[illumos-gate merge]

commit 75f3d687b66304117c7ea9676a959382b37e6ad4
    11112 sys/null.h: make NULL void *
commit 57d1724de89ec4a493f9795169bfee3f470b7c6d
    11635 ip: passing argument 2 of 'cc_cong_signal' makes integer from pointer without a cast
commit b77a2dc4455ca028e52fdf96385a530a2d168316
    11628 typos detected by mandoc style
commit b8dadaa8b0556cca0e965ddc197acacafeb40980
    11621 fmadm and fmstat document privileges incorrectly
commit 727feae5cc0661f4ec44e87b934863693bedf87d
    10622 ZFS should still check paths for devices that have no devid
commit e2f631f93662311389118b220daa637b16a612ac
    11576 Want support for ahci LED entries in topo

	Conflicts:
	usr/src/man/man5/privileges.5

15 files changed, 200 insertions, 122 deletions

diff --git a/usr/src/lib/libzfs/Makefile.com b/usr/src/lib/libzfs/Makefile.com
index 355923acae..577fa2fbca 100644
--- a/usr/src/lib/libzfs/Makefile.com
+++ b/usr/src/lib/libzfs/Makefile.com
@@ -22,7 +22,7 @@
 # Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
 # Copyright 2016 Igor Kozhukhov <ikozhukhov@gmail.com>
 # Copyright (c) 2011, 2017 by Delphix. All rights reserved.
-# Copyright (c) 2018, Joyent, Inc.
+# Copyright 2019 Joyent, Inc.
 #
 
 LIBRARY= libzfs.a
@@ -74,7 +74,7 @@ CSTD=	$(CSTD_GNU99)
 C99LMODE=	-Xc99=%all
 LDLIBS +=	-lc -lm -ldevid -lgen -lnvpair -luutil -lavl -lefi \
 	-ladm -lidmap -ltsol -lcryptoutil -lpkcs11 -lmd -lumem -lzfs_core \
-	-lcmdutils
+	-lcmdutils -ldevinfo
 CPPFLAGS +=	$(INCS) -D_LARGEFILE64_SOURCE=1 -D_REENTRANT
 $(NOT_RELEASE_BUILD)CPPFLAGS += -DDEBUG
 
diff --git a/usr/src/lib/libzfs/common/libzfs_impl.h b/usr/src/lib/libzfs/common/libzfs_impl.h
index 82c04798c7..aa420a41a2 100644
--- a/usr/src/lib/libzfs/common/libzfs_impl.h
+++ b/usr/src/lib/libzfs/common/libzfs_impl.h
@@ -24,6 +24,7 @@
  * Copyright (c) 2011 Pawel Jakub Dawidek. All rights reserved.
  * Copyright (c) 2012, Joyent, Inc. All rights reserved.
  * Copyright (c) 2011, 2017 by Delphix. All rights reserved.
+ * Copyright 2019 Joyent, Inc.
  */
 
 #ifndef	_LIBZFS_IMPL_H
@@ -40,6 +41,7 @@
 #include <libzfs.h>
 #include <libshare.h>
 #include <libzfs_core.h>
+#include <libdevinfo.h>
 
 #include <fm/libtopo.h>
 
@@ -90,6 +92,7 @@ struct libzfs_handle {
 	char libzfs_chassis_id[256];
 	boolean_t libzfs_cachedprops;
 	boolean_t libzfs_prop_debug;
+	di_devlink_handle_t libzfs_devlink;
 };
 
 struct zfs_handle {
diff --git a/usr/src/lib/libzfs/common/libzfs_pool.c b/usr/src/lib/libzfs/common/libzfs_pool.c
index 72ac62ec10..ef153c39c9 100644
--- a/usr/src/lib/libzfs/common/libzfs_pool.c
+++ b/usr/src/lib/libzfs/common/libzfs_pool.c
@@ -3695,6 +3695,76 @@ path_to_devid(const char *path)
 	return (ret);
 }
 
