From e7145e3651b27d43faf1bb9ee7ebeb582df58141 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?fengbojiang=28=E5=A7=9C=E5=87=A4=E6=B3=A2=29?=
 <fengbojiang@tencent.com>
Date: Wed, 20 Nov 2019 20:41:29 +0800
Subject: [PATCH] FreeBSD: upgrad to FreeBSD-releng-11.0 for some bugs.

---
 freebsd/amd64/amd64/sys_machdep.c          |  5 ++++-
 freebsd/contrib/ipfilter/netinet/ip_frag.c |  2 +-
 freebsd/kern/kern_descrip.c                |  2 +-
 freebsd/kern/kern_linker.c                 | 12 +++++++-----
 freebsd/kern/sys_process.c                 |  4 ++--
 freebsd/kern/sys_socket.c                  |  2 ++
 freebsd/netinet/in_pcb.c                   |  8 ++++----
 freebsd/netinet/tcp_usrreq.c               | 22 +++++++++++-----------
 freebsd/netinet6/ip6_output.c              |  6 +++---
 freebsd/sys/eventhandler.h                 |  7 +++++++
 freebsd/x86/x86/io_apic.c                  | 12 ++++++++++++
 11 files changed, 54 insertions(+), 28 deletions(-)

diff --git a/freebsd/amd64/amd64/sys_machdep.c b/freebsd/amd64/amd64/sys_machdep.c
index 4f85e1f0..24009dba 100644
--- a/freebsd/amd64/amd64/sys_machdep.c
+++ b/freebsd/amd64/amd64/sys_machdep.c
@@ -608,6 +608,8 @@ amd64_set_ldt(td, uap, descs)
 		largest_ld = uap->start + uap->num;
 		if (largest_ld > max_ldt_segment)
 			largest_ld = max_ldt_segment;
+		if (largest_ld < uap->start)
+			return (EINVAL);
 		i = largest_ld - uap->start;
 		mtx_lock(&dt_lock);
 		bzero(&((struct user_segment_descriptor *)(pldt->ldt_base))
@@ -620,7 +622,8 @@ amd64_set_ldt(td, uap, descs)
 		/* verify range of descriptors to modify */
 		largest_ld = uap->start + uap->num;
 		if (uap->start >= max_ldt_segment ||
-		    largest_ld > max_ldt_segment)
+		    largest_ld > max_ldt_segment ||
+		    largest_ld < uap->start)
 			return (EINVAL);
 	}
 
diff --git a/freebsd/contrib/ipfilter/netinet/ip_frag.c b/freebsd/contrib/ipfilter/netinet/ip_frag.c
index 2826d67f..a7082571 100644
--- a/freebsd/contrib/ipfilter/netinet/ip_frag.c
+++ b/freebsd/contrib/ipfilter/netinet/ip_frag.c
@@ -474,7 +474,7 @@ ipfr_frag_new(softc, softf, fin, pass, table
 			  IPFR_CMPSZ)) {
 			RWLOCK_EXIT(lock);
 			FBUMPD(ifs_exists);
-			KFREE(fra);
+			KFREE(fran);
 			return NULL;
 		}
 
diff --git a/freebsd/kern/kern_descrip.c b/freebsd/kern/kern_descrip.c
index 1b95631e..532f43a8 100644
--- a/freebsd/kern/kern_descrip.c
+++ b/freebsd/kern/kern_descrip.c
@@ -2499,7 +2499,7 @@ fget_unlocked(struct filedesc *fdp, int fd, cap_rights_t *needrightsp,
 			 */
 			#pragma GCC diagnostic ignored "-Wcast-qual"
 			fdt = *(struct fdescenttbl * volatile *)&(fdp->fd_files);
-            #pragma GCC diagnostic error "-Wcast-qual"
+			#pragma GCC diagnostic error "-Wcast-qual"
 			continue;
 		}
 		/*
diff --git a/freebsd/kern/kern_linker.c b/freebsd/kern/kern_linker.c
index 4758cdc2..6c653da5 100644
--- a/freebsd/kern/kern_linker.c
+++ b/freebsd/kern/kern_linker.c
@@ -1201,7 +1201,7 @@ out:
 int
 sys_kldstat(struct thread *td, struct kldstat_args *uap)
 {
-	struct kld_file_stat stat;
+	struct kld_file_stat *stat;
 	int error, version;
 
 	/*
@@ -1214,10 +1214,12 @@ sys_kldstat(struct thread *td, struct kldstat_args *uap)
 	    version != sizeof(struct kld_file_stat))
 		return (EINVAL);
 
