use statx provided by truenas_pyos
This commit removes the ctypes definition for statx and replaces
with the implemntatoin from truenas_pyos (cpython).
Add a filegroup containing _all_ sources to the libc build rules (#169155)
These rules already expose a filegroup containing the _dependencies_,
but that misses the source files directly in the top level library.
Without this filegroup, there isn't a way to access the source files
used by libcxx when building it, etc.
use statx provided by truenas_pyos
This commit removes the ctypes definition for statx and replaces
with the implemntatoin from truenas_pyos (cpython).
NAS-139204 / 26.04 / Use improved os API for mount information (#17962)
* statmount -- retrieve information on mountpoint by path or fd
directly. Implemented using statx(2) and statmount(2).
* iter_mountinfo -- iterator for mount info using listmounts(2) and
statmount(2)
* getmntinfo() - wraps around iter_mountinfo and is present for legacy /
compatibility reasons
* remove getmnttree() - this is now redundant due improvements in
iter_mountinfo (being able to select a mnt_id).
sysutils/cpu-microcode-intel: Dont depend on cpu-microcode-rc
All Intel systems running 15.0 or 14.3 support loading at boot time
without cpu-microcode-rc, therefore, do not depend on it by default.
Update the package message with the current up-to-date instructions.
Approved by: jrm (maintainer)
Differential Revision: https://reviews.freebsd.org/D54515
linuxkpi: Add <linux/kmsg_dump.h>
This header declares register/unregister functions to allow a piece of
code to tell what function to call in case of a panic. Several panic
handlers may be registered.
The DRM generic code started to use it in Linux 6.10 as part of the
panic handler.
Reviewed by: bz, christos
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D54492
linuxkpi: Add WARN_RATELIMIT()
The i915 DRM driver started to use it in Linux 6.10.
Reviewed by: bz, christos
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D54493
linuxkpi: Replicate the chain of #include in the `cec*.h` headers
The i915 DRM driver depends on this namespace pollution to access
`debugfs_*` functions, after several explicit #include of
<linux/debugfs.h> were removed in Linux 6.10.
Reviewed by: bz, christos
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D54494
linuxkpi: Add <linux/font.h>
The header defines the minimum to allow the DRM generic code to build.
The only function used so far is `get_default_font()`, as part of a
DRM-specific panic handler. We do not use this panic handler on FreeBSD.
For now, it returns a NULL value. It should probably map to a vt(4)
font.
The DRM generic code started to use it in Linux 6.10 as part of the
panic handler.
Reviewed by: bz, christos
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D54491
linuxkpi: Define `raw_spinlock_t` in <linux/spinlock.h>
For now, it is synonymous to `spinlock_t`. The DRM generic code uses the
`struct raw_spinlock` and not `raw_spinlock_t`, that's why the
definition is a struct embedding a `struct mtx`, compared to
`spinlock_t` which is a simpler typedef.
The DRM generic code started to use it in Linux 6.10.
Reviewed by: bz, christos
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D54489
[clang-doc] Add a breadcrumb navigation bar (#173297)
This patch adds a breadcrumb navigation bar to the `<navbar>` element. Now, you can navigate between the different scopes of a record or namespace. This is done by keeping track of a Decl's parent Decl through its USR. That allows us to traverse the set of `Info`s through a directed graph during JSON generation to create `Context`s. A context is just a `Reference` that holds a relative path to a scope's file from a particular `Info`.
miniflux: update to 2.2.16.
Security
Disallow the media proxy from fetching resources on private networks to mitigate potential SSRF issues. This behavior is configurable at the instance level.
Disallow fetching feed icons from private networks to reduce the SSRF attack surface. This is also configurable at the instance level.
Add the TRUSTED_REVERSE_PROXY_NETWORKS configuration option to prevent spoofing of HTTP headers such as X-Forwarded-For, X-Forwarded-Proto, and X-Real-Ip. This option must be configured when AUTH_PROXY_HEADER is enabled.
Stop logging generated Google Reader API tokens, even when debug mode is enabled.
Remove the CORS handler from the Google Reader API, as it is not intended to be used by web clients, reducing the overall attack surface.
Performance and Storage
Avoid indexing the content of removed entries, significantly reducing database index size after cleanup.
Minor storage and database refactoring to simplify code paths and reduce unnecessary formatting overhead.
API and Integrations
Add a new API endpoint to import entries into an existing feed.
Execute the content sanitizer when updating or importing entries through the API to ensure consistent sanitization.
[17 lines not shown]
[LV] Find reduction result VPInstruction from backedge value (NFC).
Split off from https://github.com/llvm/llvm-project/pull/174026. Make
the lookup of the reduction phi recipe/compute-reduction-result
VPInstruction independent of the latter having the reduction phi as
operand.
InstCombine: Prepare to handle multiple uses in SimplifyDemandedFPClass
Follow the structure of SimplifyDemandedBits. Doesn't handle anything
in the multiple use case for now, and continues just calling
computeKnownFPClass.
