HardenedBSD/hardenedbsd 703d2c3contrib/libarchive/libarchive archive_read_support_format_iso9660.c archive_read_support_format_7zip.c, sbin/ifconfig ifieee80211.c

Merge remote-tracking branch 'origin/hardened/current/master' into 
hardened/current/unstable

* origin/hardened/current/master:
  [smbfs] Allow semicolon in mounts that support long names
  HBSD: Pull in libarchive/libarchive at 8312eaa576014cd9b965012af51bc1f967b12423
  HBSD: Pull in libarchive/libarchive at 65a23f5dbee4497064e9bb467f81138a62b0dae1
  [ifconfig] Print more WPS attributes in verbose "list scan" output

HardenedBSD/hardenedbsd ba4cfd3sbin/ifconfig ifieee80211.c, sys/fs/smbfs smbfs_vnops.c

Merge branch 'freebsd/current/master' into hardened/current/master

* freebsd/current/master:
  [smbfs] Allow semicolon in mounts that support long names
  [ifconfig] Print more WPS attributes in verbose "list scan" output

HardenedBSD/hardenedbsd d628719sys/fs/smbfs smbfs_vnops.c

[smbfs] Allow semicolon in mounts that support long names

Semicolon is a legal character in long names but not in 8.3 format.
Move it to respective character set.

PR:            140068
Submitted by:   tom at uffner.com
MFC after:      3 weeks

HardenedBSD/hardenedbsd 4a8c823lib/libc/gen elf_utils.c, libexec/rtld-elf/powerpc64 reloc.c

Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master

* freebsd/12-stable/master:
  MFC r342671:
  MFC r341387:
  MFC r342988:
  MFC r343117: Fix handling of rights on stdio streams.

HardenedBSD/hardenedbsd ed2f97ccontrib/libarchive/libarchive archive_read_support_format_iso9660.c

HBSD: Pull in libarchive/libarchive at 8312eaa576014cd9b965012af51bc1f967b12423

From the commit in libarchive:

```
A corrupted or malicious ISO9660 image can cause read_CE() to loop
forever.

read_CE() calls parse_rockridge(), expecting a Rockridge extension
to be read. However, parse_rockridge() is structured as a while
loop starting with a sanity check, and if the sanity check fails
before the loop has run, the function returns ARCHIVE_OK without
advancing the position in the file. This causes read_CE() to retry
indefinitely.

Make parse_rockridge() return ARCHIVE_WARN if it didn't read an
extension. As someone with no real knowledge of the format, this
seems more apt than ARCHIVE_FATAL, but both the call-sites escalate
it to a fatal error immediately anyway.

Found with a combination of AFL, afl-rb (FairFuzz) and qsym.
```

Signed-off-by:  Shawn Webb <shawn.webb at hardenedbsd.org>
Sponsored-by:   SoldierX

HardenedBSD/hardenedbsd ce6bb74contrib/libarchive/libarchive archive_read_support_format_7zip.c

