17850 loader: ls should avoid adding double '/' at front of the path
Reviewed by: Andy Fiddaman <illumos at fiddaman.net>
Approved by: Dan McDonald <danmcd at edgecast.io>
Remove python-pam and plumb in pam_truenas
This commit removes the python-pam Python library dependency from
TrueNAS middleware and replaces it with truenas_pypam. The most
significant change is the migration of API key authentication from
simple PBKDF2 password hashing to SCRAM-SHA512 (Salted Challenge
Response Authentication Mechanism) as defined in RFC5802. SCRAM is an
authentication protocol that uses PBKDF2-HMAC-SHA512 for key
derivation. API keys are now stored with SCRAM-derived credentials
including salt, stored_key, server_key, and iteration count fields in
the database. A database migration automatically converts existing
PBKDF2-hashed API keys to SCRAM format transparently—existing API keys
will continue to work without requiring regeneration. The commit adds a
new SCRAM authentication mechanism for challenge-response authentication
with replay resistance and mutual validation capabilities, while
maintaining the existing API_KEY_PLAIN mechanism for simple
authentication.
The refactoring includes comprehensive changes to the authentication
[10 lines not shown]
Attributor: Use anchor scope for SimplifyQuery context (#178958)
This was asserting in computeKnownFPClass when a dominator tree
check happened across functions.
Fixes #178954
Fix read of unsupported SMB share ACL access mask
The SMB share ACL database technically supports more varieties of
share ACL settings than we explicitly expose (or Windows does
for that matter). This means there is a small chance that a user
could set an unsupported mask through shell commands. We have no
interest in increasing backend API complexity here and so we'll
present the special string "CUSTOM" to end-user and make them
fix it on share ACL update. Remaining share ACL infrastructure
does not rely on this special decoding / encoding.
While we're in here, delete some dead code and add a flush method
for tdb contents for cases where we insert something but not
under a transaction lock. I haven't seen issues in the past with
TDB writes, but since this is a security-sensitive area an extra
flush here isn't a bad idea.
This commit ensures the share ACL is always purged from server
when share is deleted (even if it doesn't exist in running
[3 lines not shown]
[clang][Driver] Fix use after scope in darwin driver
`Version.getAsString()` returns an `std::string`, and thus the
`StringRef` points to an invalid location when pushed into the
Components vector. This just keeps the temporary alive for the
new string to be generated, to fix the ASAN failure after #176541
[AArch64] Convert CLS intrinsics to use ISD::CTLS (#178885)
This patch converts AArch64 CLS intrinsics (aarch64_neon_cls) to use the
generic ISD::CTLS node.
- aarch64_neon_cls: Lowered to ISD::CTLS, pattern-matched to CLS
instruction
- Set ISD::CTLS as Legal for NEON vector types (v8i8, v16i8, v4i16,
v8i16, v2i32, v4i32)
Also adds generic CTLS expansion support:
- ExpandIntRes_CTLS in LegalizeIntegerTypes for i64->i32 type expansion
- expandCTLS in TargetLowering for targets without native CLS
instruction
Part of: https://github.com/llvm/llvm-project/issues/174337
Ping: Make build reproducible
As recently fixed in sockstat (9934558460e4), having tests/Makefile
include files from the parent directory with SRCS= ../foo.c results
in a race condition as the parent build and the tests build try to
produce the same object file but contain different paths.
Use .PATH to tell make to find sockstat.c in the parent directory
but place the object file in the current object directory.
Reviewed by: emaste, jrtc27, kevans
MFC after: 3 days
Sponsored by: https://www.patreon.com/cperciva
Differential Revision: https://reviews.freebsd.org/D53075
(cherry picked from commit 3c9a2f383fc25cdffa80c1348cb5388290e0f283)
[SystemZ] Bugfix: Add VLR16 to SystemZInstrInfo::copyPhysReg(). (#178932)
Support COPYs involving higher FP16 regs (like F24H) with a new pseudo
instruction 'VLR16'.
This is needed with -O0/regalloc=fast, and probably in more cases as
well.
Fixes #178788.
lldb-dap: Stop using replicated variable ids (#124232)
Closes #119784
Probably closes #147105 as well, but I couldn't test due to #156473:
This PR fixes two bugs:
1. It generates unique variable reference IDs per suspended debuggee
state.
