!98 sync some patches from upstream

From: @yangl777 
Reviewed-by: @robertxw 
Signed-off-by: @robertxw

arping-Fix-exit-code-on-w-option.patch

@@ -0,0 +1,24 @@
+From 4c2dd9f020df2749bdff294756b04aafa99ad624 Mon Sep 17 00:00:00 2001
+From: eaglegai <eaglegai@163.com>
+Date: Fri, 18 Mar 2022 19:32:21 +0800
+Subject: [PATCH] arping: Fix exit code on -w option when count * interval >
+ timeout
+
+Signed-off-by: eaglegai <eaglegai@163.com>
+---
+ arping.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/arping.c b/arping.c
+index 20b0554b..fe79d2f8 100644
+--- a/arping.c
++++ b/arping.c
+@@ -850,7 +850,7 @@ static int event_loop(struct run_state *ctl)
+ 	else if (ctl->dad && ctl->quit_on_reply)
+ 		/* Duplicate address detection mode return value */
+ 		rc |= !(ctl->brd_sent != ctl->received);
+-	else if (ctl->timeout && !(ctl->count > 0))
++	else if (ctl->timeout && (!(ctl->count > 0) || (ctl->interval > ctl->timeout / ctl->count)))
+ 		rc |= !(ctl->received > 0);
+ 	else
+ 		rc |= (ctl->sent != ctl->received);

backport-Revert-ping-use-random-value-for-the-identifier-field.patch

@@ -0,0 +1,155 @@
+From d466aabcadcc2d7fd1f132ea3f580ad102773cf9 Mon Sep 17 00:00:00 2001
+From: Petr Vorel <pvorel@suse.cz>
+Date: Wed, 6 Dec 2023 15:42:16 +0100
+Subject: [PATCH] Revert "ping: use random value for the identifier field"
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+This reverts commit 5026c2221a15bf13e601eade015c971bf07a27e9.
+
+Unlike TCP and UDP, which use port to uniquely identify the socket to
+deliver data, ICMP use identifier field (ID) to identify the socket.
+
+Therefore if on the same machine, at the same time, two ping processes
+use the same ID, echo reply can be delivered to the wrong socket.
+
+This is known problem due 16 bit ID field (65535). We used to use PID
+to get unique number. The default value of /proc/sys/kernel/pid_max is
+32768 (half).
+
+The problem is not new, but it was hidden until 5f6bec5 ("ping: Print
+reply with wrong source with warning").  5026c22 changed it to use our
+random implementation to increase security. But that actually increases
+the collisions on systems that use ping heavily: e.g. ping run with
+Nagios via Debian specific check-host-alive Nagios plugin:
+
+    $ ping -n -v -D -W 1 -i 1 -c 5 -M 'do' -s 56 -O "$Host")
+
+(75-100 ping instances in the reported issue.)
+
+Because we consider warning from 5f6bec5 useful and not consider leaking
+PID information as a real security issue, we revert 5026c22. getpid() is
+used in other ping implementations:
+
+* fping
+https://github.com/schweikert/fping/blob/develop/src/fping.c#L496
+
+* busybox
+https://git.busybox.net/busybox/tree/networking/ping.c#n376
+
+* FreeBSD
+https://cgit.freebsd.org/src/tree/sbin/ping/ping.c#n632
+
+* inetutils
+https://git.savannah.gnu.org/cgit/inetutils.git/tree/ping/ping.c#n286
+
+* Apple
+https://opensource.apple.com/source/network_cmds/network_cmds-433/ping.tproj/ping.c.auto.html
+
+In case leaking PID *is* a real problem, we could solve this with
+comparing the ICMP optional data.  We could add 128 bit random value to
+check. But we already use struct timeval if packet size is big enough
+for it (>= 16 bits), therefore we could use it for comparing for most of
+the packet sizes (the default is 56 bits).
+
+Fixes: https://github.com/iputils/iputils/issues/489
+Closes: https://github.com/iputils/iputils/pull/503
+Reported-by: Miloslav Hůla <miloslav.hula@gmail.com>
+Suggested-by: Cyril Hrubis <chrubis@suse.cz>
+Acked-by: Johannes Segitz jsegitz@suse.de
+Acked-by: Cyril Hrubis <chrubis@suse.cz>
+Signed-off-by: Petr Vorel <pvorel@suse.cz>
+
+Conflict:NA
+Reference:https://github.com/iputils/iputils/commit/d466aabcadcc2d7fd1f132ea3f580ad102773cf9
+---
+ ping/node_info.c    | 1 +
+ ping/ping.c         | 4 +---
+ ping/ping.h         | 2 +-
+ ping/ping6_common.c | 2 +-
+ ping/ping_common.c  | 4 ++--
+ 5 files changed, 6 insertions(+), 7 deletions(-)
+
+diff --git a/ping/node_info.c b/ping/node_info.c
+index 10a76818..ce392a28 100644
+--- a/ping/node_info.c
++++ b/ping/node_info.c
+@@ -91,6 +91,7 @@ int niquery_is_enabled(struct ping_ni *ni)
+ void niquery_init_nonce(struct ping_ni *ni)
+ {
+ #if PING6_NONCE_MEMORY
++	iputils_srand();
+ 	ni->nonce_ptr = calloc(NI_NONCE_SIZE, MAX_DUP_CHK);
+ 	if (!ni->nonce_ptr)
+ 		error(2, errno, "calloc");
+diff --git a/ping/ping.c b/ping/ping.c
+index f4707104..0ff5a487 100644
+--- a/ping/ping.c
++++ b/ping/ping.c
+@@ -569,8 +569,6 @@ main(int argc, char **argv)
+ 	if (!argc)
+ 		error(1, EDESTADDRREQ, "usage error");
+ 
+-	iputils_srand();
+-
+ 	target = argv[argc - 1];
+ 
+ 	rts.outpack = malloc(rts.datalen + 28);
+@@ -1527,7 +1525,7 @@ in_cksum(const unsigned short *addr, int len, unsigned short csum)
+ /*
+  * pinger --
+  * 	Compose and transmit an ICMP ECHO REQUEST packet.  The IP packet
+- * will be added on by the kernel.  The ID field is a random number,
++ * will be added on by the kernel.  The ID field is our UNIX process ID,
+  * and the sequence number is an ascending integer.  The first several bytes
+  * of the data portion are used to hold a UNIX "timeval" struct in VAX
+  * byte-order, to compute the round-trip time.
+diff --git a/ping/ping.h b/ping/ping.h
+index 04b2ccf4..7799395f 100644
+--- a/ping/ping.h
++++ b/ping/ping.h
+@@ -159,7 +159,7 @@ struct ping_rts {
+ 	size_t datalen;
+ 	char *hostname;
+ 	uid_t uid;
+-	int ident;			/* random id to identify our packets */
++	int ident;			/* process id to identify our packets */
+ 
+ 	int sndbuf;
+ 	int ttl;
+diff --git a/ping/ping6_common.c b/ping/ping6_common.c
+index 7b2bf158..5e78f852 100644
+--- a/ping/ping6_common.c
++++ b/ping/ping6_common.c
+@@ -583,7 +583,7 @@ int ping6_receive_error_msg(struct ping_rts *rts, socket_st *sock)
+ /*
+  * pinger --
+  * 	Compose and transmit an ICMP ECHO REQUEST packet.  The IP packet
+- * will be added on by the kernel.  The ID field is a random number,
++ * will be added on by the kernel.  The ID field is our UNIX process ID,
+  * and the sequence number is an ascending integer.  The first several bytes
+  * of the data portion are used to hold a UNIX "timeval" struct in VAX
+  * byte-order, to compute the round-trip time.
+diff --git a/ping/ping_common.c b/ping/ping_common.c
+index ed4fee87..6eb1aa4e 100644
+--- a/ping/ping_common.c
++++ b/ping/ping_common.c
+@@ -303,7 +303,7 @@ void print_timestamp(struct ping_rts *rts)
+ /*
+  * pinger --
+  * 	Compose and transmit an ICMP ECHO REQUEST packet.  The IP packet
+- * will be added on by the kernel.  The ID field is a random number,
++ * will be added on by the kernel.  The ID field is our UNIX process ID,
+  * and the sequence number is an ascending integer.  The first several bytes
+  * of the data portion are used to hold a UNIX "timeval" struct in VAX
+  * byte-order, to compute the round-trip time.
+@@ -536,7 +536,7 @@ void setup(struct ping_rts *rts, socket_st *sock)
+ 	}
+ 
+ 	if (sock->socktype == SOCK_RAW && rts->ident == -1)
+-		rts->ident = rand() & IDENTIFIER_MAX;
++		rts->ident = htons(getpid() & 0xFFFF);
+ 
+ 	set_signal(SIGINT, sigexit);
+ 	set_signal(SIGALRM, sigexit);

backport-clockdiff-Set-ppoll-timeout-minimum-to-1ms.patch

@@ -0,0 +1,27 @@
+From 471942dee341e5aae2a277ecd85c05e671752880 Mon Sep 17 00:00:00 2001
+From: caibingcheng <jack_cbc@163.com>
+Date: Mon, 24 Apr 2023 20:45:28 +0800
+Subject: [PATCH] clockdiff: Set ppoll timeout minimum to 1ms
+
+Fixes: https://github.com/iputils/iputils/issues/326
+Closes: https://github.com/iputils/iputils/pull/459
+Reviewed-by: Petr Vorel <pvorel@suse.cz>
+Reviewed-by: Noah Meyerhans <noahm@debian.org>
+Signed-off-by: caibingcheng <jack_cbc@163.com>
+---
+ clockdiff.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/clockdiff.c b/clockdiff.c
+index 5e639ab7..ccb5b5b3 100644
+--- a/clockdiff.c
++++ b/clockdiff.c
+@@ -210,7 +210,7 @@ static int measure_inner_loop(struct run_state *ctl, struct measure_vars *mv)
+ 	struct pollfd p = { .fd = ctl->sock_raw, .events = POLLIN | POLLHUP };
+ 
+ 	{
+-		long tmo = ctl->rtt + ctl->rtt_sigma;
++		long tmo = MAX(ctl->rtt + ctl->rtt_sigma, 1);
+ 
+ 		mv->tout.tv_sec = tmo / 1000;
+ 		mv->tout.tv_nsec = (tmo - (tmo / 1000) * 1000) * 1000000;

