Stable release: HardenedBSD-stable 12-STABLE v1200059

HardenedBSD-12-STABLE-v1200059 - https://github.com/HardenedBSD/hardenedBSD-stable/releases/tag/HardenedB...

Highlights:

MFC r348167, r348168, r348359, r348361: Add posixshmcontrol(1) utility. (a6d485ce245aa9798f9e402c446010f26ab974ba)
MFC 347033: Increase the VirtIO segment count to support modern Windows guests. (8fb552d38dcee4f17df31d13ac823568a76c5988)
MFC r348052: NDFREE(): Fix unlocking for LOCKPARENT|LOCKLEAF and ndp->ni_dvp == ndp->ni_vp. (7b981e827b29bdf244f703e789cb02e6a37729b9)
MFC: r348340 Merge OpenSSL 1.1.1c. (c7f23c34d5a527b166b59c18affdf950c00f454e) [CVE-2019-1543]
MFC r346630: Add GRE-in-UDP encapsulation support as defined in RFC8086. (fdaf572e031362aef90f3c22f9b9047d11e9d545)
MFC 346649: Don't panic for empty CCM requests. (71cf38a72587fcb47855679e4d7cb03d0bae610c) [FreeBSD-SA-candidate]
MFC: r347960: bhyve virtio needs barriers (7532fd50c7e8c7f5ccd2f115a4dc4c4cf5ea0f62)
MFC r347698: amd64 pmap: sysctl vm.pmap.pcid_save_cnt should be read-only. (330c65332bc1b5aabee212304b2a35ba45542650)
MFC r347216: amd64: fix BUS_SPACE_MAXSIZE to 64bit max value. (489fe9b7411487422c33302cdbe2eb48b8bd6b90)
MFC r347570: Specify -z notext when building with -z ifunc-noplt. (3d54d872091ac7fec0390e283884a4a685a4a301)
MFC r343985, r344133, r345273 (by bde): Prevent overflow for usertime/systime in caclru1(). (6fc6ab1b7187c5fb8fa31d10c8822f4603768ba5)
MFC r346647: [acpi_ibm] Add support for newer Thinkpad models (28e53eb78bba63e7cd921faf4898378824a8d8d4)
MFC r347368: x86: Put other CPUs into tight loop when updating Intel microcode from loaded OS. (743eb89b18e3724d8e168b6f6eda45a5c018c78a)
MFC r347566: Mitigations for Microarchitectural Data Sampling. (912787467fb48024d8780b3531318feeff1bbbdd) [FreeBSD-SA-19:07.mds CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091]
MFC r347133: arm64: Properly restore PAN when done with userspace access in casueword. (e939702ff316aafb6dc3a5e37ffed3a7ef29d536)
MFC of 347064, 347066, and 347130 Avoid leaking kernel stack when creating directory names. (0775f68d9024850d97a2384d89aff0916617996b) [FreeBSD-SA-candidate]
MFC r346594: Add ATA power mode support to camcontrol (fb397ee57c8c08365ddea8b35e1ae619d1674dab)
MFC r346602, r346670-r346671, r347183: tun/tap race fixes (e42a63a0bac36aaf468f1ab6042f3f3b208087c5)
HBSD: Add userland plumbing for SpectreV1 mitigation (0eda8358d017fdfa6cf841e0a5918e8674712042)
MFC r347139: MFV r347136: Update sqlite3-3.27.2 (3270200) --> sqlite3-3.28.0 (3280000) (937edc9caae05881949f1d5adec523a8943c49ae) [CVE-2019-9937 CVE-2019-9936]
MFC r346990: Fix another race between vm_map_protect() and vm_map_wire(). (b306eea91bcace5bd60b1c25f1a5b625a2226d1b)
MFC r345576: Merge r345574 from vendor-crypto: upstream: when checking that filenames sent by the server side - ssh (4594eb5f8ed47dff8bdb1e555bdc26ec8448f454)
Zero out the file directory entry metadata to reduce disk scavenging disclosure. (f9cd4e1d3edf4a05a109839fc4338b9e7a6b5a8e) [FreeBSD-SA-candidate]
HBSD MFC: This update eliminates a kernel stack disclosure bug in UFS/FFS directory entries (81b3a31ed35e05be964abad7374080e8b010a780)
MFC r345525: Fix a double free of an SCTP association in an error path. (4350926df0301958d0879d93b510e0c8eeb08799) [FreeBSD-SA-candidate]
MFC r345461: Limit the size of messages sent on 1-to-many style SCTP sockets with the SCTP_SENDALL flag. (b1fb067d0a1dcab555fb5859f174e218c9ccab0b)
MFC r345797: Add IPv6 transport for bsnmp. (ceaff709e86a05afb78e8ef0e13ca3dd93c89918)
MFC r341759, r341796, r341839, r341989, r346591: The following five MFCs update wpa 2.6 --> 2.8. (7494a812d27d369b1105029fceca079471d684f6) [FreeBSD-SA-candidate CVE-2019-9494 VU#871675 CVE-2019-9495 CVE-2019-9496 CVE-2019-9497 CVE-2019-9498 CVE-2019-9499]
MFC r345830: Create kernel module to parse Veriexec manifest based on envs (d4e7b8af8c3f2f5c222ab5fa49a6fccebec367b0)
MFC r345438,r345842,r346259,r346261: TPM as possible entropy source (12443d58f92f94d7e28f728696d4d189059e99e0)
MFC r342084,r342251,r342271,r342285: Introduce TPM2.0 driver (f036b474dc4bec6645039497beabcd97fe2b83c0)
MFC r344840: Extend libsecureboot(old libve) to obtain trusted certificates from UEFI and implement revocation (d0a2db0d1fb36f25c570e27238a6e0d76fb42d4b)
MFC r345966, r345968: Implement devctl(8) command 'reset', using DEV_RESET /dev/devctl2 ioctl. (3992f8af9955f7de08d08dfe02da8d4ac5cebf3d)
After r346168, also merge build infrastructure for LLVM libomp. (3f18402bc61b71a85aac995ef1a77454ea453939)
MFC r345425, r345514, r345799, r345800, r345803, r346157: Enable tmpfs rw->ro remounts. (98f1fb40da548d1278689d4c7bfc1e304da2510f)
MFC r345293: Update NAT64LSN implementation (cab22fce3d77d127c205601140c959bd8ab2e8af)
Revert r344898 (by kib), now that clang 8 has been merged (61688088d29805ea68449a8c443b4be2e8adaa4d)
Merge llvm, clang, compiler-rt, libc++, libunwind, lld, lldb and openmp 8.0.0 final release r356365. (37e0a32cb919afa1ddf726ad5244dc0bd8524583)
Add support for loader veriexec (69d2666cee810da18c8bad94615027fa8e28e612)
MFC r343065, r343373-r343390, r343477 if_iwm driver update (f370d6a9bd8a354e9a3d03992cf3c843e108a24f)
MFC r344569, r344618, r344621 r344569: Implement parallel mounting for ZFS filesystem (b0578f749217f485405d4aecaf7587caf9a2e89c)
MFC r344502: sh: Add set -o pipefail (038c4614d0217200688309779c9fb408b4e4b015)
NFS updates
ZFS updates
bhyve updates
big LinuxKPI updates to catch up Linux v5.0 KPI
cxgbe updates
elftoolchain updates
iflib updates
libarchive updates
libbe updates
llvm updates
loader updates
lot of SCTP related bugfixes found by syzkaller
mlx5 driver updates
nvme updates
secureboot related updates

Installer images:
http://installer.hardenedbsd.org/pub/HardenedBSD/releases/amd64/amd64/IS...

