posix_spawn: use rfork_thread on all arches
Do not allocate or switch to the custom stack on non-x86.
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D54898
libsys, libc: provide rfork_thread() and pdrfork_thread() on all arches
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D54898
[clang] consistent addrspace for GetVTTParameter result (#177044)
Avoid using VTT->getValueType() and VoidPtrTy and DRY the code to more
accurately get and set the addrspace without relying on the behavior of
struct indexing into a GlobalValue declared type.
[Mem2Reg] Remove extraneous getAllocatedType() check (#177438)
Replace uses of getAllocatedType() in PromoteMemoryToRegister.cpp with
type tracking from actual loads and stores. This makes the promotion
logic more semantic - it now checks that all loads/stores use a
consistent type rather than requiring them to match the alloca's
declared type.
Changes:
- isAllocaPromotable() now tracks the first load/store type seen and
ensures all subsequent accesses use the same type
- AllocaInfo gains a ValueType field populated during AnalyzeAlloca()
- PromoteMem2Reg tracks AllocaValueTypes alongside other per-alloca info
- PHI nodes and UndefValues are created using the tracked type
This is semantically more permissive - an alloca declared as i64 but
only accessed as i32 is now promotable. This is correct because the
alloca is just a blob of memory; what matters for Mem2Reg is consistent
access patterns.
[9 lines not shown]
[hexagon] Add dylib cmake + toolchain_only (#177247)
The toolchains take up much less space when we enable dylib, so let's
create an option to build them that way.
Also: TOOLCHAIN_ONLY was ineffective in
hexagon-unknown-linux-musl-clang-cross.cmake because cmake takes the
first setting from hexagon-unknown-linux-musl-clang.cmake with
precedence. FORCE it to fix that issue.
Signed-off-by: Brian Cain <brian.cain at oss.qualcomm.com>
Revert "[NVPTX][AtomicExpandPass] Complete support for AtomicRMW in NVPTX (#176015)" (#178329)
This reverts commit 1d379d05d46d77b5f008349cc14de27dd055f4b9. This
change breaks llvm-nvptx-nvidia-win in the buildbot.
libc: Don't use uninitialised string for getnetbyaddr[_r](0) DNS lookup
If net is all-zero, the loop to extract all leading non-zero octets will
iterate zero times and leave nn with the value 4, which the following
switch statement to initialise qbuf does not handle. As a result,
_dns_getnetbyaddr will look up the PTR record for this uninitialised
string, which will leak the pre-existing contents of that stack memory
to the DNS resolver and, if remote and not otherwise protected, network.
Note that _dns_getnetbyaddr is only used if nsswitch.conf is configured
to enable the "dns" source for the "networks" database, which is not the
default configuration in FreeBSD.
For glibc this same bug, in code also derived from BIND's, was issued
CVE-2026-0915. This commit adopts the same behaviour as glibc's fix,
which is to regard a net of 0 as being for 0.0.0.0. Apparently NetBSD
will return NS_UNAVAIL instead, which may or may not make more sense,
but in general glibc compatibility tends to cause less friction when
there's not a good reason to avoid it.
[8 lines not shown]
openssl: Fix multiple vulnerabilities
This is a rollup commit from upstream to fix:
Improper validation of PBMAC1 parameters in PKCS#12 MAC verification (CVE-2025-11187)
Stack buffer overflow in CMS AuthEnvelopedData parsing (CVE-2025-15467)
NULL dereference in SSL_CIPHER_find() function on unknown cipher ID (CVE-2025-15468)
"openssl dgst" one-shot codepath silently truncates inputs >16MB (CVE-2025-15469)
TLS 1.3 CompressedCertificate excessive memory allocation (CVE-2025-66199)
Heap out-of-bounds write in BIO_f_linebuffer on short writes (CVE-2025-68160)
Unauthenticated/unencrypted trailing bytes with low-level OCB function calls (CVE-2025-69418)
Out of bounds write in PKCS12_get_friendlyname() UTF-8 conversion (CVE-2025-69419)
Missing ASN1_TYPE validation in TS_RESP_verify_response() function (CVE-2025-69420)
NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex function (CVE-2025-69421)
Missing ASN1_TYPE validation in PKCS#12 parsing (CVE-2026-22795)
ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function (CVE-2026-22796)
See https://openssl-library.org/news/secadv/ for additional details.
Approved by: so
[17 lines not shown]
libc: Don't use uninitialised string for getnetbyaddr[_r](0) DNS lookup
If net is all-zero, the loop to extract all leading non-zero octets will
iterate zero times and leave nn with the value 4, which the following
switch statement to initialise qbuf does not handle. As a result,
_dns_getnetbyaddr will look up the PTR record for this uninitialised
string, which will leak the pre-existing contents of that stack memory
to the DNS resolver and, if remote and not otherwise protected, network.
Note that _dns_getnetbyaddr is only used if nsswitch.conf is configured
to enable the "dns" source for the "networks" database, which is not the
default configuration in FreeBSD.
For glibc this same bug, in code also derived from BIND's, was issued
CVE-2026-0915. This commit adopts the same behaviour as glibc's fix,
which is to regard a net of 0 as being for 0.0.0.0. Apparently NetBSD
will return NS_UNAVAIL instead, which may or may not make more sense,
but in general glibc compatibility tends to cause less friction when
there's not a good reason to avoid it.
[8 lines not shown]
openssl: Fix multiple vulnerabilities
This is a rollup commit from upstream to fix:
Improper validation of PBMAC1 parameters in PKCS#12 MAC verification (CVE-2025-11187)
Stack buffer overflow in CMS AuthEnvelopedData parsing (CVE-2025-15467)
NULL dereference in SSL_CIPHER_find() function on unknown cipher ID (CVE-2025-15468)
"openssl dgst" one-shot codepath silently truncates inputs >16MB (CVE-2025-15469)
TLS 1.3 CompressedCertificate excessive memory allocation (CVE-2025-66199)
Heap out-of-bounds write in BIO_f_linebuffer on short writes (CVE-2025-68160)
Unauthenticated/unencrypted trailing bytes with low-level OCB function calls (CVE-2025-69418)
Out of bounds write in PKCS12_get_friendlyname() UTF-8 conversion (CVE-2025-69419)
Missing ASN1_TYPE validation in TS_RESP_verify_response() function (CVE-2025-69420)
NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex function (CVE-2025-69421)
Missing ASN1_TYPE validation in PKCS#12 parsing (CVE-2026-22795)
ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function (CVE-2026-22796)
See https://openssl-library.org/news/secadv/ for additional details.
Approved by: so
[17 lines not shown]
libc: Don't use uninitialised string for getnetbyaddr[_r](0) DNS lookup
If net is all-zero, the loop to extract all leading non-zero octets will
iterate zero times and leave nn with the value 4, which the following
switch statement to initialise qbuf does not handle. As a result,
_dns_getnetbyaddr will look up the PTR record for this uninitialised
string, which will leak the pre-existing contents of that stack memory
to the DNS resolver and, if remote and not otherwise protected, network.
Note that _dns_getnetbyaddr is only used if nsswitch.conf is configured
to enable the "dns" source for the "networks" database, which is not the
default configuration in FreeBSD.
For glibc this same bug, in code also derived from BIND's, was issued
CVE-2026-0915. This commit adopts the same behaviour as glibc's fix,
which is to regard a net of 0 as being for 0.0.0.0. Apparently NetBSD
will return NS_UNAVAIL instead, which may or may not make more sense,
but in general glibc compatibility tends to cause less friction when
there's not a good reason to avoid it.
[8 lines not shown]
openssl: Fix multiple vulnerabilities
This is a rollup commit from upstream to fix:
Improper validation of PBMAC1 parameters in PKCS#12 MAC verification (CVE-2025-11187)
Stack buffer overflow in CMS AuthEnvelopedData parsing (CVE-2025-15467)
NULL dereference in SSL_CIPHER_find() function on unknown cipher ID (CVE-2025-15468)
"openssl dgst" one-shot codepath silently truncates inputs >16MB (CVE-2025-15469)
TLS 1.3 CompressedCertificate excessive memory allocation (CVE-2025-66199)
Heap out-of-bounds write in BIO_f_linebuffer on short writes (CVE-2025-68160)
Unauthenticated/unencrypted trailing bytes with low-level OCB function calls (CVE-2025-69418)
Out of bounds write in PKCS12_get_friendlyname() UTF-8 conversion (CVE-2025-69419)
Missing ASN1_TYPE validation in TS_RESP_verify_response() function (CVE-2025-69420)
NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex function (CVE-2025-69421)
Missing ASN1_TYPE validation in PKCS#12 parsing (CVE-2026-22795)
ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function (CVE-2026-22796)
See https://openssl-library.org/news/secadv/ for additional details.
Approved by: so
[17 lines not shown]
lualoader: Add distinct brand for installer
Make it obvious to users that the system is booting into the installer.
Reviewed by: kevans, manu
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D51001
(cherry picked from commit ac7a19d41ee5eb1271c46fbc620b2f98dffa2230)
