From: Theo Buehler Subject: Re: git 2.50.1 To: ports@openbsd.org, kn@openbsd.org, benoit@openbsd.org Date: Wed, 9 Jul 2025 14:23:49 +0200 On Wed, Jul 09, 2025 at 01:12:00PM +0100, Stuart Henderson wrote: > On 2025/07/09 13:53, Theo Buehler wrote: > > Simple update to fix a bunch of security issues - I unexpectedly had to > > fiddle with git submodules, so I preferred having the RCE out of the way: > > > > https://www.openwall.com/lists/oss-security/2025/07/08/4 > > > > I guess this should also go to stable. > > yes please (in this case I'd suggest syncing the whole lot from -current > including the MP patches, rather than going for 2.49.1). Alright. That would look like this. Would appreciate a second set of eyes on this. Index: Makefile =================================================================== RCS file: /cvs/ports/devel/git/Makefile,v diff -u -p -r1.285 Makefile --- Makefile 15 Mar 2025 16:15:15 -0000 1.285 +++ Makefile 9 Jul 2025 12:18:51 -0000 @@ -2,7 +2,7 @@ COMMENT-main = distributed version contr COMMENT-svn = subversion interoperability tools COMMENT-x11 = graphical tools -V = 2.49.0 +V = 2.50.1 DISTNAME = git-${V} CATEGORIES = devel @@ -36,9 +36,6 @@ BUILD_DEPENDS = devel/gettext,-tools \ MULTI_PACKAGES = -main -svn -x11 WANTLIB-main = c crypto curl expat iconv intl pthread ssl z -# for curl -WANTLIB-main += nghttp2 - RUN_DEPENDS-main = devel/cvsps \ devel/got,-gitwrapper \ Index: distinfo =================================================================== RCS file: /cvs/ports/devel/git/distinfo,v diff -u -p -r1.210 distinfo --- distinfo 15 Mar 2025 16:15:15 -0000 1.210 +++ distinfo 9 Jul 2025 12:14:34 -0000 @@ -1,4 +1,4 @@ -SHA256 (git-2.49.0.tar.gz) = +AR/Vy9mW+vrY3/V8UZ48xs8pdL/mhjyC9klvUj3XTw= -SHA256 (git-manpages-2.49.0.tar.gz) = tWElKEHq0eMth9vsjyVzmeoI91nJjfYsO6+lpljy+Kw= -SIZE (git-2.49.0.tar.gz) = 11530700 -SIZE (git-manpages-2.49.0.tar.gz) = 1005223 +SHA256 (git-2.50.1.tar.gz) = Ui0WNfi2K0hLDOJJk4GKrTyrjhHrtX4Za9o4oxQOqRU= +SHA256 (git-manpages-2.50.1.tar.gz) = lgiMWDEpyX7ZorAXcbiyitednymXtGeGYW3z40sYDuQ= +SIZE (git-2.50.1.tar.gz) = 11755615 +SIZE (git-manpages-2.50.1.tar.gz) = 1023050 Index: patches/patch-builtin_gc_c =================================================================== RCS file: patches/patch-builtin_gc_c diff -N patches/patch-builtin_gc_c --- patches/patch-builtin_gc_c 15 Mar 2025 16:15:15 -0000 1.18 +++ /dev/null 1 Jan 1970 00:00:00 -0000 @@ -1,32 +0,0 @@ -Replace sysctl HW_PHYSMEM/MEMSIZE/whatever madness with sysconf. - -Index: builtin/gc.c ---- builtin/gc.c.orig -+++ builtin/gc.c -@@ -375,20 +375,13 @@ static uint64_t total_ram(void) - - if (!sysinfo(&si)) - return si.totalram; --#elif defined(HAVE_BSD_SYSCTL) && (defined(HW_MEMSIZE) || defined(HW_PHYSMEM)) -- int64_t physical_memory; -- int mib[2]; -- size_t length; -+#elif defined(_SC_PHYS_PAGES) && defined(_SC_PAGESIZE) -+ long phys_pages, pagesize; - -- mib[0] = CTL_HW; --# if defined(HW_MEMSIZE) -- mib[1] = HW_MEMSIZE; --# else -- mib[1] = HW_PHYSMEM; --# endif -- length = sizeof(int64_t); -- if (!sysctl(mib, 2, &physical_memory, &length, NULL, 0)) -- return physical_memory; -+ phys_pages = sysconf(_SC_PHYS_PAGES); -+ pagesize = sysconf(_SC_PAGESIZE); -+ if (phys_pages != -1 && pagesize != -1) -+ return (uint64_t)phys_pages * (uint64_t)pagesize; - #elif defined(GIT_WINDOWS_NATIVE) - MEMORYSTATUSEX memInfo; - Index: patches/patch-config_mak_uname =================================================================== RCS file: patches/patch-config_mak_uname diff -N patches/patch-config_mak_uname --- patches/patch-config_mak_uname 15 Oct 2024 10:58:21 -0000 1.23 +++ /dev/null 1 Jan 1970 00:00:00 -0000 @@ -1,15 +0,0 @@ -OpenBSD wants DIR_HAS_BSD_GROUP_SEMANTICS, just like FreeBSD - -Index: config.mak.uname ---- config.mak.uname.orig -+++ config.mak.uname -@@ -294,8 +294,7 @@ ifeq ($(uname_S),FreeBSD) - FILENO_IS_A_MACRO = UnfortunatelyYes - endif - ifeq ($(uname_S),OpenBSD) -- NO_STRCASESTR = YesPlease -- NO_MEMMEM = YesPlease -+ DIR_HAS_BSD_GROUP_SEMANTICS = YesPlease - USE_ST_TIMESPEC = YesPlease - NEEDS_LIBICONV = YesPlease - BASIC_CFLAGS += -I/usr/local/include Index: patches/patch-preload-index_c =================================================================== RCS file: patches/patch-preload-index_c diff -N patches/patch-preload-index_c --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ patches/patch-preload-index_c 9 Jul 2025 12:14:10 -0000 @@ -0,0 +1,15 @@ +cap the number of cpus detected by git to 4; on many-cpu systems, significant +cpu time is accounted to spinlocks when running various operations on OpenBSD + +Index: preload-index.c +--- preload-index.c.orig ++++ preload-index.c +@@ -124,6 +124,8 @@ void preload_index(struct index_state *index, + trace2_region_enter("index", "preload", NULL); + + trace_performance_enter(); ++ if (threads > online_cpus()) ++ threads = online_cpus(); + if (threads > MAX_PARALLEL) + threads = MAX_PARALLEL; + offset = 0; Index: patches/patch-thread-utils_c =================================================================== RCS file: /cvs/ports/devel/git/patches/patch-thread-utils_c,v diff -u -p -r1.2 patch-thread-utils_c --- patches/patch-thread-utils_c 11 Mar 2022 18:50:06 -0000 1.2 +++ patches/patch-thread-utils_c 9 Jul 2025 12:14:10 -0000 @@ -1,30 +1,32 @@ -Use sysconf(_SC_NPROCESSORS_ONLN) to properly omit disabled smt cores. +Cap the maximum number of detected cores to 4; on many-cpu systems, kernel +locking takes significant cpu time. This could be revised as SMT in OpenBSD +improves, and the value can be overridden in /etc/gitconfig if needed e.g. + +[grep] + threads = 8 +[index] + threads = 8 +[pack] + threads = 8 Index: thread-utils.c --- thread-utils.c.orig +++ thread-utils.c -@@ -25,9 +25,10 @@ int online_cpus(void) - #else - #ifdef _SC_NPROCESSORS_ONLN - long ncpus; --#endif - --#ifdef GIT_WINDOWS_NATIVE -+ if ((ncpus = (long)sysconf(_SC_NPROCESSORS_ONLN)) > 0) -+ return (int)ncpus; -+#elif defined(GIT_WINDOWS_NATIVE) - SYSTEM_INFO info; - GetSystemInfo(&info); +@@ -18,6 +18,8 @@ + # endif + #endif -@@ -55,11 +56,6 @@ int online_cpus(void) ++#define MIN(a,b) (((a)<(b))?