Oliver Pinter (1): HBSD MFC r340205: Avoid specifying VM_PROT_EXECUTE in mappings from pipe_map and exec_map. Oliver Pinter + (38): Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master ae (9): MFC r340100: Do not use bzero() for the O_ICMP6TYPE opcode. MFC r339535: Do not allow use `create` keyword as hostname when ifconfig(8) is invoked for already existing interface. MFC r339545: Do not decrement RST life time if keep_alive is not turned on. MFC r339539: Add IPFW_RULE_JUSTOPTS flag, that is used by ipfw(8) to mark rule, that was added using "new rule format". And then, when the kernel returns rule with this flag, ipfw(8) can correctly show it. MFC r339533: Add sadb_x_sa2 extension to SADB_ACQUIRE requests. MFC r339542: Retire IPFIREWALL_NAT64_DIRECT_OUTPUT kernel option. And add ability to switch the output method in run-time. Also document some sysctl variables that can by changed for NAT64 module. MFC r339544: Call inet_ntop() only when its result is needed. Revert r340541. It requires VNET_DEFINE_STATIC() macro that is not yet merged into stable/11. MFC r340689: Make multiline APPLY_MASK() macro to be function-like. avg (2): MFC r339591: ichwd: add support for TCO watchdog timer in Lewisburg PCH (C620) MFC r339595: nfsrvd_readdirplus: for some errors, do not fail the entire request bz (1): MFC r340251: emaste (19): MFC r312758: Add sys/capability.h deprecation warning MFC r306023: auditdistd: update for sys/capability.h rename MFC r306024: mrsas: update for sys/capability.h rename MFC r340137: rtld: move relro enforcement after ifunc processing MFC r340171: capability.h: add comment about planned removal timeline MFC r340076: Define NT_FREEBSD_FEATURE_CTL ELF note type MFC r340075: readelf: decode R_MIPS_HIGHER and R_MIPS_HIGHEST relocation types MFC r331078 (cem): nm: Initialize allocated memory before use MFC r327219: readelf: report byte size for DT_PREINIT_ARRAYSZ MFC r323632 (jhb): readelf: Add missing newline Fix objcopy for little-endian MIPS64 objects. MFC r338485 (jhb): libelf: Add gelf_mips64el.c to file list MFC r340329: build(7): clarify buildenv target can be used for non-cross builds MFC r340288: nvi: remove superfluous space before ^\ MFC r340299: Octeon SDK: avoid use of uninitialized variable MFC r340661 (rmacklem): MFC r340662 (rmacklem): MFC r340663 (rmacklem): MFC r340771: proto: change device permissions to 0600 eugen (13): MFC r340249: ipfw.8: fix small syntax error in an example MFC r339465: rc.initdiskless: add support for auxiliary NVRAM. MFC r339472: rc.initdiskless: fix commentary grammar after r339465 MFC r339558: New sysctl: net.inet.icmp.error_keeptags Unbreak build after r340670. This is direct commit to stable/11. MFC r339807: Prevent multicast code from panicing due to unprotected access to INADDR_HASH. MFC r339811: route(8): correctly return exit status when "-q" flag is used. MFC r339806: Prevent stf(4) from panicing due to unprotected access to INADDR_HASH. MFC r339816: mount_msdosfs MFC r339810: ipfw: implement ngtee/netgraph actions for layer-2 frames. MFC r339808: Prevent ip_input() from panicing due to unprotected access to INADDR_HASH. MFC r339817: makewhatis: do not try to operate on read-only mounted directories just to fail later. MFC r339818: rcorder(8): gjb (1): MFC r340260 (emaste): Avoid buffer underwrite in icmp_error hselasky (8): MFC r340089: Use correct type for IOCTL request argument. This fixes signed IOCTL value warnings in uhsoctl(). MFC r340212: Sometimes the complete split packet may be queued too early and the transaction translator will return a NAK. Ignore this message and retry the complete split instead. MFC r340248: Don't read the USB audio sync endpoint when we don't use it to save isochronous bandwidth. MFC r340254: Put a size limit on the opensm.log and use bzip2(1). MFC r340479: Implement ktime_get_ts64() function macro in the LinuxKPI. MFC r340480: Define asm macro in the LinuxKPI. MFC r340621: Be more verbose when a sysctl fails to unregister. Print name of sysctl in question. MFC r340622: Minor code factoring. No functional change. jhb (3): MFC 340164,340168,340170: Add custom cpu_lock_delay() for x86. MFC 338511: bhyve: Use MAP_GUARD when mapping guest memory ranges. MFC 339312,339364: Restore more descriptors during VM exits. jkim (1): Merge OpenSSL 1.0.2q. kevans (1): MFC r340392: Add dynamic_kenv assertion to init_static_kenv kib (8): MFC r339892: Clarify explanation of VFCF_SBDRY. MFC r339896: Initialize ifunc calling machinery earlier. MFC r325771, r325777, r325778 (all by jhb): MFC r340136: Move the fixed base for PIE loading on arm. MFC r339897: Remove rtld use of libc amd64_set_fsbase(). MFC r340487: Align IA32_ARCH_CAP MSR definitions and use with SDM rev. 068. MFC r340842: Silence gcc warnings. MFC r340675: rtld: when immediate bind mode is requested, process irelocs in PLT immediately after other PLT relocs. kp (12): MFC r339464: MFC r339470: MFC r339578: MFC r339676: MFC r340065: MFC r340066: MFC r340067: MFC r340068: MFC r340070: MFC r340072: MFC r340265: MFC r340264: manu (1): Fix dtb path for beaglebone* boards. marius (2): MFC: r340495 MFC: r339007, r340543, r340654 markj (9): MFC r340205: Avoid specifying VM_PROT_EXECUTE in mappings from pipe_map and exec_map. MFC r340699: Clear pad bytes in the struct exported by kern.ntp_pll.gettime. MFC r340734: Avoid unsynchronized updates to kn_status. MFC r340772: Clear unused bytes in ia32_osendsig(). MFC r340783: Plug some networking sysctl leaks. MFC r340856: Ensure that directory entry padding bytes are zeroed. MFC r340899: Plug some kernel memory disclosures via kevent(2). MFC r340897: Lock the knlist before releasing the in-flux state in knote_fork(). MFC r340898: Ensure that knotes do not get registered when KQ_CLOSING is set. mmacy (2): Backport of r338074 - generalize uart_bus_probe and add SNPS support to x86 e1000: Don't use 9k jumbo clusters oshogbo (1): MFC r335844: rmacklem (1): MFC: r339999 Fix NFS client vnode locking to avoid a crash during forced dismount. royger (1): MFC r338628: xen: limit the usage of PIRQs to a legacy PVH Dom0 scottl (1): Fix a regression from prior to 11.2 that caused MSI (not MSI-X) interrupt allocation to fail. While here, refactor the code so that it's more clear and less likely to break in the future. This is not an MFC due to the code in 12/head being very different, but it follows the latter's structure more closely than before. tijl (3): MFC r340181, r340185: MFC r340631: MFC r340674: vangyzen (1): MFC r340257 wulf (1): MFC r337287: ygy (1): MFC r338977: