HardenedBSD-11-STABLE-v1100055.1 - https://github.com/HardenedBSD/hardenedBSD-stable/releases/tag/HardenedB...
Highlights:
- Implement mitigation for Spectre version 2 attacks on ARMv7.
- Limit glyph count in vtfont_load to avoid integer overflow. (5966c5fc6c1941b9d936ad21eb8c8ca9e37a0ec0) [CVE-2018-6917 FreeBSD-SA-18:04.vt]
- Fix several leaks of kernel stack data through paddings. (6cbc066578e9d120086a39fffc9fb76f3a2ae3b1 5a4de6ef78e289193b2b14c0e68ad00443323813) [FreeBSD-SA-Candidate]
- MFC r328331: Support configuring arbitrary limits(1) for any rc.conf daemon (0f8014018211d7891dfa72334526a4c5d7201490)
- MFC r324673: mbuf(9): unbreak m_fragment() (db82dd0a6a9de84e8678be871ebd8821c9802628)
- LLVM 6.0 (6cd0d336d6427448ee7e76d16538cd3420c27526) [SA-18:03.speculative_execution]
- Add an option called "random" that combined with "ether" can generate a random MAC address for an Ethernet interface. (8d44e96c549ac602b1bca95375e9c2acffeb5f1d)
- HBSD MFC r330880: Don't overflow the kernel struct mdio in the MDIOCLIST ioctl. (880d7e96cdd88fdeae5e631ae86db42d2665fa81) [FreeBSD-SA-Candidate]
- MFC r315522: use INT3 instead of NOP for x86 binary padding (71918e8f61597def8a0205b9b259f791777bbdc9)
- MFC r324560: allow posix_fallocate in capability mode (232a0597ebf908a011544eb3ca776206859ab837)
- MFC: r331627 Merge OpenSSL 1.0.2o. (54f770b796bd94590b148914cf8fb487a5e7d885) [CVE-2018-0739 FreeBSD-SA-Candidate]
- Reject CAMIOGET and CAMIOQUEUE ioctl's on pass(4) in 32-bit compat mode. (afaab4bdf5993f92b5013cb423c5c34216bd1319)
- MFC r331333: Fix kernel memory disclosure in drm_infobufs (cb7bbdc0771f4360d3d1c58982075bd522ff7079) [FreeBSD-SA-Candidate]
- MFC r331339: Correct signedness bug in drm_modeset_ctl (54cecb661544f1a1541a1ee37b8b97df6c5eebb1) [FreeBSD-SA-Candidate]
- MFC r325047: dma: fix use-after-free (f4c0052c8e6632871a26af73b98acafe10d1c9c1) [FreeBSD-SA-Candidate]
- MFC r330745: Make root mount timeout logic work for filesystems other than ufs
- Fix information leak in geli(8) integrity mode (c9ede81c61b5d300b5acb89d4167b11f917be4c4) [FreeBSD-SA-Candidate]
- MFC r330034 Fix a memory leak in syslogd
- MFC 328102: Save and restore guest debug registers. (5a911c66c42eba7c480f5f566edcabad716ddbe8) [FreeBSD-SA-Candidate]
- EFI updates
- I2C updates
- LinuxKPI updates
- Raspberry PI updates
- ZFS updates
- indent updates
- less updates
- makefs updates
- mlx4 updates
- mlx5 updates
- pf updates
- syscons updates
Installer images:
http://installer.hardenedbsd.org/pub/HardenedBSD/releases/amd64/amd64/IS...
CHECKSUM.SHA512:
SHA512 (HardenedBSD-11-STABLE-v1100055.1-amd64-bootonly.iso) = d023527a8e385f69787b5e1e2a9f52849cc9a7b439c4180ca285c753412aa9352da21bd8286b0d60960b626d5d1856c0ba749a135f36f6e39a597455aeeb22e9
SHA512 (HardenedBSD-11-STABLE-v1100055.1-amd64-disc1.iso) = 871fa40b3963ccb31df94f8cc4a83ef931de0c1facc3a0eb1175435c9f996297678e8910968d82d98f0a0cf46391aed568c52ce5261fd5c646d40f3eb18b7107
SHA512 (HardenedBSD-11-STABLE-v1100055.1-amd64-memstick.img) = 1ef4ac1af66a6428550033849b91590f4ed8c6bb075ae8203e306b98d1f4c0b88cfa9c5b41373a580a46ece9f84148a144734f763f1064d9a0763ff262a080fe
SHA512 (HardenedBSD-11-STABLE-v1100055.1-amd64-mini-memstick.img) = 3be90dc646efa29e724324d2220c4616ba23ae28df038d0312750bea9463fc4cdd8385f5617da8b93a8d537e1e7b4134f0d124e723f503dd2656d927b986210d
CHECKSUM.SHA512.asc:
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEu1M4jTvZiSgVy54wgZsRom/9GI0FAlrEsR8ACgkQgZsRom/9
GI2cBRAAl3GIIfyCrzGntsbsPJhB6CA6DsGLGrw6Y8m3PdvNLe7re5HXbHp3WkOA
