Merge ^/head r295351 through r295543.

2016-02-11 20:07:09 +00:00 · 2016-02-11 20:07:09 +00:00 · 4156ce4fed
commit 4156ce4fed
parent 5529affd65 e0c45153ac
1263 changed files with 133994 additions and 22404 deletions
--- a/14
+++ b/14
@ -21,6 +21,7 @@
 # kernel-toolchains   - Build kernel-toolchain for all universe targets.
 # doxygen             - Build API documentation of the kernel, needs doxygen.
 # update              - Convenient way to update your source tree(s).
 # checkworld          - Run test suite on installed world.
 # check-old           - List obsolete directories/files/libraries.
 # check-old-dirs      - List obsolete directories.
 # check-old-files     - List obsolete files.
@ -112,8 +113,8 @@
 .else
 TGTS=	all all-man buildenv buildenvvars buildkernel buildworld \
-	check-old check-old-dirs check-old-files check-old-libs \
+	check check-old check-old-dirs check-old-files check-old-libs \
-	checkdpadd clean cleandepend cleandir cleanworld \
+	checkdpadd checkworld clean cleandepend cleandir cleanworld \
 	delete-old delete-old-dirs delete-old-files delete-old-libs \
 	depend distribute distributekernel distributekernel.debug \
 	distributeworld distrib-dirs distribution doxygen \
@ -121,7 +122,7 @@ TGTS=	all all-man buildenv buildenvvars buildkernel buildworld \
 	installkernel.debug packagekernel packageworld \
 	reinstallkernel reinstallkernel.debug \
 	installworld kernel-toolchain libraries lint maninstall \
-	obj objlink regress rerelease showconfig tags toolchain update \
+	obj objlink rerelease showconfig tags toolchain update \
 	_worldtmp _legacy _bootstrap-tools _cleanobj _obj \
 	_build-tools _cross-tools _includes _libraries _depend \
 	build32 builddtb distribute32 install32 xdev xdev-build xdev-install \
@ -329,6 +330,10 @@ bmake: .PHONY
 		${MMAKE} all; \
 		${MMAKE} install DESTDIR=${MYMAKE:H} BINDIR=
 regress: .PHONY
 	@echo "'make regress' has been renamed 'make check'" | /usr/bin/fmt
 	@false
 tinderbox toolchains kernel-toolchains kernels worlds: upgrade_checks
 tinderbox:
@ -461,7 +466,8 @@ _THINNER=cat
 _THINNER=xargs grep -L "^.NO_UNIVERSE" || true
 .endif
 KERNCONFS!=	cd ${KERNSRCDIR}/${TARGET}/conf && \
-		find [A-Z0-9]*[A-Z0-9] -type f -maxdepth 0 \
+		find [[:upper:][:digit:]]*[[:upper:][:digit:]] \
 		-type f -maxdepth 0 \
 		! -name DEFAULTS ! -name NOTES | \
 		${_THINNER}
 universe_kernconfs:
--- a/Makefile.inc1
+++ b/Makefile.inc1
@ -37,6 +37,7 @@
 # The intended user-driven targets are:
 # buildworld  - rebuild *everything*, including glue to help do upgrades
 # installworld- install everything built by "buildworld"
 # checkworld  - run test suite on installed world
 # doxygen     - build API documentation of the kernel
 # update      - convenient way to update your source tree (eg: svn/svnup)
 #
@ -1322,6 +1323,20 @@ packagekernel:
 .endif
 .endif
 #
 #
 # checkworld
 #
 # Run test suite on installed world.
 #
 checkworld: .PHONY
 	@if [ ! -x ${LOCALBASE}/bin/kyua ]; then \
 		echo "You need kyua (devel/kyua) to run the test suite." | /usr/bin/fmt; \
 		exit 1; \
 	fi
 	${_+_}${LOCALBASE}/bin/kyua test -k ${TESTSBASE}/Kyuafile
 #
 #
 # doxygen
 #
--- a/ObsoleteFiles.inc
+++ b/ObsoleteFiles.inc
@ -121,6 +121,8 @@ OLD_FILES+=usr/lib/clang/3.7.1/lib/freebsd/libclang_rt.ubsan_standalone_cxx-x86_
 OLD_DIRS+=usr/lib/clang/3.7.1/lib/freebsd
 OLD_DIRS+=usr/lib/clang/3.7.1/lib
 OLD_DIRS+=usr/lib/clang/3.7.1
 # 20160211: Remove obsolete unbound-control-setup
 OLD_FILES+=usr/sbin/unbound-control-setup
 # 20160116: Update mandoc to cvs snapshot 20160116
 OLD_FILES+=usr/share/mdocml/example.style.css
 OLD_FILES+=usr/share/mdocml/style.css
--- a/bin/dd/args.c
+++ b/bin/dd/args.c
@ -360,10 +360,10 @@ c_conv(const void *a, const void *b)
 	    ((const struct conv *)b)->name));
 }
-static uintmax_t
+static intmax_t
 postfix_to_mult(const char expr)
 {
-	uintmax_t mult;
+	intmax_t mult;
 	mult = 0;
 	switch (expr) {
@ -407,8 +407,10 @@ postfix_to_mult(const char expr)
 *	3) A positive decimal number followed by a 'k' or 'K' (mult by 1 << 10).
 *	4) A positive decimal number followed by a 'm' or 'M' (mult by 1 << 20).
 *	5) A positive decimal number followed by a 'g' or 'G' (mult by 1 << 30).
- *	5) A positive decimal number followed by a 'w' or 'W' (mult by sizeof int).
+ *	6) A positive decimal number followed by a 't' or 'T' (mult by 1 << 40).
- *	6) Two or more positive decimal numbers (with/without [BbKkMmGgWw])
+ *	7) A positive decimal number followed by a 'p' or 'P' (mult by 1 << 50).
 *	8) A positive decimal number followed by a 'w' or 'W' (mult by sizeof int).
 *	9) Two or more positive decimal numbers (with/without [BbKkMmGgWw])
 *	   separated by 'x' or 'X' (also '*' for backwards compatibility),
 *	   specifying the product of the indicated values.
 */
@ -419,7 +421,7 @@ get_num(const char *val)
 	char *expr;
 	errno = 0;
-	num = strtouq(val, &expr, 0);
+	num = strtoumax(val, &expr, 0);
 	if (errno != 0)				/* Overflow or underflow. */
 		err(1, "%s", oper);
@ -469,7 +471,7 @@ get_off_t(const char *val)
 	char *expr;
 	errno = 0;
-	num = strtoq(val, &expr, 0);
+	num = strtoimax(val, &expr, 0);
 	if (errno != 0)				/* Overflow or underflow. */
 		err(1, "%s", oper);
--- a/bin/pkill/pkill.c
+++ b/bin/pkill/pkill.c
@ -71,7 +71,7 @@ __FBSDID("$FreeBSD$");
 /* Ignore system-processes (if '-S' flag is not specified) and myself. */
 #define	PSKIP(kp)	((kp)->ki_pid == mypid ||			\
-			 (!kthreads && ((kp)->ki_flag & P_KTHREAD) != 0))
+			 (!kthreads && ((kp)->ki_flag & P_KPROC) != 0))
 enum listtype {
 	LT_GENERIC,
--- a/bin/ps/ps.1
+++ b/bin/ps/ps.1
@ -318,7 +318,7 @@ the include file
 .Bl -column P_SINGLE_BOUNDARY 0x40000000
 .It Dv "P_ADVLOCK" Ta No "0x00001" Ta "Process may hold a POSIX advisory lock"
 .It Dv "P_CONTROLT" Ta No "0x00002" Ta "Has a controlling terminal"
-.It Dv "P_KTHREAD" Ta No "0x00004" Ta "Kernel thread"
+.It Dv "P_KPROC" Ta No "0x00004" Ta "Kernel process"
 .It Dv "P_FOLLOWFORK" Ta No "0x00008" Ta "Attach debugger to new children"
 .It Dv "P_PPWAIT" Ta No "0x00010" Ta "Parent is waiting for child to exec/exit"
 .It Dv "P_PROFIL" Ta No "0x00020" Ta "Has started profiling"
--- a/contrib/unbound/Makefile.in
+++ b/contrib/unbound/Makefile.in
@ -95,7 +95,7 @@ PYUNBOUND_SRC=
 # libunbound_wrap.lo if python libunbound wrapper enabled.
 PYUNBOUND_OBJ=@PYUNBOUND_OBJ@
 COMMON_SRC=services/cache/dns.c services/cache/infra.c services/cache/rrset.c \
-util/data/dname.c util/data/msgencode.c util/data/msgparse.c \
+util/as112.c util/data/dname.c util/data/msgencode.c util/data/msgparse.c \
 util/data/msgreply.c util/data/packed_rrset.c iterator/iterator.c \
 iterator/iter_delegpt.c iterator/iter_donotq.c iterator/iter_fwd.c \
 iterator/iter_hints.c iterator/iter_priv.c iterator/iter_resptype.c \
@ -113,7 +113,7 @@ validator/val_neg.c validator/val_nsec3.c validator/val_nsec.c \
 validator/val_secalgo.c validator/val_sigcrypt.c \
 validator/val_utils.c dns64/dns64.c $(CHECKLOCK_SRC) $(DNSTAP_SRC)
 COMMON_OBJ_WITHOUT_NETCALL=dns.lo infra.lo rrset.lo dname.lo msgencode.lo \
-msgparse.lo msgreply.lo packed_rrset.lo iterator.lo iter_delegpt.lo \
+as112.lo msgparse.lo msgreply.lo packed_rrset.lo iterator.lo iter_delegpt.lo \
 iter_donotq.lo iter_fwd.lo iter_hints.lo iter_priv.lo iter_resptype.lo \
 iter_scrub.lo iter_utils.lo localzone.lo mesh.lo modstack.lo \
 outbound_list.lo alloc.lo config_file.lo configlexer.lo configparser.lo \
@ -595,6 +595,7 @@ depend:
 	rm -f $(DEPEND_TMP) $(DEPEND_TMP2)
 # Dependencies
 as112.lo as112.o: $(srcdir)/util/as112.c $(srcdir)/util/as112.h
 dns.lo dns.o: $(srcdir)/services/cache/dns.c config.h $(srcdir)/iterator/iter_delegpt.h $(srcdir)/util/log.h \
 $(srcdir)/validator/val_nsec.h $(srcdir)/util/data/packed_rrset.h $(srcdir)/util/storage/lruhash.h \
 $(srcdir)/util/locks.h $(srcdir)/services/cache/dns.h $(srcdir)/util/data/msgreply.h \
@ -702,7 +703,7 @@ localzone.lo localzone.o: $(srcdir)/services/localzone.c config.h $(srcdir)/serv
 $(srcdir)/sldns/sbuffer.h $(srcdir)/util/regional.h $(srcdir)/util/config_file.h $(srcdir)/util/data/dname.h \
 $(srcdir)/util/storage/lruhash.h $(srcdir)/util/data/packed_rrset.h $(srcdir)/util/data/msgencode.h \
 $(srcdir)/util/net_help.h $(srcdir)/util/netevent.h $(srcdir)/util/data/msgreply.h \
- $(srcdir)/util/data/msgparse.h $(srcdir)/sldns/pkthdr.h
+ $(srcdir)/util/data/msgparse.h $(srcdir)/sldns/pkthdr.h $(srcdir)/util/as112.h
 mesh.lo mesh.o: $(srcdir)/services/mesh.c config.h $(srcdir)/services/mesh.h $(srcdir)/util/rbtree.h \
 $(srcdir)/util/netevent.h $(srcdir)/util/data/msgparse.h $(srcdir)/util/storage/lruhash.h $(srcdir)/util/locks.h \
 $(srcdir)/util/log.h $(srcdir)/sldns/pkthdr.h $(srcdir)/sldns/rrdef.h $(srcdir)/util/module.h \
@ -821,7 +822,7 @@ val_anchor.lo val_anchor.o: $(srcdir)/validator/val_anchor.c config.h $(srcdir)/
 $(srcdir)/util/rbtree.h $(srcdir)/util/locks.h $(srcdir)/util/log.h $(srcdir)/validator/val_sigcrypt.h \
 $(srcdir)/util/data/packed_rrset.h $(srcdir)/util/storage/lruhash.h $(srcdir)/validator/autotrust.h \
 $(srcdir)/util/data/dname.h $(srcdir)/util/net_help.h $(srcdir)/util/config_file.h $(srcdir)/sldns/sbuffer.h \
- $(srcdir)/sldns/rrdef.h $(srcdir)/sldns/str2wire.h
+ $(srcdir)/sldns/rrdef.h $(srcdir)/sldns/str2wire.h $(srcdir)/util/as112.h
 validator.lo validator.o: $(srcdir)/validator/validator.c config.h $(srcdir)/validator/validator.h \
 $(srcdir)/util/module.h $(srcdir)/util/storage/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/log.h \
 $(srcdir)/util/data/msgreply.h $(srcdir)/util/data/packed_rrset.h $(srcdir)/util/data/msgparse.h \
--- a/contrib/unbound/doc/example.conf
+++ b/contrib/unbound/doc/example.conf
@ -508,13 +508,17 @@ server:
 	# local-zone: "8.b.d.0.1.0.0.2.ip6.arpa." nodefault
 	# And for 64.100.in-addr.arpa. to 127.100.in-addr.arpa.
-	# if unbound is running service for the local host then it is useful
+	# If unbound is running service for the local host then it is useful
 	# to perform lan-wide lookups to the upstream, and unblock the
 	# long list of local-zones above.  If this unbound is a dns server
 	# for a network of computers, disabled is better and stops information
 	# leakage of local lan information.
 	# unblock-lan-zones: no
 	# The insecure-lan-zones option disables validation for
 	# these zones, as if they were all listed as domain-insecure.
 	# insecure-lan-zones: no
 	# a number of locally served zones can be configured.
 	# 	local-zone: <zone> <type>
 	# 	local-data: "<resource record string>"
--- a/contrib/unbound/doc/example.conf.in
+++ b/contrib/unbound/doc/example.conf.in
@ -508,13 +508,17 @@ server:
 	# local-zone: "8.b.d.0.1.0.0.2.ip6.arpa." nodefault
 	# And for 64.100.in-addr.arpa. to 127.100.in-addr.arpa.
-	# if unbound is running service for the local host then it is useful
+	# If unbound is running service for the local host then it is useful
 	# to perform lan-wide lookups to the upstream, and unblock the
 	# long list of local-zones above.  If this unbound is a dns server
 	# for a network of computers, disabled is better and stops information
 	# leakage of local lan information.
 	# unblock-lan-zones: no
 	# The insecure-lan-zones option disables validation for
 	# these zones, as if they were all listed as domain-insecure.
 	# insecure-lan-zones: no
 	# a number of locally served zones can be configured.
 	# 	local-zone: <zone> <type>
 	# 	local-data: "<resource record string>"
--- a/contrib/unbound/doc/unbound.conf.5
+++ b/contrib/unbound/doc/unbound.conf.5
@ -841,6 +841,11 @@ as a (DHCP-) DNS network resolver for a group of machines, where such
 lookups should be filtered (RFC compliance), this also stops potential
 data leakage about the local network to the upstream DNS servers.
 .TP
 .B insecure\-lan\-zones: \fI<yesno>
 Default is disabled.  If enabled, then reverse lookups in private
 address space are not validated.  This is usually required whenever
 \fIunblock\-lan\-zones\fR is used.
 .TP
 .B local\-zone: \fI<zone> <type>
 Configure a local zone. The type determines the answer to give if
 there is no match from local\-data. The types are deny, refuse, static,
--- a/contrib/unbound/doc/unbound.conf.5.in
+++ b/contrib/unbound/doc/unbound.conf.5.in
@ -841,6 +841,11 @@ as a (DHCP-) DNS network resolver for a group of machines, where such
 lookups should be filtered (RFC compliance), this also stops potential
 data leakage about the local network to the upstream DNS servers.
 .TP
 .B insecure\-lan\-zones: \fI<yesno>
 Default is disabled.  If enabled, then reverse lookups in private
 address space are not validated.  This is usually required whenever
 \fIunblock\-lan\-zones\fR is used.
 .TP
 .B local\-zone: \fI<zone> <type>
 Configure a local zone. The type determines the answer to give if
 there is no match from local\-data. The types are deny, refuse, static,
--- a/contrib/unbound/services/localzone.c
+++ b/contrib/unbound/services/localzone.c
@ -51,6 +51,7 @@
 #include "util/netevent.h"
 #include "util/data/msgreply.h"
 #include "util/data/msgparse.h"
 #include "util/as112.h"
 struct local_zones* 
 local_zones_create(void)
@ -592,6 +593,7 @@ static int
 lz_enter_defaults(struct local_zones* zones, struct config_file* cfg)
 {
 	struct local_zone* z;
 	const char** zstr;
 	/* this list of zones is from RFC 6303 */
@ -654,110 +656,14 @@ lz_enter_defaults(struct local_zones* zones, struct config_file* cfg)
 		lock_rw_unlock(&z->lock);
 	}
-	/* if unblock lan-zones, then do not add the zones below.