CHECKSUM.SHA512:
SHA512 (HardenedBSD-12-STABLE-v1200059-amd64-bootonly.iso) = afe98861bf4313eb7dd248feb064cde5bda02ad5a4cfdf2d7dae5fe8f33a69b7782c0462113de940b2a81c6aa2fbf4ad9d7f44b27fc62414a6a79e533bea3204 SHA512 (HardenedBSD-12-STABLE-v1200059-amd64-disc1.iso) = e4601a89d7d6633a7ee7c6642fc073e7660dd4d86c73f6901c6dfb6cc8315c2b907838ebb4506a78c9f12b34d3b77215ba8846e79fcb4be1acbf0af13a3ce79a SHA512 (HardenedBSD-12-STABLE-v1200059-amd64-memstick.img) = a998f3eef40d3c508624e7c824aaa5741a058670646895987e056d2754e43466e24e3b4d05f499c6dace965a75e96a981db23d1f0a18125b6683e2749a603cf1 SHA512 (HardenedBSD-12-STABLE-v1200059-amd64-mini-memstick.img) = 38885d8a5b1ced86863ac0891a1e93901f5dd0f0ee35ffccd28b4764e20fc899950279a7a623f901fb1627f87dccf00108f4a4b4c3e9b208dcbd1a7e2e2a592c

CHECKSUM.SHA512.asc:
-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEu1M4jTvZiSgVy54wgZsRom/9GI0FAlzx6vUACgkQgZsRom/9
GI3G8A//WVETImttEd4i+WkM4tC7E6NKVO+oXKIehKZqQu5G9gmUqwLbvMTY0eP/
K3ea/aioh1DlLlkmvpALTA24Hxuz+OVkEIa+Vml2/eOUS1Bd0FNhN5ihb5JCogsb
Uo4Bjd0p50Bxe55MTnaAuPWbJTLpBKGuboPgOd7GIzSIl0d+omEFNcTJb+24IYyF
icW0dS5E7wQ3VpbGAp9xPvXRUUACrIb0J6yuV237dVQhCYgSOtGcv+/9fh93fbpw
h+IhnyEtDjapUJ/zNwoCGmMtKjN753s5ocLYEzq/LUkBM0LLs17W4bioTNIzhzxr
4YD3qVEhVusbNiYKvwiwKgl6S4LqKQsPLjOixV0EUHfzNpm7ZpfS7oLFE9HNz1td
sBWWWOzizcnvuiL4em3CLkZk4PiuRByUpM0b1X02apZzpfm8ntWM3fxNWRgH/GaX
oJRPMBcoizLleT5qert7w9bhHA5lmaOCbre1rv6A8eCgl0EGH60/0p8VY/2/ikHi
OCXAEdYu2WRTldA6XuR2KYDRGJm7o7Lp8mYm6SnCwQfyqYmKtl7Gb6UdJqKNOWMQ
sThTnl8NMX04bXLvrmWiJGmzyGY1NW4G0pacPNa36m75Ybtq56pg1OZjwGvn0sW6
q+rJj5tDEVCDLdyE8gbE4q4fYgegz+CDJvin/MCvYEQ9xqsWoro=
=By/u
-----END PGP SIGNATURE-----

Oliver Pinter (1):

HBSD: bump __HardenedBSD_version to 1200059

Oliver Pinter + (104):

Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master

Shawn Webb (23):

Merge remote-tracking branch 'origin/freebsd/12-stable/master' into hardened/12-stable/master
HBSD: Resolve merge conflict
Merge remote-tracking branch 'origin/freebsd/12-stable/master' into hardened/12-stable/master
HBSD: Resolve merge conflict
Merge remote-tracking branch 'origin/freebsd/12-stable/master' into hardened/12-stable/master
Merge remote-tracking branch 'origin/freebsd/12-stable/master' into hardened/12-stable/master
HBSD: Resolve merge conflicts
HBSD: Fixups after llvm 8.0.0 update
HBSD: Follow-up merge conflict resolution
Merge remote-tracking branch 'origin/freebsd/12-stable/master' into hardened/12-stable/master
HBSD: Resolve merge conflict
Merge remote-tracking branch 'origin/freebsd/12-stable/master' into hardened/12-stable/master
HBSD: Resolve merge conflicts
Merge remote-tracking branch 'origin/freebsd/12-stable/master' into hardened/12-stable/master
HBSD: Resolve merge conflict
Merge remote-tracking branch 'origin/freebsd/12-stable/master' into hardened/12-stable/master
HBSD: Resolve merge conflicts
HBSD: Add userland plumbing for SpectreV1 mitigation
Merge remote-tracking branch 'origin/hardened/12-stable/master' into hardened/12-stable/master
Merge remote-tracking branch 'origin/freebsd/12-stable/master' into hardened/12-stable/master
HBSD: Resolve merge conflict
Merge remote-tracking branch 'origin/freebsd/12-stable/master' into hardened/12-stable/master
HBSD: Resolve merge conflicts

ae (19):

MFC r345292: Convert allocation of bpf_if in bpfattach2 from M_NOWAIT to M_WAITOK and remove possible panic condition.
MFC r345763: Correct a port number assignment.
MFC r345450: Add ability to automatically load ipfw_nat64, ipfw_nptv6 and ipfw_pmod
MFC r345262: Modify struct nat64_config.
MFC r345263: Add SPDX-License-Identifier and update year in copyright.
MFC r345264: Add NAT64 CLAT implementation as defined in RFC6877.
Fix the build. Include net/pfil.h to be able use IPFW_WLOCK(). In head/ after r343619 it is not required, but this change was not MFCed.
MFC r344665 (by trhodes): Grammar tweaks in ipfw manual page.
MFC r345293: Update NAT64LSN implementation:
MFC r345319: Use NET_EPOCH instead of allocating separate one.
MFC r345797: Add IPv6 transport for bsnmp.
MFC r345843: Follow the declared behaviour that specifies server string format in bsnmpclient(3).
MFC r345798: Create 64bit mibII counters for all interfaces.
MFC r346884: Add IPv6 support for O_IPLEN opcode.
MFC r346885: Handle HAVE_PROTO flag and print "proto" keyword for O_IP4 and O_IP6 opcodes when it is needed. This should fix the problem, when printed by `ipfw show` rule can not be added due to missing "proto" keyword.
MFC r347178: Add ipsec.ko to required_modules for rc.d/ipsec script.
MFC r347383: In mld_v2_cancel_link_timers() check number of references and disconnect inm before releasing the last reference. This fixes possible panics and assertion.
MFC r346630: Add GRE-in-UDP encapsulation support as defined in RFC8086.
Fix the build. Use NET_EPOCH_ENTER_ET() and NET_EPOCH_EXIT_ET().

asomers (1):

MFC r344559:

avos (10):

MFC r345318: lockf(1): return EX_UNAVAILABLE if -n is used and the lock file does not exist
MFC r344994: urtw(4): add promiscuous mode callback
MFC r344990: Fix ieee80211_radiotap(9) usage in wireless drivers:
MFC r345493: run(4): merge some common TSF-related code into run_disable_tsf()
MFC r345252: net80211: correct check for SMPS node flags updates
MFC r345729: urtw(4): export TSF timestamp for received frames via radiotap
MFC r345753: run(4): do not clear PROTECTED bit if frame was not decrypted by NIC.
MFC r345751: uath(4), urtw(4): restart driver if device does not respond after Tx request
MFC r345754: run(4): properly set F_DATAPAD radiotap flag if frame has padding between frame header and data.
MFC r346073: urtw(4), otus(4), iwi(4): allow to set non-default MAC address via ifconfig(8)

bapt (2):

MFC r344340:
MFC r344569, r344618, r344621

bcr (3):

MFC r345080:
MFC r346490:
MFC r347617: Add small EXAMPLE section to bsearch.3.

brooks (4):

MFC r347365, r347703
MFC r347940
MFC r347963:
Revert r348012, MFC r347963.

bz (7):

MFC r340494:
MFC r344700:
MFC r344959:
MFC r345370:
MFC r345372:
MFC r345757:
MFC r344740:

chuck (3):

MFC r342762: bhyve(8): Fix bhyve's NVMe Completion Queue entry values
MFC r342761: bhyve(8): Fix bhyve's NVMe queue bookkeeping
MFC r345170: bhyve(8): Fix bhyve's NVMe Identify Namespace data

cperciva (5):

MFC r345316, r345317, r345858:
MFC r346628: Split the pkg configuration file FreeBSD.conf into versions for {latest, quarterly} and use Makefile logic to decide which one to install (right now, unconditionally "latest").
On non-x86 systems, use "quarterly" packages.
MFC r345407,r345408: Add nvme to arm64 GENERIC, and build if_ena on arm64.
MFC r345405,345406,346228,346657,348195,348198: UART SPCR fixes.

cy (8):

MFC r345400-345401,345403,345412,345437:
MFC r345996:
MFC r341759, r341796, r341839, r341989, r346591: The following five MFCs update wpa 2.6 --> 2.8.
MFC r346804:
MFC r346459:
MFC r347139:
MFC r347234:
MFC r347642:

dab (1):

MFC r345009:

dchagin (11):

MFC r345468:
MFC r345469, r345470:
MFC r345471, r345472, r346603:
MFC r345473:
MFC r346965:
MFC r347016:
MFC r347052:
MFC r347196:
MFC r347202:
MFC r347203:
MFC r347204:

delphij (4):

MFC r345647:
MFC r347488,347606: Update leap-seconds to leap-seconds.3676924800.
MFC r347244:
MFC r348302:

dim (10):

MFC r345806:
MFC r345807:
Merge llvm, clang, compiler-rt, libc++, libunwind, lld, lldb and openmp 8.0.0 final release r356365.
After r346168, put the actual commit dates into UPDATING and ObsoleteFiles.inc. I completely forgot about those, sorry.
After r346168, put the actual commit dates into UPDATING and ObsoleteFiles.inc. I completely forgot about those, sorry.
Revert r344898 (by kib), now that clang 8 has been merged:
After r346168, also merge build infrastructure for LLVM libomp.
MFC r347243:
MFC r347978:
MFC r348288:

emaste (12):

MFC r344280: freebsd-update: Clarify help text
MFC r343764 (jchandra): arm, acpi: increase size of memory region arrays
MFC r345693, 345694: rtld: attempt to fix reloc_nonplt_object TLS allocation
MFC r346054: libc: update strstr implementation to match musl
MFC r345855: cpsw: use `phy-handle` in FDT to find PHY address
MFC r339648: ar: report errno on warning/error
MFC ar: implement support for /SYM64/ 64-bit archives
MFC r345576: Merge r345574 from vendor-crypto:
MFC r347186: Reformat arm64 linux syscalls.master per current style
MFC r347031: iflib: remove assertion that isc_capabilities is nonzero
MFC r346598: Enable Mellanox drivers (modules) on AArch64
MFC r348069: bootpd: avoid the same error indication for different issues

erj (4):

MFC r344643 and r345306
MFC r344817
MFC r345303, r345305, r345657, r345658
MFC r345312

eugen (1):

MFC r345130,r345184: trim(8): add another safety net and more user-friendly error message in verbose mode.

fsu (1):

MFC r346267, 346269: ext2fs: Initial version of DTrace support.

ganbold (1):

MFC r346028: Fix URE_WDT6_SET_MODE value in the register definition. Both linux and u-boot sources for RTL8152 driver has this value. RTL8152 USB ethernet is used in NanoPI R1 board as second ethernet. This fixes RTL8152 USB ethernet not detected problem after reboot.

gjb (4):

MFC 345379: Bump the IMAGE_SIZE for arm64 SoC images to prevent failures due to full filesystem. This makes the size of the arm64 SoC images consistent with armv6 and armv7.
MFC r346275: Remove INDEX-10 reference, as 10.x is now EoL.
MFC r346959: Reduce the default image size for virtual machine disk images from 30GB to 3GB. The raw images can be resized using truncate(1), and other formats can be resized with tools included in hypervisors.
MFC r347056: Increase the default size of the GCE disk image from 3GB to 20GB, as 3GB is too small as discovered in last week's snapshot builds.

glebius (2):

Merge r344741: Remove bogus assert that I added in r319722. It is a legitimate case to call soabort() on a newborn socket created by sonewconn() in case if further setup of PCB failed. Code in sofree() handles such socket correctly.
Merge r344481: Support struct ip_mreqn as argument for IP_ADD_MEMBERSHIP. Legacy support for struct ip_mreq remains in place.

gonzo (5):

MFC r343298:
MFC r343998:
MFC r345220:
MFC r345550:
MFC r346647:

grembo (1):

MFC r345512: Correct contradictory information on default syslog logging priority.

hselasky (112):

