sysutils/cpu-microcode-*: Reorganize CPU microcode ports

Prior to this update, sysutils/devcpu-data, which only contained an RC
script, had run dependencies on the AMD and Intel microcode ports.  This
made it cumbersome to have just the AMD or just the Intel microcode
ports installed.  With this change, the microcode ports now depend on
the RC script.

Other changes:

- Use more intuitive port names: cpu-microcode, cpu-microcode-amd,
  cpu-microcode-intel, and cpu-microcode-rc.
- Add the metaport, cpu-microcode, which pulls in all related ports.
- Pet portclippy/portfmt

Reviewed by:	lwhsu, markj
Approved by:	sbruno (maintainer)
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D41406

2 files changed, 122 insertions, 0 deletions

diff --git a/sysutils/cpu-microcode-rc/files/microcode_update.in b/sysutils/cpu-microcode-rc/files/microcode_update.in
new file mode 100644
index 000000000000..e2ad59592c06
--- /dev/null
+++ b/sysutils/cpu-microcode-rc/files/microcode_update.in
@@ -0,0 +1,77 @@
+#!/bin/sh
+
+# PROVIDE:	microcode_update
+# REQUIRE:	root mountcritlocal
+# KEYWORD:	nojail
+# BEFORE:	SERVERS
+
+#
+# Add the following line to /etc/rc.conf to enable flow-capture:
+# microcode_update_enable (bool):	Set it to "YES" to update microcode on startup
+#					Set to "NO" by default.
+# microcode_update_datadir (str):	Directory, microcode updates stored in.
+#					Default is "%%DATADIR%%"
+# microcode_update_cpus (str):		A list of cpus to update on startup, or "ALL" for all.
+#					Example: microcode_update_cpus="0 1"
+#					Set to "ALL" by default. 
+# microcode_update_flags (str):		Flags for cpucontrol(8).
+
+. /etc/rc.subr
+
+name="microcode_update"
+rcvar=microcode_update_enable
+stop_cmd=":"
+start_cmd="microcode_update_start"
+required_modules="cpuctl"
+
+CMT="/usr/sbin/cpucontrol"
+
+microcode_update_start()
+{
+	echo "Updating CPU Microcode..."
+	if [ "${microcode_update_cpus}" = "ALL" ]; then
+		ncpu=`/sbin/sysctl -n hw.ncpu`
+		cpus=`jot ${ncpu} 0`;
+	else
+		cpus=${microcode_update_cpus}
+	fi
+	for i in ${cpus}; do
+		${CMT} -u ${microcode_update_flags} \
+                    -d "${microcode_update_datadir}" /dev/cpuctl${i} 2>&1 | \
+                    logger -p daemon.notice -t microcode_update || \
+		    (echo "Microcode Update Failed." && exit 1)
+	done
+	if [ "${microcode_update_cpus}" = "ALL" ]; then
+                CPUCONTROL_UPDATED=$(cpucontrol -h 2>&1 | grep -q -- -e; echo $?)
+                if [ ${CPUCONTROL_UPDATED} -ne 0 ]; then
+                        echo "Please update your system in order to update CPU microcode."
+                else
+			${CMT} -e /dev/cpuctl0 >/dev/null 2>&1
+			if [ $? -ne 0 ]; then
+				echo "Re-evalulation of CPU flags Failed."
+				exit 1
+			fi
+                fi
+	fi
+	echo "Done."
+}
+
+load_rc_config $name
+
+# Set default values
+if [ -n "${microcode_cpus}" ]; then
+	if [ -n "${microcode_update_cpus}" ]; then
+		echo "Warning: Ignoring deprecated rc variable, microcode_cpus."
+	else
+		echo "Warning: rc variable microcode_cpus is deprecated.
+Warning: Set microcode_udpate_cpus instead."
+		microcode_update_cpus="${microcode_cpus}"
+        fi
+fi
+
+: ${microcode_update_enable="NO"}
+: ${microcode_update_datadir="%%DATADIR%%"}
+: ${microcode_update_cpus="ALL"}
+: ${microcode_update_flags=""}
+
+run_rc_command "$1"
diff --git a/sysutils/cpu-microcode-rc/files/pkg-message.in b/sysutils/cpu-microcode-rc/files/pkg-message.in
new file mode 100644
index 000000000000..8984694e5476
--- /dev/null
+++ b/sysutils/cpu-microcode-rc/files/pkg-message.in
@@ -0,0 +1,45 @@
+[
+{ type: install
+  message: <<EOM
+This port includes an RC script, which is one of two methods to update
+the CPU microcode on a FreeBSD system.
+
+1. The first method does not require the RC script included here and is
+   only supported with Intel processors.  It is the preferred method,
+   because it ensures that any CPU features introduced by a microcode
+   update are visible to the kernel by applying the update before the
+   kernel performs CPU feature detection.
+
+   To enable updates using the first method, add the following lines to
+   /boot/loader.conf:
+
+   cpu_microcode_load="YES"
+   cpu_microcode_name="/boot/firmware/intel-ucode.bin"
+
+   The microcode update will be loaded when the system is rebooted.
+
+
+2. The second method, which uses the RC script included here, can be
+   enabled by adding the following line to /etc/rc.conf:
+
+   microcode_update_enable="YES"
+
+   The microcode update is then applied upon reboot or when the microcode
+   update service is run via:
+
+   # service microcode_update start
+
+   If the CPU requires a microcode update, a console message such as the
+   following will appear:
+
+   Updating CPU Microcode...
+   %%DATADIR%%/m32306c3_00000022.fw: updating cpu /dev/cpuctl0 from rev 0x17 to rev 0x22... done.
+   %%DATADIR%%/m32306c3_00000022.fw: updating cpu /dev/cpuctl2 from rev 0x17 to rev 0x22... done.
+   %%DATADIR%%/m32306c3_00000022.fw: updating cpu /dev/cpuctl4 from rev 0x17 to rev 0x22... done.
+   %%DATADIR%%/m32306c3_00000022.fw: updating cpu /dev/cpuctl6 from rev 0x17 to rev 0x22... done.
+   Done.
+
+It is safe to enable both methods.
+EOM
+}
+]