r329859: Do not include float interfaces when using libsa.
We don't support float in the boot loaders, so don't include
interfaces for float or double in systems headers. In addition, take
the unusual step of spiking double and float to prevent any more
accidental seepage.
MFC r329745: load_elf.c: Use consistent indentation
As noted in D14267 load_elf.c has a variety of indentation styles. Move
to standard 8 column hard tab indents, 4 space second level indents.
Also includes some whitespace cleanups found by clang-format.
MFC r329345: Eliminate bsd.stand.mk and -fPIC 32-bit intel builds
OK. We don't really need a bsd.stand.mk, and it was causing a -fPIC
for the toolchain to be added (bogusly) when building on amd64. Pull
all relevant defs back into defs.mk and delete bsd.stand.mk.
This saves about 15-20k on i386 loader and zfsloader which when
combined with Lua give us a lot more stack space in those constrained
environments.
r329726:
Honor settings for including / excluding cd9660, ufs, ext2fs and msdos.
The Makefile gives the impression that ext2fs and msdos were excluded
(they weren't) and that you could exclude cd9660 and ufs support (you
couldn't). Allow those to be excluded.
We need to look, in the future, at trimming the number of supported
filesystems, and this will make that easier.
r329737:
Purely whitespace changes bringing this file closer to style(9).
Curiously, changing whitespace seems to cause the md5 of the .o files to differ
these days hence the following testing strategy:
r329725:
Consolidate three copies of ZFS commands into a central location.
There's no reason to have multiple copies of lszfs and
reloadbe. Consolidate them into one location. Also ldi_get_size is the
same everywhere (except sparc64). Make it the same everywhere as the
common definition is more general and will work on spar64.
r329831:
Fix userboot w/ ZFS after r329725
r329725 cleaned up ZFS commands duplicated in multiple places, but userboot
was not setting HAVE_ZFS when MK_ZFS != "no". This resulted in a failure to
boot (as seen in PR 226118) in bhyve, with the following message:
/boot/userboot.so: Undefined symbol "ldi_get_size"
Scan only the BLOCK IO MEDIA once instead of each time for each type of
device (fd, cd and hdd).
Leave the mechanism to free and reprobe all devices if one day we want
to implement a "dev rescan" thing.
r329517:
efi: Do not pad the efi devpath structure
r326725:
Import Netflix's efibootmgr to help manage UEFI boot variables
efibootmgr manages the UEFI BootXXXX variables that implement the UEFI
Boot Manager protocol defined in the UEFI standards. It is modeled
after the Linux program of the same name with a mostly compatible set
of command line options. Since there's a fair amount of OS specifioc
code due to differeing names and methods of doing things, the
compatibility isn't 100%.
Basic functionality is implemented, though the more advanced next boot
functionality that's been defined elsewhere is unimplemented.
Submitted by: Matt Williams (with unix / efi path xlate by me)
Sponsored by: Netflix
r326726:
Forgotten in 326725
Release Notes: Yes
r326727:
Remove vestiges of -d and -p commands.
Fix two core dumps when optional data isn't specified.
r326806:
Actually insert the free(d) call missed in r326802.
Noticed by: rpokala@
r327163:
Remove write-only opt and useless optlen variables.
This squashes the warning gebnerated by GCC 6.x. Since
variables that are now removed had come documentation
value, put relevant bits in comment, so they can be
resurrected from there when actually needed.
r327572:
Ensure that we have a description string. When unspecified, default to "".
Sponsored by: Netflix
r327573:
Free options before setting them. This will prevent us from leaking
memory when we have multiple copies of the same option from being
specified.
Sponsored by: Netflix
r327610:
Fix usage strings. -d and -p were removed before this was committed to
FreeBSD, but the strings weren't updated.
Sponsored by: Netflix
r327611:
There's no need / benefit from deleting the variable before we set it.
Sponsored by: Netflix
r327877:
Fix error in determining the next available boot slot.
Sponsored by: Netflix
r331069:
Make not getting BootOrder a warning, not a fatal error when printing.
r323056:
Fix printing File() nodes in device paths.
Device paths encoded into the FILEPATH_DEVICE_PATH are UCS2 not
ASCII/UTF8. Convert to utf8 and print that when printing File
paths. Also, since File may be at the end of a long device path,
output File() around the path so it doesn't just show up as random
nodes that might accidentally match real node paths names and cause
errors.
r323057:
Fix parsing File() nodes in device paths.
o Add File to the mUefiDevicePathLibDevPathFromTextTable table so we
don't include 'File()' in the supposed path name. This happens because
of a possible misfeature in the EDK2 code where any path that's not
recognized is treated as a File() node.
o Convert utf8 input into ucs2 output rather than just copying the
utf8 and hoping for the best (no good comes from that).
o Remove bogus comment about needing to add 1. The dummy array already
is length 1, so that's included in sizeof the struct, so there's no
need to add it.
Sponsored by: Netflix
r323066:
Add UCS2->UTF8 option.
Many UEFI variables are UCS2 strings (some NUL terminated, others
not). Add --utf8 (-u) to convert UCS2 strings to UTF8 before printing.
Sponsored by: Netflix
r323259:
Implement efidp_size
efidp_size will return the size, in bytes, of a EFI device path
structure. This is a convenience wrapper in the same style as the
other linux routines. It's implemented by GetDevicePathSize from EDK2
we already needed for other things.
Sponsored by: Netflix
r323260:
Create efi utility printing routines
Split out asciidump, utf8dump, bindump, and hexdump into a separate
file efiutil.c. Implement new efi_print_load_option for printing out
the EFI_LOADER_OPTION data structure used to specify different options
to the UEFI boot manager.
Sponsored by: Netflix
r323519:
Minor fixes to edge cases in efi_get_next_variable_name
Fix allocating more memory for the names (unlikely to be needed, but
still best to get right) to ask for the length the kernel told use we
needed, not the old length of the variable. Mind the proper NUL that
we add in the space we allocate. Free the old name string before we
allcoate a new one to limit what we leak to the last one (free passed
in name for the last one in the list), and detect the last one by rv
!= 0 and errno == ENOENT, rather then just the former to avoid false
positives if errno happens to be ENOENT on entry.
Sponsored by: Netflix
r325684:
Simplify the efivar interface a little.
We started out having Linux compatible libefivar interfaces. This was
in anticipation of porting the GPL'd efibootmgr to FreeBSD via a
port. However, since we need that functionality in the base, that port
isn't going to happened. It also appears that efivar is a private
library that's not used much outside a command line util and
efibootmgr. Reduce compatibility with the Linux version a little by
removing the mode parameter to efi_set_variable (which was unused on
FreeBSD, and not set to something useful in the code we'd
written). Also remove some efi error routines that were never
implemented and existed only to placate early GPL efibootmgr porting
experiments.
Suggested by: Matt Williams
Sponsored by: Netflix
r326050:
Document what the command line arguments actually do. List some of the
size limitations.
Sponsored by: Netflix
r326051:
This program is more useful if it skips leading whitespace when
parsing a textual UEFI Device Path, since otherwise it things the
passed in path is a filename. While here, reduce the repetition of
8192.
Sponsored by: Netflix
r326231:
Add efidp_format_device_path_node to format a single node in a device
path, much like efidp_format_device_path will format the entire path.
Sponsored by: Netflix
r326287:
efivar: add missing getopt 'u' option
r326457:
Read multiple lines when parsing the data. Allow multiple device paths
to be read when formatting device paths. Set the upper limit to 64k
(most of these paths are < 64 bytes).
Sponsored by: Netflix
r326458:
Create a function to translate UEFI paths to unix paths
efivar_device_path_to_unix_path translates from UEFI to Unix
efivar_unix_path_to_device_path translates from Unix to UEFI
At present, only HD() device types are supported (both GPT and
MBR). CdRom and floppy devices aren't supported. ZFS isn't supported
because there's no way in the UEFI standard to specify a ZFS datastore.
Network devices aren't supported either.
Three forms of Unix path are accepted: /path/to/file (for a mounted
filesystem), //path/to/file (uses the EFI partition on the same disk
as /), and dev:/path/to/file (for unmounted filesystem). Two forms are
produced (the first and last).
Sponsored by: Netflix
r326459:
Add -u (--to-unix) and -e (--to-efi) to convert unix or efi paths to
the other.
Sponsored by: Netflix
r326472:
Add forgotten libgeom.
Sponsored by: Netflix
r326658:
Ensure that "out" is initialized in all error paths.
Reported by: gcc
Reviewed by: cem
Differential Revision: https://reviews.freebsd.org/D13402
r326805:
Iniailize str so ucs2_to_utf8 won't free stack garbage.
r327574:
Set dp to NULL when we free it, and tree a NULL dp as an error
condition. This should prevent a double free. In addition, prevent a
leak by freeing dp each loop and when we're done.
r327575:
Need to convert '/' back to '\' when creating a path. Ideally, this
would be filesystem type dependent, but that's difficult to accomplish
and it's unclear how the UEFI firmware will cope. Be conservative and
make boot loaders cope instead.
Sponsored by: Netflix
r330279:
libefivar: use standard 2-Clause FreeBSD license
Approved by: imp
Sponsored by: The FreeBSD Foundation
MFC r331212,r331213: Move /boot/overlays to /boot/dtb/overlays
r331212: Move /boot/overlays to /boot/dtb/overlays
The former is fairly vague; these are FDT overlays to be applied to the
running system, so /boot/dtb is a sensible location to put it without
cluttering up /boot/dtb even further if desired.
MFC r330005-r330007, r330021, r330029, r330622, r331207: Solo loader.conf(5)
r330005:
Go back to one loader.conf
We really only need one loader.conf. The other loader.conf was created
because the current one took forever to parse in FORTH. That will be
fixed in the next commit.
r330006:
Take a meat cleaver to defaults/loader.conf
Remove almost all of the _load=XXX options (kept only those relevant
to splash screens, since there were other settings).
Remove the excessively cutesy comment blocks.
Remove excessive comments and replace with similar content
Remove gratuitous blank lines (while leaving some)
We have too many modules to list them all here. There's no purpose in
doing so and it's a giant hassle to maintain. In addition the extra
~500 lines slow this down on small platforms. It slowed it down
so much small platforms forked, which caused other issues...
This is a compromise between those two extremes.
r330007:
loader.conf is loader agnostic, so remove 4th references.
r330021:
These two directories build man pages, so it's incorrect to tag them
NO_OBJ. Also, make sure the loader.conf.5 man gets built and installed.
r330029:
Fix a typo: "now" -> "no".
r330622:
loader.conf(5): Document some other settings
These tend to have less coverage in other places and they don't have
defaults as of yet, so mention them here:
- fdt_overlays
- kernels_autodetect (lualoader only)
r331207:
loader.conf: remove obsolete non-x86 beastie menu statement
As of r330005 the same loader.conf defaults are used on all platforms.
stable/11: Bump FreeBSD_Version for recent rc ${name}_limits bits
Some ports had their own interpretation of _limits that conflicted with the
new definition as of r328331. r331880 was an MFC of this commit to
stable/11. Bump FreeBSD_Version in stable/11 following r331880 so that ports
can do the right thing.
MFC r332045: Fix kernel memory disclosure in tcp_ctloutput
strcpy was used to copy a string into a buffer copied to userland, which
left uninitialized data after the terminating 0-byte. Use the same
approach as in tcp_subr.c: strncpy and explicit '\0'.
admbugs: 765, 822
Reported by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Reported by: Vlad Tsyrklevich
Security: Kernel memory disclosure
Sponsored by: The FreeBSD Foundation
MFC r332042: Fix kernel memory disclosure in linux_ioctl_socket
strlcpy is used to copy a string into a buffer to be copied to userland,
previously leaving uninitialized data after the terminating NUL. Zero
the buffer first to avoid a kernel memory disclosure.
admbugs: 765, 811
Reported by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Reported by: Vlad Tsyrklevich
Sponsored by: The FreeBSD Foundation
MFC r331718: stand: Add workaround for HP BIOS issues
hrs@ and kuriyama@ have found that on some HP BIOS, a system will fail to
boot immediately after installation with the claim that it can't work out
which disk they are booting from.
They tracked it down to a buffer overrun, and found that it could be
alleviated by doing a dummy read before-hand.
MFC r331739
1. Add additional debug prints.
2. Break transmit when IFF_DRV_RUNNING is OFF.
3. set desc_count=0 for default case in switch in ql_rcv_isr()
ken [Wed, 4 Apr 2018 18:06:52 +0000 (18:06 +0000)]
MFC r331766, r331768:
------------------------------------------------------------------------
r331766 | ken | 2018-03-30 09:28:25 -0600 (Fri, 30 Mar 2018) | 25 lines
Bring in the Broadcom/Emulex Fibre Channel driver, ocs_fc(4).
The ocs_fc(4) driver supports the following hardware:
Emulex 16/8G FC GEN 5 HBAS
LPe15004 FC Host Bus Adapters
LPe160XX FC Host Bus Adapters
Emulex 32/16G FC GEN 6 HBAS
LPe3100X FC Host Bus Adapters
LPe3200X FC Host Bus Adapters
The driver supports target and initiator mode, and also supports FC-Tape.
Note that the driver only currently works on little endian platforms. It
is only included in the module build for amd64 and i386, and in GENERIC
on amd64 only.
MFC r307826: Use checkyesno instead of rolling my own..
MFC r328949: Fix firstboot fs mount logic
The firstboot logic has an error which causes the filesystem to be
mounted readonly even though root_rw_mount=YES. This fixes the error to
ensure that the root filesystem is mounted rw as expected after the run
of the firstboot scripts.
MFC r331413: efidev: Drop a quick note in about efi_cfgtbl/efi_runtime
There's no real annotation for it, so it's not immediately obvious to the
unfamiliar that these pointers are to locations in the EFI runtime map
unlike the system table pointer immediately above them.
r330868:
EFIRT: SetVirtualAddressMap with 1:1 mapping after exiting boot services
This fixes a problem encountered on the Lenovo Thinkpad X220/Yoga 11e where
runtime services would try to inexplicably jump to other parts of memory
where it shouldn't be when attempting to enumerate EFI vars, causing a
panic.
The virtual mapping is enabled by default and can be disabled by setting
efi_disable_vmap in loader.conf(5).
r331241:
Check if the gettime runtime service is valid.
The U-Boot efi runtime service expects us to set the address map before
calling any runtime services. It will then remap a few functions to their
runtime version. One of these is the gettime function. If we call into
this without having set a runtime map we get a page fault.
Add a check to see if this is valid in efi_init() so we don't try to use
the possibly invalid pointer.
r331361:
Enter into the EFI environment before dereferencing the runtime services
pointer. This may be within the EFI address space and not the FreeBSD
kernel address space.
r331365:
Re-work efidev ordering to fix efirt preloaded by loader on amd64
On amd64, efi_enter calls fpu_kern_enter(). This may not be called until
fpuinitstate has been invoked, resulting in a kernel panic with
efirt_load="YES" in loader.conf(5).
Move fpuinitstate a little earlier in SI_SUB_DRIVERS so that we can squeeze
efirt between it and efirtc at SI_SUB_DRIVERS, SI_ORDER_ANY. efidev must be
after efirt and doesn't really need to be at SI_SUB_DEVFS, so drop it at
SI_SUB_DRIVER, SI_ORDER_ANY.
The not immediately obvious dependency of fpuinitstate by efirt has been
noted in both places.
Convert extres/phy to kobj model. Similarly as other extres pseudo-drivers,
implement phy by using kobj model. This detaches it from provider device, so
single device driver can export multiple different phys. Additionally, this
allows phy to be subclassed to more specialized drivers, like is USB OTG phy,
or PCIe phy with hot-plug capability.
cherry pick from r306197:
Nvidia Tegra 124 and Jetson TK1 related DTS.
r306327:
Update AHCI driver to match new dts tree
r306328:
Update PCI driver to match new dts tree
r308390:
Rework NVIDIA Tegra124 XUSBPAD driver.
- Adapt it for new, incompatible, DT bindings introduced by r306197. -
Add support for USB super speed pads/ports.
r308391:
Add NVIDIA Tegra XHCI driver and coresponding firmware blob.
r310600:
Implement drivers for NVIDIA tegra124 display controller, HDMI source and
host1x module. Unfortunately, tegra124 SoC doesn't have 2D acceleration
engine and 3D requires not yet started nouveau driver.
r314703:
Add support for card detect and write protect gpio pins to Tegra SDHCI.
gordon [Wed, 4 Apr 2018 05:24:59 +0000 (05:24 +0000)]
MFC r331981:
Limit glyph count in vtfont_load to avoid integer overflow.
Invalid font data passed to PIO_VFONT can result in an integer overflow
in glyphsize. Characters may then be drawn on the console using glyph
map entries that point beyond the end of allocated glyph memory,
resulting in a kernel memory disclosure.
Submitted by: emaste
Reported by: Dr. Silvio Cesare of InfoSect
Security: CVE-2018-6917
Security: FreeBSD-SA-18:04.vt
Sponsored by: The FreeBSD Foundation
Make rtld_bind_start() debugger friendly. Save link register and annotate
call frame structure so debugger can unwind call frame created by
rtld_bind_start().
r309531:
Implement fake pmap_mapdev_attr() for ARMv6. This function is referenced,
but never called from DRM2 code. Also, real behavior of pmap_mapdev_attr()
in ARM world is unclear as we don't have any additional attribute for a
device memory type.
r309553:
Fix build breakage caused by r309531.
r309604:
Fix the armv6 build after r309553.
r319896:
Implement tunable CPU quirks. These quirks are intended for optimizing CPU
performance, not for applying errata workarounds. Nobody can expect that
CPU with unfixed errata is stable enough to execute the kernel until quirks
are applied.
r320054:
Manually load tunable CPU quirks. These are needed too early, far before
SYSINIT is processed.
Use the kernel stack in the ARM FBT DTrace provider. This is used to find
the fifth argument to functions being traced, however there was an error
where the userspace stack was being used. This may be invalid leading to
a kernel panic if this address is unmapped.
MFC r321587: cc_cubic: restore braces around if-condition block
r307901 was reverted in r321480, restoring an incorrect block
delimitation bug present in the original cc_cubic commit. Restore
only the bugfix (brace addition) from r307901.
[HEAD revs above; r307901 and r321480 were both merged to stable/11
in r330445.]
CID: 1090182
Reported by: bz
Sponsored by: The FreeBSD Foundation
eugen [Tue, 3 Apr 2018 14:05:40 +0000 (14:05 +0000)]
MFC r331630: Fix instructions in the zfsboot manual page.
zfsloader(8) fails to probe a slice containing ZFS pool if its second sector
contains traces of BSD label (DISKMAGIC == 0x82564557).
Fix manual page to show working example erasing such traces.
MFC r331822:
Reorganize health recovery in mlx5core.
- Move the semaphore locking and unlocking to the same function.
- Flags are no longer needed if the reset and crdump will be done in the
same function.
MFC r331821:
Prepare for FW dump in error state in mlx5core.
- Move firmware dump prep and cleanup to init_one() and remove_one() so that
the init and cleanup will happen only upon driver reload.
- Add some prints to indicate firmware dump.
Upstream DTBs don't provide IRQ lines for the RNG. Moreover, harvesting
bytes as often as the RNG interrupt is triggered (87 times per sec) is an
overkill.
For these reasons, get rid of the interrupt mode and make callout mode the
default, with random bits harvested every 4 seconds.
Fix MAC address detection regression introduced by r324184
To accomodate all variaties of Pi DTS files floating around
we look for MAC address property either in DTS node for
USB ethernet (if it exists) or at predefined path
".../usb/hub/ethernet".
After r324184 smsc_fdt_find_eth_node started to return node
with compatibility string "usb424,ec00" as an eth node.
In imported GNU dts files this node still does not have
MAC address related property, and therefor following check for
"mac-address" and "local-mac-address" fails.
To make this logic more robust do not just search for the node
but also make sure it has required property, so if node with
accepted compatibility string exists but doesn't have the
property we fall back to looking for hardoded path mentioned above.
r314672:
[rpi] rpi3 should use the same cpufreq logic as rpi2, not rpi-b
RPi3 cpufreq is more like that on RPi2. Setting arm frequency
above min (say, "sysctl hw.cpufreq.arm_freq=600000001") turns on
turbo mode, and the firmware automatically raises voltage, sets
frequency to max 1200MHz, and throttle when overheat, etc.
Swap if/else parts and use SOC_BCM2835 def so RPi3 can share the
same cpufreq logic as RPi2, instead of falling to that for RPi.