+	/* block AS112 zones, unless asked not to */
-	 * we do add the zones above, about 127.0.0.1, because localhost is
+	if(!cfg->unblock_lan_zones) {
-	 * not on the lan. */
+		for(zstr = as112_zones; *zstr; zstr++) {
-	if(cfg->unblock_lan_zones)
+			if(!add_as112_default(zones, cfg, *zstr)) {
-		return 1;
+				log_err("out of memory adding default zone");
-
+				return 0;
-	/* block LAN level zones */
+			}
-	if (	!add_as112_default(zones, cfg, "10.in-addr.arpa.") ||
+		}
 		!add_as112_default(zones, cfg, "16.172.in-addr.arpa.") ||
 		!add_as112_default(zones, cfg, "17.172.in-addr.arpa.") ||
 		!add_as112_default(zones, cfg, "18.172.in-addr.arpa.") ||
 		!add_as112_default(zones, cfg, "19.172.in-addr.arpa.") ||
 		!add_as112_default(zones, cfg, "20.172.in-addr.arpa.") ||
 		!add_as112_default(zones, cfg, "21.172.in-addr.arpa.") ||
 		!add_as112_default(zones, cfg, "22.172.in-addr.arpa.") ||
 		!add_as112_default(zones, cfg, "23.172.in-addr.arpa.") ||
 		!add_as112_default(zones, cfg, "24.172.in-addr.arpa.") ||
 		!add_as112_default(zones, cfg, "25.172.in-addr.arpa.") ||
 		!add_as112_default(zones, cfg, "26.172.in-addr.arpa.") ||
 		!add_as112_default(zones, cfg, "27.172.in-addr.arpa.") ||
 		!add_as112_default(zones, cfg, "28.172.in-addr.arpa.") ||
 		!add_as112_default(zones, cfg, "29.172.in-addr.arpa.") ||
 		!add_as112_default(zones, cfg, "30.172.in-addr.arpa.") ||
 		!add_as112_default(zones, cfg, "31.172.in-addr.arpa.") ||
 		!add_as112_default(zones, cfg, "168.192.in-addr.arpa.") ||
 		!add_as112_default(zones, cfg, "0.in-addr.arpa.") ||
 		!add_as112_default(zones, cfg, "64.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "65.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "66.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "67.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "68.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "69.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "70.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "71.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "72.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "73.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "74.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "75.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "76.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "77.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "78.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "79.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "80.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "81.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "82.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "83.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "84.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "85.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "86.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "87.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "88.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "89.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "90.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "91.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "92.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "93.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "94.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "95.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "96.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "97.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "98.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "99.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "100.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "101.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "102.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "103.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "104.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "105.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "106.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "107.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "108.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "109.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "110.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "111.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "112.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "113.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "114.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "115.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "116.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "117.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "118.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "119.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "120.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "121.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "122.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "123.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "124.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "125.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "126.100.in-addr.arpa.") ||
      		!add_as112_default(zones, cfg, "127.100.in-addr.arpa.") ||
 		!add_as112_default(zones, cfg, "254.169.in-addr.arpa.") ||
 		!add_as112_default(zones, cfg, "2.0.192.in-addr.arpa.") ||
 		!add_as112_default(zones, cfg, "100.51.198.in-addr.arpa.") ||
 		!add_as112_default(zones, cfg, "113.0.203.in-addr.arpa.") ||
 		!add_as112_default(zones, cfg, "255.255.255.255.in-addr.arpa.") ||
 		!add_as112_default(zones, cfg, "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa.") ||
 		!add_as112_default(zones, cfg, "d.f.ip6.arpa.") ||
 		!add_as112_default(zones, cfg, "8.e.f.ip6.arpa.") ||
 		!add_as112_default(zones, cfg, "9.e.f.ip6.arpa.") ||
 		!add_as112_default(zones, cfg, "a.e.f.ip6.arpa.") ||
 		!add_as112_default(zones, cfg, "b.e.f.ip6.arpa.") ||
 		!add_as112_default(zones, cfg, "8.b.d.0.1.0.0.2.ip6.arpa.")) {
 		log_err("out of memory adding default zone");
 		return 0;
 	}
 	return 1;
 }
--- a/contrib/unbound/util/as112.c
+++ b/contrib/unbound/util/as112.c
@ -0,0 +1,143 @@
 /*
 * util/as112.c - list of local zones.
 *
 * Copyright (c) 2007, NLnet Labs. All rights reserved.
 *
 * This software is open source.
 * 
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 
 * Redistributions of source code must retain the above copyright notice,
 * this list of conditions and the following disclaimer.
 * 
 * Redistributions in binary form must reproduce the above copyright notice,
 * this list of conditions and the following disclaimer in the documentation
 * and/or other materials provided with the distribution.
 * 
 * Neither the name of the NLNET LABS nor the names of its contributors may
 * be used to endorse or promote products derived from this software without
 * specific prior written permission.
 * 
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */
 /**
 * \file
 *
 * This file provides a list of lan zones.
 */
 #include "util/as112.h"
 static const char* as112_zone_array[] = {
 	"10.in-addr.arpa.",
 	"16.172.in-addr.arpa.",
 	"17.172.in-addr.arpa.",
 	"18.172.in-addr.arpa.",
 	"19.172.in-addr.arpa.",
 	"20.172.in-addr.arpa.",
 	"21.172.in-addr.arpa.",
 	"22.172.in-addr.arpa.",
 	"23.172.in-addr.arpa.",
 	"24.172.in-addr.arpa.",
 	"25.172.in-addr.arpa.",
 	"26.172.in-addr.arpa.",
 	"27.172.in-addr.arpa.",
 	"28.172.in-addr.arpa.",
 	"29.172.in-addr.arpa.",
 	"30.172.in-addr.arpa.",
 	"31.172.in-addr.arpa.",
 	"168.192.in-addr.arpa.",
 	"0.in-addr.arpa.",
 	"64.100.in-addr.arpa.",
 	"65.100.in-addr.arpa.",
 	"66.100.in-addr.arpa.",
 	"67.100.in-addr.arpa.",
 	"68.100.in-addr.arpa.",
 	"69.100.in-addr.arpa.",
 	"70.100.in-addr.arpa.",
 	"71.100.in-addr.arpa.",
 	"72.100.in-addr.arpa.",
 	"73.100.in-addr.arpa.",
 	"74.100.in-addr.arpa.",
 	"75.100.in-addr.arpa.",
 	"76.100.in-addr.arpa.",
 	"77.100.in-addr.arpa.",
 	"78.100.in-addr.arpa.",
 	"79.100.in-addr.arpa.",
 	"80.100.in-addr.arpa.",
 	"81.100.in-addr.arpa.",
 	"82.100.in-addr.arpa.",
 	"83.100.in-addr.arpa.",
 	"84.100.in-addr.arpa.",
 	"85.100.in-addr.arpa.",
 	"86.100.in-addr.arpa.",
 	"87.100.in-addr.arpa.",
 	"88.100.in-addr.arpa.",
 	"89.100.in-addr.arpa.",
 	"90.100.in-addr.arpa.",
 	"91.100.in-addr.arpa.",
 	"92.100.in-addr.arpa.",
 	"93.100.in-addr.arpa.",
 	"94.100.in-addr.arpa.",
 	"95.100.in-addr.arpa.",
 	"96.100.in-addr.arpa.",
 	"97.100.in-addr.arpa.",
 	"98.100.in-addr.arpa.",
 	"99.100.in-addr.arpa.",
 	"100.100.in-addr.arpa.",
 	"101.100.in-addr.arpa.",
 	"102.100.in-addr.arpa.",
 	"103.100.in-addr.arpa.",
 	"104.100.in-addr.arpa.",
 	"105.100.in-addr.arpa.",
 	"106.100.in-addr.arpa.",
 	"107.100.in-addr.arpa.",
 	"108.100.in-addr.arpa.",
 	"109.100.in-addr.arpa.",
 	"110.100.in-addr.arpa.",
 	"111.100.in-addr.arpa.",
 	"112.100.in-addr.arpa.",
 	"113.100.in-addr.arpa.",
 	"114.100.in-addr.arpa.",
 	"115.100.in-addr.arpa.",
 	"116.100.in-addr.arpa.",
 	"117.100.in-addr.arpa.",
 	"118.100.in-addr.arpa.",
 	"119.100.in-addr.arpa.",
 	"120.100.in-addr.arpa.",
 	"121.100.in-addr.arpa.",
 	"122.100.in-addr.arpa.",
 	"123.100.in-addr.arpa.",
 	"124.100.in-addr.arpa.",
 	"125.100.in-addr.arpa.",
 	"126.100.in-addr.arpa.",
 	"127.100.in-addr.arpa.",
 	"254.169.in-addr.arpa.",
 	"2.0.192.in-addr.arpa.",
 	"100.51.198.in-addr.arpa.",
 	"113.0.203.in-addr.arpa.",
 	"255.255.255.255.in-addr.arpa.",
 	"0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa.",
 	"d.f.ip6.arpa.",
 	"8.e.f.ip6.arpa.",
 	"9.e.f.ip6.arpa.",
 	"a.e.f.ip6.arpa.",
 	"b.e.f.ip6.arpa.",
 	"8.b.d.0.1.0.0.2.ip6.arpa.",
 	0
 };
 const char** as112_zones = as112_zone_array;
--- a/contrib/unbound/util/as112.h
+++ b/contrib/unbound/util/as112.h
@ -0,0 +1,57 @@
 /*
 * util/as112.c - list of local zones.
 *
 * Copyright (c) 2007, NLnet Labs. All rights reserved.
 *
 * This software is open source.
 * 
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 
 * Redistributions of source code must retain the above copyright notice,
 * this list of conditions and the following disclaimer.
 * 
 * Redistributions in binary form must reproduce the above copyright notice,
 * this list of conditions and the following disclaimer in the documentation
 * and/or other materials provided with the distribution.
 * 
 * Neither the name of the NLNET LABS nor the names of its contributors may
 * be used to endorse or promote products derived from this software without
 * specific prior written permission.
 * 
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */
 /**
 * \file
 *
 * This file provides a list of lan zones
 */
 #ifndef UTIL_AS112_H
 #define UTIL_AS112_H
 /** 
 * Array of text-format domain names of the AS112 zones.
 * The array ends with NULL.  "AS112" is a service on the internet that
 * that this array is named after.  The names in this list (or some of them)
 * are null-routed by this service to avoid load on central servers caused by
 * mistaken lookups for local content on the global internet.
 *
 * This is the list of names that unbound should not normally be sending
 * on towards the internet, because they are local-use.
 */
 extern const char** as112_zones;
 #endif
--- a/contrib/unbound/util/config_file.c
+++ b/contrib/unbound/util/config_file.c
@ -210,6 +210,7 @@ config_create(void)
 	cfg->local_zones_nodefault = NULL;
 	cfg->local_data = NULL;
 	cfg->unblock_lan_zones = 0;
 	cfg->insecure_lan_zones = 0;
 	cfg->python_script = NULL;
 	cfg->remote_control_enable = 0;
 	cfg->control_ifs = NULL;
@ -458,6 +459,7 @@ int config_set_option(struct config_file* cfg, const char* opt,
 	else S_YNO("rrset-roundrobin:", rrset_roundrobin)
 	else S_STRLIST("local-data:", local_data)
 	else S_YNO("unblock-lan-zones:", unblock_lan_zones)
 	else S_YNO("insecure-lan-zones:", insecure_lan_zones)
 	else S_YNO("control-enable:", remote_control_enable)
 	else S_STRLIST("control-interface:", control_ifs)
 	else S_NUMBER_NONZERO("control-port:", control_port)
@ -739,6 +741,7 @@ config_get_option(struct config_file* cfg, const char* opt,
 	else O_YNO(opt, "minimal-responses", minimal_responses)
 	else O_YNO(opt, "rrset-roundrobin", rrset_roundrobin)
 	else O_YNO(opt, "unblock-lan-zones", unblock_lan_zones)
 	else O_YNO(opt, "insecure-lan-zones", insecure_lan_zones)
 	else O_DEC(opt, "max-udp-size", max_udp_size)
 	else O_STR(opt, "python-script", python_script)
 	else O_DEC(opt, "ratelimit", ratelimit)
--- a/contrib/unbound/util/config_file.h
+++ b/contrib/unbound/util/config_file.h
@ -285,8 +285,10 @@ struct config_file {
 	struct config_strlist* local_zones_nodefault;
 	/** local data RRs configured */
 	struct config_strlist* local_data;
-	/** unblock lan zones (reverse lookups for 10/8 and so on) */
+	/** unblock lan zones (reverse lookups for AS112 zones) */
 	int unblock_lan_zones;
 	/** insecure lan zones (don't validate AS112 zones) */
 	int insecure_lan_zones;
 	/** remote control section. enable toggle. */
 	int remote_control_enable;
--- a/contrib/unbound/util/configlexer.lex
+++ b/contrib/unbound/util/configlexer.lex
@ -321,6 +321,7 @@ local-zone{COLON}		{ YDVAR(2, VAR_LOCAL_ZONE) }
 local-data{COLON}		{ YDVAR(1, VAR_LOCAL_DATA) }
 local-data-ptr{COLON}		{ YDVAR(1, VAR_LOCAL_DATA_PTR) }
 unblock-lan-zones{COLON}	{ YDVAR(1, VAR_UNBLOCK_LAN_ZONES) }
 insecure-lan-zones{COLON}	{ YDVAR(1, VAR_INSECURE_LAN_ZONES) }
 statistics-interval{COLON}	{ YDVAR(1, VAR_STATISTICS_INTERVAL) }
 statistics-cumulative{COLON}	{ YDVAR(1, VAR_STATISTICS_CUMULATIVE) }
 extended-statistics{COLON}	{ YDVAR(1, VAR_EXTENDED_STATISTICS) }
--- a/contrib/unbound/util/configparser.y
+++ b/contrib/unbound/util/configparser.y
@ -106,7 +106,8 @@ extern struct config_parser_state* cfg_parser;
 %token VAR_IGNORE_CD_FLAG VAR_LOG_QUERIES VAR_TCP_UPSTREAM VAR_SSL_UPSTREAM
 %token VAR_SSL_SERVICE_KEY VAR_SSL_SERVICE_PEM VAR_SSL_PORT VAR_FORWARD_FIRST
 %token VAR_STUB_FIRST VAR_MINIMAL_RESPONSES VAR_RRSET_ROUNDROBIN
-%token VAR_MAX_UDP_SIZE VAR_DELAY_CLOSE VAR_UNBLOCK_LAN_ZONES
+%token VAR_MAX_UDP_SIZE VAR_DELAY_CLOSE
 %token VAR_UNBLOCK_LAN_ZONES VAR_INSECURE_LAN_ZONES
 %token VAR_INFRA_CACHE_MIN_RTT
 %token VAR_DNS64_PREFIX VAR_DNS64_SYNTHALL
 %token VAR_DNSTAP VAR_DNSTAP_ENABLE VAR_DNSTAP_SOCKET_PATH
@ -180,7 +181,8 @@ content_server: server_num_threads | server_verbosity | server_port |
 	server_log_queries | server_tcp_upstream | server_ssl_upstream |
 	server_ssl_service_key | server_ssl_service_pem | server_ssl_port |
 	server_minimal_responses | server_rrset_roundrobin | server_max_udp_size |
-	server_so_reuseport | server_delay_close | server_unblock_lan_zones |
+	server_so_reuseport | server_delay_close |
 	server_unblock_lan_zones | server_insecure_lan_zones |
 	server_dns64_prefix | server_dns64_synthall |
 	server_infra_cache_min_rtt | server_harden_algo_downgrade |
 	server_ip_transparent | server_ratelimit | server_ratelimit_slabs |
@ -722,6 +724,16 @@ server_unblock_lan_zones: VAR_UNBLOCK_LAN_ZONES STRING_ARG
 		free($2);
 	}
 	;
 server_insecure_lan_zones: VAR_INSECURE_LAN_ZONES STRING_ARG
 	{
 		OUTYY(("P(server_insecure_lan_zones:%s)\n", $2));
 		if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 			yyerror("expected yes or no.");
 		else cfg_parser->cfg->insecure_lan_zones = 
 			(strcmp($2, "yes")==0);
 		free($2);
 	}
 	;
 server_rrset_cache_size: VAR_RRSET_CACHE_SIZE STRING_ARG
 	{
 		OUTYY(("P(server_rrset_cache_size:%s)\n", $2));
--- a/contrib/unbound/validator/val_anchor.c
+++ b/contrib/unbound/validator/val_anchor.c
@ -48,6 +48,7 @@
 #include "util/log.h"
 #include "util/net_help.h"
 #include "util/config_file.h"
 #include "util/as112.h"
 #include "sldns/sbuffer.h"
 #include "sldns/rrdef.h"
 #include "sldns/str2wire.h"
@ -1044,8 +1045,18 @@ int
 anchors_apply_cfg(struct val_anchors* anchors, struct config_file* cfg)
 {
 	struct config_strlist* f;
 	const char** zstr;
 	char* nm;
 	sldns_buffer* parsebuf = sldns_buffer_new(65535);
 	if(cfg->insecure_lan_zones) {
 		for(zstr = as112_zones; *zstr; zstr++) {
 			if(!anchor_insert_insecure(anchors, *zstr)) {
 				log_err("error in insecure-lan-zones: %s", *zstr);
 				sldns_buffer_free(parsebuf);
 				return 0;
 			}
 		}
 	}
 	for(f = cfg->domain_insecure; f; f = f->next) {
 		if(!f->str || f->str[0] == 0) /* empty "" */
 			continue;
--- a/etc/defaults/rc.conf
+++ b/etc/defaults/rc.conf
@ -694,6 +694,7 @@ iovctl_files=""		# Config files for iovctl(8)
 jail_enable="NO"	# Set to NO to disable starting of any jails
 jail_parallel_start="NO"	# Start jails in the background
 jail_list=""		# Space separated list of names of jails
 jail_reverse_stop="NO"	# Stop jails in reverse order
 ##############################################################
 ### Define source_rc_confs, the mechanism used by /etc/rc.* ##
--- a/etc/periodic/security/520.pfdenied
+++ b/etc/periodic/security/520.pfdenied
@ -44,7 +44,7 @@ rc=0
 if check_yesno_period security_status_pfdenied_enable
 then
 	TMP=`mktemp -t security`
-	if pfctl -sr -v 2>/dev/null | nawk '{if (/^block/) {buf=$0; getline; gsub(" +"," ",$0); if ($5 > 0) print buf$0;} }' > ${TMP}; then
+	if pfctl -sr -v -z 2>/dev/null | nawk '{if (/^block/) {buf=$0; getline; gsub(" +"," ",$0); if ($5 > 0) print buf$0;} }' > ${TMP}; then
 	  check_diff new_only pf ${TMP} "${host} pf denied packets:"
 	fi
 	rc=$?