backport-ping-Fix-the-errno-handling-for-strtod.patch

@@ -0,0 +1,64 @@
+From 33e78be2e60ed9ac918dec13271d1bd9dce6e94e Mon Sep 17 00:00:00 2001
+From: Jacek Tomasiak <jtomasiak@arista.com>
+Date: Mon, 6 Feb 2023 13:39:44 +0100
+Subject: [PATCH] ping: Fix the errno handling for strtod
+
+The setlocale(LC_ALL, "") following the strtod() for the '-i' option
+can fail if the LC_CTYPE is invalid.
+
+Hence the errno check following the setlocale(LC_ALL, "") thinks
+wrongly that strtod() failed with the errno and prints a warning:
+
+$ LC_ALL=XXX ping -i 1.9 -c1 8.8.8.8
+ping: option argument contains garbage:
+ping: this will become fatal error in the future
+PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
+64 bytes from 8.8.8.8: icmp_seq=1 ttl=58 time=1.34 ms
+
+The errno got from the execution of strtod() is saved and restored
+after setlocale() to be checked for any errors.
+
+The problem is only on Fedora/CentOS/RHEL with applied patch [1]
+from 2012 for glibc bug #14247.
+
+[1] https://src.fedoraproject.org/rpms/glibc/blob/rawhide/f/glibc-rh827510.patch
+
+Link: https://sourceware.org/bugzilla/show_bug.cgi?id=14247
+Closes: https://github.com/iputils/iputils/pull/450
+
+Reference:https://github.com/iputils/iputils/commit/33e78be2e60ed9ac918dec13271d1bd9dce6e94e
+Conflict:NA
+
+Fixes: 918e824 ("ping: add support for sub-second timeouts")
+Co-Developed-by: Sriram Rajagopalan <sriramr@arista.com>
+Reviewed-by: Petr Vorel <pvorel@suse.cz>
+[ pvorel: mention glibc bug and Fedora/CentOS/RHEL ]
+Signed-off-by: Sriram Rajagopalan <sriramr@arista.com>
+Signed-off-by: Jacek Tomasiak <jtomasiak@arista.com>
+---
+ ping/ping.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/ping/ping.c b/ping/ping.c
+index 89b0fa19..8f442037 100644
+--- a/ping/ping.c
++++ b/ping/ping.c
+@@ -214,6 +214,7 @@ static double ping_strtod(const char *str, const char *err_msg)
+ {
+ 	double num;
+ 	char *end = NULL;
++	int strtod_errno = 0;
+ 
+ 	if (str == NULL || *str == '\0')
+ 		goto err;
+@@ -225,7 +226,10 @@ static double ping_strtod(const char *str, const char *err_msg)
+ 	 */
+ 	setlocale(LC_ALL, "C");
+ 	num = strtod(str, &end);
++	strtod_errno = errno;
+ 	setlocale(LC_ALL, "");
++	/* Ignore setlocale() errno (e.g. invalid locale in env). */
++	errno = strtod_errno;
+ 
+ 	if (errno || str == end || (end && *end)) {
+ 		error(0, 0, _("option argument contains garbage: %s"), end);

backport-ping-Handle-interval-correctly-in-the-second-after-booting.patch

@@ -0,0 +1,36 @@
+From 7448c33af407636e66ac90deb828764df51835d4 Mon Sep 17 00:00:00 2001
+From: Josh Triplett <josh@joshtriplett.org>
+Date: Mon, 20 Nov 2023 19:09:06 -0800
+Subject: [PATCH] ping: Handle interval correctly in the second after booting
+
+ping assumes that if a timespec has tv_sec == 0, it hasn't been
+initialized yet. However, in the second after booting up, tv_sec will
+legitimately be 0. This causes ping to send pings one after another
+without waiting.
+
+Check that tv_nsec is 0 as well.
+
+Link: https://github.com/iputils/iputils/pull/499
+Reviewed-by: Petr Vorel <pvorel@suse.cz>
+Tested-by: Petr Vorel <pvorel@suse.cz>
+Signed-off-by: Josh Triplett <josh@joshtriplett.org>
+
+Conflict:NA
+Reference:https://github.com/iputils/iputils/commit/7448c33af407636e66ac90deb828764df51835d4
+---
+ ping/ping_common.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/ping/ping_common.c b/ping/ping_common.c
+index c8b868b7..5a6c35aa 100644
+--- a/ping/ping_common.c
++++ b/ping/ping_common.c
+@@ -321,7 +321,7 @@ int pinger(struct ping_rts *rts, ping_func_set_st *fset, socket_st *sock)
+ 		return 1000;
+ 
+ 	/* Check that packets < rate*time + preload */
+-	if (rts->cur_time.tv_sec == 0) {
++	if (rts->cur_time.tv_sec == 0 && rts->cur_time.tv_nsec == 0) {
+ 		clock_gettime(CLOCK_MONOTONIC_RAW, &rts->cur_time);
+ 		tokens = rts->interval * (rts->preload - 1);
+ 	} else {

