/l10n/it.vmsg index 7514ba575..e69de29bb 100644 --- a/open-vm-tools/toolbox/l10n/it.vmsg +++ b/open-vm-tools/toolbox/l10n/it.vmsg @@ -1,206 +0,0 @@ -########################################################## -# Copyright (c) 2010-2017,2020-2022 VMware, Inc. All rights reserved. -# -# This program is free software; you can redistribute it and/or modify it -# under the terms of the GNU Lesser General Public License as published -# by the Free Software Foundation version 2.1 and no later version. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY -# or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public -# License for more details. -# -# You should have received a copy of the GNU Lesser General Public License -# along with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. -# -########################################################## - -arg.command = "comando" - -arg.config.key = "chiave di configurazione" - -arg.config.operation = "operazione di configurazione" - -arg.config.section = "sezione di configurazione" - -arg.config.value = "valore di configurazione" - -arg.devicename = "nome dispositivo" - -arg.info.class = "info classe info" - -arg.info.subcommand = "info operazione" - -arg.logging.level = "livello di registrazione" - -arg.logging.service = "nome servizio registrazione" - -arg.logging.subcommand = "operazione di registrazione" - -arg.mountpoint = "punto di montaggio" - -arg.scriptpath = "percorso script" - -arg.scripttype = "tipo script" - -arg.subcommand = "sottocomando" - -device.connect.error = "Impossibile connettere il dispositivo %1$s.\n" - -device.disconnect.error = "Impossibile disconnettere il dispositivo %1$s.\n" - -device.notfound = "Errore durante il recupero delle informazioni di interfaccia: dispositivo non trovato.\n" - -disk.shrink.canceled = "Riduzione disco annullata.\n" - -disk.shrink.complete = "Riduzione disco completata.\n" - -disk.shrink.conflict = "La Toolbox ritiene che la funzione di riduzione del disco sia abilitata, mentre il sistema host ritiene che sia disabilitata. \n\n Chiudere e riaprire la Toolbox per sincronizzarla con il sistema host.\n" - -disk.shrink.disabled = "La compattazione del disco è disabilitata per questa macchina virtuale.\n\nLa compattazione è disattivata per i cloni collegati, l'elemento padre dei cloni collegati, \ndischi pre-allocati, istantanee, o a causa di altri fattori. \nConsultare il manuale dell'utente per ulteriori informazioni.\n" - -disk.shrink.error = "Errore durante la riduzione: %1$s\n" - -disk.shrink.incomplete = "Riduzione non completata.\n" - -disk.shrink.partition.error = "Impossibile raccogliere i dati della partizione.\n" - -disk.shrink.partition.notfound = "Impossibile trovare la partizione %1$s\n" - -disk.shrink.partition.unsupported = "La partizione %1$s non può essere ridotta\n" - -disk.shrink.unavailable = "La funzionalità di riduzione non è disponibile.\n\nLa versione di un prodotto di VMware in esecuzione è obsoleta oppure sono aperti troppi canali di comunicazione.\n\nSe si utilizza una versione obsoleta di un prodotto VMware, passare all'aggiornamento.\n\nSe sono aperti troppi canali di comunicazione, disattivare la macchina virtuale, quindi riattivarla.\n" - -disk.shrink.ignoreFreeSpaceWarnings = "Ignorare eventuali avvisi sullo spazio su disco per tutta la durata processo di compattazione.\n" - -disk.wipe.ignoreFreeSpaceWarnings = "Ignorare eventuali avvisi sullo spazio su disco per tutta la durata del processo di cancellazione.\n" - -disk.wiper.file.error = "Errore: impossibile creare il file wiper.\n" - -disk.wiper.progress = "\\rAvanzamento: %1$d" - -error.message = "Errore: %1$s\n" - -error.missing = "%1$s: %2$s mancante\n" - -error.noadmin.posix = "%1$s: è necessario essere utente root per poter eseguire operazioni %2$s.\n" - -error.noadmin.win = "%1$s: Sono necessarie le autorizzazioni di amministratore per eseguire operazioni %2$s.\nUtilizzare un prompt dei comandi di amministratore per completare queste attività.\n" - -error.novirtual = "%1$s deve essere eseguito all'interno di una macchina virtuale.\n" - -error.unknown = "%1$s: %2$s '%3$s' sconosciuto\n" - -help.config = "%1$s: modifica la configurazione di Tools\nUtilizzo: %2$s %3$s \n\nComandi secondari:\n get : visualizza il valore corrente per \n NOTA: se non è presente in tools.conf, viene\n restituito il valore corrispondente della configurazione globale, se disponibile\n set : imposta su \n\n remove : rimuove \n\n può essere qualsiasi sezione supportata come logging, guestoperations o guestinfo.\n può essere qualsiasi chiave di configurazione.\n può essere qualsiasi valore.\n" - -help.device = "%1$s: funzioni relative ai dispositivi hardware della macchina virtuale\nUtilizzo: %2$s %3$s [args]\ndev è il nome del dispositivo.\n\nComandi secondari:\n attiva : attivare il dispositivo dev\n disattiva : disattivare il dispositivo dev\n elenca: elencare tutti i dispositivi disponibili\n stato : stampare lo stato di un dispositivo\n" - -help.disk = "%1$s: eseguire le operazioni di compattazione\nUtilizzo: %2$s %3$s [args]\n\nComandi secondari:\n elenco: elencare le posizioni disponibili\n compatta : pulisce e compatta un sistema di file nella posizione data\n compatta solo: compatta tutti i dischi\n pulisci : pulisce un sistema di file nella posizione data\n" - -help.globalconf = "%1$s: gestisce i download della configurazione globale da GuestStore\nUtilizzo: %2$s %3$s \n\nSolo comandi secondari del guest ESX:\n enable: abilita il modulo di configurazione globale\n disable: disabilita il modulo di configurazione globale\n refresh: attiva un nuovo download della configurazione globale da GuestStore\n status: stampa lo stato del modulo di configurazione globale\n" - -help.gueststore = "%1$s: ottiene il contenuto della risorsa da GuestStore\nUtilizzo: %2$s %3$s \n\nSolo comandi secondari di guest ESX:\n getcontent : ottiene il contenuto della risorsa da GuestStore ed esegue il salvataggio nel file di output.\n\n inizia con / e rappresenta una risorsa univoca in GuestStore. Se termina con /, per impostazione predefinita recupera la risorsa 'metadata.json' sottostante.\n è il percorso di un file in cui salvare il contenuto della risorsa.\n" - -help.hint = "Provare '%1$s %2$s%3$s%4$s' per ulteriori informazioni.\n" - -help.info = "%1$s: aggiornare informazioni guest su host\nUtilizzo: %2$s %3$s aggiorna \n\nComandi secondari:\n aggiorna : aggiornare informazioni identificate da \n può essere "rete"\n" - -help.logging = "%1$s: modifica la registrazione di Tools\nUtilizzo: %2$s %3$s level \n\nComandi secondari:\n get : visualizza il livello corrente\n NOTA: se il livello non è presente in tools.conf, viene\n restituito il valore corrispondente della configurazione globale se disponibile\n set : imposta il livello corrente\n\n può essere qualsiasi servizio supportato, come vmsvc o vmusr\n può essere error, critical, warning, info, message o debug\n il valore predefinito è %4$s\n" - -help.main = "Utilizzo: %1$s [opzioni] [comando secondario]\nDigitare '%2$s %3$s ' per visualizzare informaziomi su un comando specifico.\nDigitare '%4$s -v' per visualizzare la versione di VMware Tools.\nUtilizzare l'opzione '-q' per eliminare l'output stdout.\nLa maggior parte dei comandi accetta un comando secondario.\n\nComandi disponibili:\n config\n device\n disk (non disponibile in tutti i sistemi operativi)\n globalconf (non disponibile in tutti i sistemi operativi)\n gueststore (non disponibile in tutti i sistemi operativi)\n info\n logging\n script\n stat\n timesync\n upgrade (non disponibile in tutti i sistemi operativi)\n" - -help.script = "%1$s: controlla gli script eseguiti in risposta alle operazioni di alimentazione\nUtilizzo: %2$s %3$s [argomenti]\n\nComandi secondari:\n enable: abilita lo script dato e ripristina il suo percorso sul valore predefinito\n disable: disabilita lo script dato\n set : imposta lo script dato sul percorso dato\n default: stampa il percorso predefinito dello script dato\n current: stampa il percorso corrente dello script dato\n NOTA: se il percorso non è presente in tools.conf, viene\n restituito il valore corrispondente della configurazione globale se disponibile\n" - -help.stat = "%1$s: stampare informazioni utili su guest e host\nUtilizzo: %2$s %3$s \n\nComandi secondari:\n hosttime: stampare il tempo dell'host\n speed: stampare la velocità della CPU in MHz\nESX ospita solo comandi secondari:\n sessionid: stampare l'id della sessione corrente\n balloon: stampare le informazioni di ballooning della memoria\n swap: stampare le informazioni di swap della memoria\n memlimit: stampare le informazioni di limite della memoria\n memres: stampare le informazioni di prenotazione della memoria\n cpures: stampare le informazioni di prenotazione della CPU\n cpulimit: stampare le informazioni di limite della CPU\n raw [ ]: stampare informazioni stato non elaborate\n può essere "text", "json", "xml", "yaml".\n include sessione, host, risorse, vscsi e\n vnet (alcuni stati, come vscsi, sono composti da due parole, ad es. "vscsi scsi0:0").\n Stampa gli stati disponibili se e \n non sono argomenti specificati.\n" - -help.timesync = "%1$s: funzioni per il controllo di sincronizzazione dell'ora sul sistema operativo guest\nUtilizzo: %2$s %3$s \n\nComandi secondari:\n attiva: attivare la sincronizzazione dell'ora\n disattiva: disattivare la sincronizzazione dell'ora\n stato: stampare lo stato di sincronizzazione dell'ora\n" - -help.upgrade = "%1$s: funzioni relative all'aggiornamento di VMware Tools.\nUtilizzo: %2$s %3$s [args]\nComandi secondari:\n stato: controllare lo stato di aggiornamento di VMware Tools.\n avvio: avviare un aggiornamento automatico di VMware Tools.\n\nPer il funzionamento degli aggiornamenti, il servizio VMware Tools deve essere in esecuzione.\n" - -globalconf.refresh.failed = "'%1$s' non riuscito perché il modulo globalconf è disabilitato.\n" - -globalconf.start_vmtools = "%1$s: avvio del servizio %2$s.\n" - -globalconf.status = "Lo stato del modulo globalconf è '%1$s'\n" - -globalconf.stop_vmtools = "%1$s: arresto del servizio %2$s.\n" - -globalconf.update_config = "%1$s: aggiornamento della configurazione.\n" - -gueststore.content_size = "Dimensioni dei contenuti in byte: " - -gueststore.error.client_lib = "'%1$s' non riuscito, errore della libreria client GuestStore: %2$s.\n" - -gueststore.progress = "\rAvanzamento: %1$d%%" - -option.disabled = "Disabilitato" - -option.enabled = "Abilitata" - -result.error.failed = "'%1$s' non riuscito. Controllare il registro %2$s per ulteriori informazioni.\n" - -result.succeeded = "'%1$s' riuscito.\n" - -script.notfound = "%1$s inesistente.\n" - -script.operation = "operazione" - -script.unknownop = "Nessuno script per l'operazione %1$s.\n" - -script.write.error = "Errore durante la scrittura della configurazione: %1$s\n" - -stat.balloon.failed = "Impossibile ottenere la memoria dinamica: %1$s\n" - -stat.cpumax.failed = "Impossibile ottenere il limite di CPU: %1$s\n" - -stat.cpumin.failed = "Impossibile ottenere il minimo di CPU: %1$s\n" - -stat.formattime.failed = "Impossibile formattare l'ora host.\n" - -stat.get.failed = "Impossibile ottenere statistiche: %1$s\\n" - -stat.getsession.failed = "Impossibile ottenere l'ID sessione: %1$s\n" - -stat.getspeed.failed = "Impossibile ottenere la velocità del processore.\n" - -stat.gettime.failed = "Impossibile ottenere l'ora host.\n" - -stat.maxmem.failed = "Impossibile ottenere il limite di memoria: %1$s\n" - -stat.memres.failed = "Impossibile ottenere la prenotazione di memoria: %1$s\n" - -stat.memswap.failed = "Impossibile ottenere la memoria di swap: %1$s\n" - -stat.openhandle.failed = "OpenHandle non riuscito: %1$s\n" - -stat.update.failed = "UpdateInfo non riuscito: %1$s\n" - -stat.processorSpeed.info = "%1$u MHz\n" - -stat.memoryBalloon.info = "%1$u MB\n" - -stat.memoryReservation.info = "%1$u MB\n" - -stat.memorySwapped.info = "%1$u MB\n" - -stat.memoryLimit.info = "%1$u MB\n" - -stat.cpuReservation.info = "%1$u MHz\n" - -stat.cpuLimit.info = "%1$u MHz\n" - -upgrade.available = "È disponibile una nuova versione di VMware Tools.\n" - -upgrade.error.check_error = "Errore durante il controllo della disponibilità di aggiornamenti.\n" - -upgrade.error.error = "Errore durante l'avvio dell'aggiornamento di VMware Tools.\n" - -upgrade.error.not_supported = "Aggiornamento automatico di VMware Tools non supportato dall'host.\n" - -upgrade.error.unknown_reply = "Risposta host imprevista: %1$s\n" - -upgrade.started = "Aggiornamento avviato.\n" - -upgrade.uptodate = "VMware Tools è aggiornato.\n" - diff --git a/open-vm-tools/toolbox/l10n/ko.vmsg b/open-vm-tools/toolbox/l10n/ko.vmsg index 3dbd0d90f..e69de29bb 100644 --- a/open-vm-tools/toolbox/l10n/ko.vmsg +++ b/open-vm-tools/toolbox/l10n/ko.vmsg @@ -1,206 +0,0 @@ -########################################################## -# Copyright (c) 2010-2017,2020-2022 VMware, Inc. All rights reserved. -# -# This program is free software; you can redistribute it and/or modify it -# under the terms of the GNU Lesser General Public License as published -# by the Free Software Foundation version 2.1 and no later version. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY -# or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public -# License for more details. -# -# You should have received a copy of the GNU Lesser General Public License -# along with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. -# -########################################################## - -arg.command = "명령" - -arg.config.key = "구성 키" - -arg.config.operation = "구성 작업" - -arg.config.section = "구성 섹션" - -arg.config.value = "구성 값" - -arg.devicename = "디바이스 이름" - -arg.info.class = "정보 정보 클래스" - -arg.info.subcommand = "정보 작업" - -arg.logging.level = "로깅 수준" - -arg.logging.service = "로깅 서비스 이름" - -arg.logging.subcommand = "로깅 작업" - -arg.mountpoint = "마운트 지점" - -arg.scriptpath = "스크립트 경로" - -arg.scripttype = "스크립트 유형" - -arg.subcommand = "하위 명령" - -device.connect.error = "디바이스 %1$s에 연결할 수 없습니다.\n" - -device.disconnect.error = "디바이스 %1$s의 연결을 끊을 수 없습니다.\n" - -device.notfound = "인터페이스 정보 가져오기 오류: 디바이스를 찾을 수 없습니다.\n" - -disk.shrink.canceled = "디스크 축소가 취소되었습니다.\n" - -disk.shrink.complete = "디스크 축소가 완료되었습니다.\n" - -disk.shrink.conflict = "오류. 도구 상자에서는 디스크 축소를 사용한다고 간주하는 반면 호스트에서는 디스크 축소를 사용하지 않는다고 간주합니다.\n\n도구 상자를 닫았다가 다시 열어 이 설정을 호스트와 동기화하십시오.\n" - -disk.shrink.disabled = "이 가상 시스템에 대해 디스크 축소가 사용되지 않습니다.\n\n링크드 클론, 링크드 클론의 상위, 미리 할당된 디스크, 스냅샷에 대해 \n축소가 사용되지 않거나 다른 원인 때문일 수 있습니다. \n자세한 내용은 사용 설명서를 참조하십시오.\n" - -disk.shrink.error = "축소하는 동안 오류 발생: %1$s\n" - -disk.shrink.incomplete = "축소가 완료되지 않았습니다.\n" - -disk.shrink.partition.error = "파티션 데이터를 수집할 수 없습니다.\n" - -disk.shrink.partition.notfound = "파티션 %1$s을(를) 찾을 수 없음\n" - -disk.shrink.partition.unsupported = "파티션 %1$s 축소 불가능\n" - -disk.shrink.unavailable = "축소 기능을 사용할 수 없습니다.\n\n이전 버전의 VMware 제품을 실행하고 있거나 통신 채널이 너무 많이 열려 있기 때문입니다.\n\n이전 버전의 VMware 제품을 실행하고 있는 경우에는 업그레이드를 고려해 보십시오.\n너무 많은 통신 채널이 열려 있는 경우에는 가상 시스템의 전원을 껐다가 다시 켜야 합니다.\n" - -disk.shrink.ignoreFreeSpaceWarnings = "축소 프로세스가 실행되는 동안에는 디스크 공간에 대한 주의를 무시하십시오.\n" - -disk.wipe.ignoreFreeSpaceWarnings = "지우기 프로세스가 실행되는 동안에는 디스크 공간에 대한 주의를 무시하십시오.\n" - -disk.wiper.file.error = "오류. 와이퍼 파일을 생성할 수 없습니다.\n" - -disk.wiper.progress = "\r진행률: %1$d" - -error.message = "오류: %1$s\n" - -error.missing = "%1$s: %2$s이(가) 없음\n" - -error.noadmin.posix = "%1$s: %2$s 작업은 루트 사용자만 수행할 수 있습니다.\n" - -error.noadmin.win = "%1$s: %2$s 작업을 수행하려면 관리자 권한이 필요합니다.\n이러한 작업을 완료하려면 관리자 명령 프롬프트를 사용하십시오.\n" - -error.novirtual = "%1$s은(는) 가상 시스템 내부에서 실행해야 합니다.\n" - -error.unknown = "%1$s: 알 수 없는 %2$s '%3$s'\n" - -help.config = "%1$s: 도구 구성 수정\n사용법: %2$s %3$s <하위 명령>\n\n하위 명령:\n <섹션> <키> 획득: <키>에 대한 현재 값 표시\n 참고: <키>이(가) tools.conf에 없으면\n전역 구성의 값이 반환됩니다(있을 경우).\n<섹션> <키> <값> 설정: <키>을(를) <값>(으)로 설정\n\n<섹션> <키> 제거: <키> 제거\n\n<섹션>은(는) 어떤 섹션(예: logging, guestoperations 또는 guestinfo)이라도 될 수 있습니다.\n<키>은(는) 어떤 구성 키라도 될 수 있습니다.\n<값>은(는) 어떤 값이라도 될 수 있습니다.\n" - -help.device = "%1$s: 가상 시스템의 하드웨어 디바이스와 관련된 기능\n사용법: %2$s %3$s <하위 명령> [인수]\ndev는 디바이스 이름입니다.\n\n하위 명령:\n enable : 디바이스 dev가 사용되도록 설정합니다.\n disable : 디바이스 dev가 사용되지 않도록 설정합니다.\n list: 사용 가능한 모든 디바이스를 나열합니다.\n status : 디바이스의 상태를 출력합니다.\n" - -help.disk = "%1$s: 디스크 축소 작업을 수행합니다.\n사용법: %2$s %3$s <하위명령> [인수]\n\n하위 명령:\n list: 사용 가능한 위치를 나열합니다.\n shrink <위치>: 지정된 위치에서 파일 시스템을 지우고 축소합니다.\n shrinkonly: 모든 디스크를 축소합니다.\n wipe <위치>: 지정된 위치에서 파일 시스템을 지웁니다.\n" - -help.globalconf = "%1$s: GuestStore에서의 전역 구성 다운로드를 관리합니다.\n사용법: %2$s %3$s <하위 명령>\n\nESX 게스트 전용 하위 명령:\n사용: 전역 구성 모듈을 사용하도록 설정합니다.\n 사용 안 함: 전역 구성 모듈을 사용하지 않도록 설정합니다.\n 새로 고침: GuestStore에서의 전역 구성 새 다운로드를 트리거합니다.\n 상태: 전역 구성 모듈의 상태를 인쇄합니다.\n" - -help.gueststore = "%1$s: GuestStore에서 리소스 콘텐츠 가져오기\사용법: %2$s %3$s <하위 명령>\n\nESX 게스트 전용 하위 명령:\n <리소스 경로> <출력 파일> 콘텐츠 가져오기: GuestStore에서 리소스 콘텐츠를 가져온 후 출력 파일에 저장합니다.\n\n<리소스 경로>은(는) /로 시작하고 GuestStore의 고유한 리소스를 나타냅니다. /로 끝나는 경우 기본 'metadata. json' 리소스를 검색합니다.\n<파일 출력>은(는) 리소스 콘텐츠를 저장할 파일의 경로입니다.\n" - -help.hint = "자세한 내용을 보려면 '%1$s %2$s%3$s%4$s'을(를) 시도해 보십시오.\n" - -help.info = "%1$s: 호스트에서 게스트 정보 업데이트\n사용법: %2$s %3$s 업데이트 <정보 클래스>\n\n하위 명령:\n update <정보 클래스>: <정보 클래스>에서 식별한 정보 업데이트\n<정보 클래스>는 '네트워크'일 수 있음\n" - -help.logging = "%1$s: 도구 로깅 수정\n사용법: %2$s %3$s 수준 <하위 명령> <서비스 이름> <수준>\n\n하위 명령:\n <서비스 이름> 가져오기: 현재 수준 표시\n 참고: 도구 구성에 수준이 없으면\n전역 구성의 값이 반환됩니다(있을 경우).\n <서비스 이름> <수준> 설정: 현재 수준 설정\n\n<서비스 이름>은(는) vmsvc 또는 vmusr과 같은 지원 서비스일 수 있습니다.\n<수준>은(는) 오류, 중요, 경고, 정보, 메시지, 디버그 중 하나일 수 있습니다.\n 기본값은 %4$s입니다.\n" - -help.main = "사용법: %1$s <명령> [옵션] [하위 명령]\n특정 명령에 대한 도움말을 보려면 '%2$s %3$s <명령>'을(를) 입력합니다.\nVMware Tools 버전을 확인하려면 '%4$s -v'를 입력합니다.\nstdout 출력을 표시하지 않으려면 '-q' 옵션을 사용합니다.\n대부분의 명령에 하위 명령이 사용됩니다.\n\n사용 가능한 명령:\n config\n device\n disk(일부 운영 체제에서만 사용할 수 있음)\n globalconf(일부 운영 체제에서만 사용할 수 있음)\n gueststore(일부 운영 체제에서만 사용할 수 있음)\n info\n logging\n script\n stat\n timesync\n upgrade(일부 운영 체제에서만 사용할 수 있음)\n" - -help.script = "%1$s: 전원 작업에 대한 응답으로 실행되는 스크립트를 제어합니다.\n사용법: %2$s %3$s <하위 명령> [인수]\n\n하위 명령:\n 사용: 지정된 스크립트가 사용되도록 설정하고 해당 경로를 기본값으로 복원합니다.\n 사용 안 함: 지정된 스크립트가 사용되지 않도록 설정합니다.\n <전체_경로> 설정: 지정된 스크립트를 지정된 경로로 설정합니다.\n 기본값: 지정된 스크립트의 기본 경로를 출력합니다.\n 현재: 지정된 스크립트의 현재 경로를 출력합니다.\n 참고: 경로가 tools.conf에 없는 경우\n 전역 구성의 값이 반환됩니다(있는 경우)\n" - -help.stat = "%1$s: 유용한 게스트 및 호스트 정보 인쇄\n사용법: %2$s %3$s <하위 명령>\n\n하위 명령:\n hosttime: 호스트 시간 인쇄\n speed: CPU 속도(MHz) 인쇄\nESX 게스트 전용 하위 명령:\n sessionid: 현재 세션 ID 인쇄\n balloon: 메모리 벌루닝 정보 인쇄\n swap: 메모리 스와핑 정보 인쇄\n memlimit: 메모리 제한 정보 인쇄\n memres: 메모리 예약 정보 인쇄\n cpures: CPU 예약 정보 인쇄\n cpulimit: CPU 제한 정보 인쇄\n raw [<인코딩> <통계 이름>]: 원시 통계 정보 인쇄\n <인코딩>은 'text', 'json', 'xml', 'yaml' 중 하나일 수 있습니다.\n <통계 이름>은 세션, 호스트, 리소스, vscsi 및\n vnet을 포함합니다(vscsi와 같은 일부 통계는 'vscsi scsi0:0'과 같이 2개의 단어로 구성됨).\n <인코딩> 및 <통계 이름>\n 인수가 지정되지 않은 경우 사용 가능한 통계를 인쇄합니다.\n" - -help.timesync = "%1$s: 게스트 OS의 시간 동기화 제어 기능\n사용법: %2$s %3$s <하위 명령>\n\n하위 명령:\n enable: 시간 동기화 사용\n disable: 시간 동기화 사용 안 함\n status: 시간 동기화 상태 인쇄\n" - -help.upgrade = "%1$s: VMware Tools 업그레이드와 관련된 기능입니다.\n사용법: %2$s %3$s <하위 명령> [인수]\n하위 명령:\n status: VMware Tools 업그레이드 상태를 확인합니다.\n start: VMware Tools의 자동 업그레이드를 시작합니다.\n\n업그레이드가 수행되려면 VMware Tools 서비스가 실행되어야 합니다.\n" - -globalconf.refresh.failed = "전역 구성 모듈을 사용하지 않도록 설정했으므로 '%1$s'이(가) 실패했습니다.\n" - -globalconf.start_vmtools = "%1$s: %2$s 서비스를 시작하는 중입니다.\n" - -globalconf.status = "전역 구성 모듈의 상태는 '%1$s'입니다.\n" - -globalconf.stop_vmtools = "%1$s: %2$s 서비스를 중지하는 중입니다.\n" - -globalconf.update_config = "%1$s: 구성을 업데이트하는 중입니다.\n" - -gueststore.content_size = "콘텐츠 크기(바이트): " - -gueststore.error.client_lib = "'%1$s'이(가) 실패했습니다. GuestStore 클라이언트 라이브러리 오류: %2$s.\n" - -gueststore.progress = "\r진행: %1$d%%" - -option.disabled = "사용 안 함" - -option.enabled = "사용" - -result.error.failed = "'%1$s'이(가) 실패했습니다. 자세한 내용은 %2$s 로그를 확인하십시오.\n" - -result.succeeded = "'%1$s'이(가) 성공했습니다.\n" - -script.notfound = "%1$s이(가) 없습니다.\n" - -script.operation = "작업" - -script.unknownop = "작업 %1$s에 대한 스크립트가 없습니다.\n" - -script.write.error = "구성을 쓰는 동안 오류 발생: %1$s\n" - -stat.balloon.failed = "풍선 메모리를 가져오지 못했습니다. %1$s\n" - -stat.cpumax.failed = "CPU 제한을 가져오지 못했습니다. %1$s\n" - -stat.cpumin.failed = "CPU 최소값을 가져오지 못했습니다. %1$s\n" - -stat.formattime.failed = "호스트 시간의 형식을 지정할 수 없습니다.\n" - -stat.get.failed = "통계를 가져오지 못했습니다. %1$s\n" - -stat.getsession.failed = "세션 ID를 가져오지 못했습니다. %1$s\n" - -stat.getspeed.failed = "프로세서 속도를 가져올 수 없습니다.\n" - -stat.gettime.failed = "호스트 시간을 가져올 수 없습니다.\n" - -stat.maxmem.failed = "메모리 제한을 가져오지 못했습니다. %1$s\n" - -stat.memres.failed = "메모리 예약을 가져오지 못했습니다. %1$s\n" - -stat.memswap.failed = "스와핑된 메모리를 가져오지 못했습니다. %1$s\n" - -stat.openhandle.failed = "OpenHandle 실패: %1$s\n" - -stat.update.failed = "UpdateInfo 실패: %1$s\n" - -stat.processorSpeed.info = "%1$uMHz\n" - -stat.memoryBalloon.info = "%1$uMB\n" - -stat.memoryReservation.info = "%1$uMB\n" - -stat.memorySwapped.info = "%1$uMB\n" - -stat.memoryLimit.info = "%1$uMB\n" - -stat.cpuReservation.info = "%1$uMHz\n" - -stat.cpuLimit.info = "%1$uMHz\n" - -upgrade.available = "VMware Tools의 새 버전을 사용할 수 있습니다.\n" - -upgrade.error.check_error = "업그레이드 제공 여부를 확인하는 동안 오류가 발생했습니다.\n" - -upgrade.error.error = "VMware Tools 업그레이드를 시작하는 동안 오류가 발생했습니다.\n" - -upgrade.error.not_supported = "호스트에서 VMware Tools의 자동 업그레이드를 지원하지 않습니다.\n" - -upgrade.error.unknown_reply = "예기치 않은 호스트 응답: %1$s\n" - -upgrade.started = "업그레이드가 시작되었습니다.\n" - -upgrade.uptodate = "VMware Tools가 최신 버전입니다.\n" - diff --git a/open-vm-tools/toolbox/l10n/zh_CN.vmsg b/open-vm-tools/toolbox/l10n/zh_CN.vmsg index d6a8ca091..e69de29bb 100644 --- a/open-vm-tools/toolbox/l10n/zh_CN.vmsg +++ b/open-vm-tools/toolbox/l10n/zh_CN.vmsg @@ -1,206 +0,0 @@ -########################################################## -# Copyright (c) 2010-2017,2020-2022 VMware, Inc. All rights reserved. -# -# This program is free software; you can redistribute it and/or modify it -# under the terms of the GNU Lesser General Public License as published -# by the Free Software Foundation version 2.1 and no later version. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY -# or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public -# License for more details. -# -# You should have received a copy of the GNU Lesser General Public License -# along with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. -# -########################################################## - -arg.command = "命令" - -arg.config.key = "配置项" - -arg.config.operation = "配置操作" - -arg.config.section = "配置节" - -arg.config.value = "配置值" - -arg.devicename = "设备名称" - -arg.info.class = "信息的信息类" - -arg.info.subcommand = "信息操作" - -arg.logging.level = "日志记录级别" - -arg.logging.service = "日志记录服务名" - -arg.logging.subcommand = "日志记录操作" - -arg.mountpoint = "挂载点" - -arg.scriptpath = "脚本路径" - -arg.scripttype = "脚本类型" - -arg.subcommand = "子命令" - -device.connect.error = "无法连接设备 %1$s。\n" - -device.disconnect.error = "无法断开与设备 %1$s 的连接。\n" - -device.notfound = "获取接口信息时出错: 未找到设备。\n" - -disk.shrink.canceled = "磁盘缩小已取消。\n" - -disk.shrink.complete = "磁盘缩小完成。\n" - -disk.shrink.conflict = "错误,工具箱认为已启用磁盘压缩,而主机认为已禁用磁盘压缩。\n\n 请关闭再重新打开工具箱,以将其与主机同步。\n" - -disk.shrink.disabled = "为该虚拟机禁用了磁盘压缩。\n\n由于链接的克隆、链接克隆的父级、\n预分配的磁盘、快照或其他因素,已禁用压缩。\n有关详细信息,请参见用户手册。\n" - -disk.shrink.error = "缩小时出现错误: %1$s\n" - -disk.shrink.incomplete = "缩小未完成。\n" - -disk.shrink.partition.error = "无法收集分区数据。\n" - -disk.shrink.partition.notfound = "无法找到分区 %1$s\n" - -disk.shrink.partition.unsupported = "分区 %1$s 不可缩小\n" - -disk.shrink.unavailable = "压缩功能不可用,\n\n这是因为您运行较低版本的 VMware 产品,或者打开的通信通道太多。\n\n如果运行的是较低版本的 VMware 产品,应考虑进行升级。\n\n如果打开的通信通道太多,应关闭虚拟机的电源,然后重新打开虚拟机的电源。\n" - -disk.shrink.ignoreFreeSpaceWarnings = "请忽略压缩过程期间有关磁盘空间的任何警告。\n" - -disk.wipe.ignoreFreeSpaceWarnings = "请忽略擦除过程期间有关磁盘空间的任何警告。\n" - -disk.wiper.file.error = "错误,无法创建擦除器文件。\n" - -disk.wiper.progress = "\r进度:%1$d" - -error.message = "错误: %1$s\n" - -error.missing = "%1$s: 缺失 %2$s\n" - -error.noadmin.posix = "%1$s: 您必须是 root 用户才能执行 %2$s 操作。\n" - -error.noadmin.win = "%1$s: 需要具有管理员权限才能执行 %2$s 操作。\n请使用管理员命令提示符完成这些任务。\n" - -error.novirtual = "%1$s 必须在虚拟机内部运行。\n" - -error.unknown = "%1$s: %2$s“%3$s”未知\n" - -help.config = "%1$s: 修改 Tools 配置\n用法: %2$s %3$s <子命令>\n\n子命令:\n get <节> <项>: 显示 <项> 的当前值\n 注意: 如果 tools.conf 中不存在 <项>,\n 则返回全局配置中的值 (如果存在)\n set <节> <项> <值>: 将 <项> 设置为 <值>\n\n remove <节> <项>: 移除 <项>\n\n<节> 可以是受支持的任何节,如 logging、guestoperations 或 guestinfo。\n<项> 可以是任何配置项。\n<值> 可以是任何值。\n" - -help.device = "%1$s: 与虚拟机的硬件设备相关的功能\n用法: %2$s %3$s <子命令> [参数]\ndev 是设备的名称。\n\n子命令:\n enable : 启用设备 dev\n disable : 禁用设备 dev\n list: 列出所有可用的设备\n status : 打印设备的状态\n" - -help.disk = "%1$s: 执行磁盘压缩操作\n用法: %2$s %3$s <子命令> [参数]\n\n子命令:\n list: 列出可用的位置\n shrink <位置>: 擦除并压缩指定位置的文件系统\n shrinkonly: 压缩所有磁盘\n wipe <位置>: 擦除指定位置的文件系统\n" - -help.globalconf = "%1$s: 管理从 GuestStore 下载的全局配置\n用法: %2$s %3$s <子命令>\n\n仅 ESX 客户机子命令:\n enable: 启用全局配置模块\n disable: 禁用全局配置模块\n refresh: 从 GuestStore 触发全局配置的新下载\n status: 打印全局配置模块的状态\n" - -help.gueststore = "%1$s: 从 GuestStore 获取资源内容\n用法: %2$s %3$s <子命令>\n\n仅 ESX 客户机子命令:\n getcontent <资源路径> <输出文件>: 从 GuestStore 获取资源内容并保存到输出文件。\n\n<资源路径> 以“/”开头,并代表 GuestStore 中的唯一资源。如果以“/”结尾,则默认检索底层的“metadata.json”资源。\n<输出文件> 是将资源内容保存到的文件的路径。\n" - -help.hint = "有关详细信息,请尝试“%1$s %2$s%3$s%4$s”。\n" - -help.info = "%1$s: 更新主机上的来宾信息\n用法: %2$s %3$s update <信息类>\n\n子命令:\n update <信息类>: 更新由 <信息类> 标识的信息\n<信息类> 可以为“network”\n" - -help.logging = "%1$s: 修改 Tools 日志记录\n用法: %2$s %3$s level <子命令> <服务名> <级别>\n\n子命令:\n get <服务名>: 显示当前的级别\n 注意: 如果 tools.conf 中不存在该级别,\n 则返回全局配置中的值 (如果存在)\n set <服务名> <级别>: 设置当前级别\n\n<服务名> 可以是受支持的任何服务,包括 vmsvc 或 vmusr\n<级别> 可以是 error、critical、warning、info、message 或 debug 中的一种\n 默认为 %4$s\n" - -help.main = "用法: %1$s <命令> [选项] [子命令]\n键入“%2$s %3$s <命令>”可获取有关特定命令的帮助。\n键入“%4$s -v”可查看 VMware Tools 版本。\n使用“-q”选项可取消 stdout 输出。\n大多数命令都有子命令。\n\n可用命令:\n config\n device\n disk (并非所有操作系统都支持)\n globalconf (并非所有操作系统都支持)\n gueststore (并非所有操作系统都支持)\n info\n logging\n script\n stat\n timesync\n upgrade (并非所有操作系统都支持)\n" - -help.script = "%1$s: 控制脚本运行以响应打开电源操作\n用法: %2$s %3$s <子命令> [参数]\n\n子命令:\n enable: 启用给定脚本,并将其路径恢复为默认值\n disable: 禁用给定脚本\n set <完整路径>: 将给定脚本设置为给定路径\n default: 打印给定脚本的默认路径\n current: 打印给定脚本的当前路径\n 注意: 如果 tools.conf 中不存在该路径,\n 则返回全局配置中的值 (如果存在)\n" - -help.stat = "%1$s: 打印有用的来宾和主机信息\n用法: %2$s %3$s <子命令>\n\n子命令:\n hosttime: 打印主机时间\n speed: 打印 CPU 速度 (以 MHz 为单位)\n仅 ESX 来宾子命令:\n sessionid: 打印当前会话 id\n balloon: 打印内存扩大信息\n swap: 打印内存交换信息\n memlimit: 打印内存限制信息\n memres: 打印内存保留信息\n cpures: 打印 CPU 保留信息\n cpulimit: 打印 CPU 限制信息\n raw [<编码> <统计名称>]: 打印原始统计信息\n <编码> 可以为“text”、“json”、“xml”和“yaml”之一。\n <统计名称> 包括 session、host、resources、vscsi 和\n vnet (诸如 vscsi 之类的某些统计由两个单词组成,例如“vscsi scsi0:0”)。\n 如果未指定 <编码> 和 <统计名称> 参数,\n 则会打印可用的统计信息。\n" - -help.timesync = "%1$s: 用于控制来宾操作系统上的时间同步的功能\n用法: %2$s %3$s <子命令>\n\n子命令:\n enable: 启用时间同步\n disable: 禁用时间同步\n status: 打印时间同步状态\n" - -help.upgrade = "%1$s: 与升级 VMware Tools 相关的功能。\n用法: %2$s %3$s <子命令> [参数]\n子命令:\n status: 检查 VMware Tools 升级状态。\n start: 启动 VMware Tools 自动升级。\n\n要使升级正常进行,需要运行 VMware Tools 服务。\n" - -globalconf.refresh.failed = "“%1$s”失败,因为 globalconf 模块已禁用。\n" - -globalconf.start_vmtools = "%1$s: 正在启动 %2$s 服务。\n" - -globalconf.status = "globalconf 模块的状态为“%1$s”\n" - -globalconf.stop_vmtools = "%1$s: 正在停止 %2$s 服务。\n" - -globalconf.update_config = "%1$s: 正在更新配置。\n" - -gueststore.content_size = "内容大小 (字节): " - -gueststore.error.client_lib = "“%1$s”失败,GuestStore 客户端库错误: %2$s。\n" - -gueststore.progress = "\r进度: %1$d%%" - -option.disabled = "已禁用" - -option.enabled = "已启用" - -result.error.failed = "“%1$s”失败,请查看 %2$s 日志,以查看更多信息。\n" - -result.succeeded = "“%1$s”成功。\n" - -script.notfound = "%1$s 不存在。\n" - -script.operation = "操作" - -script.unknownop = "没有用于操作 %1$s 的脚本。\n" - -script.write.error = "写入配置时出错: %1$s\n" - -stat.balloon.failed = "无法获取虚拟增长内存: %1$s\n" - -stat.cpumax.failed = "无法获取 CPU 限制: %1$s\n" - -stat.cpumin.failed = "无法获取 CPU 下限: %1$s\n" - -stat.formattime.failed = "无法格式化主机时间。\n" - -stat.get.failed = "无法获取统计信息: %1$s\n" - -stat.getsession.failed = "无法获取会话 ID: %1$s\n" - -stat.getspeed.failed = "无法获取处理器速度。\n" - -stat.gettime.failed = "无法获取主机时间。\n" - -stat.maxmem.failed = "无法获取内存限制: %1$s\n" - -stat.memres.failed = "无法获取内存预留: %1$s\n" - -stat.memswap.failed = "无法获取已交换内存: %1$s\n" - -stat.openhandle.failed = "OpenHandle 失败: %1$s\n" - -stat.update.failed = "UpdateInfo 失败: %1$s\n" - -stat.processorSpeed.info = "%1$u MHz\n" - -stat.memoryBalloon.info = "%1$u MB\n" - -stat.memoryReservation.info = "%1$u MB\n" - -stat.memorySwapped.info = "%1$u MB\n" - -stat.memoryLimit.info = "%1$u MB\n" - -stat.cpuReservation.info = "%1$u MHz\n" - -stat.cpuLimit.info = "%1$u MHz\n" - -upgrade.available = "新版本的 VMware Tools 可用。\n" - -upgrade.error.check_error = "检查升级可用性时出错。\n" - -upgrade.error.error = "启动 VMware Tools 升级时出错。\n" - -upgrade.error.not_supported = "主机不支持自动升级 VMware Tools。\n" - -upgrade.error.unknown_reply = "主机回复异常: %1$s\n" - -upgrade.started = "升级已开始。\n" - -upgrade.uptodate = "VMware Tools 为最新版本。\n" - diff --git a/open-vm-tools/toolbox/l10n/zh_TW.vmsg b/open-vm-tools/toolbox/l10n/zh_TW.vmsg index 34d51323d..e69de29bb 100644 --- a/open-vm-tools/toolbox/l10n/zh_TW.vmsg +++ b/open-vm-tools/toolbox/l10n/zh_TW.vmsg @@ -1,206 +0,0 @@ -########################################################## -# Copyright (c) 2010-2017,2020-2022 VMware, Inc. All rights reserved. -# -# This program is free software; you can redistribute it and/or modify it -# under the terms of the GNU Lesser General Public License as published -# by the Free Software Foundation version 2.1 and no later version. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY -# or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public -# License for more details. -# -# You should have received a copy of the GNU Lesser General Public License -# along with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. -# -########################################################## - -arg.command = "命令" - -arg.config.key = "組態金鑰" - -arg.config.operation = "組態作業" - -arg.config.section = "組態區段" - -arg.config.value = "組態值" - -arg.devicename = "裝置名稱" - -arg.info.class = "資訊的資訊類別" - -arg.info.subcommand = "資訊作業" - -arg.logging.level = "記錄層級" - -arg.logging.service = "記錄服務名稱" - -arg.logging.subcommand = "記錄作業" - -arg.mountpoint = "掛接點" - -arg.scriptpath = "指令碼路徑" - -arg.scripttype = "指令碼類型" - -arg.subcommand = "子命令" - -device.connect.error = "無法連線裝置 %1$s。\n" - -device.disconnect.error = "無法中斷與裝置 %1$s 的連線。\n" - -device.notfound = "擷取介面資訊時發生錯誤: 找不到裝置。\n" - -disk.shrink.canceled = "已取消磁碟壓縮。\n" - -disk.shrink.complete = "磁碟壓縮完成。\n" - -disk.shrink.conflict = "錯誤,工具箱認為已啟用磁碟壓縮,但主機認為已停用磁碟壓縮。\n\n請關閉工具箱後再重新開啟,使其與主機同步。\n" - -disk.shrink.disabled = "此虛擬機器已停用磁碟壓縮。\n\n針對連結複製、連結複製的父系、\n預先配置的磁碟及快照,或由於其他因素,已停用壓縮。\n如需詳細資訊,請參閱使用者手冊。\n" - -disk.shrink.error = "壓縮時發生錯誤: %1$s\n" - -disk.shrink.incomplete = "未完成壓縮。\n" - -disk.shrink.partition.error = "無法收集磁碟分割資料。\n" - -disk.shrink.partition.notfound = "找不到磁碟分割 %1$s\n" - -disk.shrink.partition.unsupported = "磁碟分割 %1$s 不可壓縮\n" - -disk.shrink.unavailable = "壓縮功能無法使用,\n\n因為您正在執行舊版 VMware 產品,或者已開啟過多通訊通道。\n\n如果您正在執行舊版 VMware 產品,請考慮進行升級。\n\n如果已開啟過多通訊通道,請關閉虛擬機器的電源,然後重新開啟其電源。\n" - -disk.shrink.ignoreFreeSpaceWarnings = "請忽略壓縮程序期間有關磁碟空間的任何警告。\n" - -disk.wipe.ignoreFreeSpaceWarnings = "請忽略抹除程序期間有關磁碟空間的任何警告。\n" - -disk.wiper.file.error = "錯誤,無法建立抹除器檔案。\n" - -disk.wiper.progress = "\r進度: %1$d" - -error.message = "錯誤: %1$s\n" - -error.missing = "%1$s: 遺失 %2$s\n" - -error.noadmin.posix = "%1$s: 您必須是根使用者才能執行 %2$s 作業。\n" - -error.noadmin.win = "%1$s: 需要管理員權限才能執行 %2$s 作業。\n請使用管理員命令提示字元來完成這些工作。\n" - -error.novirtual = "%1$s 必須在虛擬機器中執行。\n" - -error.unknown = "%1$s: 未知 %2$s「%3$s」\n" - -help.config = "%1$s: 修改工具組態\n用法: %2$s %3$s <子命令>\n\n子命令:\n get <區段> <金鑰>: 顯示目前 <金鑰> 的值\n 備註: 如果 tools.conf 中未顯示 <金鑰>,則其\n 在全域組態中的值會在顯示時傳回\n set <區段> <金鑰> <值>: 設定 <金鑰> 至 <值>\n\n remove <區段> <金鑰>: remove <金鑰>\n\n<區段> 可為任何受支援的區段,例如記錄、guestoperations 或 guestinfo。\n<金鑰> 可為任何組態金鑰。\n<值> 可為任何值。\n" - -help.device = "%1$s: 與虛擬機器之硬體裝置相關的功能\n用法: %2$s %3$s [args]\ndev 是裝置名稱。\n\n子命令:\n enable : 啟用裝置 dev\n disable : 停用裝置 dev\n list: 列出所有可用裝置\n status : 列印裝置狀態\n" - -help.disk = "%1$s: 執行磁碟壓縮作業\n用法: %2$s %3$s [args]\n\n子命令:\n list: 列出可用位置\n shrink : 抹除和壓縮指定位置的檔案系統\n shrinkonly: 壓縮所有磁碟\n wipe : 抹除指定位置的檔案系統\n" - -help.globalconf = "%1$s: 從 GuestStore 管理全域組態下載\n用法: %2$s %3$s <子命令>\n\n僅 ESX 客體的子命令:\n enable: 啟用全域組態模組。\n disable: 停用全域組態模組\n refresh: 從 GuestStore 觸發全域組態的新下載\n status: 列印全域組態模組的狀態\n" - -help.gueststore = "%1$s: 從 GuestStore 取得資源內容\n用法: %2$s %3$s <子命令>\n\n僅 ESX 客體的子命令:\n getcontent < 資源路徑 > < 輸出檔案 >: 從 GuestStore 取得資源內容並儲存至輸出檔案。\n\n<資源路徑> 開頭為 /,代表 GuestStore 中的唯一資源。如果結尾為 /,則預設為擷取基礎的「metadata json」資源。\n\n<輸出檔案> 是要儲存資源內容的目標檔案路徑。\n" - -help.hint = "如需詳細資訊,請嘗試「%1$s%2$s%3$s%4$s」。\n" - -help.info = "%1$s: 更新主機上的客體資訊\n用法: %2$s %3$s update <資訊類別>\n\n子命令:\n update <資訊類別>: 更新依 <資訊類別> 識別之資訊\n<資訊類別> 可為「network」\n" - -help.logging = "%1$s: 修改工具記錄\n用法: %2$s %3$s 層級 <子命令> <服務名稱> <層級>\n\n子命令:\n get <服務名稱>: 顯示目前層級\n 備註: 如果 tools.conf 中未顯示,則其\n 在全域組態中的值會在顯示時傳回\n set <服務名稱> <層級>: 設定目前層級\n\n<服務名稱> 可為任何受支援的服務,例如 vmsvc 或 vmusr\n<層級> 可為錯誤、嚴重、警告、資訊、訊息、偵錯之一\n 預設為 %4$s\n" - -help.main = "用法: %1$s <命令> [選項] [子命令]\n輸入「%2$s %3$s <命令>」以取得特定命令的說明。\n輸入「%4$s -v」以查看 VMware Tools 版本。\n使用「-q」選項以隱藏 stdout 輸出。\n大多數命令都有子命令。\n\n可用命令:\n config\n device\n disk (並非所有作業系統皆可使用)\n globalconf (並非所有作業系統皆可使用)\n gueststore (並非所有作業系統皆可使用)\n info\n logging\n script\n stat\n timesync\n upgrade (並非所有作業系統皆可使用)\n" - -help.script = "%1$s: 控制指令碼執行以回應電源作業\n用法: %2$s %3$s <子命令> [args]\n\n子命令:\n enable: 啟用指定指令碼,並將其路徑還原為預設值\n disable: 停用指定指令碼\n set : 將指定指令碼設定為指定路徑\n default: 列印指定指令碼的預設路徑\n current: 列印指定指令碼的目前路徑\n 備註: 如果 tools.conf 中未顯示路徑,則其\n 在全域組態中的值會在顯示時傳回\n" - -help.stat = "%1$s: 列印實用的客體和主機資訊\n用法: %2$s %3$s <子命令>\n\n子命令:\n hosttime: 列印主機時間\n speed: 列印 CPU 速度 (MHz)\n僅 ESX 客體子命令:\n sessionid: 列印目前的工作階段識別碼\n balloon: 列印記憶體佔用資訊\n swap: 列印記憶體交換資訊\n memlimit: 列印記憶體限制資訊\n memres: 列印記憶體保留區資訊\n cpures: 列印 CPU 保留區資訊\n cpulimit: 列印 CPU 限制資訊\n raw [<代碼> <統計名称>]: 列印原始統計資訊\n <代碼> 可為「text」、「json」、「xml」、「yaml」其中之一。\n <統計名称> 包含「session」、「host」、「resources」、「vscsi」和\n vnet」(某些狀態如 vscsi 為兩個字,例如「vscsi scsi0:0」)。\n 如果並未指定引數 <代碼> 和 <統計名称>\n 則列印可用的統計資料。\n" - -help.timesync = "%1$s: 用於控制客體作業系統時間同步的功能\n用法: %2$s %3$s \n\n子命令:\n enable: 啟用時間同步\n disable: 停用時間同步\n status: 列印時間同步狀態\n" - -help.upgrade = "%1$s: 與升級 VMware Tools 相關的功能。\n用法: %2$s %3$s [args]\n子命令:\n status: 檢查 VMware Tools 升級狀態。\n start: 啟動 VMware Tools 自動升級。\n\n若要升級作業正常運作,需要執行 VMware Tools 服務。\n" - -globalconf.refresh.failed = "「%1$s」失敗,因為 globalconf 模組已停用。\n" - -globalconf.start_vmtools = "%1$s: 正在啟動 %2$s 服務。\n" - -globalconf.status = "globalconf 模組的狀態為「%1$s」\n" - -globalconf.stop_vmtools = "%1$s: 正在停止 %2$s 服務。\n" - -globalconf.update_config = "%1$s: 正在更新組態。\n" - -gueststore.content_size = "內容大小 (位元組): " - -gueststore.error.client_lib = "「%1$s」失敗,GuestStore 用戶端程式庫錯誤: %2$s。\n" - -gueststore.progress = "\r進度: %1$d%%" - -option.disabled = "已停用" - -option.enabled = "已啟用" - -result.error.failed = "「%1$s」失敗,請檢查 %2$s 記錄以取得詳細資訊。\n" - -result.succeeded = "「%1$s」成功。\n" - -script.notfound = "%1$s 不存在。\n" - -script.operation = "作業" - -script.unknownop = "沒有用於作業 %1$s 的指令碼。\n" - -script.write.error = "寫入組態時發生錯誤: %1$s\n" - -stat.balloon.failed = "無法取得已佔用的記憶體: %1$s\n" - -stat.cpumax.failed = "無法取得 CPU 限制: %1$s\n" - -stat.cpumin.failed = "無法取得 CPU 下限: %1$s\n" - -stat.formattime.failed = "無法格式化主機時間。\n" - -stat.get.failed = "無法取得統計資料: %1$s\n" - -stat.getsession.failed = "無法取得工作階段識別碼: %1$s\n" - -stat.getspeed.failed = "無法取得處理器速度。\n" - -stat.gettime.failed = "無法取得主機時間。\n" - -stat.maxmem.failed = "無法取得記憶體限制: %1$s\n" - -stat.memres.failed = "無法取得記憶體保留區: %1$s\n" - -stat.memswap.failed = "無法取得已交換的記憶體: %1$s\n" - -stat.openhandle.failed = "OpenHandle 失敗: %1$s\n" - -stat.update.failed = "UpdateInfo 失敗: %1$s\n" - -stat.processorSpeed.info = "%1$u MHz\n" - -stat.memoryBalloon.info = "%1$u MB\n" - -stat.memoryReservation.info = "%1$u MB\n" - -stat.memorySwapped.info = "%1$u MB\n" - -stat.memoryLimit.info = "%1$u MB\n" - -stat.cpuReservation.info = "%1$u MHz\n" - -stat.cpuLimit.info = "%1$u MHz\n" - -upgrade.available = "新版本的 VMware Tools 可供使用。\n" - -upgrade.error.check_error = "檢查升級可用性時發生錯誤。\n" - -upgrade.error.error = "開始 VMware Tools 升級時發生錯誤。\n" - -upgrade.error.not_supported = "主機不支援 VMware Tools 自動升級。\n" - -upgrade.error.unknown_reply = "未預期的主機回復: %1$s\n" - -upgrade.started = "升級已開始。\n" - -upgrade.uptodate = "VMware Tools 為最新版本。\n" - diff --git a/open-vm-tools/vgauth/cli/l10n/de.vmsg b/open-vm-tools/vgauth/cli/l10n/de.vmsg index 86d90232b..e69de29bb 100644 --- a/open-vm-tools/vgauth/cli/l10n/de.vmsg +++ b/open-vm-tools/vgauth/cli/l10n/de.vmsg @@ -1,90 +0,0 @@ -########################################################## -# Copyright (c) 2011-2017,2020-2022 VMware, Inc. All rights reserved. -# -# This program is free software; you can redistribute it and/or modify it -# under the terms of the GNU Lesser General Public License as published -# by the Free Software Foundation version 2.1 and no later version. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY -# or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public -# License for more details. -# -# You should have received a copy of the GNU Lesser General Public License -# along with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. -# -########################################################## - -addsubj.fail = "%1$s: Das Hinzufügen des Alias für den Benutzer '%2$s': %3$s ist fehlgeschlagen.\n" -addsubj.success = "%1$s: Alias hinzugefügt\n" - -addoptions.comment = "Inhaberkommentar" - -addoptions.file = "PEM-Dateiname" - -addoptions.global = "Zertifikat der globalen Zuordnungsdatei hinzufügen" - -addoptions.subject = "Der SAML-Inhaber" - -addoptions.username = "Benutzer, dessen Zertifikatsspeicher hinzugefügt wird zu" - -addoptions.verbose = "Detaillierter Vorgang" - -cmdline.help.appoption = "Anwendungsoptionen" -cmdline.help.helpoption = "Hilfeoptionen" -cmdline.help.hint = "Hilfeoptionen anzeigen" -cmdline.help.usage = "Nutzung" -cmdline.parse = "Die Analyse der Befehlszeile ist fehlgeschlagen" - -cmdline.summary.pemfile = "PEM-Datei" -cmdline.summary.subject = "Inhaber" -cmdline.summary.username = "Benutzername" -cmdline.summary.comm = "Kommentar" -cmdline.summary.note = "Hinweis: Wenn kein Benutzername angegeben wird, entfernt %1$s nur die zugeordneten Aliasnamen" - -list.comment = "Kommentar" -list.count = "%1$s: Es wurden %2$d Aliase für den Benutzer '%3$s' gefunden.\n" - -list.error = "%1$s: Die Auflistung der Aliase für den Benutzer '%2$s': %3$s ist fehlgeschlagen.\n" -list.subject = "Inhaber" - -listmapped.count = "%1$s: Es wurden %2$d zugeordnete Aliase gefunden.\n" - -listmapped.error = "%1$s: Die Auflistung der zugeordneten Aliase %2$s ist fehlgeschlagen.\n" - -listmapped.subject = "Inhaber" - -listmapped.username = "Benutzername" - -listoptions.username = "Benutzer, dessen Zertifikatsspeicher angefordert wird" - -listoptions.verbose = "Detaillierter Vorgang" - -loadfile.fail = "%1$s: PEM-Datei '%2$s' kann nicht gelesen werden\n" - -name.any = "" - -removesubj.fail = "%1$s: Das Entfernen des Alias für den Benutzer '%2$s': %3$s ist fehlgeschlagen.\n" - -removesubj.success = "%1$s: Alias entfernt\n" - -removeoptions.file = "PEM-Dateiname" - -removeoptions.subject = "Der SAML-Inhaber" -removeoptions.username = "Benutzer, dessen Zertifikatsspeicher entfernt wird von" - -removeoptions.verbose = "Detaillierter Vorgang" - -removeall.fail = "%1$s: Fehler beim Entfernen von Alias für Benutzer '%2$s' Inhaber '%3$s': %4$s.\n" - -removeall.removefail = "%1$s: Fehler beim Entfernen von Alias für Benutzer '%2$s' Inhaber '%3$s' pemCert '%4$s': %5$s.\n" - -removeall.success = "%1$s: alle Aliase entfernt\n" - -removealloptions.subject = "Der SAML-Inhaber" -removealloptions.username = "Benutzer, dessen Zertifikatsspeicher entfernt wird von" - -removealloptions.verbose = "Detaillierter Vorgang" - -vgauth.init.failed = "Die Initialisierung von VGAuth ist fehlgeschlagen" diff --git a/open-vm-tools/vgauth/cli/l10n/it.vmsg b/open-vm-tools/vgauth/cli/l10n/it.vmsg index 3166bcb51..e69de29bb 100644 --- a/open-vm-tools/vgauth/cli/l10n/it.vmsg +++ b/open-vm-tools/vgauth/cli/l10n/it.vmsg @@ -1,90 +0,0 @@ -########################################################## -# Copyright (c) 2011-2017,2020-2022 VMware, Inc. All rights reserved. -# -# This program is free software; you can redistribute it and/or modify it -# under the terms of the GNU Lesser General Public License as published -# by the Free Software Foundation version 2.1 and no later version. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY -# or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public -# License for more details. -# -# You should have received a copy of the GNU Lesser General Public License -# along with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. -# -########################################################## - -addsubj.fail = "%1$s: Impossibile aggiungere alias per l'utente '%2$s': %3$s.\n" -addsubj.success = "%1$s: alias aggiunto\n" - -addoptions.comment = "commento oggetti" - -addoptions.file = "Nome file PEM" - -addoptions.global = "Aggiungere il certificato al file di mappatura globale" - -addoptions.subject = "L'oggetto SAML" - -addoptions.username = "Utente a cui viene aggiunto l'archivio certificati" - -addoptions.verbose = "Operazione Verbose" - -cmdline.help.appoption = "Opzioni applicazione" -cmdline.help.helpoption = "Opzioni Guida" -cmdline.help.hint = "Visualizza le opzioni della Guida" -cmdline.help.usage = "Utilizzo" -cmdline.parse = "Analisi della riga di comando non riuscita" - -cmdline.summary.pemfile = "File PEM" -cmdline.summary.subject = "oggetto" -cmdline.summary.username = "nome utente" -cmdline.summary.comm = "commento" -cmdline.summary.note = "Nota: se non viene specificato alcun nome utente, %1$s rimuove solo gli alias mappati" - -list.comment = "Commento" -list.count = "%1$s Trovati %2$d alias per l'utente '%3$s'\n" - -list.error = "%1$s: Impossibile elencare gli alias per l'utente '%2$s': %3$s.\n" -list.subject = "Oggetto" - -listmapped.count = "%1$s Trovati %2$d alias mappati\n" - -listmapped.error = "%1$s: Impossibile elencare gli alias mappati:%2$s.\n" - -listmapped.subject = "Oggetto" - -listmapped.username = "Nome utente" - -listoptions.username = "Utente il cui archivio certificati è oggetto di query" - -listoptions.verbose = "Operazione Verbose" - -loadfile.fail = "%1$s: Impossibile leggere il file PEM '%2$s'\n" - -name.any = "" - -removesubj.fail = "%1$s: Impossibile rimuovere l'alias per l'utente '%2$s': %3$s.\n" - -removesubj.success = "%1$s: alias rimosso\n" - -removeoptions.file = "Nome file PEM" - -removeoptions.subject = "L'oggetto SAML" -removeoptions.username = "Utente da cui viene rimosso l'archivio certificati" - -removeoptions.verbose = "Operazione Verbose" - -removeall.fail = "%1$s: impossibile rimuovere l'alias per l'utente '%2$s' oggetto '%3$s': %4$s.\n" - -removeall.removefail = "%1$s: impossibile rimuovere l'alias per l'utente '%2$s' oggetto '%3$s' pemCert '%4$s': %5$s.\n" - -removeall.success = "%1$s: tutti gli alias sono stati rimossi\n" - -removealloptions.subject = "L'oggetto SAML" -removealloptions.username = "Utente da cui viene rimosso l'archivio certificati" - -removealloptions.verbose = "Operazione Verbose" - -vgauth.init.failed = "Impossibile inizializzare VGAuth" diff --git a/open-vm-tools/vgauth/cli/l10n/ko.vmsg b/open-vm-tools/vgauth/cli/l10n/ko.vmsg index 53dd15503..e69de29bb 100644 --- a/open-vm-tools/vgauth/cli/l10n/ko.vmsg +++ b/open-vm-tools/vgauth/cli/l10n/ko.vmsg @@ -1,90 +0,0 @@ -########################################################## -# Copyright (c) 2011-2017,2020-2022 VMware, Inc. All rights reserved. -# -# This program is free software; you can redistribute it and/or modify it -# under the terms of the GNU Lesser General Public License as published -# by the Free Software Foundation version 2.1 and no later version. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY -# or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public -# License for more details. -# -# You should have received a copy of the GNU Lesser General Public License -# along with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. -# -########################################################## - -addsubj.fail = "%1$s: 사용자 '%2$s'에 대한 별칭을 추가하지 못했습니다. %3$s.\n" -addsubj.success = "%1$s: 별칭이 추가됨\n" - -addoptions.comment = "제목 설명" - -addoptions.file = "PEM 파일 이름" - -addoptions.global = "글로벌 매핑 파일에 인증서 추가" - -addoptions.subject = "SAML 주체" - -addoptions.username = "인증서 저장소를 추가 중인 사용자" - -addoptions.verbose = "자세한 정보 표시 작업" - -cmdline.help.appoption = "애플리케이션 옵션" -cmdline.help.helpoption = "도움말 옵션" -cmdline.help.hint = "도움말 옵션 표시" -cmdline.help.usage = "사용" -cmdline.parse = "명령줄 구문 분석 실패" - -cmdline.summary.pemfile = "PEM 파일" -cmdline.summary.subject = "제목" -cmdline.summary.username = "사용자 이름" -cmdline.summary.comm = "설명" -cmdline.summary.note = "참고: 사용자 이름이 제공되지 않으면 %1$s이(가) 매핑된 별칭만 제거합니다." - -list.comment = "설명" -list.count = "%1$s에서 사용자 '%3$s'의 %2$d개 별칭이 확인되었습니다.\n" - -list.error = "%1$s: 사용자 '%2$s'의 별칭을 나열하지 못했습니다. %3$s.\n" -list.subject = "제목" - -listmapped.count = "%1$s에서 %2$d개의 매핑된 별칭을 찾았습니다.\n" - -listmapped.error = "%1$s: 매핑된 별칭을 나열하지 못했습니다. %2$s.\n" - -listmapped.subject = "제목" - -listmapped.username = "사용자 이름" - -listoptions.username = "인증서 저장소를 쿼리 중인 사용자" - -listoptions.verbose = "자세한 정보 표시 작업" - -loadfile.fail = "%1$s: PEM 파일 '%2$s'을(를) 읽을 수 없습니다.\n" - -name.any = "<모두>" - -removesubj.fail = "%1$s: 사용자 '%2$s'에 대한 별칭을 제거하지 못했습니다. %3$s.\n" - -removesubj.success = "%1$s: 별칭이 제거됨\n" - -removeoptions.file = "PEM 파일 이름" - -removeoptions.subject = "SAML 주체" -removeoptions.username = "인증서 저장소를 제거 중인 사용자" - -removeoptions.verbose = "자세한 정보 표시 작업" - -removeall.fail = "%1$s: 사용자 '%2$s' 주체 '%3$s'에 대한 별칭을 제거하지 못했습니다. %4$s.\n" - -removeall.removefail = "%1$s: 사용자 '%2$s' 주체 '%3$s' pemCert '%4$s'에 대한 별칭을 제거하지 못했습니다. %5$s.\n" - -removeall.success = "%1$s: 모든 별칭이 제거됨\n" - -removealloptions.subject = "SAML 주체" -removealloptions.username = "인증서 저장소를 제거 중인 사용자" - -removealloptions.verbose = "자세한 정보 표시 작업" - -vgauth.init.failed = "VGAuth 초기화 실패" diff --git a/open-vm-tools/vgauth/cli/l10n/zh_CN.vmsg b/open-vm-tools/vgauth/cli/l10n/zh_CN.vmsg index 5d2705c65..e69de29bb 100644 --- a/open-vm-tools/vgauth/cli/l10n/zh_CN.vmsg +++ b/open-vm-tools/vgauth/cli/l10n/zh_CN.vmsg @@ -1,90 +0,0 @@ -########################################################## -# Copyright (c) 2011-2017,2020-2022 VMware, Inc. All rights reserved. -# -# This program is free software; you can redistribute it and/or modify it -# under the terms of the GNU Lesser General Public License as published -# by the Free Software Foundation version 2.1 and no later version. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY -# or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public -# License for more details. -# -# You should have received a copy of the GNU Lesser General Public License -# along with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. -# -########################################################## - -addsubj.fail = "%1$s: 无法为用户“%2$s”添加别名: %3$s。\n" -addsubj.success = "%1$s: 已添加别名\n" - -addoptions.comment = "主题注释" - -addoptions.file = "PEM 文件名" - -addoptions.global = "将证书添加到全局映射文件中" - -addoptions.subject = "SAML 主题" - -addoptions.username = "要在以下位置添加证书存储的用户" - -addoptions.verbose = "详细操作" - -cmdline.help.appoption = "应用程序选项" -cmdline.help.helpoption = "帮助选项" -cmdline.help.hint = "显示帮助选项" -cmdline.help.usage = "用法" -cmdline.parse = "命令行分析失败" - -cmdline.summary.pemfile = "PEM 文件" -cmdline.summary.subject = "主题" -cmdline.summary.username = "用户名" -cmdline.summary.comm = "注释" -cmdline.summary.note = "注意: 如果未提供用户名,%1$s 将仅移除映射的别名" - -list.comment = "注释" -list.count = "%1$s 已找到用户“%3$s”的 %2$d 别名\n" - -list.error = "%1$s: 无法列出用户“%2$s”的别名: %3$s。\n" -list.subject = "主题" - -listmapped.count = "%1$s 已找到 %2$d 映射的别名\n" - -listmapped.error = "%1$s: 无法列出映射的别名: %2$s。\n" - -listmapped.subject = "主题" - -listmapped.username = "用户名" - -listoptions.username = "要对其证书存储进行查询的用户" - -listoptions.verbose = "详细操作" - -loadfile.fail = "%1$s: 无法读取 PEM 文件“%2$s”\n" - -name.any = "<任何>" - -removesubj.fail = "%1$s: 无法删除用户“%2$s”的别名: %3$s。\n" - -removesubj.success = "%1$s: 已删除别名\n" - -removeoptions.file = "PEM 文件名" - -removeoptions.subject = "SAML 主题" -removeoptions.username = "要从以下位置移除其证书存储的用户" - -removeoptions.verbose = "详细操作" - -removeall.fail = "%1$s: 无法移除主题“%3$s”中用户“%2$s”的别名: %4$s。\n" - -removeall.removefail = "%1$s: 无法移除主题“%3$s”和 pemCert“%4$s”中用户“%2$s”的别名: %5$s。\n" - -removeall.success = "%1$s: 已移除所有别名\n" - -removealloptions.subject = "SAML 主题" -removealloptions.username = "要从以下位置移除其证书存储的用户" - -removealloptions.verbose = "详细操作" - -vgauth.init.failed = "无法初始化 VGAuth" diff --git a/open-vm-tools/vgauth/cli/l10n/zh_TW.vmsg b/open-vm-tools/vgauth/cli/l10n/zh_TW.vmsg index 4fed19f19..e69de29bb 100644 --- a/open-vm-tools/vgauth/cli/l10n/zh_TW.vmsg +++ b/open-vm-tools/vgauth/cli/l10n/zh_TW.vmsg @@ -1,90 +0,0 @@ -########################################################## -# Copyright (c) 2011-2017,2020-2022 VMware, Inc. All rights reserved. -# -# This program is free software; you can redistribute it and/or modify it -# under the terms of the GNU Lesser General Public License as published -# by the Free Software Foundation version 2.1 and no later version. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY -# or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public -# License for more details. -# -# You should have received a copy of the GNU Lesser General Public License -# along with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. -# -########################################################## - -addsubj.fail = "%1$s: 無法為使用者「%2$s」新增別名: %3$s。\n" -addsubj.success = "%1$s: 已新增別名\n" - -addoptions.comment = "主旨註解" - -addoptions.file = "PEM 檔案名稱" - -addoptions.global = "將憑證新增至全域對應檔案" - -addoptions.subject = "SAML 主旨" - -addoptions.username = "正將其憑證存放區新增至以下項目的使用者" - -addoptions.verbose = "詳細資訊作業" - -cmdline.help.appoption = "應用程式選項" -cmdline.help.helpoption = "説明選項" -cmdline.help.hint = "顯示說明選項" -cmdline.help.usage = "用法" -cmdline.parse = "命令行剖析失敗" - -cmdline.summary.pemfile = "PEM 檔案" -cmdline.summary.subject = "主旨" -cmdline.summary.username = "使用者名稱" -cmdline.summary.comm = "註解" -cmdline.summary.note = "備註: 如果未提供使用者名稱,則 %1$s 僅會移除對應的別名" - -list.comment = "註解" -list.count = "%1$s 找到使用者「%3$s」的 %2$d 個別名\n" - -list.error = "%1$s: 無法列出使用者「%2$s」的別名: %3$s。\n" -list.subject = "主旨" - -listmapped.count = "%1$s 找到 %2$d 個已對應的別名\n" - -listmapped.error = "%1$s: 無法列出已對應的別名: %2$s。\n" - -listmapped.subject = "主旨" - -listmapped.username = "使用者名稱" - -listoptions.username = "正在查詢其憑證存放區的使用者" - -listoptions.verbose = "詳細資訊作業" - -loadfile.fail = "%1$s: 無法讀取 PEM 檔案「%2$s」\n" - -name.any = "<任何>" - -removesubj.fail = "%1$s: 無法移除使用者「%2$s」的別名: %3$s。\n" - -removesubj.success = "%1$s: 已移除別名\n" - -removeoptions.file = "PEM 檔案名稱" - -removeoptions.subject = "SAML 主旨" -removeoptions.username = "正從以下項目移除其憑證存放區的使用者" - -removeoptions.verbose = "詳細資訊作業" - -removeall.fail = "%1$s: 無法移除使用者「%2$s」主題「%3$s」的別名: %4$s。\n" - -removeall.removefail = "%1$s: 無法移除使用者「%2$s」主題「%3$s」pemCert「%4$s」的別名: %5$s。\n" - -removeall.success = "%1$s: 已移除所有別名\n" - -removealloptions.subject = "SAML 主旨" -removealloptions.username = "正從以下項目移除其憑證存放區的使用者" - -removealloptions.verbose = "詳細資訊作業" - -vgauth.init.failed = "無法初始化 VGAuth" diff --git a/open-vm-tools/vgauth/lib/l10n/de.vmsg b/open-vm-tools/vgauth/lib/l10n/de.vmsg index 47a47d355..e69de29bb 100644 --- a/open-vm-tools/vgauth/lib/l10n/de.vmsg +++ b/open-vm-tools/vgauth/lib/l10n/de.vmsg @@ -1,21 +0,0 @@ -########################################################## -# Copyright (C) 2011-2016 VMware, Inc. All rights reserved. -# -# This program is free software; you can redistribute it and/or modify it -# under the terms of the GNU Lesser General Public License as published -# by the Free Software Foundation version 2.1 and no later version. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY -# or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public -# License for more details. -# -# You should have received a copy of the GNU Lesser General Public License -# along with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. -# -########################################################## - -auth.password.invalid = "Benutzername und Kennwort für '%1$s' stimmen nicht überein" -auth.password.valid = "Benutzername und Kennwort wurden erfolgreich für '%1$s' bestätigt" -auth.sspi.badid = "Versuch der Authentifizierung mithilfe einer ungültigen oder abgelaufenen SSPI-Anfrage-ID: %1$u" diff --git a/open-vm-tools/vgauth/lib/l10n/it.vmsg b/open-vm-tools/vgauth/lib/l10n/it.vmsg index 27487e63b..e69de29bb 100644 --- a/open-vm-tools/vgauth/lib/l10n/it.vmsg +++ b/open-vm-tools/vgauth/lib/l10n/it.vmsg @@ -1,21 +0,0 @@ -########################################################## -# Copyright (C) 2011-2016 VMware, Inc. All rights reserved. -# -# This program is free software; you can redistribute it and/or modify it -# under the terms of the GNU Lesser General Public License as published -# by the Free Software Foundation version 2.1 and no later version. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY -# or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public -# License for more details. -# -# You should have received a copy of the GNU Lesser General Public License -# along with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. -# -########################################################## - -auth.password.invalid = "Nome utente e password non corrispondenti per '%1$s'" -auth.password.valid = "Nome utente e password convalidati correttamente per '%1$s'" -auth.sspi.badid = "Tentativo di autenticazione utilizzando un ID test SSPI non valido o scaduto: %1$u" diff --git a/open-vm-tools/vgauth/lib/l10n/ko.vmsg b/open-vm-tools/vgauth/lib/l10n/ko.vmsg index 29113db5d..e69de29bb 100644 --- a/open-vm-tools/vgauth/lib/l10n/ko.vmsg +++ b/open-vm-tools/vgauth/lib/l10n/ko.vmsg @@ -1,21 +0,0 @@ -########################################################## -# Copyright (C) 2011-2016 VMware, Inc. All rights reserved. -# -# This program is free software; you can redistribute it and/or modify it -# under the terms of the GNU Lesser General Public License as published -# by the Free Software Foundation version 2.1 and no later version. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY -# or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public -# License for more details. -# -# You should have received a copy of the GNU Lesser General Public License -# along with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. -# -########################################################## - -auth.password.invalid = "'%1$s'에 대해 사용자 이름과 암호가 일치하지 않습니다." -auth.password.valid = "'%1$s'에 대해 사용자 이름 및 암호가 유효한 것으로 확인되었습니다." -auth.sspi.badid = "잘못되었거나 만료된 SSPI 챌린지 ID를 사용하여 인증하려고 합니다. %1$u" diff --git a/open-vm-tools/vgauth/lib/l10n/zh_CN.vmsg b/open-vm-tools/vgauth/lib/l10n/zh_CN.vmsg index e777208bf..e69de29bb 100644 --- a/open-vm-tools/vgauth/lib/l10n/zh_CN.vmsg +++ b/open-vm-tools/vgauth/lib/l10n/zh_CN.vmsg @@ -1,21 +0,0 @@ -########################################################## -# Copyright (C) 2011-2016 VMware, Inc. All rights reserved. -# -# This program is free software; you can redistribute it and/or modify it -# under the terms of the GNU Lesser General Public License as published -# by the Free Software Foundation version 2.1 and no later version. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY -# or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public -# License for more details. -# -# You should have received a copy of the GNU Lesser General Public License -# along with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. -# -########################################################## - -auth.password.invalid = "“%1$s”的用户名和密码不匹配" -auth.password.valid = "已成功验证“%1$s”的用户名和密码" -auth.sspi.badid = "尝试使用无效或过期的 SSPI 质询 ID 进行身份验证: %1$u" diff --git a/open-vm-tools/vgauth/lib/l10n/zh_TW.vmsg b/open-vm-tools/vgauth/lib/l10n/zh_TW.vmsg index b78b4816e..e69de29bb 100644 --- a/open-vm-tools/vgauth/lib/l10n/zh_TW.vmsg +++ b/open-vm-tools/vgauth/lib/l10n/zh_TW.vmsg @@ -1,21 +0,0 @@ -########################################################## -# Copyright (C) 2011-2016 VMware, Inc. All rights reserved. -# -# This program is free software; you can redistribute it and/or modify it -# under the terms of the GNU Lesser General Public License as published -# by the Free Software Foundation version 2.1 and no later version. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY -# or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public -# License for more details. -# -# You should have received a copy of the GNU Lesser General Public License -# along with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. -# -########################################################## - -auth.password.invalid = "「%1$s」的使用者名稱與密碼不符" -auth.password.valid = "已成功驗證「%1$s」的使用者名稱和密碼" -auth.sspi.badid = "嘗試使用無效或到期的 SSPI 驗證識別碼進行驗證: %1$u" diff --git a/open-vm-tools/vgauth/service/l10n/de.vmsg b/open-vm-tools/vgauth/service/l10n/de.vmsg index 0c9f29f9a..e69de29bb 100644 --- a/open-vm-tools/vgauth/service/l10n/de.vmsg +++ b/open-vm-tools/vgauth/service/l10n/de.vmsg @@ -1,46 +0,0 @@ -########################################################## -# Copyright (C) 2011-2016 VMware, Inc. All rights reserved. -# -# This program is free software; you can redistribute it and/or modify it -# under the terms of the GNU Lesser General Public License as published -# by the Free Software Foundation version 2.1 and no later version. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY -# or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public -# License for more details. -# -# You should have received a copy of the GNU Lesser General Public License -# along with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. -# -########################################################## - -proto.attack = "Möglicher Sicherheitsangriff! Der Anfragetyp %1$d verfügt über einen Benutzernamen (%2$s), der nicht mit dem Pipe-Eigentümer (%3$s) übereinstimmt!" - -validate.samlBearer.fail = "Die Überprüfung des SAML-Träger-Token ist fehlgeschlagen: %1$d" - -validate.samlBearer.success = "Überprüfter SAML-Träger-Token für den Benutzer '%1$s'" - -alias.addid = "Dem Aliasspeicher im Eigentum von '%1$s' durch den Benutzer '%2$s' hinzugefügtes Alias" - -alias.dir.badperm = "Das Aliasspeicherverzeichnis '%1$s' verfügt über unzulässige Eigentümer oder Berechtigungen. Alle aktuell in '%2$s' gespeicherte Aliase stehen für die Authentifizierung nicht zur Verfügung" - -alias.dir.notadir = "Das Aliasspeicherverzeichnis '%1$s' ist vorhanden, ist aber kein Verzeichnis" - -alias.dir.renamefail = "Das Umbenennen des verdächtigen Aliasspeicherverzeichnisses '%1$s' in '%2$s' ist fehlgeschlagen" - - -alias.alias.badfile = "Der Aliasspeicher '%1$s' ist vorhanden, ist aber keine ordnungsgemäße Datei. Die Aliase für den Benutzer '%2$s' stehen für die Authentifizierung nicht zur Verfügung" - -alias.alias.badperm = "Der Aliasspeicher '%1$s' verfügt über unzulässige Eigentümer oder Berechtigungen. Die Aliase für den Benutzer '%2$s' stehen für die Authentifizierung nicht zur Verfügung" - -alias.alias.rename = "Der verdächtige Aliasspeicher '%1$s' wurde in '%2$s' umbenannt" - -alias.alias.renamefail = "Das Umbenennen des verdächtigen Aliasspeichers '%1$s' in '%2$s' ist fehlgeschlagen" - -alias.mapfile.badperm = "Die Zuordungsdatei '%1$s' des Aliasspeichers verfügt über unzulässige Eigentümer oder Berechtigungen. Die Aliase in der Zuordnungsdatei stehen für eine Authentifizierung nicht zur Verfügung" - -alias.mapping.badfile = "Die Zuordnungsdatei '%1$s' ist vorhanden, ist aber keine ordnungsgemäße Datei. Die Aliase in der Zuordnungsdatei stehen für eine Authentifizierung nicht zur Verfügung" - -alias.removeid = "Das Alias wurde aus dem Aliasspeicher im Eigentum von '%1$s' durch den Benutzer '%2$s' entfernt" diff --git a/open-vm-tools/vgauth/service/l10n/it.vmsg b/open-vm-tools/vgauth/service/l10n/it.vmsg index 1f20b29ae..e69de29bb 100644 --- a/open-vm-tools/vgauth/service/l10n/it.vmsg +++ b/open-vm-tools/vgauth/service/l10n/it.vmsg @@ -1,46 +0,0 @@ -########################################################## -# Copyright (C) 2011-2016 VMware, Inc. All rights reserved. -# -# This program is free software; you can redistribute it and/or modify it -# under the terms of the GNU Lesser General Public License as published -# by the Free Software Foundation version 2.1 and no later version. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY -# or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public -# License for more details. -# -# You should have received a copy of the GNU Lesser General Public License -# along with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. -# -########################################################## - -proto.attack = "Possibile attacco alla sicurezza. Il tipo di richiesta %1$d ha un nome utente (%2$s) che non corrisponde al proprietario del circuito (%3$s)!" - -validate.samlBearer.fail = "Convalida del token di connessione SAML non riuscita: %1$d" - -validate.samlBearer.success = "Token di connessione SAML convalidato per l'utente '%1$s'" - -alias.addid = "Alias aggiunto all'archivio Alias di proprietà di '%1$s' dall'utente '%2$s'" - -alias.dir.badperm = "La directory di archiviazione alias '%1$s' ha proprietario errato o autorizzazioni errate. Qualsiasi alias ​​attualmente memorizzato in '%2$s' non sarà disponibile per l'autenticazione" - -alias.dir.notadir = "La directory dell'archivio di alias '%1$s' esiste ma non è una directory" - -alias.dir.renamefail = "Impossibile rinominare la directory dell'archivio di alias sospetta da '%1$s' a '%2$s'" - - -alias.alias.badfile = "L'archivio alias '%1$s' esiste ma non è un file regolare. Gli alias per l'utente '%2$s' non saranno disponibili per l'autenticazione" - -alias.alias.badperm = "L'archivio di alias '%1$s' ha un proprietario errato o autorizzazioni errate. Gli alias per l'utente '%2$s' non saranno disponibili per l'autenticazione" - -alias.alias.rename = "Archivio di alias sospetti '%1$s' rinominato in '%2$s'" - -alias.alias.renamefail = "Impossibile rinominare l'archivio di alias sospetti da '%1$s' a '%2$s'" - -alias.mapfile.badperm = "Il file di mappatura dell'archivio di alias '%1$s' ha un proprietario errato o autorizzazioni errate. Gli alias ​​nel file di mappatura non saranno disponibili per l'autenticazione" - -alias.mapping.badfile = "Il file di mappatura '%1$s' esiste ma non è un file regolare. Gli alias ​​nel file di mappatura non saranno disponibili per l'autenticazione" - -alias.removeid = "Alias rimosso dall'archivio di alias di proprietà di '%1$s' dall'utente '%2$s'" diff --git a/open-vm-tools/vgauth/service/l10n/ko.vmsg b/open-vm-tools/vgauth/service/l10n/ko.vmsg index 08313a41a..e69de29bb 100644 --- a/open-vm-tools/vgauth/service/l10n/ko.vmsg +++ b/open-vm-tools/vgauth/service/l10n/ko.vmsg @@ -1,46 +0,0 @@ -########################################################## -# Copyright (C) 2011-2016 VMware, Inc. All rights reserved. -# -# This program is free software; you can redistribute it and/or modify it -# under the terms of the GNU Lesser General Public License as published -# by the Free Software Foundation version 2.1 and no later version. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY -# or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public -# License for more details. -# -# You should have received a copy of the GNU Lesser General Public License -# along with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. -# -########################################################## - -proto.attack = "보안 공격이 발생할 수 있습니다. 요청 유형 %1$d에 파이프 소유자(%3$s)와 일치하지 않는 사용자 이름(%2$s)이 있습니다." - -validate.samlBearer.fail = "SAML bearer 토큰의 유효성 검사에 실패했습니다. %1$d" - -validate.samlBearer.success = "사용자 '%1$s'에 대한 SAML bearer 토큰이 유효한 것으로 확인되었습니다." - -alias.addid = "사용자 '%2$s'이(가) '%1$s'이(가) 소유하는 별칭 저장소에 별칭을 추가했습니다." - -alias.dir.badperm = "별칭 저장소 디렉토리 '%1$s'의 소유자나 권한이 올바르지 않습니다. 현재 '%2$s'에 저장되어 있는 별칭을 인증에 사용할 수 없습니다." - -alias.dir.notadir = "별칭 저장소 디렉토리 '%1$s'이(가) 있지만 디렉토리가 아닙니다." - -alias.dir.renamefail = "의심스러운 별칭 저장소 디렉토리 이름 '%1$s'을(를) '%2$s'(으)로 바꾸지 못했습니다." - - -alias.alias.badfile = "별칭 저장소 '%1$s'이(가) 있지만 일반 파일이 아닙니다. 사용자 '%2$s'의 별칭을 인증에 사용할 수 없습니다." - -alias.alias.badperm = "별칭 저장소 '%1$s'의 소유자나 권한이 올바르지 않습니다. 사용자 '%2$s'의 별칭을 인증에 사용할 수 없습니다." - -alias.alias.rename = "의심스러운 별칭 저장소 '%1$s' 이름이 '%2$s'(으)로 바뀌었습니다." - -alias.alias.renamefail = "의심스러운 별칭 저장소 이름 '%1$s'을(를) '%2$s'(으)로 바꾸지 못했습니다." - -alias.mapfile.badperm = "별칭 저장소 매핑 파일 '%1$s'의 소유자나 권한이 올바르지 않습니다. 매핑 파일의 별칭을 인증에 사용할 수 없습니다." - -alias.mapping.badfile = "매핑 파일 '%1$s'이(가) 있지만 일반 파일이 아닙니다. 매핑 파일의 별칭을 인증에 사용할 수 없습니다." - -alias.removeid = "사용자 '%2$s'이(가) '%1$s'이(가) 소유하는 별칭 저장소에서 별칭을 제거했습니다." diff --git a/open-vm-tools/vgauth/service/l10n/zh_CN.vmsg b/open-vm-tools/vgauth/service/l10n/zh_CN.vmsg index a89f3742b..e69de29bb 100644 --- a/open-vm-tools/vgauth/service/l10n/zh_CN.vmsg +++ b/open-vm-tools/vgauth/service/l10n/zh_CN.vmsg @@ -1,46 +0,0 @@ -########################################################## -# Copyright (C) 2011-2016 VMware, Inc. All rights reserved. -# -# This program is free software; you can redistribute it and/or modify it -# under the terms of the GNU Lesser General Public License as published -# by the Free Software Foundation version 2.1 and no later version. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY -# or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public -# License for more details. -# -# You should have received a copy of the GNU Lesser General Public License -# along with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. -# -########################################################## - -proto.attack = "可能发生安全攻击! 请求类型 %1$d 具有的 userName (%2$s)与管道所有者(%3$s)不匹配!" - -validate.samlBearer.fail = "SAML 持有者令牌验证失败: %1$d" - -validate.samlBearer.success = "已验证用户“%1$s”的 SAML 持有者令牌" - -alias.addid = "用户“%2$s”已将别名添加到“%1$s”拥有的别名存储中" - -alias.dir.badperm = "别名存储目录“%1$s”具有不正确的所有者或权限。无法使用当前在“%2$s”中存储的任何别名进行身份验证" - -alias.dir.notadir = "别名存储目录“%1$s”已存在,但不是一个目录" - -alias.dir.renamefail = "无法将可疑别名存储目录“%1$s”重命名为“%2$s”" - - -alias.alias.badfile = "别名存储“%1$s”已存在,但不是一个常规文件。无法使用用户“%2$s”的别名进行身份验证" - -alias.alias.badperm = "别名存储“%1$s”具有不正确的所有者或权限。无法使用用户“%2$s”的别名进行身份验证" - -alias.alias.rename = "已将可疑别名存储“%1$s”重命名为“%2$s”" - -alias.alias.renamefail = "无法将可疑别名存储“%1$s”重命名为“%2$s”" - -alias.mapfile.badperm = "别名存储映射文件“%1$s”具有不正确的所有者或权限。无法使用映射文件中的别名进行身份验证" - -alias.mapping.badfile = "映射文件“%1$s”已存在,但不是一个常规文件。无法使用映射文件中的别名进行身份验证" - -alias.removeid = "用户“%2$s”已从“%1$s”拥有的别名存储中删除别名" diff --git a/open-vm-tools/vgauth/service/l10n/zh_TW.vmsg b/open-vm-tools/vgauth/service/l10n/zh_TW.vmsg index 2483e1546..e69de29bb 100644 --- a/open-vm-tools/vgauth/service/l10n/zh_TW.vmsg +++ b/open-vm-tools/vgauth/service/l10n/zh_TW.vmsg @@ -1,46 +0,0 @@ -########################################################## -# Copyright (C) 2011-2016 VMware, Inc. All rights reserved. -# -# This program is free software; you can redistribute it and/or modify it -# under the terms of the GNU Lesser General Public License as published -# by the Free Software Foundation version 2.1 and no later version. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY -# or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public -# License for more details. -# -# You should have received a copy of the GNU Lesser General Public License -# along with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. -# -########################################################## - -proto.attack = "可能存在安全性攻擊! 要求類型 %1$d 具有的使用者名稱 (%2$s) 與管道擁有者 (%3$s) 不相符!" - -validate.samlBearer.fail = "驗證 SAML 承載者 Token 失敗: %1$d" - -validate.samlBearer.success = "已驗證使用者「%1$s」的 SAML 承載者 Token" - -alias.addid = "使用者「%2$s」已將別名新增至「%1$s」所擁有的別名存放區" - -alias.dir.badperm = "別名存放區目錄 '%1$s' 的擁有者或權限不正確。目前儲存在 '%2$s' 中的任何別名均無法用於驗證" - -alias.dir.notadir = "別名存放區目錄「%1$s」已存在,但並不是目錄" - -alias.dir.renamefail = "無法將可疑的別名存放區目錄「%1$s」重新命名為「%2$s」" - - -alias.alias.badfile = "別名存放區 '%1$s' 已存在,但並不是一般檔案。使用者 '%2$s' 的別名將無法用於驗證" - -alias.alias.badperm = "別名存放區 '%1$s' 的擁有者或權限不正確。使用者 '%2$s' 的別名將無法用於驗證" - -alias.alias.rename = "已將可疑的別名存放區「%1$s」重新命名為「%2$s」" - -alias.alias.renamefail = "無法將可疑的別名存放區「%1$s」重新命名為「%2$s」" - -alias.mapfile.badperm = "別名存放區對應檔案 '%1$s' 的擁有者或權限不正確。對應檔案中的別名將無法用於驗證" - -alias.mapping.badfile = "對應檔案 '%1$s' 已存在,但並不是一般檔案。對應檔案中的別名將無法用於驗證" - -alias.removeid = "使用者「%2$s」已從「%1$s」所擁有的別名存放區中移除別名" From 419b5cebc629189c9a8e88bd167d4d18dd5eb406 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:53 -0800 Subject: [PATCH 332/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/x86cpuid.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/open-vm-tools/lib/include/x86cpuid.h b/open-vm-tools/lib/include/x86cpuid.h index 8074410e4..a4ff844df 100644 --- a/open-vm-tools/lib/include/x86cpuid.h +++ b/open-vm-tools/lib/include/x86cpuid.h @@ -149,12 +149,12 @@ typedef struct CPUIDQuery { CPUIDLEVEL(TRUE, D, 0xd, 19, 0) \ CPUIDLEVEL(TRUE, F, 0xf, 2, 13) \ CPUIDLEVEL(TRUE, 10, 0x10, 4, 13) \ - CPUIDLEVEL(TRUE, 12, 0x12, 4, 13) \ + CPUIDLEVEL(TRUE, 12, 0x12, 7, 13) \ CPUIDLEVEL(TRUE, 14, 0x14, 2, 13) \ CPUIDLEVEL(TRUE, 15, 0x15, 0, 13) \ CPUIDLEVEL(TRUE, 16, 0x16, 0, 13) \ CPUIDLEVEL(TRUE, 17, 0x17, 4, 14) \ - CPUIDLEVEL(TRUE, 18, 0x18, 8, 17) \ + CPUIDLEVEL(TRUE, 18, 0x18, 9, 17) \ CPUIDLEVEL(TRUE, 19, 0x19, 0, 20) \ CPUIDLEVEL(TRUE, 1A, 0x1a, 0, 17) \ CPUIDLEVEL(TRUE, 1B, 0x1b, 2, 17) \ From 1f8f4a01b89394c8e42c49fa4e2aafa6587bf20b Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 7 Jan 2025 22:05:53 -0800 Subject: [PATCH 333/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/x86cpuid.h | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/open-vm-tools/lib/include/x86cpuid.h b/open-vm-tools/lib/include/x86cpuid.h index a4ff844df..fb561ebd9 100644 --- a/open-vm-tools/lib/include/x86cpuid.h +++ b/open-vm-tools/lib/include/x86cpuid.h @@ -1467,8 +1467,8 @@ FLAG( 81F, 0, EAX, 0, 1, SME, NO, 0 ) \ FLAG( 81F, 0, EAX, 1, 1, SEV, YES, 17 ) \ FLAG( 81F, 0, EAX, 2, 1, PAGE_FLUSH_MSR, NO, 0 ) \ FLAG( 81F, 0, EAX, 3, 1, SEV_ES, YES, 17 ) \ -FLAG( 81F, 0, EAX, 4, 1, SEV_SNP, YES, FUT ) \ -FLAG( 81F, 0, EAX, 5, 1, VMPL, YES, FUT ) \ +FLAG( 81F, 0, EAX, 4, 1, SEV_SNP, YES, 22 ) \ +FLAG( 81F, 0, EAX, 5, 1, VMPL, YES, 22 ) \ FLAG( 81F, 0, EAX, 6, 1, RMPQUERY, NO, 0 ) \ FLAG( 81F, 0, EAX, 7, 1, VMPL_SSS, NO, 0 ) \ FLAG( 81F, 0, EAX, 8, 1, SECURE_TSC, NO, 0 ) \ @@ -1483,13 +1483,13 @@ FLAG( 81F, 0, EAX, 16, 1, SEV_VTE, NO, 0 ) \ FLAG( 81F, 0, EAX, 17, 1, VMGEXIT_PARAMETER, NO, 0 ) \ FLAG( 81F, 0, EAX, 18, 1, VIRTUAL_MSR_TOM, NO, 0 ) \ FLAG( 81F, 0, EAX, 19, 1, SEV_IBS_VIRT, NO, 0 ) \ -FLAG( 81F, 0, EAX, 24, 1, VMSA_REG_PROT, YES, FUT ) \ +FLAG( 81F, 0, EAX, 24, 1, VMSA_REG_PROT, YES, 22 ) \ FLAG( 81F, 0, EAX, 25, 1, SMT_PROTECTION, NO, 0 ) \ FLAG( 81F, 0, EAX, 28, 1, SVSM_COMM_PAGE_MSR, NO, 0 ) \ FLAG( 81F, 0, EAX, 29, 1, NESTED_VIRT_SNP_MSR, NO, 0 ) \ FIELD(81F, 0, EBX, 0, 6, SME_PAGE_TABLE_BIT_NUM, YES, 17 ) \ FIELD(81F, 0, EBX, 6, 6, SME_PHYS_ADDR_SPACE_REDUCTION, NO, 0 ) \ -FIELD(81F, 0, EBX, 12, 4, NUM_VMPL, YES, FUT ) \ +FIELD(81F, 0, EBX, 12, 4, NUM_VMPL, YES, 22 ) \ FIELD(81F, 0, ECX, 0, 32, NUM_ENCRYPTED_GUESTS, NO, 0 ) \ FIELD(81F, 0, EDX, 0, 32, SEV_MIN_ASID, NO, 0 ) From e0a12a75116600f6708ef66f80ccc0ebbdab13ac Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Wed, 8 Jan 2025 07:32:51 -0800 Subject: [PATCH 334/375] ==================================================================== The "stable-13.0.x" branch was created from the "devel" branch here. ==================================================================== Update ChangeLog with the granular push of Jan 07, 2025. - plus ChangeLog update of Sep 24, 2024. --- open-vm-tools/ChangeLog | 368 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 368 insertions(+) diff --git a/open-vm-tools/ChangeLog b/open-vm-tools/ChangeLog index a2b15a0cd..02b3e5bdf 100644 --- a/open-vm-tools/ChangeLog +++ b/open-vm-tools/ChangeLog @@ -1,3 +1,371 @@ +commit 1f8f4a01b89394c8e42c49fa4e2aafa6587bf20b +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:53 2025 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit 419b5cebc629189c9a8e88bd167d4d18dd5eb406 +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:53 2025 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit 75bb54af8c896bc27724353064f85de2ad986539 +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:53 2025 -0800 + + Change to common source files not applicable to open-vm-tools. + +commit 0a7ba9d95741d65c616d6368ecd9fb59113c95c6 +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:52 2025 -0800 + + Change to common source files not applicable to open-vm-tools. + +commit 9a3b3e52e0002f0fe71cc7958ceda81938afd0c4 +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:52 2025 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit 0f0a1389b908b1357e22c2fc3cbd4e597e20465e +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:52 2025 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit 056f68d8a40874ed6fb21ba101d30962f9f87fc1 +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:52 2025 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit 7a400deb151522767b80d7d02606325814c34998 +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:52 2025 -0800 + + Change to common header files not applicable to open-vm-tools. + +commit e36d82b4c9fd98134b3232f2ab66d53e1514f9b3 +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:52 2025 -0800 + + Change to common source file not applicable to open-vm-tools at this time. + +commit b9c236471f9b6de7b6e5dbba57ef6b70f8a20672 +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:52 2025 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit e3a7d9b2e19ef2fefbf3ce7eebe239d73eadc08b +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:52 2025 -0800 + + Change to common source file not applicable to open-vm-tools. + +commit a7c7bd3ff8fdf85dac4df1be3d275f22cd8fda0a +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:52 2025 -0800 + + vm_support update: gather log files based on the current tools.conf + configuration + + The script's revised logic replaces the (s) in the data field + value (logfile name) with a wildcard ('*') character, and it escapes the + '$' sign in the sed match pattern to match the '${\}' syntax + in the data field. + + The usage/help message for the subcommand "get \section> [key]" has also + been updated. + +commit bdd06ce8fc580f0ef8accff5cfc2852fae115aa5 +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:52 2025 -0800 + + Change to common source files not applicable to open-vm-tools. + +commit 1c9d3500fab0657aeb1fcb16f6f72ff9e80efbe4 +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:51 2025 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit d9114284d9a9c2a186ef10d59dd3be1dfe99e107 +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:51 2025 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit 41da23f6b63b1e768006ab566958fbeb62697e4e +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:51 2025 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit c4c228bc7cc452a881d0b370c64f4709ee541e68 +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:51 2025 -0800 + + Change to common source file not applicable to open-vm-tools at this time. + +commit 5302f26521d59807bbfb067c436b5238ec202833 +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:51 2025 -0800 + + Change to common source file not applicable to open-vm-tools at this time. + +commit d55893a0b9971a410ea84afd1b1de40ef3467861 +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:51 2025 -0800 + + Change to common source file not applicable to open-vm-tools. + +commit bc6ea576ac000232dc0438ead455b266280ffa0f +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:51 2025 -0800 + + Change to common source files not applicable to open-vm-tools. + +commit 70bc05adbaff8e81102141b7b7ecd4f07b0427d3 +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:51 2025 -0800 + + Change to common header files not applicable to open-vm-tools. + +commit 477886b720ad44ae632e0a1ffa9a3fe8f84730b7 +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:51 2025 -0800 + + With this modification to VMware Tools Support script, the files listed under + "logging" section in tools.conf file are additionally bundled into tar + archive. + +commit eeb78ef9a10f321178d04d67d0f789cd39c8a174 +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:51 2025 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit f6bcb8764fcfa799d2c0613743495085bbe6521d +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:51 2025 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit 76f6e5c391002e43b2c020b9ed4e970ee0174ccc +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:51 2025 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit 4722a04f7eb2ca91aaed3af3b52c9d94f7f9645e +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:51 2025 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit 29b3c1bcb31c51ac6ec276630990bf0a549c5cc0 +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:50 2025 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit c81edc381769b6c62d38679201085b595e53ac3f +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:50 2025 -0800 + + Bump tools version to 13.0.0 on main + + The next VMWare Tools product release is to be version 13.0.0. + Switching the version of tools on main from the current development + version 12.6.0 to 13.0.0. + +commit d5f77afbcd30e47eec6f41db9bcd44fa6c629a3e +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:50 2025 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit 4a982fdeabac0e9b0ad088bf45f66fb7bd0d0de7 +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:50 2025 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit ef6e01f8eb50245ca9fb3700666d6ed6e636f1ed +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:50 2025 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit 74c9458d2a1cf2107583ed77931ff1fe2f4e3095 +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:50 2025 -0800 + + Change to common source file not applicable to open-vm-tools at this time. + +commit e7a634e4fb8747642cd9d3a6cdf4bb8d5848f0dd +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:50 2025 -0800 + + Change to common source file not applicable to open-vm-tools. + +commit 1a3cb2bdf53e113ca4e2129b1eca7da52765a4db +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:50 2025 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit 263c766653f875b288e749267a537289e42f3fd6 +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:50 2025 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit 206e3529b31604cf971b1400d0c9fad03e5f353d +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:50 2025 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit 336eddbe12a78ee34b114d41ff2a63a7a359b288 +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:50 2025 -0800 + + Change to common source files not applicable to open-vm-tools at this time. + +commit 1d9388e4133204652a1fb7373d53deb5c3cc2a38 +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:50 2025 -0800 + + Change to common source file not applicable to open-vm-tools. + +commit 14431821730e5766062c96e3779d42f8ae62e4de +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:50 2025 -0800 + + Change to common source files not applicable to open-vm-tools. + +commit b3661ca9b18c3bc56078cf232314b5c27b12ad80 +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:49 2025 -0800 + + Add VMW_FALLTHROUGH in linuxDeployment.c to avoid compiler warning + + The switch case DEPLOYPKG_STATUS_CLOUD_INIT_DELEGATED was + designed to fall-through to case DEPLOYPKG_STATUS_SUCCESS. + Add VMW_FALLTHROUGH to avoid compiler warning. + +commit 19cd19f7df18710b94bcd36c30801a440115ff22 +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:49 2025 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit fef434d5893befa038a00a633e0084566aa528f9 +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:49 2025 