(a):(b)) ++ + int online_cpus(void) + { + #ifdef NO_PTHREADS +@@ -53,7 +55,7 @@ int online_cpus(void) + # endif /* HW_AVAILCPU */ + len = sizeof(cpucount); if (!sysctl(mib, 2, &cpucount, &len, NULL, 0)) - return cpucount; +- return cpucount; ++ return MIN(cpucount, 4); #endif /* defined(HAVE_BSD_SYSCTL) && defined(HW_NCPU) */ -- --#ifdef _SC_NPROCESSORS_ONLN -- if ((ncpus = (long)sysconf(_SC_NPROCESSORS_ONLN)) > 0) -- return (int)ncpus; --#endif - return 1; - #endif + #ifdef _SC_NPROCESSORS_ONLN Index: pkg/PLIST-main =================================================================== RCS file: /cvs/ports/devel/git/pkg/PLIST-main,v diff -u -p -r1.118 PLIST-main --- pkg/PLIST-main 15 Mar 2025 16:15:15 -0000 1.118 +++ pkg/PLIST-main 9 Jul 2025 12:18:51 -0000 @@ -64,6 +64,7 @@ libexec/git/git-cvsserver @bin libexec/git/git-diff @bin libexec/git/git-diff-files @bin libexec/git/git-diff-index +@bin libexec/git/git-diff-pairs @bin libexec/git/git-diff-tree @bin libexec/git/git-difftool libexec/git/git-difftool--helper @@ -259,6 +260,7 @@ libexec/git/mergetools/xxdiff @man man/man1/git-diagnose.1 @man man/man1/git-diff-files.1 @man man/man1/git-diff-index.1 +@man man/man1/git-diff-pairs.1 @man man/man1/git-diff-tree.1 @man man/man1/git-diff.1 @man man/man1/git-difftool.1 @@ -414,6 +416,9 @@ libexec/git/mergetools/xxdiff @man man/man7/gittutorial-2.7 @man man/man7/gittutorial.7 @man man/man7/gitworkflows.7 +share/bash-completion/ +share/bash-completion/completions/ +share/bash-completion/completions/git share/doc/pkg-readmes/${PKGSTEM} share/emacs/ share/emacs/site-lisp/ @@ -455,6 +460,7 @@ share/locale/de/LC_MESSAGES/git.mo share/locale/el/LC_MESSAGES/git.mo share/locale/es/LC_MESSAGES/git.mo share/locale/fr/LC_MESSAGES/git.mo +share/locale/ga/LC_MESSAGES/git.mo share/locale/id/LC_MESSAGES/git.mo share/locale/is/ share/locale/is/LC_MESSAGES/ Index: pkg/PLIST-x11 =================================================================== RCS file: /cvs/ports/devel/git/pkg/PLIST-x11,v diff -u -p -r1.18 PLIST-x11 --- pkg/PLIST-x11 10 Mar 2022 12:03:36 -0000 1.18 +++ pkg/PLIST-x11 9 Jul 2025 12:18:51 -0000 @@ -81,5 +81,6 @@ share/gitk/lib/msgs/pt_br.msg share/gitk/lib/msgs/pt_pt.msg share/gitk/lib/msgs/ru.msg share/gitk/lib/msgs/sv.msg +share/gitk/lib/msgs/ta.msg share/gitk/lib/msgs/vi.msg share/gitk/lib/msgs/zh_cn.msg Index: pkg/README-main =================================================================== RCS file: /cvs/ports/devel/git/pkg/README-main,v diff -u -p -r1.4 README-main --- pkg/README-main 10 Mar 2022 12:03:36 -0000 1.4 +++ pkg/README-main 9 Jul 2025 12:18:51 -0000 @@ -10,3 +10,17 @@ the following additional packages. p5-Net-SMTP-SSL p5-Authen-SASL + +CPU count detection +=================== +To improve performance on OpenBSD systems with many CPUs, this package +is patched to cap the number of detected CPUs at a maximum of 4, to avoid +the kernel spending significant time in spin locks. This can be overridden +to increase or decrease if wanted in ${SYSCONFDIR}/gitconfig, e.g. + +[grep] + threads = 8 +[index] + threads = 8 +[pack] + threads = 8