backport-ping-Remove-duplicate-include.patch

@@ -0,0 +1,26 @@
+From bacb69e166106f0125b7288f377299894c8c7e78 Mon Sep 17 00:00:00 2001
+From: Petr Vorel <pvorel@suse.cz>
+Date: Mon, 6 Mar 2023 21:17:09 +0100
+Subject: [PATCH] ping.h: Remove duplicate include
+
+Reference:https://github.com/iputils/iputils/commit/bacb69e166106f0125b7288f377299894c8c7e78
+Conflict:NA
+
+Fixes: ba7e8a7 ("ping: merge all ping header files into a single one")
+Signed-off-by: Petr Vorel <pvorel@suse.cz>
+---
+ ping/ping.h | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/ping/ping.h b/ping/ping.h
+index caf79cd1..ef358ad4 100644
+--- a/ping/ping.h
++++ b/ping/ping.h
+@@ -23,7 +23,6 @@
+ #include <string.h>
+ #include <netdb.h>
+ #include <setjmp.h>
+-#include <netinet/icmp6.h>
+ #include <asm/byteorder.h>
+ #include <sched.h>
+ #include <math.h>

backport-ping-check-return-value-of-write-to-avoid-integer-overflow.patch

@@ -0,0 +1,52 @@
+From 0f12e6d5bb325df4eb9273b1e294a2cf94a53120 Mon Sep 17 00:00:00 2001
+From: Jan Macku <jamacku@redhat.com>
+Date: Tue, 28 May 2024 12:25:57 +0200
+Subject: [PATCH 1/1] ping: check return value of write() to avoid integer
+ overflow
+
+Error: INTEGER_OVERFLOW (CWE-190):
+iputils-20240117/ping/ping.h:291: tainted_data_return: Called function "write(1, str + o, len - o)", and a possible return value may be less than zero.
+iputils-20240117/ping/ping.h:291: assign: Assigning: "cc" = "write(1, str + o, len - o)".
+iputils-20240117/ping/ping.h:292: overflow: The expression "o += cc" might be negative, but is used in a context that treats it as unsigned.
+iputils-20240117/ping/ping.h:291: overflow: The expression "len - o" is deemed underflowed because at least one of its arguments has underflowed.
+iputils-20240117/ping/ping.h:291: overflow_sink: "len - o", which might have underflowed, is passed to "write(1, str + o, len - o)".
+  289|           ssize_t cc;
+  290|           do {
+  291|->                 cc = write(STDOUT_FILENO, str + o, len - o);
+  292|                   o += cc;
+  293|           } while (len > o || cc < 0);
+
+Closes: https://github.com/iputils/iputils/pull/545
+Reviewed-by: Petr Vorel <pvorel@suse.cz>
+Reviewed-by: Cyril Hrubis <chrubis@suse.cz>
+Signed-off-by: Jan Macku <jamacku@redhat.com>
+
+Reference:https://github.com/iputils/iputils/commit/0f12e6d5bb325df4eb9273b1e294a2cf94a53120
+Conflict:NA
+
+---
+ ping/ping.h | 8 ++++++--
+ 1 file changed, 6 insertions(+), 2 deletions(-)
+
+diff --git a/ping/ping.h b/ping/ping.h
+index 98d035d..3e2e3c3 100644
+--- a/ping/ping.h
++++ b/ping/ping.h
+@@ -290,8 +290,12 @@ static inline void write_stdout(const char *str, size_t len)
+ 	ssize_t cc;
+ 	do {
+ 		cc = write(STDOUT_FILENO, str + o, len - o);
+-		o += cc;
+-	} while (len > o || cc < 0);
++
++		if (cc < 0)
++			break;
++
++		o += (size_t) cc;
++	} while (len > o);
+ }
+ 
+ /*
+-- 
+2.33.0
+

backport-ping-fix-IPv4-checksum-check-always-succeeding-once-again.patch

@@ -0,0 +1,45 @@
+From bacf1b7bb8555c407d065e97015319abef2a742d Mon Sep 17 00:00:00 2001
+From: Ahmad Fatoum <a.fatoum@pengutronix.de>
+Date: Thu, 4 Apr 2024 21:17:39 +0200
+Subject: [PATCH 1/1] ping: fix IPv4 checksum check always succeeding once
+ again
+
+This issue was fixed once already in commit bff65fbb6f73
+("fix checksum always success in IPv4 ping."), but was reverted
+shortly after, likely due to a botched rebase.
+
+Fix this issue again, so ping correctly reports checksum mismatches
+in ICMP ECHO replies.
+
+This time it was found with barebox v2024.03.0 (or older) which has
+broken checksum on a Raspberry Pi 3b and ping its network interface
+(checksum mismatch verified by Wireshark).
+
+Closes: https://github.com/iputils/iputils/pull/534
+Fixes: 8b8686794f69 ("warnings: remove variable shadowing")
+Reviewed-by: Petr Vorel <pvorel@suse.cz>
+Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de>
+
+Reference:https://github.com/iputils/iputils/commit/bacf1b7bb8555c407d065e97015319abef2a742d
+Conflict:NA
+
+---
+ ping/ping.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/ping/ping.c b/ping/ping.c
+index d0803fe..1a3e52c 100644
+--- a/ping/ping.c
++++ b/ping/ping.c
+@@ -1654,7 +1654,7 @@ int ping4_parse_reply(struct ping_rts *rts, struct socket_st *sock,
+ 			wrong_source = 1;
+ 		if (gather_statistics(rts, (uint8_t *)icp, sizeof(*icp), cc,
+ 				      ntohs(icp->un.echo.sequence),
+-				      reply_ttl, 0, tv, pr_addr(rts, from, sizeof *from),
++				      reply_ttl, csfailed, tv, pr_addr(rts, from, sizeof *from),
+ 				      pr_echo_reply, rts->multicast, wrong_source)) {
+ 			fflush(stdout);
+ 			return 0;
+-- 
+2.33.0
+

backport-ping-fix-overflow-on-negative.patch

@@ -0,0 +1,27 @@
+From 2a63b94313352ed62f47adbc1a0d33bfea7ca188 Mon Sep 17 00:00:00 2001
+From: Petr Vorel <pvorel@suse.cz>
+Date: Wed, 17 May 2023 00:57:24 +0200
+Subject: [PATCH] ping: Fix overflow on negative -i
+
+Restore back check for -i <= 0.
+
+Fixes: 918e824 ("ping: add support for sub-second timeouts")
+Closes: https://github.com/iputils/iputils/issues/465
+Signed-off-by: Petr Vorel <pvorel@suse.cz>
+---
+ ping/ping.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/ping/ping.c b/ping/ping.c
+index 8f442037..27c72cad 100644
+--- a/ping/ping.c
++++ b/ping/ping.c
+@@ -436,7 +436,7 @@ main(int argc, char **argv)
+ 			double optval;
+ 
+ 			optval = ping_strtod(optarg, _("bad timing interval"));
+-			if (isgreater(optval, (double)INT_MAX / 1000))
++			if (islessequal(optval, 0) || isgreater(optval, (double)INT_MAX / 1000))
+ 				error(2, 0, _("bad timing interval: %s"), optarg);
+ 			rts.interval = (int)(optval * 1000);
+ 			rts.opt_interval = 1;

backport-ping6-Fix-support-for-DSCP.patch

@@ -0,0 +1,54 @@
+From 425f711a62f7d7523badd6b917f15ad58ecdb0ae Mon Sep 17 00:00:00 2001
+From: Guillaume Nault <guillaume.nault@wanadoo.fr>
+Date: Thu, 18 May 2023 18:12:54 +0200
+Subject: [PATCH] ping6: Fix support for DSCP (Traffic Class, option -Q)
+
+Set the IPV6_TCLASS option on probe_fd. Otherwise ip-rule is unaware
+of the DSCP value at connect() time and can lookup the remote address
+in the wrong routing table.
+
+For example:
+
+  ip route add table main unreachable 2001:db8::10/124
+
+  ip route add table 100 2001:db8::10/124 dev eth0
+  ip -6 rule add dsfield 0x04 table 100
+
+  ping -Q 0x04 2001:db8::11
+
+Without this patch, probe_fd fails to connect to 2001:db8::11 (No route
+to host) since the route lookup is done in the main table instead of
+table 100.
+
+Note that, to work correctly, this patch also depends on a Linux kernel
+bug fix (see
+https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e010ae08c71fda8be3d6bda256837795a0b3ea41).
+That kernel patch has been backported to Linux stable trees and should
+have already reached most distributions.
+
+Reference:https://github.com/iputils/iputils/commit/425f711a62f7d7523badd6b917f15ad58ecdb0ae
+Conflict:NA
+
+Fixes: 33370345c7d8 ("Initial import of iputils")
+Link: https://github.com/iputils/iputils/pull/468
+Reviewed-by: Petr Vorel <pvorel@suse.cz>
+Signed-off-by: Guillaume Nault <guillaume.nault@wanadoo.fr>
+---
+ ping/ping6_common.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/ping/ping6_common.c b/ping/ping6_common.c
+index 21333aa0..e980a152 100644
+--- a/ping/ping6_common.c
++++ b/ping/ping6_common.c
+@@ -182,6 +182,10 @@ int ping6_run(struct ping_rts *rts, int argc, char **argv, struct addrinfo *ai,
+ 			disable_capability_raw();
+ 		}
+ 
++		if (rts->tclass &&
++		    setsockopt(probe_fd, IPPROTO_IPV6, IPV6_TCLASS, &rts->tclass, sizeof (rts->tclass)) <0)
++			error(2, errno, "setsockopt(IPV6_TCLASS)");
++
+ 		if (!IN6_IS_ADDR_LINKLOCAL(&rts->firsthop.sin6_addr) &&
+ 		    !IN6_IS_ADDR_MC_LINKLOCAL(&rts->firsthop.sin6_addr))
+ 			rts->firsthop.sin6_family = AF_INET6;

backport-tracepath-Dont-assume-tv_sec-0-means-unset.patch

@@ -0,0 +1,32 @@
+From c64bcd8d8eca5c7f66e75e0bc9d42828bc09ba1b Mon Sep 17 00:00:00 2001
+From: Josh Triplett <josh@joshtriplett.org>
+Date: Mon, 20 Nov 2023 19:15:40 -0800
+Subject: [PATCH] tracepath: Don't assume tv_sec == 0 means unset
+
+A CLOCK_MONOTONIC timespec's tv_sec value can legitimately be 0 during
+the second after booting. Check tv_nsec as well before assuming an unset
+timestamp.
+
+Closes: https://github.com/iputils/iputils/pull/499
+Reviewed-by: Petr Vorel <pvorel@suse.cz>
+Signed-off-by: Josh Triplett <josh@joshtriplett.org>
+
+Conflict:NA
+Reference:https://github.com/iputils/iputils/commit/c64bcd8d8eca5c7f66e75e0bc9d42828bc09ba1b
+---
+ tracepath.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/tracepath.c b/tracepath.c
+index 04d77b83..046dc332 100644
+--- a/tracepath.c
++++ b/tracepath.c
+@@ -192,7 +192,7 @@ static int recverr(struct run_state *const ctl)
+ 		ctl->his[slot].hops = 0;
+ 	}
+ 	if (recv_size == sizeof(rcvbuf)) {
+-		if (rcvbuf.ttl == 0 || rcvbuf.ts.tv_sec == 0)
++		if (rcvbuf.ttl == 0 || (rcvbuf.ts.tv_sec == 0 && rcvbuf.ts.tv_nsec == 0))
+ 			broken_router = 1;
+ 		else {
+ 			sndhops = rcvbuf.ttl;

backport-tracepath-Merge-if-clauses.patch

@@ -0,0 +1,41 @@
+From 608c62b3967882d31ff9edde97e38de0fcff154b Mon Sep 17 00:00:00 2001
+From: Petr Vorel <pvorel@suse.cz>
+Date: Wed, 24 May 2023 10:40:23 +0200
+Subject: [PATCH 018/135] tracepath: Merge if clauses
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Merge if clauses, because the printed message is the same.
+This should have been done in 3337034 ("Initial import of iputils"),
+but 2ca0f7d made it even worse when remove else from else if
+(clang-tidy was obviously wrong :)).
+
+Fixes: 2ca0f7d ("[clang-tidy] fix identical branches")
+Reviewed-by: Marek Küthe <m.k@mk16.de>
+Signed-off-by: Petr Vorel <pvorel@suse.cz>
+Reference: https://github.com/iputils/iputils/commit/608c62b3967882d31ff9edde97e38de0fcff154b
+---
+ tracepath.c | 6 ++----
+ 1 file changed, 2 insertions(+), 4 deletions(-)
+
+diff --git a/tracepath.c b/tracepath.c
+index ebb7f72..04d77b8 100644
+--- a/tracepath.c
++++ b/tracepath.c
+@@ -321,10 +321,8 @@ static int recverr(struct run_state *const ctl)
+ 		     e->ee_type == ICMPV6_TIME_EXCEED &&
+ 		     e->ee_code == ICMPV6_EXC_HOPLIMIT)) {
+ 			if (rethops >= 0) {
+-				if (sndhops >= 0 && rethops != sndhops)
+-					printf(_("asymm %2d "), rethops);
+-
+-				if (sndhops < 0 && rethops != ctl->ttl)
++				if ((sndhops >= 0 && rethops != sndhops) ||
++					(sndhops < 0 && rethops != ctl->ttl))
+ 					printf(_("asymm %2d "), rethops);
+ 			}
+ 			printf("\n");
+-- 
+2.33.0
+