Submitted by: Jia-Shiun Li <jiashiun@gmail.com>
Differential Revision: https://reviews.freebsd.org/D9640
r315967:
[rpi] Use compatibility string from upstream DTB for I2C controller
FreeBSD uses upstream DTB for RPi3 build and compatibility string for
i2c device is different there. Add this new string to compatibility data.
Reported by: Karl Denninger
r324184 by ian:
Allow Raspberry Pi platform and drivers to be configured with upstream DTBs.
- Added more compatibility strings to drivers not yet converted
- Added new RPI platform code compatibility string to match the ones used
upstream
- Adapted RPI and RPI2 DTS to match the new platform code compatibility
string
The goal is to use the upstream DTBs as a replacement for our custom one.
This is now possible with these changes.
Additionally, as the RPI firmware automatically chooses the right DTB for
us, this would allow to have one common armv6 kernel for RPI0 and RPI1
(BCM2835-based), and one common armv7 kernel for RPI2 v1.1 (BCM2836-based),
and RPI2 v1.2 / RPI3 (BCM2837-based).
r304488 by manu:
Keep boot parameters in ARM trampoline code
Currently boot parameters (r0 - r3) are forgotten in ARM trampoline code.
This patch save them at startup and restore them before jumping into kernel
_start() routine.
This is usefull when booting with Linux ABI and/or custom bootloader.
r305094 by cognet:
Garbage collect bits forgotten in r295267.
r305096 by cognet:
Some old arm ports don't load the kernel at the beginning of the memory,
because the bootloader, ie redboot, won't let them do so, and so used the
memory before the kernel for early memory allocation, such as pagetables,
stacks, etc...
Make a bit of an effort to try to get that memory mapped.
r305097 by cognet:
Nuke obio_bs_tag, it was used before it was initialized, and
arm_base_bs_tag is the same, anyway.
Random bit generator (RBG) driver for RPi and RPi2.
Summary:
This driver supports the following methods to trigger gathering random bits from the hardware:
1. interrupt when the FIFO is full (default) fed into the harvest queue
2. callout (when BCM2835_RNG_USE_CALLOUT is defined) every second if hz is less than 100, otherwise hz / 100, feeding the random bits into the harvest queue
If the kernel is booted with verbose enabled, the contents of the registers will be dumped after the RBG is started during the attach routine.
Author: hackagadget_gmail.com (Stephen J. Kiernan)
Test Plan: Built RPI2 kernel and booted on board. Tested the different methods to feed the harvest queue (callout, interrupt) and the interrupt driven approach seems best. However, keeping the other method for people to be able to experiment with.
We will be switching to a new arm64 uart cpu driver that handles both FDT
and ACPI. As such pull out what will be the common parts of the FDT cpu
detection to a new function that can be shared between them.
Reviewed by: manu
Obtained from: ABT Systems Ltd
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D7262
MFC r331806:
Add logic for "families" for GCE images.
This allows for GCE consumers to easily detect the latest major
version of FreeBSD when using the gcloud command line utility.
To ensure snapshot builds do not conflict with release-style
builds (ALPHA, BETA, RC, RELEASE), the '-snap' suffix is appended
to the GCE image family name.
avos [Sat, 31 Mar 2018 17:28:30 +0000 (17:28 +0000)]
MFC r324673:
mbuf(9): unbreak m_fragment()
- Fix it by replacing m_cat() with m_prev->m_next = m_new
(m_cat() will try to append data - as a result, there will be no
fragmentation).
- Move some checks out of the loop.
Some variables were renamed (m_final -> m_first, m_new -> m_last)
dim [Sat, 31 Mar 2018 11:38:43 +0000 (11:38 +0000)]
Merge clang, llvm, lld, lldb, compiler-rt and libc++ 6.0.0 release, and
several follow-up fixes.
MFC r327952:
Upgrade our copies of clang, llvm, lld, lldb, compiler-rt and libc++ to
6.0.0 (branches/release_60 r321788). Upstream has branched for the
6.0.0 release, which should be in about 6 weeks. Please report bugs and
regressions, so we can get them into the release.
Please note that from 3.5.0 onwards, clang, llvm and lldb require C++11
support to build; see UPDATING for more information.
MFC r328010:
Pull in r322473 from upstream llvm trunk (by Andrei Elovikov):
[LV] Don't call recordVectorLoopValueForInductionCast for
newly-created IV from a trunc.
Summary:
This method is supposed to be called for IVs that have casts in their
use-def chains that are completely ignored after vectorization under
PSE. However, for truncates of such IVs the same InductionDescriptor
is used during creation/widening of both original IV based on PHINode
and new IV based on TruncInst.
This leads to unintended second call to
recordVectorLoopValueForInductionCast with a VectorLoopVal set to the
newly created IV for a trunc and causes an assert due to attempt to
store new information for already existing entry in the map. This is
wrong and should not be done.
This should fix "Vector value already set for part" assertions when
building the net/iodine and sysutils/daa2iso ports.
Reported by: jbeich
PR: 224867, 224868
MFC r328090:
Pull in r322623 from upstream llvm trunk (by Andrew V. Tischenko):
Allow usage of X86-prefixes as separate instrs.
Differential Revision: https://reviews.llvm.org/D42102
This should fix parse errors when x86 prefixes (such as 'lock' and
'rep') are followed by various non-mnemonic tokens, e.g. comments, .byte
directives and labels.
