@opntr opntr released this Mar 7, 2018 · 2534 commits to hardened/11-stable/master since this release

Assets 2

Warning: this is a security and feature update!

Highlights:

  • HBSD MFC r330539: amd64 - Protect the kernel text, data, and BSS
  • HBSD MFC r315914: Remove buggy adjustment of page tables in db_write_bytes().
  • HBSD MFC r330538: amd64 - Nudge lld to break the kernel read-only and read-write sections into separate 2M pages.
  • HBSD MFC r330511: amd64 - set NX bit on PML4E for recursive page table mappings
  • HBSD MFC r329071: amd64 - align kernel map to 2MB
  • MFC r330027: iconv uses strlen directly on user supplied memory (ad9743a 8e1404e)
  • MFC r320367: Add "Terminus BSD Console" size 32 (0166c5a)
  • MFC r330104: MFV r330102: ntp 4.2.8p11 (9c7570c) [FreeBSD-SA-18:02.ntp CVE-2018-7182, CVE-2018-7170, CVE-2018-7184, CVE-2018-7185, CVE-2018-7183]
  • MFC r329561: Check packet length to do not make out of bounds access. [FreeBSD-SA-18:01.ipsec CVE-2018-6916]
  • MFC r329254: Ensure memory consistency on COW. (Fixes stability issues on AMD Ryzen machines) (c3179a4)
  • HBSD MFC r329281: x86 pmap: Make memory mapped via pmap_qenter() non-executable (abe421b)
  • HBSD: enable PTI by default, when option PAX specified (c0bb295)
  • MFC r328083,328096,328116,328119,328120,328128,328135,328153,328157,328166,328177,328199,328202,328205,328468,328470,328624,328625,328627,328628,329214,329297,329365: Meltdown mitigation by PTI, PCID optimization of PTI, and kernel use of IBRS for some mitigations of Spectre. (6dd025b) [FreeBSD-SA-Candidate CVE-2017-5715 CVE-2017-5754]
  • MFC r327444, r327449, r327454: vt(4): add support for configurable console palette (416ac1f)
  • HBSD: allow to set PaX features as jail parameters (45748d2)
  • MFC r323683: MFV r323678: file 5.32 (2f9dccc)
  • MFC r328032,r328060,r328243: service(8): Support services in jails (d3a9144)
  • MFC (conceptually) r328107: Add /boot/overlays (FDT) (4bc066c)
  • add smn(4) driver for AMD System Management Network (2314d2b)
  • if_iwm driver backport from freebsd/current/master (adds support for Intel 8265 and lot of bugfixes) by eadler@
  • linuxkpi fixes (allows to use latest drm-kmod-next on 11-STABLE) by hselasky@
  • zfs updates
  • loader backports from freebsd/current/master by kevans@
  • opencrypto updates
  • lock primitive optimizations
  • bhyve vmrun.sh updates
  • hbsd-update updates
  • HardenedBSD in kernel cleanups and simplifications
  • mkimg updates
  • libarchive updates
  • nvme subsystem backports

Changelog

Oliver Pinter (22):
      Merge remote-tracking branch 'origin/freebsd/11-stable/master' into hardened/11-stable/master
      HBSD: resolve merge conflict in sys/boot/efi/libefi/Makefile
      HBSD: do a proper warning when the tunable validation fails
      HBSD: add SECURE type specifier to ASLR's compat sysctl to deny the write from 0 > securelevel
      HBSD: add common framework to validate PaX {,simple} feature states
      HBSD: start to use the newly introduced pax feature state helpers
      HBSD: allow to set PaX features as jail parameters
      HBSD: handle pax_init_prison errors
      HBSD: properly fix error handling in kern_jail.c after pax_init_prison()
      HBSD: bump __HardenedBSD_version to 1100055 after the jail params
      HBSD: enable the AMD64 Page Tabe Isolation by default when option PAX is defined in kernel configuration
      HBSD: enable PTI by default, when option PAX specified
      HBSD MFC r329281: x86 pmap: Make memory mapped via pmap_qenter() non-executable
      HBSD MFC r329282: pmap_qenter.9: Document API NX mapping
      HBSD MFC r329330: pmap_qenter.9: Clarify that not all arch can map NX
      HBSD MFC r330027: iconv uses strlen directly on user supplied memory
      HBSD MFC r329071: amd64 - align kernel map to 2MB
      HBSD MFC r330510: amd64 - garbage collect unneeded pmap_kmem_choose
      HBSD MFC r330511: amd64 - set NX bit on PML4E for recursive page table mappings
      HBSD MFC r330538: amd64 - Nudge lld to break the kernel read-only and read-write sections into separate 2M pages.
      HBSD MFC r315914: Remove buggy adjustment of page tables in db_write_bytes().
      HBSD MFC r330539: amd64 - Protect the kernel text, data, and BSS

Oliver Pinter + (126):
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master

Shawn Webb (19):
      Merge remote-tracking branch 'origin/freebsd/11-stable/master' into hardened/11-stable/master
      HBSD: Resolve merge conflict
      Merge remote-tracking branch 'origin/freebsd/11-stable/master' into hardened/11-stable/master
      HBSD: Resolve merge conflict
      Merge remote-tracking branch 'origin/freebsd/11-stable/master' into hardened/11-stable/master
      HBSD: Resolve merge conflict
      Merge remote-tracking branch 'origin/freebsd/11-stable/master' into hardened/11-stable/master
      HBSD: Fix inverted logic
      HBSD: Clean up the src directory better
      HBSD: Only autoload the zfs module when running as unjailed root
      HBSD: Do better checking for beadm
      HBSD: Fixup changes in hbsd-update for download-only option
      HBSD: Document the new download only option in hbsd-update(8)
      Merge remote-tracking branch 'origin/freebsd/11-stable/master' into hardened/11-stable/master
      HBSD: Resolve merge conflicts
      Merge remote-tracking branch 'origin/freebsd/11-stable/master' into hardened/11-stable/master
      HBSD: Resolve merge conflict
      Merge remote-tracking branch 'origin/freebsd/11-stable/master' into hardened/11-stable/master
      HBSD: Resolve merge conflict

Stefan Grönke (1):
      HBSD: hbsd-update -f (fetch-only) flag stops after downloading

ae (11):
      MFC r328350:   Merge revision 1.35 from NetBSD:     fix pointer/offset mistakes in handling of IPv4 options
      MFC r328160:   Add to bsnmpd(1) ability to specify multiple community strings with   different access rights.
      MFC r328161:   Add UDPLite support to ipfw(4).
      MFC r328770:   Merge r1.120 from NetBSD:     Fix a pretty simple, yet pretty tragic typo: we should return IPPROTO_DONE,     not IPPROTO_NONE. With IPPROTO_NONE we will keep parsing the header chain     on an mbuf that was already freed.
      MFC r328326:   When IPv6 packet is handled by O_REJECT opcode, convert ICMP code   specified in the arg1 into ICMPv6 destination unreachable code according   to RFC7915.
      MFC r328876:   Modify ip6_get_prevhdr() to be able use it safely.
      MFC r329101:   Reinitialize IP header length after checksum calculation. It is used   later by TCP-MD5 code.
      MFC r328540:   Assign IPv6 link-local address to loopback interfaces whith unit > 0.
      MFC r328541:   Do not skip scope zone violation check, when mbuf has M_FASTFWD_OURS flag.
      MFC r329561:   Check packet length to do not make out of bounds access. Also save ah_nxt   value to use it later, since ah pointer can become invalid.
      MFC r329563:   Remove unused variables and sysctl declaration.

asomers (8):
      MFC geli test suite changes
      MFC r326399:
      MFC r328108:
      MFC r328266:
      MFC r328296:
      MFC r328605:
      MFC r320726, r320727
      MFC r326400

avg (20):
      MFC r326140: vmrun.sh: add -A option for AHCI emulation of disk devices
      MFC r326567: ddb: fix validation of cpu id in 'set db_cpu=x'
      MFC r327593: Fix a couple of comments in AMD Virtual Machine Control Block structure
      MFC r327725: zfs_mount: restore a bit of ifdef-out illumos code
      MFC r327724: usbdevs: add ASMedia vendor ID
      MFC r327726: vmm/svm: contigmalloc of the whole svm_softc is excessive
      MFC r327775: amdsbwd: fix handling of timeout values beyond the supported range
      MFC r328126: correct read-ahead calculations in vfs_bio_getpages
      MFC r327996: geom_disk / scsi_da: deny opening write-protected disks for writing
      MFC r328622: vmm/svm: post LAPIC interrupts using event injection
      MFC r328217: zfs: no need to check that size of zfs_cmd_t is not greater than IOCPARM_MAX
      MFC r328626: zfs_rezget: drop cached pages before doing anything else
      MFC r328776: ZFS ARC: restore illumos uses of 'needfree' that were removed in r325851
      MFC r328881: zfs: move a utility function, ioflags, closer to its consumers
      MFC r329016: remove a duplicate assignment
      MFC r328996: exec_map_first_page: fix an inverse condition introduced in r254138
      MFC r329364: move vintr_intercept_enabled under INVARIANTS
      MFC r329556,r329820 remove an assert in zfsctl_snapdir_lookup to match r323578
      MFC r329711: MFV r329710: 8966 use after end of the lifetime of a local variable
      MFC r329314: MFV r329313: 8857 zio_remove_child() panic due to already destroyed parent zio

bdrewery (8):
      MFC r322894:
      MFC r325570:
      MFC r329271:
      MFC r325292:
      MFC r330127:
      MFC r325627:
      MFC r325776:
      MFC r330364:

brd (1):
      MFC r329009

brooks (4):
      MFC r328297:
      MFC r328799:
      MFC r329092:
      MFC r329525:

bryanv (4):
      MFC r327375, r327385, r327386:
      MFC r327438:
      MFC r327448:
      MFC 328917:

cognet (1):
      MFC revisions r309268, r309260, r309264, r309266, r309267, r309270, r310846, r314435, r314564, r316665, r316691, r316702. Those import ConcurrencyKit in the FreeBSD kernel. A few people have showed interest in this being MFC'd, so here we go.

cperciva (1):
      MFC r320367: Add "Terminus BSD Console" size 32

cy (4):
      MFC r327912:
      MFC r327913:
      MFC r327718:
      MFC r329361:

dab (2):
      MFC r328013:
      MFC r330027

davidcs (1):
      MFC r329855   1. Added support to offline a port if is error recovery on successful.   2. Sysctls to enable/disable driver_state_dump and error_recovery.   3. Sysctl to control the delay between hw/fw reinitialization and      restarting the fastpath.   4. Stop periodic stats retrieval if interface has IFF_DRV_RUNNING flag off.   5. Print contents of PEG_HALT_STATUS1 and PEG_HALT_STATUS2 on heartbeat      failure.   6. Speed up slowpath shutdown during error recovery.   7. link_state update using atomic_store.   8. Added timestamp information on driver state and minidump captures.   9. Added support for Slowpath event logging   10.Added additional failure injection types to simulate failures.

delphij (3):
      MFC r328273 (kevlo): Document how to load nmdm(4) from a kernel module.
      MFC r330104: MFV r330102: ntp 4.2.8p11
      Document SA-17:12 and correct EN-17:09 link [1]

dim (2):
      MFC r327845:
      MFC r327930:

dumbbell (3):
      psm: Skip sync check when `PSM_CONFIG_NOCHECKSYNC` is set
      psm: Don't try to detect trackpoint packets if the Elantech device has none
      psm: Log syncmask[1], not syncmask[0] twice

eadler (180):
      MFC r324206:
      MFC r323390:
      MFC r326281:
      MFC r327099:
      MFC r327946 r327947:
      MFC r328008:
      MFC r328209:
      MFC r328206:
      MFC r328212:
      MFC r328222:
      MFC r327451:
      MFC r323683:
      MFC r304007:
      MFC r308926:
      MFC r326633 r327282 r328085 r329311:
      MFC r314073:
      MFC r304880:
      MFC r304891:
      MFC r305917:
      MFC r305999:
      MFC r306000
      MFC r306001
      MFC r306002
      MFC r30600
      MFC r306004:
      MFC r306005:
      MFC r306005:
      MFC r306007:
      MFC r306142:
      MFC r306286:
      MFC r306900:
      MFC r308183:
      MFC r308577:
      MFC r308777:
      MFC r313307:
      MFC r313308:
      MFC r313309:
      MFC r313310:
      MFC r313311:
      MFC r313312:
      MFC r313314:
      MFC r313315,r313316:
      MFC r313317:
      MFC r313322,r313354:
      MFC r313325:
      MFC r313412:
      MFC r313413:
      MFC r313414:
      MFC r313415:
      MFC r313416:
      MFC r313417:
      MFC r313418:
      MFC r313427:
      MFC r313429:
      MFC r313430:
      MFC r314065:
      MFC r314066:
      MFC r314067:
      MFC r314069:
      MFC r314070:
      MFC r314074:
      MFC r314076:
      MFC 314151:
      MFC r314081:
      MFC r314082:
      MFC r314192,r314209:
      MFC r315777:
      MFC r315778:
      MFC r315780:
      MFC r315784:
      MFC r315923:
      MFC r315926:
      MFC r318002:
      MFC r318003:
      MFC r318005:
      MFC r318012:
      MFC r318013:
      MFC r318214:
      MFC r318215:
      MFC r318216:
      MFC r318217:
      MFC r318218:
      MFC r318219:
      MFC r318222:
      MFC r318223:
      MFC r318224:
      MFC r318229:
      MFC r318231:
      MFC r318230:
      MFC r318232:
      MFC r319578:
      MFC r319579:
      MFC r319581:
      MFC r319582:
      MFC r319589:
      MFC r319590:
      MFC r321508:
      MFC r321509:
      MFC r321510:
      MFC r321511:
      MFC r324434:
      MFC r325123:
      MFC r325122,r325124,r325125:
      MFC r313419,r313420,r313421,r313423,r313426,r313428,r314078,r314079,r319584,r319586,r319588,r324469,r324470,r324435,r325122:
      MFC r314080:
      MFC r307602:
      MFC r324570,r324580:
      Revert MFC of r330233
      MFC r314077:
      MFC r322424:
      MFC r325095:
      MFC r313276:
      MFC r314409:
      MFC r318891:
      MFC r319602:
      MFC 319851:
      MFC r319843:
      MFC r320406:
      MFC r321426:
      MFC r322210,r322613,r322831:
      MFC r322428:
      MFC r322657:
      MFC r323645:
      MFC r303727:
      MFC r325319:
      MFC r325450:
      MFC r307519,r307629:
      MFC r325800:
      MFC r302519:
      MFC r305137:
      MFC r306767:
      MFC r330256:
      MFC r307156:
      MFC r305504:
      MFC r306896:
      MFC r308065:
      MFC r307901,r308180:
      MFC r327231,r327232:
      MFC r315924:
      MFC r314181:
      MFC r326276:
      MFC r326572:
      MFC r306837:
      MFC r307158:
      MFC r308185:
      MFC r313306:
      MFC r318001:
      MFC r303339:
      MFC r305895:
      MFC r306139:
      MFC r306836:
      MFC r308007:
      MFC r308008:
      MFC r308663:
      MFC r308950:
      MFC r311581:
      MFC r313425:
      MFC r313578:
      MFC r313880:
      MFC r313978:
      MFC r313979:
      MFC r310891:
      MFC r311861:
      MFC r311830:
      MFC r324423,r324436:
      MFC r306435:
      MFC r306449:
      MFC r326456:
      MFC r326434:
      MFC r325353:
      MFC r325217:
      MFC r314705,r315406,r315407,r316025,r316082,r316731:
      MFC r322668,r324239,r324240,r324422,r324476,r324688:
      MFC r326724,r326868,r326869,r327096,r327333,r327334,r327342,r327361,r327510:
      MFC r326473:
      MFC r327117:
      MFC r326479:
      MFC r326386:
      MFC r324424:
      Revert r330445

ed (1):
      MFC r327560:

emaste (7):
      MFC r327770: lld: introduce basic man page
      MFC r328305: libcxxrt: Move mangled symbols out of extern "C++" in Version.map
      Remove now-unused variable after r328809
      MFC r328412: vt: add Ctrl+/ key mapping
      MFC r328895: Correct Russia spelling in regdomain.xml
      MFC r327503: kldxref: correct function names in warning messages
      MFC r328052: kldxref: handle modules with md_cval at end of allocated secs

eugen (2):
      MFC r329930: route(8): make it possible to manually delete pinned route
      MFC r329994: mac_portacl(4): stop panicing INVARIANTS-enabled kernel by loading .ko when kernel already has options MAC_PORTACL.

gjb (2):
      MFC r328283, r328284:
      MFC r330033:  Bump the size of virtual machine disk images from 20G to 30G,  providing more space for a local buildworld to succeed without  attaching separate disks for /usr/src and /usr/obj.

gonzo (6):
      MFC r308895 by manu:
      MFC r314933-r314934
      MFC r320387:
      MFC r327444, r327449, r327454
      MFC r327502:
      MFC r325410:

hselasky (70):
      MFC r322596: Add SI_SUB_TASKQ after SI_SUB_INTR and move taskqueue initialization there for EARLY_AP_STARTUP
      MFC r314502: Make gtaskqueue compatible with drm-next such that they can be used with the linuxkpi tasklets.
      MFC r310014-r327788: This is an overwrite merge backport of the LinuxKPI from FreeBSD-head. Following is a complete list of MFC'ed revisions and also partially MFC'ed revisions in the end. The MFC'ed revision are listed in incremental order.
      MFC r328329: Properly implement the "id" callback argument in the "idr_for_each" function in the LinuxKPI. The old implementation assumed only one IDR layer was present. Take additional IDR layers into account when computing the "id" value.
      MFC r328623: Properly implement the cond_resched() function macro in the LinuxKPI.
      MFC r328237: Use the __alloc_size2 attribute where relevant.
      MFC r328436 and r328731: Decouple Linux files from the belonging character device right after open in the LinuxKPI. This is done by calling finit() just before returning a magic value of ENXIO in the "linux_dev_fdopen" function.
      MFC r328694: Make sure the LinuxKPI's internal ERESTARTSYS error code gets translated into ERESTART for mmap and page fault calls aswell.
      Fix regression issue after r328973:
      MFC r306486-r325841: Update the mlx4, mlx4ib(4) and mlx4en(4) drivers to match FreeBSD-head prior to the Linux 4.9 RoCE/infiniband upgrade.
      MFC r326666: mlx4: Remove redundant declarations to fix GCC build
      MFC r325638 and r325976: Refactor the flowsteering APIs used by mlx5en(4). This change is needed by the coming ibcore and mlx5ib updates in order to support traffic redirection to so-called raw ethernet QPs.
      MFC r325655: Add API function to query virtual port counters in mlx5 core.
      MFC r325656: Add API functions to query and modify local loopback of multicast and unicast traffic in mlx5 core.
      MFC r325657: Add API function to query port performance counters for infiniband and RoCE traffic in mlx5 core.
      MFC r325662: Add more and update existing mlx5 core firmware structure definitions and bits. This change is part of coming ibcore and mlx5ib updates.
      MFC r325648: Implement support for decoding general port notification event in the mlx5 core module.
      MFC r325650: Add const keyword to input-only argument in mlx5 core.
      MFC r325653: Add API functions to set and query dropless port mode in mlx5 core.
      MFC r325649: Make local variable 64-bits to avoid masking away bits in mlx5 core.
      MFC r325651: Set ATOMIC endian mode in mlx5 core.
      MFC r325652: Prevent mlx5 core from accessing host memory after shutdown by disabling PCI busmaster.
      MFC r325658: Make physical address of init segment available in the priv of mlx5 core. This change is needed by mlx5ib(4).
      MFC r325654: Add API functions to modify the transport interface send object, TIS, in mlx5 core.
      MFC r328971: Fix implementation of ktime_add_ns() and ktime_sub_ns() in the LinuxKPI to actually return the computed result instead of the input value.
      MFC r328774: Slightly bump the maximum OID path for loading tunable SYSCTLs.
      MFC r328591: Move the mlx5 core device pointer first in the mlx5en priv. This help simplify checks to recognize own network devices when using mlx5ib. This patch fixes an issues where mlx5ib fails to recognize mceX network devices for use with RoCE.
      MFC r328830: Add new USB ID.
      MFC r328163: Add new USB ID to U3G driver.
      MFC r325724: Implement missing KDGETMODE IOCTL in VT.
      MFC r325807: Make sure the ib_wr_opcode enum is signed by adding a negative dummy element. Different compilers may optimise the enum type in different ways. This ensures coherency when range checking the value of enums in ibcore.
      MFC r325806: Make sure a valid VNET is set before trying to access the V_ip6_v6only variable. Access the variable directly instead of going through the sysctl() interface in the kernel.
      MFC r325805: Set the default VNET in krping before calling ifunit_ref(). Else using IPv6 link-local addresses when VIMAGE is enabled will cause a so-called NULL pointer dereferencing issue.
      MFC r325637: Mark ipoib device as initialized on device open.
      MFC r323350: Remove unsafe access to the LinuxKPI file structure from ibcore. selwakeup() is now done by the wake_up() family of functions.
      Bump the FreeBSD version after r329383 to indicate that the cmpxchg() macro is now fully functional in the LinuxKPI.
      MFC r329371: Allow the cmpxchg() macro in the LinuxKPI to work on pointers without generating compiler warnings, -Wint-conversion .
      MFC r329372: Implement enable_irq() and disable_irq() in the LinuxKPI.
      MFC r329376: Implement tasklet_enable() and tasklet_disable() in the LinuxKPI.
      MFC r329377: Implement memdup_user_nul() in the LinuxKPI.
      MFC r329378: Implement mutex_trylock_recursive() in the LinuxKPI.
      MFC r329447: Compile in the LinuxKPI.
      MFC r329464: Add checks for valid IRQ tag before setting up or tearing down an interrupt handler in the LinuxKPI. This is needed when the interrupt handler is disabled before freeing the interrupt.
      MFC r329465: Move the IRQ_RETVAL() and irqreturn definitions to irqreturn.h in the LinuxKPI to be compatible with Linux. No functional change.
      MFC r329466: Add support for __percpu and __weak macros in the LinuxKPI.
      MFC r329467: Add support for mmgrab() function in the LinuxKPI.
      MFC r329468: Add support for kref_read() function in the LinuxKPI.
      MFC r329470: Add support for printk_ratelimit() function macro and improve the existing printk_ratelimited() function macro to return a boolean stating if there was a printout, true, or not, false.
      MFC r329475: Implement get_task_pid() function macro in the LinuxKPI.
      MFC r329476: Stub more lockdep function macros in the LinuxKPI.
      MFC r329477: Implement spin_trylock_irq() function macro in the LinuxKPI.
      MFC r329510: Refactor dentry structure into its own header file in the LinuxKPI similary to Linux. No functional change. Implement d_inode() helper function.
      MFC r329511: Implement file_inode() and call_mmap() helper functions in the LinuxKPI.
      MFC r329512: Implement __list_del_entry() helper functions in the LinuxKPI.
      MFC r329513: Implement __GFP_BITS_SHIFT and __GFP_BITS_MASK macros in the LinuxKPI. Add compile time asserts to catch conflicts with native defines.
      MFC r329514: Implement the rcu_dereference_raw() function macro. Make sure all RCU dereferencing use the READ_ONCE() function macro.
      MFC r329515: Make the vm_fault structure in the LinuxKPI compatible with newer versions of the Linux kernel. No functional change.
      MFC r329516: Implement the KMEM_CACHE() function macro in the LinuxKPI.
      MFC r329519: Implement support for radix_tree_for_each_slot() and radix_tree_exception() in the LinuxKPI and use unsigned long type for the radix tree index.
      MFC r329523 and r329524: Fix implementation of xchg() function macro in the LinuxKPI. The exchange operation must be atomic.
      MFC r329584: Implement list_safe_reset_next() function macro in the LinuxKPI.
      MFC r329825: Return correct error code to user-space when a system call receives a signal in the LinuxKPI.
      MFC r329509: Update the ktime type in the LinuxKPI to be a signed 64-bit integer similarly to Linux, to avoid compilation issues. Implement ktime_get_real_seconds().
      MFC r329472: Allow the put_user() function macro to put constant values by using the existing __put_user() macro.
      MFC r329703: Allow LinuxKPI character devices to receive mmap() calls from the Linux binary mode user-space emulation layer. This is a regression issue after r328436, when LinuxKPI character devices started to use DTYPE_DEV in the "f_type" field of the associated file structure(s).
      MFC r329471: Implement BUILD_BUG_ON_INVALID() function macro in the LinuxKPI.
      Bump the FreeBSD version to conclude the recent LinuxKPI related updates.
      MFC r329195: Add new USB quirk.
      MFC r329198: Fix for incorrect PnP information used by devmatch(8).
      MFC r330236: Correct the return value from flush_work() and flush_delayed_work() in the LinuxKPI to comply more with Linux. This fixes an issue when these functions are used in waiting loops.