backport-tracepath-Restore-the-MTU-probing-behavior.patch

@@ -0,0 +1,70 @@
+From d2311b4517beebda22c76f82a120f7b1f765a79d Mon Sep 17 00:00:00 2001
+From: csalinezh <csalinezh@gmail.com>
+Date: Thu, 5 Jan 2023 22:38:31 +0200
+Subject: [PATCH] tracepath: restore the MTU probing behaviour since release
+ 20071127
+
+Since 81d0f03 (tracepath: fix IP{V6,}_PMTUDISC_DO values), tracepath
+shows the PMTU for a target only at the first hop but not the hop where
+MTU is reduced, if that data has been cached in kernel FIB by previous
+probing attempts.
+
+IP_PMTUDISC_PROBE instructs the kernel to set the Don't Fragment flag
+while bypassing PMTU checks. Usage of IP_PMTUDISC_PROBE in tracepath was
+introduced in 37bd60c and mentioned in the release note of 20071127
+(1d83610) as a feature.
+
+As previously identified in 81d0f03 (appeared in release 20190709), the
+definition of these options became incorrect during a copy refactoring in
+d3028f1 (in release 20100418). The value for IP_PMTUDISC_PROBE continued
+to be used until 81d0f03 when the correct definition of IP_PMTUDISC_DO was
+adopted, thus causing a regression.
+
+This commit resotres the previous behaviour by adopting IP_PMTUDISC_PROBE.
+
+Fixes: d3028f1, 81d0f03
+Signed-off-by: Charles Zhang <csalinezh@gmail.com>
+---
+ iputils_common.h | 6 ++++++
+ tracepath.c      | 4 ++--
+ 2 files changed, 8 insertions(+), 2 deletions(-)
+
+diff --git a/iputils_common.h b/iputils_common.h
+index 67b495ef..49e790d8 100644
+--- a/iputils_common.h
++++ b/iputils_common.h
+@@ -55,6 +55,12 @@
+ #ifndef IPV6_PMTUDISC_DO
+ # define IPV6_PMTUDISC_DO	2
+ #endif
++#ifndef IP_PMTUDISC_PROBE
++# define IP_PMTUDISC_PROBE	3
++#endif
++#ifndef IPV6_PMTUDISC_PROBE
++# define IPV6_PMTUDISC_PROBE	3
++#endif
+ 
+ #ifdef HAVE_ERROR_H
+ # include <error.h>
+diff --git a/tracepath.c b/tracepath.c
+index 4d2a9acf..ebb7f72f 100644
+--- a/tracepath.c
++++ b/tracepath.c
+@@ -532,7 +532,7 @@ int main(int argc, char **argv)
+ 		if (ctl.mtu <= ctl.overhead)
+ 			goto pktlen_error;
+ 
+-		on = IPV6_PMTUDISC_DO;
++		on = IPV6_PMTUDISC_PROBE;
+ 		if (setsockopt(ctl.socket_fd, SOL_IPV6, IPV6_MTU_DISCOVER, &on, sizeof(on)) &&
+ 		    (on = IPV6_PMTUDISC_DO, setsockopt(ctl.socket_fd, SOL_IPV6,
+ 		     IPV6_MTU_DISCOVER, &on, sizeof(on))))
+@@ -557,7 +557,7 @@ int main(int argc, char **argv)
+ 		if (ctl.mtu <= ctl.overhead)
+ 			goto pktlen_error;
+ 
+-		on = IP_PMTUDISC_DO;
++		on = IP_PMTUDISC_PROBE;
+ 		if (setsockopt(ctl.socket_fd, SOL_IP, IP_MTU_DISCOVER, &on, sizeof(on)))
+ 			error(1, errno, "IP_MTU_DISCOVER");
+ 		on = 1;

iputils.spec

@@ -1,6 +1,6 @@
 Name:            iputils
 Version:         20221126
-Release:         2
+Release:         6
 Summary:         Network monitoring tools including ping
 License:         BSD and GPLv2+
 URL:             https://github.com/iputils/iputils
@@ -12,6 +12,24 @@ Source3:         https://www.gnu.org/licenses/old-licenses/gpl-2.0.txt
 
 Patch0000:       iputils-ifenslave.patch
 Patch0001:       iputils-ifenslave-CWE-170.patch
+Patch0002:       revert-process-interrupts-in-ping-_receive_error_msg.patch
+
+Patch0010:       arping-Fix-exit-code-on-w-option.patch
+
+Patch6000:       backport-clockdiff-Set-ppoll-timeout-minimum-to-1ms.patch
+Patch6001:	 backport-ping-fix-overflow-on-negative.patch
+Patch6002:	 backport-tracepath-Restore-the-MTU-probing-behavior.patch
+# reference https://github.com/iputils/iputils/commit/608c62b3967882d31ff9edde97e38de0fcff154b
+Patch6003:       backport-tracepath-Merge-if-clauses.patch
+
+Patch6004:       backport-ping-Fix-the-errno-handling-for-strtod.patch
+Patch6005:       backport-ping-Remove-duplicate-include.patch
+Patch6006:       backport-ping6-Fix-support-for-DSCP.patch
+Patch6007:       backport-Revert-ping-use-random-value-for-the-identifier-field.patch
+Patch6008:       backport-ping-Handle-interval-correctly-in-the-second-after-booting.patch
+Patch6009:       backport-tracepath-Dont-assume-tv_sec-0-means-unset.patch
+Patch6010:       backport-ping-check-return-value-of-write-to-avoid-integer-overflow.patch
+Patch6011:       backport-ping-fix-IPv4-checksum-check-always-succeeding-once-again.patch
 