6XzQ91+Ip7ZX7+CyLtdxAe/mUuqD4zdxRqHehrMCQgXgEeL3SndUrs46iDS0mXhv
rGi8a3mg5nX2JqWvhh4ALThWSf7gn/JqQTVHgvVXClr/ruVJJMfJlYOcQb96aN2g
sQSXnW27Zf8aauGC4SkDip4mRIFrEEVMRILCOeCUDWkDjecOGSZgKyFuV9299ln2
LTocbJBGuYPcj3xRtK8YgRIQ6v/b5gEiZUhUnonOC6OMOAm46fhjRIa5DpcFBOdT
/W4BLML5vKzlXutJKCMJGua+wRwvz348glj+hr5R+oedjNhb6K+EA6Fz3e205UY2
IRRrakEpXVagElp9fgLxc3n+sh3Rm1hsf7undgdslV4oN4+61xdrEEDIOux0OHtX
8/hFd9e3lBctwGl34Mx+d7FcF/CbFBdQjUuk3zp2NFSluk1o8yVLiUQG17Cq6VYd
MeNRL1RlSuAWuxjhL3N7mPwOVn71Z219lTJu84uaHuZn+nTRNS4gKk1I/qdPUuX9
/lY+4T6lqUzzjo3hS99jVwWgAjaunOHbjG0l2yDMeZceQ0PIt9MDAWEjiKnFnJj3
lOpHE0132ApHEmbl+SQDFSrpJaRFOmkbdVT2N4FtsPGNNdmsR6A=
=kv71
-----END PGP SIGNATURE-----
Changelog:
Oliver Pinter (10):
- HBSD MFC r328011: Provide some mitigation against CVE-2017-5715 by clearing registers upon returning from the guest which aren't immediately clobbered by the host. This eradicates any remaining guest contents limiting their usefulness in an exploit gadget.
- HBSD MFC r302595: Remove assumptions in MI code that the BSP is CPU 0.
- HBSD MFC r329162: Provide further mitigation against CVE-2017-5715 by flushing the return stack buffer (RSB) upon returning from the guest.
- HBSD MFC r331640: Fix several leaks of kernel stack data through paddings.
- HBSD MFC r330821: Use the stack for temporary storage in OTIOCCONS.
- HBSD MFC r330880: Don't overflow the kernel struct mdio in the MDIOCLIST ioctl.
- HBSD MFC r331008: Restore the behavior of returning the total number of units by unconditionally incrementing i in the loop;
- HBSD MFC r324393: reapply random(4): Add missing source descriptions
- HBSD MFC r324394: reapply random(4): Gather entropy from Pure sources
- Merge remote-tracking branch 'origin/freebsd/11-stable/master' into hardened/11-stable/master
Oliver Pinter + (71):
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
- Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Shawn Webb (15):
- Merge remote-tracking branch 'origin/freebsd/11-stable/master' into hardened/11-stable/master
- HBSD: Resolve merge conflict
- Merge remote-tracking branch 'origin/freebsd/11-stable/master' into hardened/11-stable/master
- HBSD: Resolve merge conflict
- Merge remote-tracking branch 'origin/freebsd/11-stable/master' into hardened/11-stable/master
- HBSD: Resolve merge conflict
- Merge remote-tracking branch 'origin/freebsd/11-stable/master' into hardened/11-stable/master
- Merge remote-tracking branch 'origin/freebsd/11-stable/master' into hardened/11-stable/master
- Merge remote-tracking branch 'origin/freebsd/11-stable/master' into hardened/11-stable/master
- HBSD: Resolve merge conflict
- Merge remote-tracking branch 'origin/freebsd/11-stable/master' into hardened/11-stable/master
- HBSD: Resolve merge conflict
- Merge remote-tracking branch 'origin/freebsd/11-stable/master' into hardened/11-stable/master
- Merge remote-tracking branch 'origin/freebsd/11-stable/master' into hardened/11-stable/master
- HBSD: Resolve merge conflict
ae (7):
- MFC r330536: Define ethernet type 0x88A8 as ETHERTYPE_QINQ.
- MFC r330537: Add mapping for several ethernet types used by Linux to FreeBSD ethernet types.
- MFC r330792: Do not try to reassemble IPv6 fragments in "reass" rule.
- MFC r330771: Remove obsoleted and unused key_sendup() function. Also remove declaration for nonexistend key_usrreq() function.
- MFC r330779: Rework key_sendup_mbuf() a bit:
- MFC r330781: Update pfkey_open() function to set socket's write buffer size to 128k and receive buffer size to 2MB. In case if system has bigger default values, do not lower them.
- MFC r331203: Remove note that `fwd tablearg` is supported only by IPv4. IPv6 is supported too.
araujo (2):
- MFC r329817:
- MFC r305860, r306371
asomers (8):
- MFC r323314, r323338, r328849
- MFC r329067:
- MFC r329108:
- MFC r329174:
- MFC r328896, r329236
- MFC r329265, r329384
- MFC r329273, r329275, r329277, r329284, r329344
- MFC r329412:
avg (12):
- MFC r330338: db_nextframe/amd64: catch up with r328083 to recognize fast_syscall_common
- MFC r329714: MFV r329713: 8731 ASSERT3U(nui64s, <=, UINT16_MAX) fails for large blocks
- MFC r329719: MFV r329718: 8520 7198 lzc_rollback_to should support rolling back to origin
- MFC r329717: MFV r329715: 8997 ztest assertion failure in zil_lwb_write_issue
- MFC r330057: add ZFS_ENTER protection to .zfs/snapshot vnode operations that need it
- MFC r329823: another rework of getzfsvfs / getzfsvfs_impl code
- MFC r329363: read-behind / read-ahead support for zfs_getpages()
- MFC r330374: db_script_exec: use a saved script name when reporting commands executed
- MFC r330592: MFV r330591: 8984 fix for 6764 breaks ACL inheritance
- MFC r330793: fix r297857, do not modify CPU extension bits under virtual machines
- MFC r330974: MFV r330973: 9164 assert: newds == os->os_dsl_dataset
- MFC r327056: Use resume_cpus() instead of restart_cpus() to resume from ACPI suspension.
avos (1):
- MFC r324673: mbuf(9): unbreak m_fragment()
brooks (9):
- MFC r330527:
- MFC r330409:
- MFC r330819, r330885, r330934
- MFC r330820:
- MFC r330876, r330945
- MFC r330949:
- MFC r328522:
- fea(4) was removed in HEAD with the removal of EISA support.
- MFC r331830:
bryanv (2):
- MFC r329598:
- MFC r327958, r329601, r329602:
dab (4):
- MFC r330034
- MFC r330085:
- MFC r330245:
- MFC r331015:
delphij (1):
- MFC r316339,317396,317829,326010,329554: less v530.
dim (5):
- Repair obvious mismerge in r330897, resulting in misleading gcc error messages like "sys/net/if_fddisubr.c:1: error: expected '=', ',', ';', 'asm' or '__attribute__' before '-' token".
- Revert r330471 (MFC of r311861), since it results in compile errors like:
- Merge retpoline support from the upstream llvm, clang and lld 5.0 branches. Upstream merge revisions:
- MFC r314568 (by emaste):
- Merge clang, llvm, lld, lldb, compiler-rt and libc++ 6.0.0 release, and several follow-up fixes.
eadler (131):
- Revert MFC of r330463 r330462 r330454 r330452 r330451:
- MFC r302779,r302807:
- MFC r327206:
- MFC r326820:
- MFC r318587:
- MFC r326283:
- MFC r309220:
- MFC r313544:
- MFC r303539:
- MFC r303540:
- MFC r323865:
- MFC r326651:
- MFC r327672:
- MFC r326599:
- MFC r316796:
- MFC r316797:
- Revert MFC of r323865
- MFC r330572:
- Revert r324434
- MFC r320805:
- MFC r304153:
- MFC r304161:
- MFC r304165,r304166:
- MFC r304164:
- MFC r304173,r304181,r304186:
- MFC r304758:
- MFC r304773,r304800:
- MFC r304804:
- Partial merge of the SPDX changes
- MFC r305010:
- MFC r305059:
- MFC r305060:
- MFC r305121,r305231:
- MFC r314641,r314646,r314997,r315390:
- MFC r315000:
- MFC r315003,r315065,r315066:
- MFC r315418,r315480,r316019:
- MFC r317174:
- MFC r315984:
- MFC r316136:
- MFC r316636,r316642,r316675,r316733,r316737,r316741,r316827,r316830,r316865,r316878:
- MFC r330834:
- MFC r322663:
- MFC r302509:
- MFC r302452:
- MFC r302525,r302526:
- MFC r302535:
- MFC r329102:
- MFC r327279,r327571:
- MFC r327580,r327581:
- MFC r302533:
- MFC r303063,r311852,r311930,r317040,r320506,r321301,r325162,r326759,r329004,:
- MFC r303036,r303038,r306822,r307923,:
- MFC r302485,r303203,r303341,r304025,r306133,r306518,r308576,r308686,r309019,r309059,r310024,r311853,r312793,r313033,r313577,r313741,r314692,r317772,r317939,r319674,r319923,r321392,r322979,r323222,r323222,r323398,r323502,r323602,r323767,r323767,r323958,r325220,r326172,r326253,r330652,r330761,r330762,r330763,r330765,:
- MFC r327474:
- MFC r327514,r327521,r327614,r327615,r327616,r327623:
- MFC r305139:
- MFC r305857,r305858,r305859:
- MFC r306135,r311859,r321763,r321764,r321766,r321767,r321768,r321769,r321771,r321774,r321776,r321783,r321784,r321785,r321786,r321787,r321788,r321789,r321793,r321796,r321797,r321801,r321802,r321804,r321814,r321817,r321818,r321834,r321835,r321853,r321857,r321860,r321866,r321885,r321886,r321889,r321890,r321892,r321893,r321897,r321939,r321966,r321974,r321982,r321989,r322035,r322093,r322108,r322314,r322330,r322335,r322350,r322353,r322365,r322416,r322471,r322484,r322638,r322649,r322881,r322886,r323972,r330768,:
- MFC r324441:
- MFC r305373,r312344,r318095,r319117,r320948,r320953,r328528:
- MFC r311106,r311109,r311110,r320579,r327063,r327064,:
- MFC r303041,r303320,r305905,r310087,r310346,r319368,r321879,r321923,r321979,r327554,r329124,r329210,:
- MFC r327344:
- MFC r330940:
- MFC r326959:
- MFC r328427:
- MFC r328428:
- MFC r328430,r328431:
- MFC r328959:
- MFC r328839:
- MFC r328831:
- MFC r327941:
- MFC r326387:
- MFC r317870:
- MFC r328509:
- MFC r330843:
- MFC r303452,r303482,r303483,r303484,r303485,r303487,r303489,r303498,r303499,r303502,r303523,r303525,r303570,r303571,r303588,r303596,r303597,r303598,r303599,r303600,r303601,r303625,r303629,r303718,r304651,r304684,r304686,r305983,r309217,r309219,r309341,r309342,r309343,r309382,r309415,r309417,r309418,r309419,r310863,r311141,r314613,r318471,r321382,r321383,r321396:
- MFC r319274:
- MFC r315190:
- MFC r325215,r325216:
- MFC r314955:
- MFC r303150:
- MFC r328525:
- MFC r326601:
- MFC r323135:
- MFC r322991:
- MFC r314052:
- MFC r304725:
- MFC r317570:
- MFC r317798:
- MFC r325091:
- MFC r303412:
- MFC r320210:
- MFC r326913:
- MFC r314622:
- MFC r326482:
- MFC r303812:
- MFC r326249:
- MFC r328636:
- MFC r328638:
- MFC r328640:
- MFC r312887:
- MFC r328785:
- MFC r328586:
- MFC r328162:
- MFC r328262:
- MFC r313264:
- MFC r305306:
- MFC r328300:
- MFC r327184:
- MFC r316422:
- MFC r326859:
- MFC r326437:
- MFC r326356:
- MFC r326183:
- MFC r325113:
- MFC r325112:
- MFC r313818:
- MFC r315986:
- MFC r320992,r320993:
- MFC r322013:
- MFC r320268,r320276:
- MFC r320178:
- MFC r322674:
- MFC r324806:
- MFC r324858:
- MFC r324860:
- MFC: r331285
- MFC: r331533
- Revert r330897:
emaste (29):
- MFC r322277 by jlh:
- MFC r322552 by jhb: Unconditionally install rwhod support scripts.
- MFC r330613: Disable LLD_BOOTSTRAP under WITHOUT_CROSS_COMPILER
- MFC r330667: asmc: update temperature sensor name/description
- MFC r329370, r330239: Rationalize license text on Linuxolator files
- MFC r328395: Install uefi.8 also on arm64
- MFC r319510: xz: set noexec stack flag on FreeBSD
- Fix kernel memory disclosure in svr4_sys_getdents64
- MFC r330668: bktr: correct Japan IF frequency
- MFC r325047: dma: fix use-after-free
- MFC r331339: Correct signedness bug in drm_modeset_ctl
- MFC r331333: Fix kernel memory disclosure in drm_infobufs
- MFC r331234: Rationalize license text on Linuxolator files
- MFC r331329: Fix kernel memory disclosure in ibcs2_getdents
- MFC Capsicum open(2) and openat(2) documentation
- MFC r324560: allow posix_fallocate in capability mode
- Regen *sysent.c after r331679 - posix_fallocate in capability mode
- MFC r325422: posix_fallocate.2: add an EINVAL errno case
- MFC r323623: rename(2): document capability mode errors
- MFC r315522: use INT3 instead of NOP for x86 binary padding
- MFC r324707: embed_mfs: add error handling, usage
- MFC r326992: embed_mfs: support embedding mfs into loader
- MFC kernel build-id support
- MFC r321417: enable filter lib linker feature flag for lld 5.0+
- MFC r329373: Correct module symbol export handling
- MFC r320695 (bdrewery): Fix out-of-tree kernel builds
- MFC r331426: Rationalize license text on Linuxolator files
- MFC r331433: linuxkpi whitespace cleanup
- MFC r321587: cc_cubic: restore braces around if-condition block
eugen (3):
- MFC r329105: ppp(8): fix code producing debugging logs
- MFC r329279: add support for user-supplied Host-Uniq tag to ng_pppoe(4).
- MFC r331630: Fix instructions in the zfsboot manual page.
garga (1):
- MFC r322281:
gjb (8):
- Document EN-18:01, EN-18:02, SA-18:01, SA-18:02.
- Document SA-18:03.speculative_execution.
- MFC r322794: Use py-google-compute-engine instead for releasing Google Compute Engine (GCE) images with an updated version of Google's tools.
- MFC r331364: Remove google_accounts_manager from VM_RC_LIST in the GCE configuration file, no longer needed.
- MFC r331559: Escape trailing newlines in a long variable list for consistency.
- MFC r331562 (manu): release: arm: Copy boot.scr from ports
- MFC r331696, r331697:
- MFC r331806: Add logic for "families" for GCE images.
gonzo (18):
- MFC r316370-r316371
- Fix VERSATILEPB boot after r331402
- MFC r329832, r329926
- MFC r330309:
- MFC r330558:
- MFC r303100 by andrew:
- MFC r308533 by andrew:
- MFC r302498 by andrew:
- MFC r303035 by markm:
- MFC r305094, r305096-r305097
- MFC r304488, r304623
- MFC r306263, r306268
- MFC r306436-r306437, r306489, r306491
- MFC r314672, r315967, r324184, r325768
- MFC r325048:
- MFC r330727 (without optional dts part):
- MFC r307943-r307944, r308698
- MFC r312378 by andrew:
gordon (1):
- MFC r331981:
hselasky (101):
- MFC r330272: Implement wait_on_bit() function macro in the LinuxKPI.
- MFC r330273: Implement ktime_get_raw() function in the LinuxKPI.
- MFC r330274: Implement more lockdep stubs in the LinuxKPI.
- MFC r330349 and r330362: Allow pause_sbt() to catch signals during sleep by passing C_CATCH flag. Define pause_sig() function macro helper similarly to other kernel functions which catch signals. Update outdated function description.
- MFC r330352 and r330353: Implement msleep_interruptible() in the LinuxKPI. While at it use pause_sbt() instead of pause() in the msleep() function to avoid rounding errors when converting delay values forth and back. Add a guard for a delay value of zero milliseconds which is undefined.
- MFC r330344: Correct the return code from pause() during cold startup from zero to EWOULDBLOCK. This also matches the description in pause(9).
- MFC r330387 and r330396: Rename the SLAB_DESTROY_BY_RCU flag into SLAB_TYPESAFE_BY_RCU in the LinuxKPI to be compatible with Linux.
- MFC r330388: Implement GENMASK_ULL() function macro in the LinuxKPI.
- MFC r330389: Implement for_each_clear_bit() function macro in the LinuxKPI.
- MFC r330390: Define noinline and __maybe_unused macros in the LinuxKPI.
- MFC r330391: Implement writel_relaxed() in the LinuxKPI.
- MFC r330392 and r330408: Implement BUILD_BUG() function macro in the LinuxKPI.
- MFC r330393: Implement __MODULE_STRING() function macro in the LinuxKPI.
- MFC r330394: Implement pr_err_ratelimited() function macro in the LinuxKPI.
- MFC r330395: Implement DEFINE_WAIT_FUNC() function macro and default_wake_function() in the LinuxKPI.
- MFC r330398: Implement wait_event_lock_irq() macro function in the LinuxKPI.
- MFC r330399: Stub kernel_param_lock() and kernel_param_unlock() in the LinuxKPI.
- MFC r330689: Implement proper support for complete_all() in the LinuxKPI.
- MFC r330271: Rename callout member in struct timer_list to match the one in struct delayed_work in the LinuxKPI. This allows the timer_pending() function macro to be used with delayed work structures.
- MFC r325659: Add support for disabling and enabling RX and TX DMA rings in mlx5en(4). This is useful for supporting setups similar to Netmap.
- MFC r325660: Add support for configuring local multicast and unicast data traffic loopback in mlx5en(4) driver via the sysctl interface.
- MFC r325661: Expose the current hardware MTU in mlx5en(4) as a separate entry in the sysctl tree.
- MFC r330598: Use a macro in mlx5_command_str() instead of copying OP name.
- MFC r330599: Fix potential deadlock in command mode change in mlx5core.
- MFC r330600: Add timeout handle to commands with callback in mlx5core.
- MFC r330603: Make sure default VNET is set when adding a new interface in mlx5core.
- MFC r330604: Add log message for unsupported QSFPs in mlx5core.
- MFC r330606: Implement support for querying the current port rate in mlx5core. The mlx5ib(4) part will be merged separately.
- MFC r330607: Implement rate limit per traffic class in mlx5core.
- MFC r330608: Implement priority to traffic class mapping in mlx5core.
- MFC r330644 and r330714: Updates for PCI and health monitor recovery in mlx5core. This patch accumulates the following Linux commits:
- MFC r330645: Avoid calling sleeping function from the health poll thread in mlx5core.
- MFC r330646: Fix race between PCI error handlers and health work in mlx5core.
- MFC r330649: Add support for per priority flow control, PFC, to mlx5en(4).
- MFC r330650: Use device_printf() instead of printf() when printing warnings and errors to dmesg(8) in mlx5core.
- MFC r330651: Add vendor specific capability interface support in mlx5core.
- MFC r330653: Add kernel and userspace code to dump the firmware state of supported ConnectX-4/5 devices in mlx5core.
- MFC r330656: Use the device unit number for naming the ifnet interface in mlx5en(4).
- MFC r330657: Use vport rather than physical-port MTU in mlx5en(4).
- MFC r330658: Fix mlx5en(4) driver to properly call m_defrag().
- MFC r330659: Avoid more LFENCE/SFENCe on x86 in mlx5en(4), by using the FreeBSD native fences.
- MFC r330660: Add call to setup firmware data dump structure during device load in mlx5core.
- MFC r330670: Make mlx5 compilable on ILP32 arches.
- MFC r330654: Check that the address is specified in mlx5tool(8).
- Fix buildworld after r331586 by adapting the installation of dev/mlx5/mlx5io.h to the build system in FreeBSD 11-stable.
- MFC r303505, r303506, r303512, r303513, r303646, r320418, r323082, r326169, r326563, r326649, r326716, r326764, r326765 and r329222:
- MFC r331419: Allow the libusb20_dev_get_port_path() function to be called when the USB device is closed. This fixes a compatibility issue with upstream libusb.
- MFC r330490: Add missing FreeBSD tags and SVN properties to ibcore.
- MFC r330491: Do not add RoCEv2 default GID in ibcore when IPv6 is disabled to honor the networking stack's IPv6 disabled setting. Else the offload HCA can start using IPv6 packets for QPs.
- MFC r330492: Add support for IPv6 link local GIDs equal to the default GID for VLANs in ibcore.
- MFC r330493: Make deletion of RoCE GID entries synchronous in ibcore.
- MFC r330494: Select RoCEv2 by default in ibcore.
- MFC r330495: Map type of service, TOS, to IB or VLAN service level 1:1 in ibcore.
- MFC r330496: Need to check for IPv6 linklocal address inside rdma_resolve_addr() in ibcore.
- MFC r330501: Make sure to register the VLAN GIDs using the VLAN network interface and not the parent one in ibcore. Else looking up the VLAN GIDs will fail for VLAN IPs.
- MFC r330504: Add support for loopback in ibcore.
- MFC r330506: Pass valid if_index to rdma_addr_find_l2_eth_by_grh() in ibcore when possible.
- MFC r330507: Get correct network device when accepting incoming RDMA connections in ibcore.
- MFC r330508: Optimize ibcore RoCE address handle creation from user-space.
- MFC r330579: Fix for use-after-free when using delayed work structures in ibcore.
- MFC r330580: Make sure the IPv6 scope ID gets properly masked in ibcore.
- MFC r330581: Add IB_SPEED_HDR definition in ibcore.
- MFC r330583: Embed the IPv6 scope ID before calling rtalloc1() in ibcore. Else rtalloc1() will resolve to the loopback interface.
- MFC r330584: Recover IPv6 scope ID for multicast link-local addresses as well as unicast link-local addresses.
- MFC r330585: Define values instead of using hardcoding.
- MFC r330586: Make sure VNET is set when calling sa6_recoverscope() in ibcore.
- MFC r330594: Disable unsupported disassociate ucontext functionality in mlx4ib(4).
- MFC r330595: The mlx4ib(4) should not be loaded before the ibcore is initialized.
- MFC r330596: Bump version information in mlx4ib(4).
- MFC r330597: Disable unsupported disassociate ucontext functionality in mlx5ib(4).
- MFC r330662: Set correct SL in completion for RoCE in mlx5ib(4).
- MFC r330944: Fix compliancy of the kstrtoXXX() functions in the LinuxKPI, by skipping one newline character at the end, if any.
- MFC r331204: Remove redundant integer cast in ibcore. The "ref_count" field already has integer type.
- MFC r331355: Clear old MSIX IRQ numbers in the LinuxKPI.
- MFC r331357: The pci_disable_device() function is also expected to clear the PCI busmaster. This fixes LinuxKPI compliancy with Linux.
- MFC r331437: Create designated workqueue for each mlx5en(4) device instance.
- MFC r331438: Exit krping on device removal to avoid endless hang situation.
- MFC r330606: Implement missing query for current port rate in mlx5ib(4).
- MFC r330647: Use the autogenerated interface file for all commands in mlx5core.
- MFC r330648: Add support for explicit congestion notification, ECN, to mlx5ib(4).
- MFC r331443: Improve support for health recovery in mlx5core.
- MFC r331445: Add support for fast unload in shutdown flow in mlx5core.
- MFC r331446: Cancel delayed recovery work when unloading the mlx5core driver.
- MFC r331447: Hide verbose proclamation of error when forced in mlx5core.
- MFC r331449: Handle software reset of firmware in error flow in mlx5core.
- MFC r331451: Issue a software reset on firmware assert in mlx5core.
- MFC r331452: Add mutual exclusion mechanism for software reset of firmware in mlx5core.
- MFC r331453: Don't save PCI state when PCI error is detected in mlx5core.
- MFC r331455: Fix incorrect page count when mlx5core is in internal error.
- MFC r331456: Don't wait for completions when a mlx5en(4) device is in internal error state.
- MFC r331531: Remove redundant prototype to fix compilation with GCC.
- MFC r331819: Add missing newline character in print in mlx5core.
- MFC r331820: Properly check if crspace is supported in mlx5core.
- MFC r331821: Prepare for FW dump in error state in mlx5core.
- MFC r331822: Reorganize health recovery in mlx5core.
- MFC r331823: Collect firmware dump when mlx5core is in device error state.
- MFC r331824: Make sure Giant is locked when allocating bus resources in mlx5core.
- MFC r331825: Fix for use after free in mlx5core.
- MFC r331826: Bump mlx5core driver version.
- MFC r331827: Remove unused structure field in mlx5core.
- MFC r330655: Remove duplicate prototypes.
ian (25):
- MFC r330745:
- MFC r306657, r306673, r306726, r307737, r309366, r310135, r323990, r324414
- MFC r307656, r307659, r307674-r307675, r307679, r307683
- MFC r315051, r315101, r315103, r315107, r315180, r315197, r315293, r315319, r315590, r315649, r315726, r315743, r315746-r315747, r315779, r315985, r316002, r316639, r316959, r317187, r317194, r317205-r317207, r317381, r319489, r319847, r321076-r321079, r321227, r326822
- To fix the powerpc build, back out r331184, which was this mfc:
- MFC r324186:
- MFC r327756-r327758
- MFC r306288, r314936, r325527, r327971, r328005, r328039, r328068-r328069, r328301-r328303
- MFC r328307, r328311-r328312
- MFC r328345, r328349, r328405, r328407, r328442
- MFC r329125-r329126
- MFC r329479-r329480, r329483, r329506-r329507, r329526, r329529, r329536, r329541, r329730, r329841, r329988, r330397
- MFC r329534-r329535
- MFC r325233, r328956, r329170, r329172-r329173, r329224, r330403-r330407, r330411-r330412, r330416, r330430-r330431, r330433, r330528-r330529, r330767
- MFC r329537:
- MFC r329642:
- MFC r310017, r310229, r312289, r327260, r329539, r329544-r329546, r329620, r329729, r329911, r329999
- MFC r330361:
- MFC r330385:
- MFC r330437-r330438, r330440, r331045
- MFC r330050:
- MFC r330773, r330778, r330782, r330797
- MFC r331068:
- MFC r331123, r331126, r331129, r331132, r331136, r331138-r331139, r331141
- MFC r329989, r330044
imp (2):
- Direct commit to stable
- MFC: r331140
jhb (8):
- MFC 328102: Save and restore guest debug registers.
- MFC 328158,330708: Update kgdb for PTI.
- MFC 328909: Always give ELF brands a chance to veto a match.
- MFC 330872: Add a "jail" keyword to list the name of a jail rather than its ID.
- MFC 330711: Permit sysctl(8) to set an array of numeric values for a single node.
- MFC 329785: Move DDP PCB state into a helper structure.
- MFC 318387: Add support for child devices that aren't ports.
- MFC 331248: Set the proper vnet in IPsec callback functions.
jkim (1):
- MFC: r331627
ken (1):
- MFC r331422:
kevans (26):
- MFC r329339: libsa: Consolidate tftp sendrecv into net.c sendrecv
- MFC r317191, r317195: Don't ignore "disabled" CPUs
- MFC r322287 (mw): Add support for "compatible" parameter in ofw_fdt_fixup
- MFC r322289: Enable uing ofw_bus_find_compatible in early platform code
- MFC r322359: Enable OF_setprop API function to add property in FDT
- MFC r326204: Do not bind to CPUs with SMT
- MFC r326310: Back out OF module installation in the event of failure.
- MFC r327391: Avoid use of the fdt_get_property_*() API
- MFC r329579: Set internal error returns [of some OF functions] to 0
- MFC r330019: ofw_fdt: Simplify parts with new libfdt methods
- MFC r317055,r317056 (glebius): Include sys/vmmeter.h as included
- MFC r322278,324177: EFIRT Improvements
- r322279: Don't create /dev/efi without EFI runtime
- MFC r324495: Support the EFI Runtime Services on arm64. As with amd64 we use the 1:1 mapping. This uses the new common code shared with amd64.
- Revert r331022: MFC of EFI Runtime Service support on aarch64
- MFC (partially) r326066, r326121: Add an EFI RTC Driver
- MFC r324191: Hide kernel stuff from userspace.
- MFC r330257: Add a function to retrieve the EFI realtime clock capabilities.
- MFC r330612: stand/ficl: Fix testmain
- MFC r330023, r330028: Add MAXWAIT for configuring pxeboot timeout
- MFC r330891: ubldr: Bump heap size from 512K to 1M
- MFC r330929: pkgbase: Fix post-install script for kernel packages
- MFC r331416, r331440: Loader consoles: Implement SGR 22, reste intensity
- MFC r330115: Add missing WITH_BSD_GREP_FASTMATCH description
- MFC r331475: loader consoles: Implement SGR 24, 25
- MFC r328331: Support configuring arbitrary limits(1) for any rc.conf daemon
kib (14):
- MFC r330285: Remove _Nonnull attributes from user addresses arguments for copyout(9) family.
- MFC r328087 (by fabient): Fix pmcstat exit from kernel introduced by r325275.
- MFC r331431: Update comment to match current field names.
- MFC r331247: Check for wrap-around in vm_phys_alloc_seg_contig().
- MFC r331374: Fixes for ptrace(PT_GETXSTATE_INFO) related to the padding in struct ptrace_xstate_info).
- MFC r331375: Do not send signals to init directly from shutdown_nice(9), do it from the task context.
- MFC r320872: Create libdl.so.1 as a filter for libc.so.7 which exports public dl* functions.
- MFC r331432: There is no need to disable interrupts around npxsave call.
- MFC r331486: Improve the lcall $7,$0 syscall emulation on amd64.
- MFC r331487: In vn_io_fault1(), reduce the scope where pagefaults are disabled.
- MFC r331489: For vm_zone_stats() sysctl handler, do not drain sbuf calling copyout(9) while owning zone lock.
- MFC r331490: Account the size of the vslock-ed memory by the thread.
- MFC r331557: Allow to specify for vm_fault_quick_hold_pages() that nofault mode should be honored.
- MFC r331640: Fix several leaks of kernel stack data through paddings.
kp (3):
- MFC r329950:
- MFC r330108:
- MFC 330105:
lidl (2):
- MFC r328861: improve blacklist-helper shell script
- Revert attempted MFC. It included unwanted changes.
marius (6):
- MFC: 327314
- MFC: r327315
- MFC: r327339, r327924
- MFC: r327355, r327926
- MFC: r327929
- MFC: r328834
markj (12):
- MFC r331016: Add a space between a section number and a following comma.
- MFC r331425: Correct a couple of assertion messages in vm_page_reclaim_run().
- MFC r331222: Given hidden visibility to symbols referenced by the DOF section.
- MFC r331128: Have vm_page_replace() assert that the new page is not enqueued.
- MFC r331134: Fix an access of an uninitialized variable in dtrace_probe().
- MFC r331135: Use __syscall(2) rather than syscall(2) in syscall/tst.args.c.
- MFC r331260: Remove a lingering inaccuracy from mlock.2.
- Revert r331551. It is causing perl and tcl port build failures.
- MFC r331536: Use LIST_FOREACH_SAFE in sleepq_chains_remove_matching().
- MFC r331538: Clamp IFLIB_RX_COPY_THRESH to MHLEN in iflib_rxd_pkt_get().
- MFC r317567 (by cem): x86 MCA: Fix a deadlock in MCA exception processing
- MFC r324102 (by cem): netsmb: Fix buggy/racy smb_strdupin()
mav (26):
- MFC r328521 (by imp): Use atomic load and stores to ensure that the compiler doesn't optimize away these loops. Change boolean to int to match what atomic API supplies. Remove wmb() since the atomic_store_rel() on status.done ensure the prior writes to status. It also fixes the fact that there wasn't a rmb() before reading done. This should also be more efficient since wmb() is fairly heavy weight.
- MFC r330048: Add sysctls/tunables for dbuf cache size.
- MFC r330121: Add support for Enhanced Gen 5 (16Gb) and Gen 6 (32Gb) QLogic FC HBAs.
- MFC r330963: Increase ABOUT FIRMWARE command timeout to 5s.
- MFC r329505: MFV r323911: 8502 illumos#7955 broke delegated datasets when libshare is not present
- MFC r329508: MFV r324198: 8081 Compiler warnings in zdb
- MFC r329623: MFV r302649: 7016 arc_available_memory is not 32-bit safe
- MFC r329625: MFV r307315: 7301 zpool export -f should be able to interrupt file freeing
- MFC r329628: MFC r316910: 7812 Remove gender specific language
- MFC r329657 (by asomers): Fix memory leaks in zdb introduced by r329508
- MFC r329658: MFV r316872: 7502 ztest should run zdb with -G (debug mode)
- MFC r329659: MFV r316873: 7233 dir_is_empty should open directory with CLOEXEC
- MFC r329661: MFV r316875: 7336 vfork and O_CLOEXEC causes zfs_mount EBUSY
- MFC r329663: MFV r316876: 7542 zfs_unmount failed with EZFS_UNSHARENFSFAILED
- MFC r329664: MFV r316893: 7604 if volblocksize property is the default, it displays as "-" rather than 8K
- MFC r329665: MFV r316901: 7730 libzfs`add_config() leaks config nvl when reading spare/l2cache devices
- MFC r329667: MFV r316902: 7745 print error if lzc_* is called before libzfs_core_init
- MFC r329668: MFV r316918: 7990 libzfs: snapspec_cb() does not need to call zfs_strdup()
- MFC r329681: MFV r318941: 7446 zpool create should support efi system partition
- MFC r329683: MFV r319736: 6396 remove SVM
- MFC r329690: MFV r319737: 6939 add sysevents to zfs core for commands
- MFC r329691: MFV r322231: 8430 dir_is_empty_readdir() doesn't properly handle error from fdopendir()
- MFC r329694: MFV r324198: 8081 Compiler warnings in zdb
- MFC r329738: MFV r329736: 8969 Cannot boot from RAIDZ with parity > 1
- MFC r330292: Update QLogic ISP 24xx/25xx chips firmware to 8.07.00.
- MFC r331228: Update mpr(4) driver from v15 to v18 from Broadcom site.
mjoras (1):
- MFC r325621, r325622, r331227
mmel (6):
- MFC r319896,r320054:
- MFC r309531,r309553,r309604:
- MFC r327827:
- MFC r330073:
- MFC r330074:
- MFC r328467:
np (1):
- MFC r322659 (by glebius): Fix cut and paste typo that prevented T5 firmware to be compiled in.
philip (1):
- MFC r331481: Import tzdata 2018d
rgrimes (1):
- MFC: r331664
rpokala (2):
- MFC r330304: imcsmb(4): Intel integrated Memory Controller (iMC) SMBus controller driver
- MFC 331345:
sbruno (1):
- MFC r330675
sevan (4):
- MFC r331274
- MFC 321881
- MFC r316464
- MFC r322665
sjg (1):
- MFC bmake-20180222
smh (4):
- MFC r330950:
- MFC r330951:
- MFC r328321:
- MFC r320138:
tijl (1):
- MFC r314624:
truckman (1):
- MFC r329844 MFC r329875 (by kib)
tychon (1):
- MFC r328011,329162
ume (1):
- MFC r330681: Fix Bad file descriptor error.