HBSD: Pull in libarchive/libarchive at 65a23f5dbee4497064e9bb467f81138a62b0dae1

From the commit in libarchive:

```
Fuzzing with CRCs disabled revealed that a call to get_uncompressed_data()
would sometimes fail to return at least 'minimum' bytes. This can cause
the crc32() invocation in header_bytes to read off into invalid memory.

A specially crafted archive can use this to cause a crash.

An ASAN trace is below, but ASAN is not required - an uninstrumented
binary will also crash.

==7719==ERROR: AddressSanitizer: SEGV on unknown address 0x631000040000 (pc 0x7fbdb3b3ec1d 
bp 0x7ffe77a51310 sp 0x7ffe77a51150 T0)
==7719==The signal is caused by a READ memory access.
    #0 0x7fbdb3b3ec1c in crc32_z (/lib/x86_64-linux-gnu/libz.so.1+0x2c1c)
    #1 0x84f5eb in header_bytes (/tmp/libarchive/bsdtar+0x84f5eb)
    #2 0x856156 in read_Header (/tmp/libarchive/bsdtar+0x856156)
    #3 0x84e134 in slurp_central_directory (/tmp/libarchive/bsdtar+0x84e134)
    #4 0x849690 in archive_read_format_7zip_read_header (/tmp/libarchive/bsdtar+0x849690)
    #5 0x5713b7 in _archive_read_next_header2 (/tmp/libarchive/bsdtar+0x5713b7)
    #6 0x570e63 in _archive_read_next_header (/tmp/libarchive/bsdtar+0x570e63)
    #7 0x6f08bd in archive_read_next_header (/tmp/libarchive/bsdtar+0x6f08bd)

    [13 lines not shown]

HardenedBSD/hardenedbsd eeec69clibexec/rtld-elf/powerpc64 reloc.c

MFC r342671:

rtld-elf: Fix powerpc64 TLS handling, matching powerpc's fix

We need to subtract the TLS_TCB_SIZE to get to the real data pointer, since
r13 points to the end of the TCB structure.  Prior to this, devel/protobuf-c
port broke with recent update to devel/protobuf, which exposed this issue.

Submitted by:   andreast
Reported by:    Piotr Kubaj

HardenedBSD/hardenedbsd ccc16a4lib/libc/gen elf_utils.c

MFC r341387:

Fix PowerPC64 ELFv1-specific problem in __elf_phdr_match_addr() leading to crash
in threaded programs that unload libraries.

Summary:
The GNOME update to 3.28 exposed a bug in __elf_phdr_match_addr(), which leads
to a crash when building devel/libsoup on powerpc64.

Due to __elf_phdr_match_addr() limiting its search to PF_X sections, on the
PPC64 ELFv1 ABI, it was never matching function pointers properly.

This meant that libthr was never cleaning up its atfork list in
__pthread_cxa_finalize(), so if a library with an atfork handler was unloaded,
libthr would crash on the next fork.

Normally, the null pointer check it does before calling the handler would avoid
this crash, but, due to PPC64 ELFv1 using function descriptors instead of raw
function pointers, a null check against the pointer itself is insufficient, as
the pointer itself was not null, it was just pointing at a function descriptor
that had been zeroed. (Which is an ABI violation.)

Calling a zeroed function descriptor on PPC64 ELFv1 causes a jump to address 0
with a zeroed r2 and r11.

HardenedBSD/hardenedbsd 2279564sys/powerpc/booke spe.c

MFC r342988:

powerpcspe: Correct SPE high-component loading

Don't clobber the low part of the register restoring the high component of.
This could lead to very bad behavior if it's an ABI-affected register.

While here, also mark the asm volatile in the SPE high save case, to match
the load case.

HardenedBSD/hardenedbsd 9700e34usr.bin/cmp cmp.c

MFC r343117:
Fix handling of rights on stdio streams.

PR:     234885
DeltaFile
+7-17usr.bin/cmp/cmp.c
+7-171 files

HardenedBSD/hardenedbsd 7a9a7ddsbin/ifconfig ifieee80211.c, sys/net80211 ieee80211_wps.h ieee80211.h

[ifconfig] Print more WPS attributes in verbose "list scan" output

- Move WPS related defines to dedicated file
- Add handlers for more WPS attributes

PR:            217317
Submitted by:   J.R. Oldroyd <fbsd at opal.com>
MFC after:      3 weeks

HardenedBSD/hardenedbsd 7626b29sys/dev/ixgbe ixgbe_common.c ixgbe_82599.c, usr.sbin/rpc.lockd Makefile

Merge remote-tracking branch 'origin/hardened/current/master' into 
hardened/current/unstable

* origin/hardened/current/master:
  ixgbe: this statement may fall through warnings with gcc