 BuildRequires:   gcc meson libidn2-devel openssl-devel libcap-devel libxslt
 BuildRequires:   docbook5-style-xsl systemd iproute glibc-kernheaders gettext
@@ -37,7 +55,7 @@ export LDFLAGS="-Wl,-z,relro,-z,now"
 
 %meson -Db_pie=true
 %meson_build
-gcc -Wall -fpie $RPM_OPT_FLAGS $CFLAGS $RPM_LD_FLAGS $LDFLAGS ifenslave.c -o ifenslave
+%{__cc} -Wall -fpie $RPM_OPT_FLAGS $CFLAGS $RPM_LD_FLAGS $LDFLAGS ifenslave.c -o ifenslave
 
 %install
 %meson_install
@@ -82,6 +100,30 @@ install -cp ifenslave.8 ${RPM_BUILD_ROOT}%{_mandir}/man8/
 %{_mandir}/man8/*.8.gz
  
 %changelog
+* Thu Feb 13 2025 yanglu <yanglu72@h-partners.com> - 20221126-6
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC:sync some patches from upstream
+
+* Thu May 16 2024 xiaozai <xiaozai@kylinos.cn> - 20221126-5
+- Type:NA
+- ID:NA
+- SUG:NA
+- DESC:tracepath: Merge if clauses, backport a patch
+
+* Mon Apr 1 2024 zhongxuan <zhongxuan2@huawei.com> - 20221126-4
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC: backport two patches
+
+* Thu Nov 16 2023 r30030392 <renyi43@huawei.com> - 20221126-3
+- Type:NA
+- CVE:NA
+- SUG:NA
+- DESC:support for building with clang
+
 * Tue Apr 18 2023 zhongxuan <zhongxuan2@huawei.com> - 20221126-2
 - Type:bugfix
 - ID:NA

revert-process-interrupts-in-ping-_receive_error_msg.patch

@@ -0,0 +1,46 @@
+From 6b94c384b8f5337fff2f3c3145d0239ff91618cd Mon Sep 17 00:00:00 2001
+From: eaglegai <eaglegai@163.com>
+Date: Sat, 5 Mar 2022 09:37:47 +0800
+Subject: [PATCH] revert process interrupts in ping*_receive_error_msg
+
+---
+ ping/ping.c         | 5 +----
+ ping/ping6_common.c | 5 +----
+ 2 files changed, 2 insertions(+), 8 deletions(-)
+
+diff --git a/ping/ping.c b/ping/ping.c
+index 6fcb44f..7ec4836 100644
+--- a/ping/ping.c
++++ b/ping/ping.c
+@@ -1314,11 +1314,8 @@ int ping4_receive_error_msg(struct ping_rts *rts, socket_st *sock)
+ 	msg.msg_controllen = sizeof(cbuf);
+
+ 	res = recvmsg(sock->fd, &msg, MSG_ERRQUEUE | MSG_DONTWAIT);
+-	if (res < 0) {
+-		if (errno == EAGAIN || errno == EINTR)
+-			local_errors++;
++	if (res < 0)
+ 		goto out;
+-	}
+
+ 	e = NULL;
+ 	for (cmsgh = CMSG_FIRSTHDR(&msg); cmsgh; cmsgh = CMSG_NXTHDR(&msg, cmsgh)) {
+diff --git a/ping/ping6_common.c b/ping/ping6_common.c
+index 986210b..b0aa66b 100644
+--- a/ping/ping6_common.c
++++ b/ping/ping6_common.c
+@@ -482,11 +482,8 @@ int ping6_receive_error_msg(struct ping_rts *rts, socket_st *sock)
+ 	msg.msg_controllen = sizeof(cbuf);
+
+ 	res = recvmsg(sock->fd, &msg, MSG_ERRQUEUE | MSG_DONTWAIT);
+-	if (res < 0) {
+-		if (errno == EAGAIN || errno == EINTR)
+-			local_errors++;
++	if (res < 0)
+ 		goto out;
+-	}
+
+ 	e = NULL;
+ 	for (cmsg = CMSG_FIRSTHDR(&msg); cmsg; cmsg = CMSG_NXTHDR(&msg, cmsg)) {
+--
+2.33.0