jhb (23):
      MFC 325835: Use #if instead of #ifdef for __BSD_VISIBLE tests.
      MFC 323993: Use tmpfs_print for tmpfs FIFOs.
      MFC 320900,323882,324224,324226,324228,326986,326988,326989,326990,326993, 326994,326995,327004: Various fixes for pathconf(2).
      MFC 326953: Catch up to r325719 which makes the kern.proc.pid sysctl "work" for zombies.
      MFC 325028,328344: Discard the correct thread event reported for a ptrace stop.
      MFC 312534: ANSYfy kern_ktrace.c and remove archaic register keyword
      MFC 326184: Decode kevent structures logged via ktrace(2) in kdump.
      MFC 327561: Report offset relative to the backing object for kinfo_vmentry structures.
      MFC 327752: Add a counter to track in-flight AIO requests using unmapped I/O.
      MFC 328035: Sort the list of flags in newsyslog.conf entries.
      MFC 327753: Simplify some logic by merging an if test with a subsequent switch.
      MFC 327755: Allow the fast-path for disk AIO requests to fail requests.
      MFC 327792: Don't store shadow copies of per-process AIO limits.
      MFC 319454: Honor the requested crid when running a test.
      MFC 318090,319475: Use const with some read-only buffers in opencrypto APIs.
      MFC 323889: Place the AAD before the plaintext/ciphertext for CIOCRYPTAEAD.
      MFC 327803: Flesh out static dtrace probes for /dev/crypto ioctl errors.
      MFC 328134: Update various statements in vmstat(8) to match reality.
      MFC 327838: Axe tmp_iv from the cryptodev session structure.
      MFC 328306: Remove some KSE references from ps(1).
      MFC 328610: Ensure 'name' is not NULL before passing to strcmp().
      MFC 328630: Clarify that the additional arguments to makecontext() are of type int.
      MFC 328608: Export tcp_always_keepalive for use by the Chelsio TOM module.

jhibbits (1):
      MFC r327911:

jkim (4):
      MFC:	r328419
      MFC:	r329024
      MFC:	r329022
      MFC:	r329889

karels (2):
      MFC r327505:
      Add info about SW_WATCHDOG change to be dynamic in the common case.

