Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add doc on Unix temporary file security practice #70585

Merged
merged 6 commits into from
Jun 14, 2022

Conversation

agocke
Copy link
Member

@agocke agocke commented Jun 10, 2022

No description provided.

@ghost
Copy link

ghost commented Jun 10, 2022

Tagging subscribers to this area: @dotnet/area-system-security, @vcsjones
See info in area-owners.md if you want to be subscribed.

Issue Details

null

Author: agocke
Assignees: -
Labels:

area-System.Security

Milestone: -

@stephentoub
Copy link
Member

This is all good advice, but I'm not sure who the audience for this doc is...?

@danmoseley
Copy link
Member

@agocke Could you add more detail on recommended directory permissions, per our offline chat? In general it might be good to provide examples of good permissions masks for both files and directories.

@danmoseley
Copy link
Member

@dsplaisted @blowdart @GrabYourPitchforks

@stephentoub we want to be sure we do this consistently across .NET. Whether this is the right repo to put it, I'm not sure. dotnet/designs might be better.

@stephentoub
Copy link
Member

we want to be sure we do this consistently across .NET

Why is this specific to code in .NET, though? Isn't this appropriate for every developer? Why isn't this e.g. best practices guidance in docs.microsoft.com?

@agocke
Copy link
Member Author

agocke commented Jun 10, 2022

@stephentoub Adding this guidance for external developers claims a certain amount of expertise in the area that I don't think I have.

This is a limited set of guidelines for the kind of apps we write. I wouldn't pretend to advise for all types of applications.

@agocke
Copy link
Member Author

agocke commented Jun 10, 2022

@danmoseley Permission mask added, although that's just the straightforward translation of the previous sentence into numeric permission

@agocke agocke marked this pull request as ready for review June 10, 2022 22:53
Any other use needs to be carefully audited, particularly if the temporary file is intended for use across
multiple processes. Some considerations:

- **Never** write files with global access permissions
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think I was hoping for guidance specifically for directory permissions. In the case we were discussing, the customer expected drwxrwxrwt rather than drwxrwxrwx. I'm guessing your guidance is drwx------ ? (This is not my area of expertise)

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't know why you would have different settings for files and directories. 700 seems right for both, to me.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Well, their semantics are a little different (eg the sticky bit). I guess though if what you want is "complete access for current user and zero for everyone else" then it's 700.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

.NET 7 will introduce APIs to work with unix permissions. With earlier versions, users cannot control them.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also, 700 is more than necessary if you don't need the x bit. Better to use rw, or r if that's all you need.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

600 for files. 700 for directories.
Without the x you can't cd into the directory.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yup, I meant rwx vs rw- for files (what this line is about)

Copy link
Member

@vitek-karas vitek-karas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The info here looks good.

@danmoseley
Copy link
Member

I still think this repo is not the right place for this. The guidance should apply to the SDK/installer also.

That aside @tmds do you have any input? This originated because we internally discussed that we're unsure we're consistently following best practices.

@danmoseley
Copy link
Member

cc @marcpopMSFT @NikolaMilosavljevic for SDK/installer.

@tmds
Copy link
Member

tmds commented Jun 14, 2022

I'm very happy to see some guidance around this.

I think this should mention:

  • Because /tmp has the sticky bit, other users cannot delete your files/directories
  • Because anyone can write to /tmp, you need to use random names.
  • Unix systems have a default umask of 0002. That means anyone can read the files or directories, and other users that have the same group can also write to the file.

multiple processes. Some considerations:

- **Never** write files with global access permissions
- **Always** verify that the owner of the file is the current user and that the permissions
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

.NET doesn't have an API to verify file ownership.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In that case I think P/Invoking into stat is necessary.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

cc @stephentoub on this one. Verifying file ownership is a super critical part of the unix security model. It's the reason why only root can change the ownership of files (you can't give ownership of your files to another user). It might be worth some sort of .NET API.

Copy link
Member

@tmds tmds Jun 15, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In most cases you don't need to verify ownership. If you can open the dir/file you know you are permitted, and you can check permissions to verify they are not too permissive.

only allow write access by the owner when reading existing files
- **Never** rely on having ownership of a particular file name. Any process can write a file with that name,
creating a denial of service.
- When creating files, consider likelihood of file name collision and performance impact of attempting
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It can be simplest to create a single folder and do everything else below that.
That folder could even become Path.GetTempPath.

if (Path.GetTempPath() == "/tmp/")
{
    string tmpDir = Path.Combine(Path.GetTempPath(), Guid.NewGuid().ToString("N"));
    Directory.CreateDirectory(tmpDir, UnixFileMode.UserRead | UnixFileMode.UserWrite | UnixFileMode.UserExecute);
    Environment.SetEnvironmentVariable("TMPDIR", tmpDir + "/");
}

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is there any value in using a cryptographically secure name here? Guid is not (or at least not enough). It can use GetRandomFileName()

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It would only make a difference if the attacker has permission to open files in the temp directory but not to enumerate them.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is a question of the app's threat model and can't be answered generally.

location in the user home folder. Some considerations for this model:

- There is no automatic cleanup in user folders. Files will remain permanently or require cleanup by the app
- Some environments do not have user home folders (e.g., systemd). Consider providing an environment variable
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

systemd has a PrivateTmp feature.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe also worth mentioning:
XDG defines XDG_RUNTIME_DIR which is a user-private tmpfs to store runtime files. See https://specifications.freedesktop.org/basedir-spec/basedir-spec-latest.html.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some interesting requirements there, including that files not survive reboot. It might be worth specifying here that we should not expect our temp files to survive reboot, but we should not expect them to be cleaned up by reboot either.

@tmds
Copy link
Member

tmds commented Jun 14, 2022

Why is this specific to code in .NET, though? Isn't this appropriate for every developer? Why isn't this e.g. best practices guidance in docs.microsoft.com?

+1. Some of this could be part of Path.GetTempPath documentation.

docs/design/security/unix-tmp.md Outdated Show resolved Hide resolved
considered. In general, the best use of the temp directory is for programs which,

1. Will create the temporary file during their process execution
1. Do not depend on predictable temporary file/folder names
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's ok to depend on a predictable prefix, which you might wish to use if you want to use it to communicate between processes.


# Unix temporary files

The Unix support for temporary files is different from the Windows model and developers who
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This should explicitly state that the guidance applies to not just files but anything file-like. The .NET diagnostics tools use FIFO/sockets in temp IIRC.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Unix domain sockets have different restrictions, and don't necessarily follow this guidance.

@danmoseley
Copy link
Member

danmoseley commented Jun 14, 2022

Here's what I get if I install .NET on Ubuntu 20.04 and create a project:

drwxrwxrwx  3 root root 4096 Jun 14 08:15 .dotnet/
drwxrwxrwx  3 root root 4096 Jun 14 08:15 NuGetScratch/
drwxr-xr-x  3 root root 4096 Jun 14 08:16 VBCSCompiler/
prwx------  1 root root    0 Jun 14 08:16 clr-debug-pipe-1445-82691-in|
prwx------  1 root root    0 Jun 14 08:16 clr-debug-pipe-1445-82691-out|
srw-------  1 root root    0 Jun 14 08:16 dotnet-diagnostic-1445-82691-socket=
drwxr-xr-x  3 root root 4096 Jun 14 08:07 dotnet-installer/
drwxr-xr-x  3 root root 4096 Jun 14 08:16 dotnet-sdk-advertising-temp/

.dotnet seems to be related to the CLI telemetry, since I didn't set the DOTNET_CLI_TELEMETRY_OPTOUT that it listed in the console. That, NuGetScratch and VBCSCompiler, dotnet-installer (why wasn't this deleted?), and dotnet-sdk-advertising-temp (which I assume relates to console output from the CLI) all need their perms fixing. The diagnostic pipe seems fine unless it's possible to drop the x as well.

Some of these have subfolders, and files.

@@ -0,0 +1,45 @@

# Unix temporary files
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Would it be reasonable to expand the scope a little to cover "Unix file and directory permissions" in general? Whereever we write a file, we should set minimum permissions on it. And we would have the same guidance that there should be no perms for group and world unless they are required.

@@ -0,0 +1,45 @@

# Unix temporary files
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't have a Mac to experiment with. Does anything in here differ for Mac? It seems that Macs support ACLs as well, and in some circumstances they are used in Linux as well. Should we include guidance for those? (@tmds)

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

My expectation is that mac will be similar to Linux: /tmp has the sticky bit, and a umask of at least 002.
I'm not a mac user either. Someone should verify this.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Are ACL's relevant to many Linux users, enough that (in theory) we should set them if available? Or are they mainly for special purposes.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Mac has its own restrictions, and doesn't necessarily have a shared temp directory. Just in case, the above should probably be followed, but it may not be necessary, depending on the configuration.

@agocke
Copy link
Member Author

agocke commented Jun 14, 2022

I'm going to merge this now -- I think it's a good start, but some of the expansions are beyond my capability to review. We should start new PRs for new things.

@agocke
Copy link
Member Author

agocke commented Jun 14, 2022

In particular, I suspect there's about a book's worth of content to be written here for SELinux. I have no idea if we want to include that.

@danmoseley
Copy link
Member

I opened a couple of issues as a test balloon to see whether the guidance is appropriate..

@tmds
Copy link
Member

tmds commented Jun 15, 2022

@danmoseley NuGet is also a user of /tmp for restoring packages (NuGetScratch folder).

deeprobin added a commit to deeprobin/runtime that referenced this pull request Jun 23, 2022
* Use the signature types when building ABI info (#70635)

* Use signature types when building the ABI info

This will allow us to let "mismatched" struct types as call arguments,
which in turn is expected to simplify and de-pessimize much of the code
working around the need to keep precise handles on struct nodes.

Credit to @jakobbotsch for being able to make this change.

* Work around the "InferOpSizeAlign" problem

Handling it generally requires solving a larger problem
of "eeGetArgSizeAlignment" not working well on ARM.

(See also the use of "eeGetArgSizeAlignment" in "lvaInitUserArgs")

* [wasm] Build WasmAppHost with UseAppHost=false (#70606)

* [wasm] Build WasmAppHost with UseAppHost=false

- WasmAppHost is included in the WebAssembly.Sdk pack, and doesn't have a
platform specific package.
- Since, this is being built for x64, the build defaults to using the
app host, which means that we get a single binary file that can be run
directly.
    - But this also means that the binary included in the
    WebAssembly.Sdk platform-agnostic package will target the platform
    where it was built.

- Instead, build with UseAppHost=false, and update the wasm host to use
the managed assembly instead.

And update the RunCommand to use `dotnet exec WasmAppHost.dll`.

* fix

* JIT: Optimize expansion of indir cell addresses for CFG (#70491)

On ARM64 it is expensive to materialize the address of an indirection
cell since that requires multiple instructions. This is particular a
problem when CFG is enabled where validation + call uses the indir cell
twice. This changes the CFG logic to create a local in this case.

We also were forcing the indir cell argument node into the register.
This is not ideal for this particular case, so remove this logic and let
LSRA deal with it. ARM still needs this logic.

Fix #65076

* Handle mis-sized structs in XARCH `PUTARG_STK` codegen (#68611)

* Handle "mis-sized" structs in XARCH PUTARG_STK codegen

Previously, for structs which were not a multiple of TARGET_POINTER_SIZE
in size:

1) On x86, we copied them to a local in morph. This was a small CQ issue.
2) On Unix x64, we didn't handle them at all and could read out of bounds
   in "genStructPutArgUnroll".

This change fixes both issues by properly detecting cases where we need to
be careful and updating codegen to use correct load sizes.

* Add a test

* Improve distribution of CoseHeaderLabel hash codes (#70695)

* Implement digest one shots for browser implementation

* [wasm] Don't use a fixed listening port for the proxy (#70681)

Fixes https://github.com/dotnet/runtime/issues/70670 .

* Fix SOS tests on 7.0 (#70677)

The wcscpy_s in ClrDataAccess::GetRegisterName was failing with an invalid parameter exception because
the prefixLen and regLen didn't include the terminating null wchar.

* [wasm] Enable some previously failing WBT/AOT tests on windows (#70595)

* [wasm] Enable some previously failing WBT/AOT tests on windows

Fixes https://github.com/dotnet/runtime/issues/61725 .

* [wasm] WBT: Fix a failing satellite assembly test

The test fails because it is trying to find the string `got: こんにちは`
in the app output, but it sees `?????`. This is due to xharness not
setting the console output to UTF8, and then the tests not doing the
same.

Instead of that, we can move the check to be in the app itself, thus
removing the need for any of this.

Fixes https://github.com/dotnet/runtime/issues/58709 .

* List other architectures and DOTNET_ROOT environment variables in dotnet --info (#70403)

* [mono] Remove dead code. (#70671)

A variable initialized to false and never modified means we can remove the
variable and any code that depends on that variable not being false.

This is a consequence of 15ab9f985ed45feaa619df70d288fbd0acd5c45f, where code
that assigned the variable was removed.

* Avoid throwing Win32Exception from HTTP authentication (#70474)

* Avoid throwing Win32Exception from HTTP authentication

When server sends malformed NTLM challenge the NT authentication processing
would throw an unexpected Win32Exception from HttpClientHandler.Send[Async]
calls. This aligns the behavior to WinHTTP handler where the Unauthorized
reply with challenge token is returned back to the client.

Similarly, failure to validate the last MIC token in Negotiate scheme could
result in Win32Exception. Handle it by throwing HttpRequestException instead.

* Make the unit test more resilient

* Add trace to Negotiate authentication

* Dispose connection instead of draining the response

* Remove outdated ActiveIssue

* Fix usage of GSS_KRB5_CRED_NO_CI_FLAGS_X (#70447)

* Fix build detection of GSS_KRB5_CRED_NO_CI_FLAGS_X

* Don't use GSS_KRB5_CRED_NO_CI_FLAGS_X on NTLM

* Handle GSS_S_UNAVAILABLE error from gss_set_cred_option (NTLM wrapped in Negotiate)

* Make the GSSAPI shim work with krb5 1.13

* Preserve the gss_acquire_cred minor status

* Use IndexOf in WebUtility (#70700)

The IndexOfHtmlDecodingChars method was iterating character by character looking for either a `&` or a surrogate, but then the slow path if one of those is found doesn't special-case surrogates.  So, we can just collapse this to a vectorized `IndexOf('&')`, which makes the fast path of detecting whether there's anything to decode much faster if there's any meaningful amount of input prior to a `&`. (I experimented with also using `IndexOf('&')` in the main routine, but it made cases with lots of entities slower, and so I'm not including that here.)

* Hoist the invariants out of multi-level nested loops (#68061)

* first working version

* Skip check of VN hoisting

* Account for duplicate blocks

* clean up

* wip

* isCommaTree && hasExcep

* revert lsra changes

* Update hoisting condition

- Only update if node to be hoisted has side-effects and the sibling that is before that throws exception

* Change to BasicBlockList

* organize preheaders

* update hoistedInCurLoop and hoistedInSiblingLoop

* Reverse the loop order

* cleanup and jit-format

* Revert "Minor fix to display IG01 weight correctly"

This reverts commit 757120e863b2da188db2593da1b7142fd1ecf191.

* simplify code

* Remove m_hoistedVNInSiblingLoop

* Add back ResetHoistedInCurLoop

Fix igWeight

* Remove reversal of loop processing order

* jit format

* Experimental: Also generate PerfScore:

* review feedback

* fix the superpmi script

* Revert superpmi asmdiffs change

* Rename method

* Add a comment

* Delete GTF_ASSERTION_PROP_LONG (#70521)

* Convert exception help context parsing to managed (#70251)

* Move help link parsing to managed

* Cleanup wtoi and nativeIsDigit

* Fix metasig declaration

* Guard GetHelpContext under FEATURE_COMINTEROP

* Remove definition of GetHelpLink and guard more methods under cominterop

* DWORD should be uint

* Add help context marshaling test

* Adjust marshaling test

* Fix #ifdef with ILLink

* Fix method signature mismatch

* Specify string marshaling

* Throwing test should not test successful HRESULT

* Implement ISupportErrorInfo

* Test interface in InterfaceSupportsErrorInfo

* Delete tests for .NET Framework Xsltc.exe tool (#70706)

* Use regex matching for Xsltc test baseline files

* Delete xsltc.exe tests entirely

* Reenable C4244 in repo (#70026)

* Reenable 4244 warning for Mono.

* Enable compiler errors for gcc/clang.

* Fix issues enabling -Werror=implicit-int-conversion

* Revert turning on implicit-int-conversion as error.
  This check was triggering failures on parts of the PAL that
  require additional scrutiny beyond the scope of this work.

* Add SlidingWindow and FixedWindow to RateLimitPartition (#68782)

* align GC memory load calculation on Linux with Docker and Kubernetes (#64128)

* align memory load calculation in GC with Docker and Kubernetes

* pass inactive file field name as a parameter

* [wasm] Fix Debug configuration builds (#70683)

* Fix cmake error

   ```
   Manually-specified variables were not used by the project:
   CONFIGURATION_WASM_OPT_FLAGS
   ```

* Build the interpreter with -O1 on Wasm in Debug configs

   Otherwise `interp_exec_method` and `generate_code` can easily overflow the stack in some browsers with even a few recursive calls (for example during .cctor initializaiton)

* [wasm] Make runtime_is_initialized promise callbacks one-shot (#70694)

* [wasm] Make runtime_is_initialized promise callbacks one-shot

Throw if runtime_is_initialized_resolve or runtime_is_initialized_reject is called more than once

* Add a slightly generalized GuardedPromise<T> object

   Protects against multiple-resolve, multiple-reject, reject after resolve and resolve after reject.

  Does not protect against the executor throwing.

* Do not use ExecutableMemoryAllocator on 64 bit platforms if default base address usage is requested (#70563)

* [wasm][debugger] Implement get bytes from loaded_files using debugger protocol. (#69072)

* Implement get bytes from loaded_files using debugger protocol.

* fix pdb size == nul

* Adressing @radical comments.

* Fix build.

* fix compilation

* Addressing @radical comments.

