------------------------------------------------------------------------
r369150 | emaste | 2021-01-26 06:50:03 -0800 (Tue, 26 Jan 2021) | 18 lines

elfctl: prefix disable flags with "no"

Some ELF feature flags indicate a request to opt-out of some feature,
for example NT_FREEBSD_FCTL_ASLR_DISABLE indicates that ASLR should be
disabled for the tagged binary.  Using "aslr" as the short name for the
flag is confusing as it seems to indicate a request for ASLR to be
enabled.  Rename "noaslr", and make a similar change for other opt-out
flags.

Reviewed by:	bapt, manu, markj
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D28139

(cherry picked from commit c763f99d11fdc9641308124c4a030c90b6a7fdbb)

Git Hash:   f56d7f838f5b3aa0f55b10406eaa7eb760a3ba18
Git Author: emaste@FreeBSD.org
------------------------------------------------------------------------
r369179 | gbe | 2021-01-30 02:15:40 -0800 (Sat, 30 Jan 2021) | 15 lines

kevent(2): Bugfix for wrong EVFILT_TIMER timeouts

When using NOTE_NSECONDS in the kevent(2) API, US_TO_SBT should be
used instead of NS_TO_SBT, otherwise the timeout results are
misleading.

PR:		252539
Reviewed by:	kevans, kib
Approved by:	kevans
Differential Revision:	https://reviews.freebsd.org/D28067

(cherry picked from commit 4d0c33be634a929f323117f04e6b1670776f9e37)

Git Hash:   6a3ad2d0a7b633bad2bb33f9c4c426dffcc91633
Git Author: jan.kokemueller@gmail.com
------------------------------------------------------------------------
r369180 | jilles | 2021-01-30 07:13:08 -0800 (Sat, 30 Jan 2021) | 16 lines

sh: Test that executing various binary files is rejected

If executing a file fails with an [ENOEXEC] error, the shell executes the
file as a shell script, except that this execution may instead result in an
error message if the file is binary.

Per a recent Austin Group interpretation, we will need to change this to
allow a concatenation of a shell script and a binary payload. See
Austin Group bugs #1226 and #1250.

MFC after:	1 week

(cherry picked from commit 2a55bade0ed3e08a8c4f922df0ecf67d1ee32f53)

Git Hash:   9b38ede3a347f9ae48d4b80878134f07ccc6845c
Git Author: jilles@FreeBSD.org
------------------------------------------------------------------------
r369181 | jilles | 2021-01-30 07:13:11 -0800 (Sat, 30 Jan 2021) | 20 lines

sh: Allow more scripts without #!

Austin Group bugs #1226 and #1250 changed the requirements for shell scripts
without #! (POSIX does not specify #!; this is about the shell execution
when execve(2) returns an [ENOEXEC] error).

POSIX says we shall allow execution if the initial part intended to be
parsed by the shell consists of characters and does not contain the NUL
character.  This allows concatenating a shell script (ending with exec or
exit) and a binary payload.

In order to reject common binary files such as PNG images, check that there
is a lowercase letter or expansion before the last newline before the NUL
character, in addition to the check for the newline character suggested by
POSIX.

(cherry picked from commit e0f5c1387df23c8c4811f5b24a7ef6ecac51a71a)

Git Hash:   3708b615c354df013037c065d5a714207c041ea8
Git Author: jilles@FreeBSD.org
------------------------------------------------------------------------
r369182 | jilles | 2021-01-30 07:13:14 -0800 (Sat, 30 Jan 2021) | 12 lines

sh/tests: Add a second kind of binary scripts without #!

One of the reasons for git commit
e0f5c1387df23c8c4811f5b24a7ef6ecac51a71a was to make "actually portable
executables" work. Add a test that is more like those.

MFC after:	1 week

(cherry picked from commit 52981a1694be7a70013e5149c020706c9b6411f9)

Git Hash:   c48240fa6f8e168325a278f8b8cc075779615ddf
Git Author: jilles@FreeBSD.org
------------------------------------------------------------------------
r369184 | kevans | 2021-01-30 17:17:05 -0800 (Sat, 30 Jan 2021) | 20 lines

stand: ensure that the efi directory's dependencies are correct

efi, like the various ${MACHINE} directories, should have a dependency on
the enabled interpreters.

The general rule here is that any top-level directory that has a program at
any depth within that includes loader.mk should add ${INTERP_DEPENDS} added
to its dependencies so that the appropriate ficl/lua bits are ready before
they begin.

Note that the only directories in-tree that require it but will not get it
in a more appropriate manner are i386 (on amd64), efi, and userboot. i386
and userboot are handled explicitly in Makefile.amd64 where they are added
to S.yes.

Reported-by:	bcran
(cherry picked from commit 7012461c9bf6375cd0b14de16b3b4a753c5c1c7a)

Git Hash:   d9cd8a3d3fd57109978afa157e749048d3b22ea7
Git Author: kevans@FreeBSD.org
------------------------------------------------------------------------
r369185 | kevans | 2021-01-30 17:18:03 -0800 (Sat, 30 Jan 2021) | 69 lines

lualoader: improve loader.conf var processing

lualoader was previously not processing \ as escapes; this commit fixes
that and does better error checking on the value as well.

Additionally, loader.conf had some odd restrictions on values that make
little sense. Previously, lines like:

kernel=foo

Would simply be discarded with a malformed line complaint you might not
see unless you disable beastie.

lualoader tries to process these as well as it can and manipulates the
environment, while forthloader did minimal processing and constructed a
`set` command to do the heavy lifting instead. The lua approach was
re-envisioned from building a `set` command so that we can appropriately
reset the environment when, for example, boot environments change.

Lift the previous restrictions to allow unquoted values on the right hand
side of an expression.  Note that an unquoted value is effectively:

[A-Za-z0-9-][A-Za-z0-9-_.]*

This commit also stops trying to weirdly limit what it can handle in a
quoted value. Previously it only allowed spaces, alphanumeric, and
punctuation, which is kind of weird. Change it here to grab as much as it
can between two sets of quotes, then let processEnvVar() do the needful and
complain if it finds something malformed looking.

My extremely sophisticated test suite is as follows:

<<EOF
X_01_simple_string="simple"
X_02_escaped_string="s\imple"

X_03_unquoted_val=3
X_04_unquoted_strval=simple_test

X_05_subval="${X_03_unquoted_val}"
X_06_escaped_subval="\${X_03_unquoted_val}"

X_07_embedded="truth${X_03_unquoted_val}"
X_08_escaped_embedded="truth\${X_03_unquoted_val}"

X_09_unknown="${unknown_val}"
X_10_unknown_embedded="truth${unknown_val}"

X_11_crunchy="crunch$unknown_val crunch"
X_12_crunchy="crunch${unknown_val}crunch"

Y_01_badquote="te"lol"
Y_02_eolesc="lol\"
Y_02_noteolesc="lol\\"
Y_03_eolvar="lol$"
Y_03_noteolvar="lol\$"
Y_04_badvar="lol${"

exec="echo Done!"
EOF

Future work may provide a stub loader module in userland so that we can
formally test the loader scripts rather than sketchy setups like the above
in conjunction with the lua-* tools in ^/tools/boot.

(cherry picked from commit 576562856efbec31520aca6a1f72f2b11298e9a7)

Git Hash:   e8a03eb0c4e1fcb94d58d833ab060bef34646470
Git Author: kevans@FreeBSD.org
------------------------------------------------------------------------
r369188 | git2svn | 2021-01-30 20:33:23 -0800 (Sat, 30 Jan 2021) | 14 lines

MFC: 83edbc3cb54fba6b37a68270c232df7b785bd222

ipfilter: Retire pre-standard C support.

All C compilers in 2021 support standard C and architectures that did
not were retired long ago. Simplify by removing now redundant
pre-standard C code.

MFC after:	1 week

(cherry picked from commit 83edbc3cb54fba6b37a68270c232df7b785bd222)

Git Hash:   35e09fbfc492e8fac3dd7ebdb21a52942ecd5384
Git Author: cy@FreeBSD.org
------------------------------------------------------------------------
r369189 | cy | 2021-01-30 20:33:27 -0800 (Sat, 30 Jan 2021) | 8 lines

MFC 0e01ea872ee475d7aef11d21588504e2ef4eb32c:

Fix a typo.

(cherry picked from commit 0e01ea872ee475d7aef11d21588504e2ef4eb32c)

Git Hash:   2df415116eee92232f775cd29ff2c30ff555c201
Git Author: cy@FreeBSD.org
------------------------------------------------------------------------
r369190 | vmaffione | 2021-01-31 00:52:33 -0800 (Sun, 31 Jan 2021) | 20 lines

iflib: netmap: add support for NS_MOREFRAG

The NS_MOREFRAG flag can be set in a netmap slot to represent a
multi-fragment packet. Only the last fragment of a packet does
not have the flag set. On TX rings, the flag may be set by the
userspace application. The kernel will look at the flag and use it
to properly set up the NIC TX descriptors.
On RX rings, the kernel may set the flag if the packet received
was split across multiple netmap buffers. The userspace application
should look at the flag to know when the packet is complete.

Submitted by:	rajesh1.kumar_amd.com
Reviewed by:	vmaffione
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D27799

(cherry picked from commit aceaccab659c9eb846fb21ff99be34434a9616c7)

Git Hash:   9c5418f00836b997561e3956fc18b7ecc7eccdc1
Git Author: vmaffione@FreeBSD.org
------------------------------------------------------------------------
r369191 | vmaffione | 2021-01-31 00:53:03 -0800 (Sun, 31 Jan 2021) | 8 lines

iflib: netmap: move per-packet operation out of fragments loop

MFC after:	1 week

(cherry picked from commit f80efe5016ba01b2948ca1f0eb8fe34adab5b864)

Git Hash:   31c2349742a9391899180e46336cb227828bf732
Git Author: vmaffione@FreeBSD.org
------------------------------------------------------------------------
r369192 | vmaffione | 2021-01-31 00:53:08 -0800 (Sun, 31 Jan 2021) | 8 lines

netmap: simplify parameter passing

Changes imported from the netmap github.

(cherry picked from commit ee0005f11f2b38a714bc66b7d79832108f6fee77)

Git Hash:   e817c8f77fe8196fcfdcc823b3a2c04b761e68c6
Git Author: vmaffione@FreeBSD.org
------------------------------------------------------------------------
r369193 | git2svn | 2021-01-31 09:08:30 -0800 (Sun, 31 Jan 2021) | 6 lines

Add missing newlines.

(cherry picked from commit 8fee65d0c70c99999b2fe5b49b267547b7ed2a49)

Git Hash:   c8845dd67e44515ab51259fbec4f6cac315a2306
Git Author: mav@FreeBSD.org
------------------------------------------------------------------------
r369194 | git2svn | 2021-01-31 17:55:53 -0800 (Sun, 31 Jan 2021) | 6 lines

Decode NFIT Platform Capabilities.

(cherry picked from commit 1b109c69ed625ebf292c1d16f7a3efcab96722e5)

Git Hash:   0f763fade1af150b0c977c3c626fa1c38856956b
Git Author: mav@FreeBSD.org
------------------------------------------------------------------------
r369195 | git2svn | 2021-01-31 21:45:33 -0800 (Sun, 31 Jan 2021) | 14 lines

tmpfs: push VEXEC check into tmpfs_lookup()

vfs_cache_lookup() has already done the appropriate VEXEC check, therefore
we must not re-check in VOP_CACHEDLOOKUP.

This fixes O_SEARCH semantics on tmpfs and removes a redundant descent into
VOP_ACCESS() in the common case.

Reported-by:	arichardson (via CheriBSD Jenkins CI)

(cherry picked from commit 0f919ed4ae4df082eefb517afe02752b1790afd3)

Git Hash:   d2336460daffae7d2cb2344f52054a7a7a0047ad
Git Author: kevans@FreeBSD.org
------------------------------------------------------------------------
r369196 | hselasky | 2021-02-01 01:28:30 -0800 (Mon, 01 Feb 2021) | 10 lines

MFC 064009e79462:
Add support for enabling and disabling IFCAP_VLAN_HWTSO via
ifconfig(8) in mlx5en(4).

Sponsored by:	Mellanox Technologies // NVIDIA Networking

(cherry picked from commit 064009e79462dea517aa7f1a857fb4d5393caa69)

Git Hash:   918b98a061293dba0efd3ba6524ca6a4a0ef1d2e
Git Author: hselasky@FreeBSD.org
------------------------------------------------------------------------
r369199 | donner | 2021-02-01 05:59:33 -0800 (Mon, 01 Feb 2021) | 15 lines

netgraph/ng_tag: permit variable length data

ng_tag(4) operate on arbitrary data of mbuf_tags(9).  Those structures
are padded to the next multiple of the alignment by the compiler.
Hence a valid argument has be at most as long as the data received.

PR:		241462
Reviewed by:	kp
Approved by:	philip (mentor)
Differential Revision: https://reviews.freebsd.org/D22140

(cherry picked from commit 7c7c231c14246a709270bf3f3a4593208e84d01a)

Git Hash:   305b3ca5f40cbfff1e29f7e2e10a636331a8575c
Git Author: lutz@donnerhacke.de
------------------------------------------------------------------------
r369201 | mw | 2021-02-02 04:29:35 -0800 (Tue, 02 Feb 2021) | 16 lines

marvell: ap806_clock: add missing frequency modes

In the driver init routine the CPU clock frequency
value is obtained from a dedicated register. Until now
only part of the values were handled by the mv_ap806_clock
driver. Fix that by adding missing cases.

Submitted by: Zyta Szpak <zr@semihalf.com>
MFC after: 1 week
Obtained from: Semihalf
Sponsored by: Marvell

(cherry picked from commit a86b0839d7bf3fc06b1ae9c50e055b53c50a9d0b)

Git Hash:   cd1393dfe7189c21739b4581b9cbdda680c54f59
Git Author: mw@FreeBSD.org
------------------------------------------------------------------------
r369203 | donner | 2021-02-02 06:44:27 -0800 (Tue, 02 Feb 2021) | 15 lines

ixl: Permit 802.1ad frames to pass though the chip

This patch is a quick hack to change the internal Ethertype used
within the chip.  All frames with this type are dropped silently.
This patch allows you to overwrite the factory default 0x88a8, which
is used by IEEE 802.1ad VLAN stacking.

Reviewed by:	kp, philip, brueffer
Approved by:	philip (mentor)
Differential Revision: https://reviews.freebsd.org/D24179

(cherry picked from commit fa6662b3689eeb71cb63c2b230ca08e7342cabf0)

Git Hash:   a2c37aa836c0d24b97102605d65971b887a8e957
Git Author: donner@FreeBSD.org
------------------------------------------------------------------------
r369204 | emaste | 2021-02-02 13:15:35 -0800 (Tue, 02 Feb 2021) | 28 lines

fstyp(8): Show exFAT volume labels with -l flag

exfat is fundamentally the same design as fat32.  The superblock differs
marginally, and there are some additional optional features irrelevant to
fstype(8); the structure of dirents has changed slightly to enable, among
other things, larger files; the directory entries are no longer DOS 8.3
ASCII or local 8-bit encoding, but instead explicitly UCS-2-LE.

(As a result, this change uses iconv to convert a found exfat volume label
to the user's locale.)

Locating the volume label is identical to FAT32: locate the root directory
and walk through dirents until you find a volume label.  Like FAT32, follow
the FAT chain between root directory clusters as necessary.

PR:		242225
Reported by:	Victor Sudakov <vas AT sibptus.ru>

(cherry picked from commit 85b4c344c8c69ff7993bc0ac833aaf9a8108b88d)

fstyp(8): Fix WITHOUT_ICONV build

Reported by:	olivier

(cherry picked from commit 5ab1cb52b21fdc5524bd970e9b5cdff21a5bcabf)

Git Hash:   58a9e1ca85797a050d3a39bffa6babcb9d3463a4
Git Author: cem@FreeBSD.org
------------------------------------------------------------------------
r369205 | git2svn | 2021-02-02 13:15:38 -0800 (Tue, 02 Feb 2021) | 10 lines

fstyp(8): fix exfat detection

In the presence of high-level errors (spec violations, bad boot blocks
checksum), report non-detection instead of detection.

PR:	252787 (related, but does not fully address)
(cherry picked from commit ddf61156132b610915325769cbb93ea11be0d433)

Git Hash:   a072e2133ed36f1edf899068e6b026b129c919d8
Git Author: cem@FreeBSD.org
------------------------------------------------------------------------
r369207 | git2svn | 2021-02-02 20:10:35 -0800 (Tue, 02 Feb 2021) | 21 lines

cxgb(4): Remove assumption of physically contiguous mbufs.

Investigation of iSCSI target data corruption reports brought me to
discovery that cxgb(4) expects mbufs to be physically contiguous, that
is not true after I've started using m_extaddref() in software iSCSI
for large zero-copy transmissions.  In case of fragmented memory the
driver transmitted garbage from pages following the first one due to
simple use of pmap_kextract() for the first pointer instead of proper
bus_dmamap_load_mbuf_sg().  Seems like it was done as some optimization
many years ago, and at very least it is wrong in a world of IOMMUs.

This patch just removes that optimization, plus limits packet coalescing
for mbufs crossing page boundary, also depending on assumption of one
segment per packet.

Sponsored by:	iXsystems, Inc.

(cherry picked from commit 9dc7c250b8bd2d5e669c7633e189a700a02c0571)

Git Hash:   4a1ea6a210b2729b7599e2e069cc846b7e0390f8
Git Author: mav@FreeBSD.org
------------------------------------------------------------------------
r369208 | kevans | 2021-02-02 22:59:28 -0800 (Tue, 02 Feb 2021) | 16 lines

stand: lua: enhance lfs.dir() to speed up kernels_autodetect

This eliminates a lot of stat() calls that happen when lualoader renders the
menu with the default settings, and greatly speeds up rendering on my
laptop.

ftype is nil if loader/loader.efi hasn't been updated yet, falling back to
lfs.attributes() to test.

This is technically incompatible with lfs, but not in a particularly
terrible way.

(cherry picked from commit e25ee296c919d6567aa76058a7049eac974797fb)

Git Hash:   32b391d4a99c8c3a52ea1d2c0c82ee3208b77a19
Git Author: kevans@FreeBSD.org
------------------------------------------------------------------------
r369209 | git2svn | 2021-02-02 22:59:30 -0800 (Tue, 02 Feb 2021) | 12 lines

lualoader: position hyphens at the beginning of character classes

According to the Lua 5.4 manual section 6.4.1 ("Patterns"), the interaction
between ranges and classes is not defined and hyphens must be specified at
either the beginning or the end of a set if they are not escaped.

Move all such occurrences to the beginning.

(cherry picked from commit b24872cf7b13314669ed2136c0262bb2eb007695)

Git Hash:   eefddc38243d53a6df41f72c17c65b17d8c46e9c
Git Author: kevans@FreeBSD.org
------------------------------------------------------------------------
r369210 | git2svn | 2021-02-03 06:21:33 -0800 (Wed, 03 Feb 2021) | 14 lines

pf: Improve pf_rule input validation

Move the validation checks to pf_rule_to_krule() to reduce duplication.
This also makes the checks consistent across different ioctls.

Reported-by:	syzbot+e9632d7ad17398f0bd8f@syzkaller.appspotmail.com
Reviewed by:	tuexen@, donner@
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D28362

(cherry picked from commit 7a808c5ee3296fdb72d8e8bc6c7ad6f316a520ab)

Git Hash:   71abbe15d01f73a4e55a732f21180d339eab631d
Git Author: kp@FreeBSD.org
------------------------------------------------------------------------
r369211 | markj | 2021-02-03 06:38:03 -0800 (Wed, 03 Feb 2021) | 20 lines

opencrypto: Fix assignment of crypto completions to worker threads

Since r336439 we simply take the session pointer value mod the number of
worker threads (ncpu by default).  On small systems this ends up
funneling all completion work through a single thread, which becomes a
bottleneck when processing IPSec traffic using hardware crypto drivers.
(Software drivers such as aesni(4) are unaffected since they invoke
completion handlers synchonously.)

Instead, maintain an incrementing counter with a unique value per
session, and use that to distribute work to completion threads.

Reviewed by:	cem, jhb
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D28159

(cherry picked from commit 98d788c867b9e1d7a7e290254443b87ea77d8ab1)

Git Hash:   10ed8ab4ab9bd0239f2913ac2f35af9b9f76221d
Git Author: markj@FreeBSD.org
------------------------------------------------------------------------
r369213 | lwhsu | 2021-02-03 07:07:32 -0800 (Wed, 03 Feb 2021) | 24 lines

newvers: tweak uname to be more useful

The current uname is branch-cXXXX-gHASH

Three changes to make uname more useful.
1. Move from using git rev-list --count to git rev-lis --count --first-parent
   since that gives a better, incrementing number.
2. Report this count as 'nXXXXX' rather than 'cXXXXX' because c is part of
   a hash and we've changed the sematnics of XXXXX
3. Remove g to make HASH cut and pastable.

Durting review, #1 & #3 had the largest consensus. There was a diversity of
opinion on #2, but on the whole it was positive so I'll acknowledge the dissent,
but move forward with something seems to have support since the dissent was all
about what letter to use where I chose 'n'.

MFC After: 3 days
Reviewed by: rgrimes, emaste (earlier version)
Differential Revision: https://reviews.freebsd.org/D28338

(cherry picked from commit 8a51f14a7833fd14e1f125e63a0af9d260dcd287)

Git Hash:   928d45ccff730177581977eafcd1622a1923eb80
Git Author: imp@FreeBSD.org
------------------------------------------------------------------------
r369214 | mav | 2021-02-03 18:33:36 -0800 (Wed, 03 Feb 2021) | 25 lines

Remove FirstBurstLength limit for software iSCSI.

For hardware offload solicited data may potentially be handled more
efficiently than unsolicited due to direct data placement.  Or there
can be some unsolicited write buffering limitations.  It may create
situations where FirstBurstLength limit is really useful.

Software driver though has no those factors, having to do memcopy()
any way and having no so hard limit on the temporary storage.  Same
time more active use of unsolicited transfers allows to avoid some
of Ready To Transfer (R2T) PDU round-trip times and processing.

This change effectively doubles from 64KB to 128KB the maximum size
of write command that can be transferred within one link RTT.  Tests
of (64KB, 128KB] QD1 writes mixed with simultaneous QD8 reads over
the same connection, increasing RTT, shows almost double write speed
and half latency, while we should be able to afford few megabytes of
RAM for additional buffering on a target these days.

Sponsored by:	iXsystems, Inc.

(cherry picked from commit ff751ee05c939eceab25c26ad60b1d56f989aec9)

Git Hash:   bf96a6c762a79d974bd71322cd37e23984e0f3f3
Git Author: mav@FreeBSD.org
------------------------------------------------------------------------
r369215 | kevans | 2021-02-03 19:15:28 -0800 (Wed, 03 Feb 2021) | 11 lines

login.conf(5): set a default PATH for the daemon class

This is a sensible default used by, e.g., cron(8), and useful if one wanted
to honor it.

This is a part of D21481.

(cherry picked from commit ed6f64ff8a90eee579fefef510329b5e9f1f9a65)

Git Hash:   d6898bc06ae9637ffa35705c5753fdecc518d73b
Git Author: andrew@tao11.riddles.org.uk
------------------------------------------------------------------------
r369216 | kevans | 2021-02-03 19:15:34 -0800 (Wed, 03 Feb 2021) | 16 lines

init(8): set environment variables from the "daemon" class as well

Specifically, when running /etc/rc. This allows one to specify via
login.conf(5) an environment that should be used when running services to
ease, e.g., setting up env vars for an HTTP proxy consistently across cron
and services alike.

Future changes will extend cron(8)/service(8) to use environment vars
pecified in login.conf(5) as well to promote a more cohesive experience.

This is a part of D21481.

(cherry picked from commit 21c1a93c048fdd9c276899e72dcb8dc93cc18e09)

Git Hash:   f6512d13154acdd324b09a5db8dc56a4dfeca27a
Git Author: andrew@tao11.riddles.org.uk
------------------------------------------------------------------------
r369217 | kevans | 2021-02-03 19:15:39 -0800 (Wed, 03 Feb 2021) | 12 lines

service(8): set the environment of the "daemon" class before invoking

As mentioned in r357562, this gives the user a single place to configure
environment variables that need to be used for various services -- the
"daemon" class -- for, e.g., configuring a system-wide HTTP proxy.

This is a part of D21481.

(cherry picked from commit 736a5a6d1dbbdae68eb102c2ba9c114aafd61821)

Git Hash:   f7ba064978f84d07cd3ebbcbba3decc8a515cee3
Git Author: andrew@tao11.riddles.org.uk
------------------------------------------------------------------------
r369218 | kevans | 2021-02-03 19:15:43 -0800 (Wed, 03 Feb 2021) | 14 lines

cron(8): set the environment variables of the user and/or login class

Prior to processing environment variable set in the crontab file as those
should be of higher precedent, pull in the user or login class environment.

This is another supporting feature for allowing one to configure system-wide
settings that may affect both regular cron jobs as well as services.

This is the final part of D21481.

(cherry picked from commit 7466dbd684879cbe8d034f388f0c7da703e00c31)

Git Hash:   d5461e9a792ae0d2c4d606046dbe5b425045f5f2
Git Author: andrew@tao11.riddles.org.uk
------------------------------------------------------------------------
r369219 | kp | 2021-02-04 06:24:32 -0800 (Thu, 04 Feb 2021) | 13 lines

bridge: fix STP roles and protos strings

Add the missing commas that got lost in e5539fb618cc7.

PR:		252532
Reviewd by:	kp@, donner@, freqlabs@
MFC after:	3 days
Differential Revision:	https://reviews.freebsd.org/D28425

(cherry picked from commit 88be0e11205e4a2dc77e29f7b4a2e82b8d7c9a5c)

Git Hash:   ad60792666831d6beafbc555cc1fec0305d7f8f5
Git Author: jcaplan@blackberry.com
------------------------------------------------------------------------
r369220 | git2svn | 2021-02-04 06:24:35 -0800 (Thu, 04 Feb 2021) | 14 lines

ipfw(8) crashes when ext6hdr option is omitted

Verify that the option is passed, error out if it's not.
The problem can be trivially triggered with `ipfw add allow ext6hdr`.

PR:		253169
Reviewed by:	kp@
MFC after:	3 days
Differential Revision:	https://reviews.freebsd.org/D28447

(cherry picked from commit 682c31db4ecfb8fc6cac0e8ad4945c03379ea3d1)

Git Hash:   d2eeacf7728a04ee04be8a69b2b1bf375ff24994
Git Author: 2khramtsov@gmail.com
------------------------------------------------------------------------
r369221 | markj | 2021-02-04 06:45:03 -0800 (Thu, 04 Feb 2021) | 10 lines

Revert "opencrypto: Fix assignment of crypto completions to worker threads"

atomic_fetchadd_64 is not available on all platforms on stable/12.

This reverts commit 10ed8ab4ab9bd0239f2913ac2f35af9b9f76221d.

Reported by:	Mark Millard

Git Hash:   40a37d24a8ed2d6e81919ed3c124494cbcf5c527
Git Author: markj@FreeBSD.org
------------------------------------------------------------------------