kevans (74):
      MFC (conceptually) r327298, r327299: Fix overlay application behavior
      MFC (conceptually) r327350: Consistently apply fdt_overlays
      MFC (conceptually) r327376, r327416: Improve libfdt compatibility
      MFC (conceptually) r327377: Pull in strnlen for sys/boot environment
      MFC r322177: Respect SIMPLE_BACKUP_SUFFIX environment variable in indent(1)
      MFC r322291: du(1): Add --si option to display in terms of powers of 1000
      MFC r322293: df(1): Add --si as an alias for -H
      MFC r322322: Expose device caps as libusb_bos_descriptor::dev_capability
      MFC r324431: patch(1): Don't overrun line buffer in some cases
      MFC r326084: patch(1): don't assume match if we run out of context to check
      MFC r327567: hexdump(1): Speed up -s flag on devices
      MFC r320742, r320750, r320796: Refactor regex(3) for maintainability
      MFC r322288: regex(3): Refactor fast/slow stepping bits in matching engine
      MFC (conceptually) r327991, r328009: Don't clobber FDT enroute to the kernel
      MFC (conceptually) r328106: libfdt: Update to 1.4.6, use libfdt for overlays
      MFC r314467,r328027: Add hw.usb.wsp.enable_single_tap_clicks sysctl
      MFC r326483: grep test: Fix copyright notice
      MFC r327826: patch(1): Don't check for NUL bytes in Plan A
      MFC r320930,r324286: Add tests for hexdump(1)
      MFC r320296, r328173: Update dtc(1)
      MFC (conceptually) r328107: Add /boot/overlays
      MFC r328188,r328189,r328200: Fix wrong output for multibyte corner cases
      MFC r328032,r328060,r328243: service(8): Support services in jails
      MFC r328287: Add /boot/overlays to runtime pkg, fix distrib-dirs METALOG
      MFC r328293: stand/fdt: Fallback to `name` + .dtbo if we fail to load `name`
      MFC r328584: stand/fdt: Remove unused write-only new_fdtp, correct comment
      MFC r328504: stand/fdt: Consolidate overlay handling a little further
      MFC r328491: MFV r328490: Update libfdt to github:f1879e1
      MFC r328641: dtc(1): Revert WARNS change from r328173
      MFC r304321,304753,304754,306751,316077,316110: SHA512, skein, large block support for loader zfs
      MFC r308434, 308827
      MFC r342882,r324979,r325115: sys/boot test scripts
      MFC r325116,r325515: Stop masking errors during buildenv
      MFC r308774: loader: beri_sdcard_disk_print() needs to return int.
      MFC r326873,r326874,r326875,r326883,r326884,r326885,r326954,r328865
      Fix rootgen.sh to reflect proper bootloader paths
      MFC r303555,r303556,r303936,r303962,r304317,r304532,r305026,r305107,r305132, r305178,r305353,r305814,r306159,r306380,r306504: Loader fixes, 2016q3
      MFC r307322,r307323,r307324,r307326,r307327,r307338,r307879,r307908,r307911, r307942,r307950,r307951,r307954,r307955,r308125,r308195,r308476,r308534, r308535,r308776,r308843,r310236,r310726: Loader fixes, 2016q4
      MFC r309062: Release laundered vnode pages to the head of the inactive queue.
      MFC r327606: Handle misconfigured/nonexistent pcidev for comconsole instead of BTX panic.
      MFC libstand catch-up: r305116,306534,306538,306552,306638
      MFC Loader Fixes 2017q1: r311458,r312237,r312314,r312374,r312947,r313042, r313047,r313166,r313328,r313332,r313333,r313337,r313348,r313349,r313389, r313442,r313451,r313575,r313645,r313710,r314114,r314213,r314275,r314945, r314948,r315008,r315408,r315427,r315645,r315646,r315648,r315653,r315850, r316064,r316078,r316079,r316100,r316104,r316111,r316112,r316171,r316279, r316280,r316287,r316311,r316343,r316424,r316436
      MFC Loader Fixes 2017q2: r316437,r316577,r316578,r316585,r316590,r316612, r316625,r316628,r316654,r316682,r316704,r316771,r317092,r317097,r317099, r317652,r317785,r317886,r317887,r318142,r318320,r318356,r318678,r318754, r318982,r318986,r318987,r318988,r318989,r318990,r318991,r318992,r318993, r318994,r318999,r319083,r319084,r319085,r320011,r320234,r320288,r320304, r320467,r320482
      MFC r303725 (oshogbo): Fix misleading description of the -b option in the geli init command.
      MFC Loader Fixes 2017q3: r320547,r320553,r321621,r321844,r321969,r321991, r322037,r322038,r322039,r322040,r322056,r322074,r322542,r322592,r322593, r322896,r322923,r323671,r322930,r322931,r322932,r322933,r322934,r322935, r322936,r322937,r322938,r322939,r322941,r323062,r323063,r323064,r323065, r323100,r323131,r323174,r323258,r323261,r323272,r323367,r323379,r323389, r323407,r323428,r323436,r323494,r323496,r323497,r323541,r323554,r323589, r323707,r323867,r323885,r323886,r323895,r323896,r323897,r323905,r323906, r323907,r323908,r323909,r323952,r323991,r324099,r324558,r326445,r326609, r326610
      Back out exit() change in r329114; stable/11 was not ready for this one yet
      MFC r326615: De-const to match changes in userboot.h
      Back out MFC r324558: Define prototype for exit and ensure references
      MFC Loader Fixes 2017q4p1: r324321,r324359,r324360,r324388,r324449,r324450, r324451,r324452
      MFC Loader Fixes 2017q4p2: r324453, r324454
      MFC Loader Fixes 2017q4p3: r324460,r324471
      MFC r324551: Move lib/libstand to sys/boot/libsa
      MFC Loader Fixes 2017q4p4: r324552,r324553,r324554,r324555,r324556
      MFC Loader Fixes 2017q4p5: r324557,r324558,r324559,r324646,r324647
      MFC r324648: Rename top level Makefile.ficl to ficl.mk.
      Fix paths after r329132
      MFC Loader Fixes 2017q4p6: r324649,r324650,r324651,r324652,r324653,r324654, r324700,r324702,r324709,r324717,r324719,r324841,r324842,r324843,r324845, r324850,r324876,r324877,r324878,r324879,r324880,r324881,r324883,r324980, r324981,r324982,r324995,r325014,r325093,r325094,r325114,r325170,r325171, r325172,r325173,r325174,r325175,r325176,r325248,r325286,r325310,r325332, r325338,r325339,r325376,r325377,r325379,r325380,r325382,r325478,r325479, r325480,r325482,r325483,r325484,r325485,r325556,r325641,r325681,r325685, r325686,r325687,r325688,r325689,r325690,r325691,r325692,r325693,r325694, r325743,r325744,r325748,r325775,r325779,r325780
      Correct check: BOOT_FORTH is MK_FORTH in makefiles.
      Re-sync loader.mk and ficl.mk to where they should be
      MFC r325834,r325997,326502: Move sys/boot to stand/
      MFC r326038,r326069,r326072: More stand simplification and fixes
      MFC r328505,r328659: stand/fdt improvements
      MFC r325718: Fix typo in filename.
      MFC Loader Fixes 2017q4p7: r324844,r326089,r326926,r326440,r326484,r326494, r326588,r326708,r326784,r326914,r327390,r328446,r326090,r326143,r326144, r326182,r326384,r326421,r326440,r326441,r326442,r326443,r326444,r326445, r326446,r326447,r326448,r326484,r326485,r326486,r326487,r326488,r326490, r326491,r326492,r326493,r326494,r326495,r326504,r326507,r326509,r326584, r326585,r326586,r326587,r326588,r326589,r326590,r326591,r326592,r326593, r326594,r326600,r326616,r326671,r326707,r326708,r326709,r326710,r326711, r326712,r326714,r326720,r326768,r326772,r326784,r326792,r326812,r326854, r326855,r326856,r326858,r326886,r326887,r326914,r326926,r326927,r326960, r326961,r326962,r326963,r327351,r327453,r327390,r327523,r327524,r326489, r327880,r328437,r328438,r328439,r328441,r328446,r328448,r328449,r328612, r328613,r328615
      MFC r327705,r328447: Fix BERI bootloader build
      Correct date in ObsoleteFiles
      MFC Loader Fixes Final: r327612,r327703,r327704,r327878,r327879,r327881, r328007,r328029,r328030,r328031,r328061,r328156,r328169,r328288,r328289, r328290,r328291,r328292,r328411,r328536,r328603,r328614,r328642,r328769, r328779,r328780,r328781,r328782,r328783,r328806,r328808,r328826,r328835, r328911,r328986,r328987,r328990,r328999,r329000,r329019,r329050,r329054, r329060
      Revert MFC r328911 from r329183
      stand: Clean up some unintentional inconsistencies
      MFC r329264: libsa: Fix IP recv timeout
      MFC r318304: getusershell: don't write paste end of buffer reading shells
      MFC r330004: Add NO_OBJ to those directories that don't make anything.
      Revert part of r330123
      stand: Make pc98 build

kib (33):
      MFC r327816, r327834: Update comment explaining the check, to reality.
      MFC r327817: Rename COMMON_TSS_RSP0 to TSS_RSP0.
      MFC r327721: Postpone the disassotiation of the background write buffer with devvp so that buf_complete() sees fully constructed buffer.
      MFC r327722: When handling write completion, take SU lock around calls to handle_written_XXX() in case of processing the buffer with an error.
      MFC r327723, r327821: Generalize the fix from r322757 and apply it to several more places.
      MFC r327450 (by alc): Eliminate "minslptime".
      MFC r327555: Restructure swapout tests after vm map locking was removed.
      MFC r327818: Move the hardware setup for fast syscalls into a common function.
      MFC r327819: Do not redundantly clear %RFLAGS.DF on fast syscall entry.
      MFC r327822: Skip IRELATIVE relocations when loader processes ELF files.
      MFC r327917: Add sysctl debug.kdb.stack_overflow.
      MFC r327963: When re-evaluating cpu_features, also re-print CPU identification.
      MFC r323822 (by cem): x86: Decode AMD "Extended Feature Extensions ID EBX" bits.
      MFC r327964: Enumerate and print Intel CPU features for Speculative Execution Side Channel Mitigations.
      MFC r327965: Add STAC and CLAC instructions wrappers.
      MFC r328082: Amd64 user_ldt_deref() is not used outside sys_machdep.c.  Mark it as static.
      MFC r327820: Remove redundand CLD instructions.
      MFC r328192: Assign map->header values to avoid boundary checks.
      MFC r328264: Fix compat32 for sysctl net.PF_ROUTE...NET_RT_IFLISTL.
      MFC r328773: On pageout, in vnode generic pager, for partially dirty page, only clear dirty bits for completely invalid blocks.
      Adjust MFC in r328944 to stable/11. This is a direct commit to the branch.
      MFC r328880: On munlock(), unwire correct page.
      MFC r328913: Move signal trampolines out of locore.s into separate source file.
      MFC r328083,328096,328116,328119,328120,328128,328135,328153,328157, 328166,328177,328199,328202,328205,328468,328470,328624,328625,328627, 328628,329214,329297,329365:
      MFC r329347: Note that on amd64 pmap_enter(psind = 1) works.
      MFC r329215: Do not leak rv->psind in some specific situations.
      MFC r329216: linuxkpi: Do not leak pages on put.
      MFC r329252: Do not call pmap_enter() with invalid protection mode.
      MFC r329254: Ensure memory consistency on COW.
      MFC r329256: Cleanup unused page argument for vm_reserv_break().
      MFC r329416: Remove unused symbols.
      MFC r329864: Do not return out of bound pointers from intr_lookup_source().
      MFC r329905: Hide all vm/vm_pageout.h content under #ifdef _KERNEL.

kp (2):
      MFC r327674, r327796
      MFC r327675

manu (4):
      MFC r306325, r306329-r306330, r306333, r306620-r306622, r307387, r307544, r307550, r318137, r319125, r319295
      Revert r328974, r307387 was not supposed to be part of it.
      MFC r306325, r306329-r306330, r306333, r306620-r306622, r307544, r307550, r318137, r319125, r319295
      MFC r320943-r320944, r321008, r321072, r321128

markj (16):
      MFC r327700: Sort and remove unneeded includes.
      MFC r327768: Clarify the use of the gmirror flag mask constants.
      MFC r327496, r327760: Fix some I/O ordering issues in gmirror.
      MFC r327779, r327780: Fix handling of read errors during synchronization.
      MFC r328399: Use tcpinfoh_t for TCP headers in the tcp:::debug-{drop,input} probes.
      MFC r328398: Remove uneeded parentheses.
      MFC r327888, r327972, r327973: Add "jid" and "jailname" variables to DTrace.
      MFC r312667 (by pfg): sort - Don't live-loop threads.
      MFC r328995: Fix the WITH_SORT_THREADS build.
      Add DT_VERS_1_13 to libdtrace to unbreak the build.
      MFC r315718, r316031: Add support for 8- and 16-bit atomic_(f)cmpset to x86.
      MFC r320851: Add a helper function to agp(4) which installs a single GTT entry.
      MFC r329374: Use the conventional name for an array of pages.
      MFC r328938: Simplify synchronization read error handling.
      MFC r329521: Don't include DMAR map entry zone items in kernel dumps.
      MFC r330075: Give the 0th domain's page daemon thread a consistent name.

mav (106):
      MFC r323317 (by scottl): Move the intrhook release to later in the function so that GEOM knows to wait longer for possible root devices to come online. This fixes a race that seems to be triggered by EARLY_AP_STARTUP.
      MFC r322245: MFV r322242: 8373 TXG_WAIT in ZIL commit path
      MFC r327925: Add IDs for Nuvoton NCT6793/NCT6795.
      MFC r303017 (by imp): Implement crashdump support on NVME
      MFC r303040, r303042 (by scottl): Supporting flushing the dump before returning, and simplify/combine the logic.  Switch to a 5us delay since most NVME devices can easily do 200,000 iops.
      MFC r303126 (by imp): Actually import nvme_sim so the CAM attachment for NVME (nda) actually works.
      MFC r303466: Kill a few stray debug printfs.
      MFC r308431 (by scottl): Convert the Q-Pair and PRP list memory allocations to use BUSDMA.  Add a bunch of safery belts and error handling in related codepaths.
      MFC r308850 (by imp): Print numbers instead of hex values for smart data. The full 128-bit number is printed, even though you'd need like a billion IOPs for a 10 billion seconds to overflow the 64-bit counters (~300 years).
      MFC r308851 (by imp): Expand the SMART / Health Information Log Page (Page 02) printout based on NVM Express 1.2.1 Standard.
      MFC r308852 (by imp): Add log pages defined through NVM Express 1.2.1.
      MFC r308853 (by imp): Add log pages that Intel SSDs provide. It turns out that many of these are widely implemented beyond just Intel drives.
      MFC r308849 (by imp): Use a table for pages we know the size of. We have a special case for the error log since it isn't a fixed size.
      MFC r308854 (by imp): Print Intel's expanded Temperature log page.
      MFC r308855 (by imp): Implement HGST Log page 0xc1, as documented in the HGST SN100 and SN150 product manuals. Subpage 0x32 is documented, but not implemented.
      MFC r313113 (by imp): Ensure that the passthrough request will fit in MAXPHYS bytes after it has been rounded to full pages. This avoids a panic in vm_fault_quick_hold_pages due to this off-by-one error passing one page too many into vmapbuf.
      MFC r314884 (by imp): Make multi-namespace nvme drives more robust.
      MFC r314889 (by imp): Avoid dereferencing unintialized elements in the error path.
      MFC r320424 (by imp): Add new definitions for namespaces.
      MFC r303123 (by imp): Fix mismerge and include the nvme support. Also, print out the name of any CCB's functions that's not supported.
      MFC r320984 (by imp): This adds CAM pass(4) support for NVMe IO's. Applications indicate the IO type (Admin or NVM) using XPT op-codes XPT_NVME_ADMIN or XPT_NVME_IO.
      MFC r322036 (by imp): Make nvd vs nda choice boot-time rather than build-time
      MFC r322257 (by imp): Use the correct queue depth for nda devices.
      MFC r322443 (by nwhitehorn): Move NVME controller shutdown from being called as part of module unloading to being called through the newbus DEVICE_SHUTDOWN() path. This ensures that the NVME controller gets shut down before the device and bus disappear and prevents data corruption on shutdown on at least Samsung EVO 960 SSDs.
      MFC r322872 (by imp): Enable bus mastering on the device before resetting the device. The card has to do PCIe transactions to complete the reset process, but can't do them, per the PCIe spec, unless bus mastering is enabled.
      MFC r322874, r322875 (by imp): Sanity check sizes
      MFC r322901 (by imp): Add feature codes from NVMe 1.3 specification:
      MFC r322902 (by imp): NVME Namespace ID is 32-bits, so widen interface to reflect that.
      MFC r322903 (by imp): Fill in reserved areas from NVMe spec in the IDENTIFY structure (struct nvme_controller_data) as defined in the NVM Express specification, revsion 1.3.
      MFC r322994: Set the max transactions for NVMe drives better.
      MFC r322995 (by imp): Add new compile-time option NVME_USE_NVD that sets the default value of the runtime hw.nvme.use_vnd tunable. We still default to nvd unless otherwise requested.
      MFC r322997: Add CAM/NVMe support for CAM_DATA_SG
      MFC r322998 (by imp): Fix a few overlooked spots where the coded uses 16-bit NSIDs. Chuck Tuffli had submitted a more thorough patch that I was unaware of when I did my work and this brings in the bits I missed from that patch.
      MFC r323834 (by imp):  Fix queue depth for nda.
      MFC r324075 (by imp): Tweak performance of nda completions
      MFC r324631 (by imp): Explicitly set reserved fields and 'fuse' to 0. This prevents us from acidentally sending bogus values in these fields, which some drives may reject with an error or worse (undefined behavior).
      MFC r324633 (by imp): Create general polling function for the nvme controller. Use it when we're doing the various pin-based interrupt modes. Adjust nvme_ctrlr_intx_handler to use nvme_ctrlr_poll.
      MFC r324634 (by imp): Use nvme_ctrlr_poll instead of nvme_ctrlr_intx_handler since it is more general and doesn't try to access registers that may be undefined when the card is in MSIX mode.
      MFC r324644 (by imp): Closer examination shows that nvme and CAM both normally zero-fill allocations (for req and ccb, which ultimately contain the nvme_cmd). As such, we can micro-optimize these routines. Add a comment to this effect, and bzero the ccb used to make the requests for the nda dump rotuine so it more closely matches a ccb allocated with xpt_get_ccb().
      MFC r324632 (by imp): Be nicer on the dump stack by allocating only a ccb_nvmeio rather than a full ccb. This saves a few hundre bytes, which might be important during a crash dump...
      MFC r303125 (by imp): Remove some bogus comments and printfs. Also, we can't cam_periph_releaes_locked() at the end of nvme_probe_start because we hit an assertion which may be bogus. Instead, leak a periph until we sort it out. Since these devices don't arrive and depart often, so this is the lessor of two evils.
      MFC r303315 (by imp): Remove some extraneous printfs.
      MFC r308848 (by imp): Remove check for valid log pages. Let the drive tell us which pages are valid or not. While many pages are reserved in the standard, that doesn't make them invalid and future versions of the standard may define then.
      MFC r308856 (by imp): Decode the Intel-specific Additional SMART data page (0xca) and print it in human readable form. Include a pointer to the public spec that was followed to implement this in the code. Samsung also implements page 0xca on some of their drives, but the format is slighly different, so the code skips printing zero keys. Samsung's log page has additional, unknown data after the end of Intel defined data which isn't displayed.
      MFC r308869 (by imp): i386 turns out to not have __uint128_t. So confusingly use 64-bit math instead. Since we're little endian, we can get away with it. Also, since the counters in quesitons would require billions of iops for tens of billions of seconds to overflow, and since such data rates are unlikely for people using i386 for a while, that's OK. The fastest cards today can't do even a million IOPs.
      MFC r309413 (by imp): Flag the vendor specific pages as such. This allows different decoding for the same page number as different vendors encode vendor specific pages differently.
      MFC r309684 (by imp): Fix Typo
      MFC r309777 (by imp): Implement Intel's log page 0xc1 (Read Command Latency Log) and page 0xc1 (Write Command Latency Log).
      MFC r313111 (by imp): Use aligned buffer for the firmware data. Otherwise, when loading a MAXPHYS bytes of data, the I/O would require MAXPHYS + PAGE_SIZE worth of pages to do the I/O and we'd hit an assertion in vm_fault_quick_hold_pages unless MAXPHYS was larger than 1M + PAGE_SIZE.
      MFC r313188 (by imp): Put the arguments to aligned_alloc in the right order.
      MFC r313190 (by imp): Move the usage and command name lookup into functions.
      MFC r313191 (by imp): Implement 5 wdc-specific nvme control options for their HGST drives:         wdc cap-diag            Capture diagnostic data from drive         wdc drive-log           Capture drive history data from drive         wdc get-crash-dump      Retrieve firmware crash dump from drive
      MFC r313251 (by imp): Fix a typo in usage string for unimplemented command.
      MFC r313252 (by imp): Fix off by one error that truncated the serial number for filenames.
      MFC r313257 (by imp): Add some descriptions to the man page for the supported log pages as well as the new wdc commands. Make wdc be an alias for hgst when specifying the vendor to use to interpret the page.
      MFC r313258 (by imp): Add the ability to dump log pages directly in binary to stdout. Update man page to include this flag, and an example of dumping a vendor-specific page while I'm here.
      MFC r313259 (by imp): Use ssize_t instead of uint32_t to prevent warnings about a comparison with different signs. Due to the promotion rules, this would only happen on 32-bit platforms.
      MFC r314228 (by imp): Fix typos in output.
      MFC r314229 (by imp): Exit with usage if argv[1] is NULL in dispatch. This fixes core dumps when a command has subcommands, but the user doesn't give the parameters on the command line.
      MFC r314230 (by imp): Make nvmecontrol logpage -p help list known pages.
      MFC r316105 (by ngie): Don't use K&R style prototypes; ANSIfy them
      MFC r320412 (by imp): Namespace is 32-bits, don't cast it to 16 here
      MFC r320423 (by imp): Move 128-bit integer routines to util.c so they can be used by more than just the log page code.
      MFC r320425 (by imp): Report some aspects of namespaces and namespace support in identify command.
      MFC r320483 (by imp): Improve wdc error log pulling.
      MFC r320522 (by imp): Fix sign of resid and add a mostly useless cast to cope with signed vs unsigned check warnings from traditional unix code construsts bogusly flagged as potentially unsafe.
      MFC r322992 (by imp): Print the controller's ID in identify.
      MFC r322999 (by imp):  Fix NVMe's use of XPT_GDEV_TYPE
      MFC r323625 (by imp):  Allow multiple TRIMs to be done for nda
      MFC r324630 (by imp):  Update comment to reflect actual default timeout.
      MFC r324977 (by imp): Add nvme_controller_data argument to all print functions.
      MFC r324978: Report only the valid slots in the firmware log page.
      MFC r326937, r326940 (by imp): When we're disabling the nvme device, some drives have a controller bug that requires 'hands off' for a period of time (2.3s) before we check the RDY bit. Sicne this is a very odd quirk for a very limited selection of drives, do this as a quirk. This prevented a successful reset of the card when the card wedged.
      MFC r327034 (by imp): Return domain, bus, slot, and function for the transport settings in PATH_INQ requests for nvme.
      MFC small part of r325794 to fix the build.
      MFC r307041 (by sbruno): Fix bug where malloc(.., M_NOWAIT) return value is not checked, Change to M_WAITOK and move outside the mutex
      MFC r307561 (by sbruno):  Tell gtask to what we've been bound.
      MFC r307566 (by sbruno): Ensure that tasks with a specific cpu set prior to smp starting get re-attached to a thread running on that cpu.
      MFC r307567 (by sbruno): Assert that we're assigning a non-null taskqueue. ref: https://github.com/NextBSD/NextBSD/commit/535865d02c162e415d7436899cd6db5000a0cc7b
      MFC r307657 (by sbruno): Resolve whitespace diff to NextBSD.
      Partial MFC of r311039 (by sbruno): - add INVARIANTS debugging hooks to gtaskqueue enqueue (mmacy)
      Partial MFC of r312205 (by sbruno): Skip smp check if we're running UP
      MFC r312293,312305,312434,312698,312759,312760,312814,312815,322672: Synchronize gtaskqueue vs SMP initialization order with head.
      MFC r303467 (by imp): Switch to linker sets to find the xport callback object.  This eliminates the need to special case everything in cam_xpt for new transports. It is now a failure to not have a transport object when registering the bus as well. You can still, however, create a transport that's unspecified (XPT_)
      MFC r303468 (by imp): Move protocol specific stuff into a linker set object that's per-protocol. This reduces the number scsi symbols references by cam_xpt significantly, and eliminates all ata / nvme symbols. There's still some NVME / ATA specific code for dealing with XPT_NVME_IO and XPT_ATA_IO respectively, and a bunch of scsi-specific code, but this is progress.
      MFC r328450: Use bus_dmamem_alloc(9) KPI instead of contigmalloc(9).
      MFC r328611: Try to preallocate receive memory early.
      MFC r325795 (by imp): Belatedly add opt_nvme.h to fix building nvme.ko outside of a kernel build.
      MFC r328937: Fix queue length reporting in mps(4) and mpr(4).
      MFC r319671: SHA-512 and Skein have been supported by the boot loader for some time.
      MFC r321104 (by jhibbits): Make ZFS not crash on mount on 32-bit systems
      MFC r323002 (by emaste): zfs: do not advertise edonr which is not yet supported
      MFC r328224: MFV r328220: 8677 Open-Context Channel Programs
      MFC r328226: MFV r328225: 8603 rename zilog's "zl_writer_lock" to "zl_issuer_lock"
      MFC r328228: MFV r328227: 8909 8585 can cause a use-after-free kernel panic
      MFC r328230: MFV r328229: 8930 zfs_zinactive: do not remove the node if the filesystem is readonly
      MFC r328232: MFV r328231: 8897 zpool online -e fails assertion when run on non-leaf vdevs
      MFC r328234: MFV r328233: 8898 creating fs with checksum=skein on the boot pools fails ungracefully
      MFC r328246: MFV r328245: 8856 arc_cksum_is_equal() doesn't take into account ABD-logic
      MFC r328248: MFV r328247: 8959 Add notifications when a scrub is paused or resumed
      MFC r328250: MFV r328249: 8641 "zpool clear" and "zinject" don't work on "spare" or "replacing" vdevs
      MFC r328252: MFV r328251: 8652 Tautological comparisons with ZPROP_INVAL
      MFC r328254: MFV r328253: 8835 Speculative prefetch in ZFS not working for misaligned reads
      MFC r328256: MFV r328255: 8972 zfs holds: In scripted mode, do not pad columns with spaces
      MFC r329091: Add sysctls for dnode block and indirect block shifts.
      MFC r328514: Assume Always Running APIC Timer for AMD CPU families >= 0x12.

