FreeBSD/src 332855stable 11, stable/11/usr.bin/clang/clang clang.1

MFC r332414:

Regenerate clang man page after upstream change to document the possible
values for the -std= option.

Noticed by:     Steve Kargl
Obtained from:  https://reviews.llvm.org/rL329827

FreeBSD/src 332854head/sys/powerpc/include cpu.h, head/sys/powerpc/powerpc cpu.c

Sync powerpc feature flags with Linux

Not all feature flags are synced.  Those for processors we don't currently
support are ignored currently.  Those that are supported are synced best I
can tell.  One flag was renamed to match the Linux flag name
(PPC_FEATURE2_VCRYPTO -> PPC_FEATURE2_VEC_CRYPTO).

FreeBSD/src 332853head/sys/conf files, head/sys/modules/blake2 Makefile

blake2: Disable warnings (not just error) for code we will not modify

Leave libb2 pristine and silence the warnings for mjg.

FreeBSD/src 332852head/usr.bin/grep file.c

bsdgrep: if chain => switch

This makes some of this a little easier to follow (in my opinion).
DeltaFile
+70-49head/usr.bin/grep/file.c
+70-491 files

FreeBSD/src 332851head/usr.bin/grep util.c

bsdgrep: More trivial cleanup/style cleanup

We can avoid branching for these easily reduced patterns

FreeBSD/src 332850head/usr.bin/grep util.c

bsdgrep: Some light cleanup

There's no point checking for a bunch of file modes if we're not a
practicing believer of DIR_SKIP or DEV_SKIP.

This also reduces some style violations that were particularly ugly looking
when browsing through.

FreeBSD/src 332849head/contrib/llvm/tools/lldb/source/Plugins/Process/FreeBSD ProcessMonitor.cpp

lldb: propagate error to user if memory read fails

Previously, an attempt to read an unreadable access reported zeros:

(lldb) memory read -format hex -size 8 0
0x00000000: 0x0000000000000000 0x0000000000000000
0x00000010: 0x0000000000000000 0x0000000000000000
...

Now, if DoReadMemory encounters error then return 0 (bytes read) so we
report the error to the user:

(lldb) memory read -format hex -size 8 0
error: Bad address

LLVM PR:        37190

MFC after:      1 week
Sponsored by:   The FreeBSD Foundation

FreeBSD/src 332848stable 11, stable/11/tools/tools README

MFC r332673: Remove mention of tools/recoverdisk, now in sbin

PR:            227570

FreeBSD/src 332847projects/pnfs-planb-server/usr.bin pnfsdskill, projects/pnfs-planb-server/usr.bin/pnfsdskill pnfsdskill.c pnfsdskill.1

Add the pnfsdskill command that can be used on the MDS to disable a mirrored
DS.

FreeBSD/src 332846projects/pnfs-planb-server/usr.bin pnfsdscopymr, projects/pnfs-planb-server/usr.bin/pnfsdscopymr pnfsdscopymr.c pnfsdscopymr.1

Add the pnfsdscopymr command that is used to copy a file to a recovered
mirrored DS.

FreeBSD/src 332845projects/pnfs-planb-server/usr.bin/pnfsdsfile pnfsdsfile.c pnfsdsfile.1

Add the "-r" option to be used for mirrored DS recovery, plus a few small fixes.

FreeBSD/src 332844head/usr.sbin/makefs Makefile, head/usr.sbin/makefs/cd9660 Makefile.inc

makefs: tidy up reach-over source

- cd9660 relies on an #include "iso.h" but does not build any .c files
  out of source, so remove reach-over .PATH
- ffs does not rely on any sys/ headers, so remove -I from CFLAGS.
- ffs_tables from sys/ is used by ffs; move the SRCS entry from the top-
  level Makefile to ffs' Makefile.inc.

Sponsored by:   The FreeBSD Foundation

FreeBSD/src 332843head/sys/dev/extres/regulator regulator.c

regulator: Check status before disabling

When disabling regulator when they are unused, check before is they are
enabled.
While here don't check the enable_cnt on the regulator entry as it is
checked by regnode_stop.
This solve the panic on any board using a fixed regulator that is driven
by a gpio when the regulator is unused.

Tested On: OrangePi One
Pointy Hat to:      myself
Reported by:    kevans, Milan Obuch (freebsd-arm at dino.sk)

FreeBSD/src 332842stable 11, stable/11/sys/netinet6 ip6_output.c

MFC r319216:
  Fix an unnecessary/incorrect check in the PKTOPT_EXTHDRCPY macro.

  This macro allocates memory and, if malloc does not return NULL, copies
  data into the new memory. However, it doesn't just check whether malloc
  returns NULL. It also checks whether we called malloc with M_NOWAIT. That
  is not necessary.

  While it may be that malloc() will only return NULL when the M_NOWAIT flag
  is set, we don't need to check for this when checking malloc's return
  value. Further, in this case, the check was not completely accurate,
  because it checked for flags == M_NOWAIT, rather than treating it as a bit
  field and checking for (flags & M_NOWAIT).

Sponsored by:   Netflix, Inc.

FreeBSD/src 332841stable 11, stable/11/sys/netinet6 icmp6.c

MFC r319215:
  Fix two places in the ICMP6 code where we could dereference a NULL pointer
  in the icmp6_input() function.

  When processing an ICMP6_ECHO_REQUEST, if IP6_EXTHDR_GET fails, it will
  set nicmp6 and n to NULL. Therefore, we should condition our modification
  to nicmp6 on n being not NULL.

  And, when processing an ICMP6_WRUREQUEST in the (mode != FQDN) case, if
  m_dup_pkthdr() fails, the code will set n to NULL. However, the very next
  line dereferences n. Therefore, when m_dup_pkthdr() fails, we should
  discontinue further processing and follow the same path as when m_gethdr()
  fails.

Reported by:    clang static analyzer
Sponsored by:   Netflix, Inc.

FreeBSD/src 332840stable 11, stable/11/sys/netinet ip_icmp.c

MFC r319214:
  Enforce the limit on ICMP messages before doing work to formulate the
  response.

  Delete an unneeded rate limit for UDP under IPv6. Because ICMP6
  messages have their own rate limit, it is unnecessary to apply a
  second rate limit to UDP messages.

Sponsored by:   Netflix, Inc.

FreeBSD/src 332839head/sys/gnu/dts/arm omap44xx-clocks.dtsi dra7xx-clocks.dtsi

gnu/dts: Update our copy of arm dts from Linux 4.16

FreeBSD/src 332838svnadmin/conf sizelimit.conf

Don't need the limit anymore.

FreeBSD/src 332837vendor/device-tree 4.16

Tag our copy of Linux 4.16 dts files

FreeBSD/src 332836vendor/device-tree/dist/src/arm dra7xx-clocks.dtsi omap44xx-clocks.dtsi

dts: Update our copy from files from Linux 4.16

FreeBSD/src 332835svnadmin/conf sizelimit.conf

Raise my limit for dts import

FreeBSD/src 332834stable 11, stable/11/sys/net ieee8023ad_lacp.c

MFC r314286:
  Do some minimal work to better conform to the 802.3ad (LACP) standard.
  In particular, don't set the synchronized bit for the peer unless it truly
  appears to be synchronized to us. Also, don't set our own synchronized bit
  unless we have actually seen a remote system.

  Prior to this change, we were seeing some strange behavior, such as:

  1. We send an advertisement with the Activity, Aggregation, and Default
  flags, followed by an advertisement with the Activity, Aggregation,
  Synchronization, and Default flags. However, we hadn't seen an
  advertisement from another peer and were still advertising the default
  (NULL) peer. A closer examination of the in-kernel data structures (using
  kgdb) showed that the system had added the default (NULL) peer as a valid
  aggregator for the segment.
  2. We were receiving an advertisement from a peer that included the
  default (NULL) peer instead of including our system information. However,
  we responded with an advertisement that included the Synchronization flag
  for both our system and the peer. (Since the peer's advertisement did not
  include our system information, we shouldn't add the synchronization bit
  for the peer.)

  This patch corrects those two items.

Sponsored by:   Netflix, Inc.

FreeBSD/src 332833head/contrib/llvm/lib/Target/X86 X86FlagsCopyLowering.cpp X86InstrInfo.cpp

Recommit r332501, with an additional upstream fix for "Cannot lower
EFLAGS copy that lives out of a basic block!" errors on i386.

Pull in r325446 from upstream clang trunk (by me):

  [X86] Add 'sahf' CPU feature to frontend

  Summary:
  Make clang accept `-msahf` (and `-mno-sahf`) flags to activate the
  `+sahf` feature for the backend, for bug 36028 (Incorrect use of
  pushf/popf enables/disables interrupts on amd64 kernels).  This was
  originally submitted in bug 36037 by Jonathan Looney
  <jonlooney at gmail.com>.

  As described there, GCC also uses `-msahf` for this feature, and the
  backend already recognizes the `+sahf` feature. All that is needed is
  to teach clang to pass this on to the backend.

  The mapping of feature support onto CPUs may not be complete; rather,
  it was chosen to match LLVM's idea of which CPUs support this feature
  (see lib/Target/X86/X86.td).

  I also updated the affected test case (CodeGen/attr-target-x86.c) to
  match the emitted output.


    [118 lines not shown]

FreeBSD/src 332832head/usr.bin/grep util.c

bsdgrep: Break procmatches down a little bit more

Split the matching and non-matching cases out into their own functions to
reduce future complexity. As the name implies, procmatches will eventually
process more than one match itself in the future.
DeltaFile
+54-43head/usr.bin/grep/util.c
+54-431 files

FreeBSD/src 332831stable 11, stable/11/sys/kern subr_terminal.c

MFC r314116:
  Fix a panic during boot caused by inadequate locking of some vt(4) driver
  data structures.

  vt_change_font() calls vtbuf_grow() to change some vt driver data
  structures. It uses TF_MUTE to prevent the console from trying to use
  those data structures while it changes them.

  During the early stage of the boot process, the vt driver's tc_done
  routine uses those data structures; however, it is currently called
  outside the TF_MUTE check.

  Move the tc_done routine inside the locked TF_MUTE check.

PR:            217282
Sponsored by:   Netflix, Inc.

FreeBSD/src 332830stable 11, stable/11/sys/dev/acpica acpi_cpu.c

MFC r313447:
  Ensure the idle thread's loop services interrupts in a timely way when
  using the ACPI C1/mwait sleep method.

  Previously, the mwait instruction would return when an interrupt was
  pending; however, the idle loop did not actually enable interrupts when
  this occurred. This led to a situation where the idle loop could quickly
  spin through the C1/mwait sleep method a number of times when an interrupt
  was pending. (Eventually, the situation corrected itself when something
  other than an interrupt triggered the idle loop to either enable
  interrupts or schedule another thread.)

Sponsored by:   Netflix, Inc.

FreeBSD/src 332829stable 11, stable/11/sys/netinet tcp_input.c

MFC r307083:
 Currently, when tcp_input() receives a packet on a session that matches a
 TCPCB, it checks (so->so_options & SO_ACCEPTCONN) to determine whether or
 not the socket is a listening socket. However, this causes the code to
 access a different cacheline. If we first check if the socket is in the
 LISTEN state, we can avoid accessing so->so_options when processing packets
 received for ESTABLISHED sessions.

 If INVARIANTS is defined, the code still needs to access both variables to
 check that so->so_options is consistent with the state.

Sponsored by:   Netflix, Inc.

FreeBSD/src 332828stable 11, stable/11/sys/netinet tcp_output.c

MFC r306768:
  If the new window size is less than the old window size, skip the
  calculations to check if we should advertise a larger window.

FreeBSD/src 332827stable 11, stable/11/sys/amd64/amd64 pmap.c

MFC r330511:
  We shouldn't need to execute code in the recursive page table mappings;
  therefore, it should be safe to set the NX bit on the PML4E for the
  recursive page table mappings.  According to the Intel docs, the effect
  of the NX bit should propogate to any page reached through a PML4E which
  has the NX bit set.

Sponsored by:   Netflix, Inc.

FreeBSD/src 332826stable 11, stable/11/sys/amd64/amd64 pmap.c

MFC r330510:
  Prior to r329071, pmap_bootstrap() used pmap_kmem_choose() to round the
  first available virtual address to a 2MB boundary. After r329071,
  create_pagetables() rounds firstaddr up to a 2MB boundary. This ensures
  the kernel is mapped in super-pages, which is the point of the logic
  in pmap_kmem_choose(). Therefore, it is no longer necessary for
  pmap_bootstrap() to round up to the 2MB boundary again.

  As pmap_bootstrap() was the only user of pmap_kmem_choose(), we can
  delete pmap_kmem_choose().

Sponsored by:   Netflix, Inc.

FreeBSD/src 332825head/lib/libc/sys procctl.2, head/sys/compat/freebsd32 freebsd32_misc.c

Rename PROC_PDEATHSIG_SET -> PROC_PDEATHSIG_CTL and PROC_PDEATHSIG_GET
-> PROC_PDEATHSIG_STATUS for consistency with other procctl(2)
operations names.

Requested by:   emaste
Sponsored by:   The FreeBSD Foundation
MFC after:      13 days

FreeBSD/src 332824stable 11, stable/11/sys/dev/nvme nvme_ns.c

MFC r332780,r332783:
    Intel drives have an optimal alignment for I/O. While they honor I/Os
    that cross this boundary, they perform better when this isn't the
    case. Intel uses the 3rd byte in the vendor specific area for
    this. The DC P3500 was previously listed without any explanation. Add
    the DC P3520 and DC P4500 to the list.

    There won't be any others drives needing this quirk. Intel has
    standardized a field in the namespace data in 1.3 (noiob).  A future
    patch will use that if it exists, with fallback to this method.

    Submitted by: Keith Busch
    Reviewed by: jimharris@
    [[ plus tweak comments from 332783 ]]

Sponsored by: Netflix

FreeBSD/src 332823stable 11, stable/11/sys/amd64/amd64 pmap.c

MFC r329171:
  Mark the pages used for the initial page-table entries as wired. This
  makes them consistent with the way other page-table pages are allocated.
  It also provides the rest of the VM system a good clue that these pages
  are used.

Sponsored by:   Netflix, Inc.

FreeBSD/src 332822stable 11, stable/11/sys/amd64/amd64 pmap.c

MFC r329071:
  On bootup, the amd64 pmap initialization code creates page-table
  mappings for the pages used for the kernel and some initial allocations
  used for the page table. It maps the kernel and the blocks used for
  these initial allocations using 2MB pages.

  However, if the kernel does not end on a 2MB boundary, it still maps the
  last portion using a 2MB page, but reports that the unused 4K blocks
  within this 2MB allocation are free physical blocks. This means that
  these same physical blocks could also be mapped elsewhere - for example,
  into a user process. Given the proximity to the kernel text and data
  area, it seems wise to avoid allowing someone to write data to physical
  blocks also mapped into these virtual addresses.

  (Note that this isn't a security vulnerability: the direct map makes
  most/all memory on the system mapped into kernel space. And, nothing
  in the kernel should be trying to access these pages, as the virtual
  addresses are unused. It simply seems wise to avoid reusing these
  physical blocks while they are mapped to virtual addresses so close
  to the kernel text and data area.)

  Consequently, let's reserve the physical blocks covered by the
  page-table mappings for these initial allocations.

Sponsored by:   Netflix, Inc.

FreeBSD/src 332821stable 11, stable/11/sys/netinet in_pcb.c

MFC r331309:
  If the INP lock is uncontested, avoid taking a reference and jumping
  through the lock-switching hoops.

  A few of the INP lookup operations that lock INPs after the lookup do
  so using this mechanism (to maintain lock ordering):

  1. Lock lookup structure.
  2. Find INP.
  3. Acquire reference on INP.
  4. Drop lock on lookup structure.
  5. Acquire INP lock.
  6. Drop reference on INP.

  This change provides a slightly shorter path for cases where the INP
  lock is uncontested:

  1. Lock lookup structure.
  2. Find INP.
  3. Try to acquire the INP lock.
  4. If successful, drop lock on lookup structure.

  Of course, if the INP lock is contested, the functions will need to
  revert to the previous way of switching locks safely.


    [3 lines not shown]

FreeBSD/src 332820stable 11, stable/11/sys/netinet6 dest6.c ip6_output.c

MFC r331484:
  Remove some unneccessary variable sets in IPv6 code, as detected by
  clang's static analyzer.

Sponsored by:   Netflix, Inc.

FreeBSD/src 332819stable 11, stable/11/sys/netinet6 nd6_nbr.c

MFC r331488:
  This change adds a flag to the DAD entry to indicate whether it is
  currently on the queue. This prevents accidentally doubly-removing a DAD
  entry from the queue, while also simplifying some of the logic in
  nd6_dad_stop().

Sponsored by:   Netflix, Inc.

FreeBSD/src 332818stable 11, stable/11/sys/netinet tcp_seq.h

MFC r331926:
  r330675 introduced an extra window check in the LRO code to ensure it
  captured and reported the highest window advertisement with the same
  SEQ/ACK.  However, the window comparison uses modulo 2**16 math, rather
  than directly comparing the absolute values.  Because windows use
  absolute values and not modulo 2**16 math (i.e. they don't wrap), we
  need to compare the absolute values.

Sponsored by:   Netflix, Inc.

FreeBSD/src 332817stable 11, stable/11/sys/netinet tcp_usrreq.c

MFC r332120:
  If a user closes the socket before we call tcp_usr_abort(), then
  tcp_drop() may unlock the INP.  Currently, tcp_usr_abort() does not
  check for this case, which results in a panic while trying to unlock
  the already-unlocked INP (not to mention, a use-after-free violation).

  Make tcp_usr_abort() check the return value of tcp_drop(). In the case
  where tcp_drop() returns NULL, tcp_usr_abort() can skip further steps
  to abort the connection and simply unlock the INP_INFO lock prior to
  returning.

Sponsored by:   Netflix, Inc.

FreeBSD/src 332816head/sys/kern kern_prot.c kern_jail.c

call racct_proc_ucred_changed() under the proc lock

The lock is required to ensure that the switch to the new credentials
and the transfer of the process's accounting data from the old
credentials to the new ones is done atomically.  Otherwise, some updates
may be applied to the new credentials and then additionally transferred
from the old credentials if the updates happen after proc_set_cred() and
before racct_proc_ucred_changed().

The problem is especially pronounced for RACCT_RSS because
- there is a strict accounting for this resource (it's reclaimable)
- it's updated asynchronously by the vm daemon
- it's updated by setting an absolute value instead of applying a delta

I had to remove a call to rctl_proc_ucred_changed() from
racct_proc_ucred_changed() and make all callers of latter call the
former as well.  The reason is that rctl_proc_ucred_changed, as it is
implemented now, cannot be called while holding the proc lock, so the
lock is dropped after calling racct_proc_ucred_changed.  Additionally,
I've added calls to crhold / crfree around the rctl call, because
without the proc lock there is no gurantee that the new credentials,
owned by the process, will stay stable.  That does not eliminate a
possibility that the credentials passed to the rctl will get stale.
Ideally, rctl_proc_ucred_changed should be able to work under the proc
lock.

    [8 lines not shown]

FreeBSD/src 332815stable/11/sys/pc98/cbus scterm-sck.c

- Use __FBSDID().
- Fix pc98 build.
  Merge from sys/dev/syscons/scterm-teken.c r330918.

FreeBSD/src 332814stable/11/sys/conf files.pc98

MFi386: r329199

  Move signal trampolines out of locore.s into separate source file.

This fixes pc98 build.

FreeBSD/src 332813head/sys/fs/nfsclient nfs_clport.c

Fix use of pointer after being set NULL.

Using a pointer after setting it NULL is probably not a good plan.
Spotted by inspection during changes for Flexible File Layout Ioerr handling.
This code path obviously isn't normally executed.

MFC after:      1 week

FreeBSD/src 332812head/sys/net bpf.c

Add dead_bpf_if structure, that should be used as fake bpf_if
during ifnet detach.

Since destroying interface is not atomic operation and due to the
lack of synhronization during destroy, it is possible, that in the
time between bpfdetach() and if_free() some queued on destroying
interface mbuf will be used by ether_input_internal() and
bpf_peers_present() can dereference NULL bpf_if pointer. To protect
from this, assign pointer to empty bpf_if_ext structure instead of
NULL pointer after bpfdetach().

Reviewed by:    melifaro, eugen
Obtained from:  Yandex LLC
MFC after:      1 week
Sponsored by:   Yandex LLC
Differential Revision:  https://reviews.freebsd.org/D15083
DeltaFile
+5-1head/sys/net/bpf.c
+5-11 files

FreeBSD/src 332811stable 11, stable/11/sys/netpfil/ipfw/nat64 nat64lsn.c

MFC r332467:
  To avoid possible deadlock do not acquire JQUEUE_LOCK before callout_drain.

FreeBSD/src 332810stable 11, stable/11/sys/netinet6 ip6_fastfwd.c

MFC r332475:
  Add check that mbuf had not multicast layer2 address.
  Such packets should be handled by ip6_mforward().

FreeBSD/src 332809head/usr.bin/grep util.c

bsdgrep: Add some TODOs for future work on operating on chunks

FreeBSD/src 332808head/sys/powerpc/aim aim_machdep.c

powerpc64: Set n_slbs = 32 for POWER9

Summary:
POWER9 also contains 32 slbs entries as explained by the POWER9 User Manual:

 "For HPT translation, the POWER9 core contains a unified (combined for both
   instruction and data), 32-entry, fully-associative SLB per thread"

Submitted by:   Breno Leitao
Differential Revision: https://reviews.freebsd.org/D15128

FreeBSD/src 332807head/sys/powerpc/include pcb.h spr.h, head/sys/powerpc/powerpc exec_machdep.c swtch64.S

powerpc64: Add DSCR support

Summary:
Powerpc64 has support for a register called Data Stream Control Register
(DSCR), which basically controls how the hardware controls the caching and
prefetch for stream operations.

Since mfdscr and mtdscr are privileged instructions, we need to emulate them,
and
keep the custom DSCR configuration per thread.

The purpose of this feature is to change DSCR depending on the operation, set
to DSCR Default Prefetch Depth to deepest on string operations, as memcpy.

Submitted by:   Breno Leitao
Differential Revision: https://reviews.freebsd.org/D15081

FreeBSD/src 332806head/usr.bin/grep util.c

bsdgrep: Clean up procmatches a little bit
DeltaFile
+32-31head/usr.bin/grep/util.c
+32-311 files