2. It stores all created variables in a stopped state instead of
dropping variables in unselected scopes. So it can properly handle all
scope/variable requests
It does this by storing all variables in their respective scopes and
using that mapping in request handlers that relied on the old mapping.
It dynamically creates new variable/scope IDs instead of resetting IDs
whenever a new scope is created.
I also removed some unused code as well.
[5 lines not shown]
Fix read of unsupported SMB share ACL access mask
The SMB share ACL database technically supports more varieties of
share ACL settings than we explicitly expose (or Windows does
for that matter). This means there is a small chance that a user
could set an unsupported mask through shell commands. We have no
interest in increasing backend API complexity here and so we'll
present the special string "CUSTOM" to end-user and make them
fix it on share ACL update. Remaining share ACL infrastructure
does not rely on this special decoding / encoding.
While we're in here, delete some dead code and add a flush method
for tdb contents for cases where we insert something but not
under a transaction lock. I haven't seen issues in the past with
TDB writes, but since this is a security-sensitive area an extra
flush here isn't a bad idea.
Attributor: Use anchor scope for SimplifyQuery context
This was asserting in computeKnownFPClass when a dominator tree
check happened across functions.
Fixes #178954
[LV] Add additional partial reduction test coverage for #167851.
Add test cases for which earlier versions of
https://github.com/llvm/llvm-project/pull/167851 was not NFC.
Test chained_sext_adds is moved to a new file.
netstat: Fix whitespace in libxo output for multicast routes
Also fix some bogus libxo format strings in mroute6.c, and close a
couple of lists instead of opening them twice.
Fixes: ade9ccfe211a ("Convert netstat to use libxo.")
MFC after: 2 weeks
Sponsored by: Stormshield
Sponsored by: Klara, Inc.
Fix read of unsupported SMB share ACL access mask
The SMB share ACL database technically supports more varieties of
share ACL settings than we explicitly expose (or Windows does
for that matter). This means there is a small chance that a user
could set an unsupported mask through shell commands. We have no
interest in increasing backend API complexity here and so we'll
present the special string "CUSTOM" to end-user and make them
fix it on share ACL update. Remaining share ACL infrastructure
does not rely on this special decoding / encoding.
[CIR][NFC] Add OGCG tests for coroutines (#178821)
This PR adds OGCG tests for `coro-task.cpp`. These tests are intended to
be used once the lowering is implemented, allowing us to compare the
generated output.
[ThinLTO] Stop attempting variable import once we see a non-variable (#178944)
This is a compile time improvement. Instead of looking through every
single copy of a value (of which there can be many for large targets
with linkonce_odr copies of the same values) for an importable variable,
stop immediately after we see a non-variable summary.
In most cases this is NFC because we expect all copies of a value to be
of the same type (e.g. all variables, or all functions). This only makes
a noticeable, slightly conservative, change in the case of same-named
local values in different modules compiled without distinguishing path.
The new test shows the effect of this (and is safe due to PR178761).
This makes a large reduction in thin link time for large targets that
have many copies of linkonce_odr vtables, all referencing functions.
[OpenMP] Remove LLVM_ENABLE_PROJECTS=openmp build mode (#176950)
Reapply #152189 and #174963 which were reverted because it broke
publish-sphinx-docs and publish-doxygen-docs.
The build mode has been deprecated in #136314 and was supposed to be
removed in the LLVM 21 release (#136314).
OpenMP currently supports 4 build modes:
* `cmake <llvm-project>/llvm -DLLVM_ENABLE_PROJECTS=openmp`
* `cmake <llvm-project>/llvm -DLLVM_ENABLE_RUNTIMES=openmp` (bootstrapping build)
* `cmake <llvm-project>/openmp` (standalone build)
* `cmake <llvm-project>/runtimes -DLLVM_ENABLE_RUNTIMES=openmp` (runtimes default/standalone build)
Each build mode increased the maintanance overhead since all build modes
must continue working and user confusion when there do not (see #151117,
#174126, #154117, ...). Let's finally remove it.
[WebAssembly] Prevent FastISel from trying to select funcref calls (#178742)
Before, Wasm FastISel treated all indirect calls the same, causing
miscompilations at O0 when trying to call a funcref (`call ptr
addrspace(20)`), as it would treat the funcref as a normal `ptr`
This adds a check so it falls back to ISelDAG when encountering calls
outside addrspace 0 (which covers direct calls and indirect calls
through normal function pointers).
Related: #140933