MFC r344919: Don't hold state lock while detaching network device instance in mlx4en(4).
MFC r344920: Teardown ifnet after stopping port in the mlx4en(4) driver.
MFC r345010: Improve support for switching to and from command polling mode in mlx4core.
MFC r345011: Eliminate useless warning message when reading sysctl node in mlx4core.
MFC r344795: Fix typos in libusb.
MFC r343352: Add USB quirk.
MFC r342961: snd_uaudio: Add quirks for Edirol UA-25EX in advanced driver mode.
MFC r345090: Implement dma_set_mask_and_coherent() in the LinuxKPI.
MFC r345091: Implement dev_err_once() function macro in the LinuxKPI.
MFC r345092: Properly define the DMA attribute values in the LinuxKPI.
MFC r345093: Implement BITS_PER_TYPE() function macro in the LinuxKPI. Fix some style while at it.
MFC r345094: Implement DEFINE_STATIC_SRCU() function macro in the LinuxKPI.
MFC r345095 and r345110: Implement ida_free() and ida_alloc_max() in the LinuxKPI.
MFC r345096: Implement dma_map_page_attrs() in the LinuxKPI.
MFC r345097: Implement list_for_each_entry_from_reverse() and list_bulk_move_tail() in the LinuxKPI.
MFC r345098: Implement current_exiting() in the LinuxKPI.
MFC r345099: Implement get_task_comm() in the LinuxKPI.
MFC r345101: Implement si_meminfo() in the LinuxKPI.
MFC r345104: Implement more malloc function macros in the LinuxKPI. Fix arguments for currently unused kvmalloc().
MFC r345105: Honor SYSCTL function return values when creating sysfs nodes in the LinuxKPI. Return proper error code upon failure.
MFC r345106: Define some RCU debug macros in the LinuxKPI.
MFC r345107: Implement pr_info_ratelimited() function macro in the LinuxKPI.
MFC r345108: Define SG_CHAIN and SG_END in the LinuxKPI.
MFC r345109: Implement sg_virt() function in the LinuxKPI.
MFC r345499: Change all kernel C-type macros into static inline functions.
MFC r345633: Add new USB PCI ID.
MFC r346356: Implement flag for telling cuse(3) clients if the peer is running in 32-bit compat mode or not. This is useful when implementing compatibility ioctl(2) handlers in userspace.
MFC r346229 and r346248: Fix spelling and remove superfluous USB keyword.
MFC r347185: Allow controlling pr_debug at runtime in the LinuxKPI.
MFC r347187: Implement print_hex_dump_debug() function macro in the LinuxKPI.
MFC r347188: Disabling a PCI device should only disable busmaster in the LinuxKPI.
MFC r347190: Use PCIV_INVALID in pci_channel_offline() in the LinuxKPI.
MFC r347246: Add support for Dynamic Interrupt Moderation, DIM, in mlx5en(4).
MFC r347247: Add MLX5_FPGA_RELOAD IOCTL(2) to mlx5fpga.
MFC r347248: Enable FPGA and FPGA QP errors for EQ and call the handler in mlx5core.
MFC r347249: Correctly define the interface state bits in mlx5en(4).
MFC r347250: Add temperature warning event to log in mlx5core.
MFC r347251: Import Linux code to implement mlx5_ib_disassociate_ucontext() in mlx5ib.
MFC r347252: Disable all MSIX interrupts before shutdown in mlx5.
MFC r347253: Protect from infinite sw-reset loop in mlx5core.
MFC r347254: Update Ethernet extended counters in mlx5en(4).
MFC r347255: Fix tx_jumbo_packets counter in mlx5en(4).
MFC r347256: Destroy port stats debug context in correct order in mlx5en(4). Destroy children nodes before parent nodes.
MFC r347257: Make sure to error out when arming the CQ fails in ibcore.
MFC r347258: Make sure to error out when arming the CQ fails in mlx4ib and mlx5ib.
MFC r347259: Remove unused module parameter in mlx5ib.
MFC r347260 and r347326: Correct number of elements for priority to traffic class mappings in mlx5en(4).
MFC r347261: Implement fast close of RX channel in mlx5en(4).
MFC r347262: Split mlx5e_update_stats_work() in mlx5en(4).
MFC r347263: Disable CQE zipping by default in mlx5en(4).
MFC r347264: Configure firmware to use RX hash format in mini CQE in mlx5en(4).
MFC r347265: Ticks are integer type in FreeBSD.
MFC r347266: Implement get and set nic state as global functions in mlx5core.
MFC r347267: Make sure the running variable is properly set for ratelimited SQs in mlx5en(4).
MFC r347268: Add Fast teardown support to mlx5core.
MFC r347269: Add sysctl(8) to control fast unload support in mlx5core.
MFC r347270: Expose PCAM, MCAM registers infrastructure in mlx5core.
MFC r347271: Implement PCAM, MCAM access register commands in mlx5core.
MFC r347272: Query and cache PCAM, MCAM registers on initialization in mlx5core.
MFC r347273: Add reading the mcam_reg in mlx5core.
MFC r347274: Add MCC (Management Component Control) register definitions in mlx5core.
MFC r347275: Enhance MCAM reg to allow query on access reg support in mlx5core.
MFC r347276: Add helper functions to set/query MCC/MCDA/MCQI registers in mlx5core.
MFC r347277: Avoid leaking send queue mbufs during error recovery in mlx5en(4).
MFC r347278: Fix endless loop in ipoib_poll().
MFC r347279: Fix netstat counters mapping in mlx5en(4).
MFC r347280: Fix style.
MFC r347281: Fix typo.
MFC r347282: Change implicit and probably erronous EPERM to EIO on command status error in mlx5core.
MFC r347283: Remove redundant line of code in mlx5core.
MFC r347284: Convert remaining module parameters into SYSCTLs in mlx5core.
MFC r347285 and r347327: Initial version of Mellanox in-kernel firmware upgrade support.
MFC r347286: Add mlxfw callbacks in mlx5core.
MFC r347287: Rename mlx5_fwdump_addr to more neutral mlx5_tool_addr in mlx5core.
MFC r347288: Implement userspace firmware update for ConnectX-4/5/6.
MFC r347289: Document userspace firmware flash in mlx5tool(8) and mlx5io(4).
MFC r347290: Fix for double bus master disable in mlx5core.
MFC r347291: Handle IB_EVENT_DEVICE_FATAL event in ipoib. Perform flush if IB_EVENT_DEVICE_FATAL was received.
MFC r347292: Add mlx5_firmware_update() in mlx5core. Add support for upgrading firmware on mlx5 module load.
MFC r347293: Use software counters for rx_packets and rx_bytes in mlx5en(4).
MFC r347295: Add vnic steering drop statistics in mlx5en(4).
MFC r347295: Let rx_out_of_buffer be a 32-bit counter in mlx5en(4).
MFC r347296: Correct check for the calibration generation in mlx5en(4).
MFC r347297: Control automatic update of firmware on driver load with a tunable in mlx5core.
MFC r347298: Remove unused speed enums in mlx5core.
MFC r347299: Add support for 200Gb ethernet speeds to mlx5core.
MFC r347300: Do not add IFM_10G_LR and IFM_40G_ER4 to supported media types by default in mlx5en(4).
MFC r347301: Add new rates to ibcore.
MFC r347302: Add support for 200Gbit speeds to libibverbs.
MFC r347303: Add support for new rates to mlx5ib.
MFC r347304: Always return success for RoCE modify port in mlx5ib.
MFC r347305: Move workqueue from mlx5en(4) to mlx5core.
MFC r347306: Implement reading PCI power status in mlx5core.
MFC r347307: Update performance counter bits in mlx5core.
MFC r347308: Extend the counters framework in mlx5en(4).
MFC r347309: Add support for extended PCIe counters in mlx5en(4).
MFC r347310: Expose per-lane counters before correction mechanism in mlx5en(4).
MFC r347311: Add ConnectX-6 DX HCA ID to libmlx5.
MFC r347312: Add Firmware Reset Level, MFRL, register accessors in mlx5core.
MFC r347313: Implement firmware reset from userspace in mlx5tool(8).
MFC r347314: Ensure that only one command is specified at a time in mlx5tool(8).
MFC r347315: Rename functions from mlx5_fwdump to mlx5_ctl in mlx5core.
MFC r347316: Fix for compilation warning in mlx5en(4).
MFC r347317: Remove non-functional MLX5E_MAX_RX_SEGS macro in mlx5en(4).
MFC r347318: Make command timeout way shorter in mlx5core.
MFC r347319: Flush command workqueue when command completion is triggered in mlx5core.
MFC r347320: Make sure the flow destination structure does not use values off the stack in mlx5en(4).
MFC r347321: Undo previous steps upon returning failure in mlx5en(4).
MFC r347322: Ensure the flowtable rules are not freed twice in mlx5en(4). This can happen when re-loading the driver.
MFC r347323: Fix race between driver unload and dumping firmware in mlx5core.
MFC r347324: Make command workqueue persistant in mlx5core.
MFC r347325: Bump the Mellanox driver version numbers and the FreeBSD version number.

ian (22):

MFC r342652:
MFC r342850: Add a missing \n to a bootverbose printf.
MFC r344247:
MFC r344260, r344335
MFC r345000:
MFC r345475-r345476
MFC r346312:
MFC r341420, r341473, r341651
MFC r342639:
MFC r344238-r344241
MFC r344254-r344255
MFC r344267:
MFC r344505-r344507, r344523, r344525-r344526, r344529, r344606-r344612, r344614-r344616, r344681, r344684-r344686, r344728, r344733-r344734, r344981
MFC r345480, r346013
MFC r344556:
MFC r346489:
MFC r346713:
MFC r346751:
MFC r347422:
MFC r346968, r346973
MFC r346652-r346654
MFC r347974, r348001, r348006, r348013, r348016, r348018, r348020

imp (1):

MFC: 342657, 345025

jah (1):

MFC r345741:

jhb (17):

MFC 345041: Update ccr(4) to note recent support for SHA2-224 and plain SHA hashes.
MFC 344711: Fix missed posted interrupts in VT-x in bhyve.
MFC 346063: Don't pre-reserve resources for CPU devices when they are set.
MFC 346066: Refine r330113 to honor the ProducerConsumer flag most of the time.
MFC 345659: Use a dedicated malloc type for lagg(4)'s structures.
MFC 345655: Remove nested epochs from lagg(4).
MFC 345712: Don't check the inp socket pointer in in_pcboutput_eagain.
MFC 346419: Sync cryptographic algorithm constants with current cryptodev.h.
MFC 346421: Test SHA2-224-HMAC now that OCF supports it.
MFC 346614: Skip tests with missing test vectors instead of failing.
MFC 346615: Use more descriptive algorithm names in skip messages.
MFC 346616: Run the plain SHA digest tests from NIST.
MFC 346648: Fix requests for "plain" SHA digests of an empty buffer.
MFC 346649: Don't panic for empty CCM requests.
MFC 346617: Test the AES-CCM test vectors from the NIST Known Answer Tests.
MFC 340486: Consolidate on a single set of constants for SCMD fields.
MFC 347033: Increase the VirtIO segment count to support modern Windows guests.

jhibbits (7):

MFC r339559,344083,344202,344203,344204
MFC r340262,344730
MFC r344613:
MFC r344871:
MFC r345435:
MFC r345829, r345831
MFC r347463:

jilles (2):

MFC r344502: sh: Add set -o pipefail
MFC r344306: sh: Send normal output from bind builtin to stdout

jkim (2):

MFC: r345387
MFC: r348340

johalun (24):

MFC r346712: Don't call cdev_init where cdev_alloc is called. cdev_alloc already handles initialization.
MFC ------------------------------------------------------------------------ r347470 | johalun | 2019-05-10 16:10:22 -0700 (Fri, 10 May 2019) | 9 lines
MFC r347592: LinuxKPI: Let del_timer return a value to match Linux.
MFC r347600: LinuxKPI: Add vm_fault_t type.
MFC r347601: LinuxKPI: Add prepare to pm_ops and bump FreeBSD version.
Bump FreeBSD version after change to struct in linuxkpi from r348035.
MFC r347622: LinuxKPI: Include asm/atomic-long.h from atomic.h.
MFC r347620: LinuxKPI: Update user_access_begin for Linux v5.0.
MFC r347626: LinuxKPI: Add helper macros IS_ALIGNED and DIV_ROUND_DOWN_ULL.
MFC r347623: LinuxKPI: Move {lower|upper}_32_bits macros from port to base.
MFC r347619: LinuxKPI: Expand ktime functionality.
MFC r347621: LinuxKPI: Add get_random_u32 function.
MFC r347837: LinuxKPI: Update access_ok macro for v5.0.
MFC r347852: LinuxKPI: Updates to tasklets for Linux 5.0.
MFC r347843: LinuxKPI: Add group_leader member to struct task_struct.
MFC r347891: LinuxKPI: Add in_task macro.
MFC r347596: LinuxKPI: Add context member to ww_mutex and bump FreeBSD version.
MFC r344485: import linux debugfs support
LinuxKPI: Register new linuxkpi and lindebugfs source files.
MFC r344486: Change seq_read to seq_load to avoid namespace conflicts with lkpi
MFC r347892: LinuxKPI: Finalize import of seq_file.
MFC r344384: Add non-sleepable strdup variant strdup_flags
MFC r344385: PFS: Bump NAMELEN and don't require clients to be sleepable
LinuxKPI: Revert MFC of r347892

kadesai (1):

MFC r345056, r345058, r345059

ken (2):

MFC 344761: ------------------------------------------------------------------------ r344761 | ken | 2019-03-04 09:30:37 -0500 (Mon, 04 Mar 2019) | 18 lines
MFC r345008: ------------------------------------------------------------------------ r345008 | ken | 2019-03-11 10:21:14 -0400 (Mon, 11 Mar 2019) | 59 lines

kevans (34):

MFC r344677: patch(1): Exit successfully if we're fed a 0-length patch
MFC r345516: netbsd-tests: import memory bump for libc/regex/t_exhaust
dtc(1): Update to 1a79f5f26631
MFC r344243, r345517-r345518: lualoader: More intelligent screen clearing
MFC r345848: libbe(3): Add a serial to the generated snapshot names
MFC r343335, r343977, r343993-r343994, r344034, r344084, r345302, r345769
MFC r343240: iwm(4): Fix possible null pointer indirection
MFC r343255: awg: fix soft reset failure with no link
MFC r343065, r343373-r343390, r343477
MFC r343599: libc/tests: Add test case for jemalloc/libthr bug fixed/r343566
MFC r345680: NOTES: Use non-default value for BOOT_TAG
MFC r344161: stand: dev_net: correct net_open's interpretation of params
MFC r345180, r345187: if_bridge(4): Fix module teardown
MFC r346082: libbe(3): use libzfs name validation for datasets/snapshot names
MFC r346132: stand: refactor overlay loading a little bit
MFC r345192-r345194: if_bridge(4): Drop pointless rtflush
MFC r345519: DTS/DTSO makeoptions
MFC r346252: cron(8): Add MAILFROM ability for crontabs
MFC r346427: cron(8): schedule interval jobs that loaded during execution
MFC r346254: config(8): replace opteq with a call to strcasecmp
MFC r346307, r346618: Further DTB building consolidation/documentation
MFC r346469: dtc(1): Pull in fix for segfault-upon-error condition
MFC r345139, r345151, r346324, r346328: ether_gen_addr KPI
Bump __FreeBSD_version for ether_gen_addr availability
MFC r346545-r346546, r346680, r346700, r346705
MFC r346688-r346689: tap(4) MODULE_VERSION
MFC r347021: fdt: Fix installation of aarch64 dtb
MFC r347027-r347028: libbe(3) mountpoint handling fixes
MFC r346602, r346670-r346671, r347183: tun/tap race fixes
MFC r347241 (partial), r347392, r347429: ifconfig(8) ifname <-> kld mapping
MFC r347578: tun/tap: Defer clearing if_softc until after if_detach
MFC r347640: libbe(3): Descend into children of datasets w/ mountpoint=none
MFC r348127: bectl(8): add description for create subcommand
MFC r348215, r348219: fix bectl(8) jail w/ numeric BE names

kib (58):

MFC r345190: Provide deterministic (and somewhat useful) value for RDPID result, and for %ecx after RDTSCP.
MFC r345225: amd64: rewrite cpu_switch.S fragment to reload tss.rsp0 on context switch.
MFC r345226: amd64: fix switching to the pmap with pti disabled.
MFC r345227: amd64: Add md process flags and first P_MD_PTI flag.
MFC r345228: amd64 KPTI: add control from procctl(2).
MFC r345229: proccontrol(1): Add kpti control mode.
MFC r345442: Add UPDATING note for geom_uzip(4)/xz, and bump geom_uzip(4) man page date.
MFC r345070: isci(4): Use controller->lock for busdma tags.
MFC r345324: vm_fault_copy_entry: accept invalid source pages.
MFC r345376: nullfs: fix unmounts when filesystem is active.
MFC r345452: ASLR: check for max_addr after applying randomization, not before.
MFC r345620: rtld: disable relro enforcement for irelative relocation processing.
MFC r345847: msdosfs: zero tail of the last block on truncation for VREG vnodes as well.
MFC r345702,r345954: Eliminate adj_free field from vm_map_entry.
MFC r345955: vn_vmap_seekhole(): align running offset to the block boundary.
MFC r345703: Fix initial exec TLS mode for dynamically loaded shared objects.
MFC r346031: Handle races when remounting UFS volume from ro to rw.
MFC r346038: Exercise some care before sending SIGHUP to mountd.
MFC r346062: pci_cfgreg.c: Use io port config access for early boot time.
MFC r345425, r345514, r345799, r345800, r345803, r346157: Enable tmpfs rw->ro remounts.
MFC r346064: Fix dirty buf exhaustion easily triggered with msdosfs.
MFC r346065: Add vn_fsync_buf().
MFC r346158: Do not access mutex memory after unlock.
MFC r345959: Add __BEGIN_DECLS/__END_DECLS braces to libdevctl header.
MFC r345964: Remove single-use DEV_RESET() macro.
MFC r345960: Provide newbus infrastructure for initiating device reset.
MFC r345963, r345997: Implement resets for PCI buses and PCIe bridges.
MFC r345965: Add DEV_RESET /dev/devctl2 ioctl.
MFC r345966, r345968: Implement devctl(8) command 'reset', using DEV_RESET /dev/devctl2 ioctl.
MFC r346216: ld-elf.so: make LD_DEBUG always functional.
MFC r346225: Fix order of destructors between main binary and libraries.
MFC r345562 (by cem), r346294: x86: Use XSAVEOPT for fpusave(), when available.
MFC r346350: Reduce verbosity, do not announce details of irte programming by default.
MFC r346351: Remove witness warning. dmar_bus_dmamap_create() does not sleep.
MFC r346352, r346355: Correct handling of RMRR during early enumeration stages.
MFC r346596: ipoib: assign link-local address according to RFC.
MFC r346851: Remove witness warning, same as r346351 for busdma_dmar.
MFC r346990: Fix another race between vm_map_protect() and vm_map_wire().
MFC r347019: Cleanup for rtld_malloc.c.
MFC r347133: arm64: Properly restore PAN when done with userspace access in casueword.
MFC r347150, r347180: Do not collapse objects with OBJ_NOSPLIT backing swap or default object.
MFC r347566: Mitigations for Microarchitectural Data Sampling.
MFC r347148: imgact_elf: do not relock the text vnode if possible.
MFC r347368: x86: Put other CPUs into tight loop when updating Intel microcode from loaded OS.
MFC r343985, r344133, r345273 (by bde): Prevent overflow for usertime/systime in caclru1().
MFC r347625: Properly announce MD_CLEAR.
MFC r347690, r347946: imgact_elf.c: Add comment explaining the malloc/VOP_UNLOCK() dance from r347148.
MFC r347216: amd64: fix BUS_SPACE_MAXSIZE to 64bit max value.
MFC r347692: Remove more dead definitions from rtld_malloc.c after r347019.
MFC r347693: rtld_malloc.c: cleanup morepages().
MFC r347694: subr_turnstile: Extract some common code to a helper.
MFC r347698: amd64 pmap: sysctl vm.pmap.pcid_save_cnt should be read-only.
MFC r348075: Do not call hw_mds_recalculate() from initializecpu().
MFC r348052: NDFREE(): Fix unlocking for LOCKPARENT|LOCKLEAF and ndp->ni_dvp == ndp->ni_vp.
MFC r348156: Make pack_kinfo() available for external callers.
MFC r348157: Report ref count of the backing object as st_nlink for posix shm fd.
MFC r348158: Add a kern.ipc.posix_shm_list sysctl.
MFC r348167, r348168, r348359, r348361: Add posixshmcontrol(1) utility.

kp (9):

MFC r345366:
MFC r345223:
MFC r345178:
MFC r345177:
MFC r346319:
MFC r346320:
MFC r346347:
MFC r346349:
MFC r346370:

lidl (1):

MFC r345005: Remove an unneeded 'tail -n 1' from a pipeline in growfs rc script

manu (1):

MFC r345159:

marcel (2):

MFC 344790:
MFC 344826:

markj (29):

MFC r345355: Ensure that we use a 64-bit value for the last mmap() argument.
MFC r344935: Have pthread_cond_destroy() return EBUSY if the condvar has waiters.
MFC r344823: Show wiring state of map entries in procstat -v.
MFC r345560: Add CTLFLAG_VNET to the net.inet.icmp.tstamprepl definition.
MFC r345596: Fix pidfile_open(3) to handle relative paths with multiple components.
Fix if_(m)addr_rlock().
MFC r345359, r345384: Don't attempt to measure TSC skew when running as a VM guest.
MFC r345513: Reject F_SETLK_REMOTE commands when sysid == 0.
MFC r345593: Prepend DW_AT_comp_dir to relative line number directory table entries.
MFC r345739: Do not perform DAD on stf(4) interfaces.
MFC r346011: Stop compiling bhyve(8) with -O0.
MFC r346010: Fix indentation.
MFC r345348, r345594: Use -fdebug-prefix-map to map auto-generated kernel build paths.
MFC r346009: Set the p_oppid field of orphans when exiting.
MFC r346118: Reinitialize multicast source filter structures after invalidation.
MFC r346543: Disable vm map consistency checking by default on INVARIANTS kernels.
MFC r346440: Export cpu_core from opensolaris.ko.
MFC r346544: Clarify the relationship between INVARIANTS and DIAGNOSTIC a bit.
MFC r346888: Stop checking TD_IDLETHREAD() in buffer cache routines.
MFC r346960: Retry upon NET_RT_IFLIST sysctl failure.
MFC r347227: Simplify the test against maxproc in fork1().
MFC r347564: Fix formatting.
MFC r347569: Remove redundant -Wl uses from the kernel's LDFLAGS.
MFC r347570: Specify -z notext when building with -z ifunc-noplt.
MFC r348002: Typo.
MFC r348066, r348090: bootpd: Add an option to skip modifications to the ARP table.
MFC r348082: Provide an example of using dhclient-script(5) to configure netdump.
MFC r348080, r348081: Add platform-dependent DTrace tests.
MFC r346932, r347159: Optimize lseek(SEEK_DATA) on UFS.

mav (37):

MFC r345333: Add some Cannon Lake chipset IDs.
MFC r345332: Tune chipset naming.
MFC r345849: List few more ATA commands.
MFC r345850: Fix typos in r345849.
MFC r344926: MFV/ZoL: Fix zfs_vdev_aggregation_limit bounds checking
MFC r344934, r345014: Add separate aggregation limit for non-rotating media.
MFC r344936: MFV/ZoL: Disable LBA weighting on files and SSDs
MFC r339775 (by imp): Put a workaround in for command timeout malfunctioning
MFC r340412 (by imp): Use atomic_load_acq_int() here too to poll done, ala r328521
MFC r340481 (by imp): Remove do-nothing nvme_modevent.
MFC r341710 (by imp): Even though they are reserved, cdw2 and cdw3 can be set via nvme-cli (and soon nvmecontrol). Go ahead and copy them into rsvd2 and rsvd3.
MFC r342862 (by chuck): Add NVMe drive to NOIOB quirk list
MFC r344640 (by imp): Remove #ifdef code to support FreeBSD versions that haven't been supported in years. A number of changes have been made to the driver that likely wouldn't work on those older versions that aren't properly ifdef'd and it's project policy to GC such code once it is stale.
MFC r344642 (by imp): Unconditionally support unmapped BIOs. This was another shim for supporting older kernels. However, all supported versions of FreeBSD have unmapped I/Os (as do several that have gone EOL), remove it. It's unlikely the driver would work on the older kernels anyway at this point.
MFC r344736 (by imp): Add ABORTED_BY_REQUEST to the list of things we look at DNR bit and tell why to comment (code already does this)
MFC r345805: Unify SCSI_STATUS_BUSY retry handling with other cases.
MFC r346159: Fix thread name buffer overflow.
MFC r346161: Fix SCSI sense data pass through.
MFC r340311: Do not ignore arc_adjust() return value.
MFC r344601 (by sef): Set process title during zfs send.
MFC r345200: MFV r336930: 9284 arc_reclaim_thread has 2 jobs
MFC r339826 (by yuripv): Provide basic descriptions for VMX exit reason (from "Intel 64 and IA-32 Architectures Software Developerâ€™s Manual Volume 3"). Add the document to SEE ALSO in bhyve.8 (and pet manlint here a bit).
MFC r345656: Do not map small IOCTL buffers to KVA, but copy.
MFC r344192 (by sef): Add support for a virtual hostname to nfsd
MFC r346644: Call delist_dev() before destroy_dev_sched_cb().
MFC r346760: Fix minor mismerges.
MFC r346762: Add mutex_destroy() missed in r334844.
MFC r346491: Polish SCSI sense data validity checks.
MFC r346511: Report DIF protection type the disk is formatted with.
MFC r346898: ip multicast debug: fix strings vs defines
MFC r346976: Respect quotes and escapes when splitting exports fields.
MFC r347198: Drop periph lock around cam_periph_unmapmem().
MFC r347158: Decode Deallocate Logical Block Features.
MFC r347160: Decode some more ATA commands found in ACS-4.
MFC r347240: Fix dataset name comparison in zfs_compare().
MFC r346390: Change the way FreeBSD GID inheritance is hacked.
MFC r348111: Simplify math added in r310524.

mckusick (8):

MFC of 343536, 345077, and 345352
MFC of 345758
MFC of 345758
HBSD MFC: This update eliminates a kernel stack disclosure bug in UFS/FFS directory entries that is caused by uninitialized directory entry padding written to the disk. It can be viewed by any user with read access to that directory. Up to 3 bytes of kernel stack are disclosed per file entry, depending on the the amount of padding the kernel needs to pad out the entry to a 32 bit boundry. The offset in the kernel stack that is disclosed is a function of the filename size. Furthermore, if the user can create files in a directory, this 3 byte window can be expanded 3 bytes at a time to a 254 byte window with 75% of the data in that window exposed. The additional exposure is done by removing the entry, creating a new entry with a 4-byte longer name, extracting 3 more bytes by reading the directory, and repeating until a 252 byte name is created.
Zero out the file directory entry metadata to reduce disk scavenging disclosure.
HBSD MFC: Simplify calculation of DIRECTSIZ. No functional change intended.
MFC of 347064, 347066, and 347130
MFC of 348074

mhorne (1):

MFC r346016: Add option to build LLVM RISC-V target

mm (1):

MFC r345497: Sync libarchive with vendor.

mw (10):

MFC r344676: Prevent detaching driver if the attach is not finished
MFC r345371: Prevent double activation of admin interrupt in ENA
MFC r345373: Add bus_release_resource() method to nexus on arm64
MFC r343911: Allow reading the UEFI variable size
MFC r344840: Extend libsecureboot(old libve) to obtain trusted certificates from UEFI and implement revocation
MFC r342084,r342251,r342271,r342285: Introduce TPM2.0 driver
MFC r343438: Use ACPI TPM2 table to probe tpmtis and tpmcrb device
MFC r345438,r345842,r346259,r346261: TPM as possible entropy source
MFC r343455: Fix tpm2 acpidump compilation on 32-bit
MFC r345830: Create kernel module to parse Veriexec manifest based on envs

ngie (18):

MFC r344067:
MFC r345216:
MFC r344662:
MFC r345644,r346061:
MFC r339473,r340075,r342918,r343592,r343593,r343614,r343665,r343669:
MFC r346056:
MFC r346542:
MFC r346539:
MFC r345723:
MFC r346571,r346572:
MFC r345351: r345351 (by bdrewery):
MFC r346578:
MFC r347075:
MFC r345203,r345205,r345353,r345645,r345708,r345709,r345735,r345770,r346574,r346576:
Revert r348136
MFC r345203,r345205,r345353,r345645,r345708,r345709,r345735,r345770,r346081,r346270,r346574,r346576:
Regenerate src.conf(5) after r348138
MFC r346431,r347417,r348019:

np (27):

MFC r339628:
MFC some iw_cxgbe fixes (r339667, r339891, r340063, r342266, r342270, r342272, r342288-r342289, r343569, r344617, and r345307).
MFC r339700:
MFC r339705:
MFC r339717, r339749, and r339809.
MFC r339886:
MFC r339965:
MFC r339967:
MFC r341654:
MFC r341172, r341270 (both by jhb@).
MFC r342208:
MFC r342234:
MFC r342758:
MFC r342284:
MFC r342356:
MFC r342954:
MFC r343233:
MFC r343539:
MFC r343889:
MFC r341620:
MFC r344524:
MFC r344519, r344682, and r344719.
MFC r340651, r343264, r343269, and r345083.
MFC r344654, r345334.
MFC r343666, r343861-r343862, r343923, r343968, r345660, and r345810.
MFC r340375 (by jch@):
MFC r346567:

oshogbo (3):

MFC r346112: libnv: fix compilation warnings
MFC r346113: libnv: fix compilation warnings
MFC r346263: tcpdump: disable Capsicum if -E option is provided.

peterj (3):

MFC r343953: Replace calls to sin(x) and cos(x) with a single call to sincos(). Replace calls to sinf(x) and cosf(x) with a single call to sincosf().
MFC: r346265 Fix cpufreq(4) on RPI-B
MFC: r346266 Specify correct Ethernet phy for RPI-B

philip (2):

MFC r345524: Import tzdata 2019a
MFC r345526:

rgrimes (5):

MFC: r345888: Use IN_foo() macros from sys/netinet/in.h inplace of handcrafted code
MFC: r346715: Acpi MADT table correction for VM_MAXCPU > 21
MFC: r347960: bhyve virtio needs barriers
MFC: r346714: Add accessor function for vm->maxcpus
MFC: r346717: Make bhyve SMBIOS table topology aware

rmacklem (13):