Co-authored-by: Ankit Jain <[email protected]>

* Add doc on Unix temporary file security practice (#70585)

* Add doc on Unix temporary file security practice

* Update unix-tmp.md

* Update unix-tmp.md

* Add example permissions encoding

* Update docs/design/security/unix-tmp.md

Co-authored-by: Dan Moseley <[email protected]>

* Update unix-tmp.md

Co-authored-by: Dan Moseley <[email protected]>

* ConfigurationBinder.Bind on virtual properties duplicates elements (#70592)

* ConfigurationBinder.Bind on virtual properties duplicates elements

* simplify GetAllProperties

* return array instead of list

* Obsolete AssemblyName.CodeBase, AssemblyName.EscapedCodeBase (#70534)

* JIT: Enable JitConsumeProfileForCasts by default (#69869)

* Fix AttributePresence in composite mode (#70737)

According to my comparative perf measurements composite framework
spends about 5M more instructions in the method

coreclr.dll!CMiniMdTemplate<CMiniMd>::SearchTableForMultipleRows(CMiniColDef sColumn)

I tracked this down to the R2R table AttributePresence which is
used to speed up attribute queries against the ECMA metadata model.
In composite mode we were putting the table in the image header,
not component header, and so the runtime was unable to locate it.
This change fixes generation of the table in Crossgen2; I have
verified that with this change I no longer see the 5M outlier.

Thanks

Tomas

* Handle mis-sized structs in ARM/64 `PUTARG_SPLIT` codegen (#70249)

* Add a test

* Fix out-of-bounds loads in ARM/64's "genPutArgSplit"

* Split the test out

* Refactor how implicit byrefs are morphed (#70243)

* Refactor implicit by-refs morphing

Move it to "fgMorphLocal".

Enabled folding in "LocalAddressVisitor".

* Add FEATURE_IMPLICIT_BYREFS

And use it in all the necessary places.

Resolves the TP regression on Unix x64, turning it into a TP improvement.

* Add a zero-diff quirk

* Do not change `gtRetClsHnd` in `impNormStructVal` (#70699)

* Do not change "gtRetClsHdl" in "impNormStructVal"

Doing so leads breaking the proper ABI handling for the call.

* Add a test

* Support `PUTARG_STK(STRUCT LCL_VAR/LCL_FLD)` on ARM/64 (#70256)

* Separate out LowerPutArgStk

Call it from "LowerArg" instead of "ContainCheckCallOperands",
as it does more than just containment analysis.

* Support "PUTARG_STK(STRUCT LCL_VAR/LCL_FLD)" on ARM/64

To test this, transform "OBJ(LCL_VAR|FLD_ADDR)" to "LCL_FLD" on lowering.

This additionally simplified the codegen code as it doesn't have to support
two representations of the same thing.

* Support `PUTARG_STK(STRUCT LCL_VAR/LCL_FLD)` on x86/Unix x64 (#70702)

* Add GenTree::GetLayout

* x86/Unix x64: lowering

* x86/Unix x64: "genConsumePutStructArgStk"

* x86/Unix x64: "genStructPutArgUnroll"

* x86/Unix x64: codegen asserts

* x86: "genStructPutArgPush"

* Unix x64: "genStructPutArgPartialRepMovs"

* Allow `TYP_STRUCT` `LCL_FLD` on the RHS of block copies (#70633)

* Delete the unused "GTF_USE_FLAGS"

It used to indicate that a branch operation didn't
need to materialize its operand and could just "use
flags" instead, but that purpose has long been lost
now that we have explicit SETCC nodes in lowering.

* Make GTF_DONT_EXTEND a shared flag

So that it can be used for "LCL_FLD" as well as "GT_IND".

No diffs.

* Enable TYP_STRUCT on the RHS

* fgMorphBlockOperand

* Tweak TYP_STRUCT LCL_FLD costs

Model it as two load, like OBJ.

Note we could be more precise here, by using the
register type of the layout. For now, we defer.

* Block CSE

Preserve previous behavior to avoid diffs.

* Revert "Fix usage of GSS_KRB5_CRED_NO_CI_FLAGS_X (#70447)" (#70747)

This reverts commit 84f7cad00ad834c365b5cd1297e1166525146b50.

* Add note about backward branch constraints to ECMA-335 augments (#70760)

* [NativeAOT] Enabling return address hijacking on ARM64 Windows (#70740)

* Enabling return address hijacking on ARM64 Windows

* pass right flags to the GcInfoDecoder

* Fix value numbering of HWI loads (#70621)

* Fix numbering of HWI loads

Take into account all operands and describe the exception sets precisely.

* Add a test

* Recast the check

* Small MsQuicStream refactorings (#70433)

* Inline state transition helpers

Fixes #55437

* Add high level comments for HandleEventReceive and ReadAsync

* Updating HWIntrinsicInfo::lookupId to not accelerate Vector256 APIs when AVX2 is unsupported (#70686)

* Updating HWIntrinsicINfo::lookupId to not accelerate Vector256 APIs when AVX2 is unsupported

* Fixing a check in lookupId to properly negate the condition

* Ensure the special-cased EA_32BYTE constants only happen when AVX/AVX2 are supported

* Fixing a bad assert in morph

* Dsiable CertificateValidationRemoteServer.ConnectWithRevocation_WithCallback on Android (#70768)

* NativeAOT Unlock assignability comparison in reflection-free (#70726)

* NativeAOT Unlock assignability comparison in reflection-free
Closes #69960

* Document support for `IsAssignableFrom`

* Document support for `IsInstanceOfType`

* Document `IsAssignableTo`

* Add suggestion from Michal

* Update src/coreclr/nativeaot/System.Private.DisabledReflection/src/Internal/Reflection/RuntimeTypeInfo.cs

Co-authored-by: Michal Strehovský <[email protected]>

* Remove whitespaces

Co-authored-by: Michal Strehovský <[email protected]>

* [Mono] Fix C4018 round I (#70417)

* First round of change of fixing C4018

* Address part of review feedback

* Change the type of idx to unsigned for `effective_table_slow`

* Add idx range check after the type was changed

* Address review feedback for `class-init.c`

* Change the return type of `*table_num_rows*` to `guint32`. Deal with the consequence of return type change of `table_info_get_rows`. Correct the type of a few local variables which store the return of `mono_metadata_token_index`.

* Update return type

* Address review feedbacks of metadata.c

* Fix native crash

* Make counter private to for-loop

* Address review feedbacks

* Address review feedbacks

* Fix race condition in LoaderAllocator::CompareExchangeValueInHandle (#70765)

The method was not actually using interlocked operation. It made it possible for multiple different values to win.

Fixes #70742

* Enable redirection on arm64 (#70769)

* Handle HW exceptions on Windows without redirection (#70428)

This change modifies the way hardware exceptions are propagated from the
vectored exception handler. Until now, runtime was returning from the
vectored exception handler with instruction pointer in the context set
to an asm helper. That redirected the thread to that helper and we have
raised an exception from its call chain.
While working on CET support, it was found that propagating exceptions
from the vectored exception handler directly works just fine. So this
change makes it work that way for all Windows targets.

* Predicate for valid Tracker Reference is inverted (#70709)

* Predicate for valid Tracker Reference is inverted

* Fix test to not inline wrapper creation function.

* JIT: Enable addressing modes for gc types (#70749)

* JIT: Faster long->int overflow checks (#69865)

* Update .net version for asp.net spmi collection script (#70778)

* Enable IlcTrimMetadata by default (#70201)

Enables more aggressive metadata stripping by default. In this mode, the AOT compiler only generates reflection metadata for artifacts that were deemed reflection-visible by either dataflow analysis, or user inputs. Previously we would consider everything that got generated reflection-visible.

* Change the defaults within the compiler (making the conservative mode opt-in).
* Add tests for scenarios in https://github.com/dotnet/runtimelab/issues/656 (resolves dotnet/runtimelab#656).
* Update tests
* Do more marking where it was necessary

* Remove GSS_KRB5_CRED_NO_CI_FLAGS_X code (#70772)

The support for building with GSS_KRB5_CRED_NO_CI_FLAGS_X was broken for quite some time. Attempts to reenable it failed due to bug in the krb5 GSSAPI implementation resulting in invalid memory accesses.

* Make ConnectWithRevocation_StapledOcsp more resilient to being slow

* Upgrade SDK to Preview 5 (#70117)

Upgrade to released Preview 5 build

* Find&replace FastInterlock* with Interlocked* (#70784)

FastInterlock* operations were #defined as aliases to regular Interlock* operations. Deleted the FastInterlock* aliases and replaced usage with Interlocked* operations.

* JIT: rework optCanonicalizeLoop (#70792)

Rework loop canonicalization in anticipation of extending it to handle
non-loop edges like those seen in #70802 (details in #70569).

The code to fix up flow out of `h` was not needed and has been removed.
We now assert upstream that no such fix up will be needed.

* Avoid infinite loop in case of heap corruption (#70759)

Co-authored-by: Juan Hoyos <[email protected]>
Co-authored-by: Noah Falk <[email protected]>

* [wasm][debugger] Remove workaround to get pauseOnExceptions setting (#70748)

* Add SubstitutionParser that uses XPath Navigator into NativeAOT (#64671)

* Add end-to-end test for NTLM/Negotiate authentication against fake server (#70630)

* Add end-to-end test for NTLM/Negotiate authentication against fake server

* Simplify the test since HttpClientHandler is always SocketsHttpHandler for the test environment

* Fix test condition

* Remove extra comment

* Enable ThreadAbort with CET enabled via the QueueUserAPC2 (#70803)

This change makes ThreadAbort work when CET is enabled. Instead of
thread redirection, it uses the new user mode APC mechanism to get a
thread to a handler and then throws the ThreadAbortException from there
if the thread was interrupted at a safe location.

I have verified it works using mdbg tests and also by manual testing in
the Visual Studio 2022 using a test app that creates an instance of
classes with properties containing infinite loop, wait on a lock, wait
on a handle, infinite loop inside of a lock and infinite loop in
finally.
For the testing, I've enabled this separately from the CET so that the
missing support for CET in the debugger code doesn't cause troubles.

So we could enable this without CET enabled too, but I'd prefer doing
that separately.

* Test additional NativeAOT Lib testing (#70212)

* Test additional NativeAOT Lib testing

* more libraries to un nativeaot rolling build

* FB

* FB2

* only write results file if specified in args

* excluding failing tests

* oops, missed pull before a forced push

* excluding some recently added tests that fail

* fix typo with end element

* FB

* Fix emitDispJumpList for Arm64 (#70542)

* fix jitdump

* Fix arm build

* Another format

* Fix regression in runtime-jit-experimental (#70797)

The newly-introduced `emitRemoveJumpToNextInst` optimization caused
a regression when hot/cold-splitting, where jumps from the last hot
instruction to the first cold instruction were erroneously removed.
This is fixed by disabling the `isRemovableJmpCandidate` flag for
branches between hot/cold sections.

On an unrelated note, a JIT dump message has been added to indicate
stress-splitting is occurring.

* JIT: relax fwd sub restriction on changing class handle (#70587)

For HW SIMD types, at least.

Fixes #64879.

* Use LastIndexOf in ZipArchiveEntry.GetFileName_Unix (#70701)

There's not particularly good reason to open-code the loop here.

* Update dogfooding instructions (#70833)

- Delete note about multilevel lookup. It is not relevant anymore.
- Fix nightly feed url to net7
- Replace .NET Core with just .NET

* Add icon to dotnet.exe on Windows (#70578)

* Add two new stages to prepare for our new custom type marshalling design. (#70598)

* Simplify `Environment.IsWindows8OrAbove`. (#70818)

* Simplify Environment.IsWindows8OrAbove.
Since .NET 5, the regular Windows version detecton code always returns the correct version.

* Remove two unused interop files.

* Delete redundant aliases for primitive types (#70805)

* Add limited support for LocalCertificateSelectionCallback for QUIC (#70716)

* Inline state transition helpers

Fixes #55437

* Add high level comments for HandleEventReceive and ReadAsync

* [QUIC] Call `LocalCertificateSelectionCallback` to get client certificate

* Code review feedback

* JIT: Optimize range checks for X >> CNS and for short/byte indices  (#67141)

Co-authored-by: SingleAccretion <[email protected]>

* Tighten checks in `areArgumentsContiguous` (#70829)

* Tighten checks in "areArgumentsContiguous"

* Add a test

* Narrow cast fix (#70518)

* Added genActualTypeSize. Remove narrow cast if the actual type sizes are the same

* Trying to fix build

* Fixing build

* Removed genActualTypeSize. Using genActualType instead

* Added helper function

* Comments

* Moving back to morph

* Removing part of the test

* Added fgOptimizeCastOnAssignment

* Fixing build

* Removing extra bits

* Removed fgIsSafeToRemoveIntToIntCastOnAssignment, inlining the implementation, adding extra logic when actual types are not the same

* [wasm] Disable WBT test failing on windows (#70808)

Issue: https://github.com/dotnet/runtime/issues/70675

* Enable IDE1005 (Delegate invocation can be simplified) (#70522)

* Disable long running test (#70843)

* [wasm] Enabled WriteToReadOnly tests - emscripten bug got fixed (#70814)

Fixes #53021.

Enabled tests from #53021 - they are passing now because issue reported by @radekdoulik got fixed: https://github.com/emscripten-core/emscripten/issues/14299.

* Use IndexOf{Any} in a few more places (#70176)

* Use IndexOf{Any} in a few more places

* Address PR feedback

* Fix corerun for assemblies with mismatched filename (#70800)

corerun gracefully handled filename not matching the assembly name. Handling of this case regressed in #68186. This change is fixing the regression.

Fixes #68455

* Fix a few Stream-related issues in System.Net.Http (#70731)

* Fix a few Stream-related issues in System.Net.Http

* Put back WriteTimeout

* Fix tests

* Catch (more) mismatched args in `fgMorphArgs` (#70846)

* Catch (more) mismatched args in "fgMorphArgs"

* Add a test

* [coop] fix coop suspend timeout cue card (#70828)

the BLOCKING_SUSPEND_REQUESTED state is treated as suspend in full
coop mode (the thread keeps running, but by definition it's not
allowed to access managed resources and it will self-suspend if it
tries to enter GC Unsafe mode by calling a runtime API or managed
code).
It is bad in hybrid suspend mode (the thread should be preemptively
suspended, but we timed out before the signal handler had a chance to
run).

The corresponding suspension logic in the code is:

https://github.com/dotnet/runtime/blob/3fc61ebb562afc327a8fc6de5c82d76e86bf6f5d/src/mono/mono/utils/mono-threads.c#L1149-L1158

* Fixing the handling of Positive NaN in Math.Min for float/double (#70795)

* Adding tests validating Positive NaN for Max, MaxMagnitude, Min, and MinMagnitude

* Fixing the handling of Positive NaN in Math.Min for float/double

* Fixing the Max/Min code comments to use greater and lesser

* Adding a code comment clarifying the sign toggling behavior

* JIT: break loop canonicalization into two stages (#70809)

For a given loop, we need to separate out the true backedge, any
non-loop backedges, and any inner loop backedges so that they all
target distinct blocks.

Otherwise, we may violate assumptions that the loop entry dominates
all blocks in the loop and that all backedges that reach top come
from within the loop.

This seems simplest to do with two rounds of canonicalization, one
that moves the non-loop edges, and another that moves the true backedge.

Fixes #70802.

* Use `Array.Empty()` in `System.Reflection.Metadata`. (#70862)

It is now available in all frameworks it targets.

* Delete StaticallyLinked property from Microsoft.NETCore.Native.Unix.props (#70854)

This option has many issues. Anybody trying to experiment with static linking can add `<LinkerArg Include="-static" />` into the local file.

* Restore ArchivingUtils.AttemptSetLastWriteTime (#70617)

* Fix GC stress failure in LoaderAllocator::CompareExchangeValueInHandle (#70832)

InterlockedCompareExchangeT has to be called on a raw Object* to make the GC stress infrastructure happy.

* Small performance cleanups in S.S.Cryptography

* ARM64 - Optimize `i % 2` (#70599)

* Assign proper VNs to "shared constant" CSE defs (#70852)

* Assign proper VNs to shared CSE defs

They must be those of the original expression, not the "base" constant CSE creates.

* Add a test

* Enable IDE0054 (Use compound assignment) (#70564)

* Enable IDE0054 (Use compound assignment)

* Update src/libraries/System.Data.Common/src/System/Data/Common/StringStorage.cs

Co-authored-by: Tanner Gooding <[email protected]>

Co-authored-by: Tanner Gooding <[email protected]>

* Use new byte[] span optimization in a few more places (#70665)

* Use new byte[] span optimization in a few more places

Separated out of larger change to use CreateSpan (these don't rely on that).

* Address PR feedback

* Improve TLS1.3 detection in registry for QUIC (#70730)

* Improve TLS1.3 detection in registry for QUIC

* Split client and server detection

* Code review feedback

* Generate method bodies for delegate Invoke methods (#70883)


There is a dataflow warning suppression in System.Linq.Expressions that assumes we'll always have an invocable method body for delegate Invoke method. We need one in IL. We don't in native code.

Emulate what IL Linker does and generate a method body. This is a size regression.

Suppression: https://github.com/dotnet/runtime/blob/3b2883b097a773715ca84056885e0ca1488da36e/src/libraries/System.Linq.Expressions/src/System/Dynamic/Utils/TypeUtils.cs#L906-L912

Fixes #70880.

* Avoid crashing on unresolved dependencies (#70871)

Fixes #70815.

* Enable IDE0020 (Use pattern matching) (#70523)

* Enable IDE0020 (Use pattern matching)

* Update src/libraries/System.Private.Xml/src/System/Xml/Serialization/XmlSerializationWriter.cs

Co-authored-by: Buyaa Namnan <[email protected]>

* Update variable naming

Co-authored-by: Buyaa Namnan <[email protected]>

* Fix failure building two libraries tests (#70881)

Microsoft.CSharp was hitting an issue due to a vararg constructor. We don't support varargs. They shouldn't make it into the dependency graph. We are already checking in many places. We were erroneously thinking a vararg constructor with no mandatory arguments is a default constructor.

Runtime.InteropServices were crashing because we got a MulticastDelegate type into a codepath that expects a MulticastDelegate descendant.

* Use hash/hmac one shots in NTLM (#70857)

Co-authored-by: Stephen Toub <[email protected]>

* Unpin locals, attempt 2 (#70655)

Contributes to #40553

* Replace a few instances of PtrToStructure with more efficient marshalling (#70866)

* Fix for timer scheduling happening on the incorrect thread when wasm threading is enabled (#70863)

* Add event to capture min/max threads (#70063)

Event ThreadPoolMinMaxThreads added. 

Parameters are:
            ushort MinWorkerThreads
            ushort MaxWorkerThreads
            ushort MinIOCompletionThreads
            ushort MaxIOCompletionThreads
            ushort ClrInstanceID

It is fired in the ThreadPool constructor and in the SetMinThreads/SetMaxThreads functions.

* [wasm] Add support for per-project customization of helix work items (#70461)

* [wasm] Add support for per-project customization of helix work items

Currently, for sending tests to helix:
1. the project binaries are zipped, as part of the project build
2. then separate helix targets files build that adds helix items for
   those zip files.
    - for wasm, we test with multiple 'scenarios' - like v8, browser, and
    nodejs.
    - so, 3 helix work items are submitted per zip file

- If a test project needs to have any customizations, for example, for
  testing crypto with a managed implementation, and subtlecrypto, which
  would require:
  - passing different arguments to xharness, in case of managed, and
    subtlecrypto
  - and this should be done only for the browser case
  - Currently, this would need this would need to be done in
  `sendtohelix-wasm.targets` special casing for the test project, and
  scenario.

- We add support for importing `$(ProjectName).helix.targets`, and
  calling a special target in that to add helix items, as needed.

- This targets file can be set in the test project like:
```xml
<HelixTargetsFile Condition="'$(TargetOS)' == 'Browser'">wasm.helix.targets</HelixTargetsFile>
```
  - it will get deployed next to the zip file, and picked up automatically

```xml
<Project>
  <PropertyGroup>
    <_CryptoProjectName>System.Security.Cryptography.Tests</_CryptoProjectName>
    <System_Security_Cryptography_Tests_TargetName Condition="'$(Scenario))' == 'WasmTestOnBrowser'">System_Security_Cryptography_Tests_Targ
et</System_Security_Cryptography_Tests_TargetName>
  </PropertyGroup>

  <Target Name="System_Security_Cryptography_Tests_Target">
    <ItemGroup>
      <HelixWorkItem Include="$(Scenario)-managed-$(_CryptoProjectName)">
        <PayloadArchive>$(TestArchiveTestsDir)$(_CryptoProjectName).zip</PayloadArchive>
        <Command>$(HelixCommand)</Command>
        <Timeout>$(_workItemTimeout)</Timeout>
      </HelixWorkItem>

      <HelixWorkItem Include="$(Scenario)-subtlecrypto-System.Security.Cryptography.Tests">
        <PayloadArchive>$(TestArchiveTestsDir)$(_CryptoProjectName).zip</PayloadArchive>
        <Command>$(HelixCommand)</Command>
        <Timeout>$(_workItemTimeout)</Timeout>

        <PreCommands Condition="'$(OS)' == 'Windows_NT'">set &quot;WasmXHarnessArgs=--web-server-use-cors&quot;</PreCommands>
        <PreCommands Condition="'$(OS)' != 'Windows_NT'">export &quot;WasmXHarnessArgs=--web-server-use-cors&quot;</PreCommands>
      </HelixWorkItem>
    </ItemGroup>
  </Target>
```

- The targets file *must* have these:
    - a property named like `System_Security_Cryptography_Tests_TargetName`, for a
      test project named `System.Security.Cryptography.Tests`
    - if this property is not set, then the default behavior of adding
      work items will run
    - The target should add any items it needs to to `@(HelixWorkItem)`.
      - Examples of adding these can be seen in `sendtohelix*` project files

- Remember that all these properties, and targets get imported into the
  msbuild *global* namespace, so make sure to use unique names to avoid
  conflicts with other test projects.

Future work: this commit only enables it for wasm/library tests, but it should
be easy to extract it out, but needs some testing.

* [wasm] Helix: test with, and without subtle crypto

* disable non-wasm builds

* address review feedback

* Address review feedback

* Fix typo

* Revert "disable non-wasm builds"

This reverts commit 7ef99e81f82200189dd3f61eeaf00d6ca4ced6d4.

* Update src/libraries/System.Security.Cryptography/tests/wasm.helix.targets

Co-authored-by: Eric Erhardt <[email protected]>

* Address review feedback

* remove debug spew

* Change the way helix extension targets are discovered.

The new approach:

To run a custom project specific target for adding/editing @(HelixWorkItem):

- In the project add:
    `<HelixTargetsFile Condition="'$(TargetOS)' == 'Browser'">wasm.helix.targets</HelixTargetsFile>`

    - This file gets copied next to the test archive as $(MSBuildProjectName).helix.targets

- In this `wasm.helix.targets` file, add to $(HelixExtensionTargets) to run your custom target

```xml
  <PropertyGroup Condition="'$(IsRunningLibraryTests)' == 'true' and '$(Scenario)' == 'WasmTestOnBrowser'">
    <HelixExtensionTargets>$(HelixExtensionTargets);_AddHelixCrypoItems</HelixExtensionTargets>
```

- The extension target will be called after the default items are added
  to `@(HelixWorkItem)`.
- Useful properties to condition on: $(Scenario), $(IsRunningLibraryTests)
- And add to, change, or remove from @(HelixWorkItem)

Example:
```xml
  <Target Name="_AddHelixCrypoItems">
    <ItemGroup>
      <!-- remove the existing item -->
      <HelixWorkItem Remove="@(HelixWorkItem)" Condition="'%(OriginalFileName)' == '$(_CryptoProjectName)'" />

        <!-- add two new ones - managed, and subtylecrypto -->
      <HelixWorkItem Include="$(WorkItemPrefix)managed-$(_CryptoProjectName)">
        <PayloadArchive>$(TestArchiveTestsDir)$(_CryptoProjectName).zip</PayloadArchive>
        <Command>$(HelixCommand)</Command>
        <Timeout>$(_workItemTimeout)</Timeout>
        <OriginalFileName>$(_CryptoProjectName)</OriginalFileName>
      </HelixWorkItem>

      <HelixWorkItem Include="$(WorkItemPrefix)subtlecrypto-$(_CryptoProjectName)">
        <PayloadArchive>$(TestArchiveTestsDir)$(_CryptoProjectName).zip</PayloadArchive>
        <Command>$(HelixCommand)</Command>
        <Timeout>$(_workItemTimeout)</Timeout>
        <OriginalFileName>$(_CryptoProjectName)</OriginalFileName>

        <PreCommands Condition="'$(OS)' == 'Windows_NT'">set &quot;WasmXHarnessArgs=%WasmXHarnessArgs% --web-server-use-cop&quot;</PreCommands>
        <PreCommands Condition="'$(OS)' != 'Windows_NT'">export &quot;WasmXHarnessArgs=$WasmXHarnessArgs --web-server-use-cop&quot;</PreCommands>
      </HelixWorkItem>

      <_CryptoHelixItem Include="@(HelixWorkItem)"
                        Condition="$([System.String]::new('%(HelixWorkItem.Identity)').EndsWith('-$(_CryptoProjectName)'))" />
    </ItemGroup>

    <Error Text="Something went wrong. Expected to have only two work items for $(_CryptoProjectName). But got @(_CryptoHelixItem)"
           Condition="@(_CryptoHelixItem->Count()) != 2" />
  </Target>
```

* cleanup

* Move WBT specific stuff into the target too. This will make it simpler to move it off into a targets file later

* fix build

* fix libtests

* fix wbt

* [wasm] Bump helix timeout to 90mins for debugger tests on windows

Co-authored-by: Eric Erhardt <[email protected]>

* Fix bug in Tar preventing extraction of hardlinks or entries starting with `.\` (#70853)

* Add PlatformDetection.SupportsHardLinkCreation property.

* Fix how paths are combined/joined and sanitized on extraction, to ensure paths with redundant segments get properly handled.

* Add tests that verify archives with entries whose paths start with .\, including the root folder itself.

* Re-enable the hardlink test, condition it to not run if platform does not support extraction of hardlinks.

* Remove unnecessary test - This same code is already being tested by TarReader_ExtractToFile_Tests.ExtractEntriesWithSlashDotPrefix

* Reuse test code that retrieves memory stream.

* Bump test data package version

* Add missing typeof(PlatformDetection) in ConditionalFact

Co-authored-by: carlossanlop <[email protected]>

* Remove #define Sleep (#70868)

* Remove #define Sleep

* Fix ICorDebugFunction2::GetVersionNumber for arm32. (#69901)

* Replace the remaining uses of Marshal.PtrToStructure in core networking (#70900)

* Rename ICMP interop to match Windows SDK names

* Add support for delegate GDV and method-based vtable GDV (#68703)

Add support for instrumenting delegate calls and vtable calls into method handle histograms. Use these histograms to do GDV for delegate calls and also support method-based GDV for vtable calls.

For instrumentation we now support class probes at interface call sites, method probes at delegate call sites and both class probes and method probes at vtable call sites. For vtable calls, when turned on, instrumentation produces both histograms as PGO data so that the JIT can later make the choice about what is the best form of guard to use at that site.

For guarding, there are some things to take into account. Delegate calls currently (practically) always point to precode, so this PR is just guarding on getFunctionFixedEntryPoint which returns the precode address, and this is generally quite cheap (same cost as class-based GDV). That's the case for delegates pointing to instance methods anyway, this PR does not support static methods yet -- those will be more expensive.

For vtable calls the runtime will backpatch the slots when tiering, so the JIT guards the address retrieved from the vtable against an indirection of the slot, which is slightly more expensive than a class-based guard.