-	error = kern_kldstat(td, uap->fileid, &stat);
-	if (error != 0)
-		return (error);
-	return (copyout(&stat, uap->stat, version));
+	stat = malloc(sizeof(*stat), M_TEMP, M_WAITOK | M_ZERO);
+	error = kern_kldstat(td, uap->fileid, stat);
+	if (error == 0)
+		error = copyout(stat, uap->stat, version);
+	free(stat, M_TEMP);
+	return (error);
 }
 
 int
diff --git a/freebsd/kern/sys_process.c b/freebsd/kern/sys_process.c
index af71ea87..7ed72b98 100644
--- a/freebsd/kern/sys_process.c
+++ b/freebsd/kern/sys_process.c
@@ -518,6 +518,7 @@ ptrace_lwpinfo_to32(const struct ptrace_lwpinfo *pl,
     struct ptrace_lwpinfo32 *pl32)
 {
 
+	bzero(pl32, sizeof(*pl32));
 	pl32->pl_lwpid = pl->pl_lwpid;
 	pl32->pl_event = pl->pl_event;
 	pl32->pl_flags = pl->pl_flags;
@@ -1229,6 +1230,7 @@ kern_ptrace(struct thread *td, int req, pid_t pid, void *addr, int data)
 		} else
 #endif
 		pl = addr;
+		bzero(pl, sizeof(*pl));
 		pl->pl_lwpid = td2->td_tid;
 		pl->pl_event = PL_EVENT_NONE;
 		pl->pl_flags = 0;
@@ -1249,8 +1251,6 @@ kern_ptrace(struct thread *td, int req, pid_t pid, void *addr, int data)
 				pl->pl_siginfo = td2->td_dbgksi.ksi_info;
 			}
 		}
-		if ((pl->pl_flags & PL_FLAG_SI) == 0)
-			bzero(&pl->pl_siginfo, sizeof(pl->pl_siginfo));
 		if (td2->td_dbgflags & TDB_SCE)
 			pl->pl_flags |= PL_FLAG_SCE;
 		else if (td2->td_dbgflags & TDB_SCX)
diff --git a/freebsd/kern/sys_socket.c b/freebsd/kern/sys_socket.c
index 25ff0722..459aeff6 100644
--- a/freebsd/kern/sys_socket.c
+++ b/freebsd/kern/sys_socket.c
@@ -678,6 +678,7 @@ soaio_process_sb(struct socket *so, struct sockbuf *sb)
 {
 	struct kaiocb *job;
 
+	CURVNET_SET(so->so_vnet);
 	SOCKBUF_LOCK(sb);
 	while (!TAILQ_EMPTY(&sb->sb_aiojobq) && soaio_ready(so, sb)) {
 		job = TAILQ_FIRST(&sb->sb_aiojobq);
@@ -701,6 +702,7 @@ soaio_process_sb(struct socket *so, struct sockbuf *sb)
 	ACCEPT_LOCK();
 	SOCK_LOCK(so);
 	sorele(so);
+	CURVNET_RESTORE();
 }
 
 void
diff --git a/freebsd/netinet/in_pcb.c b/freebsd/netinet/in_pcb.c
index 22730aed..d22b3d6c 100644
--- a/freebsd/netinet/in_pcb.c
+++ b/freebsd/netinet/in_pcb.c
@@ -1126,10 +1126,10 @@ if (lport == 0)
     ifp_sin.sin_len = sizeof(ifp_sin);
     ifa = ifa_ifwithnet((struct sockaddr *)&ifp_sin, 0, RT_ALL_FIBS);
     if (ifa == NULL) {
-    	ifp_sin.sin_addr.s_addr = faddr.s_addr;
-    	ifa = ifa_ifwithnet((struct sockaddr *)&ifp_sin, 0, RT_ALL_FIBS);
-    	if ( ifa == NULL )
-        	return (EADDRNOTAVAIL);
+        ifp_sin.sin_addr.s_addr = faddr.s_addr;
+        ifa = ifa_ifwithnet((struct sockaddr *)&ifp_sin, 0, RT_ALL_FIBS);
+        if ( ifa == NULL )
+            return (EADDRNOTAVAIL);
     }
     ifp = ifa->ifa_ifp;
     while (lport == 0) {
diff --git a/freebsd/netinet/tcp_usrreq.c b/freebsd/netinet/tcp_usrreq.c
index 57c7bc18..85f1d56a 100644
--- a/freebsd/netinet/tcp_usrreq.c
+++ b/freebsd/netinet/tcp_usrreq.c
@@ -1300,16 +1300,16 @@ tcp_connect(struct tcpcb *tp, struct sockaddr *nam, struct thread *td)
         anonport = 1;
     }
 
-	laddr = inp->inp_laddr;
-	lport = inp->inp_lport;
-	error = in_pcbconnect_setup(inp, nam, &laddr.s_addr, &lport,
-	    &inp->inp_faddr.s_addr, &inp->inp_fport, &oinp, td->td_ucred);
-	if (error && oinp == NULL)
-		goto out;
-	if (oinp) {
-		error = EADDRINUSE;
-		goto out;
-	}
+    laddr = inp->inp_laddr;
+    lport = inp->inp_lport;
+    error = in_pcbconnect_setup(inp, nam, &laddr.s_addr, &lport,
+        &inp->inp_faddr.s_addr, &inp->inp_fport, &oinp, td->td_ucred);
+    if (error && oinp == NULL)
+        goto out;
+    if (oinp) {
+        error = EADDRINUSE;
+        goto out;
+    }
 
     inp->inp_laddr = laddr;
 
@@ -1336,7 +1336,7 @@ tcp_connect(struct tcpcb *tp, struct sockaddr *nam, struct thread *td)
         // in_pcbconnect_setup() update inp->inp_faddr/inp->inp_fport, so inp should be rehashed.
         in_pcbrehash(inp);
     }
-    
+
     if (anonport) {
         inp->inp_flags |= INP_ANONPORT;
     }
diff --git a/freebsd/netinet6/ip6_output.c b/freebsd/netinet6/ip6_output.c
index b1cf2ba7..1d79da16 100644
--- a/freebsd/netinet6/ip6_output.c
+++ b/freebsd/netinet6/ip6_output.c
@@ -204,13 +204,13 @@ in6_delayed_cksum(struct mbuf *m, uint32_t plen, u_short offset)
 	offset += m->m_pkthdr.csum_data;	/* checksum offset */
 
 	if (offset + sizeof(u_short) > m->m_len) {
-#ifdef FSTACK
 		printf("%s: delayed m_pullup, m->len: %d plen %u off %u "
+#ifdef FSTACK
 			"csum_flags=%lu\n", __func__, m->m_len, plen, offset,
 			m->m_pkthdr.csum_flags);
 #else
-		    "csum_flags=%b\n", __func__, m->m_len, plen, offset,
-		    (int)m->m_pkthdr.csum_flags, CSUM_BITS);
+			"csum_flags=%b\n", __func__, m->m_len, plen, offset,
+			(int)m->m_pkthdr.csum_flags, CSUM_BITS);
 #endif
 		/*
 		 * XXX this should not happen, but if it does, the correct
diff --git a/freebsd/sys/eventhandler.h b/freebsd/sys/eventhandler.h
index d82ece71..164b0f07 100644
--- a/freebsd/sys/eventhandler.h
+++ b/freebsd/sys/eventhandler.h
@@ -270,4 +270,11 @@ typedef void (*unregister_framebuffer_fn)(void *, struct fb_info *);
 EVENTHANDLER_DECLARE(register_framebuffer, register_framebuffer_fn);
 EVENTHANDLER_DECLARE(unregister_framebuffer, unregister_framebuffer_fn);
 
+/* Veto ada attachment */
+struct cam_path;
+struct ata_params;
+typedef void (*ada_probe_veto_fn)(void *, struct cam_path *,
+    struct ata_params *, int *);
+EVENTHANDLER_DECLARE(ada_probe_veto, ada_probe_veto_fn);
+
 #endif /* _SYS_EVENTHANDLER_H_ */
diff --git a/freebsd/x86/x86/io_apic.c b/freebsd/x86/x86/io_apic.c
index 1a2cc3cf..26fc9e98 100644
--- a/freebsd/x86/x86/io_apic.c
+++ b/freebsd/x86/x86/io_apic.c
@@ -411,6 +411,18 @@ ioapic_assign_cpu(struct intsrc *isrc, u_int apic_id)
 	u_int old_vector, new_vector;
 	u_int old_id;
 
+	/*
+	 * On Hyper-V:
+	 * - Stick to the first cpu for all I/O APIC pins.
+	 * - And don't allow destination cpu changes.
+	 */
+	if (vm_guest == VM_GUEST_HV) {
+		if (intpin->io_vector)
+			return (EINVAL);
+		else
+			apic_id = 0;
+	}
+
 	/*
 	 * keep 1st core as the destination for NMI
 	 */