MFC: r345818, r345828 Fix a race in the RPCSEC_GSS server code that caused crashes.
MFC: r345866 Fix malloc stats for the RPCSEC_GSS server code when DEBUG is enabled.
MFC: r345992, r346087 Add INET6 support for the upcalls to the nfsuserd daemon.
MFC: r345994 Fix nfsuserd so that it handles the mapped localhost address when jails are enabled.
MFC: r345995 Delete the BUGS entry related to failing when jails are enabled.
MFC: r346190 Fix nfsdumpstate(8) so that it can print out INET6 callback addresses.
MFC: r346191 Add support for INET6 addresses to the kernel code that dumps open/lock state.
MFC: r346192 Fix printing of the line that starts with "LocalOpen...".
MFC: r346709 Add support to nfsdumpstate for printing of INET6 addresses for locks.
MFC: r346365 Fix the NFSv4.0 server so that it does not support NFSv4.1 attributes.
MFC: r346423 Replace "vp" with NULL to make the code more readable.
MFC: r346424 Add support for the ModeSetMasked attribute to the NFSv4.1 server.
MFC: r346856 Add #ifdef INET6 around declaration of nbuf.

rpokala (3):

MFC r339683: Remove redundant redeclaration of netmap_vp_reg(). This should unbreak sparc64 and powerpc LINT builds.
MFC r345457:
MFC r345611:

rwatson (2):

Merge r346814 from head to stable/12:
Merge r346846 from head to stable/12:

shurd (1):

MFC r346708:

sjg (7):

Add _PC_ACL_* to vop_stdpathconf
Add support for loader veriexec
Regenerate src.conf.5 for recent changes.
Allow no_hash to appear in manifest.
libsecureboot: make it easier to customize trust anchors
libsecureboot: allow control of when pseudo pcr is updated
load_key_buf do not free data from dearmor

smh (1):

MFC r346594: Add ATA power mode support to camcontrol

trasz (8):

MFC r344705:
MFC r345448:
MFC r345547:
MFC r345661:
MFC r346030:
MFC r346053:
MFC r346076:
MFC r346120:

tsoome (2):

MFC: r344248,r344387
MFC r347142:

tuexen (45):

MFC r343401: Update a comment to reflect the current reality. SYN-cache entries live for abaut 12 seconds, not 45, when default setting are used.
MFC r343525: Fix the detection of ECN-setup SYN-ACK packets.
MFC r343661: When handling SYN-ACK segments in the SYN-RCVD state, set tp->snd_wnd consistently.
MFC r343742: Add missing SCTP_EOR entry.
MFC r343769: Fix an off-by-one error in the input validation of the SCTP_RESET_STREAMS socketoption.
MFC r343770: Only reduce the PMTU after the send call. The only way to increase it, is via PMTUD.
MFC r343951: Fix locking for IPPROTO_SCTP level SCTP_DEFAULT_PRINFO socket option. This problem occurred when calling setsockopt() will invalid parameters.
MFC r343954: Fix a locking bug in the IPPROTO_SCTP level SCTP_EVENT socket option. This occurs when call setsockopt() with invalid parameters.
MFC r340179: Don't use a function when neither INET nor INET6 are defined. This is a valid case for the userland stack, where this fixes two set-but-not-used warnings in this case.
MFC r343960: Fix a locking issue in the IPPROTO_SCTP level SCTP_PEER_ADDR_THLDS socket option. The problem affects only setsockopt with invalid parameters.
MFC r343961: Fix a locking issue when reporing outbound messages.
MFC r344048: Improve input validation for raw IPv4 socket using the IP_HDRINCL option.
MFC r344148: Fix a byte ordering issue for the advertised receiver window in ACK segments sent in TIMEWAIT state, which I introduced in r336937.
MFC r344367: Use exponential backoff for retransmitting SYN segments as specified in the TCP RFCs.
MFC r344368: Reduce the TCP initial retransmission timeout from 3 seconds to 1 second as allowed by RFC 6298.
MFC r344704: Improve consistency, no functional change.
MFC r344708: Honor the memory limits provided when processing the IPPROTO_SCTP level socket option SCTP_GET_LOCAL_ADDRESSES in a getsockopt() call.
MFC r344721: Report the correct length when using the IPPROTO_SCTP level socket options SCTP_GET_PEER_ADDRESSES and SCTP_GET_LOCAL_ADDRESSES.
MFC r344722: Use correct buffer sizes in sctp_get[lp]addrs().
MFC r344723: Handle the case when calling the IPPROTO_SCTP level socket option SCTP_STATUS on an association with no primary path (early state).
MFC r344724: Allow SCTP stream reconfiguration operations only in ESTABLISHED state.
MFC r344726: Remove debug output.
MFC r344742: Allocate an assocition id and register the stcb with holding the lock. This avoids a race where stcbs can be found, which are not completely initialized.
MFC r344872: After removing an entry from the stream scheduler list, set the pointers to NULL, since we are checking for it in case the element gets inserted again.
MFC r344924: Some cleanup and consistency improvements.
MFC r344925: Fix locking bug.
MFC r345441: Fix a KASSERT() in tcp_output().
MFC r345458: Add sysctl variable net.inet.tcp.rexmit_initial for setting RTO.Initial used by TCP.
MFC r345460: Limit the number of bytes which can be queued for SCTP sockets. This is joint work with rrs@.
MFC r345461: Limit the size of messages sent on 1-to-many style SCTP sockets with the SCTP_SENDALL flag. Allow also only one operation per SCTP endpoint.
MFC r345465: Fix a signed/unsigned bug when receiving SCTP messages. This is joint work with rrs@.
MFC r345494: Fix the handling of fragmented unordered messages when using DATA chunks and FORWARD-TSN.
MFC r345504: Improve locking when tearing down an SCTP association. This is joint work with rrs@ and the issue was found by syzkaller.
MFC r345505: Initialize scheduler specific data for the FCFS scheduler. This is joint work with rrs@. The issue was reported by using syzkaller.
MFC r345525: Fix a double free of an SCTP association in an error path. This is joint work with rrs@. The issue was found by running syzkaller.
MFC r346134: Fix an SCTP related locking issue. Don't report that the TCB_SEND_LOCK is owned, when it is not.
MFC r346182: When sending IPv4 packets on a SOCK_RAW socket using the IP_HDRINCL option, ensure that the ip_hl field is valid. Furthermore, ensure that the complete IPv4 header is contained in the first mbuf. Finally, move the length checks before relying on them when accessing fields of the IPv4 header.
MFC r346197: When sending a routing message, don't allow the user to set the RTF_RNH_LOCKED flag in rtm_flags, since this flag is used only internally.
MFC r346400: Improve input validation for the socket option IPV6_CHECKSUM.
MFC r346854: Some test scripts use ncat --sctp --listen port to run an SCTP discard server in the background. However, when running in the background, stdin is closed and ncat initiates a graceful shutdown of the SCTP association. This is not expected by the client. Therefore, the ncat-based discard server is replaced by a perl-based one.
MFC r347233:
MFC r347381:
MFC r347382:
MFC r347975: Improve input validation for the IPPROTO_SCTP level socket options SCTP_CONNECT_X and SCTP_CONNECT_X_DELAYED.
MFC r348290: When an ACK segment as the third message of the three way handshake is received and support for time stamps was negotiated in the SYN/SYNACK exchange, perform the PAWS check and only expand the syn cache entry if the check is passed. Without this check, endpoints may get stuck on the incomplete queue.

vmaffione (1):

MFC r345269, r345323

wulf (1):

MFC: r344982, r345022

ygy (3):

MFC r345816:
MFC r345887:
MFC r347565:

Uploads:

shortlog-HardenedBSD-12-STABLE-v1200059.txt

CHECKSUM.SHA512.txt

CHECKSUM.SHA512.asc_.txt

HardenedBSD

Stable release: HardenedBSD-stable 12-STABLE v1200059

Uploads:

Donate to HardenedBSD

2021 Donation Status

Links

Uploads:

Donate to HardenedBSD

2021 Donation Status

Search form

Links