+struct path_from_physpath_walker_args {
+	char *pfpwa_path;
+};
+
+/*
+ * Walker for use with di_devlink_walk().  Stores the "/dev" path of the first
+ * primary devlink (i.e., the first devlink which refers to our "/devices"
+ * node) and stops walking.
+ */
+static int
+path_from_physpath_walker(di_devlink_t devlink, void *arg)
+{
+	struct path_from_physpath_walker_args *pfpwa = arg;
+
+	if (di_devlink_type(devlink) != DI_PRIMARY_LINK) {
+		return (DI_WALK_CONTINUE);
+	}
+
+	verify(pfpwa->pfpwa_path == NULL);
+	if ((pfpwa->pfpwa_path = strdup(di_devlink_path(devlink))) != NULL) {
+		return (DI_WALK_TERMINATE);
+	}
+
+	return (DI_WALK_CONTINUE);
+}
+
+/*
+ * Search for a "/dev" path that refers to our physical path.  Returns the new
+ * path if one is found and it does not match the existing "path" value.  If
+ * the value is unchanged, or one could not be found, returns NULL.
+ */
+static char *
+path_from_physpath(libzfs_handle_t *hdl, const char *path,
+    const char *physpath)
+{
+	struct path_from_physpath_walker_args pfpwa;
+
+	if (physpath == NULL) {
+		return (NULL);
+	}
+
+	if (hdl->libzfs_devlink == NULL) {
+		if ((hdl->libzfs_devlink = di_devlink_init(NULL, 0)) ==
+		    DI_LINK_NIL) {
+			/*
+			 * We may not be able to open a handle if this process
+			 * is insufficiently privileged, or we are too early in
+			 * boot for devfsadm to be ready.  Ignore this error
+			 * and defer the path check to a subsequent run.
+			 */
+			return (NULL);
+		}
+	}
+
+	pfpwa.pfpwa_path = NULL;
+	(void) di_devlink_walk(hdl->libzfs_devlink, NULL, physpath,
+	    DI_PRIMARY_LINK, &pfpwa, path_from_physpath_walker);
+
+	if (path != NULL && pfpwa.pfpwa_path != NULL &&
+	    strcmp(path, pfpwa.pfpwa_path) == 0) {
+		/*
+		 * If the path is already correct, no change is required.
+		 */
+		free(pfpwa.pfpwa_path);
+		return (NULL);
+	}
+
+	return (pfpwa.pfpwa_path);
+}
+
 /*
  * Issue the necessary ioctl() to update the stored path value for the vdev.  We
  * ignore any failure here, since a common case is for an unprivileged user to
@@ -3732,11 +3802,9 @@ char *
 zpool_vdev_name(libzfs_handle_t *hdl, zpool_handle_t *zhp, nvlist_t *nv,
     int name_flags)
 {
-	char *path, *devid, *env;
+	char *path, *env;
 	uint64_t value;
 	char buf[64];
-	vdev_stat_t *vs;
-	uint_t vsc;
 
 	env = getenv("ZPOOL_VDEV_NAME_PATH");
 	if (env && (strtoul(env, NULL, 0) > 0 ||
@@ -3759,6 +3827,11 @@ zpool_vdev_name(libzfs_handle_t *hdl, zpool_handle_t *zhp, nvlist_t *nv,
 		(void) snprintf(buf, sizeof (buf), "%llu", (u_longlong_t)value);
 		path = buf;
 	} else if (nvlist_lookup_string(nv, ZPOOL_CONFIG_PATH, &path) == 0) {
+		vdev_stat_t *vs;
+		uint_t vsc;
+		char *newpath = NULL;
+		char *physpath = NULL;
+		char *devid = NULL;
 
 		/*
 		 * If the device is dead (faulted, offline, etc) then don't
@@ -3766,36 +3839,48 @@ zpool_vdev_name(libzfs_handle_t *hdl, zpool_handle_t *zhp, nvlist_t *nv,
 		 * open a misbehaving device, which can have undesirable
 		 * effects.
 		 */
-		if ((nvlist_lookup_uint64_array(nv, ZPOOL_CONFIG_VDEV_STATS,
+		if (nvlist_lookup_uint64_array(nv, ZPOOL_CONFIG_VDEV_STATS,
 		    (uint64_t **)&vs, &vsc) != 0 ||
-		    vs->vs_state >= VDEV_STATE_DEGRADED) &&
-		    zhp != NULL &&
-		    nvlist_lookup_string(nv, ZPOOL_CONFIG_DEVID, &devid) == 0) {
+		    vs->vs_state < VDEV_STATE_DEGRADED ||
+		    zhp == NULL) {
+			goto after_open;
+		}
+
+		if (nvlist_lookup_string(nv, ZPOOL_CONFIG_DEVID, &devid) == 0) {
 			/*
-			 * Determine if the current path is correct.
+			 * This vdev has a devid.  We can use it to check the
+			 * current path.
 			 */
 			char *newdevid = path_to_devid(path);
 
-			if (newdevid == NULL ||
-			    strcmp(devid, newdevid) != 0) {
-				char *newpath;
-
-				if ((newpath = devid_to_path(devid)) != NULL) {
-					/*
-					 * Update the path appropriately.
-					 */
-					set_path(zhp, nv, newpath);
-					if (nvlist_add_string(nv,
-					    ZPOOL_CONFIG_PATH, newpath) == 0)
-						verify(nvlist_lookup_string(nv,
-						    ZPOOL_CONFIG_PATH,
-						    &path) == 0);
-					free(newpath);
-				}
+			if (newdevid == NULL || strcmp(devid, newdevid) != 0) {
+				newpath = devid_to_path(devid);
 			}
 
-			if (newdevid)
+			if (newdevid != NULL)
 				devid_str_free(newdevid);
+
+		} else if (nvlist_lookup_string(nv, ZPOOL_CONFIG_PHYS_PATH,
+		    &physpath) == 0) {
+			/*
+			 * This vdev does not have a devid, but it does have a
+			 * physical path.  Attempt to translate this to a /dev
+			 * path.
+			 */
+			newpath = path_from_physpath(hdl, path, physpath);
+		}
+
+		if (newpath != NULL) {
+			/*
+			 * Update the path appropriately.
+			 */
+			set_path(zhp, nv, newpath);
+			if (nvlist_add_string(nv, ZPOOL_CONFIG_PATH,
+			    newpath) == 0) {
+				verify(nvlist_lookup_string(nv,
+				    ZPOOL_CONFIG_PATH, &path) == 0);
+			}
+			free(newpath);
 		}
 
 		if (name_flags & VDEV_NAME_FOLLOW_LINKS) {
@@ -3807,6 +3892,7 @@ zpool_vdev_name(libzfs_handle_t *hdl, zpool_handle_t *zhp, nvlist_t *nv,
 			}
 		}
 