mckusick (6):
      MFC of 328444.
      MFC of 328304 and 328382.
      MFC of 328643.
      MFC of 328647.
      MFC of 329749.
      MFC of 329880.

mjg (3):
      MFC r327874:
      MFC r327875,r327905,r327914:
      MFC r324610:

mm (1):
      MFH r328332: Sync libarchive with vendor.

mmel (3):
      MFC r325364,r326794:
      MFC r325438:
      MFC r324821:

n_hibma (2):
      Merge r327951
      Merge rev. 329197 from HEAD:

np (7):
      iw_cxgbe: Manually backport changes related to QP flush.  This fixes a panic where poll_cq sees an empty RQ while processing an incoming SEND for a QP that is being taken down.
      iw_cxgbe:  Follow-up fix to r329017, which updated the code associated with QP flush.
      MFC r323221:
      MFC r328314:
      MFC r319506, r319872, r321063, r321103, r321179, r321390, r321435, r321582, r321671, r322014, r322034, r322055, r322123, r322167, r322425, r322549, r322914, r322960, r322962, r322964, r322985, r322990, r323006, r323026, r323041, r323069, r323078, r323343, r323514, r323520, r324296, r324379, r324386, r324443, r324945, r325596, r325680, r325880, r325883-r325884, r325961, r326026, r326042, r327062, r327093, r327332, r327528, r328420, and r328423.
      MFC r328315:
      MFC r321105:

pfg (5):
      MFC r328221:
      MFC r328497: pfctl(8): Fix two wrong conditions.
      MFC r328567: libedit: sort the Makefile in line with NetBSD's version.
      MFC r329846: getpeereid(3): Fix behavior on failure to match documentation.
      MFC r329848: __printf_render_int(): small type change to match use.

philip (1):
      MFC r328055: Import tzdata 2018a MFC r328318: Import tzdata 2018c

pkelsey (3):
      MFC r316648:
      MFC of r316630, r316631, r316632, r316633, r316634
      MFC of r305169:

rgrimes (2):
      MFC: r316746 Add UEFI support to vmrun.sh
      MFC:	r328695,r328720,r328784,r328795 share/examples/bhyve/vmrun.sh additions 	and cleanups

rpokala (4):
      MFC r329295:
      MFC r323508:
      MFC r329682:
      MFC r329843:

silby (1):
      MFC r329362: Prevent savecore from reading bounds from the current directory.

skra (1):
      MFC r325321:

truckman (1):
      MFC r323067, r323184, r323185, r323195, r323196 (by cem)

vangyzen (3):
      MFC r328552
      MFC r329053
      MFC r329181

wulf (1):
      MFC r328864:

Installer images: http://installer.hardenedbsd.org/pub/HardenedBSD/releases/amd64/amd64/ISO-IMAGES/HardenedBSD-11-STABLE-v1100055/

CHECKSUM.SHA512:

SHA512 (HardenedBSD-11-STABLE-v1100055-amd64-bootonly.iso) = ad7fa69987401bb7a01085669e0c09ee9dd6c110c992d1de2b3749e36183bd47d3880b9285d75f3957a4af4e06f6d11875c423a31c60d388517435e683de88e8
SHA512 (HardenedBSD-11-STABLE-v1100055-amd64-disc1.iso) = 35df493e4eb5f3649a731af3bf1d416bce85a045349044b5c8f6d3760fc4f96b3a321c4dfee124febca88bfed20fccd2f17395f5c6e8fca31a915327b95bc7f9
SHA512 (HardenedBSD-11-STABLE-v1100055-amd64-memstick.img) = 36c030c2671d0433a00559c5bf1b4009dba7ccaf9e2fa450e39a607f76391dcd93e575fa1d96a49c8da9f52c552319bca6a3b3d738676b0b8dc2f75b4a9beb75
SHA512 (HardenedBSD-11-STABLE-v1100055-amd64-mini-memstick.img) = 4e2c4304f16f1ffb3e4aff2e6d21374d9cfdd0e0ed2d3b2ac1f8b3b139d5107956ab531cf19e897bdcd5a54b6908585eb00b9c433eb402f15ea0b74551c31713

CHECKSUM.SHA512.asc:

-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEu1M4jTvZiSgVy54wgZsRom/9GI0FAlqf1n8ACgkQgZsRom/9
GI3EkhAApT06LeJ4a7ujeoUWpvYPf3N0twjGmruywCRR7D1AUft4h5l9uS2mlVsO
GaUqQo5FRo+Ne7GC1GmXBtJ1ViUt9p+Sb3Siuy5bM0dynYB1qpmJALLaypntea5k
HuydsZG/AGHuulpFbyf8aHIvsKMwIeVQKqFl0KMihK2D5beKN+SMUHuhmRKBPaB9
woSr/d1JODbu7wP6ChzliTAcNhp0RMdzcSMcVqhPE46WO+jjJudSMXag1wt12fIH
PuoQhuySTNApKxncYXJH1xAr2Jh/4d2ogTFsJlWVDfL33cxCQsGff5TeN7KAbwqF
phRF2hjymkp+worBDiH29CMCwcSZlxRKNfHD9JS10ubp920sESw0Dq2L/TNcqa8z
X9PQghthMvr8qCUB3u3l4gcMZvKO55oFfAI42thMWB19a82BIJ0ckOY6oFO+Lyeg
CWoKzjRkT0Byw6xqLgSXTVcc/4T+7qSfMr4jsPoR04SsHY2w0z5UXBnfqPUICs14
8IgFFh++IfrZ6VLbNVLXaNyAAbDOj2ZYWcL8tEE3RIbldgWQ9E1u0jCbUNudQZeM
8v3OZpHGMIjofeWqZg2cfQDp6gjTrnQ66fQasJhszZSLmDofTjSsEGesL6BREOKB
yUd3PWLKOFFgjB1eZzw3qcGW5/5kh9R4u+b+uXWQ1G563xV8cHY=
=QzWd
-----END PGP SIGNATURE-----

shortlog-HardenedBSD-11-STABLE-v1100055.txt
CHECKSUM.SHA512.txt
CHECKSUM.SHA512.asc.txt