--- a/etc/rc.d/jail
+++ b/etc/rc.d/jail
@ -521,7 +521,11 @@ jail_stop()
 		command=$jail_program
 		rc_flags=$jail_flags
 		command_args="-f $jail_conf -r"
-		$jail_jls name | while read _j; do
+		if checkyesno jail_reverse_stop; then
 			$jail_jls name | tail -r
 		else
 			$jail_jls name
 		fi | while read _j; do
 			echo -n " $_j"
 			_tmp=`mktemp -t jail` || exit 3
 			$command $rc_flags $command_args $_j >> $_tmp 2>&1
@ -536,6 +540,7 @@ jail_stop()
 		return
 	;;
 	esac
 	checkyesno jail_reverse_stop && set -- $(reverse_list $@)
 	for _j in $@; do
 		_j=$(echo $_j | tr /. _)
 		_jv=$(echo -n $_j | tr -c '[:alnum:]' _)
@ -571,5 +576,6 @@ jail_warn()
 load_rc_config $name
 case $# in
 1)	run_rc_command $@ ${jail_list:-_ALL} ;;
-*)	run_rc_command $@ ;;
+*)	jail_reverse_stop="no"
 	run_rc_command $@ ;;
 esac
--- a/etc/rc.d/ntpd
+++ b/etc/rc.d/ntpd
@ -28,14 +28,14 @@ ntpd_precmd()
 		rc_flags="-g $rc_flags"
 	fi
 	if [ -z "$ntpd_chrootdir" ]; then
 		return 0;
 	fi
 	if [ ! -f $ntp_db_leapfile ]; then
 		ntpd_fetch_leapfile
 	fi
 	if [ -z "$ntpd_chrootdir" ]; then
 		return 0;
 	fi
 	# If running in a chroot cage, ensure that the appropriate files
 	# exist inside the cage, as well as helper symlinks into the cage
 	# from outside.
--- a/lib/libc/gen/elf_utils.c
+++ b/lib/libc/gen/elf_utils.c
@ -32,6 +32,7 @@
 #include <sys/sysctl.h>
 #include <link.h>
 #include <stddef.h>
 #include "libc_private.h"
 int __elf_phdr_match_addr(struct dl_phdr_info *, void *);
 void __pthread_map_stacks_exec(void);
@ -54,9 +55,8 @@ __elf_phdr_match_addr(struct dl_phdr_info *phdr_info, void *addr)
 	return (i != phdr_info->dlpi_phnum);
 }
 #pragma weak __pthread_map_stacks_exec
 void
-__pthread_map_stacks_exec(void)
+__libc_map_stacks_exec(void)
 {
 	int mib[2];
 	struct rlimit rlim;
@ -75,3 +75,10 @@ __pthread_map_stacks_exec(void)
 	    rlim.rlim_cur, _rtld_get_stack_prot());
 }
 #pragma weak __pthread_map_stacks_exec
 void
 __pthread_map_stacks_exec(void)
 {
 	((void (*)(void))__libc_interposing[INTERPOS_map_stacks_exec])();
 }
--- a/lib/libc/include/libc_private.h
+++ b/lib/libc/include/libc_private.h
@ -224,6 +224,7 @@ enum {
 	INTERPOS_kevent,
 	INTERPOS_wait6,
 	INTERPOS_ppoll,
 	INTERPOS_map_stacks_exec,
 	INTERPOS_MAX
 };
@ -381,6 +382,7 @@ int _elf_aux_info(int aux, void *buf, int buflen);
 struct dl_phdr_info;
 int __elf_phdr_match_addr(struct dl_phdr_info *, void *);
 void __init_elf_aux_vector(void);
 void __libc_map_stacks_exec(void);
 void	_pthread_cancel_enter(int);
 void	_pthread_cancel_leave(int);
--- a/lib/libc/sys/interposing_table.c
+++ b/lib/libc/sys/interposing_table.c
@ -78,6 +78,7 @@ interpos_func_t __libc_interposing[INTERPOS_MAX] = {
 	SLOT(kevent, __sys_kevent),
 	SLOT(wait6, __sys_wait6),
 	SLOT(ppoll, __sys_ppoll),
 	SLOT(map_stacks_exec, __libc_map_stacks_exec),
 };
 #undef SLOT
--- a/lib/libc/sys/jail.2
+++ b/lib/libc/sys/jail.2
@ -405,7 +405,6 @@ system calls appeared in
 The jail feature was written by
 .An Poul-Henning Kamp
 for R&D Associates
 .Dq Li http://www.rndassociates.com/
 who contributed it to
 .Fx .
 .An James Gritton
--- a/lib/libc/sys/semget.2
+++ b/lib/libc/sys/semget.2
@ -25,7 +25,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd September 12, 1995
+.Dd February 7, 2016
 .Dt SEMGET 2
 .Os
 .Sh NAME
@ -132,6 +132,17 @@ already exists.
 .It Bq Er EINVAL
 The number of semaphores requested exceeds the system imposed maximum
 per set.
 .It Bq Er EINVAL
 A semaphore set corresponding to
 .Fa key
 already exists and contains fewer semaphores than
 .Fa nsems .
 .It Bq Er EINVAL
 A semaphore set corresponding to
 .Fa key
 does not exist and
 .Fa nsems
 is 0 or negative.
 .It Bq Er ENOSPC
 Insufficiently many semaphores are available.
 .It Bq Er ENOSPC
--- a/lib/libedit/editline.3
+++ b/lib/libedit/editline.3
@ -1,4 +1,4 @@
-.\"	$NetBSD: editline.3,v 1.84 2014/12/25 13:39:41 wiz Exp $
+.\"	$NetBSD: editline.3,v 1.85 2015/11/03 21:36:59 christos Exp $
 .\"
 .\" Copyright (c) 1997-2014 The NetBSD Foundation, Inc.
 .\" All rights reserved.
@ -28,7 +28,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd December 25, 2014
+.Dd November 3, 2015
 .Dt EDITLINE 3
 .Os
 .Sh NAME
@ -191,7 +191,7 @@ counterparts.
 The following functions are available:
 .Bl -tag -width 4n
 .It Fn el_init
-Initialise the line editor, and return a data structure
+Initialize the line editor, and return a data structure
 to be used by all other line editing functions, or
 .Dv NULL
 on failure.
@ -521,61 +521,68 @@ are supported, along with actual type of
 .Fa result :
 .Bl -tag -width 4n
 .It Dv EL_PROMPT , Fa "char *(*f)(EditLine *)" , Fa "char *c"
-Return a pointer to the function that displays the prompt in
+Set
 .Fa f .
 to a pointer to the function that displays the prompt.
 If
 .Fa c
 is not
 .Dv NULL ,
-return the start/stop literal prompt character in it.
+set it to the start/stop literal prompt character.
 .It Dv EL_RPROMPT , Fa "char *(*f)(EditLine *)" , Fa "char *c"
-Return a pointer to the function that displays the prompt in
+Set
 .Fa f .
 to a pointer to the function that displays the prompt.
 If
 .Fa c
 is not
 .Dv NULL ,
-return the start/stop literal prompt character in it.
+set it to the start/stop literal prompt character.
-.It Dv EL_EDITOR , Fa "const char **"
+.It Dv EL_EDITOR , Fa "const char **n"
-Return the name of the editor, which will be one of
+Set the name of the editor in
 .Fa n ,
 which will be one of
 .Dq emacs
 or
 .Dq vi .
 .It Dv EL_GETTC , Fa "const char *name" , Fa "void *value"
-Return non-zero if
+If
 .Fa name
 is a valid
 .Xr termcap 5
-capability
+capability set
 and set
 .Fa value
 to the current value of that capability.
-.It Dv EL_SIGNAL , Fa "int *"
+.It Dv EL_SIGNAL , Fa "int *s"
-Return non-zero if
+Set
 .Fa s
 to non zero if
 .Nm
 has installed private signal handlers (see
 .Fn el_get
 above).
-.It Dv EL_EDITMODE , Fa "int *"
+.It Dv EL_EDITMODE , Fa "int *c"
-Return non-zero if editing is enabled.
+Set
 .Fa c
 to non-zero if editing is enabled.
 .It Dv EL_GETCFN , Fa "int (**f)(EditLine *, char *)"
 Return a pointer to the function that read characters, which is equal to
 .Dq Dv EL_BUILTIN_GETCFN
 in the case of the default builtin function.
 .It Dv EL_CLIENTDATA , Fa "void **data"
-Retrieve
+Set
 .Fa data
-previously registered with the corresponding
+to the previously registered client data set by an
 .Fn el_set
 call.
-.It Dv EL_UNBUFFERED , Fa "int"
+.It Dv EL_UNBUFFERED , Fa "int *c"
-Return non-zero if unbuffered mode is enabled.
+Set
-.It Dv EL_PREP_TERM , Fa "int"
+.Fa c
-Sets or clears terminal editing mode.
+to non-zero if unbuffered mode is enabled.
 .It Dv EL_GETFP , Fa "int fd", Fa "FILE **fp"
-Return in
+Set
 .Fa fp
-the current
+to the current
 .Nm editline
 file pointer for
 .Dq input
@ -593,7 +600,7 @@ or
 .Dv 2 .
 .El
 .It Fn el_source
-Initialise
+Initialize
 .Nm
 by reading the contents of
 .Fa file .
@ -671,7 +678,7 @@ and freed by
 The following functions are available:
 .Bl -tag -width 4n
 .It Fn history_init
-Initialise the history list, and return a data structure
+Initialize the history list, and return a data structure
 to be used by all other history list functions, or
 .Dv NULL
 on failure.
@ -810,7 +817,7 @@ and freed by
 The following functions are available:
 .Bl -tag -width 4n
 .It Fn tok_init
-Initialise the tokenizer, and return a data structure
+Initialize the tokenizer, and return a data structure
 to be used by all other tokenizer functions.
 .Fa IFS
 contains the Input Field Separators, which defaults to
--- a/lib/libedit/el.c
+++ b/lib/libedit/el.c
@ -1,4 +1,4 @@
-/*	$NetBSD: el.c,v 1.73 2014/06/18 18:12:28 christos Exp $	*/
+/*	$NetBSD: el.c,v 1.74 2015/12/08 12:56:55 christos Exp $	*/
 /*-
 * Copyright (c) 1992, 1993
@ -37,7 +37,7 @@
 #if 0
 static char sccsid[] = "@(#)el.c	8.2 (Berkeley) 1/3/94";
 #else
-__RCSID("$NetBSD: el.c,v 1.73 2014/06/18 18:12:28 christos Exp $");
+__RCSID("$NetBSD: el.c,v 1.74 2015/12/08 12:56:55 christos Exp $");
 #endif
 #endif /* not lint && not SCCSID */
 #include <sys/cdefs.h>
@ -137,7 +137,8 @@ el_end(EditLine *el)
 	terminal_end(el);
 	keymacro_end(el);
 	map_end(el);
-	tty_end(el);
+	if (!(el->el_flags & NO_TTY))
 		tty_end(el);
 	ch_end(el);
 	search_end(el);
 	hist_end(el);
--- a/lib/libedit/hist.h
+++ b/lib/libedit/hist.h
@ -1,4 +1,4 @@
-/*	$NetBSD: hist.h,v 1.14 2014/05/11 01:05:17 christos Exp $	*/
+/*	$NetBSD: hist.h,v 1.15 2016/01/30 15:05:27 christos Exp $	*/
 /*-
 * Copyright (c) 1992, 1993
@ -47,10 +47,10 @@ typedef int (*hist_fun_t)(void *, TYPE(HistEvent) *, int, ...);
 typedef struct el_history_t {
 	Char		*buf;		/* The history buffer		*/
-	size_t		sz;		/* Size of history buffer	*/
+	size_t		 sz;		/* Size of history buffer	*/
 	Char		*last;		/* The last character		*/
 	int		 eventno;	/* Event we are looking for	*/
-	void *		 ref;		/* Argument for history fcns	*/
+	void		*ref;		/* Argument for history fcns	*/
 	hist_fun_t	 fun;		/* Event access			*/
 	TYPE(HistEvent)	 ev;		/* Event cookie			*/
 } el_history_t;
--- a/lib/libedit/keymacro.h
+++ b/lib/libedit/keymacro.h
@ -1,4 +1,4 @@
-/*	$NetBSD: keymacro.h,v 1.2 2011/07/28 03:44:36 christos Exp $	*/
+/*	$NetBSD: keymacro.h,v 1.3 2016/01/29 19:59:11 christos Exp $	*/
 /*-
 * Copyright (c) 1992, 1993
@ -48,7 +48,7 @@ typedef union keymacro_value_t {
 typedef struct keymacro_node_t keymacro_node_t;
-typedef struct el_keymacromacro_t {
+typedef struct el_keymacro_t {
 	Char		*buf;	/* Key print buffer		*/
 	keymacro_node_t	*map;	/* Key map			*/
 	keymacro_value_t val;	/* Local conversion buffer	*/
--- a/lib/libedit/search.c
+++ b/lib/libedit/search.c
@ -1,4 +1,4 @@
-/*	$NetBSD: search.c,v 1.30 2011/10/04 15:27:04 christos Exp $	*/
+/*	$NetBSD: search.c,v 1.31 2016/01/30 04:02:51 christos Exp $	*/
 /*-
 * Copyright (c) 1992, 1993
@ -37,7 +37,7 @@
 #if 0
 static char sccsid[] = "@(#)search.c	8.1 (Berkeley) 6/4/93";
 #else
-__RCSID("$NetBSD: search.c,v 1.30 2011/10/04 15:27:04 christos Exp $");
+__RCSID("$NetBSD: search.c,v 1.31 2016/01/30 04:02:51 christos Exp $");
 #endif
 #endif /* not lint && not SCCSID */
 #include <sys/cdefs.h>
@ -149,7 +149,7 @@ el_match(const Char *str, const Char *pat)
 	if (re_comp(ct_encode_string(pat, &conv)) != NULL)
 		return 0;
 	else
-		return re_exec(ct_encode_string(str, &conv) == 1);
+		return re_exec(ct_encode_string(str, &conv)) == 1;
 #endif
 }
--- a/lib/libedit/tokenizer.c
+++ b/lib/libedit/tokenizer.c
@ -1,4 +1,4 @@
-/*	$NetBSD: tokenizer.c,v 1.21 2011/08/16 16:25:15 christos Exp $	*/
+/*	$NetBSD: tokenizer.c,v 1.22 2016/01/30 04:02:51 christos Exp $	*/
 /*-
 * Copyright (c) 1992, 1993
@ -37,7 +37,7 @@
 #if 0
 static char sccsid[] = "@(#)tokenizer.c	8.1 (Berkeley) 6/4/93";
 #else
-__RCSID("$NetBSD: tokenizer.c,v 1.21 2011/08/16 16:25:15 christos Exp $");
+__RCSID("$NetBSD: tokenizer.c,v 1.22 2016/01/30 04:02:51 christos Exp $");
 #endif
 #endif /* not lint && not SCCSID */
 #include <sys/cdefs.h>
@ -448,5 +448,5 @@ FUN(tok,str)(TYPE(Tokenizer) *tok, const Char *line, int *argc,
 	memset(&li, 0, sizeof(li));
 	li.buffer = line;
 	li.cursor = li.lastchar = Strchr(line, '\0');
-	return FUN(tok,line(tok, &li, argc, argv, NULL, NULL));
+	return FUN(tok,line)(tok, &li, argc, argv, NULL, NULL);
 }
--- a/lib/libedit/tty.c
+++ b/lib/libedit/tty.c
@ -1,4 +1,4 @@
-/*	$NetBSD: tty.c,v 1.47 2015/05/14 10:44:15 christos Exp $	*/
+/*	$NetBSD: tty.c,v 1.49 2015/12/08 16:53:27 gson Exp $	*/
 /*-
 * Copyright (c) 1992, 1993
@ -37,7 +37,7 @@
 #if 0
 static char sccsid[] = "@(#)tty.c	8.1 (Berkeley) 6/4/93";
 #else
-__RCSID("$NetBSD: tty.c,v 1.47 2015/05/14 10:44:15 christos Exp $");
+__RCSID("$NetBSD: tty.c,v 1.49 2015/12/08 16:53:27 gson Exp $");
 #endif
 #endif /* not lint && not SCCSID */
 #include <sys/cdefs.h>
@ -582,6 +582,9 @@ protected void
 /*ARGSUSED*/
 tty_end(EditLine *el)
 {
 	if (el->el_flags & EDIT_DISABLED)
 		return;
 	if (tty_setty(el, TCSAFLUSH, &el->el_tty.t_or) == -1) {
 #ifdef DEBUG_TTY
 		(void) fprintf(el->el_errfile,
--- a/lib/libfetch/http.c
+++ b/lib/libfetch/http.c
@ -1435,7 +1435,6 @@ http_connect(struct url *URL, struct url *purl, const char *flags)
 	}
 	if (strcasecmp(URL->scheme, SCHEME_HTTPS) == 0 &&
 	    fetch_ssl(conn, URL, verbose) == -1) {
 		fetch_close(conn);
 		/* grrr */
 		errno = EAUTH;
 		fetch_syserr();
--- a/lib/libmemstat/memstat_uma.c
+++ b/lib/libmemstat/memstat_uma.c
@ -29,7 +29,6 @@
 #include <sys/param.h>
 #include <sys/cpuset.h>
 #include <sys/sysctl.h>
 #include <sys/_task.h>
 #include <vm/vm.h>
 #include <vm/vm_page.h>
--- a/lib/libthr/pthread.map
+++ b/lib/libthr/pthread.map
@ -295,8 +295,6 @@ FBSDprivate_1.0 {
 	_thread_size_key;
 	_thread_state_running;
 	_thread_state_zoombie;
 	__pthread_map_stacks_exec;
 };
 FBSD_1.1 {
--- a/lib/libthr/thread/thr_private.h
+++ b/lib/libthr/thread/thr_private.h
@ -927,6 +927,8 @@ int __thr_sigwait(const sigset_t *set, int *sig);
 int __thr_sigwaitinfo(const sigset_t *set, siginfo_t *info);
 int __thr_swapcontext(ucontext_t *oucp, const ucontext_t *ucp);
 void __thr_map_stacks_exec(void);
 struct _spinlock;
 void __thr_spinunlock(struct _spinlock *lck);
 void __thr_spinlock(struct _spinlock *lck);
--- a/lib/libthr/thread/thr_stack.c
+++ b/lib/libthr/thread/thr_stack.c
@ -161,9 +161,8 @@ singlethread_map_stacks_exec(void)
 	    rlim.rlim_cur, _rtld_get_stack_prot());
 }
 void __pthread_map_stacks_exec(void);
 void
-__pthread_map_stacks_exec(void)
+__thr_map_stacks_exec(void)
 {
 	struct pthread *curthread, *thrd;
 	struct stack *st;
--- a/lib/libthr/thread/thr_syscalls.c
+++ b/lib/libthr/thread/thr_syscalls.c
@ -652,6 +652,7 @@ __thr_interpose_libc(void)
 	SLOT(kevent);
 	SLOT(wait6);
 	SLOT(ppoll);
 	SLOT(map_stacks_exec);
 #undef SLOT
 	*(__libc_interposing_slot(
 	    INTERPOS__pthread_mutex_init_calloc_cb)) =
--- a/lib/libunbound/Makefile
+++ b/lib/libunbound/Makefile
@ -12,7 +12,7 @@ PRIVATELIB=
 CFLAGS= -I${UNBOUNDDIR} -I${LDNSDIR} -I${.OBJDIR}
-SRCS=	alloc.c autotrust.c config_file.c configlexer.l configparser.y \
+SRCS=	alloc.c as112.c autotrust.c config_file.c configlexer.l configparser.y \
 	context.c dname.c dns.c dns64.c dnstree.c fptr_wlist.c infra.c \
 	iter_delegpt.c iter_donotq.c iter_fwd.c iter_hints.c iter_priv.c \
 	iter_resptype.c iter_scrub.c iter_utils.c iterator.c keyraw.c \
--- a/share/examples/jails/README
+++ b/share/examples/jails/README
@ -1,5 +1,57 @@
 # $FreeBSD$
-See under share/examples/netgraph for some examples of
+The below 4 samples require a VIMAGE enabled kernel:
 	# (as root)
 	$ cp VIMAGE /usr/src/sys/amd64/conf/
 	$ cd /usr/src
 	$ make KERNCONF=VIMAGE kernel
 	$ reboot
 Sample 1: jail.conf(5)
 	$ cp jib jng /usr/sbin/
 	$ cat jail.xxx.conf >> /etc/jail.conf
 	$ vi /etc/jail.conf
 	# NB: Customize root directory and bridge interface
 	$ sysrc jail_enable=YES
 	# NB: Assumes jail_list="" (meaning ``all jails in jail.conf'')
 	# NB: Assumes rc_conf_files="" (``below rc.conf(5) samples not used'')
 	$ service jail start
 Sample 2: rc.conf(5)
 	$ cp jib jng /usr/sbin/
 	$ cp rc.conf.jails /etc/
 	$ vi /etc/rc.conf.jails
 	# NB: Customize root directory and bridge interface
 	$ sysrc rc_conf_files+=/etc/rc.conf.jails
 	# NB: Assumes /etc/jail.conf does not exist and jail_list=""
 	$ service jail start
 Sample 3: Per-jail jail.conf(5)
 	$ cp jib jng /usr/sbin/
 	$ cp jail.xxx.conf /etc/
 	$ vi /etc/jail.xxx.conf
 	# NB: Customize root directory and bridge interface
 	$ sysrc jail_enable=YES
 	$ sysrc jail_list+=xxx
 	# NB: Assumes rc_conf_files=""
 	$ service jail start
 Sample 4: Per-jail rc.conf(5)
 	$ cp jib jng /usr/sbin/
 	$ cp rcjail.xxx.conf /etc/
 	$ vi /etc/rcjail.xxx.conf
 	# NB: Customize root directory and bridge interface
 	$ sysrc jail_enable=YES
 	$ sysrc jail_list+=xxx
 	$ sysrc rc_conf_files+=/etc/rcjail.xxx.conf
 	# NB: Assumes neither /etc/jail.conf nor /etc/jail.xxx.conf exist
 	$ service jail start
 For additional recipes, see share/examples/netgraph for
 making and hooking together jails using netgraph as the
 virtual networking fabric.
--- a/share/examples/jails/VIMAGE
+++ b/share/examples/jails/VIMAGE
@ -0,0 +1,59 @@
 # $FreeBSD$
 ################################################################################
 ######################### VIMAGE KERNEL CONFIGURATION ##########################
 ################################################################################
 #################### Inheritance
 #
 # Inherit from, and override `GENERIC'
 #
 include		GENERIC		# Base configuration file
 ident		VIMAGE		# Kernel name
 ################################################################################
 ##################### ENABLE NON-INHERITED OPTIONS/DEVICES #####################
 ################################################################################
 #################### Non-GENERIC options
 #
 # Network Virtualization for Jails
 #
 options		VIMAGE		# vnet paravirtualization
 #
 # Netgraph based bridging for vnet jails
 # NB: Not strictly necessary; will load automatically via KLD when needed
 #
 options		NETGRAPH	# netgraph(4) system
 options		NETGRAPH_BRIDGE	# ng_bridge(4)
 options		NETGRAPH_EIFACE	# ng_eiface(4)
 options		NETGRAPH_ETHER	# ng_ether(4)
 options		NETGRAPH_SOCKET	# ng_socket(4)
 #################### Non-GENERIC devices
 #
 # if_bridge based bridging for vnet jails
 # NB: Not strictly necessary; will load automatically via KLD when needed
 #
 device		epair		# epair(4)
 device		if_bridge	# if_bridge(4)
 ################################################################################
 ################ DISABLE UNNECESSARY  INHERITED OPTIONS/DEVICES ################
 ################################################################################
 #################### Disable select inherited options
 # none
 #################### Disable select inherited devices
 # none
 ################################################################################
 # END
 ################################################################################
--- a/share/examples/jails/jail.xxx.conf
+++ b/share/examples/jails/jail.xxx.conf
@ -0,0 +1,35 @@
 # $FreeBSD$
 xxx {
 	host.hostname = "xxx.yyy";	# hostname
 	path = "/vm/xxx";		# root directory
 	exec.clean;
 	exec.system_user = "root";
 	exec.jail_user = "root";
 	#
 	# NB: Below 4-lines required
 	#
 	vnet;
 	# netgraph
 	vnet.interface = "ng0_xxx";		# vnet interface(s)
 	exec.prestart += "jng bridge xxx em0";	# bridge interface(s)
 	exec.poststop += "jng shutdown xxx";	# destroy interface(s)
 	# if_bridge
 	#vnet.interface = "e0b_xxx";		# vnet interface(s)
 	#exec.prestart += "jib addm xxx em0";	# bridge interface(s)
 	#exec.poststop += "jib destroy xxx";	# destroy interface(s)
 	# Standard recipe
 	exec.start += "/bin/sh /etc/rc";
 	exec.stop = "/bin/sh /etc/rc.shutdown";
 	exec.consolelog = "/var/log/jail_xxx_console.log";
 	mount.devfs;	# mount devfs
 	# Optional (default off)
 	#devfs_ruleset = "11";		# rule to unhide bpf for DHCP
 	#allow.mount;			# mount /etc/fstab.xxx
 	#allow.set_hostname = 1;	# Allow hostname to change
 	#allow.sysvipc = 1;		# Allow SysV Interprocess Comm.
 }
--- a/share/examples/jails/jib
+++ b/share/examples/jails/jib
@ -0,0 +1,398 @@
 #!/bin/sh
 #-
 # Copyright (c) 2016 Devin Teske
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without
 # modification, are permitted provided that the following conditions
 # are met:
 # 1. Redistributions of source code must retain the above copyright
 #    notice, this list of conditions and the following disclaimer.
 # 2. Redistributions in binary form must reproduce the above copyright
 #    notice, this list of conditions and the following disclaimer in the
 #    documentation and/or other materials provided with the distribution.
 #
 # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
 # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 # SUCH DAMAGE.
 #
 # $FreeBSD$
 #
 ############################################################ IDENT(1)
 #
 # $Title: if_bridge(4) management script for vnet jails $
 #
 ############################################################ INFORMATION
 #
 # Use this tool with jail.conf(5) (or rc.conf(5) ``legacy'' configuration) to
 # manage `vnet' interfaces for jails. Designed to automate the creation of vnet
 # interface(s) during jail `prestart' and destroy said interface(s) during jail
 # `poststop'.
 #
 # In jail.conf(5) format:
 #
 # ### BEGIN EXCERPT ###
 #
 # xxx {
 # 	host.hostname = "xxx.yyy";
 # 	path = "/vm/xxx";
 # 
 # 	#
 # 	# NB: Below 2-lines required
 # 	# NB: The number of eNb_xxx interfaces should match the number of
 # 	#     arguments given to `jib addm xxx' in exec.prestart value.
 # 	#
 # 	vnet;
 # 	vnet.interface = "e0b_xxx e1b_xxx ...";
 # 
 # 	exec.clean;
 # 	exec.system_user = "root";
 # 	exec.jail_user = "root";
 # 
 # 	#
 # 	# NB: Below 2-lines required
 # 	# NB: The number of arguments after `jib addm xxx' should match
 # 	#     the number of eNb_xxx arguments in vnet.interface value.
 # 	#
 # 	exec.prestart += "jib addm xxx em0 em1 ...";
 # 	exec.poststop += "jib destroy xxx";
 # 
 # 	# Standard recipe
 # 	exec.start += "/bin/sh /etc/rc";
 # 	exec.stop = "/bin/sh /etc/rc.shutdown";
 # 	exec.consolelog = "/var/log/jail_xxx_console.log";
 # 	mount.devfs;
 #
 # 	# Optional (default off)
 # 	#allow.mount;
 # 	#allow.set_hostname = 1;
 # 	#allow.sysvipc = 1;
 # 	#devfs_ruleset = "11"; # rule to unhide bpf for DHCP
 # }
 #
 # ### END EXCERPT ###
 #
 # In rc.conf(5) ``legacy'' format (used when /etc/jail.conf does not exist):
 #
 # ### BEGIN EXCERPT ###
 #
 # jail_enable="YES"
 # jail_list="xxx"
 #
 # #
 # # Global presets for all jails
 # #
 # jail_devfs_enable="YES"	# mount devfs
 #
 # #
 # # Global options (default off)
 # #
 # #jail_mount_enable="YES"		# mount /etc/fstab.{name}
 # #jail_set_hostname_allow="YES"	# Allow hostname to change
 # #jail_sysvipc_allow="YES"		# Allow SysV Interprocess Comm.
 # 
 # # xxx
 # jail_xxx_hostname="xxx.shxd.cx"		# hostname
 # jail_xxx_rootdir="/vm/xxx"			# root directory
 # jail_xxx_vnet_interfaces="e0b_xxx e1bxxx ..."	# vnet interface(s)
 # jail_xxx_exec_prestart0="jib addm xxx em0 em1 ..."	# bridge interface(s)
 # jail_xxx_exec_poststop0="jib destroy xxx"	# destroy interface(s)
 # #jail_xxx_mount_enable="YES"			# mount /etc/fstab.xxx
 # #jail_xxx_devfs_ruleset="11"			# rule to unhide bpf for DHCP
 #
 # ### END EXCERPT ###
 #
 # Note that the legacy rc.conf(5) format is converted to
 # /var/run/jail.{name}.conf by /etc/rc.d/jail if jail.conf(5) is missing.
 #
 # ASIDE: dhclient(8) inside a vnet jail...
 #
 # To allow dhclient(8) to work inside a vnet jail, make sure the following
 # appears in /etc/devfs.rules (which should be created if it doesn't exist):
 #
 # 	[devfsrules_jail=11]
 # 	add include $devfsrules_hide_all
 # 	add include $devfsrules_unhide_basic
 # 	add include $devfsrules_unhide_login
 # 	add path 'bpf*' unhide
 #
 # And set ether devfs.ruleset="11" (jail.conf(5)) or
 # jail_{name}_devfs_ruleset="11" (rc.conf(5)).
 #
 # NB: While this tool can't create every type of desirable topology, it should
 # handle most setups, minus some which considered exotic or purpose-built.
 #
 ############################################################ GLOBALS
 pgm="${0##*/}" # Program basename
 #
 # Global exit status
 #
 SUCCESS=0
 FAILURE=1
 ############################################################ FUNCTIONS
 usage()
 {
 	local action usage descr
 	exec >&2
 	echo "Usage: $pgm action [arguments]"
 	echo "Actions:"
 	for action in \
 		addm		\
 		show		\
 		show1		\
 		destroy		\
 	; do
 		eval usage=\"\$jib_${action}_usage\"
 		[ "$usage" ] || continue
 		eval descr=\"\$jib_${action}_descr\"
 		printf "\t%s\n\t\t%s\n" "$usage" "$descr"
 	done
 	exit $FAILURE
 }
 action_usage()
 {
 	local usage action="$1"
 	eval usage=\"\$jib_${action}_usage\"
 	echo "Usage: $pgm $usage" >&2
 	exit $FAILURE
 }
 mustberoot_to_continue()
 {
 	if [ "$( id -u )" -ne 0 ]; then
 		echo "Must run as root!" >&2
 		exit $FAILURE
 	fi
 }
 jib_addm_usage="addm [-b BRIDGE_NAME] NAME interface0 [interface1 ...]"
 jib_addm_descr="Creates e0b_NAME [e1b_NAME ...]"
 jib_addm()
 {
 	local OPTIND=1 OPTARG flag bridge=bridge
 	while getopts b: flag; do
 		case "$flag" in
 		b) bridge="${OPTARG:-bridge}" ;;
 		*) action_usage addm # NOTREACHED
 		esac
 	done
 	shift $(( $OPTIND - 1 ))
 	local name="$1"
 	[ "${name:-x}" = "${name#*[!0-9a-zA-Z_]}" -a $# -gt 1 ] ||
 		action_usage addm # NOTREACHED
 	shift 1 # name
 	mustberoot_to_continue
 	local iface iface_devid eiface_devid
 	local eiface_devid_a eiface_devid_b
 	local new num quad i=0
 	for iface in $*; do
 		# 1. Make sure the interface doesn't exist already
 		ifconfig "e${i}a_$name" > /dev/null 2>&1 && continue
 		# 2. Bring the interface up
 		ifconfig $iface up || return
 		# 3. Make sure the interface has been bridged
 		if ! ifconfig "$iface$bridge" > /dev/null 2>&1; then
 			new=$( ifconfig bridge create ) || return
 			ifconfig $new addm $iface || return
 			ifconfig $new name "$iface$bridge" || return
 			ifconfig "$iface$bridge" up || return
 		fi
 		# 4. Create a new interface to the bridge
 		new=$( ifconfig epair create ) || return
 		ifconfig "$iface$bridge" addm $new || return
 		# 5. Rename the new interface
 		ifconfig $new name "e${i}a_$name" || return
 		ifconfig ${new%a}b name "e${i}b_$name" || return
 		ifconfig "e${i}a_$name" up || return
 		ifconfig "e${i}b_$name" up || return
 		#
 		# 6. Set the MAC address of the new interface using a sensible
 		# algorithm to prevent conflicts on the network.
 		#
 		# The formula I'm using is ``NP:SS:SS:II:II:II'' where:
 		# + N denotes 4 bits used as a counter to support branching
 		#   each parent interface up to 15 times under the same jail
 		#   name (see S below).
 		# + P denotes the special nibble whose value, if one of
 		#   2, 6, A, or E (but usually 2) denotes a privately
 		#   administered MAC address (while remaining routable).
 		# + S denotes 16 bits, the sum(1) value of the jail name.
 		# + I denotes bits that are inherited from parent interface.
 		#
 		# The S bits are a CRC-16 checksum of NAME, allowing the jail
 		# to change the epair(4) generation order without affecting the
 		# MAC address. Meanwhile, if...
 		#   + the jail NAME changes (e.g., it was duplicated and given
 		#     a new name with no other changes)
 		#   + the underlying network interface changes
 		#   + the jail is moved to another host
 		# the MAC address will be recalculated to a new, similarly
 		# unique value preventing conflict.
 		#
 		iface_devid=$( ifconfig $iface ether | awk '/ether/,$0=$2' )
 		eiface_devid=${iface_devid#??:??:??}
 		num=$( set -- `echo -n $name | sum` && echo $1 )
 		quad=$(( $num & 15 ))
 		case "$quad" in
 		10) quad=a ;; 11) quad=b ;; 12) quad=c ;;
 		13) quad=d ;; 14) quad=e ;; 15) quad=f ;;
 		esac
 		eiface_devid=$quad$eiface_devid
 		num=$(( $num >> 4 ))
 		quad=$(( $num & 15 ))
 		case "$quad" in
 		10) quad=a ;; 11) quad=b ;; 12) quad=c ;;
 		13) quad=d ;; 14) quad=e ;; 15) quad=f ;;
 		esac
 		eiface_devid=$quad$eiface_devid
 		num=$(( $num >> 4 ))
 		quad=$(( $num & 15 ))
 		case "$quad" in
 		10) quad=a ;; 11) quad=b ;; 12) quad=c ;;
 		13) quad=d ;; 14) quad=e ;; 15) quad=f ;;
 		esac
 		eiface_devid=$quad:$eiface_devid
 		num=$(( $num >> 4 ))
 		quad=$(( $num & 15 ))
 		case "$quad" in
 		10) quad=a ;; 11) quad=b ;; 12) quad=c ;;
 		13) quad=d ;; 14) quad=e ;; 15) quad=f ;;
 		esac
 		case "$iface_devid" in
 		?[Ee]:*)
 			eiface_devid_a=2:$quad$eiface_devid
 			eiface_devid_b=6:$quad$eiface_devid
 			;;
 		*)
 			eiface_devid_a=2:$quad$eiface_devid
 			eiface_devid_b=e:$quad$eiface_devid
 		esac
 		eval num=\$_${iface}_num
 		if [ "$num" ]; then
 			num=$(( $num + 1 ))
 			eval _${iface}_num=$num
 		else
 			num=0
 			local _${iface}_num=$num
 		fi
 		quad=$(( $num & 15 ))
 		case "$quad" in
 		10) quad=a ;; 11) quad=b ;; 12) quad=c ;;
 		13) quad=d ;; 14) quad=e ;; 15) quad=f ;;
 		esac
 		eiface_devid_a=$quad$eiface_devid_a
 		eiface_devid_b=$quad$eiface_devid_b
 		ifconfig "e${i}a_$name" ether $eiface_devid_a > /dev/null 2>&1
 		ifconfig "e${i}b_$name" ether $eiface_devid_b > /dev/null 2>&1
 		i=$(( $i + 1 )) # on to next e{i}b_name
 	done # for iface
 }
 jib_show_usage="show"
 jib_show_descr="List possible NAME values for \`show NAME'"
 jib_show1_usage="show NAME"
 jib_show1_descr="Lists e0b_NAME [e1b_NAME ...]"