PR: 224669, 225054
MFC r328091:
Revert r327340, as the workaround for rep prefixes followed by .byte
directives is no longer needed after r328090.
MFC r328141 (by emaste):
lld: Fix for ld.lld does not accept "AT" syntax for declaring LMA region
AT> lma_region expression allows to specify the memory region
for section load address.
Should fix [upstream LLVM] PR35684.
LLVM review: https://reviews.llvm.org/D41397
Obtained from: LLVM r322359 by George Rimar
MFC r328143 (by emaste):
lld: Handle parsing AT(ADDR(.foo-bar)).
The problem we had with it is that anything inside an AT is an
expression, so we failed to parse the section name because of the - in
it.
Requested by: royger
Obtained from: LLVM r322801 by Rafael Espindola
MFC r328144 (by emaste):
lld: Fix incorrect physical address on self-referencing AT command.
When a section placement (AT) command references the section itself,
the physical address of the section in the ELF header was calculated
incorrectly due to alignment happening right after the location
pointer's value was captured.
The problem was diagnosed and the first version of the patch written
by Erick Reyes.
Obtained from: LLVM r322421 by Rafael Espindola
MFC r328145:
Pull in r322016 from upstream llvm trunk (by Sanjay Patel):
[ValueTracking] remove overzealous assert
The test is derived from a failing fuzz test:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5008
Credit to @rksimon for pointing out the problem.
This should fix "Bad flavor while matching min/max" errors when building
the graphics/libsixel and science/kst2 ports.
Reported by: jbeich
PR: 225268, 225269
MFC r328146:
Pull in r322106 from upstream llvm trunk (by Alexey Bataev):
[COST]Fix PR35865: Fix cost model evaluation for shuffle on X86.
Summary:
If the vector type is transformed to non-vector single type, the
compile may crash trying to get vector information about non-vector
type.
This should fix "Not a vector MVT!" errors when building the
games/dhewm3 port.
Reported by: jbeich
PR: 225271
MFC r328286 (by emaste):
lld: Don't mark a shared library as needed because of a lazy symbol.
Obtained from: LLVM r323221 by Rafael Esp?ndola
MFC r328381:
Upgrade our copies of clang, llvm, lld, lldb, compiler-rt and libc++ to
6.0.0 (branches/release_60 r323338).
PR: 224669
MFC r328513:
Pull in r322245 from upstream clang trunk (by Craig Topper):
[X86] Make -mavx512f imply -mfma and -mf16c in the frontend like it
does in the backend.
Similarly, make -mno-fma and -mno-f16c imply -mno-avx512f.
Withou this "-mno-sse -mavx512f" ends up with avx512f being enabled
in the frontend but disabled in the backend.
Reported by: pawel
PR: 225488
MFC r328542 (by emaste):
lld: Use lookup instead of find. NFC, just simpler.
Obtained from: LLVM r323395 by Rafael Espindola
MFC r328543 (by emaste):
lld: Only lookup LMARegion once. NFC.
This is similar to how we handle MemRegion.
Obtained from: LLVM r323396 by Rafael Espindola
MFC r328544 (by emaste):
lld: Remove MemRegionOffset. NFC.
We can just use a member variable in MemoryRegion.
Obtained from: LLVM r323399 by Rafael Espindola
MFC r328545 (by emaste):
lld: Simplify. NFC.
Obtained from: LLVM r323440 by Rafael Espindola
MFC r328546 (by emaste):
lld: Improve LMARegion handling.
This fixes the crash reported at [LLVM] PR36083.
The issue is that we were trying to put all the sections in the same
PT_LOAD and crashing trying to write past the end of the file.
This also adds accounting for used space in LMARegion, without it all
3 PT_LOADs would have the same physical address.
Obtained from: LLVM r323449 by Rafael Espindola
MFC r328547 (by emaste):
lld: Move LMAOffset from the OutputSection to the PhdrEntry. NFC.
If two sections are in the same PT_LOAD, their relatives offsets,
virtual address and physical addresses are all the same.
[Rafael] initially wanted to have a single global LMAOffset, on the
assumption that every ELF file was in practiced loaded contiguously in
both physical and virtual memory.
Unfortunately that is not the case. The linux kernel has:
The delta for all but the third PT_LOAD is the same:
0xffffffff80000000. [Rafael] thinks the 3rd one is a hack for implementing
per cpu data, but we can't break that.
Obtained from: LLVM r323456 by Rafael Espindola
MFC r328548 (by emaste):
lld: Put the header in the first PT_LOAD even if that PT_LOAD has a LMAExpr
The root problem is that we were creating a PT_LOAD just for the header.
That was technically valid, but inconvenient: we should not be making
the ELF discontinuous.
The solution is to allow a section with LMAExpr to be added to a PT_LOAD
if that PT_LOAD doesn't already have a LMAExpr.
LLVM PR: 36017
Obtained from: LLVM r323625 by Rafael Espindola
MFC r328594 (by emaste):
Pull in r322108 from upstream llvm trunk (by Rafael Esp?ndola):
Make one of the emitFill methods non virtual. NFC.
This is just preparatory work to fix [LLVM] PR35858.
MFC r328595 (by emaste):
Pull in r322123 from upstream llvm trunk (by Rafael Esp?ndola):
Don't create MCFillFragment directly.
Instead use higher level APIs that take care of most bookkeeping.
MFC r328596 (by emaste):
Pull in r322131 from upstream llvm trunk (by Rafael Esp?ndola):
Use a MCExpr for the size of MCFillFragment.
This allows the size to be found during ralaxation. This fixes
[LLVM] pr35858.
Requested by: royger
MFC r328753:
Upgrade our copies of clang, llvm, lld, lldb, compiler-rt and libc++ to
6.0.0 (branches/release_60 r323948).
PR: 224669
MFC r328817:
Upgrade our copies of clang, llvm, lld, lldb, compiler-rt and libc++ to
6.0.0 (branches/release_60 r324090).
This introduces retpoline support, with the -mretpoline flag. The
upstream initial commit message (r323155 by Chandler Carruth) contains
quite a bit of explanation. Quoting:
Introduce the "retpoline" x86 mitigation technique for variant #2 of
the speculative execution vulnerabilities disclosed today,
specifically identified by CVE-2017-5715, "Branch Target Injection",
and is one of the two halves to Spectre.
Summary:
First, we need to explain the core of the vulnerability. Note that
this is a very incomplete description, please see the Project Zero
blog post for details:
https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html
The basis for branch target injection is to direct speculative
execution of the processor to some "gadget" of executable code by
poisoning the prediction of indirect branches with the address of
that gadget. The gadget in turn contains an operation that provides a
side channel for reading data. Most commonly, this will look like a
load of secret data followed by a branch on the loaded value and then
a load of some predictable cache line. The attacker then uses timing
of the processors cache to determine which direction the branch took
*in the speculative execution*, and in turn what one bit of the
loaded value was. Due to the nature of these timing side channels and
the branch predictor on Intel processors, this allows an attacker to
leak data only accessible to a privileged domain (like the kernel)
back into an unprivileged domain.
The goal is simple: avoid generating code which contains an indirect
branch that could have its prediction poisoned by an attacker. In
many cases, the compiler can simply use directed conditional branches
and a small search tree. LLVM already has support for lowering
switches in this way and the first step of this patch is to disable
jump-table lowering of switches and introduce a pass to rewrite
explicit indirectbr sequences into a switch over integers.
However, there is no fully general alternative to indirect calls. We
introduce a new construct we call a "retpoline" to implement indirect
calls in a non-speculatable way. It can be thought of loosely as a
trampoline for indirect calls which uses the RET instruction on x86.
Further, we arrange for a specific call->ret sequence which ensures
the processor predicts the return to go to a controlled, known
location. The retpoline then "smashes" the return address pushed onto
the stack by the call with the desired target of the original
indirect call. The result is a predicted return to the next
instruction after a call (which can be used to trap speculative
execution within an infinite loop) and an actual indirect branch to
an arbitrary address.
On 64-bit x86 ABIs, this is especially easily done in the compiler by
using a guaranteed scratch register to pass the target into this
device. For 32-bit ABIs there isn't a guaranteed scratch register
and so several different retpoline variants are introduced to use a
scratch register if one is available in the calling convention and to
otherwise use direct stack push/pop sequences to pass the target
address.
This "retpoline" mitigation is fully described in the following blog
post: https://support.google.com/faqs/answer/7625886
We also support a target feature that disables emission of the
retpoline thunk by the compiler to allow for custom thunks if users
want them. These are particularly useful in environments like
kernels that routinely do hot-patching on boot and want to hot-patch
their thunk to different code sequences. They can write this custom
thunk and use `-mretpoline-external-thunk` *in addition* to
`-mretpoline`. In this case, on x86-64 thu thunk names must be:
```
__llvm_external_retpoline_r11
```
or on 32-bit:
```
__llvm_external_retpoline_eax
__llvm_external_retpoline_ecx
__llvm_external_retpoline_edx
__llvm_external_retpoline_push
```
And the target of the retpoline is passed in the named register, or in
the case of the `push` suffix on the top of the stack via a `pushl`
instruction.
There is one other important source of indirect branches in x86 ELF
binaries: the PLT. These patches also include support for LLD to
generate PLT entries that perform a retpoline-style indirection.
The only other indirect branches remaining that we are aware of are
from precompiled runtimes (such as crt0.o and similar). The ones we
have found are not really attackable, and so we have not focused on
them here, but eventually these runtimes should also be replicated for
retpoline-ed configurations for completeness.
For kernels or other freestanding or fully static executables, the
compiler switch `-mretpoline` is sufficient to fully mitigate this
particular attack. For dynamic executables, you must compile *all*
libraries with `-mretpoline` and additionally link the dynamic
executable and all shared libraries with LLD and pass `-z
retpolineplt` (or use similar functionality from some other linker).
We strongly recommend also using `-z now` as non-lazy binding allows
the retpoline-mitigated PLT to be substantially smaller.
When manually apply similar transformations to `-mretpoline` to the
Linux kernel we observed very small performance hits to applications
running typic al workloads, and relatively minor hits (approximately
2%) even for extremely syscall-heavy applications. This is largely
due to the small number of indirect branches that occur in
performance sensitive paths of the kernel.
When using these patches on statically linked applications,
especially C++ applications, you should expect to see a much more
dramatic performance hit. For microbenchmarks that are switch,
indirect-, or virtual-call heavy we have seen overheads ranging from
10% to 50%.
However, real-world workloads exhibit substantially lower performance
impact. Notably, techniques such as PGO and ThinLTO dramatically
reduce the impact of hot indirect calls (by speculatively promoting
them to direct calls) and allow optimized search trees to be used to
lower switches. If you need to deploy these techniques in C++
applications, we *strongly* recommend that you ensure all hot call
targets are statically linked (avoiding PLT indirection) and use both
PGO and ThinLTO. Well tuned servers using all of these techniques saw
5% - 10% overhead from the use of retpoline.
We will add detailed documentation covering these components in
subsequent patches, but wanted to make the core functionality
available as soon as possible. Happy for more code review, but we'd
really like to get these patches landed and backported ASAP for
obvious reasons. We're planning to backport this to both 6.0 and 5.0
release streams and get a 5.0 release with just this cherry picked
ASAP for distros and vendors.
This patch is the work of a number of people over the past month:
Eric, Reid, Rui, and myself. I'm mailing it out as a single commit
due to the time sensitive nature of landing this and the need to
backport it. Huge thanks to everyone who helped out here, and
everyone at Intel who helped out in discussions about how to craft
this. Also, credit goes to Paul Turner (at Google, but not an LLVM
contributor) for much of the underlying retpoline design.
Pull in r324594 from upstream clang trunk (by Alexander Ivchenko):
Fix for #31362 - ms_abi is implemented incorrectly for values >=16
bytes.
Summary:
This patch is a fix for following issue:
https://bugs.llvm.org/show_bug.cgi?id=31362 The problem was caused by
front end lowering C calling conventions without taking into account
calling conventions enforced by attribute. In this case win64cc was
no correctly lowered on targets other than Windows.
This fixes clang 6.0.0 assertions when building the emulators/wine and
emulators/wine-devel ports, and should also make it use the correct
Windows calling conventions. Bump __FreeBSD_version to make the fix
easy to detect.
PR: 224863
MFC r329223:
Pull in r323998 from upstream clang trunk (by Richard Smith):
PR36157: When injecting an implicit function declaration in C89, find
the right DeclContext rather than injecting it wherever we happen to
be.
This avoids creating functions whose DeclContext is a struct or
similar.
This fixes assertion failures when parsing certain not-completely-valid
struct declarations.
Reported by: ae
PR: 225862
MFC r329410:
Upgrade our copies of clang, llvm, lld, lldb, compiler-rt and libc++ to
6.0.0 (branches/release_60 r325330).
PR: 224669
MFC r329983:
Upgrade our copies of clang, llvm, lld, lldb, compiler-rt and libc++ to
6.0.0 (branches/release_60 r325932). This corresponds to 6.0.0 rc3.
PR: 224669
MFC r330384:
Upgrade our copies of clang, llvm, lld, lldb, compiler-rt and libc++ to
6.0.0 release (upstream r326565).
Release notes for llvm, clang and lld will be available here soon:
<http://releases.llvm.org/6.0.0/docs/ReleaseNotes.html>
<http://releases.llvm.org/6.0.0/tools/clang/docs/ReleaseNotes.html>
<http://releases.llvm.org/6.0.0/tools/lld/docs/ReleaseNotes.html>
Relnotes: yes
PR: 224669
MFC r330686:
Pull in r326882 from upstream llvm trunk (by Sjoerd Meijer):
[ARM] Fix for PR36577
Don't PerformSHLSimplify if the given node is used by a node that
also uses a constant because we may get stuck in an infinite combine
loop.
This fixes an assertion when building the emulators/snes9x port.
Reported by: jbeich
PR: 225471
MFC r331066:
Pull in r321999 from upstream clang trunk (by Ivan A. Kosarev):
[CodeGen] Fix TBAA info for accesses to members of base classes
Resolves:
Bug 35724 - regression (r315984): fatal error: error in backend:
Broken function found (Did not see access type in access path!)
https://bugs.llvm.org/show_bug.cgi?id=35724
This fixes "Did not see access type in access path" fatal errors when
building the devel/gdb port (version 8.1).
Reported by: jbeich
PR: 226658
MFC r331366:
Pull in r327101 from upstream llvm trunk (by Rafael Espindola):
Don't treat .symver as a regular alias definition.
This patch starts simplifying the handling of .symver.
For now it just moves the responsibility for creating an alias down to
the streamer. With that the asm streamer can pass a .symver unchanged,
which is nice since gas cannot parse "foo@bar = zed".
In a followup I hope to move the handling down to the writer so that
we don't need special hacks for avoiding breaking names with @@@ on
windows.
Pull in r327160 from upstream llvm trunk (by Rafael Espindola):
Delay creating an alias for @@@.
With this we only create an alias for @@@ once we know if it should
use @ or @@. This avoids last minutes renames and hacks to handle MS
names.
This only handles the ELF writer. LTO still has issues with @@@
aliases.
Pull in r327928 from upstream llvm trunk (by Vitaly Buka):
Object: Move attribute calculation into RecordStreamer. NFC
Pull in r327930 from upstream llvm trunk (by Vitaly Buka):
Object: Fix handling of @@@ in .symver directive
Summary:
name@@@nodename is going to be replaced with name@@nodename if symbols is
defined in the assembled file, or name@nodename if undefined.
https://sourceware.org/binutils/docs/as/Symver.html