3b6268bb manu Feb. 25, 2021, 3:34 p.m.
Even with an absolute offset we want to know the last block the partition
otherwise we endup with an image the size of the metadata.
This allow to create image with the ESP placed at a specific position which
is useful on arm/arm64 where u-boot have always a hard time to read the ESP
if it's not aligned on 512k.
mkimg -v -o sdcard -s gpt -p efi::54M:1M -p freebsd-ufs::1G
now works.

MFC after:	3 days
369706a6 markj Feb. 25, 2021, 3:04 p.m.
dirtybufthresh is a watermark, slightly below the high watermark for
dirty buffers.  When a delayed write is issued, the dirtying thread will
start flushing buffers if the dirtybufthresh watermark is reached.  This
helps ensure that the high watermark is not reached, otherwise
performance will degrade as clustering and other optimizations are
disabled (see buf_dirty_count_severe()).

When the buffer cache was partitioned into "domains", the dirtybufthresh
threshold checks were not updated.  Fix this.

Reported by:	Shrikanth R Kamath <kshrikanth@juniper.net>
Reviewed by:	rlibby, mckusick, kib, bdrewery
Sponsored by:	Juniper Networks, Inc., Klara, Inc.
Fixes:		3cec5c77d6
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D28901
faa998f6 markj Feb. 25, 2021, 3:04 p.m.
Previously sendfile would issue a VOP_GETATTR and use the returned size,
i.e., the file size.  When paging in file data, sendfile_swapin() will
use the pager to determine whether it needs to zero-fill, most often
because of a hole in a sparse file.  An attempt to page in beyond the
end of a file is treated this way, and occurs when the requested page is
past the end of the pager.  In other words, both the file size and pager
size were used interchangeably.

With ZFS, updates to the pager and file sizes are not synchronized by
the exclusive vnode lock, at least partially due to its use of
MNTK_SHARED_WRITES.  In particular, the pager size is updated after the
file size, so in the presence of a writer concurrently extending the
file, sendfile could incorrectly instantiate "holes" in the page cache
pages backing the file, which manifests as data corruption when reading
the file back from the page cache.  The on-disk copy is unaffected.

Fix this by consistently using the pager size when available.

Reported by:	dumbbell
Reviewed by:	chs, kib
Tested by:	dumbbell, pho
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D28811
13ad237a ae Feb. 25, 2021, 1:57 p.m.
Most of table types currently supported by ipfw have only one
algorithm implementation. When user creates such tables, allow
to omit algo name in arguments. E.g. now it is possible:
	ipfw table T1 create type number
	ipfw table T2 create type iface
	ipfw table T3 create type flow

PR:		233072
MFC after:	1 week
Sponsored by:	Yandex LLC
b6a51d39 bapt Feb. 25, 2021, 1:53 p.m.
Reported by:	cy
2a50a9de bapt Feb. 25, 2021, 1:25 p.m.
Tested by:	manu, jbeich
0af562d7 bapt Feb. 25, 2021, 1:25 p.m.
tic is necessary early in the build to be able to build the terminfo
database later on.

Tested by:	manu, jbeich
61f66a1f bapt Feb. 25, 2021, 1:25 p.m.
Along with the termcap database, ncurses will now lookup for the
terminfo database, note that the terminfo database is being looked
up first and then it fallsback on the termcap one.

While here drop our custom reader for the termcap database, over the
time it is needed maintenance to be able to catchup with changes on ncurses

Install the ncurses tools which are needed to deal with the terminfo
database: tic, infocmp, toe

Replace our termcap only aware tools with the ncurses counterpart:
tput, tabs, tset, clear and reset

In particular they can your the extra capabilities described in the
terminfo database, which does not exist in termcap

Note that to add a new terminfo information to the database from ports
the ports will just need to add their extra information into:

Tested by:	jbeich, manu
3fd63ddf andrew Feb. 25, 2021, 12:38 p.m.
In some cases the DELAY implementation on amd64 can recurse on a spin
mutex in the i8254 early delay code. Detect when this is going to
happen and don't call delay in this case. It is safe to not delay here
with the only issue being KCSAN may not detect data races.

Reviewed by:	kib
Tested by:	arichardson
Sponsored by:	Innovate UK
Differential Revision:	https://reviews.freebsd.org/D28895
59f6ddb2 andrew Feb. 25, 2021, 12:38 p.m.
In the Neoverse N1 SDP PCIe driver we need to map a page shared
between the firmware and the kernel. Previously we would use
pmap_kenter for this, however as this is not standardised between
architectures switch to the common pmap_qenter.

While here fix the error handling code to clean up on failure.

Reviewed by:	br
Sponsored by:	Innovate UK
Differential Revision:	https://reviews.freebsd.org/D28890
7a4dbffa kp Feb. 25, 2021, 9:17 a.m.
Ensure that we not only block on some interfaces, but also forward on
some. Without the previous commit we wound up discarding on all ports,
rather than only on the ports needed to break the loop.

MFC after:	1 week
Sponsored by:	Orange Business Services
Differential Revision:	https://reviews.freebsd.org/D28917
f5537cd0 kp Feb. 25, 2021, 9:16 a.m.
Reviewed by:	donner@
MFC after:	1 week
X-MFC-with:	711ed156b94562c3dcb2ee9c1b3f240f960a75d2
Sponsored by:	Orange Business Services
Differential Revision:	https://reviews.freebsd.org/D28916
f3245be3 kp Feb. 25, 2021, 9:13 a.m.
Despite the comment to the contrary neither pf nor carp use
in_addmulti(). Nothing does, so get rid of it.

Carp stopped using it in 08b68b0e4c6b132127919cfbaf7275c727ca7843
(2011). It's unclear when pf stopped using it, but before
d6d3f01e0a3395c1fae34a3c4be7b051cb2d7581 (2012).

Reviewed by:	bz@, melifaro@
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D28918
c861373b jamie Feb. 25, 2021, 5:54 a.m.
Make sure PD_KILL isn't passed to do_jail_attach, where it might end
up trying to kill the caller's prison (even prison0).

Fix the child jail loop in prison_deref_kill, which was doing the
post-order part during the pre-order part.  That's not a system-
killer, but make jails not always die correctly.
19cd12a3 mw Feb. 25, 2021, 5:41 a.m.
MIPS BERI boot loader is built with -mno-abicalls and -fno-pic
so prevent adding PIE-related build flags.

Fix build after 9a227a2fd642 ("Enable PIE by default on 64-bit architectures")

Obtained from: Semihalf
Sponsored by: Stormshield