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit fcfddd041777b07a849a18daf9550f90b8f24ce1 +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:49 2025 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit d07e65cf24aa185f5e39c5a4158fdcfa75c098e0 +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:49 2025 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit eabb07b39e7a3d7f873445520ee8630262a83bfd +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:49 2025 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit 8d64a254d1fd8df7c53e7bb65dee3c987fdaee87 +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:49 2025 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit a9fb794bc379355aaa58be97c15098e247296652 +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:49 2025 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit 7e249e741c5de5766ed060394806760a3e782c4f +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:49 2025 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit e0af58914539ace4c6e8005146a40cd31f1e537a +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:49 2025 -0800 + + Change to common source files not applicable to open-vm-tools. + +commit 37281c1a4e85a9e4dbe313030d6b985aecccf466 +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:49 2025 -0800 + + open-vm-tools l10n message updates + +commit 9399035e31c6fe96ba420da01a66085673aeea58 +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:49 2025 -0800 + + Change to common header file not applicable to open-vm-tools. + +commit 53cdb3d65f2b62f164807a3fba397c41044ce8c3 +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:49 2025 -0800 + + Ignore deprecated warning for LIBXML2 APIs xmlFileXXX. + + CVE-2024-40896 has been fixed in the following libxml2 releases. + - 2.13.3 + - 2.12.9 + - 2.11.9 + + The libxml2 version 2.13.0 has deprecated the xmlFileMatch, UserXmlFileOpen, + xmlFileRead, xmlFileClose callback functions. This change suppresses a + "deprecated-declaration" warning when these functions are invoked. + +commit d2c4e63ec275f18454b1539d05bc7410957ea13c +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:49 2025 -0800 + + Change to common source files not applicable to open-vm-tools. + +commit b0686fded2146418ea2f91a18c9f621e287942af +Author: Kruti Pendharkar +Date: Tue Jan 7 22:05:49 2025 -0800 + + Record the use of tools version 12.1.1 for the MacOS tools patch release. + + The last darwin.iso for MacOS guests was at version 12.1.0. A + subsequent security issues was fixed in VMware Tools patch 12.1.1 + (only darwin.iso). + Adding use of that version number as TOOLS_VERSION_MITER_SAW_PATCH1 + in lib/include/vm_tools_version.h. + +commit a167dff31e77d9599454667220b23dac304fed46 +Author: John Wolfe +Date: Tue Sep 24 14:31:17 2024 -0700 + + ==================================================================== + The "stable-12.5.x" branch was created from the "devel" branch here. + ==================================================================== + + Update the ChangeLog with the ChangeLog update of Aug 27, 2024. + commit 764f00f3c3393e8043ba87c2b63d1df670755c95 Author: Kruti Date: Tue Aug 27 02:31:46 2024 -0700 From 8e4eb3fb772f6600712478f3d375b8fb03651770 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Fri, 21 Feb 2025 05:54:27 -0800 Subject: [PATCH 335/375] open-vm-tools l10n message updates --- open-vm-tools/services/vmtoolsd/l10n/es.vmsg | 4 +- open-vm-tools/services/vmtoolsd/l10n/fr.vmsg | 34 +++---- open-vm-tools/services/vmtoolsd/l10n/ja.vmsg | 6 +- open-vm-tools/toolbox/l10n/es.vmsg | 25 ++--- open-vm-tools/toolbox/l10n/fr.vmsg | 99 ++++++++++---------- open-vm-tools/toolbox/l10n/ja.vmsg | 57 +++++------ open-vm-tools/vgauth/cli/l10n/es.vmsg | 10 +- open-vm-tools/vgauth/cli/l10n/fr.vmsg | 24 ++--- open-vm-tools/vgauth/cli/l10n/ja.vmsg | 26 ++--- 9 files changed, 144 insertions(+), 141 deletions(-) diff --git a/open-vm-tools/services/vmtoolsd/l10n/es.vmsg b/open-vm-tools/services/vmtoolsd/l10n/es.vmsg index 39ca5b2cc..bac293cec 100644 --- a/open-vm-tools/services/vmtoolsd/l10n/es.vmsg +++ b/open-vm-tools/services/vmtoolsd/l10n/es.vmsg @@ -22,7 +22,7 @@ cmdline.background.pidfile = "archivo pid" cmdline.blockfd = "Descriptor del archivo para el sistema de archivos de bloqueo de VMware." -cmdline.blockfd.fd = "fd" +cmdline.blockfd.fd = "descriptor del archivo" cmdline.commonpath = "Ruta al directorio de complementos frecuentes." @@ -69,7 +69,7 @@ cmdline.state = "Vuelca el estado interno de una instancia de servicio en ejecuc cmdline.uinputfd = "Descriptor del archivo para el dispositivo de entrada." -cmdline.uinputfd.fd = "fd" +cmdline.uinputfd.fd = "descriptor del archivo" cmdline.uninstall = "Desinstala el servicio desde el Administrador de control de servicios." diff --git a/open-vm-tools/services/vmtoolsd/l10n/fr.vmsg b/open-vm-tools/services/vmtoolsd/l10n/fr.vmsg index 6b00a07ca..4704cdafc 100644 --- a/open-vm-tools/services/vmtoolsd/l10n/fr.vmsg +++ b/open-vm-tools/services/vmtoolsd/l10n/fr.vmsg @@ -16,62 +16,62 @@ # ########################################################## -cmdline.background = "S'exécute en arrière-plan et crée un fichier PID." +cmdline.background = "S'exécute en arrière-plan et crée un fichier pid." cmdline.background.pidfile = "pidfile" -cmdline.blockfd = "Le descripteur de fichier pour le fs bloquant VMware." +cmdline.blockfd = "Descripteur de fichier pour VMware blocking fs." cmdline.blockfd.fd = "fd" -cmdline.commonpath = "Chemin vers les répertoires de plug-ins communs." +cmdline.commonpath = "Chemin d'accès au répertoire de plug-in commun." -cmdline.config = "Utilise le fichier de config pour le chemin donné." +cmdline.config = "Utilisez le fichier de configuration dans le chemin spécifié." -cmdline.debug = "S'exécute en mode débogage à l'aide du module d'extension spécifié." +cmdline.debug = "S'exécute en mode débogage en utilisant le plug-in spécifié." -cmdline.displayname = "Nom d'affichage du service (uniquement utilisé avec -i)." +cmdline.displayname = "Nom d'affichage du service (utilisé uniquement avec -i)." cmdline.displayname.argument = "nom" -cmdline.install = "Installe le service avec le Service Control Manager." +cmdline.install = "Installe le service à l'aide du Gestionnaire de contrôle de service." cmdline.install.args = "args" -cmdline.forceQuit = "Arrête une 'instance en cours d'exécution d'un service d'outils." +cmdline.forceQuit = "Arrête une instance de service d'outils en cours d'exécution." -cmdline.log = "Ignoré, conservé pour compatibilité descendante." +cmdline.log = "Ignoré, conservé pour la compatibilité descendante." -cmdline.name = "Nom du service en cours de démarrage." +cmdline.name = "Nom du service démarré." cmdline.name.argument = "svcname" cmdline.path = "chemin" -cmdline.pluginpath = "Chemin vers le répertoire des plug-ins." +cmdline.pluginpath = "Chemin d'accès au répertoire de plug-in." -cmdline.rpc = "Envoie une commande d'appel de procédure à distance à l'hôte puis quitte l'application." +cmdline.rpc = "Envoie une commande RPC à l'hôte puis quitte le programme." cmdline.rpc.command = "commande" -cmdline.rpcerror = "Impossible d'envoyer la commande à l'hyperviseur VMware." +cmdline.rpcerror = "Impossible d'envoyer une commande à l'hyperviseur VMware." cmdline.cmdfile = "Envoie une commande d'appel de procédure à distance à l'hôte depuis un fichier, puis quitte l'application." -cmdline.cmdfile.command = "fichier de commandes" +cmdline.cmdfile.command = "fichier de commande" cmdline.cmdfile.rpcerror = "Impossible d'envoyer la commande à l'hyperviseur VMware depuis le fichier." cmdline.cmdfile.read = "Impossible de lire la commande depuis le fichier %1$s.\n" -cmdline.state = "Transfère l'état interne d'un service en cours d'exécution dans les journaux." +cmdline.state = "Transmet aux journaux l'état interne d'une instance de service en cours d'exécution." cmdline.uinputfd = "Descripteur de fichier pour le périphérique uinput." cmdline.uinputfd.fd = "fd" -cmdline.uninstall = "Désinstalle le service du Gestionnaire de contrôle du service." +cmdline.uninstall = "Désinstalle le service du Gestionnaire de contrôle de service." -cmdline.version = "Imprime la version démon et quitte l'application." +cmdline.version = "Imprime la version du démon puis quitte le programme." diff --git a/open-vm-tools/services/vmtoolsd/l10n/ja.vmsg b/open-vm-tools/services/vmtoolsd/l10n/ja.vmsg index 1936d7c72..0c2f1a77e 100644 --- a/open-vm-tools/services/vmtoolsd/l10n/ja.vmsg +++ b/open-vm-tools/services/vmtoolsd/l10n/ja.vmsg @@ -26,7 +26,7 @@ cmdline.blockfd.fd = "fd" cmdline.commonpath = "共通プラグイン ディレクトリのパスです。" -cmdline.config = "指定されたパスで設定ファイルを使用します。" +cmdline.config = "指定されたパスで構成ファイルを使用します。" cmdline.debug = "指定されたプラグインを使用して、デバッグ モードで実行します。" @@ -38,9 +38,9 @@ cmdline.install = "Service Control Manager を使ってサービスをインス cmdline.install.args = "args" -cmdline.forceQuit = "Tools Service の実行中のインスタンスを停止します。" +cmdline.forceQuit = "ツール サービスの実行中のインスタンスを停止します。" -cmdline.log = "無視されます。後方互換性のために保持されています。" +cmdline.log = "無視して後方互換性を保持します。" cmdline.name = "開始されているサービスの名前です。" diff --git a/open-vm-tools/toolbox/l10n/es.vmsg b/open-vm-tools/toolbox/l10n/es.vmsg index 2a574e686..c80313264 100644 --- a/open-vm-tools/toolbox/l10n/es.vmsg +++ b/open-vm-tools/toolbox/l10n/es.vmsg @@ -1,5 +1,6 @@ ########################################################## -# Copyright (c) 2010-2017,2020-2022 VMware, Inc. All rights reserved. +# Copyright (c) 2010-2024 Broadcom. All Rights Reserved. +# The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. # # This program is free software; you can redistribute it and/or modify it # under the terms of the GNU Lesser General Public License as published @@ -70,7 +71,7 @@ disk.shrink.partition.notfound = "No se puede encontrar la partición %1$s\n" disk.shrink.partition.unsupported = "La partición %1$s no es reducible\n" -disk.shrink.unavailable = "La característica de reducción no está disponible,\n\nya sea porque está ejecutando una versión antigua de un producto de VMware o porque hay abiertos demasiados canales de comunicación.\n\nSi está ejecutando una versión antigua de un producto de VMware, debería considerar la posibilidad de actualizarla.\n\nSi hay abiertos demasiados canales de comunicación, debería apagar la máquina virtual y volver a encenderla.\n" +disk.shrink.unavailable = "La función de reducción no está disponible,\n\nya sea porque se está ejecutando un versión antigua de un producto VMware o bien porque hay abiertos demasiados canales de comunicación.\n\nSi está ejecutando una versión antigua de un producto VMware, debería pensar en actualizarla.\n\nSi hay abiertos muchos canales de comunicación, debería apagar la máquina virtual y luego volver a encenderla.\n" disk.shrink.ignoreFreeSpaceWarnings = "Ignore cualquier aviso sobre el espacio en disco durante el proceso de reducción.\n" @@ -90,29 +91,29 @@ error.noadmin.win = "%1$s: Se necesitan permisos de administrador para realizar error.novirtual = "%1$s tiene que ejecutarse dentro de una máquina virtual.\n" -error.unknown = "%1$s: %2$s '%3$s' desconocido\n" +error.unknown = "%1$s: Desconocido %2$s '%3$s'\n" -help.config = "%1$s: modificar la configuración de Tools\nUso: %2$s %3$s \n\nSubcomandos:\n get : muestra el valor actual de \n NOTA: Si la no está presente en tools.conf, su\n valor de la configuración global se devuelve si está presente\n set : establece en \n\n remove : elimina \n\n puede ser cualquier sección admitida como, por ejemplo, logging, guestoperations o guestinfo.\n puede ser cualquier clave de configuración.\n puede ser cualquier valor.\n" +help.config = "%1$s: modificar la configuración de Tools\nUso: %2$s %3$s \n\nSubcomandos:\n get [clave]: muestra el valor actual de la especificada o muestra valores para todas las claves de la \n NOTA: Si la no está presente en tools.conf, su\n valor de la configuración global se devuelve si está presente\n set : establece en \n remove : elimina \n\n puede ser cualquier sección admitida como, por ejemplo, logging, guestoperations o guestinfo.\n puede ser cualquier clave de configuración.\n puede ser cualquier valor.\n" help.device = "%1$s: funciones relacionadas con los dispositivos de hardware de la máquina virtual\nUso: %2$s %3$s [argumentos]\ndev es el nombre del dispositivo.\n\nSubcomandos:\n enable : habilita el dev del dispositivo\n disable : deshabilita el dev del dispositivo\n list: enumera todos los dispositivos disponibles\n status : imprime el estado de un dispositivo\n" help.disk = "%1$s: realizar operaciones de reducción de disco\nUso: %2$s %3$s [argumentos]\n\nSubcomandos:\n list: enumera las ubicaciones disponibles\n shrink : borra y reduce un sistema de archivos en la ubicación en cuestión\n shrinkonly: reduce todos los discos\n wipe : borra un sistema de archivos en la ubicación en cuestión\n" -help.globalconf = "%1$s: administrar las descargas de configuración global de GuestStore\nUso: %2$s %3$s \n\nSubcomandos solo de invitados de ESX:\n enable: habilita el módulo de configuración global.\n disable: deshabilita el módulo de configuración global\n refresh: activa una nueva descarga de la configuración global desde GuestStore\n status: imprime el estado del módulo de configuración global\n" +help.globalconf = "%1$s: administrar las descargas de configuración global de GuestStore\nUso: %2$s %3$s \n\nSubcomandos solo de invitados de ESX:\n enable: habilita el módulo de configuración global\n disable: deshabilita el módulo de configuración global\n refresh: activa una nueva descarga de la configuración global desde GuestStore\n status: imprime el estado del módulo de configuración global\n" help.gueststore = "%1$s: obtener contenido de recursos de GuestStore\nUso: %2$s %3$s \n\nSubcomandos solo de invitados de ESX:\n getcontent : obtener contenido de recursos de GuestStore y guardar en el archivo de salida.\n\n empieza con / y representa un recurso único en GuestStore. Si termina con /, el valor predeterminado es recuperar el recurso 'metadata.json' subyacente.\n es la ruta de acceso de un archivo en el que se guardará el contenido de los recursos.\n" -help.hint = "Pruebe '%1$s %2$s%3$s%4$s' para obtener más información.\n" +help.hint = "Intente '%1$s %2$s%3$s%4$s' para obtener más información.\n" -help.info = "%1$s: actualiza la información del invitado en el host\nUso: %2$s %3$s actualiza \n\nSubcomandos:\n actualización : actualiza la información identificada por \n puede ser 'red'\n" +help.info = "%1$s: actualiza la información del invitado en el host\nUso: %2$s %3$s actualiza \n\nSubcomandos:\n update : actualiza la información identificada por \n puede ser 'red'\n" help.logging = "%1$s: modificar el registro de herramientas\nUso: %2$s de nivel %3$s \n\nSubcomandos:\n get : muestra el nivel actual\n NOTA: Si el nivel no está presente en tools.conf, su\n valor de la configuración global se devuelve si está presente\n set : establece el nivel actual\n\n puede ser cualquier servicio admitido, como vmsvc o vmusr\n puede ser un error, un fallo crítico, una advertencia, una información, un mensaje o una depuración\n El valor predeterminado es %4$s\n" -help.main = "Uso: %1$s [opciones] [subcomando]\nEscriba '%2$s %3$s ' para obtener ayuda sobre un comando específico.\nEscriba '%4$s -v' para consultar la versión de VMware Tools.\nUtilice la opción '-q' para suprimir el resultado stdout.\nLa mayoría de comandos tiene un subcomando.\n\nComandos disponibles:\n config\n device\n disk (no disponible en todos los sistemas operativos)\n globalconf (no disponible en todos los sistemas operativos)\n gueststore (no disponible en todos los sistemas operativos)\n info\n logging\n script\n stat\n timesync\n upgrade (no disponible en todos los sistemas operativos)\n" +help.main = "Uso: %1$s [opciones] [subcomando]\nEscriba '%2$s %3$s ' para obtener ayuda sobre un comando específico.\nEscriba '%4$s -v' para consultar la versión de VMware Tools.\nUtilice la opción '-q' para suprimir el resultado stdout.\La mayoría de comandos tiene un subcomando.\n\nComandos disponibles:\n config\n device\n disk (no disponible en todos los sistemas operativos)\n globalconf (no disponible en todos los sistemas operativos)\n gueststore (no disponible en todos los sistemas operativos)\n info\n logging\n script\n stat\n timesync\n upgrade (no disponible en todos los sistemas operativos)\n" help.script = "%1$s: controlar la ejecución de secuencias de comandos en respuesta a operaciones de encendido\nUso: %2$s %3$s [argumentos]\n\nSubcomandos:\n enable: habilita la secuencia de comandos en cuestión y restaura la ruta de acceso predeterminada\n disable: deshabilita la secuencia de comandos en cuestión\n set : establece la secuencia de comandos en cuestión en la ruta de acceso determinada\n default: imprime la ruta de acceso predeterminada de la secuencia de comandos en cuestión\n current: imprime la ruta de acceso actual de la secuencia de comandos en cuestión\n NOTA: Si la ruta de acceso no está presente en tools.conf, su\n valor de la configuración global se devuelve si está presente\n" -help.stat = "%1$s: imprimir información útil sobre hosts e invitados\nUso: %2$s %3$s \n\nSubcomandos:\n hosttime: imprime la hora del host\n speed: imprime la velocidad de la CPU en MHz\nSubcomandos solo de invitados de ESX:\n sessionid: imprime el identificador de sesión actual\n balloon: imprime información de aumento de memoria\n swap: imprime información de intercambio de memoria\n memlimit: imprime información de límite de memoria\n memres: imprime información de reserva de memoria\n cpures: imprime información de reserva de la CPU\n cpulimit: imprime información del límite de la CPU\n raw [ ]: imprime información de estadísticas sin formato\n puede ser uno de 'text', 'json', 'xml', 'yaml'.\n incluye sesión, host, recursos, vscsi y\n vnet (Algunas estadísticas como vscsi son dos palabras, por ejemplo, 'vscsi scsi0:0').\n Imprime las estadísticas disponibles si no se han especificado los argumentos de y .\n" +help.stat = "%1$s: imprimir información útil sobre hosts e invitados\nUso: %2$s %3$s \n\nSubcomandos:\n hosttime: imprime la hora del host\n speed: imprime la velocidad de la CPU en MHz\nSubcomandos solo de invitados de ESX:\n sessionid: imprime el identificador de sesión actual\n balloon: imprime información de aumento de memoria\n swap: imprime información de intercambio de memoria\n memlimit: imprime información de límite de memoria\n memres: imprime información de reserva de memoria\n cpures: imprime información de reserva de la CPU\n cpulimit: imprime información del límite de la CPU\n raw [ ]: imprime información de estadísticas sin formato\n puede ser uno de 'text', 'json', 'xml', 'yaml'.\n incluye sesión, host, recursos, vscsi y\n vnet (Algunas estadísticas como vscsi son dos palabras, por ejemplo, 'vscsi scsi0:0').\n Imprime las estadísticas disponibles si no se han especificado los argumentos\n de y .\n" help.timesync = "%1$s: funciones para controlar la sincronización horaria en el SO invitado\nUso: %2$s %3$s \n\nSubcomandos:\n enable: habilita la sincronización horaria\n disable: deshabilita la sincronización horaria\n status: imprime el estado de la sincronización horaria\n" @@ -134,9 +135,9 @@ gueststore.error.client_lib = "'%1$s' no se realizó correctamente, error de bib gueststore.progress = "\rProgreso: %1$d%%" -option.disabled = "Desactivada" +option.disabled = "Desactivado" -option.enabled = "Activada" +option.enabled = "Activado" result.error.failed = "'%1$s' no se realizó correctamente, compruebe el registro de %2$s para obtener más información.\n" @@ -158,7 +159,7 @@ stat.cpumin.failed = "Error al obtener el mínimo de la CPU: %1$s\n" stat.formattime.failed = "No se puede formatear la hora del host.\n" -stat.get.failed = "Error al obtener stat: %1$s\n" +stat.get.failed = "Error al obtener estadísticas: %1$s\n" stat.getsession.failed = "Error al obtener identificador de sesión: %1$s\n" diff --git a/open-vm-tools/toolbox/l10n/fr.vmsg b/open-vm-tools/toolbox/l10n/fr.vmsg index d78952131..02bf64f43 100644 --- a/open-vm-tools/toolbox/l10n/fr.vmsg +++ b/open-vm-tools/toolbox/l10n/fr.vmsg @@ -1,5 +1,6 @@ ########################################################## -# Copyright (c) 2010-2017,2020-2022 VMware, Inc. All rights reserved. +# Copyright (c) 2010-2024 Broadcom. All Rights Reserved. +# The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. # # This program is free software; you can redistribute it and/or modify it # under the terms of the GNU Lesser General Public License as published @@ -26,19 +27,19 @@ arg.config.section = "section de configuration" arg.config.value = "valeur de configuration" -arg.devicename = "Nom du périphérique" +arg.devicename = "nom du périphérique" arg.info.class = "infos classeinfos" -arg.info.subcommand = "infos opération" +arg.info.subcommand = "opération d'obtention des informations" -arg.logging.level = "niveau de journalisation" +arg.logging.level = "Niveau de journalisation" arg.logging.service = "nom du service de journalisation" arg.logging.subcommand = "opération de journalisation" -arg.mountpoint = "Point de montage" +arg.mountpoint = "point de montage" arg.scriptpath = "chemin de script" @@ -46,75 +47,75 @@ arg.scripttype = "type de script" arg.subcommand = "sous-commande" -device.connect.error = "Impossible de connecter le périphérique %1$s.\n" +device.connect.error = "Impossible de se connecter au périphérique %1$s.\n" -device.disconnect.error = "Impossible de déconnecter le périphérique %1$s.\n" +device.disconnect.error = "Impossible de se déconnecter du périphérique %1$s.\n" -device.notfound = "Erreur lors de l'extraction des informations de l'interface : périphérique introuvable.\n" +device.notfound = "Erreur de récupération des informations d'interface : périphérique introuvable.\n" -disk.shrink.canceled = "Réduction du disque annulée.\n" +disk.shrink.canceled = "Réduction de disque annulée.\n" -disk.shrink.complete = "Réduction du disque terminée.\n" +disk.shrink.complete = "Réduction de disque terminée.\n" -disk.shrink.conflict = "Erreur, la Boîte à outils a repéré que la réduction de disque est activée alors que l'hôte considère qu'elle est désactivée.\n\n Fermez puis rouvrez la Boîte à outils pour la synchroniser avec l'hôte.\n" +disk.shrink.conflict = "Erreur, la Boîte à outils a repéré que la réduction de disque est activée alors que l'hôte considère qu'elle est désactivée.\n\n Fermez, puis rouvrez la Boîte à outils pour la synchroniser avec l'hôte.\n" disk.shrink.disabled = "L'option de réduction du disque est désactivée sur cette machine virtuelle.\n\nLa réduction est désactivée pour les clones liés, les parents des clones liés, \nles disques pré-affectés, les snapshots, ou en raison d'autres facteurs. \nReportez-vous au Manuel d'utilisateur pour plus d'informations.\n" -disk.shrink.error = "Erreur lors de la réduction : %1$s\n" +disk.shrink.error = "Erreur de réduction : %1$s\n" -disk.shrink.incomplete = "Réduction non terminée.\n" +disk.shrink.incomplete = "La réduction n'est pas terminée.\n" -disk.shrink.partition.error = "Impossible de récupérer les données de partition.\n" +disk.shrink.partition.error = "Impossible de collecter les données de la partition.\n" disk.shrink.partition.notfound = "Impossible de trouver la partition %1$s\n" disk.shrink.partition.unsupported = "La partition %1$s ne peut pas être réduite\n" -disk.shrink.unavailable = "La fonction de réduction n'est pas disponible,\n\nsoit parce que vous exécutez une ancienne version d'un produit VMware, soit parce que trop de canaux de communication sont ouverts.\n\nSi vous exécutez une ancienne version d'un produit VMware, vous devez envisager de le mettre à niveau.\n\nSi trop de canaux de communication sont ouverts, vous devez mettre hors tension votre machine virtuelle puis la remettre sous tension.\n" +disk.shrink.unavailable = "La fonctionnalité de réduction n'est pas disponible,\nsoit parce que vous exécutez une ancienne version d'un produit VMware, soit parce que trop de canaux de communication sont ouverts.\n\nSi vous exécutez une ancienne version d'un produit VMware, vous devriez penser à effectuer une mise à niveau.\n\nSi trop de canaux de communication sont ouverts, vous devez désactiver votre machine virtuelle puis la réactiver.\n" disk.shrink.ignoreFreeSpaceWarnings = "Ignorez tout avertissement relatif à l'espace disque pour la durée du processus de réduction.\n" disk.wipe.ignoreFreeSpaceWarnings = "Ignorez tout avertissement relatif à l'espace disque pour la durée du processus d'effacement.\n" -disk.wiper.file.error = "Erreur, impossible de créer un fichier d'effacement.\n" +disk.wiper.file.error = "Erreur : impossible de créer le fichier de balayage.\n" -disk.wiper.progress = "\rProgression : %1$d" +disk.wiper.progress = "\\rProgression : %1$d" error.message = "Erreur : %1$s\n" -error.missing = "%1$s : manquant %2$s\n" +error.missing = "%1$s : %2$s manquant\n" -error.noadmin.posix = "%1$s : vous devez être à la racine pour pouvoir effectuer les opérations %2$s.\n" +error.noadmin.posix = "%1$s : vous devez être un utilisateur racine pour effectuer des opérations %2$s.\n" error.noadmin.win = "%1$s : les autorisations d'administrateur sont nécessaires pour pouvoir effectuer les opérations %2$s.\nUtilisez une invite de commande d'administrateur pour effectuer ces tâches.\n" -error.novirtual = "%1$s doit être exécuté sur une machine virtuelle.\n" +error.novirtual = "%1$s doit être exécuté dans une machine virtuelle.\n" -error.unknown = "%1$s : %2$s inconnu '%3$s'\n" +error.unknown = "%1$s : %2$s '%3$s' inconnu\n" -help.config = "%1$s : modifiez la configuration de Tools\nUtilisation : %2$s %3$s \n\nSous-commandes :\n get
 : affichez la valeur actuelle de \n REMARQUE : si est absente de tools.conf, sa\n valeur de configuration globale est renvoyée si présente\n set
 : définissez sur \n\n remove
 : supprimez \n\n
peut être n'importe quelle section prise en charge, telle que logging, guestoperations ou guestinfo.\n peut être n'importe quelle clé de configuration.\n peut être n'importe quelle valeur.\n" +help.config = "%1$s : modifiez la configuration de Tools\nSyntaxe : %2$s %3$s \n\nSous-commandes :\n get
[key] : affichez la valeur actuelle de ou affichez les valeurs de toutes les clés dans
\n REMARQUE : si est absente de tools.conf, sa\n valeur de configuration globale est renvoyée si présente\n set
 : définissez sur \n remove
 : supprimez \n\n
peut être n'importe quelle section prise en charge, telle que logging, guestoperations ou guestinfo.\n peut être n'importe quelle clé de configuration.\n peut être n'importe quelle valeur.\n" help.device = "%1$s : fonctions apparentées aux appareils matériels de la machine virtuelle\nSyntaxe : %2$s %3$s [args]\ndev est le nom du périphérique.\n\nSous-commandes :\n enable : activer le périphérique dev\n disable : désactiver le périphérique dev\n list : liste de tous les périphériques disponibles\n status : imprime l'état d'un périphérique\n" help.disk = "%1$s : effectue les opérations de réduction des disques\nSyntaxe : %2$s %3$s [args]\n\nSous-commandes :\n list : liste des emplacements disponibles\n shrink : efface et réduit un système de fichiers à l'emplacement donné\n shrinkonly : réduit tous les disques\n wipe : efface un système de fichiers à l'emplacement donné\n" -help.globalconf = "%1$s : gérer les téléchargements de la configuration globale depuis GuestStore\nUtilisation : %2$s %3$s \n\nSous-commandes des invités ESX uniquement :\n enable : activer le module de configuration globale.\n disable : désactiver le module de configuration globale\n refresh : déclencher un nouveau téléchargement de la configuration globale depuis GuestStore\n status : imprimer l'état du module de configuration globale\n" +help.globalconf = "%1$s : gérer les téléchargements de la configuration globale depuis GuestStore\nSyntaxe : %2$s %3$s \n\nSous-commandes des invités ESX uniquement :\n enable : activer le module de configuration globale.\n disable : désactiver le module de configuration globale\n refresh : déclencher un nouveau téléchargement de la configuration globale depuis GuestStore\n status : imprimer l'état du module de configuration globale\n" -help.gueststore = "%1$s : obtenez le contenu des ressources de GuestStore\nUtilisation : %2$s %3$s \n\nSous-commandes des invités ESX uniquement :\n getcontent  : obtenez le contenu des ressources de GuestStore et enregistrez-le dans le fichier de sortie.\n\n commence par / et représente une ressource unique dans GuestStore. En cas de terminaison par /, utilise la valeur par défaut pour récupérer la ressource « metadata.json » sous-jacente.\n est le chemin d'accès d'un fichier dans lequel enregistrer le contenu des ressources.\n" +help.gueststore = "%1$s : obtenez le contenu des ressources de GuestStore\nSyntaxe : %2$s %3$s \n\nSous-commandes des invités ESX uniquement :\n getcontent  : obtenez le contenu des ressources de GuestStore et enregistrez-le dans le fichier de sortie.\n\n commence par / et représente une ressource unique dans GuestStore. En cas de terminaison par /, utilise la valeur par défaut pour récupérer la ressource « metadata.json » sous-jacente.\n est le chemin d'accès d'un fichier dans lequel enregistrer le contenu des ressources.\n" -help.hint = "Pour plus d'informations, essayez '%1$s %2$s%3$s%4$s'.\n" +help.hint = "Voir '%1$s %2$s%3$s%4$s' pour plus d'informations.\n" -help.info = "%1$s : mettre à jour des informations d'invité sur l'hôte\nSyntaxe : %2$s %3$s met à jour \n\nSous-commandes :\n mettre à jour  : met à jour des informations identifiées par \n peut être 'réseau'\n" +help.info = "%1$s : mettre à jour des informations d'invité sur l'hôte\nSyntaxe : %2$s %3$s met à jour \n\nSous-commandes :\n mettre à jour  : met à jour des informations identifiées par \n peut être « réseau »\n" -help.logging = "%1$s : modifiez la journalisation de Tools\nUtilisation : %2$s %3$s level \n\nSous-commandes :\n get  : affichez les niveaux actuels\n REMARQUE : si le niveau est absent de tools.conf, sa\n valeur de configuration globale est renvoyée si présente\n set  : définissez le niveau actuel\n\n peut être n'importe quel service pris en charge, tel que vmsvc ou vmusr\n peut être l'un des suivants : erreur, critique, avertissement, info, message, débogage\n la valeur par défaut est %4$s\n" +help.logging = "%1$s : modifiez la journalisation de Tools\nSyntaxe : %2$s %3$s level \n\nSous-commandes :\n get  : affichez les niveaux actuels\n REMARQUE : si le niveau est absent de tools.conf, sa\n valeur de configuration globale est renvoyée si présente\n set  : définissez le niveau actuel\n\n peut être n'importe quel service pris en charge, tel que vmsvc ou vmusr\n peut être l'un des suivants : erreur, critique, avertissement, info, message, débogage\n la valeur par défaut est %4$s\n" -help.main = "Utilisation : %1$s [options] [subcommand]\nEntrez « %2$s %3$s  » pour obtenir de l'aide sur une commande spécifique.\nEntrez « %4$s -v » pour consulter la version de VMware Tools.\nUtilisez l'option « -q » pour supprimer la sortie stdout.\nLa plupart des commandes utilisent une sous-commande.\n\nCommandes disponibles :\n config\n device\n disk (non disponible sur tous les systèmes d'expoloitation)\n globalconf (non disponible sur tous les systèmes d'expoloitation)\n gueststore (non disponible sur tous les systèmes d'expoloitation)\n info\n logging\n script\n stat\n timesync\n upgrade (non disponible sur tous les systèmes d'expoloitation)\n" +help.main = "Syntaxe : %1$s [options] [subcommand]\nEntrez « %2$s %3$s  » pour obtenir de l'aide sur une commande spécifique.\nEntrez « %4$s -v » pour consulter la version de VMware Tools.\nUtilisez l'option « -q » pour supprimer la sortie stdout.\nLa plupart des commandes utilisent une sous-commande.\n\nCommandes disponibles :\n config\n device\n disk (non disponible sur tous les systèmes d'exploitation)\n globalconf (non disponible sur tous les systèmes d'exploitation)\n gueststore (non disponible sur tous les systèmes d'exploitation)\n info\n logging\n script\n stat\n timesync\n upgrade (non disponible sur tous les systèmes d'exploitation)\n" -help.script = "%1$s : vérifiez que les scripts s'exécutent en réponse aux opérations d'alimentation\nUtilisation : %2$s %3$s [args]\n\nSous-commandes :\n enable : activez le script donné et rétablissez la valeur par défaut de son chemin d'accès\n disable : désactivez le script donné\n set  : définissez le script donné sur le chemin d'accès donné\n default : imprimez le chemin d'accès par défaut du script donné\n current : imprimez le chemin d'accès actuel du script donné\n REMARQUE : si le chemin d'accès est absent de tools.conf, sa\n valeur de configuration globale est renvoyée si présente\n" +help.script = "%1$s : vérifiez que les scripts s'exécutent en réponse aux opérations d'alimentation\nSyntaxe : %2$s %3$s [args]\n\nSous-commandes :\n enable : activez le script donné et rétablissez la valeur par défaut de son chemin d'accès\n disable : désactivez le script donné\n set  : définissez le script donné sur le chemin d'accès donné\n default : imprimez le chemin d'accès par défaut du script donné\n current : imprimez le chemin d'accès actuel du script donné\n REMARQUE : si le chemin d'accès est absent de tools.conf, sa\n valeur de configuration globale est renvoyée si présente\n" help.stat = "%1$s : imprimez des informations utiles sur le client et l'hôte\nSyntaxe : %2$s %3$s \n\nSous-commandes :\n hosttime : imprimez l'heure de l'hôte\n speed : imprimez la vitesse du CPU en MHz\nClients ESX uniquement des sous-commandes :\n sessionid : imprimez l'ID de session actuel\n balloon : imprimez des informations sur le gonflage de mémoire\n swap : imprimez des informations sur l'échange de mémoire\n memlimit : imprimez des informations sur la limite de mémoire\n memres : imprimez des informations sur la réservation de mémoire\n cpures : imprimez des informations sur la réservation de CPU\n cpulimit : imprimez des informations sur la limite de CPU\n raw [ ] : imprimez des informations statistiques brutes\n peut être 'text', 'json', 'xml', 'yaml'.\n inclut la session, l'hôte, les ressources, vscsi et\n vnet (certaines statistiques comme vscsi sont deux mots, par exemple 'vscsi scsi0:0').\n Imprime les statistiques disponibles si les arguments et \n ne sont pas spécifiés.\n" -help.timesync = "%1$s : fonctions pour contrôler la synchronisation temporelle sur le système d'exploitation client\nSyntaxe : %2$s %3$s \n\nSous-commandes :\n enable : activez la synchronisation temporelle\n disable : désactivez la synchronisation temporelle\n status : imprimez l'état de la synchronisation temporelle\n" +help.timesync = "%1$s : fonctions pour contrôler la synchronisation temporelle sur le SE invité\nSyntaxe : %2$s %3$s \n\nSous-commandes :\n enable : activez la synchronisation temporelle\n disable : désactivez la synchronisation temporelle\n status : imprimez l'état de la synchronisation temporelle\n" help.upgrade = "%1$s : fonctions en rapport avec la mise à niveau de VMware Tools.\nSyntaxe : %2$s %3$s [args]\nSous-commandes :\n status : vérifie le statut de mise à niveau de VMware Tools.\n start : initialise une mise à niveau automatique de VMware Tools.\n\nPour que les mises à niveau fonctionnent, le service VMware Tools doit être en cours d'exécution.\n" @@ -132,7 +133,7 @@ gueststore.content_size = "Taille du contenu en octets : " gueststore.error.client_lib = "Échec de « %1$s », erreur de la bibliothèque du client GuestStore : %2$s.\n" -gueststore.progress = "\rProgression : %1$d%%" +gueststore.progress = "\\rProgression : %1$d%%" option.disabled = "Désactivé" @@ -146,35 +147,35 @@ script.notfound = "%1$s n'existe pas.\n" script.operation = "opération" -script.unknownop = "Pas de script pour l'opération %1$s.\n" +script.unknownop = "Aucun script pour l'opération %1$s.\n" -script.write.error = "Erreur lors de l'écriture des config : %1$s\n" +script.write.error = "Erreur d'écriture de la config : %1$s\n" -stat.balloon.failed = "Échec de l'obtention d'une mémoire gonflée : %1$s\n" +stat.balloon.failed = "Impossible d'obtenir la mémoire vive allouée dynamiquement : %1$s\n" -stat.cpumax.failed = "Échec de l'obtention d'une limite CPU : %1$s\n" +stat.cpumax.failed = "Impossible d'obtenir la limite du CPU : %1$s\n" -stat.cpumin.failed = "Échec de l'obtention d'un CPU minimum : %1$s\n" +stat.cpumin.failed = "Impossible d'obtenir la valeur minimale du CPU : %1$s\n" stat.formattime.failed = "Impossible de formater l'heure de l'hôte.\n" stat.get.failed = "Impossible d'obtenir la statistique : %1$s\n" -stat.getsession.failed = "Échec de l'obtention de l'ID de la session : %1$s\n" +stat.getsession.failed = "Impossible d'obtenir l'ID de session : %1$s\n" -stat.getspeed.failed = "Impossible d'obtenir la vitesse du processeur.\n" +stat.getspeed.failed = "Impossible d'obtenir la vitesse du CPU.\n" stat.gettime.failed = "Impossible d'obtenir l'heure de l'hôte.\n" -stat.maxmem.failed = "Échec de l'obtention d'une limite de mémoire : %1$s\n" +stat.maxmem.failed = "Impossible d'obtenir la limite de mémoire : %1$s\n" -stat.memres.failed = "Échec de la réservation d'une mémoire : %1$s\n" +stat.memres.failed = "Impossible d'obtenir la réservation de mémoire : %1$s\n" -stat.memswap.failed = "Échec de l'obtention d'une mémoire échangée : %1$s\n" +stat.memswap.failed = "Impossible d'obtenir la mémoire échangée : %1$s\n" -stat.openhandle.failed = "OpenHandle a échoué : %1$s\n" +stat.openhandle.failed = "Échec OpenHandle : %1$s\n" -stat.update.failed = "UpdateInfo a échoué : %1$s\n" +stat.update.failed = "Échec UpdateInfo : %1$s\n" stat.processorSpeed.info = "%1$u MHz\n" @@ -192,15 +193,15 @@ stat.cpuLimit.info = "%1$u MHz\n" upgrade.available = "Une nouvelle version de VMware Tools est disponible.\n" -upgrade.error.check_error = "Erreur lors de la vérification de la disponibilité de la mise à jour.\n" +upgrade.error.check_error = "Erreur de vérification d'une mise à niveau disponible.\n" -upgrade.error.error = "Erreur lors du démarrage de la mise à jour de VMware Tools.\n" +upgrade.error.error = "Erreur de lancement de la mise à niveau VMware Tools.\n" -upgrade.error.not_supported = "L'hôte ne prend pas en charge les mises à jour automatiques de VMware Tools.\n" +upgrade.error.not_supported = "L'hôte ne prend pas en charge la mise à niveau automatique de VMware Tools.\n" -upgrade.error.unknown_reply = "Réponse inattendue de l'hôte : %1$s\n" +upgrade.error.unknown_reply = "Réponse inattendue de l'hôte : %1$s\n" -upgrade.started = "La mise à jour a commencé.\n" +upgrade.started = "La mise à niveau a commencé.\n" -upgrade.uptodate = "Les VMware Tools sont mis à jour.\n" +upgrade.uptodate = "Les VMware Tools sont à jour.\n" diff --git a/open-vm-tools/toolbox/l10n/ja.vmsg b/open-vm-tools/toolbox/l10n/ja.vmsg index a006312c5..4409e5a15 100644 --- a/open-vm-tools/toolbox/l10n/ja.vmsg +++ b/open-vm-tools/toolbox/l10n/ja.vmsg @@ -1,5 +1,6 @@ ########################################################## -# Copyright (c) 2010-2017,2020-2022 VMware, Inc. All rights reserved. +# Copyright (c) 2010-2024 Broadcom. All Rights Reserved. +# The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. # # This program is free software; you can redistribute it and/or modify it # under the terms of the GNU Lesser General Public License as published @@ -18,13 +19,13 @@ arg.command = "コマンド" -arg.config.key = "設定キー" +arg.config.key = "構成キー" -arg.config.operation = "設定操作" +arg.config.operation = "構成操作" -arg.config.section = "セクションの設定" +arg.config.section = "セクションの構成" -arg.config.value = "設定値" +arg.config.value = "構成値" arg.devicename = "デバイス名" @@ -58,7 +59,7 @@ disk.shrink.complete = "ディスクの圧縮が完了しました。\n" disk.shrink.conflict = "エラー。ツールボックスでディスクの圧縮が有効であると判断されましたが、ホストでは無効であると判断されています。\n\n ツールボックスをいったん閉じてから開いて、ホストと同期してください。\n" -disk.shrink.disabled = "ディスクの圧縮はこの仮想マシンでは無効になっています。\n\nリンクされたクローン、リンクされたクローンの親、\n事前割り当て済みのディスク、スナップショット、またはその他の要因により、圧縮は無効になっています。\n詳細については、ユーザー マニュアルを参照してください。\n" +disk.shrink.disabled = "ディスクの圧縮はこの仮想マシンでは無効になっています。