Fork of Go programming language with my patches. http://git.kilabit.info/go/atom?h=fix-runtime-test-GOMAXPROCS 2025-07-08T18:30:38Z 2025-07-08T18:30:38Z Roland Shoemaker bracewell@google.com 2025-06-09T18:23:46Z urn:sha1:54c9d776302d53ab1907645cb67fa4a948e1500c Removes the somewhat redundant vcs.FromDir, "allowNesting" argument, which was always enabled, and disallow multiple VCS metadata folders being present in a single directory. This makes VCS injection attacks much more difficult. Also adds a GODEBUG, allowmultiplevcs, which re-enables this behavior. Thanks to RyotaK (https://ryotak.net) of GMO Flatt Security Inc for reporting this issue. Fixes #74380 Fixes CVE-2025-4674 Change-Id: I5787d90cdca8deb3aca6f154efb627df1e7d2789 Reviewed-on: https://go-review.googlesource.com/c/go/+/686515 LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: David Chase <drchase@google.com> Commit-Queue: Carlos Amedee <carlos@golang.org> Reviewed-by: Carlos Amedee <carlos@golang.org> 2025-05-21T22:09:45Z Filippo Valsorda filippo@golang.org 2025-05-20T18:51:11Z urn:sha1:0aeaa6a495b7273f7a2190bc9857710190808e54 Fixes #71746 Change-Id: I6a6a46568b092933d8ac2039df99ee9f0edf6e56 Reviewed-on: https://go-review.googlesource.com/c/go/+/674477 Reviewed-by: Daniel McCarney <daniel@binaryparadox.net> Reviewed-by: David Chase <drchase@google.com> Reviewed-by: Roland Shoemaker <roland@golang.org> Auto-Submit: Filippo Valsorda <filippo@golang.org> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> 2025-05-21T22:09:29Z Filippo Valsorda filippo@golang.org 2025-03-15T14:12:39Z urn:sha1:59211acb5dbde14647e025eb7379675debcf3930 This implements RFC 9155 by removing support for SHA-1 algorithms: - we don't advertise them in ClientHello and CertificateRequest (where supportedSignatureAlgorithms is used directly) - we don't select them in our ServerKeyExchange and CertificateVerify (where supportedSignatureAlgorithms filters signatureSchemesForCertificate) - we reject them in the peer's ServerKeyExchange and CertificateVerify (where we check against the algorithms we advertised in ClientHello and CertificateRequest) Fixes #72883 Change-Id: I6a6a4656e2aafd2c38cdd32090d3d8a9a8047818 Reviewed-on: https://go-review.googlesource.com/c/go/+/658216 LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Auto-Submit: Filippo Valsorda <filippo@golang.org> Reviewed-by: David Chase <drchase@google.com> Reviewed-by: Roland Shoemaker <roland@golang.org> Reviewed-by: Daniel McCarney <daniel@binaryparadox.net> 2025-05-21T19:21:44Z Filippo Valsorda filippo@golang.org 2025-03-12T17:02:39Z urn:sha1:ce46c9db867fb54a9c1f39b73ac8c2f339ca0587 Updates #70123 Co-authored-by: qmuntal <quimmuntal@gmail.com> Change-Id: I6a6a4656fd23ecd82428cccbd7c48692287fc75a Reviewed-on: https://go-review.googlesource.com/c/go/+/657116 Reviewed-by: Daniel McCarney <daniel@binaryparadox.net> Reviewed-by: Roland Shoemaker <roland@golang.org> Auto-Submit: Filippo Valsorda <filippo@golang.org> Reviewed-by: David Chase <drchase@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Quim Muntal <quimmuntal@gmail.com> 2025-05-21T17:21:55Z Michael Pratt mpratt@google.com 2025-05-05T17:44:26Z urn:sha1:e6dacf91ffb0a356aa692ab5c46411e2eef913f3 This CL adds two related features enabled by default via compatibility GODEBUGs containermaxprocs and updatemaxprocs. On Linux, containermaxprocs makes the Go runtime consider cgroup CPU bandwidth limits (quota/period) when setting GOMAXPROCS. If the cgroup limit is lower than the number of logical CPUs available, then the cgroup limit takes precedence. On all OSes, updatemaxprocs makes the Go runtime periodically recalculate the default GOMAXPROCS value and update GOMAXPROCS if it has changed. If GOMAXPROCS is set manually, this update does not occur. This is intended primarily to detect changes to cgroup limits, but it applies on all OSes because the CPU affinity mask can change as well. The runtime only considers the limit in the leaf cgroup (the one that actually contains the process), caching the CPU limit file descriptor(s), which are periodically reread for updates. This is a small departure from the original proposed design. It will not consider limits of parent cgroups (which may be lower than the leaf), and it will not detection cgroup migration after process start. We can consider changing this in the future, but the simpler approach is less invasive; less risk to packages that have some awareness of runtime internals. e.g., if the runtime periodically opens new files during execution, file descriptor leak detection is difficult to implement in a stable way. For #73193. Cq-Include-Trybots: luci.golang.try:gotip-linux-amd64-longtest Change-Id: I6a6a636c631c1ae577fb8254960377ba91c5dc98 Reviewed-on: https://go-review.googlesource.com/c/go/+/670497 LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Michael Knyszek <mknyszek@google.com> 2025-03-19T01:13:33Z Jordan Liggitt