  HBSD: Disable cfi-icall for NFS RPC utilities

HardenedBSD/hardenedbsd e08dbb4sys/dev/ixgbe ixgbe_common.c ixgbe_82599.c

Merge branch 'freebsd/current/master' into hardened/current/master

* freebsd/current/master:
  ixgbe: this statement may fall through warnings with gcc

HardenedBSD/hardenedbsd e71ca56sys/dev/ixgbe ixgbe_common.c ixgbe_82599.c

ixgbe: this statement may fall through warnings with gcc

The recent gcc versions (7 and 8 at least) can check for switch case
statements for fall through (implicit-fallthrough). When fall through
is intentional, the default method for warning suppression is to place
comment /* FALLTHROUGH */ exactly before next case statement.

Differential Revision:  https://reviews.freebsd.org/D18577

HardenedBSD/hardenedbsd 269d528usr.bin/rpcgen Makefile, usr.sbin/rpc.statd Makefile

HBSD: Disable cfi-icall for NFS RPC utilities

The various NFS RPC utilities violate cfi-icall. Until I have time to
write a patch fixing the violations, disable the cfi-icall scheme for
them.

Signed-off-by:  Shawn Webb <shawn.webb at hardenedbsd.org>
Sponsored-by:   SoldierX
Reported-by:    C.L. Martinez <clopmz at outlook.com>
MFC-to:        12-STABLE

HardenedBSD/hardenedbsd a9351a7sys/net80211 ieee80211_crypto.c

Merge remote-tracking branch 'origin/hardened/current/master' into 
hardened/current/unstable

* origin/hardened/current/master:
  net80211: drop m_pullup call from ieee80211_crypto_decap.

HardenedBSD/hardenedbsd 0719fcbsys/net80211 ieee80211_crypto.c

Merge branch 'freebsd/current/master' into hardened/current/master

* freebsd/current/master:
  net80211: drop m_pullup call from ieee80211_crypto_decap.

HardenedBSD/hardenedbsd 8d5ef2csys/dev/rtwn/usb rtwn_usb_attach.h, sys/dev/usb usbdevs

Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master

* freebsd/12-stable/master:
  MFC r343088: rtwn_usb(4): add new USB id for RTL8821AU

HardenedBSD/hardenedbsd 1270bd5sys/net80211 ieee80211_crypto.c

net80211: drop m_pullup call from ieee80211_crypto_decap.

For most wireless drivers Rx mbuf is allocated as one
contiguous chunk; only few are using chains for allocations -
but even then at least MCLBYTES (minus Rx descriptor size) is
available in the first mbuf.

In addition to the above, m_pullup was never called here - otherwise,
reallocation will break post-crypto_decap logic (ieee80211_decap,
ieee80211_deliver_data...), so just remove it; length check is left
in case if some truncated frame appears here.

PR:            234241
MFC after:      1 week

HardenedBSD/hardenedbsd a8e4174sys/dev/rtwn/usb rtwn_usb_attach.h, sys/dev/usb usbdevs

MFC r343088:
rtwn_usb(4): add new USB id for RTL8821AU

Reported by:    Mike Tancsa <mike at sentex.net>
Tested by:      Mike Tancsa <mike at sentex.net>

HardenedBSD/hardenedbsd 1a449ddsys/contrib/ncsw/user/env xx.c, sys/dev/aic7xxx aic79xx_pci.c

Merge remote-tracking branch 'origin/hardened/current/master' into 
hardened/current/unstable

* origin/hardened/current/master:
  [aic7xxx] Use correct product name 29320LPE instead of non-existent 39320LPE
  dpaa: fix 32-bit build
  powerpc/dpaa: Handle DMAP virtual addresses in DPAA
  powerpc: Fix opaque irq data initialization

HardenedBSD/hardenedbsd 321c87dsys/contrib/ncsw/user/env xx.c, sys/dev/aic7xxx aic79xx_pci.c

Merge branch 'freebsd/current/master' into hardened/current/master

* freebsd/current/master:
  [aic7xxx] Use correct product name 29320LPE instead of non-existent 39320LPE
  dpaa: fix 32-bit build
  powerpc/dpaa: Handle DMAP virtual addresses in DPAA
  powerpc: Fix opaque irq data initialization

HardenedBSD/hardenedbsd 4881e4asys/dev/aic7xxx aic79xx_pci.c

[aic7xxx] Use correct product name 29320LPE instead of non-existent 39320LPE

The PCI id belongs to Adaptec 29320LPE controller. The same fix also was
merged[1] to OpenBSD driver ~6 years ago.

[1] https://github.com/openbsd/src/commit/f997b5

PR:            172133
Submitted by:   henning.petersen at t-online.de
MFC after:       1 week

HardenedBSD/hardenedbsd 1ab2f0fsys/contrib/ncsw/user/env xx.c

dpaa: fix 32-bit build

Book-E powerpc uses 64-bit vm_paddr_t, and 32-bit powerpc has 32-bit pointers,
so gcc errors with cast to pointer from integer of different size.  As this will
not actually be used in reality anyway, simply quiet the warning by casting
through uintptr_t.

MFC after:      3 weeks
MFC with:       r343168

HardenedBSD/hardenedbsd c20f3fasys/contrib/ncsw/user/env xx.c

powerpc/dpaa: Handle DMAP virtual addresses in DPAA

sendfile(2) appears to now use DMAP wherever possible.  These addresses are not
managed by pmap, so pmap_kextract() returns a 0 physical address, causing
failure.

This change fixes nginx running on P5020 SoC.

MFC after:      3 weeks

HardenedBSD/hardenedbsd 8161ca8sys/powerpc/powerpc intr_machdep.c, sys/powerpc/pseries xics.c

powerpc: Fix opaque irq data initialization

The powerpc_intr structure is not zero-initialized, so on an invariants
build would panic in the xics driver with an invalid pointer.  Also fix the
xics driver to share the private data setup code between xics_enable() and
xics_bind().

Reported by:    Leonardo Bianconi

HardenedBSD/hardenedbsd 2061f8finclude/protocols talkd.h, sys/amd64/vmm x86.c

Merge remote-tracking branch 'origin/hardened/current/master' into 
hardened/current/unstable

* origin/hardened/current/master:
  vmm(4): Mask Spectre feature bits on AMD hosts
  Fix top(1) long options handling
  Clarify error messages a bit.
  psm(4): detect Lenovo top-button clickpads
  Make SIFTR work again after r342125 (D18443).
  Use a private definition of osockaddr rather then relying on type namespace polution in 
sys/socket.h.
  [usb] Add HID_IGNORE quirks for multiple UPS devices
  Remove leading slash from OLD_DIRS assignment in ObsoleteFiles.inc.  The "make 
delete-old" mechanism will already take care of such prefixes, and this prevents a double 
leading slash from being displayed.

HardenedBSD/hardenedbsd 3dc02d0include/protocols talkd.h, sys/amd64/vmm x86.c

Merge branch 'freebsd/current/master' into hardened/current/master

* freebsd/current/master:
  vmm(4): Mask Spectre feature bits on AMD hosts
  Fix top(1) long options handling
  Clarify error messages a bit.
  psm(4): detect Lenovo top-button clickpads
  Make SIFTR work again after r342125 (D18443).
  Use a private definition of osockaddr rather then relying on type namespace polution in 
sys/socket.h.
  [usb] Add HID_IGNORE quirks for multiple UPS devices
  Remove leading slash from OLD_DIRS assignment in ObsoleteFiles.inc.  The "make 
delete-old" mechanism will already take care of such prefixes, and this prevents a double 
leading slash from being displayed.

HardenedBSD/hardenedbsd e87da0fsys/amd64/vmm x86.c

vmm(4): Mask Spectre feature bits on AMD hosts

For parity with Intel hosts, which already mask out the CPUID feature
bits that indicate the presence of the SPEC_CTRL MSR, do the same on
AMD.

Eventually we may want to have a better support story for guests, but
for now, limit the damage of incorrectly indicating an MSR we do not yet
support.

Eventually, we may want a generic CPUID override system for
administrators, or for minimum supported feature set in heterogenous
environments with failover.  That is a much larger scope effort than
this bug fix.

PR:            235010
Reported by:    Rys Sommefeldt <rys AT sommefeldt.com>
Sponsored by:   Dell EMC Isilon

HardenedBSD/hardenedbsd 5232a04sys/dev/atkbdc psm.c atkbdc.c, sys/dev/evdev evdev_utils.c

Merge remote-tracking branch 'origin/hardened/11-stable/master' into 
hardened/11-stable/unstable

* origin/hardened/11-stable/master:
  MFC r340926:
  MFC r340912,r340913:

HardenedBSD/hardenedbsd e14ddbcsys/dev/atkbdc psm.c atkbdc.c, sys/dev/evdev evdev_utils.c

Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master

* freebsd/11-stable/master:
  MFC r340926:
  MFC r340912,r340913:

HardenedBSD/hardenedbsd 2cb205dusr.bin/top top.c

Fix top(1) long options handling

getopt_long(3) requires the long options be terminated by a NULL block.
Without the terminator, an invalid long option results in a segmentation
fault.

Reported by:    Brandon Bergren
MFC after:      1 week
DeltaFile
+2-1usr.bin/top/top.c
+2-11 files

HardenedBSD/hardenedbsd f0c36dcusr.sbin/jail command.c

Clarify error messages a bit.

X-Found-With:   r343112
MFC after:      1 month

HardenedBSD/hardenedbsd 30e8bccsys/dev/atkbdc psm.c atkbdc.c, sys/dev/evdev evdev_utils.c

Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master

* freebsd/12-stable/master:
  MFC r340926:
  MFC r340912,r340913:
  MFC r340338: wmt(4): Add PNP record so it could be picked by devd/devmatch. Fix uhid(4) 
conflict with blacklisting of multitouch HID-usages in uhid(4) probe handler.

HardenedBSD/hardenedbsd 0a62e62sys/dev/atkbdc psm.c, sys/sys mouse.h

psm(4): detect Lenovo top-button clickpads

libinput has special handling for Lenovo ThinkPad *40 series, where it
treats clicks on the top button area as if they came from the TrackPoint:
https://wayland.freedesktop.org/libinput/doc/latest/t440-support.html

Detect these devices and set the corresponding evdev property.

Submitted by:          Greg V <greg at unrelenting.technology>
MFC after:             2 weeks
Differential Revision:  https://reviews.freebsd.org/D18676

HardenedBSD/hardenedbsd 8ba0807sys/netinet siftr.c

Make SIFTR work again after r342125 (D18443).

Correct a logic error.

Only disable when already enabled or enable when disabled.

Submitted by:   Richard Scheffenegger
Reviewed by:    Cheng Cui
Obtained from:  Cheng Cui
MFC after:      3 days
Differential Revision:  https://reviews.freebsd.org/D18885
DeltaFile
+11-6sys/netinet/siftr.c
+11-61 files

HardenedBSD/hardenedbsd 3d6c5e1include/protocols talkd.h, libexec/talkd talkd.c

Use a private definition of osockaddr rather then relying on type
namespace polution in sys/socket.h.

Also remove support for operation on 4.3BSD.

PR:            224529
Differential Revision:  https://reviews.freebsd.org/D14505

HardenedBSD/hardenedbsd 5113b22sys/dev/evdev evdev_utils.c

MFC r340926:

evdev: Fix pause key release event in AT keyboard set 1 to evdev xlat-or.

HardenedBSD/hardenedbsd 1fcde9fsys/dev/evdev evdev_utils.c

MFC r340926:

evdev: Fix pause key release event in AT keyboard set 1 to evdev xlat-or.

HardenedBSD/hardenedbsd d3b1987sys/dev/atkbdc psm.c atkbdc.c

MFC r340912,r340913:

psm(4): Revert r328640 and add minimal support for active AUX port
        multiplexers

Active PS/2 multiplexing is a method for attaching up to four PS/2
pointing devices to a computer. Enabling of multiplexed mode allows
commands to be directed to individual devices using routing prefixes.
Multiplexed mode reports input with each byte tagged to identify
its source. This method differs from one currently supported by psm(4)
where so called guest device (trackpoint) is attached to special
interface located on the host device (touchpad) and latter performs
guest protocol conversion to special encapsulation packet format.

At present time active PS/2 multiplexing is used in some models of
HP laptops e.g. EliteBook 8560w, 9470m. Enabling of absolute operation
mode on such touchpads is connected with following problems:
1. Touchpad's port priority is lower than trackpoint's. That blocks
   information queries thus prevents touchpad detection and configuration.
2. Touchpad and trackpoint have different protocol packet sizes and
   sync bytes.

As PS/2 usage is on decline only minimal possible set of changes to
support Synaptics touchpad and generic mouses is implemented.
Active multiplexing mode is enabled only at probe stage to scan through

    [21 lines not shown]

HardenedBSD/hardenedbsd 4d24b9asys/dev/atkbdc psm.c atkbdc.c

MFC r340912,r340913:

psm(4): Revert r328640 and add minimal support for active AUX port
        multiplexers

Active PS/2 multiplexing is a method for attaching up to four PS/2
pointing devices to a computer. Enabling of multiplexed mode allows
commands to be directed to individual devices using routing prefixes.
Multiplexed mode reports input with each byte tagged to identify
its source. This method differs from one currently supported by psm(4)
where so called guest device (trackpoint) is attached to special
interface located on the host device (touchpad) and latter performs
guest protocol conversion to special encapsulation packet format.

At present time active PS/2 multiplexing is used in some models of
HP laptops e.g. EliteBook 8560w, 9470m. Enabling of absolute operation
mode on such touchpads is connected with following problems:
1. Touchpad's port priority is lower than trackpoint's. That blocks
   information queries thus prevents touchpad detection and configuration.
2. Touchpad and trackpoint have different protocol packet sizes and
   sync bytes.

As PS/2 usage is on decline only minimal possible set of changes to
support Synaptics touchpad and generic mouses is implemented.
Active multiplexing mode is enabled only at probe stage to scan through

    [21 lines not shown]

HardenedBSD/hardenedbsd d06a697sys/dev/usb usbdevs, sys/dev/usb/quirk usb_quirk.c

[usb] Add HID_IGNORE quirks for multiple UPS devices

Without HID_IGNORE quirk enabled these models appear in the system as a uhid
devices while NUT (Network UPS Tool) expects them to be ugen.

PR:            131521
Submitted by:   Naoyuki Tai <ntai at smartfruit.com>, John Bayly <john.bayly at tipstrade.net>
MFC after:      1 week

HardenedBSD/hardenedbsd 45d19d4sys/dev/usb/input uhid.c wmt.c

MFC r340338:
wmt(4): Add PNP record so it could be picked by devd/devmatch.
Fix uhid(4) conflict with blacklisting of multitouch HID-usages
in uhid(4) probe handler.

Reviewed by:    imp
Differential Revision:  https://reviews.freebsd.org/D17689

HardenedBSD/hardenedbsd 54461c1. ObsoleteFiles.inc

Remove leading slash from OLD_DIRS assignment in ObsoleteFiles.inc.  The
"make delete-old" mechanism will already take care of such prefixes, and
this prevents a double leading slash from being displayed.
DeltaFile
+1-1ObsoleteFiles.inc
+1-11 files

HardenedBSD/hardenedbsd cf47970sys/vm vm_reserv.c vm_phys.h, sys/x86/x86 busdma_bounce.c busdma_machdep.c

Merge remote-tracking branch 'origin/hardened/current/master' into 
hardened/current/unstable

* origin/hardened/current/master:
  freebsd-update.8: mandoc -Tlint fixes
  freebsd-update: Use BASEDIR when checking for src component
  i386/PAE busdma: allow more bounce pages.
  x86 busdma: fix mis-use of bus_addr_t where vm_paddr_t is assumed.
  MI VM: Make it possible to set size of superpage at boot instead of compile time.

HardenedBSD/hardenedbsd 101529esys/vm vm_reserv.c vm_phys.h, sys/x86/x86 busdma_bounce.c busdma_machdep.c

Merge branch 'freebsd/current/master' into hardened/current/master

* freebsd/current/master:
  freebsd-update.8: mandoc -Tlint fixes
  freebsd-update: Use BASEDIR when checking for src component
  i386/PAE busdma: allow more bounce pages.
  x86 busdma: fix mis-use of bus_addr_t where vm_paddr_t is assumed.
  MI VM: Make it possible to set size of superpage at boot instead of compile time.

HardenedBSD/hardenedbsd 7eea9e2usr.sbin/freebsd-update freebsd-update.8

freebsd-update.8: mandoc -Tlint fixes

PR:            185389
Reported by:    bcr
MFC after:      3 days
Sponsored by:   The FreeBSD Foundation

HardenedBSD/hardenedbsd ba040f8usr.sbin/freebsd-update freebsd-update.sh

freebsd-update: Use BASEDIR when checking for src component

src could potentially be installed under the based dir
and not under the root or vice versa.

PR:            224048
Submitted by:   Gerald Aryeetey <aryeeteygerald_rogers.com>
Reviewed by:    delphij
MFC after:      1 month
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D18849

HardenedBSD/hardenedbsd 3e765dcsys/dev/asmc asmcvar.h asmc.c

Merge remote-tracking branch 'origin/hardened/11-stable/master' into 
hardened/11-stable/unstable

* origin/hardened/11-stable/master:
  MFC r342822:
  MFC r342770:

HardenedBSD/hardenedbsd d0d83e6sys/dev/asmc asmcvar.h asmc.c

Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master

* freebsd/11-stable/master:
  MFC r342822:
  MFC r342770: