r354663 brooks Nov. 12, 2019, 10:31 p.m.
Don't install duplicate ld-elf.so.1.1 and ld.so.1 links in rtld-elf32.
Do install lib-elf32.so.1.1 and ldd32.1 links.

Reported by:	madpilot
ViewVC
r354662 jhb Nov. 12, 2019, 9:35 p.m.
Reviewed by:	dim
Sponsored by:	DARPA
Differential Revision:	https://reviews.freebsd.org/D22333
ViewVC
r354661 jhb Nov. 12, 2019, 9:29 p.m.
This ensures that a bootstrap clang compiler is always installed as cc
in WORLDTMP.  If it is only installed as 'clang' then /usr/bin/cc is
used during the build instead of the bootstrap compiler.

Reviewed by:	imp
MFC after:	1 month
Sponsored by:	DARPA
Differential Revision:	https://reviews.freebsd.org/D22332
ViewVC
r354660 jhb Nov. 12, 2019, 9:26 p.m.
Reviewed by:	dim, mhorne, emaste
MFC after:	1 month
Sponsored by:	DARPA
Differential Revision:	https://reviews.freebsd.org/D22284
ViewVC
r354659 vmaffione Nov. 12, 2019, 9:07 p.m.
At the end of both mevent_add() and mevent_update(), mevent_notify()
is called to wakeup the I/O thread, that will call kevent(changelist)
to update the kernel.
A race condition is possible where the client calls mevent_add() and
mevent_update(EV_ENABLE) before the I/O thread has the chance to wake
up and call mevent_build()+kevent(changelist) in response to mevent_add().
The mevent_add() is therefore ignored by the I/O thread, and
kevent(fd, EV_ENABLE) is called before kevent(fd, EV_ADD), resuliting
in a failure of the kevent(fd, EV_ENABLE) call.

PR:	241808
Reviewed by:	jhb, markj
MFC with:	r354288
Differential Revision:	https://reviews.freebsd.org/D22286
ViewVC
r354655 scottl Nov. 12, 2019, 7:15 p.m.
mitigation will follow in a future commit.

Sponsored by:	Intel
ViewVC
r354649 kib Nov. 12, 2019, 6:01 p.m.
Disable the use of executable 2M page mappings in EPT-format page
tables on affected CPUs.  For bhyve virtual machines, this effectively
disables all use of superpage mappings on affected CPUs.  The
vm.pmap.allow_2m_x_ept sysctl can be set to override the default and
enable mappings on affected CPUs.

Alternate approaches have been suggested, but at present we do not
believe the complexity is warranted for typical bhyve's use cases.

Reviewed by:	alc, emaste, markj, scottl
Security:	CVE-2018-12207
Sponsored by:	The FreeBSD Foundation
Differential revision:	https://reviews.freebsd.org/D21884
ViewVC
r354648 scottph Nov. 12, 2019, 4:24 p.m.
struct nvdimm_label_index is dynamically sized, with the `free`
bitfield expanding to hold `slot_cnt` entries. Fix a few places
where we were treating the struct as though it had a fixed sized.

Reviewed by:	cem
Approved by:	scottl (mentor)
MFC after:	1 week
Sponsored by:	Intel Corporation
Differential Revision:	https://reviews.freebsd.org/D22253
ViewVC
r354647 kib Nov. 12, 2019, 3:56 p.m.
Save the address of the trap frame in %ebp on kernel entry.  This
automatically provides it in struct i386_frame.f_frame to unwinder.

While there, more accurately handle the terminating frames,

Reviewed by:	avg, markj
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D22321
ViewVC
r354646 kib Nov. 12, 2019, 3:51 p.m.
Reviewed by:	jhb, markj
Tested by:	pho
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D22302
ViewVC
r354645 scottph Nov. 12, 2019, 3:50 p.m.
Apply the same user accessible filter to namespaces as is applied
to full-SPA devices. Also, explicitly filter out control region
SPAs which don't expose the nvdimm data area.

Reviewed by:	cem
Approved by:	scottl (mentor)
MFC after:	1 week
Sponsored by:	Intel Corporation
Differential Revision:	https://reviews.freebsd.org/D21987
ViewVC
r354644 kib Nov. 12, 2019, 3:47 p.m.
to the size of hardware gdt.

Reviewed by:	jhb, markj
Tested by:	pho
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D22302
ViewVC
r354643 bz Nov. 12, 2019, 3:46 p.m.
In ip6_[direct_]input() we are looping over the extension headers
to deal with the next header.  We pass a pointer to an mbuf pointer
to the handling functions.  In certain cases the mbuf can be updated
there and we need to pass the new one back.  That missing in
dest6_input() and route6_input().  In tcp6_input() we should also
update it before we call tcp_input().

In addition to that mark the mbuf NULL all the times when we return
that we are done with handling the packet and no next header should
be checked (IPPROTO_DONE).  This will eventually allow us to assert
proper behaviour and catch the above kind of errors more easily,
expecting *mp to always be set.

This change is extracted from a larger patch and not an exhaustive
change across the entire stack yet.

PR:			240135
Reported by:		prabhakar.lakhera gmail.com
MFC after:		3 weeks
Sponsored by:		Netflix
ViewVC
r354639 bz Nov. 12, 2019, 1:57 p.m.
The igmp stats tend to print two lines of warning for an unexpected
version and length.  Despite an invalid version and struct size it
continues to try to do something with the data.  Do not try to parse
the remainder of the struct and error on warning.

Note the underlying issue of the data not being available properly
is still there and needs to be fixed seperately.

Reported by:	test cases, lwhsu
MFC after:	3 weeks
ViewVC
r354638 avg Nov. 12, 2019, 11 a.m.
Discussed with:	kib, royger
MFC after:	3 weeks
Sponsored by:	Panzura
ViewVC