liggitt@google.com 2025-03-19T00:27:07Z urn:sha1:2e749a645a6d03c7ac11bb172c4591564061b29e https://go.dev/doc/godebug#go-123 documents changes to winsymlink and winreadlinkvolume in Go 1.23. This fixes the registered "changed" minor version to Go 1.23, so that defaults when building a Go 1.22 module are correct. Fixes #72935 Change-Id: I5d5bf31ca04f9e95208fb0fdaad2232f9db653ff Reviewed-on: https://go-review.googlesource.com/c/go/+/659035 LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Ian Lance Taylor <iant@google.com> Auto-Submit: Ian Lance Taylor <iant@google.com> 2025-03-11T14:51:38Z Michael Matloob matloob@golang.org 2025-01-16T20:44:55Z urn:sha1:73fea035bf1e4e68ef14995a389d4fd8df5c6a34 We previously disallowed all non-regular files being embedded. This CL relaxes the restriction a little: if the GODEBUG embedfollowsymlinks=1 is set, we allow the leaf files being embedded (not the directories containing them) to be symlinks. The files pointed to by the symlinks must still be regular files. This will be used when a Bazel build action executing the Go command is running in a symlink-based sandbox. It's not something we want to enable in general for now, so it's behind a GODEBUG. Fixes #59924 Change-Id: I895be14c12de55b7d1b663d81bdda1df37d54804 Reviewed-on: https://go-review.googlesource.com/c/go/+/643215 LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Alan Donovan <adonovan@google.com> 2025-03-10T15:29:59Z Michael Pratt mpratt@google.com 2025-03-07T18:53:34Z urn:sha1:c40a3731f45047c3b903cafae287ea8e5762e062 This adds a new godebug to control whether the runtime applies the anonymous memory mapping annotations added in https://go.dev/cl/646095. It is enabled by default. This has several effects: * The feature is only enabled by default when the main go.mod has go >= 1.25. * This feature can be disabled with GODEBUG=decoratemappings=0, or the equivalents in go.mod or package main. See https://go.dev/doc/godebug. * As an opaque setting, this option will not appear in runtime/metrics. * This setting is non-atomic, so it cannot be changed after startup. I am not 100% sure about my decision for the last two points. I've made this an opaque setting because it affects every memory mapping the runtime performs. Thus every mapping would report "non-default behavior", which doesn't seem useful. This setting could trivially be atomic and allow changes at run time, but those changes would only affect future mappings. That seems confusing and not helpful. On the other hand, going back to annotate or unannotate every previous mapping when the setting changes is unwarranted complexity. For #71546. Change-Id: I6a6a636c5ad551d76691cba2a6f668d5cff0e352 Reviewed-on: https://go-review.googlesource.com/c/go/+/655895 Reviewed-by: Michael Knyszek <mknyszek@google.com> Reviewed-by: Ian Lance Taylor <iant@golang.org> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Auto-Submit: Michael Pratt <mpratt@google.com> 2025-02-15T00:08:33Z Ian Lance Taylor iant@golang.org 2025-02-13T22:40:01Z urn:sha1:10cef816aa9769345016c04032090ae7f5851f5c This permits using "godebug fips140=on" in go.mod and using "//go:debug fips140=on" in the main package. Change code references to the godebug setting to remove the # which is no longer required. For #71666 Change-Id: I3a60ecc55b03848dadd6d431eb43137b6df6568b Reviewed-on: https://go-review.googlesource.com/c/go/+/649495 Reviewed-by: Ian Lance Taylor <iant@google.com> Auto-Submit: Ian Lance Taylor <iant@google.com> Reviewed-by: Roland Shoemaker <roland@golang.org> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Filippo Valsorda <filippo@golang.org> 2024-11-30T01:49:35Z Filippo Valsorda filippo@golang.org 2024-11-29T14:38:48Z urn:sha1:c5c4f3dd5f5e5a6a27fe53dc57eaf6acf414a4bc Turns out that recomputing them (and qInv in particular) in constant time is expensive, so let's not throw them away when they are available. They are much faster to check, so we now do that on precompute. Also, thanks to the opaque crypto/internal/fips140/rsa.PrivateKey type, we now have some assurance that the values we use are always ones we checked. Recovers most of the performance loss since CL 630516 in the happy path. Also, since now we always use the CRT, if necessary by running a throwaway Precompute, which is now cheap if PrecomputedValues is filled out, we effectively fixed the JSON round-trip slowdown (#59695). goos: darwin goarch: arm64 pkg: crypto/rsa cpu: Apple M2 │ 3b42687c56 │ f017604bc6-dirty │ │ sec/op │ sec/op vs base │ ParsePKCS8PrivateKey/2048-8 26.76µ ± 1% 65.99µ ± 1% +146.64% (p=0.002 n=6) Fixes #59695 Updates #69799 For #69536 Change-Id: I507f8c5a32e69ab28990a3bf78959836b9b08cc9 Reviewed-on: https://go-review.googlesource.com/c/go/+/632478 Auto-Submit: Filippo Valsorda <filippo@golang.org> Reviewed-by: Russ Cox <rsc@golang.org> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Roland Shoemaker <roland@golang.org>