\n\nリンク クローン、リンク クローンの親、\n事前割り当て済みのディスク、スナップショット、またはその他の要因により、圧縮は無効になっています。\n詳細については、ユーザー マニュアルを参照してください。\n" disk.shrink.error = "圧縮中にエラーが発生しました: %1$s\n" @@ -70,11 +71,11 @@ disk.shrink.partition.notfound = "パーティション %1$s が見つかりま disk.shrink.partition.unsupported = "パーティション %1$s は圧縮できません\n" -disk.shrink.unavailable = "圧縮機能が使用できません。\n\n実行している VMware 製品のバージョンが古いか、開いている通信チャネルが多すぎることが原因として考えられます。\n\nVMware 製品のバージョンが古い場合は、アップグレードを検討してください。\n\n多数の通信チャネルを開いている場合は、仮想マシンをパワーオフしてから再開してください。\n" +disk.shrink.unavailable = "古いバージョンの VMware 製品を実行しているか、\n\n開いている通信チャネルの数が多すぎるため、圧縮機能を使用できません。\n\n古いバージョンの VMware 製品を実行している場合は、アップグレードを検討してください。\n\n開いている通信チャネルの数が多すぎる場合は、仮想マシンをパワーオフしてから、再度パワーオンしてください。\n" -disk.shrink.ignoreFreeSpaceWarnings = "圧縮プロセス中に表示されるディスク領域に関する警告はすべて無視してください。\n" +disk.shrink.ignoreFreeSpaceWarnings = "圧縮プロセス中に表示されるディスク容量に関する警告はすべて無視してください。\n" -disk.wipe.ignoreFreeSpaceWarnings = "ワイプ プロセス中に表示されるディスク領域に関する警告はすべて無視してください。\n" +disk.wipe.ignoreFreeSpaceWarnings = "ワイプ プロセス中に表示されるディスク容量に関する警告はすべて無視してください。\n" disk.wiper.file.error = "エラー。ワイパー ファイルを作成できません。\n" @@ -86,51 +87,51 @@ error.missing = "%1$s: %2$s が見つかりません\n" error.noadmin.posix = "%1$s: %2$s 操作を実行するには、root ユーザーである必要があります。\n" -error.noadmin.win = "%1$s: %2$s 操作を実行するには、管理者権限が必要です。\nこれらのタスクを実行するには、管理者コマンド プロンプトを使用してください。\n" +error.noadmin.win = "%1$s: %2$s 操作を実行するには、管理者権限が必要です。\nこれらのタスクを完了するには、管理者コマンド プロンプトを使用してください。\n" error.novirtual = "%1$s は仮想マシン内で実行する必要があります。\n" -error.unknown = "%1$s: 不明な %2$s '%3$s'\n" +error.unknown = "%1$s: 不明な %2$s「%3$s」\n" -help.config = "%1$s: VMware Tools の設定を変更します\n使用方法: %2$s %3$s <サブコマンド>\n\nサブコマンド: \n get <セクション> <キー>: <キー> の現在値を表示します\n 注: tools.conf に <キー> が存在しない場合は、その\n 値がグローバル設定から返されます (存在する場合)\n set <セクション> <キー> <値>: <キー> を <値> に設定します\n\n remove <セクション> <キー>: <キー> を削除します\n\n<セクション> には、logging、guestoperations、または guestinfo などのサポートされる任意のセクションを指定できます。\n<キー> には、任意の構成キーを指定できます。\n<値> には任意の値を指定できます。\n" +help.config = "%1$s: VMware Tools の構成を変更します\n使用方法: %2$s %3$s <サブコマンド>\n\nサブコマンド: \n get <セクション> <キー>: 指定された <キー> の現在値を表示します。または <セクション> のすべてのキーの値を表示します\n 注: tools.conf に <キー> が存在しない場合は、その\n 値がグローバル構成から返されます (存在する場合)\n set <セクション> <キー> <値>: <キー> を <値> に設定します\n remove <セクション> <キー>: <キー> を削除します\n\n<セクション> には、logging、guestoperations、guestinfo などのサポートされる任意のセクションを指定できます。\n<キー> には、任意の構成キーを指定できます。\n<値> には任意の値を指定できます。\n" -help.device = "%1$s: 仮想マシンのハードウェア デバイスに関連する機能\n使用方法: %2$s %3$s <サブコマンド> [引数]\ndev にはデバイス名を指定します。\n\nサブコマンド:\n enable <デバイス>: デバイス dev を有効にする\n disable <デバイス>: デバイス dev を無効にする\n list: 有効なデバイスを一覧表示\n status <デバイス>: デバイスのステータスを出力\n" +help.device = "%1$s: 仮想マシンのハードウェア デバイスに関連する機能\n使用方法: %2$s %3$s <サブコマンド> [引数]\ndev にはデバイス名を指定します。\n\nサブコマンド:\n enable <デバイス>: デバイス dev を有効にする\n disable <デバイス>: デバイス dev を無効にする\n list: 有効なデバイスを一覧表示\n status <デバイス>: デバイスのステータスを出力\n" help.disk = "%1$s: ディスク圧縮操作を実行\n使用方法: %2$s %3$s <サブコマンド> [引数]\n\nサブコマンド:\n list: 使用可能な場所を一覧表示\n shrink <場所>: 指定された場所のファイル システムをワイプおよび圧縮\n shrinkonly: すべてのディスクを圧縮\n wipe <場所>: 指定された場所のファイル システムをワイプ\n" -help.globalconf = "%1$s: GuestStore からのグローバル設定のダウンロードを管理します\n使用方法: %2$s %3$s <サブコマンド>\n\nESX ゲストのみのサブコマンド:\n enable: グローバル設定モジュールを有効にします\n disable: グローバル設定モジュールを無効にします\n refresh: GuestStore からのグローバル設定の新しいダウンロードをトリガします\n status: グローバル設定モジュールのステータスを出力します\n" +help.globalconf = "%1$s: GuestStore からのグローバル構成のダウンロードを管理します\n使用方法: %2$s %3$s <サブコマンド>\n\nESX ゲストのみのサブコマンド:\n enable: グローバル構成モジュールを有効にします\n disable: グローバル構成モジュールを無効にします\n refresh: GuestStore からのグローバル構成の新しいダウンロードをトリガします\n status: グローバル構成モジュールのステータスを出力します\n" -help.gueststore = "%1$s: GuestStore からリソース コンテンツを取得します\n使用方法: %2$s %3$s <サブコマンド>\n\nESX ゲストのみのサブコマンド:\n getcontent <リソース パス> <出力ファイル>: GuestStore からリソース コンテンツを取得し、出力ファイルに保存します。\n\n<リソース パス>は / で始まり、GuestStore 内の一意のリソースを表します。/ で終わる場合、デフォルトでは基盤となる「metadata.json」リソースを取得します。\n<出力ファイル> は、リソース コンテンツを保存するファイルのパスです。\n" +help.gueststore = "%1$s: GuestStore からリソース コンテンツを取得します\n使用方法: %2$s %3$s <サブコマンド>\n\nESX ゲストのみのサブコマンド:\n getcontent <リソース パス> <出力ファイル>: GuestStore からリソース コンテンツを取得し、出力ファイルに保存します。\n\n<リソース パス> は / で始まり、GuestStore 内の一意のリソースを表します。/ で終わる場合、デフォルトでは基盤となる「metadata.json」リソースを取得します。\n<出力ファイル> は、リソース コンテンツを保存するファイルのパスです。\n" help.hint = "詳細については、「%1$s %2$s%3$s%4$s」を参照してください。\n" help.info = "%1$s: ホストのゲスト情報を更新します\n使用方法: %2$s %3$s update <情報カテゴリ>\n\nサブコマンド:\n update <情報カテゴリ>: <情報カテゴリ> で特定される情報を更新します\n<情報カテゴリ> には「network」を指定できます\n" -help.logging = "%1$s: VMware Tools ログを変更します\n使用方法: %2$s %3$s level <サブコマンド> <サービス名> <レベル>\n\nサブコマンド:\n get <サービス名>: 現在のレベルを表示します\n 注: tools.conf にレベルが存在しない場合は、その\n 値がグローバル設定から返されます (存在する場合)\n set <サービス名> <レベル>: 現在のレベルを設定します\n\n<サービス名> は、vmsvc や vmusr などのサポートされているサービスを指定できます\n<レベル> は、エラー、重大、警告、情報、メッセージ、デバッグのいずれかを指定できます\n デフォルトは %4$s です\n" +help.logging = "%1$s: VMware Tools ログを変更します\n使用方法: %2$s %3$s level <サブコマンド> <サービス名> <レベル>\n\nサブコマンド:\n get <サービス名>: 現在のレベルを表示します\n 注: tools.conf にレベルが存在しない場合は、その\n 値がグローバル構成から返されます (存在する場合)\n set <サービス名> <レベル>: 現在のレベルを設定します\n\n<サービス名> には、vmsvc や vmusr などのサポートされているサービスを指定できます\n<レベル> には、エラー、重大、警告、情報、メッセージ、デバッグのいずれかを指定できます\n デフォルトは %4$s です\n" help.main = "使用方法: %1$s <コマンド> [オプション] [サブコマンド]\n「%2$s %3$s <コマンド>」と入力すると、そのコマンドのヘルプを表示できます。\nVMware Tools のバージョンを確認するには「%4$s -v」と入力します。\nstdout 出力を抑止するには「-q」オプションを使用します。\nほとんどのコマンドではサブコマンドも使用されます。\n\n使用可能なコマンド: \n config\n device\n disk (一部のオペレーティング システムでのみ使用可能)\n globalconf (一部のオペレーティング システムでのみ使用可能)\n gueststore (一部のオペレーティング システムでのみ使用可能)\n info\n logging\n script\n stat\n timesync\n upgrade (一部のオペレーティング システムでのみ使用可能)\n" -help.script = "%1$s: 電源操作に対応して実行されるスクリプトを制御します\n使用方法: %2$s %3$s <サブコマンド> [引数]\n\nサブコマンド:\n enable: 指定されたスクリプトを有効にして、そのパスをデフォルトに復元します\n disable: 指定されたスクリプトを無効にします\n set <フル パス>: 指定されたスクリプトを指定されたパスに設定します\n default: 指定されたスクリプトのデフォルトのパスを出力します\n current: 指定されたスクリプトの現在のパスを出力します\n 注: tools.conf にパスが存在しない場合は、その\n 値がグローバル設定から返されます (存在する場合)\n" +help.script = "%1$s: 電源操作に対応して実行されるスクリプトを制御します\n使用方法: %2$s %3$s <サブコマンド> [引数]\n\nサブコマンド:\n enable: 指定されたスクリプトを有効にして、そのパスをデフォルトに復元します\n disable: 指定されたスクリプトを無効にします\n set <フル パス>: 指定されたスクリプトを指定されたパスに設定します\n default: 指定されたスクリプトのデフォルトのパスを出力します\n current: 指定されたスクリプトの現在のパスを出力します\n 注: tools.conf にパスが存在しない場合は、その\n 値がグローバル構成から返されます (存在する場合)\n" -help.stat = "%1$s: 役に立つゲストおよびホスト情報を出力\n使用方法: %2$s %3$s <サブコマンド>\n\nサブコマンド:\n hosttime: ホスト時刻を出力\n speed: CPU 速度 (MHz) を出力\nESX ゲストのみのサブコマンド:\n sessionid: 現在のセッション ID を出力\n balloon: メモリのバルーニング情報を出力\n swap: メモリのスワップ情報を出力\n memlimit: メモリの制限情報を出力\n memres: メモリの予約情報を出力\n cpures: CPU の予約情報を出力\n cpulimit: CPU の制限情報を出力\n raw [<エンコーディング> <統計名>]: RAW 統計情報を出力\n <エンコーディング> には、「text'」、「json」、「xml」、「yaml」のいずれかを指定できます。\n <統計名> には、セッション、ホスト、リソース、vscsi および\n vnet が含まれます(vscsi などのいくつかの統計は、たとえば「vscsi scsi0:0」など、2 語になります)。\n <エンコーディング> および <統計名>\n の引数が指定されない場合、利用可能な統計が出力されます。\n" +help.stat = "%1$s: 役に立つゲストおよびホスト情報を出力\n使用方法: %2$s %3$s <サブコマンド>\n\nサブコマンド:\n hosttime: ホスト時刻を出力\n speed: CPU 速度 (MHz) を出力\nESX ゲストのみのサブコマンド:\n sessionid: 現在のセッション ID を出力\n balloon: メモリのバルーニング情報を出力\n swap: メモリのスワップ情報を出力\n memlimit: メモリの制限情報を出力\n memres: メモリの予約情報を出力\n cpures: CPU の予約情報を出力\n cpulimit: CPU の制限情報を出力\n raw [<エンコーディング> <統計名>]: RAW 統計情報を出力\n <エンコーディング> には、「text」、「json」、「xml」、「yaml」のいずれかを指定できます。\n <統計名> には、セッション、ホスト、リソース、vscsi および\n vnet が含まれます (vscsi などのいくつかの統計は、たとえば「vscsi scsi0:0」など、2 語になります)。\n <エンコーディング> および <統計名>\n の引数が指定されない場合、利用可能な統計が出力されます。\n" -help.timesync = "%1$s: ゲスト OS の時刻の同期を制御するための機能\n使用方法: %2$s %3$s <サブコマンド>\n\nサブコマンド:\n enable: 時刻の同期を有効にする\n disable: 時刻の同期を無効にする\n status: 時刻の同期の状態を出力\n" +help.timesync = "%1$s: ゲスト OS の時刻の同期を制御するための機能\n使用方法: %2$s %3$s <サブコマンド>\n\nサブコマンド:\n enable: 時刻の同期を有効にする\n disable: 時刻の同期を無効にする\n status: 時刻の同期のステータスを出力\n" -help.upgrade = "%1$s: VMware Tools のアップグレードに関連する機能。\n使用方法: %2$s %3$s <サブコマンド> [引数]\nサブコマンド:\n status: VMware Tools のアップグレード ステータスを確認\n start: VMware Tools の自動アップグレードを開始\n\nアップグレードが機能するには、VMware Tools サービスを実行している必要があります。\n" +help.upgrade = "%1$s: VMware Tools のアップグレードに関連する機能。\n使用方法: %2$s %3$s <サブコマンド> [引数]\nサブコマンド:\n status: VMware Tools のアップグレード ステータスを確認\n start: VMware Tools の自動アップグレードを開始\n\nアップグレードが機能するには、VMware Tools サービスを実行している必要があります。\n" -globalconf.refresh.failed = "globalconf モジュールが無効になっているため、'%1$s' に失敗しました。\n" +globalconf.refresh.failed = "globalconf モジュールが無効になっているため、「%1$s」に失敗しました。\n" globalconf.start_vmtools = "%1$s: %2$s サービスを開始しています。\n" -globalconf.status = "globalconf モジュールのステータスは '%1$s' です\n" +globalconf.status = "globalconf モジュールのステータスは「%1$s」です\n" globalconf.stop_vmtools = "%1$s: %2$s サービスを停止しています。\n" -globalconf.update_config = "%1$s: 設定を更新しています。\n" +globalconf.update_config = "%1$s: 構成を更新しています。\n" gueststore.content_size = "コンテンツ サイズ (バイト): " -gueststore.error.client_lib = "'%1$s' に失敗しました。GuestStore クライアント ライブラリ エラー: %2$s。\n" +gueststore.error.client_lib = "「%1$s」に失敗しました。GuestStore クライアント ライブラリ エラー: %2$s。\n" gueststore.progress = "\r進行状況: %1$d%%" @@ -138,9 +139,9 @@ option.disabled = "無効" option.enabled = "有効" -result.error.failed = "'%1$s' に失敗しました。詳細については、%2$s ログを確認してください。\n" +result.error.failed = "「%1$s」に失敗しました。詳細については、%2$s ログを確認してください。\n" -result.succeeded = "'%1$s' が正常に完了しました。\n" +result.succeeded = "「%1$s」が正常に完了しました。\n" script.notfound = "%1$s は存在しません。\n" @@ -148,7 +149,7 @@ script.operation = "操作" script.unknownop = "操作 %1$s のスクリプトがありません。\n" -script.write.error = "設定書き込みエラー: %1$s\n" +script.write.error = "構成書き込みエラー: %1$s\n" stat.balloon.failed = "バルーン メモリの取得に失敗しました: %1$s\n" @@ -162,7 +163,7 @@ stat.get.failed = "統計の取得に失敗しました: %1$s\n" stat.getsession.failed = "セッション ID の取得に失敗しました: %1$s\n" -stat.getspeed.failed = "プロセッサ速度を取得できません。\n" +stat.getspeed.failed = "プロセッサ速度を取得できません。\\n" stat.gettime.failed = "ホスト時刻を取得できません。\n" diff --git a/open-vm-tools/vgauth/cli/l10n/es.vmsg b/open-vm-tools/vgauth/cli/l10n/es.vmsg index 1bbdb03a6..b09efcc59 100644 --- a/open-vm-tools/vgauth/cli/l10n/es.vmsg +++ b/open-vm-tools/vgauth/cli/l10n/es.vmsg @@ -1,5 +1,5 @@ ########################################################## -# Copyright (c) 2011-2017,2020-2022 VMware, Inc. All rights reserved. +# Copyright (C) 2011-2017,2020 VMware, Inc. All rights reserved. # # This program is free software; you can redistribute it and/or modify it # under the terms of the GNU Lesser General Public License as published @@ -65,14 +65,14 @@ loadfile.fail = "%1$s: No se puede leer el archivo PEM '%2$s'\n" name.any = "" -removesubj.fail = "%1$s: No se pudo quitar el alias del usuario '%2$s': %3$s.\n" +removesubj.fail = "%1$s: No se ha podido eliminar el alias del usuario '%2$s': %3$s.\n" -removesubj.success = "%1$s: alias quitado\n" +removesubj.success = "%1$s: alias eliminado\n" removeoptions.file = "nombre de archivo PEM" removeoptions.subject = "Tema de SAML" -removeoptions.username = "El usuario cuyo almacén de certificados se va a eliminar de" +removeoptions.username = "El usuario cuyo almacén de certificados se está eliminando de" removeoptions.verbose = "Operación detallada" @@ -83,7 +83,7 @@ removeall.removefail = "%1$s: No se pudo eliminar el alias del usuario '%2$s', a removeall.success = "%1$s: se eliminaron todos los alias\n" removealloptions.subject = "Tema de SAML" -removealloptions.username = "El usuario cuyo almacén de certificados se va a eliminar de" +removealloptions.username = "El usuario cuyo almacén de certificados se está eliminando de" removealloptions.verbose = "Operación detallada" diff --git a/open-vm-tools/vgauth/cli/l10n/fr.vmsg b/open-vm-tools/vgauth/cli/l10n/fr.vmsg index aa8bf7a4d..6e94a35a3 100644 --- a/open-vm-tools/vgauth/cli/l10n/fr.vmsg +++ b/open-vm-tools/vgauth/cli/l10n/fr.vmsg @@ -1,5 +1,5 @@ ########################################################## -# Copyright (c) 2011-2017,2020-2022 VMware, Inc. All rights reserved. +# Copyright (C) 2011-2017,2020 VMware, Inc. All rights reserved. # # This program is free software; you can redistribute it and/or modify it # under the terms of the GNU Lesser General Public License as published @@ -16,7 +16,7 @@ # ########################################################## -addsubj.fail = "%1$s : échec de l'ajout de l'alias pour l'utilisateur '%2$s' : %3$s.\n" +addsubj.fail = "%1$s : échec de l'ajout de l'alias pour l'utilisateur « %2$s » : %3$s.\n" addsubj.success = "%1$s : alias ajouté\n" addoptions.comment = "commentaire sur le sujet" @@ -25,9 +25,9 @@ addoptions.file = "Nom de fichier PEM" addoptions.global = "Ajouter le certificat au fichier de mappage global" -addoptions.subject = "Le sujet SAML" +addoptions.subject = "Sujet SAML" -addoptions.username = "Utilisateur dont le magasin de certificats est ajouté à" +addoptions.username = "Utilisateur dont le magasin de certificats est ajouté" addoptions.verbose = "Opération en mode détaillé" @@ -44,12 +44,12 @@ cmdline.summary.comm = "commentaire" cmdline.summary.note = "Remarque : si aucun nom d'utilisateur n'est indiqué, %1$s supprime uniquement les alias mappés" list.comment = "Commentaire" -list.count = "%1$s a trouvé %2$d alias pour l'utilisateur '%3$s'\n" +list.count = "%1$s a trouvé %2$d alias pour l'utilisateur « %3$s »\n" -list.error = "%1$s : échec de la création de la liste d'alias pour l'utilisateur '%2$s' : %3$s.\n" +list.error = "%1$s : échec de la création de la liste d'alias pour l'utilisateur « %2$s » : %3$s.\n" list.subject = "Sujet" -listmapped.count = "%1$s a trouvé %2$d alias mappés\n" +listmapped.count = "%1$s a trouvé %2$d alias mappés\n" listmapped.error = "%1$s : échec de la création de la liste d'alias mappés : %2$s.\n" @@ -57,21 +57,21 @@ listmapped.subject = "Sujet" listmapped.username = "Nom d'utilisateur" -listoptions.username = "Utilisateur dont le magasin de certificats est demandé" +listoptions.username = "Utilisateur dont le magasin de certificats est interrogé" listoptions.verbose = "Opération en mode détaillé" -loadfile.fail = "%1$s : impossible de lire le fichier PEM '%2$s'\n" +loadfile.fail = "%1$s : impossible de lire le fichier PEM « %2$s »\n" name.any = "" -removesubj.fail = "%1$s : échec de la suppression de l'alias pour l'utilisateur '%2$s' : %3$s.\n" +removesubj.fail = "%1$s : échec de la suppression de l'alias pour l'utilisateur « %2$s » : %3$s.\n" removesubj.success = "%1$s : alias supprimé\n" removeoptions.file = "Nom de fichier PEM" -removeoptions.subject = "Le sujet SAML" +removeoptions.subject = "Sujet SAML" removeoptions.username = "Utilisateur pour lequel le magasin de certificats est supprimé" removeoptions.verbose = "Opération en mode détaillé" @@ -82,7 +82,7 @@ removeall.removefail = "%1$s : échec de la suppression de l'alias pour l'utili removeall.success = "%1$s : tous les alias supprimés\n" -removealloptions.subject = "Le sujet SAML" +removealloptions.subject = "Sujet SAML" removealloptions.username = "Utilisateur pour lequel le magasin de certificats est supprimé" removealloptions.verbose = "Opération en mode détaillé" diff --git a/open-vm-tools/vgauth/cli/l10n/ja.vmsg b/open-vm-tools/vgauth/cli/l10n/ja.vmsg index faa5f5e1e..d6206794c 100644 --- a/open-vm-tools/vgauth/cli/l10n/ja.vmsg +++ b/open-vm-tools/vgauth/cli/l10n/ja.vmsg @@ -1,5 +1,5 @@ ########################################################## -# Copyright (c) 2011-2017,2020-2022 VMware, Inc. All rights reserved. +# Copyright (C) 2011-2017,2020 VMware, Inc. All rights reserved. # # This program is free software; you can redistribute it and/or modify it # under the terms of the GNU Lesser General Public License as published @@ -16,7 +16,7 @@ # ########################################################## -addsubj.fail = "%1$s: ユーザー '%2$s' のエイリアスを追加できませんでした: %3$s。\n" +addsubj.fail = "%1$s: ユーザー「%2$s」のエイリアスを追加できませんでした: %3$s。\n" addsubj.success = "%1$s: エイリアスが追加されました\n" addoptions.comment = "サブジェクトのコメント" @@ -27,14 +27,14 @@ addoptions.global = "グローバル マッピング ファイルに証明書を addoptions.subject = "SAML サブジェクト" -addoptions.username = "証明書ストアが追加されているユーザー" +addoptions.username = "次の場所に証明書ストアが追加されているユーザー" addoptions.verbose = "詳細な操作" cmdline.help.appoption = "アプリケーション オプション" cmdline.help.helpoption = "ヘルプ オプション" cmdline.help.hint = "ヘルプ オプションを表示" -cmdline.help.usage = "使用方法" +cmdline.help.usage = "使用量" cmdline.parse = "コマンド ラインの解析に失敗しました" cmdline.summary.pemfile = "PEM ファイル" @@ -44,14 +44,14 @@ cmdline.summary.comm = "コメント" cmdline.summary.note = "注: ユーザー名が指定されていない場合、%1$s はマッピングされたエイリアスのみを削除します" list.comment = "コメント" -list.count = "%1$s でユーザー '%3$s' のエイリアスが %2$d 個検出されました\n" +list.count = "%1$s でユーザー「%3$s」のエイリアスが %2$d 個検出されました\n" -list.error = "%1$s: ユーザー '%2$s' のエイリアスを一覧表示できませんでした: %3$s。\n" +list.error = "%1$s: ユーザー「%2$s」のエイリアスを一覧表示できませんでした: %3$s。\n" list.subject = "サブジェクト" -listmapped.count = "%1$s でマップされた %2$d 個のエイリアスが検出されました\n" +listmapped.count = "%1$s でマッピングされた %2$d 個のエイリアスが検出されました\n" -listmapped.error = "%1$s: マップされたエイリアスを一覧表示できませんでした: %2$s。\n" +listmapped.error = "%1$s: マッピングされたエイリアスを一覧表示できませんでした: %2$s。\n" listmapped.subject = "サブジェクト" @@ -61,11 +61,11 @@ listoptions.username = "証明書ストアが照会されているユーザー" listoptions.verbose = "詳細な操作" -loadfile.fail = "%1$s: PEM ファイル '%2$s' を読み取ることができません\n" +loadfile.fail = "%1$s: PEM ファイル「%2$s」を読み取ることができません\n" -name.any = "" +name.any = "<任意>" -removesubj.fail = "%1$s: ユーザー '%2$s' のエイリアスを削除できませんでした: %3$s。\n" +removesubj.fail = "%1$s: ユーザー「%2$s」のエイリアスを削除できませんでした: %3$s。\n" removesubj.success = "%1$s: エイリアスが削除されました\n" @@ -76,9 +76,9 @@ removeoptions.username = "次の場所から証明書ストアが削除されて removeoptions.verbose = "詳細な操作" -removeall.fail = "%1$s: ユーザー '%2$s' のサブジェクト '%3$s' を削除できませんでした: %4$s。\n" +removeall.fail = "%1$s: ユーザー「%2$s」のサブジェクト「%3$s」を削除できませんでした: %4$s。\n" -removeall.removefail = "%1$s: ユーザー '%2$s' のサブジェクト '%3$s' の pemCert '%4$s' のエイリアスを削除できませんでした: %5$s。\n" +removeall.removefail = "%1$s: ユーザー「%2$s」のサブジェクト「%3$s」の pemCert「%4$s」のエイリアスを削除できませんでした: %5$s。\n" removeall.success = "%1$s: すべてのエイリアスが削除されました\n" From a7581e80b6a01c5716a23f5dc65703294be01aba Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Fri, 21 Feb 2025 05:54:27 -0800 Subject: [PATCH 336/375] Update kb and confluence links from vmware to broadcom Update kb and confluence links from vmware domain to broadcom domain --- open-vm-tools/pam/generic | 2 +- open-vm-tools/tools.conf | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/open-vm-tools/pam/generic b/open-vm-tools/pam/generic index 2e06dcb08..175489edc 100644 --- a/open-vm-tools/pam/generic +++ b/open-vm-tools/pam/generic @@ -1,5 +1,5 @@ # This is a generic pam config file for open-vm-tools -# See https://kb.vmware.com/s/article/78251 for advice to use +# See https://knowledge.broadcom.com/external/article?legacyId=78251 for advice to use # common authentication mechanisms. auth required pam_shells.so auth sufficient pam_unix.so shadow diff --git a/open-vm-tools/tools.conf b/open-vm-tools/tools.conf index 046266d7f..52d604323 100644 --- a/open-vm-tools/tools.conf +++ b/open-vm-tools/tools.conf @@ -376,7 +376,7 @@ # vss.disableAppQuiescing is Windows only. # This setting can be used to force file system quiescing on Windows systems # having problems with application quiescing. -# See https://kb.vmware.com/s/article/2146204 +# See https://knowledge.broadcom.com/external/article?legacyId=2146204 #vss.disableAppQuiescing=false # Linux: From cdeaf2961ff6921c649091202edd5407176ae2f7 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Fri, 21 Feb 2025 05:54:27 -0800 Subject: [PATCH 337/375] Collect journalctl output and limit to 1 month of data. Replace "!=" with "ne" for the $? comparison. --- open-vm-tools/scripts/common/vm-support | 38 ++++++++++++++++++------- 1 file changed, 27 insertions(+), 11 deletions(-) diff --git a/open-vm-tools/scripts/common/vm-support b/open-vm-tools/scripts/common/vm-support index 481747e18..5fb69d3b6 100644 --- a/open-vm-tools/scripts/common/vm-support +++ b/open-vm-tools/scripts/common/vm-support @@ -85,10 +85,10 @@ checkOutputDir() if [ ! -d "${OUTPUT_DIR}$dir" ]; then mkdir -p "${OUTPUT_DIR}$dir" - if [ $? != 0 ]; then + if [ $? -ne 0 ]; then banner "Could not create ${OUTPUT_DIR}$dir... " \ "Have you run out of disk space?" "Continuing" - return -1 + return 1 fi fi return 0 @@ -113,13 +113,13 @@ addfile() dir=`dirname "$file"` checkOutputDir "$dir" - if [ $? != 0 ]; then + if [ $? -ne 0 ]; then return $? fi # Ignore stdout and handle errors. cp -pRP "$file" "${OUTPUT_DIR}$dir" 2>/dev/null - if [ $? != 0 ]; then + if [ $? -ne 0 ]; then banner "Could not copy '$file' to the tar area." fi } @@ -185,6 +185,21 @@ addLogFiles() done } +# collect journalctl logs. Limit to 1 month of data to limit file size +addJournalctl() +{ + journalctlDir="/tmp/journalctl" + checkOutputDir ${journalctlDir} + if [ $? -ne 0 ]; then + return + fi + # Limit to 50000 lines per file so it is easier to view in editor + if which journalctl > /dev/null 2>&1 && which split > /dev/null 2>&1 ; then + journalctl --no-pager --since '1 month ago' 2> /dev/null | \ + split -l 50000 -d - ${OUTPUT_DIR}${journalctlDir}/journalctl.out 2> /dev/null + fi +} + # runcmd($out, $cmd): executes the command redirected to a file runcmd() @@ -194,12 +209,12 @@ runcmd() dir=`dirname "$outFileRelPath"` checkOutputDir "$dir" - if [ $? != 0 ]; then + if [ $? -ne 0 ]; then return fi "$@" > "$OUTPUT_DIR$outFileRelPath" 2>/dev/null - if [ $? != 0 ]; then + if [ $? -ne 0 ]; then echo 3 banner "Either could not run $@ or could not write to" \ "${OUTPUT_DIR}$outFileRelPath" \ @@ -246,6 +261,7 @@ stageLinux() runcmd "/tmp/free.txt" free addLogFiles + addJournalctl } @@ -277,7 +293,7 @@ cleanup() exitCode="$1" rm -rf "$OUTPUT_DIR" - if [ $? != 0 ]; then + if [ $? -ne 0 ]; then banner "$OUTPUT_DIR was not successfully removed." \ "Please remove manually." fi @@ -309,7 +325,7 @@ collectNetworkDetails() export PATH=/bin:/sbin:/usr/bin:/usr/sbin TARFILE=vm-`date +%Y-%m-%d`.$$.tar.gz -VER=0.97 +VER=0.98 # Parse args for option in $@ @@ -368,7 +384,7 @@ fi # replacing the directory after we have created it, with a directory that has # more lenient permissions. OUTPUT_DIR="`mktemp -d /tmp/vm-support.XXXXXX`" -if [ $? != 0 ]; then +if [ $? -ne 0 ]; then banner "Could not create a secure temporary directory. Exiting..." exit 1 fi @@ -427,7 +443,7 @@ banner "Creating tar archive..." # Set umask to make diagnostic information unreadable to other users to avoid # possible information leakage. (umask 0077 && tar $TAR_OPTS $TARFILE $OUTPUT_DIR) -if [ $? != 0 ]; then +if [ $? -ne 0 ]; then banner "The tar process did not successfully complete!" \ "If tar reports that a file changed while reading, please attempt " \ "to rerun this script." @@ -440,7 +456,7 @@ if [ $transfer -eq 1 ]; then banner "Transferring support data to the host..." vmware-xferlogs enc $TARFILE 2>/dev/null - if [ $? != 0 ]; then + if [ $? -ne 0 ]; then banner "Could not transfer the support data successfully: either " \ "vmware-xferlogs binary is not in the path, or you are not " \ "in a virtual machine." From 19fec7a1301abf9c2275c8ef8a06252e7dc346ef Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Fri, 21 Feb 2025 05:54:27 -0800 Subject: [PATCH 338/375] Fix function pointer definition mismatch Caught with -std=c23 option which is the default for gcc-15 Pull request: https://github.com/vmware/open-vm-tools/pull/751 Addresses issue: https://github.com/vmware/open-vm-tools/issues/750 --- open-vm-tools/AUTHORS | 2 ++ open-vm-tools/lib/lock/ul.c | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/AUTHORS b/open-vm-tools/AUTHORS index b871a0235..f8da85626 100644 --- a/open-vm-tools/AUTHORS +++ b/open-vm-tools/AUTHORS @@ -101,3 +101,5 @@ Joseph Allen Updated NetworkManager calls in suspend/resume scripts Brennan Kinney Revise settings for vmware-user.desktop - https://github.com/vmware/open-vm-tools/pull/668 +Rudy Heitbaum Fix build when compiling with -std=c23 + - https://github.com/vmware/open-vm-tools/pull/751 diff --git a/open-vm-tools/lib/lock/ul.c b/open-vm-tools/lib/lock/ul.c index d376a98af..87ffc8dc6 100644 --- a/open-vm-tools/lib/lock/ul.c +++ b/open-vm-tools/lib/lock/ul.c @@ -29,7 +29,7 @@ static Bool mxInPanic = FALSE; // track when involved in a panic static Bool mxUserCollectLockingTree = FALSE; -Bool (*MXUserTryAcquireForceFail)() = NULL; +Bool (*MXUserTryAcquireForceFail)(const char *name) = NULL; static MX_Rank (*MXUserMxCheckRank)(void) = NULL; static void (*MXUserMxLockLister)(void) = NULL; From 80421bf6a995839aac1a4adb98437161411f5ce4 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Fri, 21 Feb 2025 05:54:27 -0800 Subject: [PATCH 339/375] [componentMgr] salt-minion - update integration script to version 2024.12.05 svtminion: New release (2024.12.05) of the salt-minion integration script. o Supports the new repository locations at packages.broadcom.com. o Only supports Salt 3006 and higher with new Broadcom infrastructure. o New return code 107 (Installed but Stopped); used when the service is installed but stopped. Added to help with customer case where the service remains 'not running' due to user action. NOTE: Fixed line 31 apostrophe being an unicode homoglyph in svtminion.ps1 validated the downloaded files sha256 before that change. componentMgr: Update component manager to support the new return code 107. return code: 107 string id: INSTALLEDSTOPPED string message: Installed but Stopped. --- .../componentMgr/componentMgrInstallAction.c | 12 +- .../plugins/componentMgr/componentMgrPlugin.h | 6 +- .../plugins/componentMgr/componentMgrUtil.c | 4 +- .../plugins/componentMgr/svtminion.sh | 1157 +++++++++-------- 4 files changed, 624 insertions(+), 555 deletions(-) diff --git a/open-vm-tools/services/plugins/componentMgr/componentMgrInstallAction.c b/open-vm-tools/services/plugins/componentMgr/componentMgrInstallAction.c index ff8588844..e051f41a4 100644 --- a/open-vm-tools/services/plugins/componentMgr/componentMgrInstallAction.c +++ b/open-vm-tools/services/plugins/componentMgr/componentMgrInstallAction.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 2021-2023 VMware, Inc. All rights reserved. + * Copyright (c) 2021-2024 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -16,6 +17,7 @@ * *********************************************************/ + /* * componentMgrInstallAction.c -- * @@ -736,7 +738,8 @@ ComponentMgr_ExecuteComponentAction(int componentIndex) // IN } else if((Str_Strcmp(action, COMPONENTMGR_COMPONENTABSENT) == 0) && (components[componentIndex].status == INSTALLED || components[componentIndex].status == INSTALLFAILED || - components[componentIndex].status == REMOVEFAILED)) { + components[componentIndex].status == REMOVEFAILED || + components[componentIndex].status == INSTALLEDSTOPPED)) { installaction = ABSENT; } else { g_debug("%s: Action %s will not be executed for component %s with " @@ -1031,7 +1034,7 @@ ComponentMgrCheckExecuteComponentAction(ToolsAppCtx *ctx, // IN * Add the component to the guest only if it is NOTINSTALLED, * INSTALLFAILED or REMOVEFAILED. * Remove the component on the guest only if it is INSTALLED, - * INSTALLFAILED or REMOVEFAILED. + * INSTALLFAILED, REMOVEFAILED or INSTALLEDSTOPPED. */ if((Str_Strcmp(action, COMPONENTMGR_COMPONENTPRESENT) == 0) && (components[componentIndex].status == NOTINSTALLED || @@ -1041,7 +1044,8 @@ ComponentMgrCheckExecuteComponentAction(ToolsAppCtx *ctx, // IN } else if((Str_Strcmp(action, COMPONENTMGR_COMPONENTABSENT) == 0) && (components[componentIndex].status == INSTALLED || components[componentIndex].status == INSTALLFAILED || - components[componentIndex].status == REMOVEFAILED)) { + components[componentIndex].status == REMOVEFAILED || + components[componentIndex].status == INSTALLEDSTOPPED)) { installaction = ABSENT; } else { components[componentIndex].statuscount -= 1; diff --git a/open-vm-tools/services/plugins/componentMgr/componentMgrPlugin.h b/open-vm-tools/services/plugins/componentMgr/componentMgrPlugin.h index 2454ef450..0d5551bc7 100644 --- a/open-vm-tools/services/plugins/componentMgr/componentMgrPlugin.h +++ b/open-vm-tools/services/plugins/componentMgr/componentMgrPlugin.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 2021,2023 VMware, Inc. All rights reserved. + * Copyright (c) 2021-2024 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -202,6 +203,9 @@ typedef enum InstallStatus * is not managed (or manageable), through the * component manager plugin. */ + INSTALLEDSTOPPED, /* The component is installed on the guest OS; but + * is stopped. + */ SCRIPTFAILED = 126, /* The component script failed for some reason. */ SCRIPTTERMINATED = 130 /* The component script terminated for some reason. */ diff --git a/open-vm-tools/services/plugins/componentMgr/componentMgrUtil.c b/open-vm-tools/services/plugins/componentMgr/componentMgrUtil.c index 0828cb5c5..c291ace21 100644 --- a/open-vm-tools/services/plugins/componentMgr/componentMgrUtil.c +++ b/open-vm-tools/services/plugins/componentMgr/componentMgrUtil.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 2021,2023 VMware, Inc. All rights reserved. + * Copyright (c) 2021-2024 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -116,6 +117,7 @@ ComponentMgr_GetComponentInstallStatus(InstallStatus installStatus) // IN case INSTALLFAILED: return "INSTALLFAILED"; case REMOVEFAILED: return "REMOVEFAILED"; case UNMANAGED: return "UNMANAGED"; + case INSTALLEDSTOPPED: return "INSTALLEDSTOPPED"; case SCRIPTFAILED: return "SCRIPTFAILED"; case SCRIPTTERMINATED: return "SCRIPTTERMINATED"; } diff --git a/open-vm-tools/services/plugins/componentMgr/svtminion.sh b/open-vm-tools/services/plugins/componentMgr/svtminion.sh index 7c99a04a4..e0b6bf4fc 100644 --- a/open-vm-tools/services/plugins/componentMgr/svtminion.sh +++ b/open-vm-tools/services/plugins/componentMgr/svtminion.sh @@ -1,6 +1,6 @@ -#!/usr/bin/env bash +#!/bin/bash -# Copyright 2021-2023 VMware, Inc. +# Copyright 2021-2024 Broadcom Inc. # SPDX-License-Identifier: Apache-2 ## Salt VMware Tools Integration script @@ -19,23 +19,23 @@ set -o pipefail # using bash for now # run this script as root, as needed to run Salt -## readonly SCRIPT_VERSION='SCRIPT_VERSION_REPLACE' -readonly SCRIPT_VERSION="1.6" +readonly SCRIPT_VERSION="2024.12.05" # definitions -CURL_DOWNLOAD_RETRY_COUNT=5 - ## Repository locations and naming readonly default_salt_url_version="latest" -readonly salt_name="salt" -readonly repo_json_file="repo.json" salt_url_version="${default_salt_url_version}" -pre_3006_base_url="https://repo.saltproject.io/salt/vmware-tools-onedir" -# Release -post_3005_base_url="https://repo.saltproject.io/salt/py3/onedir" +salt_specific_version="" + +readonly salt_name="salt" base_url="" +# Broadcom infrastructure +bd_3006_base_url="https://packages.broadcom.com/artifactory/saltproject-generic/onedir" +bd_3006_chksum_base_url="https://packages.broadcom.com/artifactory/api/storage/saltproject-generic/onedir" + + # Salt file and directory locations readonly base_salt_location="/opt/saltstack" readonly salt_dir="${base_salt_location}/${salt_name}" @@ -62,15 +62,17 @@ ${list_files_systemd_to_remove} " ## /var/log/vmware-${SCRIPTNAME}-* +# some docker containers don't include 'find' - RHEL 8 equivalents readonly salt_dep_file_list="systemctl curl -sha512sum +sha256sum vmtoolsd grep awk sed cut wget +find " readonly allowed_log_file_action_names="status @@ -78,6 +80,7 @@ depend install clear remove +reconfig default " @@ -86,7 +89,7 @@ call " readonly salt_minion_service_wrapper=\ -"# Copyright 2021-2023 VMware, Inc. +"# Copyright 2021-2024 VMware, Inc. # SPDX-License-Identifier: Apache-2 [Unit] @@ -138,13 +141,14 @@ declare -a m_cfg_values ## Component Manager Installer/Script return/exit status codes # return/exit Status codes -# 100 + 0 => installed +# 100 + 0 => installed (and running) # 100 + 1 => installing # 100 + 2 => notInstalled # 100 + 3 => installFailed # 100 + 4 => removing # 100 + 5 => removeFailed # 100 + 6 => externalInstall +# 100 + 7 => installedStopped # 126 => scriptFailed # 130 => scriptTerminated declare -A STATUS_CODES_ARY @@ -155,6 +159,7 @@ STATUS_CODES_ARY[installFailed]=103 STATUS_CODES_ARY[removing]=104 STATUS_CODES_ARY[removeFailed]=105 STATUS_CODES_ARY[externalInstall]=106 +STATUS_CODES_ARY[installedStopped]=107 STATUS_CODES_ARY[scriptFailed]=126 STATUS_CODES_ARY[scriptTerminated]=130 @@ -184,6 +189,13 @@ INSTALL_PARAMS="" MINION_VERSION_FLAG=0 MINION_VERSION_PARAMS="" +RECONFIG_FLAG=0 +RECONFIG_PARAMS="" + +STOP_FLAG=0 +RESTART_FLAG=0 +UPGRADE_FLAG=0 + LOG_LEVEL_FLAG=0 LOG_LEVEL_PARAMS="" @@ -193,10 +205,6 @@ LOG_LEVEL=${LOG_LEVELS_ARY[warning]} SOURCE_FLAG=0 SOURCE_PARAMS="" -# Flag for pre_3006 and post_3005, 0 => pre_3006, 1 => post_3005 -POST_3005_FLAG=0 -POST_3005_MAJOR_VER_FLAG=0 - # helper functions @@ -209,6 +217,7 @@ _log() { "${log_dir}/vmware-${SCRIPTNAME}-${LOG_ACTION}-${logdate}.log" } +# shellcheck disable=SC2329 _display() { if [[ ${VERBOSE_FLAG} -eq 1 ]]; then echo "$1"; fi _log "$*" @@ -248,6 +257,7 @@ _debug_log() { fi } +# shellcheck disable=SC2329 _yesno() { read -r -p "Continue (y/n)?" choice case "$choice" in @@ -269,7 +279,9 @@ esac echo "usage: ${0}" echo " [-c|--clear] [-d|--depend] [-h|--help] [-i|--install]" echo " [-j|--source] [-l|--loglevel] [-m|--minionversion]" - echo " [-r|--remove] [-s|--status] [-v|--version]" + echo " [-n|--reconfig] [-q|--stop] [-p|--start]" + echo " [-r|--remove] [-s|--status] [-u|--upgrade]" + echo " [-v|--version]" echo "" echo " -c, --clear clear previous minion identifier and keys," echo " and set specified identifier if present" @@ -290,8 +302,12 @@ esac echo " silent error warning debug info" echo " default loglevel is warning" echo " -m, --minionversion install salt-minion version, default[latest]" + echo " -n, --reconfig salt-minion restarts after reading updated config" + echo " -q, --stop stop salt-minion" + echo " -p, --start start salt-minion (restarts salt-minion)" echo " -r, --remove deactivate and remove the salt-minion" echo " -s, --status return status for this script" + echo " -u, --upgrade upgrade when installing, used with --install" echo " -v, --version version of this script" echo "" echo " salt-minion VMTools integration script" @@ -310,6 +326,7 @@ esac # Results: # Exits with hard-coded value 130 # +# shellcheck disable=SC2329 _cleanup_int() { rm -rf "$WORK_DIR" @@ -323,6 +340,7 @@ _cleanup_int() { # # Cleanups any running process and areas on exit # +# shellcheck disable=SC2329 _cleanup_exit() { rm -rf "$WORK_DIR" _debug_log "$0:${FUNCNAME[0]} Deleted temp working directory $WORK_DIR" @@ -382,6 +400,94 @@ _set_log_level() { } + +# +# _get_desired_salt_version_fn +# +# Get the appropriate desirted salt version based on salt_url_version, +# latest or specified input Salt version, 3007, 3006, 3006.x, 3007.1 +# and set salt_specific_version accordinly +# +# Note: typically Salt version includes the release number in addition to +# version number or 'latest' for the most recent release +# +# for example: currently major version 3006 implies 3006.9 +# the latest version of Salt 3006.x +# +# if an unsupported version is input, for example: 3004.2 +# it will default to installing the latest version +# +# Input: +# directory contains directory list of current available +# Salt versions, 3006.x - 3007.1 +# +# Results: +# Returns with exit code +# +_get_desired_salt_version_fn() { + + if [[ "$#" -ne 1 ]]; then + _error_log "$0:${FUNCNAME[0]} error expected one parameter "\ + "specifying the location for directories containing versions Salt" + fi + + _info_log "$0:${FUNCNAME[0]} processing getting desired Salt version "\ + "'$salt_url_version' for salt-minion to install, input directory $1" + + generic_versions_tmpdir="$1" + curr_pwd=$(pwd) + cd ${generic_versions_tmpdir} || return 1 + + # something werid is happening with tail, that does not fail in test + # programs getting failures inside tail hence use bash loop + if [ "$salt_url_version" = "latest" ]; then + # shellcheck disable=SC2010,SC2012 + ## _GENERIC_PKG_VERSION=$(ls ./. | grep -v 'index.html' | sort -V -u | tail -n 1) + test_dir=$(ls ./. | grep -v 'index.html' | sort -V -u) + for idx in $test_dir + do + _GENERIC_PKG_VERSION="$idx" + done + _debug_log "$0:${FUNCNAME[0]} latest found version '${_GENERIC_PKG_VERSION}'" + + elif [ "$(echo "$salt_url_version" | grep -E '^(3006|3007)$')" != "" ]; then + # want major latest version of Salt + # shellcheck disable=SC2010,SC2012 + ## _GENERIC_PKG_VERSION=$(ls ./. | grep -v 'index.html' | sort -V -u | grep -E "$salt_url_version" | tail -n 1) + test_dir=$(ls ./. | grep -v 'index.html' | sort -V -u | grep -E "$salt_url_version") + for idx in $test_dir + do + _GENERIC_PKG_VERSION="$idx" + done + _debug_log "$0:${FUNCNAME[0]} input $salt_url_version found "\ + "version '${_GENERIC_PKG_VERSION}'" + + elif [ "$(echo "$salt_url_version" | grep -E '^([3-9][0-5]{2}[6-9](\.[0-9]*)?)')" != "" ]; then + # Minor version Salt, want specific minor version + # if old style VMTools version 3004.2-1 is used + # defaults to else and install latest + _GENERIC_PKG_VERSION="$salt_url_version" + else + # default to latest version Salt + # shellcheck disable=SC2010,SC2012 + ## _GENERIC_PKG_VERSION=$(ls ./. | grep -v 'index.html' | sort -V -u | tail -n 1) + test_dir=$(ls ./. | grep -v 'index.html' | sort -V -u) + for idx in $test_dir + do + _GENERIC_PKG_VERSION="$idx" + done + _debug_log "$0:${FUNCNAME[0]} default found version '${_GENERIC_PKG_VERSION}'" + + fi + cd ${curr_pwd} || return 1 + + # set specific version of Salt to use + salt_specific_version="${_GENERIC_PKG_VERSION}" + + return 0 +} + + # # _set_install_minion_version_fn # @@ -391,9 +497,11 @@ _set_log_level() { # Note: typically Salt version includes the release number in addition to # version number or 'latest' for the most recent release # -# for example: 3003.3-1 +# for example: 3006.8 # # Results: +# Sets salt_url_version to latest or specified input +# Salt version, 3007, 3006, 3006.x # Returns with exit code # @@ -410,6 +518,7 @@ _set_install_minion_version_fn() { salt_version=$(echo "$1" | cut -d ' ' -f 1) if [[ "latest" = "${salt_version}" ]]; then + # salt_url_version already set to default_salt_url_version _debug_log "$0:${FUNCNAME[0]} input Salt version for salt-minion to "\ "install is 'latest', leaving as default "\ "'${default_salt_url_version}' for now" @@ -426,54 +535,6 @@ _set_install_minion_version_fn() { return 0 } -# -# _set_post_3005_flags_from_version -# -# Sets the POST_3005_FLAG and POST_3005_MAJOR_VER_FLAG -# from the version currently present in salt_url_version -# -# Will also set base_url if not already defined by --source option -# -# Results: -# Returns with exit code -# -_set_post_3005_flags_from_version() { - _info_log "$0:${FUNCNAME[0]} setting POST_3005_FLAG and "\ - "POST_3005_MAJOR_VER_FLAG from Salt version '${salt_url_version}'" - - if [[ "latest" = "${salt_url_version}" ]]; then - POST_3005_FLAG=1 - POST_3005_MAJOR_VER_FLAG=1 - base_url="${post_3005_base_url}" - # done, already have url for latest & major versions - _debug_log "$0:${FUNCNAME[0]} post-3005 install, using latest "\ - "base_url '${base_url}'" - else - ver_chk=$(echo "${salt_url_version}" | cut -d '.' -f 1) - if [[ ${ver_chk} -ge 3006 ]]; then - POST_3005_FLAG=1 - ver_chk_major=$(echo "${salt_url_version}" | cut -d '.' -f 1) - ver_chk_minor=$(echo "${salt_url_version}" | cut -d '.' -f 2) - _debug_log "$0:${FUNCNAME[0]} post-3005 install, checking "\ - "for major version only '${ver_chk_major}', minor "\ - "'${ver_chk_minor}'" - if [[ "${ver_chk_major}" = "${ver_chk_minor}" ]]; then - POST_3005_MAJOR_VER_FLAG=1 - base_url="${post_3005_base_url}" - else - base_url="${post_3005_base_url}/minor" - fi - _debug_log "$0:${FUNCNAME[0]} post-3005 install, for "\ - "'${salt_url_version}' using base_url '${base_url}'" - else - # install pre-3006, use older url - base_url="${pre_3006_base_url}" - _debug_log "$0:${FUNCNAME[0]} pre-3006 install, for "\ - "'${salt_url_version}' using base_url '${base_url}'" - fi - fi -} - # # _update_minion_conf_ary @@ -629,9 +690,9 @@ _fetch_vmtools_salt_minion_conf_guestvars() { cfg_key=$(echo "${idx}" | cut -d '=' -f 1) cfg_value=$(echo "${idx}" | cut -d '=' -f 2) _update_minion_conf_ary "${cfg_key}" "${cfg_value}" || { - _error_log "$0:${FUNCNAME[0]} error updating minion configuration "\ - "array with key '${cfg_key}' and value '${cfg_value}', "\ - "retcode '$?'"; + _error_log "$0:${FUNCNAME[0]} error updating minion "\ + "configuration array with key '${cfg_key}' and value "\ + "'${cfg_value}', retcode '$?'"; } done @@ -766,7 +827,7 @@ _fetch_vmtools_salt_minion_conf() { "configuration parameters for master public signed key" echo "${m_cfg_keys[${chk_idx}]}: True" \ >> "${salt_minion_conf_file}" - mkdir -p "/etc/salt/pki/minion" + mkdir -p "${salt_conf_dir}/pki/minion" cp -f "${m_cfg_values[${chk_idx}]}" \ "${salt_master_sign_dir}/" else @@ -782,196 +843,14 @@ _fetch_vmtools_salt_minion_conf() { } -# -# _curl_download -# -# Retrieve file from specified url to specific file -# -# Results: -# Exits with 0 or error code -# - -_curl_download() { - local file_name="$1" - local file_url="$2" - local download_retry_failed=1 # assume issues - local _retn=0 - - _info_log "$0:${FUNCNAME[0]} attempting download of file '${file_name}'" - - for ((i=0; i/dev/null - cp -a "${salt_url}/${salt_name}"*_SHA512 . - _retn=$? - if [[ ${_retn} -ne 0 ]]; then - CURRENT_STATUS=${STATUS_CODES_ARY[installFailed]} - _error_log "$0:${FUNCNAME[0]} failed to find file "\ - "sha512 in specified location ${salt_url}, "\ - "error '${_retn}'" - fi + salt_pkg_name="${salt_name}-${salt_specific_version}-onedir-linux-${sys_arch}.tar.xz" + salt_url="${base_url}/${salt_specific_version}/${salt_pkg_name}" - ## shellcheck - salt_chksum_file=$(ls "${salt_name}"*_SHA512) - salt_pkg_name=$(ls "${salt_name}"*-linux-amd64.tar.gz 2>/dev/null) - if [[ -z "${salt_pkg_name}" ]]; then - # failed to find pre-3006 linux tarball, - # attempt to find post-3005 with appro. arch - sys_arch="${MACHINE_ARCH}" - salt_chksum_file=$(ls "${salt_name}"*-linux-"${sys_arch}".tar.xz.sha512) - salt_pkg_name=$(ls "${salt_name}"*-linux-"${sys_arch}".tar.xz) - fi - _debug_log "$0:${FUNCNAME[0]} successfully copied tarball from "\ - "'${salt_url}' file '${salt_pkg_name}'" - _debug_log "$0:${FUNCNAME[0]} successfully coped checksum from "\ - "'${salt_url}' file '${salt_chksum_file}'" - calc_sha512sum=$(grep "${salt_pkg_name}" \ - "${salt_chksum_file}" | sha512sum --check --status) - if [[ ${calc_sha512sum} -ne 0 ]]; then - CURRENT_STATUS=${STATUS_CODES_ARY[installFailed]} - _error_log "$0:${FUNCNAME[0]} downloaded file "\ - "'${salt_pkg_name}' failed to match checksum in file "\ - "'${salt_chksum_file}'" - fi + # assume http://, https:// or similar + wget -q -r -l1 -nd -np -A "${salt_pkg_name}" "${salt_url}" + _retn=$? + if [[ ${_retn} -ne 0 ]]; then + CURRENT_STATUS=${STATUS_CODES_ARY[installFailed]} + _error_log "$0:${FUNCNAME[0]} downloaded file "\ + "'${salt_pkg_name}' failed to download, error '${_retn}'" fi - else - # assume use curl for local or remote URI - _curl_download "${repo_json_file}" "${base_url}/${repo_json_file}" - _debug_log "$0:${FUNCNAME[0]} successfully downloaded from "\ - "'${base_url}/${repo_json_file}' into file '${repo_json_file}'" - - if [[ -f "${repo_json_file}" ]]; then - # use latest from repo.json file, (version:name:sha512) - json_version_name_sha=$(_parse_json_specd_ver "${repo_json_file}") - salt_json_version=$(\ - echo "${json_version_name_sha}" | awk -F":" '{print $1}') - salt_json_name=$(\ - echo "${json_version_name_sha}" | awk -F":" '{print $2}') - salt_json_sha512=$(\ - echo "${json_version_name_sha}" | awk -F":" '{print $3}') - _debug_log "$0:${FUNCNAME[0]} using repo.json values version "\ - "'${salt_json_version}', name '${salt_json_name}, sha512 "\ - "'${salt_json_sha512}'"/ - - salt_pkg_name="${salt_json_name}" - if [[ ${POST_3005_FLAG} -eq 1 \ - && ${POST_3005_MAJOR_VER_FLAG} -eq 1 ]]; then - salt_url="${base_url}/minor/${salt_json_version}/${salt_pkg_name}" - else - salt_url="${base_url}/${salt_json_version}/${salt_pkg_name}" - fi - _curl_download "${salt_pkg_name}" "${salt_url}" - _debug_log "$0:${FUNCNAME[0]} successfully downloaded from "\ - "'${salt_url}' into file '${salt_pkg_name}'" - salt_pkg512=$(sha512sum "${salt_pkg_name}" |awk -F" " '{print $1}') - if [[ "${salt_pkg512}" != "${salt_json_sha512}" ]]; then - CURRENT_STATUS=${STATUS_CODES_ARY[installFailed]} - _error_log "$0:${FUNCNAME[0]} downloaded file '${salt_url}' "\ - "failed to match checksum in file '${repo_json_file}'" - fi - else - # use defaults - # repo.json file is missing, look for 'latest' - # directory with onedir files and retrieve files from it - salt_url="${base_url}/${salt_url_version}" - salt_tarball="${salt_name}*-linux-*.tar.?z" - salt_tarball_SHA512="${salt_name}*_SHA512" - - # assume http://, https:// or similar - wget -q -r -l1 -nd -np -A "${salt_tarball}" "${salt_url}" - _retn=$? - if [[ ${_retn} -ne 0 ]]; then - CURRENT_STATUS=${STATUS_CODES_ARY[installFailed]} - _error_log "$0:${FUNCNAME[0]} downloaded file "\ - "'${salt_tarball}' failed to download, error '${_retn}'" - fi - wget -q -r -l1 -nd -np -A "${salt_name}*_SHA512" "${salt_url}" - _retn=$? - if [[ ${_retn} -ne 0 ]]; then - CURRENT_STATUS=${STATUS_CODES_ARY[installFailed]} - _error_log "$0:${FUNCNAME[0]} downloaded file "\ - "'${salt_tarball_SHA512}' failed to download, error '${_retn}'" + salt_pkg_metadata=$(curl "${bd_3006_chksum_base_url}/${salt_specific_version}/${salt_pkg_name}") + salt_pkg_sha=$(echo "${salt_pkg_metadata}" | grep -w "sha256" | sort | uniq) + if [[ -n "${salt_pkg_sha}" ]]; then + # have package metadata to process + salt_pkg_shakey=$(echo "${salt_pkg_sha}" | awk -F ':' '{print $1}' | awk -F '"' '{print $2}') + salt_pkg_sha256=$(echo "${salt_pkg_sha}" | awk -F ':' '{print $2}' | awk -F '"' '{print $2}') + + _debug_log "$0:${FUNCNAME[0]} found information for file "\ + "'${salt_pkg_name}', shakey '${salt_pkg_shakey}', "\ + "sha256value '${salt_pkg_sha256}'" + + if [[ "${salt_pkg_shakey}" = "sha256" ]]; then + # Found sha256 + salt_pkg_sha256_found=1 + _debug_log "$0:${FUNCNAME[0]} successfully found sha256 "\ + "information on file '${salt_pkg_name}'" + else + # sanity check for sha256 key not found + CURRENT_STATUS=${STATUS_CODES_ARY[installing]} + _warning_log "$0:${FUNCNAME[0]} failed to find sha256 "\ + "information for downloaded file '${salt_pkg_name}', "\ + "error '${salt_pkg_sha256}'" fi + fi - ## shellcheck - salt_chksum_file=$(ls "${salt_name}"*_SHA512) - salt_pkg_name=$(ls "${salt_name}"*-linux-amd64.tar.gz) - if [[ -z "${salt_pkg_name}" ]]; then - # failed to find pre-3006 linux tarball, - # attempt to find post-3005 with appro. arch - sys_arch="${MACHINE_ARCH}" - salt_chksum_file=$(ls "${salt_name}"*-linux-"${sys_arch}".tar.xz.sha512) - salt_pkg_name=$(ls "${salt_name}"*-linux-"${sys_arch}".tar.xz) - fi - _debug_log "$0:${FUNCNAME[0]} successfully downloaded tarball "\ - "from '${salt_url}' into file '${salt_pkg_name}'" - _debug_log "$0:${FUNCNAME[0]} successfully downloaded checksum "\ - "from '${salt_url}' into file '${salt_chksum_file}'" - - calc_sha512sum=$(grep "${salt_pkg_name}" \ - "${salt_chksum_file}" | sha512sum --check --status) - if [[ ${calc_sha512sum} -ne 0 ]]; then + if [[ ${salt_pkg_sha256_found} -eq 1 ]]; then + # Have sha256 information to check against + calc_sha256sum=$(sha256sum "${salt_pkg_name}" | awk -F ' ' '{print $1}') + if [[ "${calc_sha256sum}" != "${salt_pkg_sha256}" ]]; then CURRENT_STATUS=${STATUS_CODES_ARY[installFailed]} - _error_log "$0:${FUNCNAME[0]} downloaded file "\ - "'${salt_pkg_name}' failed to match checksum in file "\ - "'${salt_chksum_file}'" + _error_log "$0:${FUNCNAME[0]} generated checksum "\ + "'${calc_sha256sum}' for downloaded file '${salt_pkg_name}' "\ + "does not match that retrieved from repository '${salt_pkg_sha256}'" + else + _debug_log "$0:${FUNCNAME[0]} downloaded file "\ + "'${salt_pkg_name}' matched checksum retrieved from repository" fi fi fi - _debug_log "$0:${FUNCNAME[0]} sha512sum match was successful" - if [[ ${POST_3005_FLAG} -eq 1 ]]; then - # need to setup salt user and group if not already existing - _debug_log "$0:${FUNCNAME[0]} setup salt user and group if not "\ - "already existing" - _SALT_GROUP=salt - _SALT_USER=salt - _SALT_NAME=Salt + # need to setup salt user and group if not already existing + _debug_log "$0:${FUNCNAME[0]} setup salt user and group if not "\ + "already existing" + _SALT_GROUP=salt + _SALT_USER=salt + _SALT_NAME=Salt + # 1. create group if not existing + if getent group "${_SALT_GROUP}" 1>/dev/null; then + _debug_log "$0:${FUNCNAME[0]} already group salt, assume user "\ + "and group setup for Salt" + else + _debug_log "$0:${FUNCNAME[0]} setup group and user salt" + # create user to avoid running server as root # 1. create group if not existing - if getent group "${_SALT_GROUP}" 1>/dev/null; then - _debug_log "$0:${FUNCNAME[0]} already group salt, assume user "\ - "and group setup for Salt" - else - _debug_log "$0:${FUNCNAME[0]} setup group and user salt" - # create user to avoid running server as root - # 1. create group if not existing - groupadd --system "${_SALT_GROUP}" 2>/dev/null - # 2. create homedir if not existing - if [[ ! -d "${salt_dir}" ]]; then - mkdir -p "${salt_dir}" - fi - # 3. create user if not existing - if ! getent passwd | grep -q "^${_SALT_USER}:"; then - useradd --system --no-create-home -s /sbin/nologin -g \ - "${_SALT_GROUP}" "${_SALT_USER}" 2>/dev/null - fi - # 4. adjust passwd entry - usermod -c "${_SALT_NAME}" -d "${salt_dir}" -g "${_SALT_GROUP}" \ - "${_SALT_USER}" 2>/dev/null + groupadd --system "${_SALT_GROUP}" 2>/dev/null + # 2. create homedir if not existing + if [[ ! -d "${salt_dir}" ]]; then + mkdir -p "${salt_dir}" fi - tar xf "${salt_pkg_name}" -C "${base_salt_location}" 1>/dev/null - # 5. adjust file and directory permissions - chown -R "${_SALT_USER}":"${_SALT_GROUP}" "${salt_dir}" - else - tar xf "${salt_pkg_name}" -C "${base_salt_location}" 1>/dev/null + # 3. create user if not existing + if ! getent passwd | grep -q "^${_SALT_USER}:"; then + useradd --system --no-create-home -s /sbin/nologin -g \ + "${_SALT_GROUP}" "${_SALT_USER}" 2>/dev/null + fi + # 4. adjust passwd entry + usermod -c "${_SALT_NAME}" -d "${salt_dir}" -g "${_SALT_GROUP}" \ + "${_SALT_USER}" 2>/dev/null fi + tar xf "${salt_pkg_name}" -C "${base_salt_location}" 1>/dev/null + # 5. adjust file and directory permissions + chown -R "${_SALT_USER}":"${_SALT_GROUP}" "${salt_dir}" _retn=$? if [[ ${_retn} -ne 0 ]]; then CURRENT_STATUS=${STATUS_CODES_ARY[installFailed]} @@ -1359,8 +1099,8 @@ _check_multiple_script_running() { # for example: install salt-minion from rpm or deb package # # Results: -# 0 - No standard install found and empty string output -# !0 - Standard install found and Salt version found output +# 0 - No standard classic install found and empty string output +# !0 - Standard classic install found and Salt version found output # _check_classic_minion_install() { @@ -1376,7 +1116,8 @@ _check_classic_minion_install() { /usr/bin/salt-call /usr/local/bin/salt-call " - _info_log "$0:${FUNCNAME[0]} check if standard salt-minion installed" + _info_log "$0:${FUNCNAME[0]} check if standard classic "\ + "salt-minion installed" for idx in ${list_of_files_check} do @@ -1394,8 +1135,8 @@ _check_classic_minion_install() { # get salt-version local s_ver="" s_ver=$("${idx}" --local test.version |grep -v 'local:' |xargs) - _debug_log "$0:${FUNCNAME[0]} found standard salt-minion, "\ - "Salt version: '${s_ver}'" + _debug_log "$0:${FUNCNAME[0]} found standard classic "\ + "salt-minion, Salt version: '${s_ver}'" echo "${s_ver}" _retn=1 break @@ -1580,13 +1321,14 @@ _create_pre_3006_helper_scripts() { # # discover and return the current status # -# 0 => installed +# 0 => installed (and running) # 1 => installing # 2 => notInstalled # 3 => installFailed # 4 => removing # 5 => removeFailed # 6 => externalInstall +# 7 => installedStopped # 126 => scriptFailed # # Side Effects: @@ -1609,12 +1351,12 @@ _status_fn() { found_salt_ver=$(_check_classic_minion_install) if [[ -n "${found_salt_ver}" ]]; then _debug_log "$0:${FUNCNAME[0]}" \ - "existing Standard Salt Installation detected, "\ + "existing Standard Classic Salt Installation detected, "\ "Salt version: '${found_salt_ver}'" CURRENT_STATUS=${STATUS_CODES_ARY[externalInstall]} _retn_status=${STATUS_CODES_ARY[externalInstall]} else - _debug_log "$0:${FUNCNAME[0]} no standardized install found" + _debug_log "$0:${FUNCNAME[0]} no standardized classic install found" install_onedir_chk=$(_check_onedir_minion_install) if [[ ${install_onedir_chk} -eq 2 ]]; then @@ -1623,11 +1365,11 @@ _status_fn() { svpid=$(_find_salt_pid) if [[ ${install_onedir_chk} -eq 0 && -z ${svpid} ]]; then - # check not installed and no process id + # not installed and no process id CURRENT_STATUS=${STATUS_CODES_ARY[notInstalled]} _retn_status=${STATUS_CODES_ARY[notInstalled]} elif [[ ${install_onedir_chk} -ne 0 ]]; then - # check installed + # installed, check for pid CURRENT_STATUS=${STATUS_CODES_ARY[installed]} _retn_status=${STATUS_CODES_ARY[installed]} # normal case but double-check @@ -1635,23 +1377,197 @@ _status_fn() { if [[ -z ${svpid} ]]; then # Note: someone could have stopped the salt-minion, # so installed but not running, - # status codes don't allow for that case - CURRENT_STATUS=${STATUS_CODES_ARY[installFailed]} - _retn_status=${STATUS_CODES_ARY[installFailed]} + CURRENT_STATUS=${STATUS_CODES_ARY[installedStopped]} + _retn_status=${STATUS_CODES_ARY[installedStopped]} + else + # have running pid for salt-minion + CURRENT_STATUS=${STATUS_CODES_ARY[installed]} + _retn_status=${STATUS_CODES_ARY[installed]} fi elif [[ -z ${svpid} ]]; then - # check no process id and main directory still left, =>removeFailed + # check no process id and + # main directory still left, =>installedStopped if [[ ${install_onedir_chk} -ne 0 ]]; then - CURRENT_STATUS=${STATUS_CODES_ARY[removeFailed]} - _retn_status=${STATUS_CODES_ARY[removeFailed]} + CURRENT_STATUS=${STATUS_CODES_ARY[installedStopped]} + _retn_status=${STATUS_CODES_ARY[installedStopped]} + fi + fi + fi + + return ${_retn_status} +} + + +# +# _stop_fn +# +# stop the salt-minion if running and return the current status +# +# 0 => installed (and running) +# 1 => installing +# 2 => notInstalled +# 3 => installFailed +# 4 => removing +# 5 => removeFailed +# 6 => externalInstall +# 7 => installedStopped +# 126 => scriptFailed +# +# Side Effects: +# CURRENT_STATUS updated +# +# Results: +# Exits numerical status +# + +_stop_fn() { + # return status + local _retn_status=${STATUS_CODES_ARY[notInstalled]} + local install_onedir_chk=0 + local found_salt_ver="" + local systemctl_issue=0 + + _info_log "$0:${FUNCNAME[0]} checking status for script" + + _check_multiple_script_running + + found_salt_ver=$(_check_classic_minion_install) + if [[ -n "${found_salt_ver}" ]]; then + _debug_log "$0:${FUNCNAME[0]}" \ + "existing Standard Classic Salt Installation detected, "\ + "Salt version: '${found_salt_ver}'" + CURRENT_STATUS=${STATUS_CODES_ARY[externalInstall]} + _retn_status=${STATUS_CODES_ARY[externalInstall]} + else + _debug_log "$0:${FUNCNAME[0]} no standardized classic install found" + + install_onedir_chk=$(_check_onedir_minion_install) + if [[ ${install_onedir_chk} -eq 2 ]]; then + POST_3005_FLAG=1 # ensure note 3006 and above + fi + + if [[ ${install_onedir_chk} -eq 0 ]]; then + # not installed + CURRENT_STATUS=${STATUS_CODES_ARY[notInstalled]} + _retn_status=${STATUS_CODES_ARY[notInstalled]} + elif [[ ${install_onedir_chk} -ne 0 ]]; then + # installed, check for pid + CURRENT_STATUS=${STATUS_CODES_ARY[installed]} + _retn_status=${STATUS_CODES_ARY[installed]} + svpid=$(_find_salt_pid) + if [[ -z ${svpid} ]]; then + # Note: someone could have stopped the salt-minion, + # so installed but not running, + CURRENT_STATUS=${STATUS_CODES_ARY[installedStopped]} + _retn_status=${STATUS_CODES_ARY[installedStopped]} + else + # have pid for salt-minion, need to stop + systemctl stop salt-minion || { + _warning_log "$0:${FUNCNAME[0]} stopping existing Salt "\ + "functionality salt-minion encountered difficulties "\ + "using systemctl, retcode '$?'"; + systemctl_issue=1; + } + if [[ "${systemctl_issue}" -eq 0 ]]; then + CURRENT_STATUS=${STATUS_CODES_ARY[installedStopped]} + _retn_status=${STATUS_CODES_ARY[installedStopped]} + else + CURRENT_STATUS=${STATUS_CODES_ARY[installedStopped]} + _retn_status=${STATUS_CODES_ARY[installedStopped]} + _error_log "$0:${FUNCNAME[0]} stopping existing Salt "\ + "functionality salt-minion encountered difficulties "\ + "using systemctl, run 'systemctl status salt-minion'"\ + "to resolve issue'"; + fi fi fi fi + _debug_log "$0:${FUNCNAME[0]} stop returning '${_retn_status}'" return ${_retn_status} } +# +# _restart_fn +# +# restart the salt-minion if not running and return the current status +# +# 0 => installed (and running) +# 1 => installing +# 2 => notInstalled +# 3 => installFailed +# 4 => removing +# 5 => removeFailed +# 6 => externalInstall +# 7 => installedStopped +# 126 => scriptFailed +# +# Side Effects: +# CURRENT_STATUS updated +# +# Results: +# Exits numerical status +# + +_restart_fn() { + + # return status + local _retn_status=${STATUS_CODES_ARY[notInstalled]} + local install_onedir_chk=0 + local found_salt_ver="" + local systemctl_issue=0 + + _info_log "$0:${FUNCNAME[0]} checking status for script" + + _check_multiple_script_running + + found_salt_ver=$(_check_classic_minion_install) + if [[ -n "${found_salt_ver}" ]]; then + _debug_log "$0:${FUNCNAME[0]}" \ + "existing Standard Classic Salt Installation detected, "\ + "Salt version: '${found_salt_ver}'" + CURRENT_STATUS=${STATUS_CODES_ARY[externalInstall]} + _retn_status=${STATUS_CODES_ARY[externalInstall]} + else + _debug_log "$0:${FUNCNAME[0]} no standardized classic install found" + + install_onedir_chk=$(_check_onedir_minion_install) + if [[ ${install_onedir_chk} -eq 2 ]]; then + POST_3005_FLAG=1 # ensure note 3006 and above + fi + + if [[ ${install_onedir_chk} -eq 0 ]]; then + # not installed + CURRENT_STATUS=${STATUS_CODES_ARY[notInstalled]} + _retn_status=${STATUS_CODES_ARY[notInstalled]} + elif [[ ${install_onedir_chk} -ne 0 ]]; then + # installed, check running + systemctl restart salt-minion || { + _warning_log "$0:${FUNCNAME[0]} restarting existing Salt "\ + "functionality salt-minion encountered difficulties "\ + "using systemctl, retcode '$?'"; + systemctl_issue=1; + } + if [[ "${systemctl_issue}" -eq 0 ]]; then + CURRENT_STATUS=${STATUS_CODES_ARY[installed]} + _retn_status=${STATUS_CODES_ARY[installed]} + else + CURRENT_STATUS=${STATUS_CODES_ARY[installed]} + _retn_status=${STATUS_CODES_ARY[installed]} + _error_log "$0:${FUNCNAME[0]} restarting existing Salt "\ + "functionality salt-minion encountered difficulties "\ + "using systemctl, run 'systemctl status salt-minion'"\ + "to resolve issue'"; + fi + fi + fi + _debug_log "$0:${FUNCNAME[0]} restart returning '${_retn_status}'" + return ${_retn_status} +} + + + # # _deps_chk_fn # @@ -1723,6 +1639,78 @@ _find_system_lib_path () { } +# +# _reconfig_fn +# +# Executes scripts to stop the salt-minion, if active +# Re-read the configuration +# Restart the salt-minion, if it had been active +# +# Results: +# Exits with 0 or error code +# +_reconfig_fn () { + local _retn=0 + local minion_was_active="" + + _info_log "$0:${FUNCNAME[0]} processing script install" + + _check_multiple_script_running + + found_salt_ver=$(_check_classic_minion_install) + if [[ -n "${found_salt_ver}" ]]; then + _warning_log "$0:${FUNCNAME[0]} failed to install, "\ + "existing Standard Classic Salt Installation detected, "\ + "Salt version: '${found_salt_ver}'" + CURRENT_STATUS=${STATUS_CODES_ARY[externalInstall]} + exit ${STATUS_CODES_ARY[externalInstall]} + else + _debug_log "$0:${FUNCNAME[0]} no standardized classic install found" + fi + + minion_was_active=$(systemctl is-active salt-minion) || { + _error_log "$0:${FUNCNAME[0]} checking running existing salt-minion "\ + "encountered difficulties using systemctl, retcode '$?'"; + } + + # get configuration for salt-minion + _fetch_vmtools_salt_minion_conf "$@" || { + _error_log "$0:${FUNCNAME[0]} failed, read configuration for "\ + "salt-minion, retcode '$?'"; + } + + # ensure minion id or fqdn for salt-minion + _ensure_id_or_fqdn + + cd "${CURRDIR}" || return $? + + # restart the salt-minion using systemd if it was active at the start + systemctl daemon-reload || { + _error_log "$0:${FUNCNAME[0]} reloading the systemd daemon "\ + "failed , retcode '$?'"; + } + _debug_log "$0:${FUNCNAME[0]} successfully executed systemctl "\ + "daemon-reload" + if [[ "${minion_was_active}" = "active" ]]; then + local name_service="salt-minion.service" + systemctl restart "${name_service}" || { + _error_log "$0:${FUNCNAME[0]} restarting the salt-minion using "\ + "systemctl failed , retcode '$?'"; + } + _debug_log "$0:${FUNCNAME[0]} successfully executed systemctl "\ + "restart '${name_service}'" + systemctl enable "${name_service}" || { + _error_log "$0:${FUNCNAME[0]} enabling the salt-minion using "\ + "systemctl failed , retcode '$?'"; + } + _debug_log "$0:${FUNCNAME[0]} successfully executed systemctl "\ + "enable '${name_service}'" + fi + return ${_retn} +} + + + # # _install_fn # @@ -1734,6 +1722,7 @@ _find_system_lib_path () { # _install_fn () { + # execute install of Salt minion local _retn=0 local existing_chk="" @@ -1747,12 +1736,12 @@ _install_fn () { found_salt_ver=$(_check_classic_minion_install) if [[ -n "${found_salt_ver}" ]]; then _warning_log "$0:${FUNCNAME[0]} failed to install, "\ - "existing Standard Salt Installation detected, "\ + "existing Standard Classic Salt Installation detected, "\ "Salt version: '${found_salt_ver}'" CURRENT_STATUS=${STATUS_CODES_ARY[externalInstall]} exit ${STATUS_CODES_ARY[externalInstall]} else - _debug_log "$0:${FUNCNAME[0]} no standardized install found" + _debug_log "$0:${FUNCNAME[0]} no standardized Classic install found" fi # check if salt-minion or salt-master (salt-cloud etc req master) @@ -1763,9 +1752,17 @@ _install_fn () { do local salt_fn="" salt_fn="$(basename "${idx}")" - _warning_log "$0:${FUNCNAME[0]} existing Salt functionality "\ - "${salt_fn} shall be stopped and replaced when new "\ - "salt-minion is installed" + if [ "${UPGRADE_FLAG}" -eq 0 ]; then + # performing a clean install + _warning_log "$0:${FUNCNAME[0]} existing Salt functionality "\ + "${salt_fn} shall be stopped and replaced when new "\ + "salt-minion is installed" + else + # performing an upgrade, note in logs + _warning_log "$0:${FUNCNAME[0]} existing Salt functionality "\ + "${salt_fn} shall be stopped and upgraded when new "\ + "salt-minion is installed" + fi done fi @@ -1776,10 +1773,17 @@ _install_fn () { } # get configuration for salt-minion - _fetch_vmtools_salt_minion_conf "$@" || { - _error_log "$0:${FUNCNAME[0]} failed, read configuration for "\ - "salt-minion, retcode '$?'"; - } + if [ "${UPGRADE_FLAG}" -eq 0 ]; then + # performing a clean install + _fetch_vmtools_salt_minion_conf "$@" || { + _error_log "$0:${FUNCNAME[0]} failed, read configuration for "\ + "salt-minion, retcode '$?'"; + } + else + # performing an upgrade, note in logs, and leave config alone + _debug_log "$0:${FUNCNAME[0]} performing upgrade, using existing "\ + "read configuration for salt-minion"; + fi if [[ ${_retn} -eq 0 && -f "${onedir_pre_3006_location}" ]]; then # create helper scripts for /usr/bin to ensure they are present @@ -2002,7 +2006,7 @@ _generate_minion_id () { # re-generates new identifier, allows for a VM containing a salt-minion, # to be cloned and not have conflicting id and keys # salt-minion is stopped, id and keys cleared, and restarted -# if it was previously running +# if it was previously running, and not an upgrade # # Input: # Optional specified input ID to be used, default generate randomized value @@ -2058,25 +2062,34 @@ _clear_id_key_fn () { salt_minion_pre_active_flag=1 fi - rm -fR "${salt_conf_dir}/minion_id" - rm -fR "${salt_conf_dir}/pki/${salt_minion_conf_name}" - # always comment out what was there - sed -i 's/^id/# id/g' "${salt_minion_conf_file}" - _debug_log "$0:${FUNCNAME[0]} removed '${salt_conf_dir}/minion_id' "\ - "and '${salt_conf_dir}/pki/${salt_minion_conf_name}', and "\ - "commented out id in '${salt_minion_conf_file}'" + if [ "${UPGRADE_FLAG}" -eq 0 ]; then + # perform a clean install and generate new keys and minion id + rm -fR "${salt_conf_dir}/minion_id" + rm -fR "${salt_conf_dir}/pki/${salt_minion_conf_name}" + # always comment out what was there + sed -i 's/^id/# id/g' "${salt_minion_conf_file}" + _debug_log "$0:${FUNCNAME[0]} removed '${salt_conf_dir}/minion_id' "\ + "and '${salt_conf_dir}/pki/${salt_minion_conf_name}', and "\ + "commented out id in '${salt_minion_conf_file}'" + + if [[ -z "${minion_ip_id}" ]] ;then + minion_id=$(_generate_minion_id) + else + minion_id="${minion_ip_id}" + fi - if [[ -z "${minion_ip_id}" ]] ;then - minion_id=$(_generate_minion_id) + # add new minion id to bottom of minion configuration file + echo "id: ${minion_id}" >> "${salt_minion_conf_file}" + _debug_log "$0:${FUNCNAME[0]} updated salt-minion identifier "\ + "'${minion_id}' in configuration file '${salt_minion_conf_file}'" else + # performing an upgrade, log info minion_id="${minion_ip_id}" + _debug_log "$0:${FUNCNAME[0]} maintaining salt-minion identifier "\ + "'${minion_id}' and keys in configuration file "\ + "'${salt_minion_conf_file}' since performing upgrade" fi - # add new minion id to bottom of minion configuration file - echo "id: ${minion_id}" >> "${salt_minion_conf_file}" - _debug_log "$0:${FUNCNAME[0]} updated salt-minion identifier "\ - "'${minion_id}' in configuration file '${salt_minion_conf_file}'" - if [[ ${salt_minion_pre_active_flag} -eq 1 ]]; then # restart the stopped salt-minion using systemd systemctl restart salt-minion || { @@ -2097,11 +2110,15 @@ _clear_id_key_fn () { # # Removes all Salt files and directories that may be used # +# Note: +# funciton only call when performing an uninstall +# # Results: # Exits with 0 or error code # _remove_installed_files_dirs() { + # performing an uninstall _debug_log "$0:${FUNCNAME[0]} removing directories and files "\ "in '${list_file_dirs_to_remove}'" for idx in ${list_file_dirs_to_remove} @@ -2141,12 +2158,12 @@ _uninstall_fn () { found_salt_ver=$(_check_classic_minion_install) if [[ -n "${found_salt_ver}" ]]; then _warning_log "$0:${FUNCNAME[0]} failed to install, "\ - "existing Standard Salt Installation detected, "\ + "existing Standard Classic Salt Installation detected, "\ "Salt version: '${found_salt_ver}'" CURRENT_STATUS=${STATUS_CODES_ARY[externalInstall]} exit ${STATUS_CODES_ARY[externalInstall]} else - _debug_log "$0:${FUNCNAME[0]} no standardized install found" + _debug_log "$0:${FUNCNAME[0]} no standardized classic install found" fi install_onedir_chk=$(_check_onedir_minion_install) @@ -2349,6 +2366,19 @@ while true; do shift; MINION_VERSION_PARAMS="$*"; ;; + -n | --reconfig ) + RECONFIG_FLAG=1; + shift; + RECONFIG_PARAMS="$*"; + ;; + -q | --stop ) + STOP_FLAG=1; + shift; + ;; + -p | --start ) + RESTART_FLAG=1; + shift; + ;; -r | --remove ) UNINSTALL_FLAG=1; shift; @@ -2361,6 +2391,11 @@ while true; do VERSION_FLAG=1; shift; ;; + -u | --upgrade ) + UPGRADE_FLAG=1; + shift; + ;; + -- ) shift; break; @@ -2413,6 +2448,11 @@ if [[ ${MINION_VERSION_FLAG} -eq 1 ]]; then _set_install_minion_version_fn "${MINION_VERSION_PARAMS}" retn=$? fi +if [[ ${UPGRADE_FLAG} -eq 1 ]]; then + CLI_ACTION=1 + # ensure this is processed before install + retn=$? +fi if [[ ${INSTALL_FLAG} -eq 1 ]]; then CLI_ACTION=1 LOG_ACTION="install" @@ -2436,6 +2476,24 @@ if [[ ${VERSION_FLAG} -eq 1 ]]; then echo "${SCRIPT_VERSION}" retn=0 fi +if [[ ${RECONFIG_FLAG} -eq 1 ]]; then + CLI_ACTION=1 + LOG_ACTION="reconfig" + _reconfig_fn "${RECONFIG_PARAMS}" + retn=$? +fi +if [[ ${STOP_FLAG} -eq 1 ]]; then + CLI_ACTION=1 + LOG_ACTION="default" + _stop_fn + retn=$? +fi +if [[ ${RESTART_FLAG} -eq 1 ]]; then + CLI_ACTION=1 + LOG_ACTION="default" + _restart_fn + retn=$? +fi if [[ ${CLI_ACTION} -eq 0 ]]; then # check if guest variables have an action since none from CLI @@ -2468,6 +2526,7 @@ if [[ ${CLI_ACTION} -eq 0 ]]; then _status_fn retn=$? ;; + # TBD what will VM TOOLS do for reconfig, upgrade, stop and start ? *) ;; esac From e336623005c9907122bd0df701d28c04db7df6e0 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Fri, 21 Feb 2025 06:36:35 -0800 Subject: [PATCH 340/375] Update ChangeLog with the granular push of Feb 21, 2025. - plus ChangeLog update of Jan 08, 2025. --- open-vm-tools/ChangeLog | 66 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 66 insertions(+) diff --git a/open-vm-tools/ChangeLog b/open-vm-tools/ChangeLog index 02b3e5bdf..67b08a2d5 100644 --- a/open-vm-tools/ChangeLog +++ b/open-vm-tools/ChangeLog @@ -1,3 +1,69 @@ +commit 80421bf6a995839aac1a4adb98437161411f5ce4 +Author: Kruti Pendharkar +Date: Fri Feb 21 05:54:27 2025 -0800 + + [componentMgr] salt-minion - update integration script to version 2024.12.05 + + svtminion: + New release (2024.12.05) of the salt-minion integration script. + o Supports the new repository locations at packages.broadcom.com. + o Only supports Salt 3006 and higher with new Broadcom infrastructure. + o New return code 107 (Installed but Stopped); used when the service is + installed but stopped. Added to help with customer case where the service + remains 'not running' due to user action. + NOTE: Fixed line 31 apostrophe being an unicode homoglyph in svtminion.ps1 + validated the downloaded files sha256 before that change. + + componentMgr: + Update component manager to support the new return code 107. + return code: 107 + string id: INSTALLEDSTOPPED + string message: Installed but Stopped. + +commit 19fec7a1301abf9c2275c8ef8a06252e7dc346ef +Author: Kruti Pendharkar +Date: Fri Feb 21 05:54:27 2025 -0800 + + Fix function pointer definition mismatch + + Caught with -std=c23 option which is the default for gcc-15 + + Pull request: https://github.com/vmware/open-vm-tools/pull/751 + Addresses issue: https://github.com/vmware/open-vm-tools/issues/750 + +commit cdeaf2961ff6921c649091202edd5407176ae2f7 +Author: Kruti Pendharkar +Date: Fri Feb 21 05:54:27 2025 -0800 + + Collect journalctl output and limit to 1 month of data. + Replace "!=" with "ne" for the $? comparison. + +commit a7581e80b6a01c5716a23f5dc65703294be01aba +Author: Kruti Pendharkar +Date: Fri Feb 21 05:54:27 2025 -0800 + + Update kb and confluence links from vmware to broadcom + + Update kb and confluence links from vmware domain to broadcom + domain + +commit 8e4eb3fb772f6600712478f3d375b8fb03651770 +Author: Kruti Pendharkar +Date: Fri Feb 21 05:54:27 2025 -0800 + + open-vm-tools l10n message updates + +commit e0a12a75116600f6708ef66f80ccc0ebbdab13ac +Author: Kruti Pendharkar +Date: Wed Jan 8 07:32:51 2025 -0800 + + ==================================================================== + The "stable-13.0.x" branch was created from the "devel" branch here. + ==================================================================== + + Update ChangeLog with the granular push of Jan 07, 2025. + - plus ChangeLog update of Sep 24, 2024. + commit 1f8f4a01b89394c8e42c49fa4e2aafa6587bf20b Author: Kruti Pendharkar Date: Tue Jan 7 22:05:53 2025 -0800 From 1fbe46b675e7f85a525df2af4cb7f2a43043f9a5 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 25 Feb 2025 01:29:11 -0800 Subject: [PATCH 341/375] Fix copyright years. --- open-vm-tools/lib/include/vm_assert.h | 3 ++- open-vm-tools/services/vmtoolsd/l10n/es.vmsg | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/open-vm-tools/lib/include/vm_assert.h b/open-vm-tools/lib/include/vm_assert.h index 54446d1d4..ecaabe39d 100644 --- a/open-vm-tools/lib/include/vm_assert.h +++ b/open-vm-tools/lib/include/vm_assert.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 1998-2022 VMware, Inc. All rights reserved. + * Copyright (c) 1998-2024 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published diff --git a/open-vm-tools/services/vmtoolsd/l10n/es.vmsg b/open-vm-tools/services/vmtoolsd/l10n/es.vmsg index bac293cec..b13cf2b8b 100644 --- a/open-vm-tools/services/vmtoolsd/l10n/es.vmsg +++ b/open-vm-tools/services/vmtoolsd/l10n/es.vmsg @@ -1,5 +1,6 @@ ########################################################## -# Copyright (C) 2010, 2020-2021 VMware, Inc. All rights reserved. +# Copyright (c) 2020-2024 Broadcom. All Rights Reserved. +# The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. # # This program is free software; you can redistribute it and/or modify it # under the terms of the GNU Lesser General Public License as published From cd4c71ad389406ad5d20d5de66aabaea13ab610f Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 25 Feb 2025 01:29:11 -0800 Subject: [PATCH 342/375] Fix the assembler warning The Warning "found movsd; assuming movsl was meant" was noticed while building open-vm-tools with gcc 12.2.0 (on Debian 12.2.0-14). It was because of the change https://sourceware.org/bugzilla/show_bug.cgi?id=29525 made to the GNU assembler code (GNU Binutils for Debian) 2.39.90.20221231. Replace the instruction "movsd" with "movsl" to avoid this warning. --- open-vm-tools/lib/misc/utilMem.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/open-vm-tools/lib/misc/utilMem.c b/open-vm-tools/lib/misc/utilMem.c index 56846fe73..307c6edfb 100644 --- a/open-vm-tools/lib/misc/utilMem.c +++ b/open-vm-tools/lib/misc/utilMem.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 2009-2019 VMware, Inc. All rights reserved. + * Copyright (c) 2009-2025 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -431,7 +432,7 @@ Util_Memcpy(void *dest, // OUT: } else if ((align & 3) == 0) { __asm__ __volatile__("\t" "cld" "\n\t" - "rep ; movsd" "\n" + "rep ; movsl" "\n" : "=c" (dummy0), "=D" (dummy1), "=S" (dummy2) : "0" (count >> 2), "1" (dest), "2" (src) : "memory", "cc" From 4c58276668b6a6b608f99203204e315bbf040f53 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 25 Feb 2025 01:29:11 -0800 Subject: [PATCH 343/375] Fix a couple of memory leaks in drag-and-drop/copy-paste code: * `CopyPasteRpcV3::HandleMsg` calls `CPClipboard_Unserialize` which allocates memory to the supplied `Clipboard` structure, but it neglected to call `CPClipboard_Destroy` to free it when done. Also update the documentation for `CPClipboard_Unserialize` to make the contract more explicit. * `DnD_SetCPClipboardFromLocalText` completely neglected to free its destination buffer. Bonus cleanup: * Make some pointers `const` (which also allows us to remove some casts). * Replace a call to `UNICODE_RELEASE_UTF16` with `free` since the memory was allocated by lib/dnd with `malloc` and was not allocated by lib/unicode. --- open-vm-tools/services/plugins/dndcp/dnd/dnd.h | 4 ++-- .../services/plugins/dndcp/dnd/dndClipboard.c | 6 ++++-- open-vm-tools/services/plugins/dndcp/dnd/dndMsg.c | 11 ++++++----- open-vm-tools/services/plugins/dndcp/dnd/dndMsg.h | 7 ++++--- 4 files changed, 16 insertions(+), 12 deletions(-) diff --git a/open-vm-tools/services/plugins/dndcp/dnd/dnd.h b/open-vm-tools/services/plugins/dndcp/dnd/dnd.h index f6b950351..913cf5c11 100644 --- a/open-vm-tools/services/plugins/dndcp/dnd/dnd.h +++ b/open-vm-tools/services/plugins/dndcp/dnd/dnd.h @@ -231,10 +231,10 @@ HGLOBAL DnD_CreateHDropForGuest(const char *path, const char *fileList); size_t DnD_CPStringToLocalString(const char *bufIn, utf16_t **bufOut); -size_t DnD_LocalStringToCPString(utf16_t *bufIn, +size_t DnD_LocalStringToCPString(const utf16_t *bufIn, char **bufOut); Bool DnD_SetCPClipboardFromLocalText(CPClipboard *clip, - utf16_t *bufIn); + const utf16_t *bufIn); Bool DnD_SetCPClipboardAndTruncateLocalText(CPClipboard *clip, utf16_t *bufIn); Bool DnD_SetCPClipboardFromLocalRtf(CPClipboard *clip, diff --git a/open-vm-tools/services/plugins/dndcp/dnd/dndClipboard.c b/open-vm-tools/services/plugins/dndcp/dnd/dndClipboard.c index 849c6699d..fcde5fd28 100644 --- a/open-vm-tools/services/plugins/dndcp/dnd/dndClipboard.c +++ b/open-vm-tools/services/plugins/dndcp/dnd/dndClipboard.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 2007-2021 VMware, Inc. All rights reserved. + * Copyright (c) 2007-2024 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -690,7 +691,8 @@ CPClipboard_Serialize(const CPClipboard *clip, // IN * * Side effects: * The clip passed in should be empty, otherwise will cause memory leakage. - * On success, arguments found in buf are unserialized into clip. + * On success, arguments found in buf are unserialized into clip, which + * must be destroyed by calling CPClipboard_Destroy. * *---------------------------------------------------------------------------- */ diff --git a/open-vm-tools/services/plugins/dndcp/dnd/dndMsg.c b/open-vm-tools/services/plugins/dndcp/dnd/dndMsg.c index 6c2d08593..427e2a21d 100644 --- a/open-vm-tools/services/plugins/dndcp/dnd/dndMsg.c +++ b/open-vm-tools/services/plugins/dndcp/dnd/dndMsg.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 2007-2019, 2023 VMware, Inc. All rights reserved. + * Copyright (c) 2007-2024 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -360,9 +361,9 @@ DnDMsg_Serialize(DnDMsg *msg, // IN/OUT: the message */ DnDMsgErr -DnDMsg_UnserializeHeader(DnDMsg *msg, // IN/OUT: the message - void *buf, // IN: the input buffer - size_t len) // IN: the buffer length +DnDMsg_UnserializeHeader(DnDMsg *msg, // IN/OUT: the message + const void *buf, // IN: the input buffer + size_t len) // IN: the buffer length { BufRead r; @@ -422,7 +423,7 @@ DnDMsg_UnserializeHeader(DnDMsg *msg, // IN/OUT: the message DnDMsgErr DnDMsg_UnserializeArgs(DnDMsg *msg, // IN/OUT: the message - void *buf, // IN: input buffer + const void *buf, // IN: input buffer size_t len) // IN: buffer length { uint32 i; diff --git a/open-vm-tools/services/plugins/dndcp/dnd/dndMsg.h b/open-vm-tools/services/plugins/dndcp/dnd/dndMsg.h index 3b852c46b..58d222cdb 100644 --- a/open-vm-tools/services/plugins/dndcp/dnd/dndMsg.h +++ b/open-vm-tools/services/plugins/dndcp/dnd/dndMsg.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 2007-2017, 2023 VMware, Inc. All rights reserved. + * Copyright (c) 2007-2024 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -158,8 +159,8 @@ DynBuf *DnDMsg_GetArg(DnDMsg *msg, uint32 arg); Bool DnDMsg_AppendArg(DnDMsg *msg, void *buf, size_t len); Bool DnDMsg_Serialize(DnDMsg *msg, DynBuf *buf); -DnDMsgErr DnDMsg_UnserializeHeader(DnDMsg *msg, void *buf, size_t len); -DnDMsgErr DnDMsg_UnserializeArgs(DnDMsg *msg, void *buf, size_t len); +DnDMsgErr DnDMsg_UnserializeHeader(DnDMsg *msg, const void *buf, size_t len); +DnDMsgErr DnDMsg_UnserializeArgs(DnDMsg *msg, const void *buf, size_t len); #if defined(__cplusplus) } // extern "C" From 28f0ffcfc76fa3d73653904f6f2cb51b4f37d93c Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 25 Feb 2025 01:29:11 -0800 Subject: [PATCH 344/375] Provide a tools.conf setting to disable timesync plugin This change intends to address a customer issue that requires an in-guest config to disable timesync without having to reboot VM or restart. Although we have some ways to implement it from host side, customer claimed the guest administator may not be the administrator of vSphere so that an in-guest approach is still needed. This change adds two config options under "timeSync" group: - disable-all: This disables all time sync including one-time sync and periodic sync. - disable-periodic: This disables periodic sync only. Note we cannot disable one-time sync and keep periodic sync enabled as this is not allowed according to the product design. Addresses Issue: https://github.com/vmware/open-vm-tools/issues/302 --- open-vm-tools/lib/include/conf.h | 26 ++++++- .../services/plugins/timeSync/timeSync.c | 70 ++++++++++++++++--- open-vm-tools/tools.conf | 16 +++++ 3 files changed, 101 insertions(+), 11 deletions(-) diff --git a/open-vm-tools/lib/include/conf.h b/open-vm-tools/lib/include/conf.h index b48fd7754..eca86fe42 100644 --- a/open-vm-tools/lib/include/conf.h +++ b/open-vm-tools/lib/include/conf.h @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (c) 2002-2024 Broadcom. All Rights Reserved. + * Copyright (c) 2002-2025 Broadcom. All Rights Reserved. * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it @@ -812,6 +812,30 @@ */ #define CONFNAME_TIMESYNC_TIMEINFO_ENABLED "timeInfo.enabled" +/** + * Defines the configuration to perform all time synchronization or not. + * + * @note Illegal values result in a @c g_warning and fallback to the default + * value. + * + * @param boolean If TRUE, all time synchronization is disabled. + * If FALSE, one-time synchronization is enabled and periodic + * synchronization is controlled by disable-periodic. + */ +#define CONFNAME_TIMESYNC_DISABLE_ALL "disable-all" + +/** + * Defines the configuration to perform periodic time synchronization or not. + * + * @note Illegal values result in a @c g_warning and fallback to the default + * value. + * + * @param boolean If TRUE, periodic time synchronization is disabled. + * If FALSE, periodic time synchronization is enabled if + * disable-all is also FALSE. + */ +#define CONFNAME_TIMESYNC_DISABLE_PERIODIC "disable-periodic" + /* * END timeSync goodies. ****************************************************************************** diff --git a/open-vm-tools/services/plugins/timeSync/timeSync.c b/open-vm-tools/services/plugins/timeSync/timeSync.c index b97accff5..7c07614fd 100644 --- a/open-vm-tools/services/plugins/timeSync/timeSync.c +++ b/open-vm-tools/services/plugins/timeSync/timeSync.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 2008-2022 VMware, Inc. All rights reserved. + * Copyright (c) 2008-2025 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -151,6 +152,10 @@ VM_EMBED_VERSION(VMTOOLSD_VERSION_STRING); /* Period during which the frequency error of guest time is measured. */ #define TIMESYNC_CALIBRATION_DURATION (15 * 60 * US_PER_SEC) /* 15min. */ +/* Default values for timeSync settings in tools config file. */ +#define CONFNAME_TIMESYNC_DISABLE_ALL_DEFAULT FALSE +#define CONFNAME_TIMESYNC_DISABLE_PERIODIC_DEFAULT FALSE + typedef enum TimeSyncState { TIMESYNC_INITIALIZING, TIMESYNC_STOPPED, @@ -612,10 +617,10 @@ TimeSyncGuestResyncTimeoutHandler(gpointer _data) */ static gboolean -TimeSyncDoSync(Bool slewCorrection, - TimeSyncType syncType, - Bool allowBackwardSync, - void *_data) +TimeSyncDoSyncWork(Bool slewCorrection, + TimeSyncType syncType, + Bool allowBackwardSync, + void *_data) { int64 guest, host; int64 gosError, apparentError, maxTimeError; @@ -628,7 +633,7 @@ TimeSyncDoSync(Bool slewCorrection, syncType, slewCorrection, allowBackwardSync, data->guestResync, data->guestResyncTimeout); - if (!TimeSyncReadHostAndGuest(&host, &guest, &apparentError, + if (!TimeSyncReadHostAndGuest(&host, &guest, &apparentError, &apparentErrorValid, &maxTimeError)) { return FALSE; } @@ -651,7 +656,7 @@ TimeSyncDoSync(Bool slewCorrection, * step correction. */ - if (gosError < -maxTimeError || + if (gosError < -maxTimeError || (gosError + apparentError > 0 && allowBackwardSync)) { if (syncType == TIMESYNC_STEP && data->guestResync && TimeSync_IsGuestSyncServiceRunning()) { @@ -660,9 +665,9 @@ TimeSyncDoSync(Bool slewCorrection, ASSERT(data->ctx != NULL); if (!TimeSync_DoGuestResync(data->ctx)) { g_warning("Guest resync operation failed.\n"); - return TimeSyncDoSync(data->slewCorrection, - TIMESYNC_STEP_NORESYNC, - allowBackwardSync, data); + return TimeSyncDoSyncWork(data->slewCorrection, + TIMESYNC_STEP_NORESYNC, + allowBackwardSync, data); } if (data->guestResyncTimeout > 0) { data->guestResyncTimer = @@ -715,6 +720,51 @@ TimeSyncDoSync(Bool slewCorrection, } +/** + * Check the Tools config of timeSync, skip time sync if it is disabled, + * call TimeSyncDoSyncWork to sync time otherwise. + * + * @param[in] slewCorrection Is clock slewing enabled? + * @param[in] syncType Type of synchronization requested. + * @param[in] allowBackwardSync Can we sync time backwards when doing + * step/resync correction? + * @param[in] _data Time sync data. + * + * @return TRUE on success or when timeSync is disabled. + */ + +static gboolean +TimeSyncDoSync(Bool slewCorrection, + TimeSyncType syncType, + Bool allowBackwardSync, + void *_data) +{ + TimeSyncData *data = _data; + Bool disableAll = + VMTools_ConfigGetBoolean(data->ctx->config, + CONFGROUPNAME_TIMESYNC, + CONFNAME_TIMESYNC_DISABLE_ALL, + CONFNAME_TIMESYNC_DISABLE_ALL_DEFAULT); + Bool disablePeriodic = + VMTools_ConfigGetBoolean(data->ctx->config, + CONFGROUPNAME_TIMESYNC, + CONFNAME_TIMESYNC_DISABLE_PERIODIC, + CONFNAME_TIMESYNC_DISABLE_PERIODIC_DEFAULT); + /* + * Skip all time sync or the periodic type of time sync if they are + * configured to be disabled in the Tools config. Return TRUE so that + * nothing in timeSync plugin is broken and the sync can be re-enabled + * seamlessly, this also avoids warning logs on the FALSE returns. + */ + if (disableAll || (disablePeriodic && syncType == TIMESYNC_PERIODIC)) { + g_debug("Time synchronization is disabled.\n"); + return TRUE; + } + return TimeSyncDoSyncWork(slewCorrection, syncType, allowBackwardSync, + _data); +} + + /** * Run the "time synchronization" loop. * diff --git a/open-vm-tools/tools.conf b/open-vm-tools/tools.conf index 52d604323..93ab4e41a 100644 --- a/open-vm-tools/tools.conf +++ b/open-vm-tools/tools.conf @@ -567,3 +567,19 @@ # Values lesser than the minimum will use the minimum (4096) value. # Values greater than the maximum will use the maximum (524288) value. #amsi-max-script-size-in-bytes=262144 + +[timeSync] + +# The timeSync plugin synchronizes guest system time with that of the host. + +# The value of disable-all is a true or false; the default is false. +# If true, all time synchronization is disabled. +# If false, one-time synchronization is enabled and periodic synchronization +# is controlled by disable-periodic. +#disable-all=false + +# The value of disable-periodic is a true or false; the default is false. +# If true, periodic time synchronization is disabled. +# If false, periodic time synchronization is enabled if disable-all is also +# false. +#disable-periodic=false From 3d84ad3cb5c0b3cd89753ec8d340037e91b9ba38 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 25 Feb 2025 01:29:11 -0800 Subject: [PATCH 345/375] Update the AC_VMW_CHECK_LIB fields for xmlsec1 library. Currently, the library's custom "config" (xmlsec1-config) is being used to determine compiler and linker flags. Customer reported cross compiler problem with the xmlsec1-config usage and suggested the below changes to use pkg-config instead. o Pass library name as 3rd parameter to AC_VMW_CHECK_LIB Macro to determine the compiler and linker flags via pkg-config. o Also use the predefined 'PKG_CONFIG' variable rather than hardcoding 'pkg-config' Pull request: https://github.com/vmware/open-vm-tools/pull/732 --- open-vm-tools/AUTHORS | 3 +++ open-vm-tools/configure.ac | 6 +++--- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/open-vm-tools/AUTHORS b/open-vm-tools/AUTHORS index f8da85626..a7ebb323c 100644 --- a/open-vm-tools/AUTHORS +++ b/open-vm-tools/AUTHORS @@ -103,3 +103,6 @@ Brennan Kinney Revise settings for vmware-user.desktop Rudy Heitbaum Fix build when compiling with -std=c23 - https://github.com/vmware/open-vm-tools/pull/751 + +James Le Cuirot Fix xmlsec detection when cross-compiling with pkg-config + - https://github.com/vmware/open-vm-tools/pull/732 diff --git a/open-vm-tools/configure.ac b/open-vm-tools/configure.ac index 4ad8178b0..81c6ac3e2 100644 --- a/open-vm-tools/configure.ac +++ b/open-vm-tools/configure.ac @@ -1,5 +1,5 @@ ################################################################################ -### Copyright (c) 2007-2024 Broadcom. All Rights Reserved. +### Copyright (c) 2007-2025 Broadcom. All Rights Reserved. ### The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. ### ### Configure script for building the VMware OSS Tools. @@ -879,12 +879,12 @@ if test "$enable_vgauth" = "yes" ; then AC_VMW_DEFAULT_FLAGS([XMLSEC1]) AC_VMW_CHECK_LIB([xmlsec1], [XMLSEC1], - [], + [xmlsec1], [xmlsec1-config], [], [xmlsec/xmlsec.h], [xmlSecCheckVersionExt], - [XMLSEC1_VER=`pkg-config --modversion xmlsec1` + [XMLSEC1_VER=`$PKG_CONFIG --modversion xmlsec1` xmlsec1_major_version="`echo $XMLSEC1_VER | cut -f1 -d. | cut -f1 -d-`" xmlsec1_minor_version="`echo $XMLSEC1_VER | cut -f2 -d. | cut -f1 -d-`" xmlsec1_micro_version="`echo $XMLSEC1_VER | cut -f3 -d. | cut -f1 -d-`" From 3b7214d00780448e203141da0723b9d321f61a8f Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 25 Feb 2025 01:31:27 -0800 Subject: [PATCH 346/375] Update ChangeLog with the granular push of Feb 25, 2025. - plus ChangeLog update of Feb 21, 2025. --- open-vm-tools/ChangeLog | 88 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 88 insertions(+) diff --git a/open-vm-tools/ChangeLog b/open-vm-tools/ChangeLog index 67b08a2d5..6838e661d 100644 --- a/open-vm-tools/ChangeLog +++ b/open-vm-tools/ChangeLog @@ -1,3 +1,91 @@ +commit 3d84ad3cb5c0b3cd89753ec8d340037e91b9ba38 +Author: Kruti Pendharkar +Date: Tue Feb 25 01:29:11 2025 -0800 + + Update the AC_VMW_CHECK_LIB fields for xmlsec1 library. + + Currently, the library's custom "config" (xmlsec1-config) + is being used to determine compiler and linker flags. + Customer reported cross compiler problem with the xmlsec1-config + usage and suggested the below changes to use pkg-config instead. + + o Pass library name as 3rd parameter to AC_VMW_CHECK_LIB Macro + to determine the compiler and linker flags via pkg-config. + o Also use the predefined 'PKG_CONFIG' variable rather than hardcoding + 'pkg-config' + + Pull request: https://github.com/vmware/open-vm-tools/pull/732 + +commit 28f0ffcfc76fa3d73653904f6f2cb51b4f37d93c +Author: Kruti Pendharkar +Date: Tue Feb 25 01:29:11 2025 -0800 + + Provide a tools.conf setting to disable timesync plugin + + This change intends to address a customer issue that requires an + in-guest config to disable timesync without having to reboot VM or + restart. Although we have some ways to implement it from host side, + customer claimed the guest administator may not be the administrator + of vSphere so that an in-guest approach is still needed. + + This change adds two config options under "timeSync" group: + - disable-all: This disables all time sync including one-time sync + and periodic sync. + - disable-periodic: This disables periodic sync only. + Note we cannot disable one-time sync and keep periodic sync enabled + as this is not allowed according to the product design. + + Addresses Issue: https://github.com/vmware/open-vm-tools/issues/302 + +commit 4c58276668b6a6b608f99203204e315bbf040f53 +Author: Kruti Pendharkar +Date: Tue Feb 25 01:29:11 2025 -0800 + + Fix a couple of memory leaks in drag-and-drop/copy-paste code: + + * `CopyPasteRpcV3::HandleMsg` calls `CPClipboard_Unserialize` + which allocates memory to the supplied `Clipboard` + structure, but it neglected to call `CPClipboard_Destroy` + to free it when done. Also update the documentation for + `CPClipboard_Unserialize` to make the contract more + explicit. + * `DnD_SetCPClipboardFromLocalText` completely neglected to + free its destination buffer. + + Bonus cleanup: + + * Make some pointers `const` (which also allows us to remove + some casts). + * Replace a call to `UNICODE_RELEASE_UTF16` with `free` since + the memory was allocated by lib/dnd with `malloc` and was + not allocated by lib/unicode. + +commit cd4c71ad389406ad5d20d5de66aabaea13ab610f +Author: Kruti Pendharkar +Date: Tue Feb 25 01:29:11 2025 -0800 + + Fix the assembler warning + + The Warning "found movsd; assuming movsl was meant" was noticed while + building open-vm-tools with gcc 12.2.0 (on Debian 12.2.0-14). + It was because of the change https://sourceware.org/bugzilla/show_bug.cgi?id=29525 + made to the GNU assembler code (GNU Binutils for Debian) 2.39.90.20221231. + + Replace the instruction "movsd" with "movsl" to avoid this warning. + +commit 1fbe46b675e7f85a525df2af4cb7f2a43043f9a5 +Author: Kruti Pendharkar +Date: Tue Feb 25 01:29:11 2025 -0800 + + Fix copyright years. + +commit e336623005c9907122bd0df701d28c04db7df6e0 +Author: Kruti Pendharkar +Date: Fri Feb 21 06:36:35 2025 -0800 + + Update ChangeLog with the granular push of Feb 21, 2025. + - plus ChangeLog update of Jan 08, 2025. + commit 80421bf6a995839aac1a4adb98437161411f5ce4 Author: Kruti Pendharkar Date: Fri Feb 21 05:54:27 2025 -0800 From 6331ea0150b98316b3f41b4cdcff52ae9fc7d791 Mon Sep 17 00:00:00 2001 From: John Wolfe Date: Mon, 5 May 2025 15:58:03 -0700 Subject: [PATCH 347/375] Validate user names and file paths Prevent usage of illegal characters in user names and file paths. Also, disallow unexpected symlinks in file paths. This patch contains changes to common source files not applicable to open-vm-tools. All files being updated should be consider to have the copyright to be updated to: * Copyright (c) XXXX-2025 Broadcom. All Rights Reserved. * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. The 2025 Broadcom copyright information update is not part of this patch set to allow the patch to be easily applied to previous open-vm-tools source releases. --- open-vm-tools/vgauth/common/VGAuthUtil.c | 33 +++++++++ open-vm-tools/vgauth/common/VGAuthUtil.h | 2 + open-vm-tools/vgauth/common/prefs.h | 3 + open-vm-tools/vgauth/common/usercheck.c | 23 +++++- open-vm-tools/vgauth/serviceImpl/alias.c | 74 ++++++++++++++++++- open-vm-tools/vgauth/serviceImpl/service.c | 27 +++++++ open-vm-tools/vgauth/serviceImpl/serviceInt.h | 1 + 7 files changed, 160 insertions(+), 3 deletions(-) diff --git a/open-vm-tools/vgauth/common/VGAuthUtil.c b/open-vm-tools/vgauth/common/VGAuthUtil.c index 76383c462..9c2adb8d0 100644 --- a/open-vm-tools/vgauth/common/VGAuthUtil.c +++ b/open-vm-tools/vgauth/common/VGAuthUtil.c @@ -309,3 +309,36 @@ Util_Assert(const char *cond, #endif g_assert(0); } + + +/* + ****************************************************************************** + * Util_Utf8CaseCmp -- */ /** + * + * Case insensitive comparison for utf8 strings which can have non-ascii + * characters. + * + * @param[in] str1 Null terminated utf8 string. + * @param[in] str2 Null terminated utf8 string. + * + ****************************************************************************** + */ + +int +Util_Utf8CaseCmp(const gchar *str1, + const gchar *str2) +{ + int ret; + gchar *str1Case; + gchar *str2Case; + + str1Case = g_utf8_casefold(str1, -1); + str2Case = g_utf8_casefold(str2, -1); + + ret = g_strcmp0(str1Case, str2Case); + + g_free(str1Case); + g_free(str2Case); + + return ret; +} diff --git a/open-vm-tools/vgauth/common/VGAuthUtil.h b/open-vm-tools/vgauth/common/VGAuthUtil.h index f7f3aa216..ef32a91da 100644 --- a/open-vm-tools/vgauth/common/VGAuthUtil.h +++ b/open-vm-tools/vgauth/common/VGAuthUtil.h @@ -105,4 +105,6 @@ gboolean Util_CheckExpiration(const GTimeVal *start, unsigned int duration); void Util_Assert(const char *cond, const char *file, int lineNum); +int Util_Utf8CaseCmp(const gchar *str1, const gchar *str2); + #endif diff --git a/open-vm-tools/vgauth/common/prefs.h b/open-vm-tools/vgauth/common/prefs.h index 6c58f3f4b..3299eb26c 100644 --- a/open-vm-tools/vgauth/common/prefs.h +++ b/open-vm-tools/vgauth/common/prefs.h @@ -167,6 +167,9 @@ msgCatalog = /etc/vmware-tools/vgauth/messages /** Where the localized version of the messages were installed. */ #define VGAUTH_PREF_LOCALIZATION_DIR "msgCatalog" +/** If symlinks or junctions are allowed in alias store file path */ +#define VGAUTH_PREF_ALLOW_SYMLINKS "allowSymlinks" + /* * Pref values */ diff --git a/open-vm-tools/vgauth/common/usercheck.c b/open-vm-tools/vgauth/common/usercheck.c index 3beede2e8..340aa0411 100644 --- a/open-vm-tools/vgauth/common/usercheck.c +++ b/open-vm-tools/vgauth/common/usercheck.c @@ -78,6 +78,8 @@ * Solaris as well, but that path is untested. */ +#define MAX_USER_NAME_LEN 256 + /* * A single retry works for the LDAP case, but try more often in case NIS * or something else has a related issue. Note that a bad username/uid won't @@ -354,12 +356,29 @@ Usercheck_UsernameIsLegal(const gchar *userName) * restricted list for local usernames. */ size_t len; - char *illegalChars = "<>/"; + size_t i = 0; + int backSlashCnt = 0; + /* + * As user names are used to generate its alias store file name/path, it + * should not contain path traversal characters ('/' and '\'). + */ + char *illegalChars = "<>/\\"; len = strlen(userName); - if (strcspn(userName, illegalChars) != len) { + if (len > MAX_USER_NAME_LEN) { return FALSE; } + + while ((i += strcspn(userName + i, illegalChars)) < len) { + /* + * One backward slash is allowed for domain\username separator. + */ + if (userName[i] != '\\' || ++backSlashCnt > 1) { + return FALSE; + } + ++i; + } + return TRUE; } diff --git a/open-vm-tools/vgauth/serviceImpl/alias.c b/open-vm-tools/vgauth/serviceImpl/alias.c index 4e170202c..c7040ebff 100644 --- a/open-vm-tools/vgauth/serviceImpl/alias.c +++ b/open-vm-tools/vgauth/serviceImpl/alias.c @@ -41,6 +41,7 @@ #include "certverify.h" #include "VGAuthProto.h" #include "vmxlog.h" +#include "VGAuthUtil.h" // puts the identity store in an easy to find place #undef WIN_TEST_MODE @@ -66,6 +67,7 @@ #define ALIASSTORE_FILE_PREFIX "user-" #define ALIASSTORE_FILE_SUFFIX ".xml" +static gboolean allowSymlinks = FALSE; static gchar *aliasStoreRootDir = DEFAULT_ALIASSTORE_ROOT_DIR; #ifdef _WIN32 @@ -252,6 +254,12 @@ mapping file layout: */ +#ifdef _WIN32 +#define ISPATHSEP(c) ((c) == '\\' || (c) == '/') +#else +#define ISPATHSEP(c) ((c) == '/') +#endif + /* ****************************************************************************** @@ -466,6 +474,7 @@ ServiceLoadFileContentsWin(const gchar *fileName, gunichar2 *fileNameW = NULL; BOOL ok; DWORD bytesRead; + gchar *realPath = NULL; *fileSize = 0; *contents = NULL; @@ -622,6 +631,22 @@ ServiceLoadFileContentsWin(const gchar *fileName, goto done; } + if (!allowSymlinks) { + /* + * Check if fileName is real path. + */ + if ((realPath = ServiceFileGetPathByHandle(hFile)) == NULL) { + err = VGAUTH_E_FAIL; + goto done; + } + if (Util_Utf8CaseCmp(realPath, fileName) != 0) { + Warning("%s: Real path (%s) is not same as file path (%s)\n", + __FUNCTION__, realPath, fileName); + err = VGAUTH_E_FAIL; + goto done; + } + } + /* * Now finally read the contents. */ @@ -650,6 +675,7 @@ ServiceLoadFileContentsWin(const gchar *fileName, CloseHandle(hFile); } g_free(fileNameW); + g_free(realPath); return err; } @@ -672,6 +698,7 @@ ServiceLoadFileContentsPosix(const gchar *fileName, gchar *buf; gchar *bp; int fd = -1; + gchar realPath[PATH_MAX] = { 0 }; *fileSize = 0; *contents = NULL; @@ -817,6 +844,23 @@ ServiceLoadFileContentsPosix(const gchar *fileName, goto done; } + if (!allowSymlinks) { + /* + * Check if fileName is real path. + */ + if (realpath(fileName, realPath) == NULL) { + Warning("%s: realpath() failed. errno (%d)\n", __FUNCTION__, errno); + err = VGAUTH_E_FAIL; + goto done; + } + if (g_strcmp0(realPath, fileName) != 0) { + Warning("%s: Real path (%s) is not same as file path (%s)\n", + __FUNCTION__, realPath, fileName); + err = VGAUTH_E_FAIL; + goto done; + } + } + /* * All confidence checks passed; read the bits. */ @@ -2803,8 +2847,13 @@ ServiceAliasRemoveAlias(const gchar *reqUserName, /* * We don't verify the user exists in a Remove operation, to allow - * cleanup of deleted user's stores. + * cleanup of deleted user's stores, but we do check whether the + * user name is legal or not. */ + if (!Usercheck_UsernameIsLegal(userName)) { + Warning("%s: Illegal user name '%s'\n", __FUNCTION__, userName); + return VGAUTH_E_FAIL; + } if (!CertVerify_IsWellFormedPEMCert(pemCert)) { return VGAUTH_E_INVALID_CERTIFICATE; @@ -3036,6 +3085,16 @@ ServiceAliasQueryAliases(const gchar *userName, } #endif + /* + * We don't verify the user exists in a Query operation to allow + * cleaning up after a deleted user, but we do check whether the + * user name is legal or not. + */ + if (!Usercheck_UsernameIsLegal(userName)) { + Warning("%s: Illegal user name '%s'\n", __FUNCTION__, userName); + return VGAUTH_E_FAIL; + } + err = AliasLoadAliases(userName, num, aList); if (VGAUTH_E_OK != err) { Warning("%s: failed to load Aliases for '%s'\n", __FUNCTION__, userName); @@ -3294,6 +3353,7 @@ ServiceAliasInitAliasStore(void) VGAuthError err = VGAUTH_E_OK; gboolean saveBadDir = FALSE; char *defaultDir = NULL; + size_t len; #ifdef _WIN32 { @@ -3324,6 +3384,10 @@ ServiceAliasInitAliasStore(void) defaultDir = g_strdup(DEFAULT_ALIASSTORE_ROOT_DIR); #endif + allowSymlinks = Pref_GetBool(gPrefs, + VGAUTH_PREF_ALLOW_SYMLINKS, + VGAUTH_PREF_GROUP_NAME_SERVICE, + FALSE); /* * Find the alias store directory. This allows an installer to put * it somewhere else if necessary. @@ -3337,6 +3401,14 @@ ServiceAliasInitAliasStore(void) VGAUTH_PREF_GROUP_NAME_SERVICE, defaultDir); + /* + * Remove the trailing separator if any from aliasStoreRootDir path. + */ + len = strlen(aliasStoreRootDir); + if (ISPATHSEP(aliasStoreRootDir[len - 1])) { + aliasStoreRootDir[len - 1] = '\0'; + } + Log("Using '%s' for alias store root directory\n", aliasStoreRootDir); g_free(defaultDir); diff --git a/open-vm-tools/vgauth/serviceImpl/service.c b/open-vm-tools/vgauth/serviceImpl/service.c index d4716526c..e053ed0fa 100644 --- a/open-vm-tools/vgauth/serviceImpl/service.c +++ b/open-vm-tools/vgauth/serviceImpl/service.c @@ -28,6 +28,7 @@ #include "VGAuthUtil.h" #ifdef _WIN32 #include "winUtil.h" +#include #endif static ServiceStartListeningForIOFunc startListeningIOFunc = NULL; @@ -283,9 +284,35 @@ static gchar * ServiceUserNameToPipeName(const char *userName) { gchar *escapedName = ServiceEncodeUserName(userName); +#ifdef _WIN32 + /* + * Adding below pragma only in windows to suppress the compile time warning + * about unavailability of g_uuid_string_random() since compiler flag + * GLIB_VERSION_MAX_ALLOWED is defined to GLIB_VERSION_2_34. + * TODO: Remove below pragma when GLIB_VERSION_MAX_ALLOWED is bumped up to + * or greater than GLIB_VERSION_2_52. + */ +#pragma warning(suppress : 4996) + gchar *uuidStr = g_uuid_string_random(); + /* + * Add a unique suffix to avoid a name collision with an existing named pipe + * created by someone else (intentionally or by accident). + * This is not needed for Linux; name collisions on sockets are already + * avoided there since (1) file system paths to VGAuthService sockets are in + * a directory that is writable only by root and (2) VGAuthService unlinks a + * socket path before binding it to a newly created socket. + */ + gchar *pipeName = g_strdup_printf("%s-%s-%s", + SERVICE_PUBLIC_PIPE_NAME, + escapedName, + uuidStr); + + g_free(uuidStr); +#else gchar *pipeName = g_strdup_printf("%s-%s", SERVICE_PUBLIC_PIPE_NAME, escapedName); +#endif g_free(escapedName); return pipeName; diff --git a/open-vm-tools/vgauth/serviceImpl/serviceInt.h b/open-vm-tools/vgauth/serviceImpl/serviceInt.h index 5f420192b..f4f88547d 100644 --- a/open-vm-tools/vgauth/serviceImpl/serviceInt.h +++ b/open-vm-tools/vgauth/serviceImpl/serviceInt.h @@ -441,6 +441,7 @@ VGAuthError ServiceFileVerifyAdminGroupOwnedByHandle(const HANDLE hFile); VGAuthError ServiceFileVerifyEveryoneReadableByHandle(const HANDLE hFile); VGAuthError ServiceFileVerifyUserAccessByHandle(const HANDLE hFile, const char *userName); +gchar *ServiceFileGetPathByHandle(HANDLE hFile); #else VGAuthError ServiceFileVerifyFileOwnerAndPerms(const char *fileName, const char *userName, From f6e10ad22796353a8ed3bed876cdc41d7acc2fc0 Mon Sep 17 00:00:00 2001 From: John Wolfe Date: Fri, 9 May 2025 11:51:44 -0700 Subject: [PATCH 348/375] Set the open-vm-tools product version for a 12.5.2 patch release --- open-vm-tools/lib/include/vm_tools_version.h | 31 +++++++++++++++----- 1 file changed, 23 insertions(+), 8 deletions(-) diff --git a/open-vm-tools/lib/include/vm_tools_version.h b/open-vm-tools/lib/include/vm_tools_version.h index ec7047fbb..af490a510 100644 --- a/open-vm-tools/lib/include/vm_tools_version.h +++ b/open-vm-tools/lib/include/vm_tools_version.h @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (c) 1998-2024 Broadcom. All rights reserved. + * Copyright (c) 1998-2025 Broadcom. All Rights Reserved. * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it @@ -1787,15 +1787,30 @@ TOOLS_VERSION_UINT_TO_COMPONENTS(const ToolsVersion toolsVersion, // IN #define TOOLS_VERSION_SOCKET_WRENCH_UPDATE1_V_BASE 5 #ifndef RC_INVOKED -#define TOOLS_VERSION_NEXT TOOLS_VERSION_TO_UINT(TOOLS_VERSION_NEXT_V) +#define TOOLS_VERSION_PLIERS_RELEASE TOOLS_VERSION_TO_UINT(TOOLS_VERSION_PLIERS_RELEASE_V) #endif /* RC_INVOKED */ -#define TOOLS_VERSION_NEXT_V_MJR 12 -#define TOOLS_VERSION_NEXT_V_MNR 5 -#define TOOLS_VERSION_NEXT_V_BASE 0 +#define TOOLS_VERSION_PLIERS_RELEASE_V_MJR 12 +#define TOOLS_VERSION_PLIERS_RELEASE_V_MNR 5 +#define TOOLS_VERSION_PLIERS_RELEASE_V_BASE 0 -#define TOOLS_VERSION_CURRENT TOOLS_VERSION_NEXT -#define TOOLS_VERSION_CURRENT_STR TOOLS_VERSION_TO_STR(TOOLS_VERSION_NEXT) -#define TOOLS_VERSION_CURRENT_CSV TOOLS_VERSION_TO_CSV(TOOLS_VERSION_NEXT) +#ifndef RC_INVOKED +#define TOOLS_VERSION_PLIERS_PATCH1 TOOLS_VERSION_TO_UINT(TOOLS_VERSION_PLIERS_PATCH1_V) +#endif /* RC_INVOKED */ +#define TOOLS_VERSION_PLIERS_PATCH1_V_MJR 12 +#define TOOLS_VERSION_PLIERS_PATCH1_V_MNR 5 +#define TOOLS_VERSION_PLIERS_PATCH1_V_BASE 1 + + +#ifndef RC_INVOKED +#define TOOLS_VERSION_PLIERS_PATCH2 TOOLS_VERSION_TO_UINT(TOOLS_VERSION_PLIERS_PATCH2_V) +#endif /* RC_INVOKED */ +#define TOOLS_VERSION_PLIERS_PATCH2_V_MJR 12 +#define TOOLS_VERSION_PLIERS_PATCH2_V_MNR 5 +#define TOOLS_VERSION_PLIERS_PATCH2_V_BASE 2 + +#define TOOLS_VERSION_CURRENT TOOLS_VERSION_PLIERS_PATCH2 +#define TOOLS_VERSION_CURRENT_STR TOOLS_VERSION_TO_STR(TOOLS_VERSION_PLIERS_PATCH2) +#define TOOLS_VERSION_CURRENT_CSV TOOLS_VERSION_TO_CSV(TOOLS_VERSION_PLIERS_PATCH2) /* * The extended Tools version is the current Tools version with the From d466ae89716856b2a4295ce622f1887a25575f25 Mon Sep 17 00:00:00 2001 From: John Wolfe Date: Sun, 11 May 2025 09:17:41 -0700 Subject: [PATCH 349/375] Prepare for the open-vm-tools 12.5.2 release. - Update the tools version in the configure.ac. - Update the build numbers in the buldNumber.h. --- open-vm-tools/configure.ac | 4 ++-- open-vm-tools/lib/include/buildNumber.h | 12 ++++++------ 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/open-vm-tools/configure.ac b/open-vm-tools/configure.ac index d71977afc..0c058947b 100644 --- a/open-vm-tools/configure.ac +++ b/open-vm-tools/configure.ac @@ -36,10 +36,10 @@ ### Initialization ### -TOOLS_VERSION="12.5.0" +TOOLS_VERSION="12.5.2" AC_INIT( [open-vm-tools], - [12.5.0], + [12.5.2], [open-vm-tools-devel@lists.sourceforge.net]) # In order to make this configure script auto-detect situations where diff --git a/open-vm-tools/lib/include/buildNumber.h b/open-vm-tools/lib/include/buildNumber.h index ada114228..45d0ddc2a 100644 --- a/open-vm-tools/lib/include/buildNumber.h +++ b/open-vm-tools/lib/include/buildNumber.h @@ -1,12 +1,12 @@ #define BUILD_NUMBER \ - "build-24276846" + "build-24697584" #define BUILD_NUMBER_NUMERIC \ - 24276846 + 24697584 #define BUILD_NUMBER_NUMERIC_STRING \ - "24276846" + "24697584" #define PRODUCT_BUILD_NUMBER \ - "product-build-51152" + "product-build-52591" #define PRODUCT_BUILD_NUMBER_NUMERIC \ - 51152 + 52591 #define PRODUCT_BUILD_NUMBER_NUMERIC_STRING \ - "51152" + "52591" From 4ba99fabfecd7a54d3ebdb9d144f9ed6ec7faf22 Mon Sep 17 00:00:00 2001 From: John Wolfe Date: Mon, 12 May 2025 13:00:43 -0700 Subject: [PATCH 350/375] Update the ReleaseNotes.md for the 12.5.2 open-vm-tools release. --- ReleaseNotes.md | 28 +++++++++++++--------------- 1 file changed, 13 insertions(+), 15 deletions(-) diff --git a/ReleaseNotes.md b/ReleaseNotes.md index c458d73c4..370ae78b6 100644 --- a/ReleaseNotes.md +++ b/ReleaseNotes.md @@ -1,8 +1,8 @@ -# open-vm-tools 12.5.0 Release Notes +# open-vm-tools 12.5.2 Release Notes -Updated on: 8 October 2024 +Updated on: 12 May 2025 -open-vm-tools | 8 OCTOBER 2024 | Build 24276846 +open-vm-tools | 12 MAY 2025 | Build 24697584 Check back for additions and updates to these release notes. @@ -21,15 +21,17 @@ The release notes cover the following topics: ## What's New -* Please see the [Resolved Issues](#resolvedissues) and [Known Issues](#knownissues) sections below. +* This release resolves [CVE-2025-22247](https://www.cve.org/CVERecord?id=CVE-2025-22247). For more information on this vulnerability and its impact on Broadcom products, see [VMSA-2025-0007](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25683) -* A complete list of the granular changes in the open-vm-tools 12.5.0 release is available at: + A patch to address CVE-2025-22247 on earlier open-vm-tools releases is provided to the Linux community at [CVE-2025-22247.patch](https://github.com/vmware/open-vm-tools/tree/CVE-2025-22247.patch). - [open-vm-tools ChangeLog](https://github.com/vmware/open-vm-tools/blob/stable-12.5.0/open-vm-tools/ChangeLog) +* A complete list of the granular changes in the open-vm-tools 12.5.2 release is available at: + + [open-vm-tools ChangeLog](https://github.com/vmware/open-vm-tools/blob/stable-12.5.2/open-vm-tools/ChangeLog) ## Internationalization -open-vm-tools 12.5.0 is available in the following languages: +open-vm-tools 12.5.2 is available in the following languages: * English * French @@ -67,19 +69,15 @@ The [Guest OS Customization Support Matrix](http://partnerweb.vmware.com/program ## Interoperability Matrix -The [VMware Product Interoperability Matrix](http://partnerweb.vmware.com/comp_guide2/sim/interop_matrix.php) provides details about the compatibility of current and earlier versions of VMware Products.  +The [VMware Product Interoperability Matrix](https://interopmatrix.broadcom.com/Interoperability) provides details about the compatibility of current and earlier versions of VMware Products.  ## Resolved Issues -* **The following github.com/vmware/open-vm-tools pull request has been addressed.** - - * Revise settings for vmware-user.desktop - - [Pull request #668](https://github.com/vmware/open-vm-tools/pull/668) +* **This release resolves CVE-2025-22247.** -* **Accomodate newer releases of libxml2 and xmlsec1.** + * For more information on this vulnerability and its impact on Broadcom products, see [VMSA-2025-0007](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25683) - The configure.ac and VGAuth code updated to avoid deprecated functions and build options based on OSS product version. + * A patch to address CVE-2025-22247 on earlier open-vm-tools releases is provided to the Linux community at [CVE-2025-22247.patch](https://github.com/vmware/open-vm-tools/tree/CVE-2025-22247.patch). ## Known Issues From 908dbba833dd28d72b315ee9fc96f5bcd0576e41 Mon Sep 17 00:00:00 2001 From: John Wolfe Date: Mon, 12 May 2025 13:07:33 -0700 Subject: [PATCH 351/375] ================================================= open-vm-tools 12.5.2 released at this point. ================================================= Update of the ChangeLog with the final changes in preparation for the open-vm-tools 12.5.2 release. --- open-vm-tools/ChangeLog | 49 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 49 insertions(+) diff --git a/open-vm-tools/ChangeLog b/open-vm-tools/ChangeLog index 9e9f9c471..9a2a89254 100644 --- a/open-vm-tools/ChangeLog +++ b/open-vm-tools/ChangeLog @@ -1,3 +1,52 @@ +commit 4ba99fabfecd7a54d3ebdb9d144f9ed6ec7faf22 +Author: John Wolfe +Date: Mon May 12 13:00:43 2025 -0700 + + Update the ReleaseNotes.md for the 12.5.2 open-vm-tools release. + +commit d466ae89716856b2a4295ce622f1887a25575f25 +Author: John Wolfe +Date: Sun May 11 09:17:41 2025 -0700 + + Prepare for the open-vm-tools 12.5.2 release. + + - Update the tools version in the configure.ac. + - Update the build numbers in the buldNumber.h. + +commit f6e10ad22796353a8ed3bed876cdc41d7acc2fc0 +Author: John Wolfe +Date: Fri May 9 11:51:44 2025 -0700 + + Set the open-vm-tools product version for a 12.5.2 patch release + +commit 6331ea0150b98316b3f41b4cdcff52ae9fc7d791 +Author: John Wolfe +Date: Mon May 5 15:58:03 2025 -0700 + + Validate user names and file paths + + Prevent usage of illegal characters in user names and file paths. + Also, disallow unexpected symlinks in file paths. + + This patch contains changes to common source files not applicable + to open-vm-tools. + + All files being updated should be consider to have the copyright to + be updated to: + + * Copyright (c) XXXX-2025 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. + + The 2025 Broadcom copyright information update is not part of this + patch set to allow the patch to be easily applied to previous + open-vm-tools source releases. + +commit f2ca37ef3510543172657b82493d1eceefa9a134 +Author: Kruti +Date: Thu Oct 10 08:05:07 2024 -0700 + + Update ChangeLog with the open-vm-tools 12.5.0 release marker. + commit 05afe0ae703d6027325059876528fe3b04fdf386 Author: Kruti Date: Thu Oct 10 06:12:07 2024 -0700 From 2fd774e3747d1c483418d84db149f0f253b9c78f Mon Sep 17 00:00:00 2001 From: John Wolfe Date: Mon, 12 May 2025 14:25:59 -0700 Subject: [PATCH 352/375] Update ChangeLog with the open-vm-tools 12.5.2 release marker. --- open-vm-tools/ChangeLog | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/open-vm-tools/ChangeLog b/open-vm-tools/ChangeLog index 9a2a89254..8def21cbe 100644 --- a/open-vm-tools/ChangeLog +++ b/open-vm-tools/ChangeLog @@ -1,3 +1,14 @@ +commit 908dbba833dd28d72b315ee9fc96f5bcd0576e41 +Author: John Wolfe +Date: Mon May 12 13:07:33 2025 -0700 + + ================================================= + open-vm-tools 12.5.2 released at this point. + ================================================= + + Update of the ChangeLog with the final changes in preparation for + the open-vm-tools 12.5.2 release. + commit 4ba99fabfecd7a54d3ebdb9d144f9ed6ec7faf22 Author: John Wolfe Date: Mon May 12 13:00:43 2025 -0700 From 4f0a30e604883158280a7d2a91b213efb7af87b6 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 10 Jun 2025 17:48:53 -0700 Subject: [PATCH 353/375] Set the "patch" field of VMTools version to zero. Prior to VMTools 13.0.0, the fourth field in the VMTools version was set to PRODUCT_BUILD_NUMBER_NUMERIC which was the sequential build number of the product within the branch. Going forward, the fourth field of the displayed VMTools version is to be the "patch" starting with a '0' value. --- open-vm-tools/lib/include/vm_tools_version.h | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/open-vm-tools/lib/include/vm_tools_version.h b/open-vm-tools/lib/include/vm_tools_version.h index cff3f2f56..ef67f737c 100644 --- a/open-vm-tools/lib/include/vm_tools_version.h +++ b/open-vm-tools/lib/include/vm_tools_version.h @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (c) 1998-2024 Broadcom. All rights reserved. + * Copyright (c) 1998-2025 Broadcom. All Rights Reserved. * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it @@ -123,6 +123,9 @@ TOOLS_VERSION_UINT_TO_COMPONENTS(const ToolsVersion toolsVersion, // IN /* Historically -1 indicates tools version is not available. */ #define TOOLS_VERSION_INVALID 0xffffffff +#define _STRINGIZER(X) #X +#define STRINGIZER(X) _STRINGIZER(X) + #define STRINGER(MJR, MNR, BASE) #MJR "." #MNR "." #BASE #define TOOLS_VERSION_STRINGER(MJR, MNR, BASE) STRINGER(MJR, MNR, BASE) @@ -1819,12 +1822,18 @@ TOOLS_VERSION_UINT_TO_COMPONENTS(const ToolsVersion toolsVersion, // IN * For Windows tools, the fourth component of the version number must * be < 65k (circa), so we use PRODUCT_BUILD_NUMBER instead of * BUILD_NUMBER. + * + * Starting with VMware Tools 13.0.0, the fourth field in a version number + * represents the patch number. This is generally unused and set to 0. */ +#define TOOLS_VERSION_PATCH 0 +#define TOOLS_VERSION_PATCH_STR STRINGIZER(TOOLS_VERSION_PATCH) + #define TOOLS_VERSION_EXT_CURRENT_CSV \ - TOOLS_VERSION_CURRENT_CSV,PRODUCT_BUILD_NUMBER_NUMERIC + TOOLS_VERSION_CURRENT_CSV,TOOLS_VERSION_PATCH #define TOOLS_VERSION_EXT_CURRENT_STR \ - TOOLS_VERSION_CURRENT_STR "." PRODUCT_BUILD_NUMBER_NUMERIC_STRING + TOOLS_VERSION_CURRENT_STR "." TOOLS_VERSION_PATCH_STR /* clang-format on */ From b1f212f9f1cc94545d1361d52ce4acddb01a831f Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 10 Jun 2025 17:48:53 -0700 Subject: [PATCH 354/375] Change to common source file not applicable to open-vm-tools. --- open-vm-tools/vgauth/serviceImpl/service.c | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/vgauth/serviceImpl/service.c b/open-vm-tools/vgauth/serviceImpl/service.c index d4716526c..481af4b21 100644 --- a/open-vm-tools/vgauth/serviceImpl/service.c +++ b/open-vm-tools/vgauth/serviceImpl/service.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 2011-2016,2019 VMware, Inc. All rights reserved. + * Copyright (c) 2011-2025 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -28,6 +29,7 @@ #include "VGAuthUtil.h" #ifdef _WIN32 #include "winUtil.h" +#include #endif static ServiceStartListeningForIOFunc startListeningIOFunc = NULL; @@ -283,9 +285,20 @@ static gchar * ServiceUserNameToPipeName(const char *userName) { gchar *escapedName = ServiceEncodeUserName(userName); +#ifdef _WIN32 + /* + * Add a unique suffix to avoid a name collision with an existing named pipe + * created by someone else (intentionally or by accident). + */ + gchar *pipeName = g_strdup_printf("%s-%s-%u", + SERVICE_PUBLIC_PIPE_NAME, + escapedName, + g_random_int()); +#else gchar *pipeName = g_strdup_printf("%s-%s", SERVICE_PUBLIC_PIPE_NAME, escapedName); +#endif g_free(escapedName); return pipeName; From d91778dcdf1cc11268222cad783eedbe06bbc2d0 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 10 Jun 2025 17:48:53 -0700 Subject: [PATCH 355/375] Change to common source file not applicable to open-vm-tools. --- open-vm-tools/vgauth/serviceImpl/service.c | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/open-vm-tools/vgauth/serviceImpl/service.c b/open-vm-tools/vgauth/serviceImpl/service.c index 481af4b21..bb605a6cd 100644 --- a/open-vm-tools/vgauth/serviceImpl/service.c +++ b/open-vm-tools/vgauth/serviceImpl/service.c @@ -29,7 +29,7 @@ #include "VGAuthUtil.h" #ifdef _WIN32 #include "winUtil.h" -#include +#include #endif static ServiceStartListeningForIOFunc startListeningIOFunc = NULL; @@ -286,14 +286,21 @@ ServiceUserNameToPipeName(const char *userName) { gchar *escapedName = ServiceEncodeUserName(userName); #ifdef _WIN32 + gchar *uuidStr = g_uuid_string_random(); /* * Add a unique suffix to avoid a name collision with an existing named pipe * created by someone else (intentionally or by accident). + * This is not needed for Linux; name collisions on sockets are already + * avoided there since (1) file system paths to VGAuthService sockets are in + * a directory that is writable only by root and (2) VGAuthService unlinks a + * socket path before binding it to a newly created socket. */ - gchar *pipeName = g_strdup_printf("%s-%s-%u", + gchar *pipeName = g_strdup_printf("%s-%s-%s", SERVICE_PUBLIC_PIPE_NAME, escapedName, - g_random_int()); + uuidStr); + + g_free(uuidStr); #else gchar *pipeName = g_strdup_printf("%s-%s", SERVICE_PUBLIC_PIPE_NAME, From 760a7ad199de2b93d8a629e6a9c9810b4beecb1c Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 10 Jun 2025 17:48:53 -0700 Subject: [PATCH 356/375] Check if the user name contains any illegal characters. Verify that the user name whose store will be used to remove and query aliases does not contain any illegal and path traversal characters (backward and forward slashes). --- open-vm-tools/vgauth/common/usercheck.c | 26 +++++++++++++++++++++--- open-vm-tools/vgauth/serviceImpl/alias.c | 20 ++++++++++++++++-- 2 files changed, 41 insertions(+), 5 deletions(-) diff --git a/open-vm-tools/vgauth/common/usercheck.c b/open-vm-tools/vgauth/common/usercheck.c index 3beede2e8..2b4e424da 100644 --- a/open-vm-tools/vgauth/common/usercheck.c +++ b/open-vm-tools/vgauth/common/usercheck.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 2011-2016,2019,2023 VMware, Inc. All rights reserved. + * Copyright (c) 2011-2025 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -78,6 +79,8 @@ * Solaris as well, but that path is untested. */ +#define MAX_USER_NAME_LEN 256 + /* * A single retry works for the LDAP case, but try more often in case NIS * or something else has a related issue. Note that a bad username/uid won't @@ -354,12 +357,29 @@ Usercheck_UsernameIsLegal(const gchar *userName) * restricted list for local usernames. */ size_t len; - char *illegalChars = "<>/"; + size_t i = 0; + int backSlashCnt = 0; + /* + * As user names are used to generate its alias store file name/path, it + * should not contain path traversal characters ('/' and '\'). + */ + char *illegalChars = "<>/\\"; len = strlen(userName); - if (strcspn(userName, illegalChars) != len) { + if (len > MAX_USER_NAME_LEN) { return FALSE; } + + while ((i += strcspn(userName + i, illegalChars)) < len) { + /* + * One backward slash is allowed for domain\username separator. + */ + if (userName[i] != '\\' || ++backSlashCnt > 1) { + return FALSE; + } + ++i; + } + return TRUE; } diff --git a/open-vm-tools/vgauth/serviceImpl/alias.c b/open-vm-tools/vgauth/serviceImpl/alias.c index 4e170202c..2a371f9ef 100644 --- a/open-vm-tools/vgauth/serviceImpl/alias.c +++ b/open-vm-tools/vgauth/serviceImpl/alias.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 2011-2021, 2023 VMware, Inc. All rights reserved. + * Copyright (c) 2011-2025 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -2803,8 +2804,13 @@ ServiceAliasRemoveAlias(const gchar *reqUserName, /* * We don't verify the user exists in a Remove operation, to allow - * cleanup of deleted user's stores. + * cleanup of deleted user's stores, but we do check whether the + * user name is legal or not. */ + if (!Usercheck_UsernameIsLegal(userName)) { + Warning("%s: Illegal user name '%s'\n", __FUNCTION__, userName); + return VGAUTH_E_FAIL; + } if (!CertVerify_IsWellFormedPEMCert(pemCert)) { return VGAUTH_E_INVALID_CERTIFICATE; @@ -3036,6 +3042,16 @@ ServiceAliasQueryAliases(const gchar *userName, } #endif + /* + * We don't verify the user exists in a Query operation to allow + * cleaning up after a deleted user, but we do check whether the + * user name is legal or not. + */ + if (!Usercheck_UsernameIsLegal(userName)) { + Warning("%s: Illegal user name '%s'\n", __FUNCTION__, userName); + return VGAUTH_E_FAIL; + } + err = AliasLoadAliases(userName, num, aList); if (VGAUTH_E_OK != err) { Warning("%s: failed to load Aliases for '%s'\n", __FUNCTION__, userName); From 8ca940a6a87674584eda564c18041ff60c7eb749 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 10 Jun 2025 17:48:53 -0700 Subject: [PATCH 357/375] Check the real path for the alias store file Verify the real path, which is the fully resolved path from junctions, symbolic links, and path traversal characters. --- open-vm-tools/vgauth/serviceImpl/alias.c | 47 +++++++++++++++++++ open-vm-tools/vgauth/serviceImpl/serviceInt.h | 4 +- 2 files changed, 50 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/vgauth/serviceImpl/alias.c b/open-vm-tools/vgauth/serviceImpl/alias.c index 2a371f9ef..bca3e7281 100644 --- a/open-vm-tools/vgauth/serviceImpl/alias.c +++ b/open-vm-tools/vgauth/serviceImpl/alias.c @@ -253,6 +253,12 @@ mapping file layout: */ +#ifdef _WIN32 +#define ISPATHSEP(c) ((c) == '\\' || (c) == '/') +#else +#define ISPATHSEP(c) ((c) == '/') +#endif + /* ****************************************************************************** @@ -467,6 +473,7 @@ ServiceLoadFileContentsWin(const gchar *fileName, gunichar2 *fileNameW = NULL; BOOL ok; DWORD bytesRead; + gchar *realPath = NULL; *fileSize = 0; *contents = NULL; @@ -623,6 +630,20 @@ ServiceLoadFileContentsWin(const gchar *fileName, goto done; } + /* + * Check if fileName is real path. + */ + if ((realPath = ServiceFileGetPathByHandle(hFile)) == NULL) { + err = VGAUTH_E_FAIL; + goto done; + } + if (g_strcmp0(realPath, fileName) != 0) { + Warning("%s: Real path (%s) is not same as file path (%s)\n", + __FUNCTION__, realPath, fileName); + err = VGAUTH_E_FAIL; + goto done; + } + /* * Now finally read the contents. */ @@ -651,6 +672,7 @@ ServiceLoadFileContentsWin(const gchar *fileName, CloseHandle(hFile); } g_free(fileNameW); + g_free(realPath); return err; } @@ -673,6 +695,7 @@ ServiceLoadFileContentsPosix(const gchar *fileName, gchar *buf; gchar *bp; int fd = -1; + gchar realPath[PATH_MAX] = { 0 }; *fileSize = 0; *contents = NULL; @@ -818,6 +841,21 @@ ServiceLoadFileContentsPosix(const gchar *fileName, goto done; } + /* + * Check if fileName is real path. + */ + if (realpath(fileName, realPath) == NULL) { + Warning("%s: realpath() failed. errno (%d)\n", __FUNCTION__, errno); + err = VGAUTH_E_FAIL; + goto done; + } + if (g_strcmp0(realPath, fileName) != 0) { + Warning("%s: Real path (%s) is not same as file path (%s)\n", + __FUNCTION__, realPath, fileName); + err = VGAUTH_E_FAIL; + goto done; + } + /* * All confidence checks passed; read the bits. */ @@ -3310,6 +3348,7 @@ ServiceAliasInitAliasStore(void) VGAuthError err = VGAUTH_E_OK; gboolean saveBadDir = FALSE; char *defaultDir = NULL; + size_t len; #ifdef _WIN32 { @@ -3353,6 +3392,14 @@ ServiceAliasInitAliasStore(void) VGAUTH_PREF_GROUP_NAME_SERVICE, defaultDir); + /* + * Remove the trailing separator if any from aliasStoreRootDir path. + */ + len = strlen(aliasStoreRootDir); + if (ISPATHSEP(aliasStoreRootDir[len - 1])) { + aliasStoreRootDir[len - 1] = '\0'; + } + Log("Using '%s' for alias store root directory\n", aliasStoreRootDir); g_free(defaultDir); diff --git a/open-vm-tools/vgauth/serviceImpl/serviceInt.h b/open-vm-tools/vgauth/serviceImpl/serviceInt.h index 5f420192b..768da1b58 100644 --- a/open-vm-tools/vgauth/serviceImpl/serviceInt.h +++ b/open-vm-tools/vgauth/serviceImpl/serviceInt.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 2011-2017,2023 VMware, Inc. All rights reserved. + * Copyright (c) 2011-2025 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -441,6 +442,7 @@ VGAuthError ServiceFileVerifyAdminGroupOwnedByHandle(const HANDLE hFile); VGAuthError ServiceFileVerifyEveryoneReadableByHandle(const HANDLE hFile); VGAuthError ServiceFileVerifyUserAccessByHandle(const HANDLE hFile, const char *userName); +gchar *ServiceFileGetPathByHandle(HANDLE hFile); #else VGAuthError ServiceFileVerifyFileOwnerAndPerms(const char *fileName, const char *userName, From 73365346ae6d5ce195a0501a0a5684f48f133e19 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 10 Jun 2025 17:48:53 -0700 Subject: [PATCH 358/375] Change to common source files not applicable to open-vm-tools. --- open-vm-tools/vgauth/common/prefs.h | 6 ++- open-vm-tools/vgauth/serviceImpl/alias.c | 59 ++++++++++++++---------- 2 files changed, 39 insertions(+), 26 deletions(-) diff --git a/open-vm-tools/vgauth/common/prefs.h b/open-vm-tools/vgauth/common/prefs.h index 6c58f3f4b..718053257 100644 --- a/open-vm-tools/vgauth/common/prefs.h +++ b/open-vm-tools/vgauth/common/prefs.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 2011-2019,2023 VMware, Inc. All rights reserved. + * Copyright (c) 2011-2025 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -167,6 +168,9 @@ msgCatalog = /etc/vmware-tools/vgauth/messages /** Where the localized version of the messages were installed. */ #define VGAUTH_PREF_LOCALIZATION_DIR "msgCatalog" +/** If symlinks or junctions are allowed in alias store file path */ +#define VGAUTH_PREF_ALLOW_SYMLINKS "allowSymlinks" + /* * Pref values */ diff --git a/open-vm-tools/vgauth/serviceImpl/alias.c b/open-vm-tools/vgauth/serviceImpl/alias.c index bca3e7281..e5dae5fff 100644 --- a/open-vm-tools/vgauth/serviceImpl/alias.c +++ b/open-vm-tools/vgauth/serviceImpl/alias.c @@ -67,6 +67,7 @@ #define ALIASSTORE_FILE_PREFIX "user-" #define ALIASSTORE_FILE_SUFFIX ".xml" +static gboolean allowSymlinks = FALSE; static gchar *aliasStoreRootDir = DEFAULT_ALIASSTORE_ROOT_DIR; #ifdef _WIN32 @@ -630,18 +631,20 @@ ServiceLoadFileContentsWin(const gchar *fileName, goto done; } - /* - * Check if fileName is real path. - */ - if ((realPath = ServiceFileGetPathByHandle(hFile)) == NULL) { - err = VGAUTH_E_FAIL; - goto done; - } - if (g_strcmp0(realPath, fileName) != 0) { - Warning("%s: Real path (%s) is not same as file path (%s)\n", - __FUNCTION__, realPath, fileName); - err = VGAUTH_E_FAIL; - goto done; + if (!allowSymlinks) { + /* + * Check if fileName is real path. + */ + if ((realPath = ServiceFileGetPathByHandle(hFile)) == NULL) { + err = VGAUTH_E_FAIL; + goto done; + } + if (_stricmp(realPath, fileName) != 0) { + Warning("%s: Real path (%s) is not same as file path (%s)\n", + __FUNCTION__, realPath, fileName); + err = VGAUTH_E_FAIL; + goto done; + } } /* @@ -841,19 +844,21 @@ ServiceLoadFileContentsPosix(const gchar *fileName, goto done; } - /* - * Check if fileName is real path. - */ - if (realpath(fileName, realPath) == NULL) { - Warning("%s: realpath() failed. errno (%d)\n", __FUNCTION__, errno); - err = VGAUTH_E_FAIL; - goto done; - } - if (g_strcmp0(realPath, fileName) != 0) { - Warning("%s: Real path (%s) is not same as file path (%s)\n", - __FUNCTION__, realPath, fileName); - err = VGAUTH_E_FAIL; - goto done; + if (!allowSymlinks) { + /* + * Check if fileName is real path. + */ + if (realpath(fileName, realPath) == NULL) { + Warning("%s: realpath() failed. errno (%d)\n", __FUNCTION__, errno); + err = VGAUTH_E_FAIL; + goto done; + } + if (g_strcmp0(realPath, fileName) != 0) { + Warning("%s: Real path (%s) is not same as file path (%s)\n", + __FUNCTION__, realPath, fileName); + err = VGAUTH_E_FAIL; + goto done; + } } /* @@ -3379,6 +3384,10 @@ ServiceAliasInitAliasStore(void) defaultDir = g_strdup(DEFAULT_ALIASSTORE_ROOT_DIR); #endif + allowSymlinks = Pref_GetBool(gPrefs, + VGAUTH_PREF_ALLOW_SYMLINKS, + VGAUTH_PREF_GROUP_NAME_SERVICE, + FALSE); /* * Find the alias store directory. This allows an installer to put * it somewhere else if necessary. From 6abe63bc8993e41ded4dcdda420257362b57e281 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 10 Jun 2025 17:48:53 -0700 Subject: [PATCH 359/375] Change to common source files not applicable to open-vm-tools. --- open-vm-tools/vgauth/common/VGAuthUtil.c | 36 +++++++++++++++++++++++- open-vm-tools/vgauth/common/VGAuthUtil.h | 5 +++- open-vm-tools/vgauth/serviceImpl/alias.c | 3 +- 3 files changed, 41 insertions(+), 3 deletions(-) diff --git a/open-vm-tools/vgauth/common/VGAuthUtil.c b/open-vm-tools/vgauth/common/VGAuthUtil.c index 76383c462..b2a39c58e 100644 --- a/open-vm-tools/vgauth/common/VGAuthUtil.c +++ b/open-vm-tools/vgauth/common/VGAuthUtil.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 2011-2016 VMware, Inc. All rights reserved. + * Copyright (c) 2011-2025 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -309,3 +310,36 @@ Util_Assert(const char *cond, #endif g_assert(0); } + + +/* + ****************************************************************************** + * Util_Utf8CaseCmp -- */ /** + * + * Case insensitive comparison for utf8 strings which can have non-ascii + * characters. + * + * @param[in] str1 Null terminated utf8 string. + * @param[in] str2 Null terminated utf8 string. + * + ****************************************************************************** + */ + +int +Util_Utf8CaseCmp(const gchar *str1, + const gchar *str2) +{ + int ret; + gchar *str1Case; + gchar *str2Case; + + str1Case = g_utf8_casefold(str1, -1); + str2Case = g_utf8_casefold(str2, -1); + + ret = g_strcmp0(str1Case, str2Case); + + g_free(str1Case); + g_free(str2Case); + + return ret; +} diff --git a/open-vm-tools/vgauth/common/VGAuthUtil.h b/open-vm-tools/vgauth/common/VGAuthUtil.h index f7f3aa216..72890e6ee 100644 --- a/open-vm-tools/vgauth/common/VGAuthUtil.h +++ b/open-vm-tools/vgauth/common/VGAuthUtil.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 2011-2016 VMware, Inc. All rights reserved. + * Copyright (c) 2011-2025 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -105,4 +106,6 @@ gboolean Util_CheckExpiration(const GTimeVal *start, unsigned int duration); void Util_Assert(const char *cond, const char *file, int lineNum); +int Util_Utf8CaseCmp(const gchar *str1, const gchar *str2); + #endif diff --git a/open-vm-tools/vgauth/serviceImpl/alias.c b/open-vm-tools/vgauth/serviceImpl/alias.c index e5dae5fff..288e5524c 100644 --- a/open-vm-tools/vgauth/serviceImpl/alias.c +++ b/open-vm-tools/vgauth/serviceImpl/alias.c @@ -42,6 +42,7 @@ #include "certverify.h" #include "VGAuthProto.h" #include "vmxlog.h" +#include "VGAuthUtil.h" // puts the identity store in an easy to find place #undef WIN_TEST_MODE @@ -639,7 +640,7 @@ ServiceLoadFileContentsWin(const gchar *fileName, err = VGAUTH_E_FAIL; goto done; } - if (_stricmp(realPath, fileName) != 0) { + if (Util_Utf8CaseCmp(realPath, fileName) != 0) { Warning("%s: Real path (%s) is not same as file path (%s)\n", __FUNCTION__, realPath, fileName); err = VGAUTH_E_FAIL; From ff312b3862dba02dffc8fa2027426fa850b08a3a Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Tue, 10 Jun 2025 17:54:13 -0700 Subject: [PATCH 360/375] Update ChangeLog with the granular push of June 10, 2025. - plus ChangeLog update of Feb 25, 2025. --- open-vm-tools/ChangeLog | 62 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 62 insertions(+) diff --git a/open-vm-tools/ChangeLog b/open-vm-tools/ChangeLog index 6838e661d..8ed616fe7 100644 --- a/open-vm-tools/ChangeLog +++ b/open-vm-tools/ChangeLog @@ -1,3 +1,65 @@ +commit 6abe63bc8993e41ded4dcdda420257362b57e281 +Author: Kruti Pendharkar +Date: Tue Jun 10 17:48:53 2025 -0700 + + Change to common source files not applicable to open-vm-tools. + +commit 73365346ae6d5ce195a0501a0a5684f48f133e19 +Author: Kruti Pendharkar +Date: Tue Jun 10 17:48:53 2025 -0700 + + Change to common source files not applicable to open-vm-tools. + +commit 8ca940a6a87674584eda564c18041ff60c7eb749 +Author: Kruti Pendharkar +Date: Tue Jun 10 17:48:53 2025 -0700 + + Check the real path for the alias store file + + Verify the real path, which is the fully resolved path from junctions, + symbolic links, and path traversal characters. + +commit 760a7ad199de2b93d8a629e6a9c9810b4beecb1c +Author: Kruti Pendharkar +Date: Tue Jun 10 17:48:53 2025 -0700 + + Check if the user name contains any illegal characters. + + Verify that the user name whose store will be used to remove and query + aliases does not contain any illegal and path traversal characters + (backward and forward slashes). + +commit d91778dcdf1cc11268222cad783eedbe06bbc2d0 +Author: Kruti Pendharkar +Date: Tue Jun 10 17:48:53 2025 -0700 + + Change to common source file not applicable to open-vm-tools. + +commit b1f212f9f1cc94545d1361d52ce4acddb01a831f +Author: Kruti Pendharkar +Date: Tue Jun 10 17:48:53 2025 -0700 + + Change to common source file not applicable to open-vm-tools. + +commit 4f0a30e604883158280a7d2a91b213efb7af87b6 +Author: Kruti Pendharkar +Date: Tue Jun 10 17:48:53 2025 -0700 + + Set the "patch" field of VMTools version to zero. + + Prior to VMTools 13.0.0, the fourth field in the VMTools version was set + to PRODUCT_BUILD_NUMBER_NUMERIC which was the sequential build number + of the product within the branch. Going forward, the fourth field + of the displayed VMTools version is to be the "patch" starting with a + '0' value. + +commit 3b7214d00780448e203141da0723b9d321f61a8f +Author: Kruti Pendharkar +Date: Tue Feb 25 01:31:27 2025 -0800 + + Update ChangeLog with the granular push of Feb 25, 2025. + - plus ChangeLog update of Feb 21, 2025. + commit 3d84ad3cb5c0b3cd89753ec8d340037e91b9ba38 Author: Kruti Pendharkar Date: Tue Feb 25 01:29:11 2025 -0800 From 2cb03d35cc28608557c82d5c81dbe5be9f9aae47 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Wed, 18 Jun 2025 04:31:14 -0700 Subject: [PATCH 361/375] Prepare for the open-vm-tools 13.0.0 release. - Update the tools version in the configure.ac. - Update the build numbers in the buldNumber.h. --- open-vm-tools/configure.ac | 4 ++-- open-vm-tools/lib/include/buildNumber.h | 12 ++++++------ 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/open-vm-tools/configure.ac b/open-vm-tools/configure.ac index 81c6ac3e2..fcc3050c7 100644 --- a/open-vm-tools/configure.ac +++ b/open-vm-tools/configure.ac @@ -36,10 +36,10 @@ ### Initialization ### -TOOLS_VERSION="11.2.0" +TOOLS_VERSION="13.0.0" AC_INIT( [open-vm-tools], - [11.2.0], + [13.0.0], [open-vm-tools-devel@lists.sourceforge.net]) # In order to make this configure script auto-detect situations where diff --git a/open-vm-tools/lib/include/buildNumber.h b/open-vm-tools/lib/include/buildNumber.h index 523eb3253..bace4386f 100644 --- a/open-vm-tools/lib/include/buildNumber.h +++ b/open-vm-tools/lib/include/buildNumber.h @@ -1,12 +1,12 @@ #define BUILD_NUMBER \ - "build-15943241" + "build-24696409" #define BUILD_NUMBER_NUMERIC \ - 15943241 + 24696409 #define BUILD_NUMBER_NUMERIC_STRING \ - "15943241" + "24696409" #define PRODUCT_BUILD_NUMBER \ - "product-build-19694" + "product-build-52586" #define PRODUCT_BUILD_NUMBER_NUMERIC \ - 19694 + 52586 #define PRODUCT_BUILD_NUMBER_NUMERIC_STRING \ - "19694" + "52586" From 276d9b3738d01c88035257532681cbd0c10b775b Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Wed, 18 Jun 2025 04:34:29 -0700 Subject: [PATCH 362/375] Update the ReleaseNotes.md for the 13.0.0 open-vm-tools release --- ReleaseNotes.md | 167 ++++++++++++++++++++++++++++++++---------------- 1 file changed, 111 insertions(+), 56 deletions(-) diff --git a/ReleaseNotes.md b/ReleaseNotes.md index 6f4ce1c57..1e9ada89d 100644 --- a/ReleaseNotes.md +++ b/ReleaseNotes.md @@ -1,56 +1,111 @@ -#open-vm-tools 10.0.0 Release Notes - -Updated on 1 SEP 2015 -##What's in the Release Notes -The release notes cover the following topics: - -- What's New -- Internationalization -- Compatibility -- Installation and Upgrades for This Release -- Known Issues - -##What's New -VMware Tools is a suite of utilities that enhances the performance of the virtual machine's guest operating system and improves management of the virtual machine. Read about the new and enhanced features in this release below: - -- **Common versioning**: Infrastructure changes to enable reporting of the true version of open-vm-tools. This feature is dependent on host support. -- **Quiesced snapshots enhancements for Linux guests running IO workload**: Robustness related enhancements in quiesced snapshot operation. The _vmtoolsd_ service supports caching of log messages when guest IO has been quiesced. Enhancements in the _vmbackup_ plugin use a separate thread to quiesce the guest OS to avoid timeout issues due to heavy I/O in the guest. -- **Shared Folders**: For Linux distributions with kernel version 4.0.0 and higher, there is a new FUSE based Shared Folders client which is used as a replacement for the kernel mode client. -- **ESXi Serviceability**: Default _vmtoolsd_ logging is directed to a file instead of syslog. _vmware-toolbox-cmd_ is enhanced for setting _vmtoolsd_ logging levels. -- **GuestInfo Enhancements**: Plugin enhancements to report more than 64 IP addresses from the guest. These enhancements will be available only after upgrading the host because the guest IP addresses limit also exists on the host side. - -## Internationalization -open-vm-tools 10.0.0 supports the following languages: - -- English -- French -- German -- Spanish -- Italian -- Japanese -- Korean -- Simplified Chinese -- Traditional Chinese - -## Compatibility -open-vm-tools 10.0.0 is compatible with all supported versions of VMware vSphere, VMware Workstation 12.0 and VMware Fusion 8.0. -## Installation and Upgrades for This Release -The steps to install open-vm-tools vary depending on your VMware product and the guest operating system you have installed. For general steps to install open-vm-tools in most VMware products, see https://github.com/vmware/open-vm-tools/blob/master/README.md -## Known Issues -The known issues are as follows: - -- **The status of IPv6 address is displayed as "unknown"** - - The status of IPv6 address from vim-cmd is displayed as "unknown" even when the address is valid. - - Workaround: None -- **TextCopyPaste between host and guest systems fail** - - Copy and Paste of text between host and guest systems fail if the text size 50KB or higher. - - Workaround: Copy and Paste smaller amounts of text. -- **Definition of the field _ipAddress_ in guestinfo is ambiguous** - - The field _ipAddress_ is defined as "Primary IP address assigned to the guest operating system, if known". - - Workaround: The field _ipAddress_ in this context for Linux is defined as the first IP address fetched by open-vm-tools. +# open-vm-tools 13.0.0 Release Notes + +Updated on: 17 June 2025 + +open-vm-tools | 17 JUNE 2025 | Build 24696409 + +Check back for additions and updates to these release notes. + +## What's in the Release Notes + +The release notes cover the following topics: + +* [What's New](#whatsnew) +* [Internationalization](#i18n) +* [Product Support Notice](#suppnote) +* [Guest Operating System Customization Support](#guestop) +* [Interoperability Matrix](#interop) +* [Resolved Issues](#resolvedissues) +* [Known Issues](#knownissues) + +## What's New + +* The vm-support script has been improved (version 0.98). + + To aid in triaging open-vm-tools issues, the vm-support script has been updated to: + * now collect all current open-vm-tools log files as configured in the [logging] section of tools.conf. + * collect one month of information from the systemd journal. + +* Please see the [Resolved Issues](#resolvedissues) and [Known Issues](#knownissues) sections below. + +* A complete list of the granular changes in the open-vm-tools 13.0.0 release is available at: + + [open-vm-tools ChangeLog](https://github.com/vmware/open-vm-tools/blob/stable-13.0.0/open-vm-tools/ChangeLog) + +## Internationalization + +open-vm-tools 13.0.0 is available in the following languages: + +* English +* French +* Japanese +* Spanish + +## Guest Operating System Customization Support + +The [Guest OS Customization Support Matrix](https://compatibilityguide.broadcom.com/search?program=software&persona=live&customization=Guest+Customization&column=osVendors&order=asc) provides details about the guest operating systems supported for customization. + + +## Interoperability Matrix + +The [Broadcom Product Interoperability Matrix](https://interopmatrix.broadcom.com/Interoperability) provides details about the compatibility of current and earlier versions of VMware Products.  + +## Resolved Issues + +* **The following github.com/vmware/open-vm-tools pull requests and issues has been addressed.** + + * FTBFS: --std=c23 conflicting types between function definition and declaration MXUserTryAcquireForceFail() + + [Fixes Issue #750](https://github.com/vmware/open-vm-tools/issues/750)
+ [Pull request #751](https://github.com/vmware/open-vm-tools/pull/751) + + * Provide tools.conf settings to deactivate one-time and periodic time synchronization + + The new tools.conf settings `disable-all` and `disable-periodic` allow the guest OS administrator to deactivate one-time and periodic time synchronization without rebooting the VM or restarting the guest OS. + + [Fixes Issue #302](https://github.com/vmware/open-vm-tools/issues/302) + + * Fix xmlsec detection when cross-compiling with pkg-config + + [Pull request #732](https://github.com/vmware/open-vm-tools/pull/732) + +* **After October 25, 2024, with open-vm-tools earlier than 13.0.0, the salt-minion component is not installed or fails to install in a guest operating system through the VMware Component Manager** + + When you configure the salt-minion component in the present state, its last status is set to 102 (not installed) or 103 (installation failed), never reaching the installed state 100. + + * The VM advanced setting with the key "guestinfo./vmware.components.salt_minion.desiredstate" has a value present. + * The VM advanced setting with the key "guestinfo.vmware.components.salt_minion.laststatus" has a value 102 or 103. + + The salt-minion component installs a log file with traces indicating failure to access the online salt repository on https://repo.saltproject.io. The "vmware-svtminion.sh-install-*.log" file for the failed install shows a trace similar to: + + ``` + INFO: /usr/lib64/open-vm-tools/componentMgr/saltMinion/svtminion.sh:_curl_download attempting download of file 'repo.json' + WARNING: /usr/lib64/open-vm-tools/componentMgr/saltMinion/svtminion.sh:_curl_download failed to download file 'repo.json' from 'https://repo.saltproject.io/salt/py3/onedir/repo.json' on '0' attempt, retcode '6' + WARNING: /usr/lib64/open-vm-tools/componentMgr/saltMinion/svtminion.sh:_curl_download failed to download file 'repo.json' from 'https://repo.saltproject.io/salt/py3/onedir/repo.json' on '1' attempt, retcode '6' + WARNING: /usr/lib64/open-vm-tools/componentMgr/saltMinion/svtminion.sh:_curl_download failed to download file 'repo.json' from 'https://repo.saltproject.io/salt/py3/onedir/repo.json' on '2' attempt, retcode '6' + WARNING: /usr/lib64/open-vm-tools/componentMgr/saltMinion/svtminion.sh:_curl_download failed to download file 'repo.json' from 'https://repo.saltproject.io/salt/py3/onedir/repo.json' on '3' attempt, retcode '6' + WARNING: /usr/lib64/open-vm-tools/componentMgr/saltMinion/svtminion.sh:_curl_download failed to download file 'repo.json' from 'https://repo.saltproject.io/salt/py3/onedir/repo.json' on '4' attempt, retcode '6' + ERROR: /usr/lib64/open-vm-tools/componentMgr/saltMinion/svtminion.sh:_curl_download failed to download file 'repo.json' from 'https://repo.saltproject.io/salt/py3/onedir/repo.json' after '5' attempts + ``` + + This issue is resolved in this release. + + The new versions of the salt-minion integration scripts supporting the new Salt Project repository locations are available at: + + * [https://packages.broadcom.com/artifactory/saltproject-generic/onedir/](https://packages.broadcom.com/artifactory/saltproject-generic/onedir/) + +## Known Issues + +* **Shared Folders mount is unavailable on Linux VM.** + + If the **Shared Folders** feature is enabled on a Linux VM while it is powered off, the shared folders mount is not available on restart. + + Note: This issue is applicable to open-vm-tools running on VMware Workstation and VMware Fusion. + + Workaround: + + If the VM is powered on, disable and enable the **Shared Folders** feature from the interface. For resolving the issue permanently, edit **/etc/fstab** and add an entry to mount the Shared Folders automatically on boot. For example, add the line: + + vmhgfs-fuse /mnt/hgfs fuse defaults,allow_other 0 0 + + For more information on how to configure VMware Tools Shared Folders, see [KB 60262](https://knowledge.broadcom.com/external/article?legacyId=60262) From 01d8ecaee6b85a897c281dcaf5c080acc6ccf576 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Wed, 18 Jun 2025 20:59:50 -0700 Subject: [PATCH 363/375] ================================================= open-vm-tools 13.0.0 released at this point. ================================================= Update of the ChangeLog with the final changes in preparation for the open-vm-tools 13.0.0 release. --- open-vm-tools/ChangeLog | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/open-vm-tools/ChangeLog b/open-vm-tools/ChangeLog index 8ed616fe7..937efe149 100644 --- a/open-vm-tools/ChangeLog +++ b/open-vm-tools/ChangeLog @@ -1,3 +1,25 @@ +commit 276d9b3738d01c88035257532681cbd0c10b775b +Author: Kruti Pendharkar +Date: Wed Jun 18 04:34:29 2025 -0700 + + Update the ReleaseNotes.md for the 13.0.0 open-vm-tools release + +commit 2cb03d35cc28608557c82d5c81dbe5be9f9aae47 +Author: Kruti Pendharkar +Date: Wed Jun 18 04:31:14 2025 -0700 + + Prepare for the open-vm-tools 13.0.0 release. + + - Update the tools version in the configure.ac. + - Update the build numbers in the buldNumber.h. + +commit ff312b3862dba02dffc8fa2027426fa850b08a3a +Author: Kruti Pendharkar +Date: Tue Jun 10 17:54:13 2025 -0700 + + Update ChangeLog with the granular push of June 10, 2025. + - plus ChangeLog update of Feb 25, 2025. + commit 6abe63bc8993e41ded4dcdda420257362b57e281 Author: Kruti Pendharkar Date: Tue Jun 10 17:48:53 2025 -0700 From 3c28b6f4d9af2df2027a9df9c82e2f0196bd8bf7 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Wed, 18 Jun 2025 21:05:18 -0700 Subject: [PATCH 364/375] Update ChangeLog with the open-vm-tools 13.0.0 release marker. --- open-vm-tools/ChangeLog | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/open-vm-tools/ChangeLog b/open-vm-tools/ChangeLog index 937efe149..f6b732094 100644 --- a/open-vm-tools/ChangeLog +++ b/open-vm-tools/ChangeLog @@ -1,3 +1,14 @@ +commit 01d8ecaee6b85a897c281dcaf5c080acc6ccf576 +Author: Kruti Pendharkar +Date: Wed Jun 18 20:59:50 2025 -0700 + + ================================================= + open-vm-tools 13.0.0 released at this point. + ================================================= + + Update of the ChangeLog with the final changes in preparation for + the open-vm-tools 13.0.0 release. + commit 276d9b3738d01c88035257532681cbd0c10b775b Author: Kruti Pendharkar Date: Wed Jun 18 04:34:29 2025 -0700 From 843533b18d79cb524c3200780015e01e6e84eee7 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Wed, 18 Jun 2025 21:49:15 -0700 Subject: [PATCH 365/375] Resolve merge conflicts. --- open-vm-tools/lib/include/vm_tools_version.h | 21 +++---------------- open-vm-tools/services/vmtoolsd/l10n/es.vmsg | 2 +- .../vgauth/serviceImpl/saml-xmlsec1.c | 16 -------------- 3 files changed, 4 insertions(+), 35 deletions(-) diff --git a/open-vm-tools/lib/include/vm_tools_version.h b/open-vm-tools/lib/include/vm_tools_version.h index 5a745c7b5..ef67f737c 100644 --- a/open-vm-tools/lib/include/vm_tools_version.h +++ b/open-vm-tools/lib/include/vm_tools_version.h @@ -1810,24 +1810,9 @@ TOOLS_VERSION_UINT_TO_COMPONENTS(const ToolsVersion toolsVersion, // IN #define TOOLS_VERSION_NEXT_V_MNR 0 #define TOOLS_VERSION_NEXT_V_BASE 0 -#ifndef RC_INVOKED -#define TOOLS_VERSION_PLIERS_PATCH1 TOOLS_VERSION_TO_UINT(TOOLS_VERSION_PLIERS_PATCH1_V) -#endif /* RC_INVOKED */ -#define TOOLS_VERSION_PLIERS_PATCH1_V_MJR 12 -#define TOOLS_VERSION_PLIERS_PATCH1_V_MNR 5 -#define TOOLS_VERSION_PLIERS_PATCH1_V_BASE 1 - - -#ifndef RC_INVOKED -#define TOOLS_VERSION_PLIERS_PATCH2 TOOLS_VERSION_TO_UINT(TOOLS_VERSION_PLIERS_PATCH2_V) -#endif /* RC_INVOKED */ -#define TOOLS_VERSION_PLIERS_PATCH2_V_MJR 12 -#define TOOLS_VERSION_PLIERS_PATCH2_V_MNR 5 -#define TOOLS_VERSION_PLIERS_PATCH2_V_BASE 2 - -#define TOOLS_VERSION_CURRENT TOOLS_VERSION_PLIERS_PATCH2 -#define TOOLS_VERSION_CURRENT_STR TOOLS_VERSION_TO_STR(TOOLS_VERSION_PLIERS_PATCH2) -#define TOOLS_VERSION_CURRENT_CSV TOOLS_VERSION_TO_CSV(TOOLS_VERSION_PLIERS_PATCH2) +#define TOOLS_VERSION_CURRENT TOOLS_VERSION_NEXT +#define TOOLS_VERSION_CURRENT_STR TOOLS_VERSION_TO_STR(TOOLS_VERSION_NEXT) +#define TOOLS_VERSION_CURRENT_CSV TOOLS_VERSION_TO_CSV(TOOLS_VERSION_NEXT) /* * The extended Tools version is the current Tools version with the diff --git a/open-vm-tools/services/vmtoolsd/l10n/es.vmsg b/open-vm-tools/services/vmtoolsd/l10n/es.vmsg index 3b20cc099..b13cf2b8b 100644 --- a/open-vm-tools/services/vmtoolsd/l10n/es.vmsg +++ b/open-vm-tools/services/vmtoolsd/l10n/es.vmsg @@ -23,7 +23,7 @@ cmdline.background.pidfile = "archivo pid" cmdline.blockfd = "Descriptor del archivo para el sistema de archivos de bloqueo de VMware." -cmdline.blockfd.fd = "fd" +cmdline.blockfd.fd = "descriptor del archivo" cmdline.commonpath = "Ruta al directorio de complementos frecuentes." diff --git a/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c b/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c index c127cbcef..7bf70fa74 100644 --- a/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c +++ b/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c @@ -33,22 +33,6 @@ #include #include -// PR 3416639, xmlFile* APIs were deprecated in libxml2 2.13.0 -// Ignore the deprecated warnings after updating libxml2 to 2.13.3 -// ToDo: Define the deprecated APIs locally and remove the -// XML_IGNORE_DEPRECATION_WARNINGS -#ifdef _WIN32 -#define XML_IGNORE_DEPRECATION_WARNINGS \ - __pragma(warning(push)) \ - __pragma(warning(disable : 4996)) -#define XML_POP_WARNINGS __pragma(warning(pop)) -#else -#define XML_IGNORE_DEPRECATION_WARNINGS \ - _Pragma("GCC diagnostic push") \ - _Pragma("GCC diagnostic ignored \"-Wdeprecated-declarations\"") -#define XML_POP_WARNINGS _Pragma("GCC diagnostic pop") -#endif - #include #include #include From 248d01bdd92371cd868c5486ab48ce2f845d208f Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Mon, 29 Sep 2025 23:03:43 -0700 Subject: [PATCH 366/375] Change to common header file not applicable to open-vm-tools. --- open-vm-tools/lib/include/vm_tools_version.h | 21 ++++++++++++------- open-vm-tools/libDeployPkg/linuxDeployment.c | 2 +- open-vm-tools/services/plugins/vix/vixTools.c | 2 +- 3 files changed, 16 insertions(+), 9 deletions(-) diff --git a/open-vm-tools/lib/include/vm_tools_version.h b/open-vm-tools/lib/include/vm_tools_version.h index ef67f737c..c606b6c69 100644 --- a/open-vm-tools/lib/include/vm_tools_version.h +++ b/open-vm-tools/lib/include/vm_tools_version.h @@ -1804,15 +1804,22 @@ TOOLS_VERSION_UINT_TO_COMPONENTS(const ToolsVersion toolsVersion, // IN #define TOOLS_VERSION_PLIERS_RELEASE_V_BASE 0 #ifndef RC_INVOKED -#define TOOLS_VERSION_NEXT TOOLS_VERSION_TO_UINT(TOOLS_VERSION_NEXT_V) +#define TOOLS_VERSION_SWISS_ARMY_KNIFE_RELEASE TOOLS_VERSION_TO_UINT(TOOLS_VERSION_SWISS_ARMY_KNIFE_RELEASE_V) #endif /* RC_INVOKED */ -#define TOOLS_VERSION_NEXT_V_MJR 13 -#define TOOLS_VERSION_NEXT_V_MNR 0 -#define TOOLS_VERSION_NEXT_V_BASE 0 +#define TOOLS_VERSION_SWISS_ARMY_KNIFE_RELEASE_V_MJR 13 +#define TOOLS_VERSION_SWISS_ARMY_KNIFE_RELEASE_V_MNR 0 +#define TOOLS_VERSION_SWISS_ARMY_KNIFE_RELEASE_V_BASE 0 -#define TOOLS_VERSION_CURRENT TOOLS_VERSION_NEXT -#define TOOLS_VERSION_CURRENT_STR TOOLS_VERSION_TO_STR(TOOLS_VERSION_NEXT) -#define TOOLS_VERSION_CURRENT_CSV TOOLS_VERSION_TO_CSV(TOOLS_VERSION_NEXT) +#ifndef RC_INVOKED +#define TOOLS_VERSION_SWISS_ARMY_KNIFE_UPDATE1 TOOLS_VERSION_TO_UINT(TOOLS_VERSION_SWISS_ARMY_KNIFE_UPDATE1_V) +#endif /* RC_INVOKED */ +#define TOOLS_VERSION_SWISS_ARMY_KNIFE_UPDATE1_V_MJR 13 +#define TOOLS_VERSION_SWISS_ARMY_KNIFE_UPDATE1_V_MNR 0 +#define TOOLS_VERSION_SWISS_ARMY_KNIFE_UPDATE1_V_BASE 1 + +#define TOOLS_VERSION_CURRENT TOOLS_VERSION_SWISS_ARMY_KNIFE_UPDATE1 +#define TOOLS_VERSION_CURRENT_STR TOOLS_VERSION_TO_STR(TOOLS_VERSION_SWISS_ARMY_KNIFE_UPDATE1) +#define TOOLS_VERSION_CURRENT_CSV TOOLS_VERSION_TO_CSV(TOOLS_VERSION_SWISS_ARMY_KNIFE_UPDATE1) /* * The extended Tools version is the current Tools version with the diff --git a/open-vm-tools/libDeployPkg/linuxDeployment.c b/open-vm-tools/libDeployPkg/linuxDeployment.c index 44cac8ef4..9bfb6820d 100644 --- a/open-vm-tools/libDeployPkg/linuxDeployment.c +++ b/open-vm-tools/libDeployPkg/linuxDeployment.c @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (c) 2006-2024 Broadcom. All rights reserved. + * Copyright (c) 2006-2024 Broadcom. All Rights Reserved. * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it diff --git a/open-vm-tools/services/plugins/vix/vixTools.c b/open-vm-tools/services/plugins/vix/vixTools.c index 46fb83744..8b9465605 100644 --- a/open-vm-tools/services/plugins/vix/vixTools.c +++ b/open-vm-tools/services/plugins/vix/vixTools.c @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (c) 2007-2024 Broadcom. All rights reserved. + * Copyright (c) 2007-2024 Broadcom. All Rights Reserved. * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it From 7e8d6f072381e606c0c211069c3ba14582e9b30e Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Mon, 29 Sep 2025 23:03:43 -0700 Subject: [PATCH 367/375] Set the tools version for open-vm-tools 13.0.5 release --- open-vm-tools/lib/include/vm_tools_version.h | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/open-vm-tools/lib/include/vm_tools_version.h b/open-vm-tools/lib/include/vm_tools_version.h index c606b6c69..852354b16 100644 --- a/open-vm-tools/lib/include/vm_tools_version.h +++ b/open-vm-tools/lib/include/vm_tools_version.h @@ -1810,12 +1810,19 @@ TOOLS_VERSION_UINT_TO_COMPONENTS(const ToolsVersion toolsVersion, // IN #define TOOLS_VERSION_SWISS_ARMY_KNIFE_RELEASE_V_MNR 0 #define TOOLS_VERSION_SWISS_ARMY_KNIFE_RELEASE_V_BASE 0 +#ifndef RC_INVOKED +#define TOOLS_VERSION_SWISS_ARMY_KNIFE_PATCH1 TOOLS_VERSION_TO_UINT(TOOLS_VERSION_SWISS_ARMY_KNIFE_PATCH1_V) +#endif /* RC_INVOKED */ +#define TOOLS_VERSION_SWISS_ARMY_KNIFE_PATCH1_V_MJR 13 +#define TOOLS_VERSION_SWISS_ARMY_KNIFE_PATCH1_V_MNR 0 +#define TOOLS_VERSION_SWISS_ARMY_KNIFE_PATCH1_V_BASE 1 + #ifndef RC_INVOKED #define TOOLS_VERSION_SWISS_ARMY_KNIFE_UPDATE1 TOOLS_VERSION_TO_UINT(TOOLS_VERSION_SWISS_ARMY_KNIFE_UPDATE1_V) #endif /* RC_INVOKED */ #define TOOLS_VERSION_SWISS_ARMY_KNIFE_UPDATE1_V_MJR 13 #define TOOLS_VERSION_SWISS_ARMY_KNIFE_UPDATE1_V_MNR 0 -#define TOOLS_VERSION_SWISS_ARMY_KNIFE_UPDATE1_V_BASE 1 +#define TOOLS_VERSION_SWISS_ARMY_KNIFE_UPDATE1_V_BASE 5 #define TOOLS_VERSION_CURRENT TOOLS_VERSION_SWISS_ARMY_KNIFE_UPDATE1 #define TOOLS_VERSION_CURRENT_STR TOOLS_VERSION_TO_STR(TOOLS_VERSION_SWISS_ARMY_KNIFE_UPDATE1) From 7ff34bef69c7252fb0ceb628f64103b0fa4f56f2 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Mon, 29 Sep 2025 23:03:43 -0700 Subject: [PATCH 368/375] Use different command to reboot linux VM, depending on the init system type We currently use the "telinit 6" command to reboot linux VMs. However, the "telinit" command will be unavailable in the future as SysVinit will be deprecated on some modern linux systems. For example: In SUSE, "telinit" command is part of systemd-sysvcompat (15 SP6 and newer) or systemd-sysvinit (older than 15 SP6), whereas in some SUSE images or templates such as SUSE minimal VM has no such packages installed. See SUSE KB: https://www.suse.com/support/kb/doc/?id=000021564 This change detects the init system of a linux and uses different command to trigger reboot. If the modern init system, systemd, is available, then "systemctl reboot" command will be used to trigger reboot. Otherwise, continue using "telinit 6" command as SysVinit, the traditional init system, is still available. --- open-vm-tools/libDeployPkg/linuxDeployment.c | 92 ++++++++------------ 1 file changed, 36 insertions(+), 56 deletions(-) diff --git a/open-vm-tools/libDeployPkg/linuxDeployment.c b/open-vm-tools/libDeployPkg/linuxDeployment.c index 9bfb6820d..981ea10f5 100644 --- a/open-vm-tools/libDeployPkg/linuxDeployment.c +++ b/open-vm-tools/libDeployPkg/linuxDeployment.c @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (c) 2006-2024 Broadcom. All Rights Reserved. + * Copyright (c) 2006-2025 Broadcom. All Rights Reserved. * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it @@ -122,6 +122,9 @@ static const char* VARRUNDIR = "/var/run"; static const char* VARRUNIMCDIR = "/var/run/vmware-imc"; #endif static const char* TMPDIR = "/tmp"; +static const char* USRBINSYSTEMCTL = "/usr/bin/systemctl"; +static const char* BINSYSTEMCTL = "/bin/systemctl"; +static const char* SBINTELINIT = "/sbin/telinit"; // Possible return codes from perl script static const int CUST_SUCCESS = 0; @@ -197,7 +200,6 @@ static Bool CopyFileIfExist(const char* sourcePath, static void GetCloudinitVersion(const char* versionOutput, int* major, int* minor); -static Bool IsTelinitASoftlinkToSystemctl(void); /* * Globals @@ -1674,28 +1676,43 @@ Deploy(const char* packageName) sLog(log_error, "Failed to fork: '%s'.", strerror(errno)); } else if (pid == 0) { // We're in the child + char rebootCommand[1024]; int rebootCommandResult; + bool isSystemd = false; bool isRebooting = false; - // Retry reboot until telinit 6 succeeds to workaround PR 2716292 where - // telinit is a soft(symbolic) link to systemctl and it could exit - // abnormally due to systemd sends SIGTERM - bool retryReboot = IsTelinitASoftlinkToSystemctl(); + // PR 3438671, using different command to reboot modern systemd linux + // or traditional SysVinit linux + // Repeatedly try to reboot to workaround PR 2716292 on modern systemd + // linux where systemctl reboot could exit abnormally due to systemd + // sends SIGTERM + // Repeatedly try to reboot to workaround PR 530641 on traditional + // SysVinit linux where telinit 6 is overwritten by a telinit 2 + if (access(USRBINSYSTEMCTL, X_OK) == 0) { + isSystemd = true; + Str_Snprintf(rebootCommand, sizeof(rebootCommand), "%s reboot", + USRBINSYSTEMCTL); + } else if (access(BINSYSTEMCTL, X_OK) == 0) { + isSystemd = true; + Str_Snprintf(rebootCommand, sizeof(rebootCommand), "%s reboot", + BINSYSTEMCTL); + } else { + Str_Snprintf(rebootCommand, sizeof(rebootCommand), "%s 6", + SBINTELINIT); + } sLog(log_info, "Trigger reboot."); - // Repeatedly try to reboot to workaround PR 530641 where - // telinit 6 is overwritten by a telinit 2 do { if (isRebooting) { sLog(log_info, "Rebooting."); } rebootCommandResult = - ForkExecAndWaitCommand("/sbin/telinit 6", true, NULL, 0); + ForkExecAndWaitCommand(rebootCommand, true, NULL, 0); isRebooting = (rebootCommandResult == 0) ? true : isRebooting; sleep(1); - } while (rebootCommandResult == 0 || (retryReboot && !isRebooting)); + } while (rebootCommandResult == 0 || (isSystemd && !isRebooting)); if (!isRebooting) { sLog(log_error, - "Failed to reboot, reboot command returned error %d.", - rebootCommandResult); + "Failed to reboot, reboot command %s returned error %d.", + rebootCommand, rebootCommandResult); exit (127); } else { sLog(log_info, "Reboot has been triggered."); @@ -1955,8 +1972,11 @@ ForkExecAndWaitCommand(const char* command, char** args = GetFormattedCommandLine(command); const char* processStdOut; Bool isPerlCommand = (strcmp(args[0], "/usr/bin/perl") == 0) ? true : false; - Bool isTelinitCommand = - (strcmp(args[0], "/sbin/telinit") == 0) ? true : false; + Bool isRebootCommand = + (Str_Strncmp(command, "/usr/bin/systemctl reboot", strlen(command)) || + Str_Strncmp(command, "/bin/systemctl reboot", strlen(command)) || + Str_Strncmp(command, "/sbin/telinit 6", strlen(command))) ? + true : false; sLog(log_debug, "Command to exec : '%s'.", args[0]); Process_Create(&hp, args, sLog); @@ -2012,9 +2032,9 @@ ForkExecAndWaitCommand(const char* command, } } } else { - if (isTelinitCommand) { + if (isRebootCommand) { sLog(log_info, - "Telinit command failed with exitcode: %d, stderr: '%s'.", + "Reboot command failed with exitcode: %d, stderr: '%s'.", retval, Process_GetStderr(hp)); } else { @@ -2209,43 +2229,3 @@ GetCloudinitVersion(const char* version, int* major, int* minor) } sLog(log_info, "Cloud-init version major: %d, minor: %d", *major, *minor); } - -/** - * - * Check if "telinit" command is a soft(symbolic) link to "systemctl" command - * - * The fullpath of "systemctl" command could be: - * /bin/systemctl - * or - * /usr/bin/systemctl - * - * @returns TRUE if "telinit" command is a soft link to "systemctl" command - * FALSE if "telinit" command is not a soft link to "systemctl" command - * - **/ -static Bool -IsTelinitASoftlinkToSystemctl(void) -{ - static const char systemctlBinPath[] = "/bin/systemctl"; - static const char readlinkCommand[] = "/bin/readlink /sbin/telinit"; - char readlinkCommandOutput[256]; - int forkExecResult; - - forkExecResult = ForkExecAndWaitCommand(readlinkCommand, - true, - readlinkCommandOutput, - sizeof(readlinkCommandOutput)); - if (forkExecResult != 0) { - sLog(log_debug, "readlink command result = %d.", forkExecResult); - return FALSE; - } - - if (strstr(readlinkCommandOutput, systemctlBinPath) != NULL) { - sLog(log_debug, "/sbin/telinit is a soft link to systemctl"); - return TRUE; - } else { - sLog(log_debug, "/sbin/telinit is not a soft link to systemctl"); - } - - return FALSE; -} From f0e624d1ae33cee7e66aaed17d82242272383c9a Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Mon, 29 Sep 2025 23:03:43 -0700 Subject: [PATCH 369/375] Change to common source files not applicable to open-vm-tools. --- open-vm-tools/services/plugins/vix/vixTools.c | 81 ++++++++++++++++--- .../services/plugins/vix/vixToolsInt.h | 20 ++++- open-vm-tools/vgauth/lib/VGAuthInt.h | 20 ++++- open-vm-tools/vgauth/lib/auth.c | 24 +++--- open-vm-tools/vgauth/lib/authPosix.c | 24 ++++-- open-vm-tools/vgauth/lib/common.c | 71 +++++++++++++++- open-vm-tools/vgauth/lib/l10n/en.vmsg | 2 +- open-vm-tools/vgauth/lib/l10n/es.vmsg | 2 +- open-vm-tools/vgauth/lib/l10n/fr.vmsg | 2 +- open-vm-tools/vgauth/lib/l10n/ja.vmsg | 2 +- 10 files changed, 215 insertions(+), 33 deletions(-) diff --git a/open-vm-tools/services/plugins/vix/vixTools.c b/open-vm-tools/services/plugins/vix/vixTools.c index 8b9465605..654512c5e 100644 --- a/open-vm-tools/services/plugins/vix/vixTools.c +++ b/open-vm-tools/services/plugins/vix/vixTools.c @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (c) 2007-2024 Broadcom. All Rights Reserved. + * Copyright (c) 2007-2025 Broadcom. All Rights Reserved. * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it @@ -2645,6 +2645,65 @@ VixToolsTranslateVGAuthError(VGAuthError vgErr) #endif +#if defined(_WIN32) +/* + *----------------------------------------------------------------------------- + * + * VixTools_ConfigGetString -- + * + * Wrapper for VMTools_ConfigGetString to retrieve values + * from VIX_TOOLS_CONFIG_API_GROUPNAME group. + * + * Return value: + * Value of the key if the value was read successfully, or else + * a copy of defValue unless defValue is NULL, in which case it's NULL. + * The returned string should be freed with g_free when no longer + * needed. + * + * Side effects: + * None + * + *----------------------------------------------------------------------------- + */ +gchar * +VixTools_ConfigGetString(const gchar *key, // IN + const gchar *defValue) // In +{ + + return VMTools_ConfigGetString(gConfDictRef, + VIX_TOOLS_CONFIG_API_GROUPNAME, + key, defValue); +} + + +/* + *----------------------------------------------------------------------------- + * + * VixTools_ConfigLogInvalidString -- + * + * Log a warning when a config string from the + * VIX_TOOLS_CONFIG_API_GROUPNAME group has an invalid value. + * + * Return value: + * None + * + * Side effects: + * None + * + *----------------------------------------------------------------------------- + */ +void +VixTools_ConfigLogInvalidString(const gchar *function, // IN + const gchar *key, // IN + const gchar *confValue, // IN + const gchar *usedValue) // IN +{ + g_warning("%s: invalid value '%s' from tools.conf [%s] %s, using %s.\n", + function, confValue, VIX_TOOLS_CONFIG_API_GROUPNAME, key, usedValue); +} +#endif + + /* *----------------------------------------------------------------------------- * @@ -11750,7 +11809,7 @@ GuestAuthEnabled(void) * the GuestAuth library. * * Results: - * VIX_OK if successful.Other VixError code otherwise. + * VIX_OK if successful, otherwise some other VixError code. * * Side effects: * Current process impersonates. @@ -11774,10 +11833,6 @@ GuestAuthPasswordAuthenticateImpersonate( VGAuthExtraParams extraParams[1]; Bool impersonated = FALSE; - extraParams[0].name = VGAUTH_PARAM_LOAD_USER_PROFILE; - extraParams[0].value = loadUserProfile ? VGAUTH_PARAM_VALUE_TRUE : - VGAUTH_PARAM_VALUE_FALSE; - err = VixMsg_DeObfuscateNamePassword(obfuscatedNamePassword, &username, &password); @@ -11793,14 +11848,22 @@ GuestAuthPasswordAuthenticateImpersonate( goto done; } +#ifdef _WIN32 + vgErr = VGAuth_ValidateUsernamePassword_Helper(ctx, username, password, + &newHandle); +#else vgErr = VGAuth_ValidateUsernamePassword(ctx, username, password, - 0, NULL, - &newHandle); + 0, NULL, &newHandle); +#endif if (VGAUTH_FAILED(vgErr)) { err = VixToolsTranslateVGAuthError(vgErr); goto done; } + extraParams[0].name = VGAUTH_PARAM_LOAD_USER_PROFILE; + extraParams[0].value = loadUserProfile ? VGAUTH_PARAM_VALUE_TRUE : + VGAUTH_PARAM_VALUE_FALSE; + vgErr = VGAuth_Impersonate(ctx, newHandle, (int)ARRAYSIZE(extraParams), extraParams); @@ -11859,7 +11922,7 @@ GuestAuthPasswordAuthenticateImpersonate( * the GuestAuth library. * * Results: - * VIX_OK if successful. Other VixError code otherwise. + * VIX_OK if successful, otherwise some other VixError code. * * Side effects: * Current process impersonates. diff --git a/open-vm-tools/services/plugins/vix/vixToolsInt.h b/open-vm-tools/services/plugins/vix/vixToolsInt.h index 007db5115..b91a9e90b 100644 --- a/open-vm-tools/services/plugins/vix/vixToolsInt.h +++ b/open-vm-tools/services/plugins/vix/vixToolsInt.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 2010-2020,2023 VMware, Inc. All rights reserved. + * Copyright (c) 2010-2025 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -38,6 +39,7 @@ #include "VGAuthCommon.h" #include "VGAuthError.h" #include "VGAuthAuthentication.h" +#include "VGAuthAuthenticationWin32.h" #include "VGAuthAlias.h" #endif @@ -72,6 +74,15 @@ void VixTools_Uninitialize(void); #ifdef _WIN32 VixError VixToolsTranslateVGAuthError(VGAuthError vgErr); + +gchar *VixTools_ConfigGetString(const gchar *key, + const gchar *defValue); + +void VixTools_ConfigLogInvalidString(const gchar *function, + const gchar *key, + const gchar *confValue, + const gchar *usedValue); + #endif VixError VixToolsImpersonateUser(VixCommandRequestHeader *requestMsg, @@ -207,6 +218,13 @@ VixError VixToolsCheckSAMLForSystem(VGAuthContext *ctx, Bool hostVerified, void **userToken, VGAuthUserHandle **curUserHandle); + +VGAuthError +VGAuth_ValidateUsernamePassword_Helper(VGAuthContext *ctx, + const char *userName, + const char *password, + VGAuthUserHandle **handle); + #endif // _WIN32 #ifdef VMX86_DEVEL diff --git a/open-vm-tools/vgauth/lib/VGAuthInt.h b/open-vm-tools/vgauth/lib/VGAuthInt.h index 49efa85f0..ef2472296 100644 --- a/open-vm-tools/vgauth/lib/VGAuthInt.h +++ b/open-vm-tools/vgauth/lib/VGAuthInt.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 2011-2017,2023 VMware, Inc. All rights reserved. + * Copyright (c) 2011-2025 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -28,6 +29,9 @@ #include "VGAuthBasicDefs.h" #include "VGAuthCommon.h" #include "VGAuthAuthentication.h" +#ifdef _WIN32 +#include "VGAuthAuthenticationWin32.h" +#endif #include "VGAuthAlias.h" #include "audit.h" #include "prefs.h" @@ -287,6 +291,9 @@ VGAuthError VGAuth_NetworkReadBytes(VGAuthContext *ctx, VGAuthError VGAuthValidateUsernamePasswordImpl(VGAuthContext *ctx, const char *userName, const char *password, + const int numExtraParams, + const VGAuthExtraParams + *extraParams, VGAuthUserHandle **handle); #ifdef UNITTEST @@ -342,6 +349,17 @@ VGAuthError VGAuthGetBoolExtraParamImpl(const char *funcName, gboolean defValue, gboolean *paramValue); +#define VGAuthGetStringExtraParam(numEP, ep, name, defValue, value) \ + VGAuthGetStringExtraParamImpl(__FUNCTION__, (numEP), ep, \ + name, defValue, (value)) + +VGAuthError VGAuthGetStringExtraParamImpl(const char *funcName, + int numExtraParams, + const VGAuthExtraParams *params, + const char *paramName, + const char *defValue, + const char **paramValue); + void VGAuth_FreeAliasInfoContents(VGAuthAliasInfo *si); void VGAuth_CopyAliasInfo(const VGAuthAliasInfo *src, VGAuthAliasInfo *dst); diff --git a/open-vm-tools/vgauth/lib/auth.c b/open-vm-tools/vgauth/lib/auth.c index fd4a78539..9895ae1c1 100644 --- a/open-vm-tools/vgauth/lib/auth.c +++ b/open-vm-tools/vgauth/lib/auth.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 2011-2017,2023 VMware, Inc. All rights reserved. + * Copyright (c) 2011-2025 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -543,8 +544,7 @@ VGAuth_ValidateSamlBearerToken(VGAuthContext *ctx, * @param[in] password The password to be validated. * @param[in] numExtraParams The number of elements in extraParams. * @param[in] extraParams Any optional, additional paramaters to the - * function. Currently none are supported, so this - * must be NULL. + * function. * @param[out] handle The resulting handle representing the user * associated with @a userName. * Must be freed with VGAuth_UserHandleFree(). @@ -560,7 +560,7 @@ VGAuthError VGAuth_ValidateUsernamePassword(VGAuthContext *ctx, const char *userName, const char *password, - int numExtraParams, + const int numExtraParams, const VGAuthExtraParams *extraParams, VGAuthUserHandle **handle) { @@ -587,14 +587,15 @@ VGAuth_ValidateUsernamePassword(VGAuthContext *ctx, return VGAUTH_E_INVALID_ARGUMENT; } - err = VGAuthValidateExtraParams(numExtraParams, extraParams); - if (VGAUTH_E_OK != err) { - return err; - } - + /* + * numExtraParams and extraParams need to be validated before use. No need + * to validate them here since they're just passed through. + */ err = VGAuthValidateUsernamePasswordImpl(ctx, userName, password, + numExtraParams, + extraParams, handle); if (VGAUTH_E_OK == err) { @@ -607,8 +608,9 @@ VGAuth_ValidateUsernamePassword(VGAuthContext *ctx, VGAuth_AuditEvent(ctx, FALSE, SU_(auth.password.invalid, - "Username and password mismatch for '%s'"), - userName); + "Username and password validation failed for '%s': " + "%s"), + userName, VGAuth_GetErrorText(err, NULL)); } return err; diff --git a/open-vm-tools/vgauth/lib/authPosix.c b/open-vm-tools/vgauth/lib/authPosix.c index c19491c19..1f22a2102 100644 --- a/open-vm-tools/vgauth/lib/authPosix.c +++ b/open-vm-tools/vgauth/lib/authPosix.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 2011-2017, 2019, 2021 VMware, Inc. All rights reserved. + * Copyright (c) 2011-2025 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -240,11 +241,15 @@ static struct pam_conv PAM_conversation = { * * Validates a username/password. * - * @param[in] ctx The VGAuthContext. - * @param[in] userName The username to be validated. - * @param[in] password The password to be validated. - * @param[out] handle The resulting handle representing the user - * associated with the username. + * @param[in] ctx The VGAuthContext. + * @param[in] userName The username to be validated. + * @param[in] password The password to be validated. + * @param[in] numExtraParams The number of elements in extraParams. + * @param[in] extraParams Any optional, additional paramaters to the + * function. Currently none are supported, so this + * must be NULL. + * @param[out] handle The resulting handle representing the user + * associated with the username. * * @return VGAUTH_E_OK on success, VGAuthError on failure * @@ -255,6 +260,8 @@ VGAuthError VGAuthValidateUsernamePasswordImpl(VGAuthContext *ctx, const char *userName, const char *password, + const int numExtraParams, + const VGAuthExtraParams *extraParams, VGAuthUserHandle **handle) { #ifdef USE_PAM @@ -266,6 +273,11 @@ VGAuthValidateUsernamePasswordImpl(VGAuthContext *ctx, struct passwd *pwd; #endif + err = VGAuthValidateExtraParams(numExtraParams, extraParams); + if (VGAUTH_E_OK != err) { + return err; + } + #ifdef USE_PAM if (!AuthLoadPAM()) { return VGAUTH_E_FAIL; diff --git a/open-vm-tools/vgauth/lib/common.c b/open-vm-tools/vgauth/lib/common.c index 9b53a2aca..366976a6e 100644 --- a/open-vm-tools/vgauth/lib/common.c +++ b/open-vm-tools/vgauth/lib/common.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 2011-2017, 2023 VMware, Inc. All rights reserved. + * Copyright (c) 2011-2025 Broadcom. All Rights Reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -164,6 +165,74 @@ VGAuthGetBoolExtraParamImpl(const char *funcName, } +/* + ****************************************************************************** + * VGAuthGetStringExtraParamImpl -- */ /** + * + * Get the string value of the specified extra param in the params array. + * + * @param[in] funcName The name of the calling function. + * @param[in] numParams The number of elements in the params array. + * @param[in] params The params array to get param value from. + * @param[in] paramName The param name to get its value. + * @param[in] defValue The param default value if not set in the array. + * @param[out] paramValue Returned param value + * + * @retval VGAUTH_E_INVALID_ARGUMENT If incomplete arguments are passed in, + * the specified extra parameter is passed + * in the array multiple times or the + * parameter value is invalid. + * @reval VGAUTH_E_OK If no error is encountered. + * + ****************************************************************************** + */ + +VGAuthError +VGAuthGetStringExtraParamImpl(const char *funcName, + int numParams, + const VGAuthExtraParams *params, + const char *paramName, + const char *defValue, + const char **paramValue) +{ + gboolean paramSet = FALSE; + int i; + + if ((numParams < 0) || (numParams > 0 && NULL == params)) { + Warning("%s: invalid number of parameters: %d.\n", funcName, numParams); + return VGAUTH_E_INVALID_ARGUMENT; + } + + if (NULL == paramName || NULL == paramValue) { + return VGAUTH_E_INVALID_ARGUMENT; + } + + for (i = 0; i < numParams; i++) { + if (g_strcmp0(params[i].name, paramName) == 0) { + // only allow it to be set once + if (paramSet) { + Warning("%s: extraParam '%s' passed multiple times.\n", + funcName, params[i].name); + return VGAUTH_E_INVALID_ARGUMENT; + } + if (params[i].value) { + *paramValue = params[i].value; + paramSet = TRUE; + } else { + Warning("%s: extraParam '%s' has NULL value.\n", + funcName, params[i].name); + return VGAUTH_E_INVALID_ARGUMENT; + } + } + } + + if (!paramSet) { + *paramValue = defValue; + } + return VGAUTH_E_OK; +} + + /* ****************************************************************************** * VGAuth_Init -- */ /** diff --git a/open-vm-tools/vgauth/lib/l10n/en.vmsg b/open-vm-tools/vgauth/lib/l10n/en.vmsg index 551ed3769..b4a12ce42 100644 --- a/open-vm-tools/vgauth/lib/l10n/en.vmsg +++ b/open-vm-tools/vgauth/lib/l10n/en.vmsg @@ -16,6 +16,6 @@ # ########################################################## -auth.password.invalid = "Username and password mismatch for '%1$s'" +auth.password.invalid = "Username and password validation failed for '%1$s': %2$s" auth.password.valid = "Username and password successfully validated for '%1$s'" auth.sspi.badid = "Attempt to authenticate using an invalid or expired SSPI challenge ID: %1$u" diff --git a/open-vm-tools/vgauth/lib/l10n/es.vmsg b/open-vm-tools/vgauth/lib/l10n/es.vmsg index 590b2d1e4..e814b87e3 100644 --- a/open-vm-tools/vgauth/lib/l10n/es.vmsg +++ b/open-vm-tools/vgauth/lib/l10n/es.vmsg @@ -16,6 +16,6 @@ # ########################################################## -auth.password.invalid = "El nombre de usuario y la contraseña de '%1$s' no coinciden" +auth.password.invalid = "Username and password validation failed for '%1$s': %2$s" auth.password.valid = "El nombre de usuario y la contraseña de '%1$s' se han validado correctamente" auth.sspi.badid = "Intento de autenticación utilizando un SSPI challenge ID no válido o caducado: %1$u" diff --git a/open-vm-tools/vgauth/lib/l10n/fr.vmsg b/open-vm-tools/vgauth/lib/l10n/fr.vmsg index 252617004..af4dacccd 100644 --- a/open-vm-tools/vgauth/lib/l10n/fr.vmsg +++ b/open-vm-tools/vgauth/lib/l10n/fr.vmsg @@ -16,6 +16,6 @@ # ########################################################## -auth.password.invalid = "Non-concordance du nom d'utilisateur et du mot de passe pour '%1$s'" +auth.password.invalid = "Username and password validation failed for '%1$s': %2$s" auth.password.valid = "Validation réussie du nom d'utilisateur et du mot de passe pour '%1$s'" auth.sspi.badid = "Tentative d'authentification à l'aide d'un ID de demande SSPI non valide ou expiré : %1$u" diff --git a/open-vm-tools/vgauth/lib/l10n/ja.vmsg b/open-vm-tools/vgauth/lib/l10n/ja.vmsg index 8e9d991f3..6caeea7ba 100644 --- a/open-vm-tools/vgauth/lib/l10n/ja.vmsg +++ b/open-vm-tools/vgauth/lib/l10n/ja.vmsg @@ -16,6 +16,6 @@ # ########################################################## -auth.password.invalid = "'%1$s' のユーザー名とパスワードが一致しません" +auth.password.invalid = "Username and password validation failed for '%1$s': %2$s" auth.password.valid = "'%1$s' のユーザー名とパスワードが正しく検証されました" auth.sspi.badid = "無効または期限切れの SSPI チャレンジ ID を使用して認証を試みます: %1$u" From 1de3f643df26c37a477d717254be95d414bd0c39 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Mon, 29 Sep 2025 23:03:43 -0700 Subject: [PATCH 370/375] Change to common source files not applicable to open-vm-tools. --- open-vm-tools/vgauth/lib/auth.c | 5 ++--- open-vm-tools/vgauth/lib/l10n/en.vmsg | 2 +- open-vm-tools/vgauth/lib/l10n/es.vmsg | 2 +- open-vm-tools/vgauth/lib/l10n/fr.vmsg | 2 +- open-vm-tools/vgauth/lib/l10n/ja.vmsg | 2 +- 5 files changed, 6 insertions(+), 7 deletions(-) diff --git a/open-vm-tools/vgauth/lib/auth.c b/open-vm-tools/vgauth/lib/auth.c index 9895ae1c1..fe868c24a 100644 --- a/open-vm-tools/vgauth/lib/auth.c +++ b/open-vm-tools/vgauth/lib/auth.c @@ -608,9 +608,8 @@ VGAuth_ValidateUsernamePassword(VGAuthContext *ctx, VGAuth_AuditEvent(ctx, FALSE, SU_(auth.password.invalid, - "Username and password validation failed for '%s': " - "%s"), - userName, VGAuth_GetErrorText(err, NULL)); + "Username and password mismatch for '%s'"), + userName); } return err; diff --git a/open-vm-tools/vgauth/lib/l10n/en.vmsg b/open-vm-tools/vgauth/lib/l10n/en.vmsg index b4a12ce42..551ed3769 100644 --- a/open-vm-tools/vgauth/lib/l10n/en.vmsg +++ b/open-vm-tools/vgauth/lib/l10n/en.vmsg @@ -16,6 +16,6 @@ # ########################################################## -auth.password.invalid = "Username and password validation failed for '%1$s': %2$s" +auth.password.invalid = "Username and password mismatch for '%1$s'" auth.password.valid = "Username and password successfully validated for '%1$s'" auth.sspi.badid = "Attempt to authenticate using an invalid or expired SSPI challenge ID: %1$u" diff --git a/open-vm-tools/vgauth/lib/l10n/es.vmsg b/open-vm-tools/vgauth/lib/l10n/es.vmsg index e814b87e3..590b2d1e4 100644 --- a/open-vm-tools/vgauth/lib/l10n/es.vmsg +++ b/open-vm-tools/vgauth/lib/l10n/es.vmsg @@ -16,6 +16,6 @@ # ########################################################## -auth.password.invalid = "Username and password validation failed for '%1$s': %2$s" +auth.password.invalid = "El nombre de usuario y la contraseña de '%1$s' no coinciden" auth.password.valid = "El nombre de usuario y la contraseña de '%1$s' se han validado correctamente" auth.sspi.badid = "Intento de autenticación utilizando un SSPI challenge ID no válido o caducado: %1$u" diff --git a/open-vm-tools/vgauth/lib/l10n/fr.vmsg b/open-vm-tools/vgauth/lib/l10n/fr.vmsg index af4dacccd..252617004 100644 --- a/open-vm-tools/vgauth/lib/l10n/fr.vmsg +++ b/open-vm-tools/vgauth/lib/l10n/fr.vmsg @@ -16,6 +16,6 @@ # ########################################################## -auth.password.invalid = "Username and password validation failed for '%1$s': %2$s" +auth.password.invalid = "Non-concordance du nom d'utilisateur et du mot de passe pour '%1$s'" auth.password.valid = "Validation réussie du nom d'utilisateur et du mot de passe pour '%1$s'" auth.sspi.badid = "Tentative d'authentification à l'aide d'un ID de demande SSPI non valide ou expiré : %1$u" diff --git a/open-vm-tools/vgauth/lib/l10n/ja.vmsg b/open-vm-tools/vgauth/lib/l10n/ja.vmsg index 6caeea7ba..8e9d991f3 100644 --- a/open-vm-tools/vgauth/lib/l10n/ja.vmsg +++ b/open-vm-tools/vgauth/lib/l10n/ja.vmsg @@ -16,6 +16,6 @@ # ########################################################## -auth.password.invalid = "Username and password validation failed for '%1$s': %2$s" +auth.password.invalid = "'%1$s' のユーザー名とパスワードが一致しません" auth.password.valid = "'%1$s' のユーザー名とパスワードが正しく検証されました" auth.sspi.badid = "無効または期限切れの SSPI チャレンジ ID を使用して認証を試みます: %1$u" From 3ab0685c1cf7981c84898d546a73d6db6dcd3823 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Mon, 29 Sep 2025 23:03:43 -0700 Subject: [PATCH 371/375] Address CVE-2025-41244 - Disable (default) the execution of the SDMP get-versions.sh script. With the Linux SDMP get-versions.sh script disabled, version information of installed services will not be made available to VMware Aria --- .../serviceDiscovery/serviceDiscovery.c | 36 ++++++++++++++++--- 1 file changed, 31 insertions(+), 5 deletions(-) diff --git a/open-vm-tools/services/plugins/serviceDiscovery/serviceDiscovery.c b/open-vm-tools/services/plugins/serviceDiscovery/serviceDiscovery.c index 0da598f13..5e9772e94 100644 --- a/open-vm-tools/services/plugins/serviceDiscovery/serviceDiscovery.c +++ b/open-vm-tools/services/plugins/serviceDiscovery/serviceDiscovery.c @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (c) 2020-2024 Broadcom. All Rights Reserved. + * Copyright (c) 2020-2025 Broadcom. All Rights Reserved. * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it @@ -122,6 +122,12 @@ static gchar* scriptInstallDir = NULL; #define CONFNAME_SERVICEDISCOVERY_CACHEDATA "cache-data" #define SERVICE_DISCOVERY_CONF_DEFAULT_CACHEDATA TRUE +/* + * Defines the configuration to enable/disable version obtaining logic + */ +#define CONFNAME_SERVICEDISCOVERY_VERSION_CHECK "version-check-enabled" +#define SERVICE_DISCOVERY_CONF_DEFAULT_VERSION_CHECK FALSE + /* * Define the configuration to require at least one subscriber subscribed for * the gdp message. @@ -1265,23 +1271,27 @@ ServiceDiscoveryServerShutdown(gpointer src, * * Construct final paths of the scripts that will be used for execution. * + * @param[in] versionCheckEnabled TRUE to include the SERVICE_DISCOVERY_KEY_VERSIONS + * entry; FALSE to skip it (derived from config). + * ***************************************************************************** */ static void -ConstructScriptPaths(void) +ConstructScriptPaths(Bool versionCheckEnabled) { int i; #if !defined(OPEN_VM_TOOLS) gchar *toolsInstallDir; #endif + int insertIndex = 0; if (gFullPaths != NULL) { return; } gFullPaths = g_array_sized_new(FALSE, TRUE, sizeof(KeyNameValue), - ARRAYSIZE(gKeyScripts)); + ARRAYSIZE(gKeyScripts) - (versionCheckEnabled ? 0u : 1u)); if (scriptInstallDir == NULL) { #if defined(OPEN_VM_TOOLS) scriptInstallDir = Util_SafeStrdup(VMTOOLS_SERVICE_DISCOVERY_SCRIPTS); @@ -1293,6 +1303,15 @@ ConstructScriptPaths(void) #endif } for (i = 0; i < ARRAYSIZE(gKeyScripts); ++i) { + /* + * Skip adding if: + * 1. Version check is disabled, AND + * 2. The keyName matches SERVICE_DISCOVERY_KEY_VERSIONS + */ + if (!versionCheckEnabled && + g_strcmp0(gKeyScripts[i].keyName, SERVICE_DISCOVERY_KEY_VERSIONS) == 0) { + continue; + } KeyNameValue tmp; tmp.keyName = g_strdup_printf("%s", gKeyScripts[i].keyName); #if defined(_WIN32) @@ -1300,7 +1319,8 @@ ConstructScriptPaths(void) #else tmp.val = g_strdup_printf("%s%s%s", scriptInstallDir, DIRSEPS, gKeyScripts[i].val); #endif - g_array_insert_val(gFullPaths, i, tmp); + g_array_insert_val(gFullPaths, insertIndex, tmp); + insertIndex++; } } @@ -1366,14 +1386,20 @@ ToolsOnLoad(ToolsAppCtx *ctx) } }; gboolean disabled; + Bool versionCheckEnabled; regData.regs = VMTools_WrapArray(regs, sizeof *regs, ARRAYSIZE(regs)); + versionCheckEnabled = VMTools_ConfigGetBoolean( + ctx->config, + CONFGROUPNAME_SERVICEDISCOVERY, + CONFNAME_SERVICEDISCOVERY_VERSION_CHECK, + SERVICE_DISCOVERY_CONF_DEFAULT_VERSION_CHECK); /* * Append scripts execution command line */ - ConstructScriptPaths(); + ConstructScriptPaths(versionCheckEnabled); disabled = VMTools_ConfigGetBoolean(ctx->config, From ae3ca4ef23348a9a883fd3c63d4bcbc79f615c59 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Mon, 29 Sep 2025 23:23:35 -0700 Subject: [PATCH 372/375] Prepare for the open-vm-tools 13.0.5 release. - Update the tools version in the configure.ac. - Update the build numbers in the buldNumber.h. --- open-vm-tools/configure.ac | 4 ++-- open-vm-tools/lib/include/buildNumber.h | 12 ++++++------ 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/open-vm-tools/configure.ac b/open-vm-tools/configure.ac index fcc3050c7..113a7a8e5 100644 --- a/open-vm-tools/configure.ac +++ b/open-vm-tools/configure.ac @@ -36,10 +36,10 @@ ### Initialization ### -TOOLS_VERSION="13.0.0" +TOOLS_VERSION="13.0.5" AC_INIT( [open-vm-tools], - [13.0.0], + [13.0.5], [open-vm-tools-devel@lists.sourceforge.net]) # In order to make this configure script auto-detect situations where diff --git a/open-vm-tools/lib/include/buildNumber.h b/open-vm-tools/lib/include/buildNumber.h index bace4386f..f171856ac 100644 --- a/open-vm-tools/lib/include/buildNumber.h +++ b/open-vm-tools/lib/include/buildNumber.h @@ -1,12 +1,12 @@ #define BUILD_NUMBER \ - "build-24696409" + "build-24915695" #define BUILD_NUMBER_NUMERIC \ - 24696409 + 24915695 #define BUILD_NUMBER_NUMERIC_STRING \ - "24696409" + "24915695" #define PRODUCT_BUILD_NUMBER \ - "product-build-52586" + "product-build-52705" #define PRODUCT_BUILD_NUMBER_NUMERIC \ - 52586 + 52705 #define PRODUCT_BUILD_NUMBER_NUMERIC_STRING \ - "52586" + "52705" From d3e111e46db3acc56ac592fe8d695dc63f9b4c11 Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Mon, 29 Sep 2025 23:30:35 -0700 Subject: [PATCH 373/375] Update the ReleaseNotes.md for the 13.0.5 open-vm-tools release. --- ReleaseNotes.md | 64 +++++++++++++------------------------------------ 1 file changed, 17 insertions(+), 47 deletions(-) diff --git a/ReleaseNotes.md b/ReleaseNotes.md index 1e9ada89d..7047accc5 100644 --- a/ReleaseNotes.md +++ b/ReleaseNotes.md @@ -1,8 +1,8 @@ -# open-vm-tools 13.0.0 Release Notes +# open-vm-tools 13.0.5 Release Notes -Updated on: 17 June 2025 +Updated on: 29 Sep 2025 -open-vm-tools | 17 JUNE 2025 | Build 24696409 +open-vm-tools | 29 SEP 2025 | Build 24915695 Check back for additions and updates to these release notes. @@ -12,7 +12,6 @@ The release notes cover the following topics: * [What's New](#whatsnew) * [Internationalization](#i18n) -* [Product Support Notice](#suppnote) * [Guest Operating System Customization Support](#guestop) * [Interoperability Matrix](#interop) * [Resolved Issues](#resolvedissues) @@ -20,21 +19,21 @@ The release notes cover the following topics: ## What's New -* The vm-support script has been improved (version 0.98). +* This release resolves [CVE-2025-41244](https://www.cve.org/CVERecord?id=CVE-2025-41244). For more information on this vulnerability and its impact on Broadcom products, see [VMSA-2025-0015](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36149). - To aid in triaging open-vm-tools issues, the vm-support script has been updated to: - * now collect all current open-vm-tools log files as configured in the [logging] section of tools.conf. - * collect one month of information from the systemd journal. + A patch to address CVE-2025-41244 on earlier open-vm-tools releases is provided to the Linux community at [CVE-2025-41244.patch](https://github.com/vmware/open-vm-tools/tree/CVE-2025-41244.patch). + +* Guest OS Customization has been updated to use "systemctl reboot", if available. * Please see the [Resolved Issues](#resolvedissues) and [Known Issues](#knownissues) sections below. -* A complete list of the granular changes in the open-vm-tools 13.0.0 release is available at: +* A complete list of the granular changes in the open-vm-tools 13.0.5 release is available at: - [open-vm-tools ChangeLog](https://github.com/vmware/open-vm-tools/blob/stable-13.0.0/open-vm-tools/ChangeLog) + [open-vm-tools ChangeLog](https://github.com/vmware/open-vm-tools/blob/stable-13.0.5/open-vm-tools/ChangeLog) ## Internationalization -open-vm-tools 13.0.0 is available in the following languages: +open-vm-tools 13.0.5 is available in the following languages: * English * French @@ -52,47 +51,18 @@ The [Broadcom Product Interoperability Matrix](https://interopmatrix.broadcom.c ## Resolved Issues -* **The following github.com/vmware/open-vm-tools pull requests and issues has been addressed.** - - * FTBFS: --std=c23 conflicting types between function definition and declaration MXUserTryAcquireForceFail() - - [Fixes Issue #750](https://github.com/vmware/open-vm-tools/issues/750)
- [Pull request #751](https://github.com/vmware/open-vm-tools/pull/751) - - * Provide tools.conf settings to deactivate one-time and periodic time synchronization - - The new tools.conf settings `disable-all` and `disable-periodic` allow the guest OS administrator to deactivate one-time and periodic time synchronization without rebooting the VM or restarting the guest OS. - - [Fixes Issue #302](https://github.com/vmware/open-vm-tools/issues/302) - - * Fix xmlsec detection when cross-compiling with pkg-config - - [Pull request #732](https://github.com/vmware/open-vm-tools/pull/732) - -* **After October 25, 2024, with open-vm-tools earlier than 13.0.0, the salt-minion component is not installed or fails to install in a guest operating system through the VMware Component Manager** - - When you configure the salt-minion component in the present state, its last status is set to 102 (not installed) or 103 (installation failed), never reaching the installed state 100. +* **This release resolves CVE-2025-41244.** - * The VM advanced setting with the key "guestinfo./vmware.components.salt_minion.desiredstate" has a value present. - * The VM advanced setting with the key "guestinfo.vmware.components.salt_minion.laststatus" has a value 102 or 103. + * For more information on this vulnerability and its impact on Broadcom products, see [VMSA-2025-0015](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36149). - The salt-minion component installs a log file with traces indicating failure to access the online salt repository on https://repo.saltproject.io. The "vmware-svtminion.sh-install-*.log" file for the failed install shows a trace similar to: + * A patch to address CVE-2025-41244 on earlier open-vm-tools releases is provided to the Linux community at [CVE-2025-41244.patch](https://github.com/vmware/open-vm-tools/tree/CVE-2025-41244.patch). - ``` - INFO: /usr/lib64/open-vm-tools/componentMgr/saltMinion/svtminion.sh:_curl_download attempting download of file 'repo.json' - WARNING: /usr/lib64/open-vm-tools/componentMgr/saltMinion/svtminion.sh:_curl_download failed to download file 'repo.json' from 'https://repo.saltproject.io/salt/py3/onedir/repo.json' on '0' attempt, retcode '6' - WARNING: /usr/lib64/open-vm-tools/componentMgr/saltMinion/svtminion.sh:_curl_download failed to download file 'repo.json' from 'https://repo.saltproject.io/salt/py3/onedir/repo.json' on '1' attempt, retcode '6' - WARNING: /usr/lib64/open-vm-tools/componentMgr/saltMinion/svtminion.sh:_curl_download failed to download file 'repo.json' from 'https://repo.saltproject.io/salt/py3/onedir/repo.json' on '2' attempt, retcode '6' - WARNING: /usr/lib64/open-vm-tools/componentMgr/saltMinion/svtminion.sh:_curl_download failed to download file 'repo.json' from 'https://repo.saltproject.io/salt/py3/onedir/repo.json' on '3' attempt, retcode '6' - WARNING: /usr/lib64/open-vm-tools/componentMgr/saltMinion/svtminion.sh:_curl_download failed to download file 'repo.json' from 'https://repo.saltproject.io/salt/py3/onedir/repo.json' on '4' attempt, retcode '6' - ERROR: /usr/lib64/open-vm-tools/componentMgr/saltMinion/svtminion.sh:_curl_download failed to download file 'repo.json' from 'https://repo.saltproject.io/salt/py3/onedir/repo.json' after '5' attempts - ``` +* **Guest OS Customization updated to use "systemctl reboot".** - This issue is resolved in this release. + Currently the "telinit 6" command is used to reboot a Linux VM following Guest OS Customization. As the classic Linux init system, SysVinit, is deprecated in favor of a newer init system, systemd, the telinit command may not be available on the base Linux OS. - The new versions of the salt-minion integration scripts supporting the new Salt Project repository locations are available at: + This change adds support to Guest OS Customization for the systemd init system. If the modern init system, systemd, is available, then a "systemctl reboot" command will be used to trigger reboot. Otherwise, the "telinit 6" command will be used assuming the traditional init system, SysVinit, is still available. - * [https://packages.broadcom.com/artifactory/saltproject-generic/onedir/](https://packages.broadcom.com/artifactory/saltproject-generic/onedir/) ## Known Issues @@ -108,4 +78,4 @@ The [Broadcom Product Interoperability Matrix](https://interopmatrix.broadcom.c vmhgfs-fuse /mnt/hgfs fuse defaults,allow_other 0 0 - For more information on how to configure VMware Tools Shared Folders, see [KB 60262](https://knowledge.broadcom.com/external/article?legacyId=60262) + For more information on how to configure VMware Tools Shared Folders, see [KB 60262](https://knowledge.broadcom.com/external/article?legacyId=60262). From 4c7899b1d241dad1259eedbc999b4f25041c4fca Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Mon, 29 Sep 2025 23:37:12 -0700 Subject: [PATCH 374/375] ================================================= open-vm-tools 13.0.5 released at this point. ================================================= Update of the ChangeLog with the final changes in preparation for the open-vm-tools 13.0.5 release. --- open-vm-tools/ChangeLog | 76 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 76 insertions(+) diff --git a/open-vm-tools/ChangeLog b/open-vm-tools/ChangeLog index f6b732094..3a4bc5b86 100644 --- a/open-vm-tools/ChangeLog +++ b/open-vm-tools/ChangeLog @@ -1,3 +1,79 @@ +commit d3e111e46db3acc56ac592fe8d695dc63f9b4c11 +Author: Kruti Pendharkar +Date: Mon Sep 29 23:30:35 2025 -0700 + + Update the ReleaseNotes.md for the 13.0.5 open-vm-tools release. + +commit ae3ca4ef23348a9a883fd3c63d4bcbc79f615c59 +Author: Kruti Pendharkar +Date: Mon Sep 29 23:23:35 2025 -0700 + + Prepare for the open-vm-tools 13.0.5 release. + + - Update the tools version in the configure.ac. + - Update the build numbers in the buldNumber.h. + +commit 3ab0685c1cf7981c84898d546a73d6db6dcd3823 +Author: Kruti Pendharkar +Date: Mon Sep 29 23:03:43 2025 -0700 + + Address CVE-2025-41244 + - Disable (default) the execution of the SDMP get-versions.sh script. + + With the Linux SDMP get-versions.sh script disabled, version information + of installed services will not be made available to VMware Aria + +commit 1de3f643df26c37a477d717254be95d414bd0c39 +Author: Kruti Pendharkar +Date: Mon Sep 29 23:03:43 2025 -0700 + + Change to common source files not applicable to open-vm-tools. + +commit f0e624d1ae33cee7e66aaed17d82242272383c9a +Author: Kruti Pendharkar +Date: Mon Sep 29 23:03:43 2025 -0700 + + Change to common source files not applicable to open-vm-tools. + +commit 7ff34bef69c7252fb0ceb628f64103b0fa4f56f2 +Author: Kruti Pendharkar +Date: Mon Sep 29 23:03:43 2025 -0700 + + Use different command to reboot linux VM, depending on the init system type + + We currently use the "telinit 6" command to reboot linux VMs. + However, the "telinit" command will be unavailable in the future as SysVinit + will be deprecated on some modern linux systems. + + For example: In SUSE, "telinit" command is part of systemd-sysvcompat + (15 SP6 and newer) or systemd-sysvinit (older than 15 SP6), whereas in some + SUSE images or templates such as SUSE minimal VM has no such packages installed. + See SUSE KB: https://www.suse.com/support/kb/doc/?id=000021564 + + This change detects the init system of a linux and uses different command + to trigger reboot. If the modern init system, systemd, is available, then + "systemctl reboot" command will be used to trigger reboot. Otherwise, continue + using "telinit 6" command as SysVinit, the traditional init system, is still + available. + +commit 7e8d6f072381e606c0c211069c3ba14582e9b30e +Author: Kruti Pendharkar +Date: Mon Sep 29 23:03:43 2025 -0700 + + Set the tools version for open-vm-tools 13.0.5 release + +commit 248d01bdd92371cd868c5486ab48ce2f845d208f +Author: Kruti Pendharkar +Date: Mon Sep 29 23:03:43 2025 -0700 + + Change to common header file not applicable to open-vm-tools. + +commit 3c28b6f4d9af2df2027a9df9c82e2f0196bd8bf7 +Author: Kruti Pendharkar +Date: Wed Jun 18 21:05:18 2025 -0700 + + Update ChangeLog with the open-vm-tools 13.0.0 release marker. + commit 01d8ecaee6b85a897c281dcaf5c080acc6ccf576 Author: Kruti Pendharkar Date: Wed Jun 18 20:59:50 2025 -0700 From fbc80ffbd226b4a61bb8ea1c9a682b5c7614e3fd Mon Sep 17 00:00:00 2001 From: Kruti Pendharkar Date: Mon, 29 Sep 2025 23:45:41 -0700 Subject: [PATCH 375/375] Update ChangeLog with the open-vm-tools 13.0.5 release marker. --- open-vm-tools/ChangeLog | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/open-vm-tools/ChangeLog b/open-vm-tools/ChangeLog index 3a4bc5b86..d945c7f06 100644 --- a/open-vm-tools/ChangeLog +++ b/open-vm-tools/ChangeLog @@ -1,3 +1,14 @@ +commit 4c7899b1d241dad1259eedbc999b4f25041c4fca +Author: Kruti Pendharkar +Date: Mon Sep 29 23:37:12 2025 -0700 + + ================================================= + open-vm-tools 13.0.5 released at this point. + ================================================= + + Update of the ChangeLog with the final changes in preparation for + the open-vm-tools 13.0.5 release. + commit d3e111e46db3acc56ac592fe8d695dc63f9b4c11 Author: Kruti Pendharkar Date: Mon Sep 29 23:30:35 2025 -0700