New stable release: HardenedBSD-stable 10-STABLE v44

Submitted by op on

HardenedBSD-10-STABLE-v44 - https://github.com/HardenedBSD/hardenedBSD-stable/releases/tag/HardenedB...
--------------------------------------

Oliver Pinter (3):
HBSD: fix noexec's paxflags parser
HBSD: update UPDATING-HardenedBSD
HBSD: bump __HardenedBSD_version after ASLR and NOEXEC changes

Oliver Pinter + (23):
Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master

Shawn Webb (7):
HBSD: More HardenedBSD cleanup.
HBSD: Fix tabbing.
HBSD: Do not report ASLR deltas in jail ddb
HBSD: Bump __HardenedBSD_version to 43
HBSD: Update UPDATING-HardenedBSD
HBSD: Fix building with FREEBSD_COMPAT32
HBSD: Change ASLR defaults for 32bit systems.

ae (1):
MFC r296557: Add support for IPPROTO_IPV6 socket layer for getsockopt/setsockopt calls. Also add mapping for several options from RFC 3493 and 3542.

allanjude (1):
MFC: r296988 Remove 50% ZFS conditional from bsdinstall/zfsboot

asomers (2):
MFC r293229, r293833 to usr.sbin/rpcbind
MFC r295900, r295768 to usr.sbin/iostat

bdrewery (6):
MFC r296623:
MFC r296643:
MFC r296707:
MFC r296819:
MFC r296526:
MFC r296585:

dchagin (7):
MFC r297061;
MFC r297062:
MFC r297063: Whitespaces, style(9) fixes. No functional changes.
MFC r296503, r296504:
MFC r296502, r296543, r296546, r297060:
MFC r296501:
Revert r297303.

dumbbell (1):
drm: Fix dev->ioctl_count references leak

hselasky (1):
MFC r292254:

jgh (1):
MFC: 296167

kib (5):
MFC r296388: Pass MNTK_NO_IOPF and MNTK_UNMAPPED_BUFS flags from the lower filesystem to the nullfs mount.
MFC r296467: Convert all panics from the link_elf_obj kernel linker for object files format into printfs and errors to caller.
MFC r297137: Fix typo.
MFC r296652: Do not perform unneccessary shared recursion on the allproc_lock in pfs_visible().
MFC r297206: Fix locking mistake in softdep_waitidle().

mav (66):
MFC r296653: Allow standard commands for "unknown" classes in RESCUE mode.
MFC r296919: Fix small memory leak on attempt to access deleted snapshot.
MFC r256612: MFprojects/camlock r254685: Remove TQ_FLAGS_PENDING flag, softly duplicating queue emptiness status.
MFC r256613, r256862: MFprojects/camlock r254763: Move tq_enqueue() call out of the queue lock for known handlers (actually I have found no others in the base system). This reduces queue lock hold time and congestion spinning under active multithreaded enqueuing.
MFC r264670: MFV r264667:
MFC r271781i (by will): bpobj_iterate_impl(): Close a refcount leak iterating on a sublist.
MFC r277492 (by will): Add vfs.zfs.reference_tracking_enable sysctl/tunable.
MFC r271788 (by will): Enable ZFS debug flags to be modified via vfs.zfs.debug_flags.
MFC r269222: Reschedule the 'deadman' callout after handling, this makes our code behave more like it is on Solaris.
MFC r271785: Reorder sysctls for spa.c global tunables; add sysctl for ccw_retry_interval.
MFC r277300 (by smh): Mechanically convert cddl sun #ifdef's to illumos
MFC r274304 (by delphij): MFV r274272 and diff reduction with upstream.
MFC r286223 (by smh): Fix KSTACK_PAGES check in ZFS module
MFC r277501 (by will): Eliminate an #ifdef illumos for zfs_ioc_rename().
MFC r277503 (by will): Ignore sync requests from the system syncher, i.e. VFS_SYNC(waitfor=MNT_LAZY).
MFC r272359 (by will): zfsvfs_create(): Refuse to mount datasets whose names are too long.
MFC r262990: MFV r262983:
MFV r258597 (by pjd): When append-only, immutable or read-only flag is set don't allow for hard links creation. This matches UFS behaviour.
MFC r274627 (by avg): Revert r269093 which introduced physical zio alignment transform
MFC r290266 (by avg): zfs: allow the lookup of extended attributes of an unlinked file
MFC r291637 (by bdrewery): Fix the build for non-amd64.
MFC r292653 (by bapt): Report an error if zdb cannot initialize zfs
MFC r293677 (by asomers): Record physical path information in ZFS Vdevs
MFC r294625 (by trasz): Fix ru_oublocks accounting for ZFS. There are two code paths that can be called from zfs_write() - one of them, through dmu_write(), was handled correctly; the other wasn't.
MFC r294794: MFV r294793: 6367 spa_config_tryenter incorrectly handles the multiple-lock case
MFC r294797: MFV r294796: 6319 assertion failed in zio_ddt_write: bp->blk_birth == txg
MFC r294799: MFV r294798: 6292 exporting a pool while an async destroy is running can leave entries in the deferred tree
MFC r294801: MFV r294800: 6385 Fix unlocking order in zfs_zget
MFC r294803: MFV r294802: 6334 Cannot unlink files when over quota
MFC r294805: MFV r294804: 6386 Fix function call with uninitialized value in vdev_inuse
MFC r294807: MFV r294806: 6388 Failure of userland copy should return EFAULT
MFC r294809: MFV r294808: 6421 Add missing multilist_destroy calls to arc_fini
MFC r294811: MFV r294810: 6414 vdev_config_sync could be simpler
MFC r294813: MFV r294812: 6434 sa_find_sizes() may compute wrong SA header size
MFC r294815: MFV r294814: 6393 zfs receive a full send as a clone
MFC r294817: MFV r294816: 4986 receiving replication stream fails if any snapshot exceeds refquota
MFC r294820: MFV r294819: 6495 Fix mutex leak in dmu_objset_find_dp
MFC r295047: MFV 295046: 6358 A faulted pool with only unavailable vdevs triggers assertion failure in libzfs
MFC r295125: MFV r294821: 6529 Properly handle updates of variably-sized SA entries.
MFC r296021 (by smh): Removed unused label and fix mutex_exit order
MFC r296510, r296563, r296567: MFV r296505: 6531 Provide mechanism to artificially limit disk performance
MFC r296512: MFV r296511: 6537 Panic on zpool scrub with DEBUG kernel
MFC r296514: MFV r296513: 6450 scrub/resilver unnecessarily traverses snapshots created after the scrub started
MFC r296516: MFV r296515: 6536 zfs send: want a way to disable setting of DRR_FLAG_FREERECORDS
MFC r296519: MFV r296518: 5027 zfs large block support (add copyright)
MFC r296521: MFV r296520: 6562 Refquota on receive doesn't account for overage
MFC r296523: MFV r296522: 6541 Pool feature-flag check defeated if "verify" is included in the dedup property value
MFC r296528: MFV r296527: 6659 nvlist_free(NULL) is a no-op
MFC r296530: MFV r296529: 6672 arc_reclaim_thread() should use gethrtime() instead of ddi_get_lbolt() 6673 want a macro to convert seconds to nanoseconds and vice-versa
MFC r296533: MFV r296532: 6637 replacing "dontclose" with "should_close"
MFC r296535: MFV r296534: 6550 cmd/zfs: cleanup gcc warnings
MFC r296537: MFV r296536: 6551 cmd/zpool: cleanup gcc warnings
MFC r296539: MFV r296538: 6544 incorrect comment in libzfs.h about offline status
MFC r296541: MFV r296540: 4448 zfs diff misprints unicode characters
MFC r296613: Make ZFS more picky to GEOM stripe sizes and offsets.
MFC r296615: Make ZFS ignore stripe sizes above SPA_MAXASHIFT (8KB).
MFC r296617: Revert r292074 (by smh): Limit stripesize reported from nvd(4) to 4K
MFC r277629 (by will): When creating or updating a node, use vfs_timestamp() for "now" instead of gethrestime(), to allow the administrator to decide the appropriate timestamp precision instead of always using nanosecond precision.
MFC r296449: Update meaning of -n argument.
MFC r275137 (by adrian): Add PCI ID for Intel Lynx Point LP controller.
MFC r295463 (by hselasky): Correct PCI device description.
MFC r297049: Add IDs for Intel Wellsburg USB controllers.
MFC r297051: Fix incorrect (fortunately bigger) malloc size.
MFC r296654: Use `geom disk list` instead `camcontrol identify`.
MFC r296655, r296673, r296776: Unify and improve metadata wiping.
MFC r296656: Don't bother to invoke gmirror or zpool if the module is not loaded.

mp (1):
MFC 296416:

ngie (1):
MFC r296766:

np (2):
MFC r277759 (by jhb@)
MFC r279091.

pfg (7):
MFC r294504, r294652, r294653, r294655:
MFC r295811: Ext2: cleanup setting of ctime/mtime/birthtime.
MFC r295822: qlxgb: fix mismatch.
MFC r296816:
MFC r296394: xdr: Fix xdr_rpc* defines.
MFC r297037: aio_qphysio(): Avoid uninitialized pointer read on error.
MFC r296095: rpc: fix failure to clear string by passing the wrong size to memset.

smh (2):
MFC r296922:
MFC r296020: