Index: kern/init_main.c
===================================================================
RCS file: /cvsroot/src/sys/kern/init_main.c,v
retrieving revision 1.527
diff -u -p -u -r1.527 init_main.c
--- kern/init_main.c	11 Jun 2020 19:20:46 -0000	1.527
+++ kern/init_main.c	26 Aug 2020 22:30:01 -0000
@@ -228,6 +228,8 @@ extern void *_binary_splash_image_end;
 
 #include <prop/proplib.h>
 
+#include <crypto/blake2/blake2s.h>
+
 #include <sys/userconf.h>
 
 extern struct lwp lwp0;
@@ -730,6 +732,24 @@ main(void)
 	/* NOTREACHED */
 }
 
+static uint8_t address_key[32];	/* key used in address hashing */
+static ONCE_DECL(random_inithook);
+
+static int
+random_address_init(void)
+{
+	cprng_strong(kern_cprng, address_key, sizeof(address_key), 0);
+	return 0;
+}
+
+void
+hash_value(void *d, size_t ds, const void *s, size_t ss)
+{       
+
+	RUN_ONCE(&random_inithook, random_address_init);
+	blake2s(d, ds, address_key, sizeof(address_key), s, ss);
+}
+
 /*
  * Configure the system's hardware.
  */
Index: kern/kern_descrip.c
===================================================================
RCS file: /cvsroot/src/sys/kern/kern_descrip.c,v
retrieving revision 1.246
diff -u -p -u -r1.246 kern_descrip.c
--- kern/kern_descrip.c	23 May 2020 23:42:43 -0000	1.246
+++ kern/kern_descrip.c	26 Aug 2020 22:30:01 -0000
@@ -2305,11 +2305,11 @@ fill_file(struct file *fp, const struct 
 	memset(fp, 0, sizeof(*fp));
 
 	fp->f_offset = fpsrc->f_offset;
-	COND_SET_VALUE(fp->f_cred, fpsrc->f_cred, allowaddr);
-	COND_SET_VALUE(fp->f_ops, fpsrc->f_ops, allowaddr);
-	COND_SET_VALUE(fp->f_undata, fpsrc->f_undata, allowaddr);
-	COND_SET_VALUE(fp->f_list, fpsrc->f_list, allowaddr);
-	COND_SET_VALUE(fp->f_lock, fpsrc->f_lock, allowaddr);
+	COND_SET_PTR(fp->f_cred, fpsrc->f_cred, allowaddr);
+	COND_SET_CPTR(fp->f_ops, fpsrc->f_ops, allowaddr);
+	COND_SET_STRUCT(fp->f_undata, fpsrc->f_undata, allowaddr);
+	COND_SET_STRUCT(fp->f_list, fpsrc->f_list, allowaddr);
+	COND_SET_STRUCT(fp->f_lock, fpsrc->f_lock, allowaddr);
 	fp->f_flag = fpsrc->f_flag;
 	fp->f_marker = fpsrc->f_marker;
 	fp->f_type = fpsrc->f_type;
@@ -2317,7 +2317,7 @@ fill_file(struct file *fp, const struct 
 	fp->f_count = fpsrc->f_count;
 	fp->f_msgcount = fpsrc->f_msgcount;
 	fp->f_unpcount = fpsrc->f_unpcount;
-	COND_SET_VALUE(fp->f_unplist, fpsrc->f_unplist, allowaddr);
+	COND_SET_STRUCT(fp->f_unplist, fpsrc->f_unplist, allowaddr);
 }
 
 static void
Index: kern/kern_proc.c
===================================================================
RCS file: /cvsroot/src/sys/kern/kern_proc.c,v
retrieving revision 1.255
diff -u -p -u -r1.255 kern_proc.c
--- kern/kern_proc.c	11 Jun 2020 19:20:46 -0000	1.255
+++ kern/kern_proc.c	26 Aug 2020 22:30:01 -0000
@@ -2575,23 +2575,23 @@ done:
 static void
 fill_proc(const struct proc *psrc, struct proc *p, bool allowaddr)
 {
-	COND_SET_VALUE(p->p_list, psrc->p_list, allowaddr);
-	COND_SET_VALUE(p->p_auxlock, psrc->p_auxlock, allowaddr);
-	COND_SET_VALUE(p->p_lock, psrc->p_lock, allowaddr);
-	COND_SET_VALUE(p->p_stmutex, psrc->p_stmutex, allowaddr);
-	COND_SET_VALUE(p->p_reflock, psrc->p_reflock, allowaddr);
-	COND_SET_VALUE(p->p_waitcv, psrc->p_waitcv, allowaddr);
-	COND_SET_VALUE(p->p_lwpcv, psrc->p_lwpcv, allowaddr);
-	COND_SET_VALUE(p->p_cred, psrc->p_cred, allowaddr);
-	COND_SET_VALUE(p->p_fd, psrc->p_fd, allowaddr);
-	COND_SET_VALUE(p->p_cwdi, psrc->p_cwdi, allowaddr);
-	COND_SET_VALUE(p->p_stats, psrc->p_stats, allowaddr);
-	COND_SET_VALUE(p->p_limit, psrc->p_limit, allowaddr);
-	COND_SET_VALUE(p->p_vmspace, psrc->p_vmspace, allowaddr);
-	COND_SET_VALUE(p->p_sigacts, psrc->p_sigacts, allowaddr);
-	COND_SET_VALUE(p->p_aio, psrc->p_aio, allowaddr);
+	COND_SET_STRUCT(p->p_list, psrc->p_list, allowaddr);
+	COND_SET_STRUCT(p->p_auxlock, psrc->p_auxlock, allowaddr);
+	COND_SET_STRUCT(p->p_lock, psrc->p_lock, allowaddr);
+	COND_SET_STRUCT(p->p_stmutex, psrc->p_stmutex, allowaddr);
+	COND_SET_STRUCT(p->p_reflock, psrc->p_reflock, allowaddr);
+	COND_SET_STRUCT(p->p_waitcv, psrc->p_waitcv, allowaddr);
+	COND_SET_STRUCT(p->p_lwpcv, psrc->p_lwpcv, allowaddr);
+	COND_SET_PTR(p->p_cred, psrc->p_cred, allowaddr);
+	COND_SET_PTR(p->p_fd, psrc->p_fd, allowaddr);
+	COND_SET_PTR(p->p_cwdi, psrc->p_cwdi, allowaddr);
+	COND_SET_PTR(p->p_stats, psrc->p_stats, allowaddr);
+	COND_SET_PTR(p->p_limit, psrc->p_limit, allowaddr);
+	COND_SET_PTR(p->p_vmspace, psrc->p_vmspace, allowaddr);
+	COND_SET_PTR(p->p_sigacts, psrc->p_sigacts, allowaddr);
+	COND_SET_PTR(p->p_aio, psrc->p_aio, allowaddr);
 	p->p_mqueue_cnt = psrc->p_mqueue_cnt;
-	COND_SET_VALUE(p->p_specdataref, psrc->p_specdataref, allowaddr);
+	COND_SET_STRUCT(p->p_specdataref, psrc->p_specdataref, allowaddr);
 	p->p_exitsig = psrc->p_exitsig;
 	p->p_flag = psrc->p_flag;
 	p->p_sflag = psrc->p_sflag;
@@ -2601,12 +2601,12 @@ fill_proc(const struct proc *psrc, struc
 	p->p_stat = psrc->p_stat;
 	p->p_trace_enabled = psrc->p_trace_enabled;
 	p->p_pid = psrc->p_pid;
-	COND_SET_VALUE(p->p_pglist, psrc->p_pglist, allowaddr);
-	COND_SET_VALUE(p->p_pptr, psrc->p_pptr, allowaddr);
-	COND_SET_VALUE(p->p_sibling, psrc->p_sibling, allowaddr);
-	COND_SET_VALUE(p->p_children, psrc->p_children, allowaddr);
-	COND_SET_VALUE(p->p_lwps, psrc->p_lwps, allowaddr);
-	COND_SET_VALUE(p->p_raslist, psrc->p_raslist, allowaddr);
+	COND_SET_STRUCT(p->p_pglist, psrc->p_pglist, allowaddr);
+	COND_SET_PTR(p->p_pptr, psrc->p_pptr, allowaddr);
+	COND_SET_STRUCT(p->p_sibling, psrc->p_sibling, allowaddr);
+	COND_SET_STRUCT(p->p_children, psrc->p_children, allowaddr);
+	COND_SET_STRUCT(p->p_lwps, psrc->p_lwps, allowaddr);
+	COND_SET_PTR(p->p_raslist, psrc->p_raslist, allowaddr);
 	p->p_nlwps = psrc->p_nlwps;
 	p->p_nzlwps = psrc->p_nzlwps;
 	p->p_nrlwps = psrc->p_nrlwps;
@@ -2614,15 +2614,15 @@ fill_proc(const struct proc *psrc, struc
 	p->p_ndlwps = psrc->p_ndlwps;
 	p->p_nstopchild = psrc->p_nstopchild;
 	p->p_waited = psrc->p_waited;
-	COND_SET_VALUE(p->p_zomblwp, psrc->p_zomblwp, allowaddr);
-	COND_SET_VALUE(p->p_vforklwp, psrc->p_vforklwp, allowaddr);
-	COND_SET_VALUE(p->p_sched_info, psrc->p_sched_info, allowaddr);
+	COND_SET_PTR(p->p_zomblwp, psrc->p_zomblwp, allowaddr);
+	COND_SET_PTR(p->p_vforklwp, psrc->p_vforklwp, allowaddr);
+	COND_SET_PTR(p->p_sched_info, psrc->p_sched_info, allowaddr);
 	p->p_estcpu = psrc->p_estcpu;
 	p->p_estcpu_inherited = psrc->p_estcpu_inherited;
 	p->p_forktime = psrc->p_forktime;
 	p->p_pctcpu = psrc->p_pctcpu;
-	COND_SET_VALUE(p->p_opptr, psrc->p_opptr, allowaddr);
-	COND_SET_VALUE(p->p_timers, psrc->p_timers, allowaddr);
+	COND_SET_PTR(p->p_opptr, psrc->p_opptr, allowaddr);
+	COND_SET_PTR(p->p_timers, psrc->p_timers, allowaddr);
 	p->p_rtime = psrc->p_rtime;
 	p->p_uticks = psrc->p_uticks;
 	p->p_sticks = psrc->p_sticks;
@@ -2630,30 +2630,32 @@ fill_proc(const struct proc *psrc, struc
 	p->p_xutime = psrc->p_xutime;
 	p->p_xstime = psrc->p_xstime;
 	p->p_traceflag = psrc->p_traceflag;
-	COND_SET_VALUE(p->p_tracep, psrc->p_tracep, allowaddr);
-	COND_SET_VALUE(p->p_textvp, psrc->p_textvp, allowaddr);
-	COND_SET_VALUE(p->p_emul, psrc->p_emul, allowaddr);
-	COND_SET_VALUE(p->p_emuldata, psrc->p_emuldata, allowaddr);
-	COND_SET_VALUE(p->p_execsw, psrc->p_execsw, allowaddr);
-	COND_SET_VALUE(p->p_klist, psrc->p_klist, allowaddr);
-	COND_SET_VALUE(p->p_sigwaiters, psrc->p_sigwaiters, allowaddr);
-	COND_SET_VALUE(p->p_sigpend, psrc->p_sigpend, allowaddr);
-	COND_SET_VALUE(p->p_lwpctl, psrc->p_lwpctl, allowaddr);
+	COND_SET_PTR(p->p_tracep, psrc->p_tracep, allowaddr);
+	COND_SET_PTR(p->p_textvp, psrc->p_textvp, allowaddr);
+	COND_SET_PTR(p->p_emul, psrc->p_emul, allowaddr);
+	COND_SET_PTR(p->p_emuldata, psrc->p_emuldata, allowaddr);
+	COND_SET_CPTR(p->p_execsw, psrc->p_execsw, allowaddr);
+	COND_SET_STRUCT(p->p_klist, psrc->p_klist, allowaddr);
+	COND_SET_STRUCT(p->p_sigwaiters, psrc->p_sigwaiters, allowaddr);
+	COND_SET_STRUCT(p->p_sigpend.sp_info, psrc->p_sigpend.sp_info,
+	    allowaddr);
+	p->p_sigpend.sp_set = psrc->p_sigpend.sp_set;
+	COND_SET_PTR(p->p_lwpctl, psrc->p_lwpctl, allowaddr);
 	p->p_ppid = psrc->p_ppid;
 	p->p_oppid = psrc->p_oppid;
-	COND_SET_VALUE(p->p_path, psrc->p_path, allowaddr);
-	COND_SET_VALUE(p->p_sigctx, psrc->p_sigctx, allowaddr);
+	COND_SET_PTR(p->p_path, psrc->p_path, allowaddr);
+	p->p_sigctx = psrc->p_sigctx;
 	p->p_nice = psrc->p_nice;
 	memcpy(p->p_comm, psrc->p_comm, sizeof(p->p_comm));
-	COND_SET_VALUE(p->p_pgrp, psrc->p_pgrp, allowaddr);
+	COND_SET_PTR(p->p_pgrp, psrc->p_pgrp, allowaddr);
 	COND_SET_VALUE(p->p_psstrp, psrc->p_psstrp, allowaddr);
 	p->p_pax = psrc->p_pax;
 	p->p_xexit = psrc->p_xexit;
 	p->p_xsig = psrc->p_xsig;
 	p->p_acflag = psrc->p_acflag;
-	COND_SET_VALUE(p->p_md, psrc->p_md, allowaddr);
+	COND_SET_STRUCT(p->p_md, psrc->p_md, allowaddr);
 	p->p_stackbase = psrc->p_stackbase;
-	COND_SET_VALUE(p->p_dtrace, psrc->p_dtrace, allowaddr);
+	COND_SET_PTR(p->p_dtrace, psrc->p_dtrace, allowaddr);
 }
 
 /*
@@ -2668,8 +2670,8 @@ fill_eproc(struct proc *p, struct eproc 
 	KASSERT(mutex_owned(&proc_lock));
 	KASSERT(mutex_owned(p->p_lock));
 
-	COND_SET_VALUE(ep->e_paddr, p, allowaddr);
-	COND_SET_VALUE(ep->e_sess, p->p_session, allowaddr);
+	COND_SET_PTR(ep->e_paddr, p, allowaddr);
+	COND_SET_PTR(ep->e_sess, p->p_session, allowaddr);
 	if (p->p_cred) {
 		kauth_cred_topcred(p->p_cred, &ep->e_pcred);
 		kauth_cred_toucred(p->p_cred, &ep->e_ucred);
@@ -2700,7 +2702,7 @@ fill_eproc(struct proc *p, struct eproc 
 		    (tp = p->p_session->s_ttyp)) {
 			ep->e_tdev = tp->t_dev;
 			ep->e_tpgid = tp->t_pgrp ? tp->t_pgrp->pg_id : NO_PGID;
-			COND_SET_VALUE(ep->e_tsess, tp->t_session, allowaddr);
+			COND_SET_PTR(ep->e_tsess, tp->t_session, allowaddr);
 		} else
 			ep->e_tdev = (uint32_t)NODEV;
 		ep->e_flag = p->p_session->s_ttyvp ? EPROC_CTTY : 0;
Index: kern/uipc_socket.c
===================================================================
RCS file: /cvsroot/src/sys/kern/uipc_socket.c,v
retrieving revision 1.290
diff -u -p -u -r1.290 uipc_socket.c
--- kern/uipc_socket.c	7 Jun 2020 15:19:05 -0000	1.290
+++ kern/uipc_socket.c	26 Aug 2020 22:30:01 -0000
@@ -526,6 +526,7 @@ socreate(int dom, struct socket **aso, i
 #endif
 	uid = kauth_cred_geteuid(l->l_cred);
 	so->so_uidinfo = uid_find(uid);
+	so->so_egid = kauth_cred_getegid(l->l_cred);
 	so->so_cpid = l->l_proc->p_pid;
 
 	/*
Index: kern/uipc_socket2.c
===================================================================
RCS file: /cvsroot/src/sys/kern/uipc_socket2.c,v
retrieving revision 1.137
diff -u -p -u -r1.137 uipc_socket2.c
--- kern/uipc_socket2.c	23 May 2020 23:42:43 -0000	1.137
+++ kern/uipc_socket2.c	26 Aug 2020 22:30:01 -0000
@@ -317,6 +317,7 @@ sonewconn(struct socket *head, bool sore
 	so->so_send = head->so_send;
 	so->so_receive = head->so_receive;
 	so->so_uidinfo = head->so_uidinfo;
+	so->so_egid = head->so_egid;
 	so->so_cpid = head->so_cpid;
 
 	/*
Index: kern/uipc_usrreq.c
===================================================================
RCS file: /cvsroot/src/sys/kern/uipc_usrreq.c,v
retrieving revision 1.198
diff -u -p -u -r1.198 uipc_usrreq.c
--- kern/uipc_usrreq.c	21 Apr 2020 21:42:47 -0000	1.198
+++ kern/uipc_usrreq.c	26 Aug 2020 22:30:01 -0000
@@ -871,7 +871,7 @@ static int
 unp_stat(struct socket *so, struct stat *ub)
 {
 	struct unpcb *unp;
-	struct socket *so2;
+	struct socket *so2 = NULL;
 
 	KASSERT(solocked(so));
 
@@ -898,6 +898,8 @@ unp_stat(struct socket *so, struct stat 
 		unp->unp_ino = unp_ino++;
 	ub->st_atimespec = ub->st_mtimespec = ub->st_ctimespec = unp->unp_ctime;
 	ub->st_ino = unp->unp_ino;
+	ub->st_uid = so->so_uidinfo->ui_uid;
+	ub->st_gid = so->so_egid;
 	return (0);
 }
 
Index: sys/systm.h
===================================================================
RCS file: /cvsroot/src/sys/sys/systm.h,v
retrieving revision 1.295
diff -u -p -u -r1.295 systm.h
--- sys/systm.h	30 Jun 2020 16:20:03 -0000	1.295
+++ sys/systm.h	26 Aug 2020 22:30:01 -0000
@@ -190,13 +190,43 @@ enum hashtype {
 };
 
 #ifdef _KERNEL
-#define COND_SET_VALUE(dst, src, allow)	\
-	do {				\
-		if (allow)		\
-			dst = src;	\
-	} while (/*CONSTCOND*/0);
-
+#define COND_SET_STRUCT(dst, src, allow) \
+	do { \
+		CTASSERT(sizeof(src) < 32); \
+		if (allow) \
+			dst = src; \
+		else \
+			hash_value(&dst, sizeof(dst), &src, sizeof(src)); \
+	} while (/*CONSTCOND*/0)
+
+#define COND_SET_CPTR(dst, src, allow) \
+	do { \
+		void *__v; \
+		if (allow) \
+			dst = src; \
+		else \
+			hash_value(&__v, sizeof(__v), &src, sizeof(src)); \
+		dst = __v; \
+	} while (/*CONSTCOND*/0)
+
+#define COND_SET_PTR(dst, src, allow) \
+	do { \
+		if (allow) \
+			dst = src; \
+		else \
+			hash_value(&dst, sizeof(dst), &src, sizeof(src)); \
+	} while (/*CONSTCOND*/0)
 
+#define COND_SET_VALUE(dst, src, allow)	\
+	do { \
+		uint64_t __v = src; \
+		if (allow) \
+			dst = src; \
+		else \
+			hash_value(&dst, sizeof(dst), &__v, sizeof(__v)); \
+	} while (/*CONSTCOND*/0)
+	
+void	hash_value(void *, size_t, const void *, size_t);
 bool	get_expose_address(struct proc *);
 void	*hashinit(u_int, enum hashtype, bool, u_long *);
 void	hashdone(void *, enum hashtype, u_long);