 jib_show2_usage="show [NAME]"
 jib_show()
 {
 	local OPTIND=1 OPTARG flag
 	while getopts "" flag; do
 		case "$flag" in
 		*) action_usage show2 # NOTREACHED
 		esac
 	done
 	shift $(( $OPTIND - 1 ))
 	if [ $# -eq 0 ]; then
 		ifconfig | awk '
 			/^[^:[:space:]]+:/ {
 				iface = $1
 				sub(/:.*/, "", iface)
 				next
 			}
 			$1 == "groups:" {
 				for (n = split($0, group); n > 1; n--) {
 					if (group[n] != "bridge") continue
 					print iface
 					next
 				}
 			}' |
 			xargs -rn1 ifconfig |
 			awk '$1 == "member:" &&
 				sub(/^e[[:digit:]]+a_/, "", $2), $0 = $2' |
 			sort -u
 		return
 	fi
 	ifconfig | awk -v name="$1" '
 		match($0, /^e[[:digit:]]+a_/) && sub(/:.*/, "") &&
 			substr($1, RSTART + RLENGTH) == name
 	' | sort
 }
 jib_destroy_usage="destroy NAME"
 jib_destroy_descr="Destroy e0b_NAME [e1b_NAME ...]"
 jib_destroy()
 {
 	local OPTIND=1 OPTARG flag
 	while getopts "" flag; do
 		case "$flag" in
 		*) action_usage destroy # NOTREACHED
 		esac
 	done
 	shift $(( $OPTIND -1 ))
 	local name="$1"
 	[ "${name:-x}" = "${name#*[!0-9a-zA-Z_]}" -a $# -eq 1 ] ||
 		action_usage destroy # NOTREACHED
 	mustberoot_to_continue
 	jib_show "$name" | xargs -rn1 -I eiface ifconfig eiface destroy
 }
 ############################################################ MAIN
 #
 # Command-line arguments
 #
 action="$1"
 [ "$action" ] || usage # NOTREACHED
 #
 # Validate action argument
 #
 if [ "$BASH_VERSION" ]; then
 	type="$( type -t "jib_$action" )" || usage # NOTREACHED
 else
 	type="$( type "jib_$action" 2> /dev/null )" || usage # NOTREACHED
 fi
 case "$type" in
 *function)
 	shift 1 # action
 	eval "jib_$action" \"\$@\"
 	;;
 *) usage # NOTREACHED
 esac
 ################################################################################
 # END
 ################################################################################
--- a/share/examples/jails/jng
+++ b/share/examples/jails/jng
@ -0,0 +1,477 @@
 #!/bin/sh
 #-
 # Copyright (c) 2016 Devin Teske
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without
 # modification, are permitted provided that the following conditions
 # are met:
 # 1. Redistributions of source code must retain the above copyright
 #    notice, this list of conditions and the following disclaimer.
 # 2. Redistributions in binary form must reproduce the above copyright
 #    notice, this list of conditions and the following disclaimer in the
 #    documentation and/or other materials provided with the distribution.
 #
 # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
 # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 # SUCH DAMAGE.
 #
 # $FreeBSD$
 #
 ############################################################ IDENT(1)
 #
 # $Title: netgraph(4) management script for vnet jails $
 #
 ############################################################ INFORMATION
 #
 # Use this tool with jail.conf(5) (or rc.conf(5) ``legacy'' configuration) to
 # manage `vnet' interfaces for jails. Designed to automate the creation of vnet
 # interface(s) during jail `prestart' and destroy said interface(s) during jail
 # `poststop'.
 #
 # In jail.conf(5) format:
 #
 # ### BEGIN EXCERPT ###
 #
 # xxx {
 # 	host.hostname = "xxx.yyy";
 # 	path = "/vm/xxx";
 # 
 # 	#
 # 	# NB: Below 2-lines required
 # 	# NB: The number of ngN_xxx interfaces should match the number of
 # 	#     arguments given to `jng bridge xxx' in exec.prestart value.
 # 	#
 # 	vnet;
 # 	vnet.interface = "ng0_xxx ng1_xxx ...";
 # 
 # 	exec.clean;
 # 	exec.system_user = "root";
 # 	exec.jail_user = "root";
 # 
 # 	#
 # 	# NB: Below 2-lines required
 # 	# NB: The number of arguments after `jng bridge xxx' should match
 # 	#     the number of ngN_xxx arguments in vnet.interface value.
 # 	#
 # 	exec.prestart += "jng bridge xxx em0 em1 ...";
 # 	exec.poststop += "jng shutdown xxx";
 # 
 # 	# Standard recipe
 # 	exec.start += "/bin/sh /etc/rc";
 # 	exec.stop = "/bin/sh /etc/rc.shutdown";
 # 	exec.consolelog = "/var/log/jail_xxx_console.log";
 # 	mount.devfs;
 #
 # 	# Optional (default off)
 # 	#allow.mount;
 # 	#allow.set_hostname = 1;
 # 	#allow.sysvipc = 1;
 # 	#devfs_ruleset = "11"; # rule to unhide bpf for DHCP
 # }
 #
 # ### END EXCERPT ###
 #
 # In rc.conf(5) ``legacy'' format (used when /etc/jail.conf does not exist):
 #
 # ### BEGIN EXCERPT ###
 #
 # jail_enable="YES"
 # jail_list="xxx"
 #
 # #
 # # Global presets for all jails
 # #
 # jail_devfs_enable="YES"	# mount devfs
 #
 # #
 # # Global options (default off)
 # #
 # #jail_mount_enable="YES"		# mount /etc/fstab.{name}
 # #jail_set_hostname_allow="YES"	# Allow hostname to change
 # #jail_sysvipc_allow="YES"		# Allow SysV Interprocess Comm.
 # 
 # # xxx
 # jail_xxx_hostname="xxx.shxd.cx"		# hostname
 # jail_xxx_rootdir="/vm/xxx"			# root directory
 # jail_xxx_vnet_interfaces="ng0_xxx ng1xxx ..."	# vnet interface(s)
 # jail_xxx_exec_prestart0="jng bridge xxx em0 em1 ..."	# bridge interface(s)
 # jail_xxx_exec_poststop0="jng shutdown xxx"	# destroy interface(s)
 # #jail_xxx_mount_enable="YES"			# mount /etc/fstab.xxx
 # #jail_xxx_devfs_ruleset="11"			# rule to unhide bpf for DHCP
 #
 # ### END EXCERPT ###
 #
 # Note that the legacy rc.conf(5) format is converted to
 # /var/run/jail.{name}.conf by /etc/rc.d/jail if jail.conf(5) is missing.
 #
 # ASIDE: dhclient(8) inside a vnet jail...
 #
 # To allow dhclient(8) to work inside a vnet jail, make sure the following
 # appears in /etc/devfs.rules (which should be created if it doesn't exist):
 #
 # 	[devfsrules_jail=11]
 # 	add include $devfsrules_hide_all
 # 	add include $devfsrules_unhide_basic
 # 	add include $devfsrules_unhide_login
 # 	add path 'bpf*' unhide
 #
 # And set ether devfs.ruleset="11" (jail.conf(5)) or
 # jail_{name}_devfs_ruleset="11" (rc.conf(5)).
 #
 # NB: While this tool can't create every type of desirable topology, it should
 # handle most setups, minus some which considered exotic or purpose-built.
 #
 ############################################################ GLOBALS
 pgm="${0##*/}" # Program basename
 #
 # Global exit status
 #
 SUCCESS=0
 FAILURE=1
 ############################################################ FUNCTIONS
 usage()
 {
 	local action usage descr
 	exec >&2
 	echo "Usage: $pgm action [arguments]"
 	echo "Actions:"
 	for action in \
 		bridge		\
 		graph		\
 		show		\
 		show1		\
 		shutdown	\
 		stats		\
 	; do
 		eval usage=\"\$jng_${action}_usage\"
 		[ "$usage" ] || continue
 		eval descr=\"\$jng_${action}_descr\"
 		printf "\t%s\n\t\t%s\n" "$usage" "$descr"
 	done
 	exit $FAILURE
 }
 action_usage()
 {
 	local usage action="$1"
 	eval usage=\"\$jng_${action}_usage\"
 	echo "Usage: $pgm $usage" >&2
 	exit $FAILURE
 }
 mustberoot_to_continue()
 {
 	if [ "$( id -u )" -ne 0 ]; then
 		echo "Must run as root!" >&2
 		exit $FAILURE
 	fi
 }
 jng_bridge_usage="bridge [-b BRIDGE_NAME] NAME interface0 [interface1 ...]"
 jng_bridge_descr="Create ng0_NAME [ng1_NAME ...]"
 jng_bridge()
 {
 	local OPTIND=1 OPTARG flag bridge=bridge
 	while getopts b: flag; do
 		case "$flag" in
 		b) bridge="$OPTARG"
 		   [ "$bridge" ] || action_usage bridge ;; # NOTREACHED
 		*) action_usage bridge # NOTREACHED
 		esac
 	done
 	shift $(( $OPTIND - 1 ))
 	local name="$1"
 	[ "${name:-x}" = "${name#*[!0-9a-zA-Z_]}" -a $# -gt 1 ] ||
 		action_usage bridge # NOTREACHED
 	shift 1 # name
 	mustberoot_to_continue
 	local iface iface_devid eiface eiface_devid
 	local new num quad i=0
 	for iface in $*; do
 		# 0. Make sure the interface doesn't exist already
 		eiface=ng${i}_$name
 		ngctl msg "$eiface:" getifname > /dev/null 2>&1 && continue
 		# 1. Bring the interface up
 		ifconfig $iface up || return
 		# 2. Set promiscuous mode and don't overwrite src addr
 		ngctl msg $iface: setpromisc 1 || return
 		ngctl msg $iface: setautosrc 0 || return
 		# 3. Make sure the interface has been bridged
 		if ! ngctl info ${iface}bridge: > /dev/null 2>&1; then
 			ngctl mkpeer $iface: bridge lower link0 || return
 			ngctl connect $iface: $iface:lower upper link1 ||
 				return
 			ngctl name $iface:lower ${iface}bridge || return
 		fi
 		# 3.5. Optionally create a secondary bridge
 		if [ "$bridge" != "bridge" ] &&
 		   ! ngctl info "$iface$bridge:" > /dev/null 2>&1
 		then
 			num=2
 			while ngctl msg ${iface}bridge: getstats $num \
 				> /dev/null 2>&1
 			do
 				num=$(( $num + 1 ))
 			done
 			ngctl mkpeer $iface:lower bridge link$num link1 ||
 				return
 			ngctl name ${iface}bridge:link$num "$iface$bridge" ||
 				return
 		fi
 		# 4. Create a new interface to the bridge
 		num=2
 		while ngctl msg "$iface$bridge:" getstats $num > /dev/null 2>&1
 		do
 			num=$(( $num + 1 ))
 		done
 		ngctl mkpeer "$iface$bridge:" eiface link$num ether || return
 		# 5. Rename the new interface
 		while [ ${#eiface} -gt 15 ]; do # OS limitation
 			eiface=${eiface%?}
 		done
 		new=$( set -- `ngctl show -n "$iface$bridge:link$num"` &&
 			echo $2 ) || return
 		ngctl name "$iface$bridge:link$num" $eiface || return
 		ifconfig $new name $eiface || return
 		ifconfig $eiface up || return
 		#
 		# 6. Set the MAC address of the new interface using a sensible
 		# algorithm to prevent conflicts on the network.
 		#
 		# The formula I'm using is ``NP:SS:SS:II:II:II'' where:
 		# + N denotes 4 bits used as a counter to support branching
 		#   each parent interface up to 15 times under the same jail
 		#   name (see S below).
 		# + P denotes the special nibble whose value, if one of
 		#   2, 6, A, or E (but usually 2) denotes a privately
 		#   administered MAC address (while remaining routable).
 		# + S denotes 16 bits, the sum(1) value of the jail name.
 		# + I denotes bits that are inherited from parent interface.
 		#
 		# The S bits are a CRC-16 checksum of NAME, allowing the jail
 		# to change link numbers in ng_bridge(4) without affecting the
 		# MAC address. Meanwhile, if...
 		#   + the jail NAME changes (e.g., it was duplicated and given
 		#     a new name with no other changes)
 		#   + the underlying network interface changes
 		#   + the jail is moved to another host
 		# the MAC address will be recalculated to a new, similarly
 		# unique value preventing conflict.
 		#
 		iface_devid=$( ifconfig $iface ether | awk '/ether/,$0=$2' )
 		eiface_devid=${iface_devid#??:??:??}
 		num=$( set -- `echo -n $name | sum` && echo $1 )
 		quad=$(( $num & 15 ))
 		case "$quad" in
 		10) quad=a ;; 11) quad=b ;; 12) quad=c ;;
 		13) quad=d ;; 14) quad=e ;; 15) quad=f ;;
 		esac
 		eiface_devid=$quad$eiface_devid
 		num=$(( $num >> 4 ))
 		quad=$(( $num & 15 ))
 		case "$quad" in
 		10) quad=a ;; 11) quad=b ;; 12) quad=c ;;
 		13) quad=d ;; 14) quad=e ;; 15) quad=f ;;
 		esac
 		eiface_devid=$quad$eiface_devid
 		num=$(( $num >> 4 ))
 		quad=$(( $num & 15 ))
 		case "$quad" in
 		10) quad=a ;; 11) quad=b ;; 12) quad=c ;;
 		13) quad=d ;; 14) quad=e ;; 15) quad=f ;;
 		esac
 		eiface_devid=$quad:$eiface_devid
 		num=$(( $num >> 4 ))
 		quad=$(( $num & 15 ))
 		case "$quad" in
 		10) quad=a ;; 11) quad=b ;; 12) quad=c ;;
 		13) quad=d ;; 14) quad=e ;; 15) quad=f ;;
 		esac
 		case "$iface_devid" in
 		?2:*) eiface_devid=a:$quad$eiface_devid ;;
 		*) eiface_devid=2:$quad$eiface_devid
 		esac
 		eval num=\$_${iface}_num
 		if [ "$num" ]; then
 			num=$(( $num + 1 ))
 			eval _${iface}_num=$num
 		else
 			num=0
 			local _${iface}_num=$num
 		fi
 		quad=$(( $num & 15 ))
 		case "$quad" in
 		10) quad=a ;; 11) quad=b ;; 12) quad=c ;;
 		13) quad=d ;; 14) quad=e ;; 15) quad=f ;;
 		esac
 		eiface_devid=$quad$eiface_devid
 		ifconfig $eiface ether $eiface_devid > /dev/null 2>&1
 		i=$(( $i + 1 )) # on to next ng{i}_name
 	done # for iface
 }
 jng_graph_usage="graph [-f] [-T type] [-o output]"
 jng_graph_descr="Generate network graph (default output is \`jng.svg')"
 jng_graph()
 {
 	local OPTIND=1 OPTARG flag
 	local output=jng.svg output_type= force=
 	while getopts fo:T: flag; do
 		case "$flag" in
 		f) force=1 ;;
 		o) output="$OPTARG" ;;
 		T) output_type="$OPTARG" ;;
 		*) action_usage graph # NOTREACHED
 		esac
 	done
 	shift $(( $OPTIND - 1 ))
 	[ $# -eq 0 -a "$output" ] || action_usage graph # NOTREACHED
 	mustberoot_to_continue
 	if [ -e "$output" -a ! "$force" ]; then
 		echo "$output: Already exists (use \`-f' to overwrite)" >&2
 		return $FAILURE
 	fi
 	if [ ! "$output_type" ]; then
 		local valid suffix
 		valid=$( dot -Txxx 2>&1 )
 		for suffix in ${valid##*:}; do
 			[ "$output" != "${output%.$suffix}" ] || continue
 			output_type=$suffix
 			break
 		done
 	fi
 	ngctl dot | dot ${output_type:+-T "$output_type"} -o "$output"
 }
 jng_show_usage="show"
 jng_show_descr="List possible NAME values for \`show NAME'"
 jng_show1_usage="show NAME"
 jng_show1_descr="Lists ng0_NAME [ng1_NAME ...]"
 jng_show2_usage="show [NAME]"
 jng_show()
 {
 	local OPTIND=1 OPTARG flag
 	while getopts "" flag; do
 		case "$flag" in
 		*) action_usage show2 # NOTREACHED
 		esac
 	done
 	shift $(( $OPTIND - 1 ))
 	mustberoot_to_continue
 	if [ $# -eq 0 ]; then
 		ngctl ls | awk '$4=="bridge",$0=$2' |
 			xargs -rn1 -Ibridge ngctl show bridge: |
 			awk 'sub(/^ng[[:digit:]]+_/, "", $2), $0 = $2' |
 			sort -u
 		return
 	fi
 	ngctl ls | awk -v name="$1" '
 		match($2, /^ng[[:digit:]]+_/) &&
 			substr($2, RSTART + RLENGTH) == name &&
 			$4 == "eiface", $0 = $2
 	' | sort
 }
 jng_shutdown_usage="shutdown NAME"
 jng_shutdown_descr="Shutdown ng0_NAME [ng1_NAME ...]"
 jng_shutdown()
 {
 	local OPTIND=1 OPTARG flag
 	while getopts "" flag; do
 		case "$flag" in
 		*) action_usage shutdown # NOTREACHED
 		esac
 	done
 	shift $(( $OPTIND -1 ))
 	local name="$1"
 	[ "${name:-x}" = "${name#*[!0-9a-zA-Z_]}" -a $# -eq 1 ] ||
 		action_usage shutdown # NOTREACHED
 	mustberoot_to_continue
 	jng_show "$name" | xargs -rn1 -I eiface ngctl shutdown eiface:
 }
 jng_stats_usage="stats NAME"
 jng_stats_descr="Show ng_bridge link statistics for NAME interfaces"
 jng_stats()
 {
 	local OPTIND=1 OPTARG flag
 	while getopts "" flag; do
 		case "$flag" in
 		*) action_usage stats # NOTREACHED
 		esac
 	done
 	shift $(( $OPTIND -1 ))
 	local name="$1"
 	[ "${name:-x}" = "${name#*[!0-9a-zA-Z_]}" -a $# -eq 1 ] ||
 		action_usage stats # NOTREACHED
 	mustberoot_to_continue
 	for eiface in $( jng_show "$name" ); do
 		echo "$eiface:"
 		ngctl show $eiface: | awk '
 		$3 == "bridge" && $5 ~ /^link/ {
 			bridge = $2
 			link = substr($5, 5)
 			system(sprintf("ngctl msg %s: getstats %u",
 				bridge, link))
 		}' | fmt 2 | awk '
 			/=/ && fl = index($0, "=") {
 				printf "%20s = %s\n",
 					substr($0, 0, fl-1),
 					substr($0, 0, fl+1)
 			}
 		' # END-QUOTE
 	done
 }
 ############################################################ MAIN
 #
 # Command-line arguments
 #
 action="$1"
 [ "$action" ] || usage # NOTREACHED
 #
 # Validate action argument
 #
 if [ "$BASH_VERSION" ]; then
 	type="$( type -t "jng_$action" )" || usage # NOTREACHED
 else
 	type="$( type "jng_$action" 2> /dev/null )" || usage # NOTREACHED
 fi
 case "$type" in
 *function)
 	shift 1 # action
 	eval "jng_$action" \"\$@\"
 	;;
 *) usage # NOTREACHED
 esac
 ################################################################################
 # END
 ################################################################################
--- a/share/examples/jails/rc.conf.jails
+++ b/share/examples/jails/rc.conf.jails
@ -0,0 +1,76 @@
 # $FreeBSD$
 ###############################################################################
 ############################# JAIL CONFIGURATIONS #############################
 ###############################################################################
 jail_enable="YES"
 jail_list="xxx"
 #
 # Global presets for all jails
 #
 jail_devfs_enable="YES"		# mount devfs
 # Optional (default off)
 #jail_sysvipc_allow="YES"	# Allow SysV Interprocess Comm.
 #jail_set_hostname_allow="YES"	# Allow hostname to change
 #
 # To allow dhclient(8) to work inside a jail, make sure the following appears
 # in /etc/devfs.rules (which should be created if it doesn't exist):
 #
 # [devfsrules_jail=11]
 # add include $devfsrules_hide_all
 # add include $devfsrules_unhide_basic
 # add include $devfsrules_unhide_login
 # add path 'bpf*' unhide
 #
 ############################################################ JAILS
 # NETGRAPH TEMPLATE (copy/pate; then replace {name} with short name for jail)
 #
 # {name}
 #
 #jail_{name}_hostname="{name}.shxd.cx"		# hostname
 #jail_{name}_rootdir="/vm/{name}"		# root directory
 #jail_{name}_vnet_interfaces="ng0_{name}"	# vnet interface(s)
 #jail_{name}_exec_prestart0="jng bridge {name} em0"	# bridge interface(s)
 #jail_{name}_exec_poststop0="jng shutdown {name}"	# destroy interface(s)
 # Optional (default off)
 #jail_{name}_devfs_ruleset="11"			# rule to unhide bpf for DHCP
 #jail_{name}_mount_enable="YES"			# mount /etc/fstab.{name}
 # IF_BRIDGE TEMPLATE (copy/pate; then replace {name} with short name for jail)
 #
 # {name}
 #
 #jail_{name}_hostname="{name}.shxd.cx"		# hostname
 #jail_{name}_rootdir="/vm/{name}"		# root directory
 #jail_{name}_vnet_interfaces="e0b_{name}"	# vnet interface(s)
 #jail_{name}_exec_prestart0="jib addm {name} em0"	# bridge interface(s)
 #jail_{name}_exec_poststop0="jib destroy {name}"	# destroy interface(s)
 # Optional (default off)
 #jail_{name}_devfs_ruleset="11"			# rule to unhide bpf for DHCP
 #jail_{name}_mount_enable="YES"			# mount /etc/fstab.{name}
 #
 # XXX
 #
 jail_xxx_hostname="xxx.yyy"			# hostname
 jail_xxx_rootdir="/vm/xxx"			# root directory
 # netgraph
 jail_xxx_vnet_interface="ng0_xxx"		# vnet interface(s)
 jail_xxx_exec_prestart0="jng bridge xxx em0"	# bridge interface(s)
 jail_xxx_exec_poststop0="jng shutdown xxx"	# destroy interface(s)
 # if_bridge
 #jail_xxx_vnet_interface="e0b_xxx"		# vnet interface(s)
 #jail_xxx_exec_prestart0="jib addm xxx em0"	# bridge interface(s)
 #jail_xxx_exec_poststop0="jib destroy xxx"	# destroy interface(s)
 # Optional (default off)
 #jail_xxx_devfs_ruleset="11"			# rule to unhide bpf for DHCP
 #jail_xxx_mount_enable="YES"			# mount /etc/fstab.xxx
 ################################################################################
 # END
 ################################################################################
--- a/share/examples/jails/rcjail.xxx.conf
+++ b/share/examples/jails/rcjail.xxx.conf
@ -0,0 +1,25 @@
 # $FreeBSD$
 jail_xxx_hostname="xxx.yyy"			# hostname
 jail_xxx_rootdir="/vm/xxx"			# root directory
 #
 # NB: Below 3 lines required
 #
 # netgraph
 jail_xxx_vnet_interface="ng0_xxx"		# vnet interface(s)
 jail_xxx_exec_prestart0="jng bridge xxx em0"	# bridge interface(s)
 jail_xxx_exec_poststop0="jng shutdown xxx"	# destroy interface(s)
 # if_bridge
 #jail_xxx_vnet_interface="e0b_xxx"		# vnet interface(s)
 #jail_xxx_exec_prestart0="jib addm xxx em0"	# bridge interface(s)
 #jail_xxx_exec_poststop0="jib destroy xxx"	# destroy interface(s)
 # Standard recipe
 jail_xxx_devfs_enable="YES"			# mount devfs
 # Optional (default off)
 #jail_xxx_devfs_ruleset="11"			# rule to unhide bpf for DHCP
 #jail_xxx_mount_enable="YES"			# mount /etc/fstab.xxx
 #jail_xxx_set_hostname_allow="YES"		# Allow hostname to change
 #jail_xxx_sysvipc_allow="YES"			# Allow SysV Interprocess Comm.
--- a/share/man/man4/bridge.4
+++ b/share/man/man4/bridge.4
@ -425,8 +425,8 @@ cloned_interfaces="bridge0"
 ifconfig_bridge0="addm wlan0 addm fxp0 up"
 .Ed
 .Pp
-For the bridge to forward packets all member interfaces and the bridge need
+For the bridge to forward packets,
-to be up.
+all member interfaces and the bridge need to be up.
 The above example would also require:
 .Bd -literal -offset indent
 create_args_wlan0="wlanmode hostap"
--- a/share/man/man7/build.7
+++ b/share/man/man7/build.7
@ -107,6 +107,16 @@ section below, and by the variables documented in
 The following list provides the names and actions for the targets
 supported by the build system:
 .Bl -tag -width ".Cm cleandepend"
 .It Cm check
 Run tests for a given subdirectory.
 The default directory used is
 .Pa ${.OBJDIR} ,
 but the check directory can be changed with
 .Pa ${CHECKDIR} .
 .It Cm checkworld
 Run the
 .Fx
 test suite on installed world.
 .It Cm clean
 Remove any files created during the build process.
 .It Cm cleandepend
@ -653,6 +663,7 @@ make TARGET=sparc64 DESTDIR=/clients/sparc64 installworld
 .Xr mergemaster 8 ,
 .Xr portsnap 8 ,
 .Xr reboot 8 ,
-.Xr shutdown 8
+.Xr shutdown 8 ,
 .Xr tests 7
 .Sh AUTHORS
 .An Mike W. Meyer Aq Mt mwm@mired.org
--- a/share/man/man8/uefi.8
+++ b/share/man/man8/uefi.8
@ -24,7 +24,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd February 26, 2015
+.Dd February 11, 2016
 .Dt UEFI 8
 .Os
 .Sh NAME
@ -73,9 +73,34 @@ as
 .Pa /EFI/BOOT/BOOTX64.EFI .
 .It
 .Pa boot1.efi
-locates the first partition with the type
+reads boot configuration from
-.Li freebsd-ufs ,
+.Pa /boot.config
-and from it loads
+or
 .Pa /boot/config .
 Unlike other first-stage boot loaders,
 .Pa boot1.efi
 passes the configuration to the next stage boot loader and does not
 itself act on the contents of the file.
 .It
 .Pa boot1.efi
 searches partitions of type
 .Li freebsd-ufs
 and
 .Li freebsd-zfs
 for
 .Pa loader.efi .
 The search begins with partitions on the device from which
 .Pa boot1.efi
 was loaded, and continues with other available partitions.
 If both
 .Li freebsd-ufs
 and
 .Li freebsd-zfs
 partitions exist on the same device the
 .Li freebsd-zfs
 partition is preferred.
 .Pa boot1.efi
 then loads and executes
 .Pa loader.efi .
 .It
 .Pa loader.efi
@ -112,6 +137,7 @@ typical non-default kernel (optional)
 .El
 .Sh SEE ALSO
 .Xr vt 4 ,
 .Xr boot.config 5 ,
 .Xr msdosfs 5 ,
 .Xr boot 8 ,
 .Xr gpart 8 ,
@ -135,19 +161,3 @@ Foundation sponsored portions of the work.
 EFI environment variables are not supported by
 .Xr loader 8
 or the kernel.
 .Pp
 .Pa boot1.efi
 loads
 .Pa loader.efi
 from the first FreeBSD-UFS file system it locates, even if it is on a
 different disk.
 .Pp
 .Pa boot1.efi
 cannot load
 .Pa loader.efi
 from a
 .Xr ZFS 8
 file system.
 As a result,
 .Nm
 does not support a typical root file system on ZFS configuration.
--- a/share/mk/bsd.README
+++ b/share/mk/bsd.README
@ -448,6 +448,17 @@ It has seven targets:
 	all:
 		build the test programs.
 	check:
 		runs the test programs from CHECKDIR with kyua test.
 		The beforecheck and aftercheck targets will be invoked, if
 		defined, to execute commands before and after the realcheck
 		target has been executed, respectively.
 		The devel/kyua package must be installed before invoking this
 		target.
 		See CHECKDIR for more details.
 	clean:
 		remove the test programs and any object files.
 	cleandir:
@ -466,12 +477,6 @@ It has seven targets:
 		run lint on the source files.
 	tags:
 		create a tags file for the source files.
 	test:
 		runs the test programs from the object directory; if the
 		Makefile does not itself define the target test, the
 		targets beforetest and aftertest may also be used to
 		cause actions immediately before and after the test
 		target is executed.
 It sets/uses the following variables, among many others:
@ -485,6 +490,10 @@ TESTSDIR	Path to the installed tests.  Must be a subdirectory of
 		${TESTSBASE}/${RELDIR:H} , e.g. /usr/tests/bin/ls when
 		included from bin/ls/tests .
 CHECKDIR	The directory that 'make check' executes tests from.
 		The value of CHECKDIR defaults to .OBJDIR.
 KYUAFILE	If 'auto' (the default), generate a Kyuafile out of the
 		test programs defined in the Makefile.  If 'yes', then a
 		manually-crafted Kyuafile must be supplied with the
--- a/share/mk/bsd.subdir.mk
+++ b/share/mk/bsd.subdir.mk
@ -43,11 +43,11 @@ SUBDIR_TARGETS+= \
 		checkdpadd clean cleandepend cleandir cleanilinks \
 		cleanobj depend distribute files includes installconfig \
 		installfiles installincludes realinstall lint maninstall \
-		manlint obj objlink regress tags \
+		manlint obj objlink tags \
 # Described above.
 STANDALONE_SUBDIR_TARGETS+= \
-		obj checkdpadd clean cleandepend cleandir \
+		obj check checkdpadd clean cleandepend cleandir \
 		cleanilinks cleanobj installconfig \
 .include <bsd.init.mk>
--- a/share/mk/bsd.sys.mk
+++ b/share/mk/bsd.sys.mk
@ -178,11 +178,11 @@ CXXFLAGS+=	 ${CXXFLAGS.${COMPILER_TYPE}}
 # or expect to ever be up-to-date.
 PHONY_NOTMAIN = afterdepend afterinstall all beforedepend beforeinstall \
 		beforelinking build build-tools buildconfig buildfiles \
-		buildincludes checkdpadd clean cleandepend cleandir cleanobj \
+		buildincludes check checkdpadd clean cleandepend cleandir \
-		configure depend dependall distclean distribute exe \
+		cleanobj configure depend dependall distclean distribute exe \
 		files html includes install installconfig installfiles \
 		installincludes lint obj objlink objs objwarn realall \
-		realdepend realinstall regress subdir-all subdir-depend \
+		realdepend realinstall subdir-all subdir-depend \
 		subdir-install tags whereobj
 # we don't want ${PROG} to be PHONY
--- a/share/mk/bsd.test.mk
+++ b/share/mk/bsd.test.mk
@ -60,11 +60,15 @@ _TESTS=
 .include <plain.test.mk>
 .include <tap.test.mk>
 # kyua automatically descends directories; only run make check on the
 # top-level directory
 .if !make(check)
 .for ts in ${TESTS_SUBDIRS}
 .if empty(SUBDIR:M${ts})
 SUBDIR+= ${ts}
 .endif
 .endfor
 .endif
 # it is rare for test cases to have man pages
 .if !defined(MAN)
@ -79,19 +83,14 @@ PROGS_TARGETS+= install
 .include <suite.test.mk>
 .endif
-.if !target(realtest)
+.if !target(realcheck)
-realtest: .PHONY
+realcheck: .PHONY
 	@echo "$@ not defined; skipping"
 .endif
-test: .PHONY
+beforecheck realcheck aftercheck check: .PHONY
-.ORDER: beforetest realtest
+.ORDER: beforecheck realcheck aftercheck
-test: beforetest realtest
+check: beforecheck realcheck aftercheck
 .if target(aftertest)
 .ORDER: realtest aftertest
 test: aftertest
 .endif
 .ifdef PROG
 # we came here via bsd.progs.mk below
--- a/share/mk/suite.test.mk
+++ b/share/mk/suite.test.mk
@ -50,15 +50,12 @@ FILES+=	Kyuafile
 FILESDIR_Kyuafile= ${TESTSDIR}
 .endif
 .if ${KYUAFILE:tl} == "auto"
 CLEANFILES+= Kyuafile Kyuafile.tmp
 .endif
 .for _T in ${_TESTS}
 _TEST_METADATA.${_T}= ${TEST_METADATA} ${TEST_METADATA.${_T}}
 .endfor
 .if ${KYUAFILE:tl} == "auto"
 CLEANFILES+= Kyuafile Kyuafile.tmp
 Kyuafile: Makefile
 	@{ \
 	    echo '-- Automatically generated by bsd.test.mk.'; \
@ -78,9 +75,11 @@ Kyuafile: Makefile
 	@mv ${.TARGET}.tmp ${.TARGET}
 .endif
 CHECKDIR?=	${DESTDIR}${TESTSDIR}
 KYUA= ${LOCALBASE}/bin/kyua
-.if exists(${KYUA})
+
-# Definition of the "make test" target and supporting variables.
+# Definition of the "make check" target and supporting variables.
 #
 # This target, by necessity, can only work for native builds (i.e. a FreeBSD
 # host building a release for the same system).  The target runs Kyua, which is
@ -89,35 +88,15 @@ KYUA= ${LOCALBASE}/bin/kyua
 # Due to the dependencies of the binaries built by the source tree and how they
 # are used by tests, it is highly possible for a execution of "make test" to
 # report bogus results unless the new binaries are put in place.
 realtest: .PHONY
 	@echo "*** WARNING: make test is experimental"
 	@echo "***"
 	@echo "*** Using this test does not preclude you from running the tests"
 	@echo "*** installed in ${TESTSBASE}.  This test run may raise false"
 	@echo "*** positives and/or false negatives."
 	@echo
 	@${KYUA} test -k ${DESTDIR}${TESTSDIR}/Kyuafile; \
 	result=0; \
 	echo; \
 	echo "*** Once again, note that "make test" is unsupported."; \
 	test $${result} -eq 0
 .endif
-beforetest: .PHONY
+realcheck: .PHONY
-.if defined(TESTSDIR)
+	@if [ ! -x ${KYUA} ]; then \
-.if ${TESTSDIR} == ${TESTSBASE}
+		echo; \
-# Forbid running from ${TESTSBASE}.  It can cause false positives/negatives and
+		echo "kyua binary not installed at expected location (${.TARGET})"; \
-# it does not cover all the tests (e.g. it misses testing software in external).
+		echo; \
-	@echo "*** Sorry, you cannot use make test from src/tests.  Install the"
+		echo "Please install via pkg install, or specify the path to the kyua"; \
-	@echo "*** tests into their final location and run them from ${TESTSBASE}"
+		echo "package via the \$${LOCALBASE} variable, e.g. "; \
-	@false
+		echo "LOCALBASE=\"${LOCALBASE}\""; \
-.else
+		false; \
-	@echo "*** Using this test does not preclude you from running the tests"
+	fi
-	@echo "*** installed in ${TESTSBASE}.  This test run may raise false"
+	@${KYUA} test -k ${CHECKDIR}/Kyuafile
 	@echo "*** positives and/or false negatives."
 .endif
 .else
 	@echo "*** No TESTSDIR defined; nothing to do."
 	@false
 .endif
 	@echo
--- a/sys/amd64/amd64/uma_machdep.c
+++ b/sys/amd64/amd64/uma_machdep.c
@ -32,7 +32,6 @@ __FBSDID("$FreeBSD$");
 #include <sys/malloc.h>
 #include <sys/mutex.h>
 #include <sys/systm.h>
 #include <sys/taskqueue.h>
 #include <vm/vm.h>
 #include <vm/vm_page.h>
 #include <vm/vm_pageout.h>
--- a/sys/arm/allwinner/a10_clk.c
+++ b/sys/arm/allwinner/a10_clk.c
@ -109,7 +109,8 @@ static driver_t a10_ccm_driver = {
 static devclass_t a10_ccm_devclass;
-DRIVER_MODULE(a10_ccm, simplebus, a10_ccm_driver, a10_ccm_devclass, 0, 0);
+EARLY_DRIVER_MODULE(a10_ccm, simplebus, a10_ccm_driver, a10_ccm_devclass, 0, 0,
    BUS_PASS_TIMER + BUS_PASS_ORDER_MIDDLE);
 int
 a10_clk_usb_activate(void)
@ -200,7 +201,7 @@ a10_clk_gmac_activate(phandle_t node)
 	/* Set GMAC mode. */
 	reg_value = CCM_GMAC_CLK_MII;
-	if (OF_getprop_alloc(node, "phy-type", 1, (void **)&phy_type) > 0) {
+	if (OF_getprop_alloc(node, "phy-mode", 1, (void **)&phy_type) > 0) {
 		if (strcasecmp(phy_type, "rgmii") == 0)
 			reg_value = CCM_GMAC_CLK_RGMII | CCM_GMAC_MODE_RGMII;
 		else if (strcasecmp(phy_type, "rgmii-bpi") == 0) {
--- a/sys/arm/allwinner/a10_common.c
+++ b/sys/arm/allwinner/a10_common.c
@ -50,7 +50,7 @@ fdt_aintc_decode_ic(phandle_t node, pcell_t *intr, int *interrupt, int *trig,
 {
 	int offset;
-	if (fdt_is_compatible(node, "allwinner,sun4i-ic"))
+	if (fdt_is_compatible(node, "allwinner,sun4i-a10-ic"))
 		offset = 0;
 	else if (fdt_is_compatible(node, "arm,gic"))
 		offset = 32;
--- a/sys/arm/allwinner/a10_ehci.c
+++ b/sys/arm/allwinner/a10_ehci.c
@ -43,10 +43,10 @@ __FBSDID("$FreeBSD$");
 #include <sys/gpio.h>
 #include <machine/bus.h>
-#include <dev/ofw/ofw_bus.h> 
+#include <dev/ofw/ofw_bus.h>
 #include <dev/ofw/ofw_bus_subr.h>
-#include <dev/usb/usb.h> 
+#include <dev/usb/usb.h>
 #include <dev/usb/usbdi.h>
 #include <dev/usb/usb_core.h>
@ -90,6 +90,12 @@ static device_detach_t a10_ehci_detach;
 bs_r_1_proto(reversed);
 bs_w_1_proto(reversed);
 static struct ofw_compat_data compat_data[] = {
 	{"allwinner,sun4i-a10-ehci", 1},
 	{"allwinner,sun7i-a20-ehci", 1},
 	{NULL,             0}
 };
 static int
 a10_ehci_probe(device_t self)
 {
@ -97,7 +103,7 @@ a10_ehci_probe(device_t self)
 	if (!ofw_bus_status_okay(self))
 		return (ENXIO);
-	if (!ofw_bus_is_compatible(self, "allwinner,usb-ehci")) 
+	if (ofw_bus_search_compatible(self, compat_data)->ocd_data == 0)
 		return (ENXIO);
 	device_set_desc(self, EHCI_HC_DEVSTR);
--- a/sys/arm/allwinner/a10_gpio.c
+++ b/sys/arm/allwinner/a10_gpio.c
@ -73,6 +73,12 @@ __FBSDID("$FreeBSD$");
 #define A10_GPIO_INPUT		0
 #define A10_GPIO_OUTPUT		1
 static struct ofw_compat_data compat_data[] = {
 	{"allwinner,sun4i-a10-pinctrl", 1},
 	{"allwinner,sun7i-a20-pinctrl", 1},
 	{NULL,             0}
 };
 struct a10_gpio_softc {
 	device_t		sc_dev;
 	device_t		sc_busdev;
@ -373,7 +379,7 @@ a10_gpio_probe(device_t dev)
 	if (!ofw_bus_status_okay(dev))
 		return (ENXIO);
-	if (!ofw_bus_is_compatible(dev, "allwinner,sun4i-gpio"))
+	if (ofw_bus_search_compatible(dev, compat_data)->ocd_data == 0)
 		return (ENXIO);
 	device_set_desc(dev, "Allwinner GPIO controller");
@ -493,7 +499,9 @@ static driver_t a10_gpio_driver = {
 	sizeof(struct a10_gpio_softc),
 };
-DRIVER_MODULE(a10_gpio, simplebus, a10_gpio_driver, a10_gpio_devclass, 0, 0);
+EARLY_DRIVER_MODULE(a10_gpio, simplebus, a10_gpio_driver, a10_gpio_devclass, 0, 0,
    BUS_PASS_INTERRUPT + BUS_PASS_ORDER_MIDDLE);
 int
 a10_gpio_ethernet_activate(uint32_t func)
--- a/sys/arm/allwinner/a10_mmc.c
+++ b/sys/arm/allwinner/a10_mmc.c
@ -62,6 +62,12 @@ static int a10_mmc_pio_mode = 0;
 TUNABLE_INT("hw.a10.mmc.pio_mode", &a10_mmc_pio_mode);
 static struct ofw_compat_data compat_data[] = {
 	{"allwinner,sun4i-a10-mmc", 1},
 	{"allwinner,sun5i-a13-mmc", 1},
 	{NULL,             0}
 };
 struct a10_mmc_softc {
 	bus_space_handle_t	a10_bsh;
 	bus_space_tag_t		a10_bst;
@ -123,8 +129,9 @@ a10_mmc_probe(device_t dev)
 	if (!ofw_bus_status_okay(dev))
 		return (ENXIO);
-	if (!ofw_bus_is_compatible(dev, "allwinner,sun4i-a10-mmc"))
+	if (ofw_bus_search_compatible(dev, compat_data)->ocd_data == 0)
 		return (ENXIO);
 	device_set_desc(dev, "Allwinner Integrated MMC/SD controller");
 	return (BUS_PROBE_DEFAULT);
--- a/sys/arm/allwinner/a10_wdog.c
+++ b/sys/arm/allwinner/a10_wdog.c
@ -95,7 +95,7 @@ a10wd_probe(device_t dev)
 	if (!ofw_bus_status_okay(dev))
 		return (ENXIO);
-	if (ofw_bus_is_compatible(dev, "allwinner,sun4i-wdt")) {
+	if (ofw_bus_is_compatible(dev, "allwinner,sun4i-a10-wdt")) {
 		device_set_desc(dev, "Allwinner A10 Watchdog");
 		return (BUS_PROBE_DEFAULT);
 	}
--- a/sys/arm/allwinner/a20/a20_cpu_cfg.c
+++ b/sys/arm/allwinner/a20/a20_cpu_cfg.c
@ -117,7 +117,8 @@ static driver_t a20_cpu_cfg_driver = {
 static devclass_t a20_cpu_cfg_devclass;
-DRIVER_MODULE(a20_cpu_cfg, simplebus, a20_cpu_cfg_driver, a20_cpu_cfg_devclass, 0, 0);
+EARLY_DRIVER_MODULE(a20_cpu_cfg, simplebus, a20_cpu_cfg_driver, a20_cpu_cfg_devclass, 0, 0,
    BUS_PASS_RESOURCE + BUS_PASS_ORDER_MIDDLE);
 uint64_t
 a20_read_counter64(void)
--- a/sys/arm/allwinner/aintc.c
+++ b/sys/arm/allwinner/aintc.c
@ -79,6 +79,12 @@ __FBSDID("$FreeBSD$");
 #define SW_INT_ENABLE_REG(_b)		(0x40 + ((_b) * 4))
 #define SW_INT_MASK_REG(_b)		(0x50 + ((_b) * 4))
 static struct ofw_compat_data compat_data[] = {
 	{"allwinner,sun4i-a10-ic", 1},
 	{"allwinner,sun7i-a20-sc-nmi", 1},
 	{NULL,             0}
 };
 struct a10_aintc_softc {
 	device_t		sc_dev;
 	struct resource *	aintc_res;
@ -101,7 +107,7 @@ a10_aintc_probe(device_t dev)
 	if (!ofw_bus_status_okay(dev))
 		return (ENXIO);
-	if (!ofw_bus_is_compatible(dev, "allwinner,sun4i-ic"))
+	if (ofw_bus_search_compatible(dev, compat_data)->ocd_data == 0)
 		return (ENXIO);
 	device_set_desc(dev, "A10 AINTC Interrupt Controller");
 	return (BUS_PROBE_DEFAULT);
@ -158,7 +164,8 @@ static driver_t a10_aintc_driver = {
 static devclass_t a10_aintc_devclass;
-DRIVER_MODULE(aintc, simplebus, a10_aintc_driver, a10_aintc_devclass, 0, 0);
+EARLY_DRIVER_MODULE(aintc, simplebus, a10_aintc_driver, a10_aintc_devclass, 0, 0,
    BUS_PASS_INTERRUPT + BUS_PASS_ORDER_FIRST);
 int
 arm_get_next_irq(int last_irq)
--- a/sys/arm/allwinner/allwinner_machdep.h
+++ b/sys/arm/allwinner/allwinner_machdep.h
@ -2,8 +2,6 @@
 * Copyright (c) 2015 Emmanuel Vadot <manu@bidouilliste.com>
 * All rights reserved.
 *
 * This code is derived from software written for Brini by Mark Brinicombe
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
@ -31,17 +29,17 @@
 #ifndef AW_MACHDEP_H
 #define	AW_MACHDEP_H
- 
+
 #define	ALLWINNERSOC_A10	0x10000000
 #define	ALLWINNERSOC_A13	0x13000000
 #define	ALLWINNERSOC_A10S	0x10000001
 #define	ALLWINNERSOC_A20	0x20000000
- 
+
 #define	ALLWINNERSOC_SUN4I	0x40000000
 #define	ALLWINNERSOC_SUN5I	0x50000000
 #define	ALLWINNERSOC_SUN7I	0x70000000
- 
+
 u_int allwinner_soc_type(void);
 u_int allwinner_soc_family(void);
- 
+
 #endif /* AW_MACHDEP_H */
--- a/sys/arm/allwinner/files.a10
+++ b/sys/arm/allwinner/files.a10
@ -1,3 +1,4 @@
 # $FreeBSD$
 arm/allwinner/aintc.c			standard
 arm/allwinner/timer.c			standard
--- a/sys/arm/allwinner/files.allwinner
+++ b/sys/arm/allwinner/files.allwinner
@ -12,5 +12,4 @@ arm/allwinner/a10_wdog.c		standard
 arm/allwinner/a20/a20_cpu_cfg.c 	standard
 arm/allwinner/allwinner_machdep.c	standard
 arm/allwinner/if_emac.c			optional	emac
 arm/allwinner/timer.c			standard
 #arm/allwinner/console.c		standard
--- a/sys/arm/allwinner/if_emac.c
+++ b/sys/arm/allwinner/if_emac.c
@ -756,7 +756,7 @@ static int
 emac_probe(device_t dev)
 {
-	if (!ofw_bus_is_compatible(dev, "allwinner,sun4i-emac"))
+	if (!ofw_bus_is_compatible(dev, "allwinner,sun4i-a10-emac"))
 		return (ENXIO);
 	device_set_desc(dev, "A10/A20 EMAC ethernet controller");
--- a/sys/arm/allwinner/timer.c
+++ b/sys/arm/allwinner/timer.c
@ -50,7 +50,7 @@ __FBSDID("$FreeBSD$");
 #include <sys/kdb.h>
-#include "a20/a20_cpu_cfg.h"
+#include <arm/allwinner/allwinner_machdep.h>
 /**
 * Timer registers addr
@ -84,7 +84,6 @@ struct a10_timer_softc {
 	uint32_t 	sc_period;
 	uint32_t 	timer0_freq;
 	struct eventtimer et;
 	uint8_t 	sc_timer_type;	/* 0 for A10, 1 for A20 */
 };
 int a10_timer_get_timerfreq(struct a10_timer_softc *);
@ -127,10 +126,6 @@ timer_read_counter64(void)
 {
 	uint32_t lo, hi;
 	/* In case of A20 get appropriate counter info */
 	if (a10_timer_sc->sc_timer_type)
 		return (a20_read_counter64());
 	/* Latch counter, wait for it to be ready to read. */
 	timer_write_4(a10_timer_sc, CNT64_CTRL_REG, CNT64_RL_EN);
 	while (timer_read_4(a10_timer_sc, CNT64_CTRL_REG) & CNT64_RL_EN)
@ -146,14 +141,16 @@ static int
 a10_timer_probe(device_t dev)
 {
 	struct a10_timer_softc *sc;
 	u_int soc_family;
 	sc = device_get_softc(dev);
-	if (ofw_bus_is_compatible(dev, "allwinner,sun4i-timer"))
+	if (!ofw_bus_is_compatible(dev, "allwinner,sun4i-a10-timer"))
-		sc->sc_timer_type = 0;
+		return (ENXIO);
-	else if (ofw_bus_is_compatible(dev, "allwinner,sun7i-timer"))
+
-		sc->sc_timer_type = 1;
+	soc_family = allwinner_soc_family();
-	else
+	if (soc_family != ALLWINNERSOC_SUN4I &&
 	    soc_family != ALLWINNERSOC_SUN5I)
 		return (ENXIO);
 	device_set_desc(dev, "Allwinner A10/A20 timer");
@ -352,7 +349,8 @@ static driver_t a10_timer_driver = {
 static devclass_t a10_timer_devclass;
-DRIVER_MODULE(a10_timer, simplebus, a10_timer_driver, a10_timer_devclass, 0, 0);
+EARLY_DRIVER_MODULE(a10_timer, simplebus, a10_timer_driver, a10_timer_devclass, 0, 0,
    BUS_PASS_TIMER + BUS_PASS_ORDER_MIDDLE);
 void
 DELAY(int usec)
--- a/sys/arm/altera/socfpga/socfpga_common.c
+++ b/sys/arm/altera/socfpga/socfpga_common.c
@ -74,6 +74,7 @@ struct fdt_fixup_entry fdt_fixup_table[] = {
 	{ NULL, NULL }
 };
 #ifndef ARM_INTRNG
 static int
 fdt_pic_decode_ic(phandle_t node, pcell_t *intr, int *interrupt, int *trig,
    int *pol)
@ -92,3 +93,4 @@ fdt_pic_decode_t fdt_pic_table[] = {
 	&fdt_pic_decode_ic,
 	NULL
 };
 #endif
--- a/sys/arm/amlogic/aml8726/aml8726_machdep.c
+++ b/sys/arm/amlogic/aml8726/aml8726_machdep.c
@ -184,6 +184,7 @@ struct fdt_fixup_entry fdt_fixup_table[] = {
 	{ NULL, NULL }
 };
 #ifndef ARM_INTRNG
 #ifndef DEV_GIC
 static int
 fdt_pic_decode_ic(phandle_t node, pcell_t *intr, int *interrupt, int *trig,
@ -212,3 +213,4 @@ fdt_pic_decode_t fdt_pic_table[] = {
 #endif
 	NULL
 };
 #endif /* ARM_INTRNG */
--- a/sys/arm/annapurna/alpine/common.c
+++ b/sys/arm/annapurna/alpine/common.c
@ -136,6 +136,7 @@ cpu_reset(void)
 	while (1) {}
 }
 #ifndef ARM_INTRNG
 static int
 alpine_pic_decode_fdt(uint32_t iparent, uint32_t *intr, int *interrupt,
    int *trig, int *pol)
@ -158,3 +159,4 @@ fdt_pic_decode_t fdt_pic_table[] = {
 	&alpine_pic_decode_fdt,
 	NULL
 };
 #endif
--- a/sys/arm/arm/generic_timer.c
+++ b/sys/arm/arm/generic_timer.c
@ -361,11 +361,8 @@ arm_tmr_attach(device_t dev)
 	/* Get the base clock frequency */
 	node = ofw_bus_get_node(dev);
 	if (node > 0) {
-		error = OF_getprop(node, "clock-frequency", &clock,
+		error = OF_getencprop(node, "clock-frequency", &clock,
 		    sizeof(clock));
 		if (error > 0) {
 			sc->clkfreq = fdt32_to_cpu(clock);
 		}
 	}
 #endif
--- a/sys/arm/arm/vm_machdep.c
+++ b/sys/arm/arm/vm_machdep.c
@ -54,7 +54,6 @@ __FBSDID("$FreeBSD$");
 #include <sys/sysctl.h>
 #include <sys/sysent.h>
 #include <sys/unistd.h>
 #include <sys/taskqueue.h>
 #include <machine/acle-compat.h>
 #include <machine/cpu.h>
--- a/sys/arm/at91/at91_common.c
+++ b/sys/arm/at91/at91_common.c
@ -53,6 +53,7 @@ struct fdt_fixup_entry fdt_fixup_table[] = {
 	{ NULL, NULL }
 };
 #ifndef ARM_INTRNG
 static int
 fdt_aic_decode_ic(phandle_t node, pcell_t *intr, int *interrupt, int *trig,
    int *pol)
@ -75,6 +76,7 @@ fdt_pic_decode_t fdt_pic_table[] = {
 	&fdt_aic_decode_ic,
 	NULL
 };
 #endif
 static void
 at91_eoi(void *unused)
--- a/sys/arm/broadcom/bcm2835/bcm2835_common.c
+++ b/sys/arm/broadcom/bcm2835/bcm2835_common.c
@ -50,6 +50,7 @@ struct fdt_fixup_entry fdt_fixup_table[] = {
 	{ NULL, NULL }
 };
 #ifndef ARM_INTRNG
 static int
 fdt_intc_decode_ic(phandle_t node, pcell_t *intr, int *interrupt, int *trig,
    int *pol)
@ -70,3 +71,4 @@ fdt_pic_decode_t fdt_pic_table[] = {
 	&fdt_intc_decode_ic,
 	NULL
 };
 #endif /* ARM_INTRNG */
--- a/sys/arm/conf/A10
+++ b/sys/arm/conf/A10
@ -0,0 +1,105 @@
 #
 # A10 -- Custom configuration for the AllWinner A10 SoC
 #
 # For more information on this file, please read the config(5) manual page,
 # and/or the handbook section on Kernel Configuration Files:
 #
 #    http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/kernelconfig-config.html
 #
 # The handbook is also available locally in /usr/share/doc/handbook
 # if you've installed the doc distribution, otherwise always see the
 # FreeBSD World Wide Web server (http://www.FreeBSD.org/) for the
 # latest information.
 #
 # An exhaustive list of options and more detailed explanations of the
 # device lines is also present in the ../../conf/NOTES and NOTES files.
 # If you are in doubt as to the purpose or necessity of a line, check first
 # in NOTES.
 #
 # $FreeBSD$
 ident		A10
 include 	"std.armv6"
 include 	"../allwinner/std.a10"
 options 	HZ=100
 options 	SCHED_4BSD		# 4BSD scheduler
 options 	PLATFORM
 # Debugging for use in -current
 makeoptions	DEBUG=-g		# Build kernel with gdb(1) debug symbols
 options 	ALT_BREAK_TO_DEBUGGER
 #options 	VERBOSE_SYSINIT		# Enable verbose sysinit messages
 options 	KDB			# Enable kernel debugger support
 # For minimum debugger support (stable branch) use:
 #options 	KDB_TRACE		# Print a stack trace for a panic
 # For full debugger support use this instead:
 options 	DDB			# Enable the kernel debugger
 options 	INVARIANTS		# Enable calls of extra sanity checking
 options 	INVARIANT_SUPPORT	# Extra sanity checks of internal structures, required by INVARIANTS
 options 	WITNESS			# Enable checks to detect deadlocks and cycles
 options 	WITNESS_SKIPSPIN	# Don't run witness on spinlocks for speed
 #options 	DIAGNOSTIC
 # NFS root from boopt/dhcp
 #options 	BOOTP
 #options 	BOOTP_NFSROOT
 #options 	BOOTP_COMPAT
 #options 	BOOTP_NFSV3
 #options 	BOOTP_WIRED_TO=emac0
 # MMC/SD/SDIO Card slot support
 device		mmc			# mmc/sd bus
 device		mmcsd			# mmc/sd flash cards
 # ATA controllers
 device		ahci			# AHCI-compatible SATA controllers
 #device		ata			# Legacy ATA/SATA controllers
 # Console and misc
 device		uart
 device		uart_ns8250
 device		pty
 device		snp
 device		md
 device		random			# Entropy device
 # I2C support
 #device		iicbus
 #device		iic
 # GPIO
 device		gpio
 device		gpioled
 device		scbus			# SCSI bus (required for ATA/SCSI)
 device		da			# Direct Access (disks)
 device		pass			# Passthrough device (direct ATA/SCSI access)
 # USB support
 options 	USB_HOST_ALIGN=64	# Align usb buffers to cache line size.
 device		usb
 options 	USB_DEBUG
 #options 	USB_REQ_DEBUG
 #options 	USB_VERBOSE
 #device		uhci
 #device		ohci
 device		ehci
 device		umass
 # Ethernet
 device		loop
 device		ether
 device		mii
 device		bpf
 device		emac
 # USB ethernet support, requires miibus
 device		miibus
 # Flattened Device Tree
 options 	FDT			# Configure using FDT/DTB data
 makeoptions	MODULES_EXTRA=dtb/allwinner
--- a/sys/arm/conf/A20
+++ b/sys/arm/conf/A20
@ -52,12 +52,12 @@ options 	WITNESS_SKIPSPIN	# Don't run witness on spinlocks for speed
 #options 	BOOTP_NFSV3
 #options 	BOOTP_WIRED_TO=dwc0
 # Boot device is 2nd slice on MMC/SD card
 options 	ROOTDEVNAME=\"ufs:/dev/da0s2\"
 # Interrupt controller
 device		gic
 # ARM Generic Timer
 device		generic_timer
 # MMC/SD/SDIO Card slot support
 device		mmc			# mmc/sd bus
 device		mmcsd			# mmc/sd flash cards
--- a/sys/arm/conf/ALPINE
+++ b/sys/arm/conf/ALPINE
@ -37,6 +37,7 @@ options 	DDB			#Enable the kernel debugger
 # Interrupt controller
 device		gic
 options 	ARM_INTRNG
 # Pseudo devices
 device		loop
--- a/sys/arm/conf/ARMADA38X
+++ b/sys/arm/conf/ARMADA38X
@ -62,6 +62,7 @@ device		pci
 # Interrupt controllers
 device		gic
 options 	ARM_INTRNG
 # Timers
 device		mpcore_timer
--- a/sys/arm/conf/EXYNOS5.common
+++ b/sys/arm/conf/EXYNOS5.common
@ -87,6 +87,8 @@ device		dwmmc
 # Interrupt controller
 device		gic
 options 	ARM_INTRNG
 # ARM Generic Timer
 device		generic_timer
--- a/sys/arm/conf/ODROIDC1
+++ b/sys/arm/conf/ODROIDC1
@ -26,6 +26,7 @@ options 	SMP			# Enable multiple cores
 # Interrupt controller
 device		gic
 options 	ARM_INTRNG
 options 	FDT_DTB_STATIC
 makeoptions	FDT_DTS_FILE=odroidc1.dts
--- a/sys/arm/conf/PANDABOARD
+++ b/sys/arm/conf/PANDABOARD
@ -30,8 +30,6 @@ hints		"PANDABOARD.hints"
 include 	"std.armv6"
 include 	"../ti/omap4/pandaboard/std.pandaboard"
 options		ARM_INTRNG		# new interrupt framework
 options 	HZ=100
 options 	SCHED_ULE		# ULE scheduler
 options 	PLATFORM
@ -62,6 +60,8 @@ options 	DDB			# Enable the kernel debugger
 device		fdt_pinctrl
 # Interrupt controller
 device		gic
 options 	ARM_INTRNG
 # ARM MPCore timer
 device		mpcore_timer
--- a/sys/arm/conf/RK3188
+++ b/sys/arm/conf/RK3188
@ -47,6 +47,8 @@ options 	ROOTDEVNAME=\"ufs:/dev/mmcsd0\"
 # Interrupt controller
 device		gic
 options 	ARM_INTRNG
 # ARM MPCore timer
 device		mpcore_timer
--- a/sys/arm/conf/SOCKIT.common
+++ b/sys/arm/conf/SOCKIT.common
@ -53,6 +53,8 @@ options 	INVARIANT_SUPPORT	# Extra sanity checks of internal structures, require
 # Interrupt controller
 device		gic
 options 	ARM_INTRNG
 # ARM MPCore timer
 device		mpcore_timer
--- a/sys/arm/conf/VIRT
+++ b/sys/arm/conf/VIRT
@ -46,6 +46,8 @@ options 	INVARIANT_SUPPORT	# Extra sanity checks of internal structures, require
 # Interrupt controller
 device		gic
 options 	ARM_INTRNG
 # ARM Generic Timer
 device		generic_timer
--- a/sys/arm/conf/VSATV102
+++ b/sys/arm/conf/VSATV102
@ -26,6 +26,7 @@ options 	SMP			# Enable multiple cores
 # Interrupt controller
 device		gic
 options 	ARM_INTRNG
 options 	FDT_DTB_STATIC
 makeoptions	FDT_DTS_FILE=vsatv102-m6.dts
--- a/sys/arm/conf/VYBRID
+++ b/sys/arm/conf/VYBRID
@ -62,6 +62,8 @@ options 	NO_SWAPPING
 # Interrupt controller
 device		gic
 options 	ARM_INTRNG
 # ARM MPCore timer
 device		mpcore_timer
--- a/sys/arm/conf/ZEDBOARD
+++ b/sys/arm/conf/ZEDBOARD
@ -22,7 +22,7 @@
 ident		ZEDBOARD
 include 	"std.armv6"
-include 	"../xilinx/zedboard/std.zedboard"
+include 	"../xilinx/std.zynq7"
 options 	SCHED_ULE		# ULE scheduler
 #options 	NFSSD			# Network Filesystem Server
@ -52,6 +52,8 @@ options 	ROOTDEVNAME=\"ufs:mmcsd0s2a\"
 # Interrupt controller
 device		gic
 options 	ARM_INTRNG
 # Cache controller
 device		pl310			# PL310 L2 cache controller
 # ARM MPCore timer
--- a/sys/arm/freescale/imx/imx_common.c
+++ b/sys/arm/freescale/imx/imx_common.c
@ -54,6 +54,7 @@ struct fdt_fixup_entry fdt_fixup_table[] = {
 	{ NULL, NULL }
 };
 #ifndef ARM_INTRNG
 static int
 fdt_intc_decode_ic(phandle_t node, pcell_t *intr, int *interrupt, int *trig,
    int *pol)
@ -70,3 +71,4 @@ fdt_pic_decode_t fdt_pic_table[] = {
 	&fdt_intc_decode_ic,
 	NULL
 };
 #endif /* ARM_INTRNG */
--- a/sys/arm/freescale/vybrid/vf_common.c
+++ b/sys/arm/freescale/vybrid/vf_common.c
@ -66,6 +66,7 @@ struct fdt_fixup_entry fdt_fixup_table[] = {
 	{ NULL, NULL }
 };
 #ifndef ARM_INTRNG
 static int
 fdt_pic_decode_ic(phandle_t node, pcell_t *intr, int *interrupt, int *trig,
    int *pol)
@ -84,3 +85,4 @@ fdt_pic_decode_t fdt_pic_table[] = {
 	&fdt_pic_decode_ic,
 	NULL
 };
 #endif
--- a/sys/arm/include/intr.h
+++ b/sys/arm/include/intr.h
@ -49,93 +49,7 @@
 #define	NIRQ		1024	/* XXX - It should be an option. */
 #endif
-#ifdef notyet
+#include <sys/intr.h>
 #define	INTR_SOLO	INTR_MD1
 typedef int intr_irq_filter_t(void *arg, struct trapframe *tf);
 #else
 typedef int intr_irq_filter_t(void *arg);
 #endif
 #define INTR_ISRC_NAMELEN	(MAXCOMLEN + 1)
 typedef void intr_ipi_filter_t(void *arg);
 enum intr_isrc_type {
 	INTR_ISRCT_NAMESPACE,
 	INTR_ISRCT_FDT
 };
 #define INTR_ISRCF_REGISTERED	0x01	/* registered in a controller */
 #define INTR_ISRCF_PERCPU	0x02	/* per CPU interrupt */
 #define INTR_ISRCF_BOUND	0x04	/* bound to a CPU */
 /* Interrupt source definition. */
 struct intr_irqsrc {
 	device_t		isrc_dev;	/* where isrc is mapped */
 	intptr_t		isrc_xref;	/* device reference key */
 	uintptr_t		isrc_data;	/* device data for isrc */
 	u_int			isrc_irq;	/* unique identificator */
 	enum intr_isrc_type	isrc_type;	/* how is isrc decribed */
 	u_int			isrc_flags;
 	char			isrc_name[INTR_ISRC_NAMELEN];
 	uint16_t		isrc_nspc_type;
 	uint16_t		isrc_nspc_num;
 	enum intr_trigger	isrc_trig;
 	enum intr_polarity	isrc_pol;
 	cpuset_t		isrc_cpu;	/* on which CPUs is enabled */
 	u_int			isrc_index;
 	u_long *		isrc_count;
 	u_int			isrc_handlers;
 	struct intr_event *	isrc_event;
 	intr_irq_filter_t *	isrc_filter;
 	intr_ipi_filter_t *	isrc_ipifilter;
 	void *			isrc_arg;
 #ifdef FDT
 	u_int			isrc_ncells;
 	pcell_t			isrc_cells[];	/* leave it last */
 #endif
 };
 void intr_irq_set_name(struct intr_irqsrc *isrc, const char *fmt, ...)
    __printflike(2, 3);
 void intr_irq_dispatch(struct intr_irqsrc *isrc, struct trapframe *tf);
 #define INTR_IRQ_NSPC_NONE	0
 #define INTR_IRQ_NSPC_PLAIN	1
 #define INTR_IRQ_NSPC_IRQ	2
 #define INTR_IRQ_NSPC_IPI	3
 u_int intr_namespace_map_irq(device_t dev, uint16_t type, uint16_t num);
 #ifdef FDT
 u_int intr_fdt_map_irq(phandle_t, pcell_t *, u_int);
 #endif
 int intr_pic_register(device_t dev, intptr_t xref);
 int intr_pic_unregister(device_t dev, intptr_t xref);
 int intr_pic_claim_root(device_t dev, intptr_t xref, intr_irq_filter_t *filter,
    void *arg, u_int ipicount);
 int intr_irq_add_handler(device_t dev, driver_filter_t, driver_intr_t, void *,
    u_int, int, void **);
 int intr_irq_remove_handler(device_t dev, u_int, void *);
 int intr_irq_config(u_int, enum intr_trigger, enum intr_polarity);
 int intr_irq_describe(u_int, void *, const char *);
 u_int intr_irq_next_cpu(u_int current_cpu, cpuset_t *cpumask);
 #ifdef SMP
 int intr_irq_bind(u_int, int);
 void intr_ipi_dispatch(struct intr_irqsrc *isrc, struct trapframe *tf);
 #define AISHF_NOALLOC	0x0001
 int intr_ipi_set_handler(u_int ipi, const char *name, intr_ipi_filter_t *filter,
    void *arg, u_int flags);
 void intr_pic_init_secondary(void);
 #endif
 #else /* ARM_INTRNG */
--- a/sys/arm/lpc/lpc_intc.c
+++ b/sys/arm/lpc/lpc_intc.c
@ -231,6 +231,7 @@ struct fdt_fixup_entry fdt_fixup_table[] = {
 	{ NULL, NULL }
 };
 #ifndef ARM_INTRNG
 static int
 fdt_pic_decode_ic(phandle_t node, pcell_t *intr, int *interrupt, int *trig,
    int *pol)
@ -248,3 +249,4 @@ fdt_pic_decode_t fdt_pic_table[] = {
 	&fdt_pic_decode_ic,
 	NULL
 };
 #endif
--- a/sys/arm/mv/mv_common.c
+++ b/sys/arm/mv/mv_common.c
@ -2181,6 +2181,7 @@ struct fdt_fixup_entry fdt_fixup_table[] = {
 	{ NULL, NULL }
 };
 #ifndef ARM_INTRNG
 static int
 fdt_pic_decode_ic(phandle_t node, pcell_t *intr, int *interrupt, int *trig,
    int *pol)
@ -2204,6 +2205,7 @@ fdt_pic_decode_t fdt_pic_table[] = {
 	&fdt_pic_decode_ic,
 	NULL
 };
 #endif
 uint64_t
 get_sar_value(void)
--- a/sys/arm/qemu/virt_common.c
+++ b/sys/arm/qemu/virt_common.c
@ -41,7 +41,9 @@ struct fdt_fixup_entry fdt_fixup_table[] = {
 	{ NULL, NULL }
 };
 #ifndef ARM_INTRNG
 fdt_pic_decode_t fdt_pic_table[] = {
 	&gic_decode_fdt,
 	NULL
 };
 #endif
--- a/sys/arm/rockchip/rk30xx_common.c
+++ b/sys/arm/rockchip/rk30xx_common.c
@ -42,6 +42,7 @@ struct fdt_fixup_entry fdt_fixup_table[] = {
 	{ NULL, NULL }
 };
 #ifndef ARM_INTRNG
 static int
 fdt_aintc_decode_ic(phandle_t node, pcell_t *intr, int *interrupt, int *trig,
    int *pol)
@ -61,3 +62,4 @@ fdt_pic_decode_t fdt_pic_table[] = {
 	&fdt_aintc_decode_ic,
 	NULL
 };
 #endif
--- a/sys/arm/samsung/exynos/exynos5_common.c
+++ b/sys/arm/samsung/exynos/exynos5_common.c
@ -53,6 +53,7 @@ struct fdt_fixup_entry fdt_fixup_table[] = {
 	{ NULL, NULL }
 };
 #ifndef ARM_INTRNG
 static int
 fdt_pic_decode_ic(phandle_t node, pcell_t *intr, int *interrupt, int *trig,
    int *pol)
@ -71,3 +72,4 @@ fdt_pic_decode_t fdt_pic_table[] = {
 	&fdt_pic_decode_ic,
 	NULL
 };
 #endif
--- a/sys/arm/versatile/versatile_common.c
+++ b/sys/arm/versatile/versatile_common.c
@ -50,6 +50,7 @@ struct fdt_fixup_entry fdt_fixup_table[] = {
 	{ NULL, NULL }
 };
 #ifndef ARM_INTRNG
 static int
 fdt_intc_decode_ic(phandle_t node, pcell_t *intr, int *interrupt, int *trig,
    int *pol)
@ -70,3 +71,4 @@ fdt_pic_decode_t fdt_pic_table[] = {
 	&fdt_intc_decode_ic,
 	NULL
 };
 #endif
--- a/Show More
+++ b/Show More