Drop privileges to READONLY_ADMIN while generating debugs
This commit drops the effective permissions of a child process
that generates the ixdiagnose debugs so that it contains only
READONLY_ADMIN privileges. This ensures that API responses will
always be redacted. The privilege drop is *only* for the middleware
sessions created during ixdiagnose operations. Shell commands will
still be executed as root in order to bypass permissions
on configuration files and logs we may need to gather for the debug.
[clang][Sema] Handle target_clones redeclarations that omit the attribute (#169259)
This patch adds a case to `CheckMultiVersionAdditionalDecl()` that
detects redeclarations of `target_clones` functions which omit the
attribute, and makes sure they are marked as redeclarations. It also
updates the comment at the call site of
`CheckMultiVersionAdditionalDecl()` to reflect this.
Previously, `target_clones` multiversioned functions that omitted the
attribute from subsequent declarations would cause Clang to hit an
`llvm_unreachable` and crash. In the following example, the second
declaration (the function definition) should inherit the `target_clones`
attribute from the first declaration (the forward declaration):
```
__attribute__((target_clones("arch=atom", "default")))
void foo(void);
void foo(void) { /* ... */ }
[14 lines not shown]
irdma(4): fix potential memory leak on qhash cqp operation
It was found that in some circumstances when launching
non-waiting create qhash cqp operation the refcount on
the cqp_request may be not properly decremented leading to a memory
leak.
Signed-off-by: Bartosz Sobczak <bartosz.sobczak at intel.com>
Reviewed by: anzhu_netapp.com
Tested by: mateusz.moga_intel.com
Approved by: kbowling (mentor)
MFC after: 1 week
Sponsored by: Intel Corporation
Differential Revision: https://reviews.freebsd.org/D53732
Drop privileges to READONLY_ADMIN while generating debugs
This commit drops the effective permissions of a child process
that generates the ixdiagnose debugs so that it contains only
READONLY_ADMIN privileges. This ensures that API responses will
always be redacted. The privilege drop is *only* for the middleware
sessions created during ixdiagnose operations. Shell commands will
still be executed as root in order to bypass permissions
on configuration files and logs we may need to gather for the debug.
NAS-138656 / 25.10.1 / Update audit setup alert test. (by mgrimesix) (#17698)
Automatic cherry-pick failed. Please resolve conflicts by running:
git reset --hard HEAD~1
git cherry-pick -x cf395148f37e3c6e7f559d7484bc8cf9bdfd272f
git cherry-pick -x 2d66f51e9e5735d774a7d9dc9208de05687faf4f
If the original PR was merged via a squash, you can just cherry-pick the
squashed commit:
git reset --hard HEAD~1
git cherry-pick -x e4bfb7b3128d44108ce6c5cbfb9bc94433e70411
The `test_audit_backend_alert` CI test has been failing in Goldeye and
Halfmoon.
The test was dependent on a 'VACUUM' call that was removed.
Updated the test to be independent of the 'VACUUM' call.
[8 lines not shown]
cxgbe: Fix the RSS build
When "options RSS" is configured, opt_rss.h defines the "RSS" token.
PR: 291068
Fixes: 17b4a0acfaf5 ("cxgbe(4): T7 related updates to shared code")
elfdefinitions: Add a compile-time knob for controlling file inclusion.
The initial use-case is for NetBSD, to allow this file to be
used alongside NetBSD's <sys/exec_elf.h>.
[OpenACC][CIR] Implement 'present' lowering on local-declare (#169381)
Just like the last handful of patches that did copy, copyin, copyout,
create, etc, this patch has the exact same behavior, except the
entry op is a present, and the exit is delete.