+after_open:
 		if (strncmp(path, ZFS_DISK_ROOTD, strlen(ZFS_DISK_ROOTD)) == 0)
 			path += strlen(ZFS_DISK_ROOTD);
 
diff --git a/usr/src/lib/libzfs/common/libzfs_util.c b/usr/src/lib/libzfs/common/libzfs_util.c
index f755a43715..47cea3d018 100644
--- a/usr/src/lib/libzfs/common/libzfs_util.c
+++ b/usr/src/lib/libzfs/common/libzfs_util.c
@@ -724,10 +724,12 @@ void
 libzfs_fini(libzfs_handle_t *hdl)
 {
 	(void) close(hdl->libzfs_fd);
-	if (hdl->libzfs_mnttab)
+	if (hdl->libzfs_mnttab != NULL)
 		(void) fclose(hdl->libzfs_mnttab);
-	if (hdl->libzfs_sharetab)
+	if (hdl->libzfs_sharetab != NULL)
 		(void) fclose(hdl->libzfs_sharetab);
+	if (hdl->libzfs_devlink != NULL)
+		(void) di_devlink_fini(&hdl->libzfs_devlink);
 	zfs_uninit_libshare(hdl);
 	zpool_free_handles(hdl);
 	libzfs_fru_clear(hdl, B_TRUE);
diff --git a/usr/src/man/man1m/fmadm.1m b/usr/src/man/man1m/fmadm.1m
index b77aaacf5b..a166e1fe42 100644
--- a/usr/src/man/man1m/fmadm.1m
+++ b/usr/src/man/man1m/fmadm.1m
@@ -1,21 +1,19 @@
 '\" te
 .\" Copyright (c) 2008, Sun Microsystems, Inc. All Rights Reserved.
 .\" Copyright 2012 Joshua M. Clulow <josh@sysmgr.org>
+.\" Copyright 2019 Peter Tribble
 .\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License").  You may not use this file except in compliance with the License.
 .\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing.  See the License for the specific language governing permissions and limitations under the License.
 .\" When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE.  If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
-.TH FMADM 1M "Oct 22, 2008"
+.TH FMADM 1M "Aug 26, 2019"
 .SH NAME
 fmadm \- fault management configuration tool
 .SH SYNOPSIS
-.LP
 .nf
 \fBfmadm\fR [\fB-q\fR] [\fIsubcommand\fR [\fIarguments\fR]]
 .fi
 
 .SH DESCRIPTION
-.sp
-.LP
 The \fBfmadm\fR utility can be used by administrators and service personnel to
 view and modify system configuration parameters maintained by the Fault
 Manager, \fBfmd\fR(1M). \fBfmd\fR receives telemetry information relating to
@@ -56,13 +54,10 @@ to gather more information or perform additional tasks. The documentation for
 to observe fault management activities.
 .sp
 .LP
-The \fBfmadm\fR utility requires the user to possess the \fBSYS_CONFIG\fR
-privilege. Refer to the \fI\fR for more information about how to configure
-privileges. The \fBfmadm\fR \fBload\fR subcommand requires that the
-user possess all privileges.
+The \fBfmadm\fR utility requires the user to possess the \fBPRIV_SYS_ADMIN\fR
+privilege. See \fBprivileges\fR(5). The \fBfmadm\fR \fBload\fR subcommand
+requires that the user possess all privileges.
 .SS "SUBCOMMANDS"
-.sp
-.LP
 \fBfmadm\fR accepts the following subcommands. Some of the subcommands accept
 or require additional options and operands:
 .sp
@@ -385,8 +380,6 @@ logfile to be rotated, if the current one is not zero in size:
 .RE
 
 .SH OPTIONS
-.sp
-.LP
 The following options are supported:
 .sp
 .ne 2
@@ -399,8 +392,6 @@ successful operations to standard output.
 .RE
 
 .SH OPERANDS
-.sp
-.LP
 The following operands are supported:
 .sp
 .ne 2
@@ -422,8 +413,6 @@ as described in \fBSUBCOMMANDS\fR.
 .RE
 
 .SH EXIT STATUS
-.sp
-.LP
 The following exit values are returned:
 .sp
 .ne 2
@@ -454,8 +443,6 @@ Invalid command-line options were specified.
 .RE
 
 .SH ATTRIBUTES
-.sp
-.LP
 See \fBattributes\fR(5) for descriptions of the following attributes:
 .sp
 
@@ -474,13 +461,8 @@ Interface Stability	See below.
 The command-line options are Committed. The human-readable output is
 not-an-interface.
 .SH SEE ALSO
-.sp
-.LP
 \fBfmd\fR(1M), \fBfmdump\fR(1M), \fBfmstat\fR(1M), \fBlogadm\fR(1M),
-\fBsyslogd\fR(1M), \fBattributes\fR(5)
-.sp
-.LP
-\fI\fR
+\fBsyslogd\fR(1M), \fBattributes\fR(5), \fBprivileges\fR(5)
 .sp
 .LP
 http://illumos.org/msg/
diff --git a/usr/src/man/man1m/fmstat.1m b/usr/src/man/man1m/fmstat.1m
index 5c7c21f7a4..6186c124d6 100644
--- a/usr/src/man/man1m/fmstat.1m
+++ b/usr/src/man/man1m/fmstat.1m
@@ -1,24 +1,22 @@
 '\" te
 .\" Copyright (c) 2005, Sun Microsystems, Inc. All Rights Reserved.
+.\" Copyright 2019 Peter Tribble
 .\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License. You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing.
 .\"  See the License for the specific language governing permissions and limitations under the License. When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with
 .\" the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
-.TH FMSTAT 1M "Jun 16, 2009"
+.TH FMSTAT 1M "Aug 26, 2019"
 .SH NAME
 fmstat \- report fault management module statistics
 .SH SYNOPSIS
-.LP
 .nf
 \fBfmstat\fR [\fB-astTz\fR] [\fB-d\fR u | d ] [\fB-m\fR \fImodule\fR] [\fIinterval\fR [\fIcount\fR]]
 .fi
 
 .SH DESCRIPTION
-.sp
-.LP
 The \fBfmstat\fR utility can be used by administrators and service personnel to
-report statistics associated with the Solaris Fault Manager, \fBfmd\fR(1M) and
+report statistics associated with the Fault Manager, \fBfmd\fR(1M) and
 its associated set of modules. The Fault Manager runs in the background on each
-Solaris system. It receives telemetry information relating to problems detected
+system. It receives telemetry information relating to problems detected
 by the system software, diagnoses these problems, and initiates proactive
 self-healing activities such as disabling faulty components.
 .sp
@@ -139,12 +137,9 @@ The amount of persistent buffer space currently allocated by this module.
 
 .sp
 .LP
-The \fBfmstat\fR utility requires the user to posses the \fBSYS_CONFIG\fR
-privilege. Refer to the \fI\fR for more information about how to configure
-Solaris privileges.
+The \fBfmstat\fR utility requires the user to possess the \fBPRIV_SYS_ADMIN\fR
+privilege. See \fBprivileges\fR(5).
 .SH OPTIONS
-.sp
-.LP
 The following options are supported:
 .sp
 .ne 2
@@ -234,8 +229,6 @@ with the \fB-m\fR option.
 .RE
 
 .SH OPERANDS
-.sp
-.LP
 The following operands are supported:
 .sp
 .ne 2
@@ -262,8 +255,6 @@ printed and \fBfmstat\fR exits. If an \fIinterval\fR is specified but no
 \fIcount\fR is specified, \fBfmstat\fR prints reports every \fIinterval\fR
 seconds indefinitely until the command is interrupted.
 .SH EXIT STATUS
-.sp
-.LP
 The following exit values are returned:
 .sp
 .ne 2
@@ -295,8 +286,6 @@ Invalid command-line options were specified.
 .RE
 
 .SH ATTRIBUTES
-.sp
-.LP
 See \fBattributes\fR(5) for descriptions of the following attributes:
 .sp
 
@@ -315,9 +304,5 @@ Interface Stability	See below.
 The command-line options are Evolving. The human-readable default report is
 Unstable. The human-readable module report is Private.
 .SH SEE ALSO
-.sp
-.LP
-\fBfmadm\fR(1M), \fBfmd\fR(1M), \fBfmdump\fR(1M), \fBattributes\fR(5)
-.sp
-.LP
-\fI\fR
+\fBfmadm\fR(1M), \fBfmd\fR(1M), \fBfmdump\fR(1M), \fBattributes\fR(5),
+\fBprivileges\fR(5)
diff --git a/usr/src/man/man3c/thrd_join.3c b/usr/src/man/man3c/thrd_join.3c
index 120e156582..b474f2f183 100644
--- a/usr/src/man/man3c/thrd_join.3c
+++ b/usr/src/man/man3c/thrd_join.3c
@@ -11,7 +11,7 @@
 .\"
 .\" Copyright 2016 Joyent, Inc.
 .\"
-.Dd "Jan 13, 2015"
+.Dd "Aug 27, 2019"
 .Dt THRD_JOIN 3C
 .Os
 .Sh NAME
@@ -27,7 +27,7 @@
 .Sh DESCRIPTION
 The
 .Fn thrd_join
-function suspends the exection of the current thread and waits for the
+function suspends the execution of the current thread and waits for the
 thread indicated by
 .Fa thrd
 to terminate and stores the exit status, as set by a call to
@@ -59,7 +59,7 @@ the system, see
 .Xr pthread_join 3C
 and
 .Xr thr_join 3C .
-.Sh RETURN_VALUES
+.Sh RETURN VALUES
 Upon successful completion, the
 .Fn thrd_join
 function returns
diff --git a/usr/src/man/man3ext/SUNW_C_GetMechSession.3ext b/usr/src/man/man3ext/SUNW_C_GetMechSession.3ext
index 8dc3d31e61..17f15d8794 100644
--- a/usr/src/man/man3ext/SUNW_C_GetMechSession.3ext
+++ b/usr/src/man/man3ext/SUNW_C_GetMechSession.3ext
@@ -3,12 +3,11 @@
 .\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License").  You may not use this file except in compliance with the License.
 .\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing.  See the License for the specific language governing permissions and limitations under the License.
 .\" When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE.  If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
-.TH SUNW_C_GETMECHSESSION 3EXT "April 9, 2016"
+.TH SUNW_C_GETMECHSESSION 3EXT "Aug 27, 2019"
 .SH NAME
 SUNW_C_GetMechSession, SUNW_C_KeyToObject \- PKCS#11 Cryptographic Framework
 functions
 .SH SYNOPSIS
-.LP
 .nf
 cc [ \fIflag \&.\|.\|.\fR ] \fIfile\fR\&.\|.\|. \fB-lpkcs11\fR [ \fIlibrary\&.\|.\|.\fR ]
 #include <security/cryptoki.h>
@@ -26,7 +25,6 @@ cc [ \fIflag \&.\|.\|.\fR ] \fIfile\fR\&.\|.\|. \fB-lpkcs11\fR [ \fIlibrary\&.\|
 .fi
 
 .SH DESCRIPTION
-.LP
 These functions implement the RSA PKCS#11 v2.20 specification by using plug-ins
 to provide the slots.
 .sp
@@ -35,12 +33,12 @@ The \fBSUNW_C_GetMechSession()\fR function initializes the PKCS#11
 cryptographic framework and performs all necessary calls to Standard PKCS#11
 functions (see \fBlibpkcs11\fR(3LIB)) to create a session capable of providing
 operations on the requested mechanism. It is not necessary to call
-\fBC_Initalize()\fR or \fBC_GetSlotList()\fR before the first call to
+\fBC_Initialize()\fR or \fBC_GetSlotList()\fR before the first call to
 \fBSUNW_C_GetMechSession()\fR.
 .sp
 .LP
 If the \fBSUNW_C_GetMechSession()\fR function is called multiple times, it will
-return a new session each time without re-initalizing the framework. If it is
+return a new session each time without re-initializing the framework. If it is
 unable to return a new session, \fBCKR_SESSION_COUNT\fR is returned.
 .sp
 .LP
@@ -52,7 +50,6 @@ The \fBSUNW_C_KeyToObject()\fR function creates a key object for the specified
 mechanism from the \fIrawkey\fR data. The object should be destroyed with
 \fBC_DestroyObject()\fR when it is no longer required.
 .SH RETURN VALUES
-.LP
 The \fBSUNW_C_GetMechSession()\fR function returns the following values:
 .sp
 .ne 2
@@ -163,13 +160,11 @@ A general error occurred.
 The return values of each of the implemented functions are defined and listed
 in the RSA PKCS#11 v2.20 specification. See http://www.rsasecurity.com.
 .SH USAGE
-.LP
 These functions are not part of the RSA PKCS#11 v2.20 specification. They are
 not likely to exist on non-Solaris systems. They are provided as a convenience
 to application programmers. Use of these functions will make the application
 non-portable to other systems.
 .SH ATTRIBUTES
-.LP
 See \fBattributes\fR(5) for descriptions of the following attributes:
 .sp
 
@@ -186,7 +181,6 @@ MT-Level	MT-Safe
 .TE
 
 .SH SEE ALSO
-.LP
 \fBlibpkcs11\fR(3LIB), \fBattributes\fR(5)
 .sp
 .LP
diff --git a/usr/src/man/man3lib/libpkcs11.3lib b/usr/src/man/man3lib/libpkcs11.3lib
index 3de428effd..ac77c1b3a4 100644
--- a/usr/src/man/man3lib/libpkcs11.3lib
+++ b/usr/src/man/man3lib/libpkcs11.3lib
@@ -1,10 +1,11 @@
 .\" Copyright (c) 2008, Sun Microsystems, Inc.  All rights reserved.
 .\" Copyright 2016 Jason King.
+.\" Copyright 2019 Peter Tribble.
 .\"
 .\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License").  You may not use this file except in compliance with the License.
 .\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing.  See the License for the specific language governing permissions and limitations under the License.
 .\" When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE.  If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
-.Dd Oct 19, 2016
+.Dd Aug 27, 2019
 .Dt LIBPKCS11 3LIB
 .Os
 .Sh NAME
@@ -59,7 +60,8 @@ environment variables are used to specify an alternate token object store.
 A user can specify either slot-description in
 .Ev ${METASLOT_OBJECTSTORE_SLOT}
 or token-label in
-.Ev ${METASLOT_OBJECTSTORE_TOKEN} , or both.
+.Ev ${METASLOT_OBJECTSTORE_TOKEN} ,
+or both.
 Valid values for slot-description and token-label are available from output of
 the command:
 .Bd -literal -offset indent
@@ -95,7 +97,7 @@ the policy set by
 .Lp
 This library provides entry points for all PKCS#11 v2.40 functions.
 See the PKCS#11 v2.40 specifications at
-.Lk http://www.oasis-open.org.
+.Lk http://www.oasis-open.org .
 .Lp
 Plug-ins are added to
 .Nm
@@ -108,7 +110,7 @@ The available mechanisms are administered by the
 .Xr cryptoadm 1M
 utility.
 .Lp
-Plug-ins must have all of their library dependancies specified, including
+Plug-ins must have all of their library dependencies specified, including
 .Xr libc 3LIB .
 Libraries that have unresolved symbols, including those from
 .Xr libc 3LIB ,
@@ -206,9 +208,6 @@ The SUNW Extension functions are MT-Safe.
 The PKCS#11 Standard functions are MT-Safe with exceptions.
 See Section 2.5.3 of PKCS#11 Cryptographic Token Usage Guide v2.40 and
 Section 5.1.5 of PKCS#11 Cryptographic Token Interface Base Standard v2.40
-.Sh STANDARD
-The PKCS#11 Standard functions conform to PKCS#11 Cryptographic Token
-Interface Profiles v2.40 Extended Provider.
 .Sh SEE ALSO
 .Xr cryptoadm 1M ,
 .Xr pkgadd 1M ,
@@ -230,6 +229,9 @@ Interface Profiles v2.40 Extended Provider.
 .%T "PKCS#11 Cryptographic Token Interface Usage Guide v2.40"
 .%U http://docs.oasis-open.org/pkcs11/pkcs11-ug/v2.40/pkcs11-ug-v2.40.html
 .Re
+.Sh STANDARDS
+The PKCS#11 Standard functions conform to PKCS#11 Cryptographic Token
+Interface Profiles v2.40 Extended Provider.
 .Sh NOTES
 If an application calls
 .Fn C_WaitForSlotEvent
@@ -245,11 +247,8 @@ is set,
 returns
 .Dv CKR_FUNCTION_FAILED .
 .Lp
-The PKCS#11 library does not work with Netscape 4.\fIx\fR but does work with
-more recent versions of Netscape and Mozilla.
-.Lp
 Because
-.Fn C_Initalize
+.Fn C_Initialize
 might have been called by both an application and a
 library, it is not safe for a library or its plugins to call
 .Fn C_Finalize .
diff --git a/usr/src/man/man3proc/Pisprocdir.3proc b/usr/src/man/man3proc/Pisprocdir.3proc
index 74d9d15428..db0cfeb4fb 100644
--- a/usr/src/man/man3proc/Pisprocdir.3proc
+++ b/usr/src/man/man3proc/Pisprocdir.3proc
@@ -11,7 +11,7 @@
 .\"
 .\" Copyright 2015 Joyent, Inc.
 .\"
-.Dd May 11, 2016
+.Dd Aug 27, 2019
 .Dt PISPROCIDR 3PROC
 .Os
 .Sh NAME
@@ -26,7 +26,7 @@
 .Fa "struct ps_prochandle *P"
 .Fa "const char *dir"
 .Fc
-.Sh DESECRIPTION
+.Sh DESCRIPTION
 The
 .Fn Pisprocdir
 function determines whether or not the directory
diff --git a/usr/src/man/man5/privileges.5 b/usr/src/man/man5/privileges.5
index 0f3f28d8c1..8a5e571993 100644
--- a/usr/src/man/man5/privileges.5
+++ b/usr/src/man/man5/privileges.5
@@ -1,20 +1,20 @@
 '\" te
 .\" Copyright (c) 2009, Sun Microsystems, Inc. All Rights Reserved.
 .\" Copyright 2016, Joyent, Inc. All Rights Reserved.
+.\" Copyright 2019 Peter Tribble
 .\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License. You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing.
 .\"  See the License for the specific language governing permissions and limitations under the License. When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with
 .\" the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
-.TH PRIVILEGES 5 "Feb 28, 2018"
+.TH PRIVILEGES 5 "Aug 26, 2019"
 .SH NAME
 privileges \- process privilege model
 .SH DESCRIPTION
-.LP
-Solaris software implements a set of privileges that provide fine-grained
+In illumos, software implements a set of privileges that provide fine-grained
 control over the actions of processes. The possession of a certain privilege
 allows a process to perform a specific set of restricted operations.
 .sp
 .LP
-The change to a primarily privilege-based security model in the Solaris
+The change to a primarily privilege-based security model in the
 operating system gives developers an opportunity to restrict processes to those
 privileged operations actually needed instead of all (super-user) or no
 privileges (non-zero UIDs). Additionally, a set of previously unrestricted
@@ -651,7 +651,7 @@ Allow a process to enable and disable and manage accounting through
 .sp .6
 .RS 4n
 Allow a process to perform system administration tasks such as setting node and
-domain name and specifying \fBcoreadm\fR(1M) and \fBnscd\fR(1M) settings
+domain name and managing \fBfmd\fR(1M) and \fBnscd\fR(1M).
 .RE
 
 .sp
@@ -865,7 +865,7 @@ bind to NetBIOS or SMB reserved ports: ports 137, 138, 139 (NetBIOS) and 445
 Allow a process to successfully call a third party loadable module that calls
 the kernel \fBsuser()\fR function to check for allowed access. This privilege
 exists only for third party loadable module compatibility and is not used by
-Solaris proper.
+illumos.
 .RE
 
 .sp
@@ -1116,7 +1116,7 @@ in the Limit set (see below) of a process in order for set-uid root \fBexec\fRs
 to be successful, that is, get an effective UID of 0 and additional privileges.
 .sp
 .LP
-The privilege implementation in Solaris extends the process credential with
+The privilege implementation in illumos extends the process credential with
 four privilege sets:
 .sp
 .ne 2
@@ -1279,7 +1279,6 @@ set, the system does not honor the set-uid bit of set-uid root applications.
 The following unsafe privileges have been identified: \fBproc_setid\fR,
 \fBsys_resource\fR and \fBproc_audit\fR.
 .SS "Privilege Escalation"
-.LP
 In certain circumstances, a single privilege could lead to a process gaining
 one or more additional privileges that were not explicitly granted to that
 process. To prevent such an escalation of privileges, the security policy
@@ -1287,7 +1286,7 @@ requires explicit permission for those additional privileges.
 .sp
 .LP
 Common examples of escalation are those mechanisms that allow modification of
-system resources through "raw'' interfaces; for example, changing kernel data
+system resources through "raw" interfaces; for example, changing kernel data
 structures through \fB/dev/kmem\fR or changing files through \fB/dev/dsk/*\fR.
 Escalation also occurs when a process controls processes with more privileges
 than the controlling process. A special case of this is manipulating or
@@ -1303,7 +1302,7 @@ In situations where a process might obtain UID 0, the security policy requires
 additional privileges, up to the full set of privileges. Such restrictions
 could be relaxed or removed at such time as additional mechanisms for
 protection of system files became available. There are no such mechanisms in
-the current Solaris release.
+the current release.
 .sp
 .LP
 The use of UID 0 processes should be limited as much as possible. They should
@@ -1314,7 +1313,6 @@ privileges they need.
 Daemons that never need to \fBexec\fR subprocesses should remove the
 \fBPRIV_PROC_EXEC\fR privilege from their permitted and limit sets.
 .SS "Assigned Privileges and Safeguards"
-.LP
 When privileges are assigned to a user, the system administrator could give
 that user more powers than intended. The administrator should consider whether
 safeguards are needed. For example, if the \fBPRIV_PROC_LOCK_MEMORY\fR
@@ -1322,7 +1320,6 @@ privilege is given to a user, the administrator should consider setting the
 \fBproject.max-locked-memory\fR resource control as well, to prevent that user
 from locking all memory.
 .SS "Privilege Debugging"
-.LP
 When a system call fails with a permission error, it is not always immediately
 obvious what caused the problem. To debug such a problem, you can use a tool
 called \fBprivilege debugging\fR. When privilege debugging is enabled for a
@@ -1342,13 +1339,11 @@ set priv_debug = 1
 .LP
 On a running system, you can use \fBmdb\fR(1) to change this variable.
 .SS "Privilege Administration"
-.LP
 Use \fBusermod\fR(1M) or \fBrolemod\fR(1M)
 to assign privileges to or modify privileges for, respectively, a user or a
 role. Use \fBppriv\fR(1) to enumerate the privileges supported on a system and
 \fBtruss\fR(1) to determine which privileges a program requires.
 .SH SEE ALSO
-.LP
 \fBmdb\fR(1), \fBppriv\fR(1), \fBadd_drv\fR(1M), \fBifconfig\fR(1M),
 \fBlockd\fR(1M), \fBnfsd\fR(1M), \fBpppd\fR(1M), \fBrem_drv\fR(1M),
 \fBsmbd\fR(1M), \fBsppptun\fR(1M), \fBupdate_drv\fR(1M), \fBIntro\fR(2),
diff --git a/usr/src/pkg/manifests/service-fault-management.mf b/usr/src/pkg/manifests/service-fault-management.mf
index 4efb016e26..3549793ce2 100644
--- a/usr/src/pkg/manifests/service-fault-management.mf
+++ b/usr/src/pkg/manifests/service-fault-management.mf
@@ -506,6 +506,7 @@ file path=usr/lib/fm/libtopo.so.1 variant.opensolaris.zone=__NODEFAULT
 #
 file path=usr/lib/fm/topo/maps/xfp-hc-topology.xml mode=0444
 file path=usr/lib/fm/topo/plugins/disk.so mode=0555
+file path=usr/lib/fm/topo/plugins/fac_prov_ahci.so mode=0555
 file path=usr/lib/fm/topo/plugins/fac_prov_ipmi.so mode=0555
 file path=usr/lib/fm/topo/plugins/fac_prov_mptsas.so mode=0555
 file path=usr/lib/fm/topo/plugins/ipmi.so mode=0555
diff --git a/usr/src/uts/common/inet/tcp/tcp_timers.c b/usr/src/uts/common/inet/tcp/tcp_timers.c
index df8b50f345..7d9b449392 100644
--- a/usr/src/uts/common/inet/tcp/tcp_timers.c
+++ b/usr/src/uts/common/inet/tcp/tcp_timers.c
@@ -50,7 +50,7 @@
  * There are two basic functions dealing with tcp timers:
  *
  *	timeout_id_t	tcp_timeout(connp, func, time)
- * 	clock_t		tcp_timeout_cancel(connp, timeout_id)
+ *	clock_t		tcp_timeout_cancel(connp, timeout_id)
  *	TCP_TIMER_RESTART(tcp, intvl)
  *
  * tcp_timeout() starts a timer for the 'tcp' instance arranging to call 'func'
@@ -68,7 +68,7 @@
  * call-back is called.
  *
  * NOTE: The call-back function 'func' is never called if tcp is in
- * 	the TCPS_CLOSED state.
+ *	the TCPS_CLOSED state.
  *
  * tcp_timeout_cancel() attempts to cancel a pending tcp_timeout()
  * request. locks acquired by the call-back routine should not be held across
@@ -78,7 +78,7 @@
  * Otherwise, it returns an integer value greater than or equal to 0.
  *
  * NOTE: both tcp_timeout() and tcp_timeout_cancel() should always be called
- * 	within squeue context corresponding to the tcp instance. Since the
+ *	within squeue context corresponding to the tcp instance. Since the
  *	call-back is also called via the same squeue, there are no race
  *	conditions described in untimeout(9F) manual page since all calls are
  *	strictly serialized.
@@ -419,7 +419,7 @@ tcp_keepalive_timer(void *arg)
 {
 	mblk_t	*mp;
 	conn_t	*connp = (conn_t *)arg;
-	tcp_t  	*tcp = connp->conn_tcp;
+	tcp_t	*tcp = connp->conn_tcp;
 	int32_t	firetime;
 	int32_t	idletime;
 	int32_t	ka_intrvl;
@@ -1067,7 +1067,7 @@ void
 tcp_close_linger_timeout(void *arg)
 {
 	conn_t	*connp = (conn_t *)arg;
-	tcp_t 	*tcp = connp->conn_tcp;
+	tcp_t	*tcp = connp->conn_tcp;
 
 	tcp->tcp_client_errno = ETIMEDOUT;
 	tcp_stop_lingering(tcp);
diff --git a/usr/src/uts/common/io/i40e/i40e_intr.c b/usr/src/uts/common/io/i40e/i40e_intr.c
index 577b760eb2..e3a0d69cc6 100644
--- a/usr/src/uts/common/io/i40e/i40e_intr.c
+++ b/usr/src/uts/common/io/i40e/i40e_intr.c
@@ -465,7 +465,7 @@ i40e_intr_init_queue_msix(i40e_t *i40e)
 		boolean_t head = B_TRUE;
 
 		for (uint_t qidx = vec; qidx < i40e->i40e_num_trqpairs;
-		     qidx += intr_count) {
+		    qidx += intr_count) {
 			uint_t next_qidx = qidx + intr_count;
 
 			next_qidx = (next_qidx > i40e->i40e_num_trqpairs) ?
@@ -757,7 +757,7 @@ i40e_intr_msix(void *arg1, void *arg2)
 	 * performed during i40e_map_intrs_to_vectors().
 	 */
 	for (uint_t i = vector_idx - 1; i < i40e->i40e_num_trqpairs;
-	     i += (i40e->i40e_intr_count - 1)) {
+	    i += (i40e->i40e_intr_count - 1)) {
 		i40e_trqpair_t *itrq = &i40e->i40e_trqpairs[i];
 
 		ASSERT3U(i, <, i40e->i40e_num_trqpairs);
diff --git a/usr/src/uts/common/sys/null.h b/usr/src/uts/common/sys/null.h
index 251dcfc994..dc86fe9e8e 100644
--- a/usr/src/uts/common/sys/null.h
+++ b/usr/src/uts/common/sys/null.h
@@ -20,6 +20,11 @@
 
 #ifndef	NULL
 
+#if defined(__sparc)
+/*
+ * SPARC code is not yet NULL pointer clean.
+ */
+
 /*
  * POSIX.1-2008 requires that the NULL macro be cast to type void *.
  * Historically, this has not been done, so we only enable this in a
@@ -46,6 +51,32 @@
 #endif	/* _LP64 */
 #endif	/* C++11 */
 #endif	/* _XPG7 */
+#else
+/*
+ * POSIX.1-2008 requires that the NULL macro be cast to type void *.
+ */
+
+#if !defined(__cplusplus)
+#define	NULL	((void *)0)
+#else
+
+/*
+ * ISO C++ requires that the NULL macro be a constant integral type evaluating
+ * to zero until C++11, and an integer or pointer literal with value zero from
+ * C++11 onwards.
+ */
+
+#if __cplusplus >= 201103L
+#define	NULL	nullptr
+#else
+#if defined(_LP64)
+#define	NULL	0L
+#else
+#define	NULL	0
+#endif	/* _LP64 */
+#endif	/* C++11 */
+#endif	/* !__cplusplus */
+#endif	/* __sparc */
 
 #endif	/* NULL */