Currently the instrumentation is enabled conditionally with COMPlus_JitDelegateProfiling=1 (for delegates) and COMPlus_JitVTableProfiling=1 (for vtable calls). Currently delegate profiling is turned on by default while vtable profiling is off by default.

* Use ArgumentNullException.ThrowIfNull in a few more places (#70897)

* Append the function pointer type (#70923)

The issue here was the recursion into PrettyPrintSigWorkerInternal
that would reset the buffer. Now, we pass in a new buffer and append
it when we return.

* [main] Update dependencies from dotnet/runtime dotnet/icu dotnet/xharness dotnet/runtime-assets dotnet/emsdk dotnet/roslyn-analyzers (#70476)

* Update dependencies from https://github.com/dotnet/runtime-assets build 20220608.1

Microsoft.DotNet.CilStrip.Sources , System.ComponentModel.TypeConverter.TestData , System.Drawing.Common.TestData , System.Formats.Tar.TestData , System.IO.Compression.TestData , System.IO.Packaging.TestData , System.Net.TestData , System.Private.Runtime.UnicodeData , System.Runtime.Numerics.TestData , System.Runtime.TimeZoneData , System.Security.Cryptography.X509Certificates.TestData , System.Text.RegularExpressions.TestData , System.Windows.Extensions.TestData
 From Version 7.0.0-beta.22281.1 -> To Version 7.0.0-beta.22308.1

* Update dependencies from https://github.com/dotnet/emsdk build 20220608.2

Microsoft.NET.Workload.Emscripten.Manifest-7.0.100
 From Version 7.0.0-preview.6.22281.1 -> To Version 7.0.0-preview.6.22308.2

* Update dependencies from https://github.com/dotnet/xharness build 20220610.1

Microsoft.DotNet.XHarness.CLI , Microsoft.DotNet.XHarness.TestRunners.Common , Microsoft.DotNet.XHarness.TestRunners.Xunit
 From Version 1.0.0-prerelease.22305.1 -> To Version 1.0.0-prerelease.22310.1

* Revert "Update dependencies from https://github.com/dotnet/emsdk build 20220608.2"

This reverts commit bbb4e156ddbad8a2cb7b604246214272085b6622.

* Update dependencies from https://github.com/dotnet/icu build 20220609.1

Microsoft.NETCore.Runtime.ICU.Transport
 From Version 7.0.0-preview.6.22306.1 -> To Version 7.0.0-preview.6.22309.1

* Update dependencies from https://github.com/dotnet/emsdk build 20220608.2

Microsoft.NET.Workload.Emscripten.Manifest-7.0.100
 From Version 7.0.0-preview.6.22281.1 -> To Version 7.0.0-preview.6.22308.2

* Update dependencies from https://github.com/dotnet/runtime-assets build 20220610.1

Microsoft.DotNet.CilStrip.Sources , System.ComponentModel.TypeConverter.TestData , System.Drawing.Common.TestData , System.Formats.Tar.TestData , System.IO.Compression.TestData , System.IO.Packaging.TestData , System.Net.TestData , System.Private.Runtime.UnicodeData , System.Runtime.Numerics.TestData , System.Runtime.TimeZoneData , System.Security.Cryptography.X509Certificates.TestData , System.Text.RegularExpressions.TestData , System.Windows.Extensions.TestData
 From Version 7.0.0-beta.22281.1 -> To Version 7.0.0-beta.22310.1

* Update dependencies from https://github.com/dotnet/roslyn-analyzers build 20220610.1

Microsoft.CodeAnalysis.NetAnalyzers
 From Version 7.0.0-preview1.22302.1 -> To Version 7.0.0-preview1.22310.1

* Update dependencies from https://github.com/dotnet/runtime build 20220612.5

Microsoft.NET.Sdk.IL , Microsoft.NETCore.App.Runtime.win-x64 , Microsoft.NETCore.DotNetHost , Microsoft.NETCore.DotNetHostPolicy , Microsoft.NETCore.ILAsm , runtime.native.System.IO.Ports , System.Text.Json
 From Version 7.0.0-preview.6.22305.4 -> To Version 7.0.0-preview.6.22312.5

* Update dependencies from https://github.com/dotnet/icu build 20220613.1

Microsoft.NETCore.Runtime.ICU.Transport
 From Version 7.0.0-preview.6.22306.1 -> To Version 7.0.0-preview.6.22313.1

* Update dependencies from https://github.com/dotnet/xharness build 20220613.1

Microsoft.DotNet.XHarness.CLI , Microsoft.DotNet.XHarness.TestRunners.Common , Microsoft.DotNet.XHarness.TestRunners.Xunit
 From Version 1.0.0-prerelease.22310.1 -> To Version 1.0.0-prerelease.22313.1

* Update dependencies from https://github.com/dotnet/runtime-assets build 20220613.1

Microsoft.DotNet.CilStrip.Sources , System.ComponentModel.TypeConverter.TestData , System.Drawing.Common.TestData , System.Formats.Tar.TestData , System.IO.Compression.TestData , System.IO.Packaging.TestData , System.Net.TestData , System.Private.Runtime.UnicodeData , System.Runtime.Numerics.TestData , System.Runtime.TimeZoneData , System.Security.Cryptography.X509Certificates.TestData , System.Text.RegularExpressions.TestData , System.Windows.Extensions.TestData
 From Version 7.0.0-beta.22281.1 -> To Version 7.0.0-beta.22313.1

* Update dependencies from https://github.com/dotnet/emsdk build 20220613.1

Microsoft.NET.Workload.Emscripten.Manifest-7.0.100
 From Version 7.0.0-preview.6.22281.1 -> To Version 7.0.0-preview.6.22313.1

* [wasm] Wasm.Build.Tests: Disable strict version checks for emcc

Due to the way we have to update `dotnet/emsdk`, and get the update PRs
in `runtime`, the emsdk version can be mismatched. For example, if
`dotnet/emsdk` has already updated to `3.1.12`, but `dotnet/runtime` is
still on `3.1.7`. This is an expected scenario while working on updating
to a newer emscripten.

The version mismatch will still show up, but as a warning now.

* Update dependencies from https://github.com/dotnet/xharness build 20220614.1

Microsoft.DotNet.XHarness.CLI , Microsoft.DotNet.XHarness.TestRunners.Common , Microsoft.DotNet.XHarness.TestRunners.Xunit
 From Version 1.0.0-prerelease.22310.1 -> To Version 1.0.0-prerelease.22314.1

* [wasm] Wasm.Build.Tests: Update Skiasharp reference

The skiasharp dependent tests fail with:
`error : undefined symbol: _ZNKSt3__220__vector_base_commonILb1EE20__throw_length_errorEv`.

Update the reference to the latest package which added a binary compiled
for `3.1.7`.

* [wasm] Workaround a test failure in WBT

Currently, there is a mismatch between emsdk versions with the workload
emscripten packs using `3.1.12`, and the runtime being built with
`3.1.7`. And that is causing
`Wasm.Build.Tests.NativeLibraryTests.ProjectUsingSkiaSharp` to fail with:

```
EXEC : error : undefined symbol: _ZNKSt3__220__vector_base_commonILb1EE20__throw_length_errorEv (referenced by top-level compiled C/C++ code) [/datadisks/disk1/work/B1420981/w/ACC90933/e/blz_nativeref_aot_Debug/blz_nativeref_aot_Debug.csproj]
EXEC : warning : Link with `-sLLD_REPORT_UNDEFINED` to get more information on undefined symbols [/datadisks/disk1/work/B1420981/w/ACC90933/e/blz_nativeref_aot_Debug/blz_nativeref_aot_Debug.csproj]
EXEC : warning : To disable errors for undefined symbols use `-sERROR_ON_UNDEFINED_SYMBOLS=0` [/datadisks/disk1/work/B1420981/w/ACC90933/e/blz_nativeref_aot_Debug/blz_nativeref_aot_Debug.csproj]
EXEC : warning : __ZNKSt3__220__vector_base_commonILb1EE20__throw_length_errorEv may need to be added to EXPORTED_FUNCTIONS if it arrives from a system library [/datadisks/disk1/work/B1420981/w/ACC90933/e/blz_nativeref_aot_Debug/blz_nativeref_aot_Debug.csproj]
EXEC : error : undefined symbol: _ZNKSt3__221__basic_string_commonILb1EE20__throw_length_errorEv (referenced by top-level compiled C/C++ code) [/datadisks/disk1/work/B1420981/w/ACC90933/e/blz_nativeref_aot_Debug/blz_nativeref_aot_Debug.csproj]
EXEC : warning : __ZNKSt3__221__basic_string_commonILb1EE20__throw_length_errorEv may need to be added to EXPORTED_FUNCTIONS if it arrives from a system library [/datadisks/disk1/work/B1420981/w/ACC90933/e/blz_nativeref_aot_Debug/blz_nativeref_aot_Debug.csproj]
EXEC : error : Aborting compilation due to previous errors [/datadisks/disk1/work/B1420981/w/ACC90933/e/blz_nativeref_aot_Debug/blz_nativeref_aot_Debug.csproj]
emcc : error : '/datadisks/disk1/work/B1420981/w/ACC90933/e/dotnet-workload/packs/Microsoft.NET.Runtime.Emscripten.3.1.12.Node.linux-x64/7.0.0-preview.6.22313.1/tools/bin/node /datadisks/disk1/work/B1420981/w/ACC90933/e/dotnet-workload/packs/Microsoft.NET.Runtime.Emscripten.3.1.12.Sdk.linux-x64/7.0.0-preview.6.22313.1/tools/emscripten/src/compiler.js /datadisks/disk1/work/B1420981/t/tmp44tn7y2d.json' failed (returned 1) [/datadisks/disk1/work/B1420981/w/ACC90933/e/blz_nativeref_aot_Debug/blz_nativeref_aot_Debug.csproj]
```

This commit adds a temporary workaround to ignore the undefined symbols
for this specific test. And this should be removed when runtime is
updated to `3.1.12` .

Co-authored-by: dotnet-maestro[bot] <dotnet-maestro[bot]@users.noreply.github.com>
Co-authored-by: Alexander Köplinger <[email protected]>
Co-authored-by: Larry Ewing <[email protected]>
Co-authored-by: Ankit Jain <[email protected]>

* Harden for null byrefs (#70317)

* Remove enum_flag_Unrestored usage in boxing stubs.

* Add AND instruction (21h) to x86 decoder.

* Update mono for null ref in interpreter paths.

* Disable test on llvmfullaot and wasm

* Handle null destination for intrinsics.

* Use u8 in a few more places (#70894)

* Use u8 in a few more places

* A few more u8s

* Enable lib tests that used to fail with GC issues (#70831)

* enable lib tests that used to fail with GC issues

* excluding linq parallel test since that doesn't build

* Threading.Thread tests have issues

* Excluding new test failures

* Remove some dead code / branches (#70146)

* Remove some dead code / branches

Some signal amidst the noise in an lgtm.com report.

* Address PR feedback

* superpmi.py: Add `-jitoption` for asmdiffs (#70939)

The new `-jitoption` option passes the argument options to both baseline and diff
compilers. This is a convenience option: there already is `-base_jit_option` and
`-diff_jit_option` to specify passing options to either baseline or diff.

The name of the option is the same as that used for `replay`.

* EventLogException is missing the original win32 error code (#70629)

* Enable IDE0071 (Simplify interpolation) (#70918)

* Enable IDE0100 (Remove redundant equality) (#70896)

* Enable IDE0065 (Misplaced using directive) (#70919)

* Optimization for full range checks (#70145) (#70222)

* Update C# compiler (#70947)

Brings in support for required members

* Allow ValueListBuilder to work with empty scratch spans (#70917)

* Enable IDE0030 (Use coalesce expression) (#70948)

* Do not reuse implicit byrefs for by-value args (#70955)

* Do not reuse implicit byrefs for by-value args

* Add a test

* Enable `TYP_STRUCT` `LCL_VAR/LCL_FLD` call args on Windows x64 (#70777)

* Fix forward sub

* Enable folding in local morph

* Morph: TYP_STRUCT LCL_FLD

* Make SuperPMI more explicit about JIT in error messages (#70938)

This makes it easier to figure out which JIT failed in asmdiffs scenarios.

e.g.,
```
[10:40:50] ERROR: Method 3673 of size 3107 failed to load and compile correctly by JIT2 (C:\gh\runtime\artifacts\tests\coreclr\windows.x64.Checked\Tests\Core_Root\clrjit_universal_arm64_x64.dll).
[10:40:50] ERROR: Method 3673 of size 3107 failed to load and compile correctly by JIT1 (C:\gh\runtime2\artifacts\tests\coreclr\windows.x64.Checked\Tests\Core_Root\clrjit_universal_arm64_x64.dll).
```

* Fix illumos-x64 build (#70956)

* Disable W^X on macOS under Rosetta emulation (#70912)

* Disable W^X on macOS under Rosetta emulation

Apple has informed us that double mapping doesn't work properly
on Rosetta emulation. This change disables W^X if Rosetta is detected.

* Reflect PR feedback

* Add support for randomized guard stack cookies (#70806)

The compiler was generating GS cookies, but the cookie was always an ASCII encoding of "Hi, mom!".

Make the cookie properly per-process randomized.

The randomization algorithm is same as in the CoreCLR VM.

Fixes #70071.

* Fixes #64159 - JsonSerializerContext source generation fails with keyword identifiers (#66876)

* Fixes #64159 - initial implementation

* Tidy up, and add test for ignored reserved-keyword-named property

* PR feedback - use same approach as logging generator

* PR feedback

* Update src/libraries/System.Text.Json/gen/JsonSourceGenerator.Parser.cs

Co-authored-by: Adeel Mujahid <[email protected]>

* PR feedback - rename ExactNameSpecifiedInSourceCode

* PR feedback - use extracted (and renamed) local variable

* Remove commented code

* Added `IsVerbatimName` as extension method

* Support fields with verbatim names (@)

* Use alternative method for checking for verbatim names

* Uses `SyntaxFacts` to determine if escaping is needed

* Remove extension method

* Modified source generator test to include a verbatim field

* Minor typo

Co-authored-by: Adeel Mujahid <[email protected]>

* [main] Update dependencies from dotnet/arcade (#70662)

Co-authored-by: dotnet-maestro[bot] <dotnet-maestro[bot]@users.noreply.github.com>

* Enable IDE0031 (Use null propagation) (#70965)

* Fix nullable annotations on MailAddress.TryCreate (#70943)

* [QUIC] Removes abstract providers and mock from S.N.Quic (#70421)

* Removed abstract providers and mock from S.N.Quic

* Removed provider and replaced with statics on Listener and Connection

* Added assert

* Stop wrapping SIMD nodes in OBJs (#70888)

* Upstream coreclr and pal changes to support powerpc (ppc64le) architecture  (#69105)

* coreclr pal layer chanegs.

* Updated the system arch for power architecture.

* Fixed the failing PAL SXS exception_handling test case

* replaced gint with gint64 to avoid overflow and this has fixed the segmentation fault issue.

* coreclr pal layer chanegs.

* Fixed the failing PAL SXS exception_handling test case

* coreclr pal layer chanegs.

* Updated the system arch for power architecture.

* Fixed the failing PAL SXS exception_handling test case

* replaced gint with gint64 to avoid overflow and this has fixed the segmentation fault issue.

* coreclr pal layer chanegs.

* Fixed the failing PAL SXS exception_handling test case

* Removing intsafe.h file as main does not have this file now.(Already removed in commit 27195f670937c7e21ab68a806396f9d17c57231a)

Co-authored-by: Alhad Deshpande <[email protected]>

* Collections contain stale object IDs (#70924)

It looks like the collections contain stale
ObjectID values. These collection should
be purged between GCs.

* Minor refactoring for `UpgradeToRegexGeneratorAnalyzer` (#70767)

* Fix arm64 funclet frame type 5 (#70922)

* Fix arm64 funclet frame type 5

* Add code to stress arm64 funclet frame type 5

This can be forced using `COMPlus_JitSaveFpLrWithCalleeSavedRegisters=3`,
or will be enabled under stress.

* Add a regression test

* Fix funclet frame type 5 alignment calculation

* Fix a couple bugs; improve documentation

1. Improve the frame shape pictures, especially for arm64 funclet frames. Include the
MonitorAcquired element and OSR pad.
2. Fix bug for `SP_to_PSP_slot_delta` for funclet frame type 4 for OSR: don't include osrPad.
3. Fix bug with funclet frame type 5 for `SP_to_FPLR_save_delta` using wrong aligned func size;
would be incorrect if one and two SP adjustment full frame aligned sizes are different (e.g.,
if two SP adjustment required two alignment slots and one SP adjustment thus required none).

* Fix default log color behavior when console is redirected (#70504)

* JIT: Model string literal objects as invariant and non-GLOB_REF (#70986)

* Model string literals as invariant/non GLOB_REF

* String literals are never null

* Add support for cross module inlining and cross module generic compilation to Crossgen2 (#68919)

* Add support for cross module inlining and cross module generic compilation to Crossgen2
- Refactor Module into ModuleBase and Module
  - The goal is to have allow a subset version of Module which can only hold refs, this is to be used by the manifest module in an R2R image to allow for version resilient cross module references.
  - Update handling of ModuleBase so that its used everywhere that tokens are parsed from R2R
  - Remove ENCODE_MODULE_ID_FOR_STATICS and ENCODE_ACTIVE_DEPENDENCY
    - These were only used for NGEN, and conflict with easy impelmentation for the ModuleBase concept
  - Remove locking in ENCODE_STRING_HANDLE processing, and tweak comments. Comments applied to the removed ngen based code, and the lock was only necessary for the old ngen thing.
  - Adjust ComputeLoaderModuleWorker for locating loader module
    - Follow comment more accurately, to avoid putting every generic into its definition module. This will make R2R function lookup able to find compiled instantiations in some cases. This may be what we want long term, it may not.
  - Remove MemberRefToDesc map and replace with LookupMap like the other token types. We no longer make use of the hot table, so this is more efficient
    - Also reduces complexity of implementation of ModuleBase

- Build fixup to describe a single method as a standalone blob of data
  - There are parallel implementations in Crossgen2 and in the runtime
  - They produce binary identical output
  - Basic R2RDump support for new fixup

- Adjust module indices used within the R2R format to support a module index which refers to the R2R manifest metadata. This requires bumping the R2R version to 6.2
  - Add a module index between the set of assembly refs in the index 0 module and the set of assembly refs in the R2R manifest metadata

- Adjust compilation dependency rules to include a few critical AsyncStateMachineBox methods

- Remove PEImage handling of native metadata which was duplicative

- Do not enable any more devirtualization than was already in use, even in the cross module compilation scenario. In particular, do not enable devirtualization of methods where the decl method isn't within the version bubble, even if the decl method could be represented with a cross-module reference token. (This could be fixed, but is out of scope for this initial investigation)

Make the compilation deterministic in this new model, even though we are generating new tokens on demand
  - Implement this by detecting when we need new tokens during a compile, and recompiling with new tokens when necessary
  - This may result in compiling the same code as much as twice

Compile the right set of methods with cross module inlining enabled
- Add support for compiling the called virtual methods on generic types
  - This catches the List<T> and Dictionary<TKey,TValue> scenarios

- Add command line switches to enable/disable the new behavior
  - By default the new behavior is not enabled

* Implement Vector128 version of System.Buffers.Text.Base64 DecodeFromUtf8 and EncodeToUtf8 (#70654)

* Implement Vector128 version of System.Buffers.Text.Base64.DecodeFromUtf8

Rework the SS3 into a Vector128 version, and add Arm64 support.

* SSE3 improvements

* Remove superfluous bitwise And

* Add comment to SimdShuffle

* Inline SimdShuffle

* Implement Vector128 version of System.Buffers.Text.Base64.EncodeToUtf8

* Ensure masking on SSE3

Change-Id: I319f94cfc51d0542ae4eb11a8d48b3eb8180553f
CustomizedGitHooks: yes

* Restore asserts and move zero inside the loop

* Neater C# code

Change-Id: I2cbe14f4228f8035e7d213b5b58815c4eee35563
CustomizedGitHooks: yes

* Make SimdShuffle consistent across X64 and Arm64

* Better looking multiply

* Use `gtEffectiveVal` for `GT_ADD` op1 in `optCreateAssertion` (#70228)

* Initial work for comma hoisting in cse

* Formatting

* Adding more ops to comma hoisting

* Set regnum

* Update optcse.cpp

* Using effectiveval instead

* Convert fallback path of GetCommandLineArgs to managed (#70608)

* P/Invoke definition

* Use P/Invoke in managed code

* Update managed call site

* Add test using private reflection

* Native command line should be superset of managed

Co-authored-by: Jan Kotas <[email protected]>

* [wasm] Enabled WasmTestOnBrowser run on Windows for Browser. (#70890)

* Enabled tests - no timeout with new ems. Keeping disabled tests failing from other reasons.

* Added @radical's suggestion.

* Test CI- enable test that are throwing in Debug.

* [wasm][debugger] Fix side effect on Firefox of getting bytes from loaded_files using debugger protocol (#70990)

* Fix 70983

* fix typo

* Fix compilation

* Add AddSystemd() and AddWindowsService() IServiceCollection extension methods (#68580)

* Add AddSystemd() IServiceCollection extension method

* Add AddWindowsService() IServiceCollection extension method

* Don't default to CWD if in C:\Windows\system32
- instead, when CWD is C:\Windows\system32 Hosting will use AppContext.BaseDirectory. This way Windows apps and services that are launched will work by default. HostApplicationBuilder.ContentRootPath can't be changed after construction, so setting it to a workable default for Windows apps.

Co-authored-by: Eric Erhardt <[email protected]>
Co-authored-by: Martin Costello <[email protected]>

* Use RemoteExecutor

* Update src/libraries/Microsoft.Extensions.Hosting/tests/UnitTests/HostTests.cs

* Skip test on Windows nano server

* Respond to PR feedback

Co-authored-by: Eric Erhardt <[email protected]>
Co-authored-by: Martin Costello <[email protected]>

* [main] Update dependencies from dotnet/runtime dotnet/xharness dotnet/icu dotnet/emsdk (#70991)

* Update dependencies from https://github.com/dotnet/runtime build 20220619.5

Microsoft.NET.Sdk.IL , Microsoft.NETCore.App.Runtime.win-x64 , Microsoft.NETCore.DotNetHost , Microsoft.NETCore.DotNetHostPolicy , Microsoft.NETCore.ILAsm , runtime.native.System.IO.Ports , System.Text.Json
 From Version 7.0.0-preview.6.22312.5 -> To Version 7.0.0-preview.6.22319.5

* Update dependencies from https://github.com/dotnet/xharness build 20220620.1

Microsoft.DotNet.XHarness.CLI , Microsoft.DotNet.XHarness.TestRunners.Common , Microsoft.DotNet.XHarness.TestRunners.Xunit
 From Version 1.0.0-prerelease.22314.1 -> To Version 1.0.0-prerelease.22320.1

* Update dependencies from https://github.com/dotnet/icu build 20220620.2

Microsoft.NETCore.Runtime.ICU.Transport
 From Version 7.0.0-preview.6.22313.1 -> To Version 7.0.0-preview.6.22320.2

* Update dependencies from https://github.com/dotnet/emsdk build 20220620.1

Microsoft.NET.Workload.Emscripten.Manifest-7.0.100
 From Version 7.0.0-preview.6.22313.1 -> To Version 7.0.0-preview.6.22320.1

Co-authored-by: dotnet-maestro[bot] <dotnet-maestro[bot]@users.noreply.github.com>

* Windows/Arm64: Use 8.1 atomic instructions if they are available (#70921)

* Use Fast compareexchange, acquire/release

* working windows version

* remove printf

* some more #ifdef

* fix some #ifdef

* optimize EnterObjMonitorHelperSpin

* Remove FastInterlockedCompareExchange64 for now

* Add ZipArchiveEntry.IsEncrypted for password-protection detection (#70036)

* Add ZipArchiveEntry.IsEncrypted for password-protection detection

* Apply suggestions from code review

Co-authored-by: David Cantú <[email protected]>

* Run GenerateReferenceAssemblySource for System.IO.Compression

* Revert WriteAsync default parameter value removal

* Update DeflateStream.WriteAsync to include the default param value

* Revert unrelated change from GenerateReferenceAssemblySource

* Revert unrelated change after syncing with GenerateReferenceAssemblySource

Co-authored-by: David Cantú <[email protected]>

* Exposing IRootFunctions.Hypot and IRootFunctions.Root (#71010)

* Exposing IRootFunctions.Hypot and IRootFunctions.Root

* Adding tests for IRootFunctions.Hypot and IRootFunctions.Root

* Add TarEntry conversion constructors (#70325)

* ref: Conversion constructors

* src: Conversion constructors

* tests: Conversion constructors

* [wasm] Wasm.Build.Tests: disable tests failing on CI (#71020)

* [wasm] Wasm.Build.Tests: disable tests failing on CI

.. due to being oomkill'ed.

* [wasm] Don't fail the job when firefox tests fail, as they are known to be unstable

* Remove allocation in ImmutableArray Builder Sort (#70850)

* Remove allocation in ImmutableArray Builder Sort

`ImmutableArray<T>.Builder.Sort(Comparison<T> comparison)` allocates a new instance of `Comparer<T>` using `comparison`. Then `ArraySort` allocates a new delegate from `comparer.Compare`. Both allocations can be eliminated by calling `Array.Sort<T>(T[] array, Comparison<T> comparison)` directly.

* Sort only valid range of array

* Use MemoryExtensions.Sort where available.

* Update src/libraries/System.Collections.Immutable/src/System/Collections/Immutable/ImmutableArray_1.Builder.cs

Fix spelling mistake.

Co-authored-by: Eirik Tsarpalis <[email protected]>

Co-authored-by: Eirik Tsarpalis <[email protected]>

* [Android] Make sure AdditionalTimeZoneChecks trait is added to xunit-excludes (#70974)

The trait is supposed to be included in System.Runtime tests by default, but wasn't because the _withoutCategories property was in tests.props. As a result, the property was resolved before the .csproj properties. This fix moves the property definition to tests.targets.

Fixes #70482

* Use LastIndexOfAny in GetFileName_Windows (#71032)

* Avoid unnecessary allocations in SanitizeEntryFilePath (#71034)

* Fix Ordinal Ignore Case string compare (#71022)

* Move allocation of command line argument array to C# (#71021)

Also, avoid redundant allocation of managed string for each command line argument.

* Add markdown readme for System.Reflection.MetadataLoadContext (#70610)

* Create README.md

* set red zone size 512 for powerpc64. (#70885)

* Ensure consistent reflectability for generic methods (#70977)

If we have a method body for `SomeMethod<Foo>` and `SomeMethod<T>` was decided to be reflection-visible, ensure `SomeMethod<Foo>` is also reflection-visible.

* Implement NegotiateAuthentication API (#70720)

* WIP: Add implementation of NegotiateAuthentication

Switch System.Net.Http to use NegotiateAuthentication
Fix IsCompleted in managed NTLM implementation

* WIP: Update error code mapping

* Spanify input of GetOutgoingBlob

* Update comments

* Move NegotiateStreamPal.Encrypt/Decrypt to shared sources. Unix implementation already had them and they get trimmed anyway.

* Revert accidental change

* Build fixes.

* Fix error handling condition

* Update error mapping based on HttpListener usage.

* WIP: HttpListener test

* Move workaround from HttpListener to low-level SSPI code

* Fix build

* Clean up

* Revert "WIP: HttpListener test"

This…
@ghost ghost locked as resolved and limited conversation to collaborators Jul 15, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants