NAS-140857 / 27.0.0-BETA.1 / Handle TNC license delivery and token states in heartbeat (#19153)
This commit adds changes to read the TNC heartbeat response body so we
can report the system fingerprint and installed license id, install a
license PEM that TNC delivers, and drive token rotation and the terminal
token states off the body fields instead of the old X-New-Token header.
A delivered license is deduped against the one already installed so we
don't reinstall it every beat, and a 205 that carries no license or
token is logged as a TNC fault rather than silently skipped.
Revert "[Dexter] Add rewriting for aggregate variables (#202800)" (#206495)
This reverts commit 2cf48dca3338951a7fbe83fecc9e6d35caaa9b11.
The original commit is failing sometimes in pre-commit CI for linux
builds, possibly due to some unspecified environmental dependency.
[HLSL] Implement Texture2DArray for HLSL (#203951)
Add support for the Texture2DArray type, builtin argument checking,
codegen, and associated tests.
This change also implements the parts of #194910 which could not be
tested without a HLSL texture array type.
Assisted by Cursor
Fixes #194944
---------
Co-authored-by: Tim Corringham <tcorring at amd.com>
[NFC][LLVM] Minor code cleanup in BitcodeReader (#206105)
Use structured binding in the range for loop for iterating over upgraded
intrinsics. Also `UpdatedIntrinsicMap` type alias is used just once, so
eliminate it.
AMDGPU: Migrate unittests to subarch triples
Replace specifying a processor name with the triple
subarch.
The register-limit helpers in AMDGPUUnitTests.cpp that enumerate every
valid CPU via fillValidArchListAMDGCN still pass the CPU explicitly, as
does the MC Disassembler smoke test (its C disassembler API derives the
subtarget from the CPU, not the triple subarch).
Co-authored-by: Claude (Opus 4.8) <noreply at anthropic.com>
clang/AMDGPU: Stop passing redundant -target-cpu to cc1
Now that the exact target is encoded in the triple's subarch field,
-target-cpu is redundant. This avoids polluting the resultant IR with
unwanted "target-cpu" attributes. The net result is the desired codegen
when compiling libraries for a major subarch and linking it into a
program compiled for a specific arch. e.g., compiling for "gfx9-generic"
would pollute the IR with "target-cpu"="gfx9-generic", so codegen
would ultimately be performed for the generic target even after
linking into the concrete gfx9 cpu. The specialization will now be
achieved by merging the triples without the linker or optimization
passes needing to fixup function attributes.
clang: Start using new amdgpu subarch triples
Fixup invocations using --target=amdgcn + -mcpu to introduce
the subarch in the triple.
For offload toolchains, a single toolchain is constructed for the
top level amdgpu architecture, and the effective triple is used for
target specific tool invocations.
The specifics of the resource directory layout are tbd. This does
try to find resources in the subarch named directory. The paths
are searched at toolchain creation time, so that does not work
when there are multiple subarches.
Fixes #154925
clang/AMDGPU: Validate -target-cpu in cc1 is valid for the subarch
Restrict the reported list of valid target-cpus based on the triple's
subarch. This is more consistent with how other targets validate the
target CPU name. Currently we have split handling validating the target
name for the triple in both the driver and here. The driver based diagnostic
seems to be an amdgpu-ism in 2 different places (though there is one arm
validation emitting the same diagnostic). In the future we could probably
drop those.
AMDGPU: Introduce amdgpu triple arch
Move towards using the triple for representing incompatible
ISA changes. Use the subarch field to represent the various
incompatible cases. Previously we pretended a single triple arch
was universally compatible, and only distinguished by function
level subtargets. Move towards using distinct triples to enable
more sophisticated toolchain handling in the future, like proper
runtime library linking.
Introduce a new subarch per unique ISA, but also introduce
"major subarches" which are compatible by a set of covered
minor ISA versions. These map to the existing generic targets.
There are a few placeholder subarch entries, which currently
have missing backing generic arches for codegen.
This should be the preferred triple arch name going forward,
but is treated as an alias of amdgcn. This does not yet change
clang to emit the new triples.
[2 lines not shown]
psmisc: updated to 23.7
Changes in 23.7
* build-sys: Make disable-statx work
* fuser: Fallback to stat() if no statx() Debian 1030747
* fuser: silently ignore EACCES when scanning proc directories
* killall: small formatting fixes Debian
* pstree: Do not assume root PID
* pslog: include config.h
* misc: Update gettext to 0.21
[X86] Move more vector.reduce.add subvector pattern tests to PhaseOrdering/X86/horizontal-reduce-add.ll (#206467)
CodeGen test coverage is already in vector-reduce-add-subvector.ll
CHERI: declare fueptr and suptr
These should replace fueword and suword when manipulating pointers in
memory. On CHERI targets they will be implemented using capability
aware instructions and otherwise they are defined to fueword and suword.
Reviewed by: kib, markj
Effort: CHERI upstreaming
Sponsored by: Innovate UK
Differential Revision: https://reviews.freebsd.org/D57664
CHERI: declare copy{in,out}ptr{,_nofault}
These provenance-preserving functions are to be used when copying
objects that are expected to contain pointers. Data buffers which do
not contain pointers should be copied by the traditional copyin/copyout
functions which *do not* preserve pointer provenance (on CHERI they
clear validity tags).
NOTE: Going forward, this requires changes when adding new syscalls or
ioctl that take pointers to objects containing pointers. Fortunately,
the vast majority (>90%) of copyin and copyout statements do not copy
pointers and require no change. Failure to make the chance will have no
effect on non-CHERI architectures.
Reviewed by: kib, markj
Effort: CHERI upstreaming
Sponsored by: DARPA, AFRL, Innovate UK
Differential Revision: https://reviews.freebsd.org/D57663
net/rclone: Security update 1.74.2 => 1.74.3
Changelog:
https://rclone.org/changelog/#v1-74-3-2026-06-05
PR: 296192
Reported by: Herbert J. Skuhra <herbert at gojira.at>
Approved by: Ralf van der Enden <tremere at cainites.net> (maintainer)
Approved by: osa, vvd (Mentors, implicit)
Tested by: Vladimir Druzenko <vvd at FreeBSD.org>
MFH: 2026Q2
Security: CVE-2026-49980
(cherry picked from commit 6064d1dd6addbc89d9ac2c6c5df7494b6c7f6cee)
net/rclone: Security update 1.74.2 => 1.74.3
Changelog:
https://rclone.org/changelog/#v1-74-3-2026-06-05
PR: 296192
Reported by: Herbert J. Skuhra <herbert at gojira.at>
Approved by: Ralf van der Enden <tremere at cainites.net> (maintainer)
Approved by: osa, vvd (Mentors, implicit)
Tested by: Vladimir Druzenko <vvd at FreeBSD.org>
MFH: 2026Q2
Security: CVE-2026-49980
[SystemZ] Limit latency scheduling to SUs with latency of at least 5. (#206459)
The latency reduction heuristic is highly effective, but it seems preferred
to not "move everything around", but rather focus on instructions that have
somewhat longer latencies. The basic idea behind this is that the input
order is fairly good to begin with and not just "any random order", so it
should not be disturbed unnecessarily.