Index: stand/common/boot.c
===================================================================
--- stand/common/boot.c
+++ stand/common/boot.c
@@ -106,6 +106,10 @@
 	if (archsw.arch_autoload() != 0)
 		return(CMD_ERROR);
 
+#ifdef LOADER_VERIEXEC
+	verify_pcr_export();		/* for measured boot */
+#endif
+
 	/* Call the exec handler from the loader matching the kernel */
 	file_formats[fp->f_loader]->l_exec(fp);
 	return(CMD_ERROR);
Index: stand/common/bootstrap.h
===================================================================
--- stand/common/bootstrap.h
+++ stand/common/bootstrap.h
@@ -324,6 +324,9 @@
     /* Probe ZFS pool(s), if needed. */
     void	(*arch_zfs_probe)(void);
 
+    /* Return the hypervisor name/type or NULL if not virtualized. */
+    const char *(*arch_hypervisor)(void);
+
     /* For kexec-type loaders, get ksegment structure */
     void	(*arch_kexec_kseg_get)(int *nseg, void **kseg);
 };
@@ -340,4 +343,8 @@
 #define	CTASSERT(x)	_Static_assert(x, "compile-time assertion failed")
 #endif
 
+#ifdef LOADER_VERIEXEC
+#include <verify.h>
+#endif
+
 #endif /* !_BOOTSTRAP_H_ */
Index: stand/common/interp_forth.c
===================================================================
--- stand/common/interp_forth.c
+++ stand/common/interp_forth.c
@@ -377,6 +377,13 @@
 		return(CMD_ERROR);
 	}
 
+#ifdef LOADER_VERIEXEC
+	if (verify_file(fd, filename, 0, VE_GUESS) < 0) {
+		close(fd);
+		sprintf(command_errbuf,"can't verify '%s'", filename);
+		return(CMD_ERROR);
+	}
+#endif
 	/*
 	 * Read the script into memory.
 	 */
Index: stand/common/interp_simple.c
===================================================================
--- stand/common/interp_simple.c
+++ stand/common/interp_simple.c
@@ -94,6 +94,14 @@
 		return(CMD_ERROR);
 	}
 
+#ifdef LOADER_VERIEXEC
+	if (verify_file(fd, filename, 0, VE_GUESS) < 0) {
+		close(fd);
+		sprintf(command_errbuf,"can't verify '%s'", filename);
+		return(CMD_ERROR);
+	}
+#endif
+
 	/*
 	 * Read the script into memory.
 	 */
Index: stand/common/load_elf.c
===================================================================
--- stand/common/load_elf.c
+++ stand/common/load_elf.c
@@ -245,6 +245,12 @@
 		goto error;
 	}
 
+#ifdef LOADER_VERIEXEC
+	if (verify_file(ef->fd, filename, bytes_read, VE_MUST) < 0) {
+	    err = EAUTH;
+	    goto error;
+	}
+#endif
 	return (0);
 
 error:
Index: stand/common/load_elf_obj.c
===================================================================
--- stand/common/load_elf_obj.c
+++ stand/common/load_elf_obj.c
@@ -129,6 +129,13 @@
 		goto oerr;
 	}
 
+#ifdef LOADER_VERIEXEC
+	if (verify_file(ef.fd, filename, bytes_read, VE_MUST) < 0) {
+	    err = EAUTH;
+	    goto oerr;
+	}
+#endif
+
 	kfp = file_findfile(NULL, __elfN(obj_kerneltype));
 	if (kfp == NULL) {
 		printf("elf" __XSTRING(__ELF_WORD_SIZE)
Index: stand/common/module.c
===================================================================
--- stand/common/module.c
+++ stand/common/module.c
@@ -104,6 +104,8 @@
 {
     struct preloaded_file *fp;
     char	*typestr;
+    char	*prefix;
+    char	*skip;
     int		dofile, dokld, ch, error;
 
     dokld = dofile = 0;
@@ -114,11 +116,18 @@
 	command_errmsg = "no filename specified";
 	return (CMD_CRIT);
     }
-    while ((ch = getopt(argc, argv, "kt:")) != -1) {
+    prefix = skip = NULL;
+    while ((ch = getopt(argc, argv, "kp:s:t:")) != -1) {
 	switch(ch) {
 	case 'k':
 	    dokld = 1;
 	    break;
+	case 'p':
+	    prefix = optarg;
+	    break;
+	case 's':
+	    skip = optarg;
+	    break;
 	case 't':
 	    typestr = optarg;
 	    dofile = 1;
@@ -141,6 +150,12 @@
 	    return (CMD_CRIT);
 	}
 
+#ifdef LOADER_VERIEXEC
+	if (strncmp(typestr, "manifest", 8) == 0) {
+	    return (load_manifest(argv[1], prefix, skip, NULL));
+	}
+#endif
+
 	fp = file_findfile(argv[1], typestr);
 	if (fp) {
 		snprintf(command_errbuf, sizeof(command_errbuf),
@@ -435,6 +450,15 @@
 	return(NULL);
     }
 
+#ifdef LOADER_VERIEXEC
+    if (verify_file(fd, name, 0, VE_MUST) < 0) {
+	sprintf(command_errbuf, "can't verify '%s'", name);
+	free(name);
+	close(fd);
+	return(NULL);
+    }
+#endif
+
     if (archsw.arch_loadaddr != NULL)
 	loadaddr = archsw.arch_loadaddr(LOAD_RAW, name, loadaddr);
 
Index: stand/defs.mk
===================================================================
--- stand/defs.mk
+++ stand/defs.mk
@@ -151,6 +151,9 @@
 # Make sure we use the machine link we're about to create
 CFLAGS+=-I.
 
+# size matters!
+CFLAGS+= -O1
+
 all: ${PROG}
 
 .if !defined(NO_OBJ)
Index: stand/ficl/Makefile.depend
===================================================================
--- stand/ficl/Makefile.depend
+++ stand/ficl/Makefile.depend
@@ -2,9 +2,7 @@
 # Autogenerated - do NOT edit!
 
 DIRDEPS = \
-	include \
-	include/xlocale \
-	lib/msun \
+	stand/libsa \
 
 
 .include <dirdeps.mk>
Index: stand/ficl/ficl.h
===================================================================
--- stand/ficl/ficl.h
+++ stand/ficl/ficl.h
@@ -1157,6 +1157,10 @@
 	DATA_SET(Xficl_compile_set, func)
 SET_DECLARE(Xficl_compile_set, ficlCompileFcn);
 
+#ifdef LOADER_VERIEXEC
+#include <verify.h>
+#endif
+
 #ifdef __cplusplus
 }
 #endif
Index: stand/ficl/fileaccess.c
===================================================================
--- stand/ficl/fileaccess.c
+++ stand/ficl/fileaccess.c
@@ -67,14 +67,21 @@
     if (f == NULL)
         stackPushPtr(pVM->pStack, NULL);
     else
+#ifdef LOADER_VERIEXEC
+	if (*mode == 'r' &&
+	    verify_file(fileno(f), filename, 0, VE_GUESS) < 0) {
+	    fclose(f);
+	    stackPushPtr(pVM->pStack, NULL);
+	} else
+#endif
         {
-        ficlFILE *ff = (ficlFILE *)malloc(sizeof(ficlFILE));
-        strcpy(ff->filename, filename);
-        ff->f = f;
-        stackPushPtr(pVM->pStack, ff);
+	    ficlFILE *ff = (ficlFILE *)malloc(sizeof(ficlFILE));
+	    strcpy(ff->filename, filename);
+	    ff->f = f;
+	    stackPushPtr(pVM->pStack, ff);
 
-        fseek(f, 0, SEEK_SET);
-        }
+	    fseek(f, 0, SEEK_SET);
+	}
     pushIor(pVM, f != NULL);
 }
 
Index: stand/ficl32/Makefile.depend
===================================================================
--- stand/ficl32/Makefile.depend
+++ stand/ficl32/Makefile.depend
@@ -2,9 +2,7 @@
 # Autogenerated - do NOT edit!
 
 DIRDEPS = \
-	include \
-	include/xlocale \
-	lib/msun \
+	stand/libsa \
 
 
 .include <dirdeps.mk>
Index: stand/i386/loader/Makefile
===================================================================
--- stand/i386/loader/Makefile
+++ stand/i386/loader/Makefile
@@ -1,5 +1,5 @@
 # $FreeBSD$
-
+.if 0
 HAVE_GELI=		yes
 
 LOADER_NET_SUPPORT?=	yes
@@ -11,6 +11,10 @@
 LOADER_UFS_SUPPORT?=	yes
 LOADER_GZIP_SUPPORT?=	yes
 LOADER_BZIP2_SUPPORT?=	yes
+.else
+LOADER_NET_SUPPORT?=	yes
+LOADER_UFS_SUPPORT?=    yes
+.endif
 
 .include <bsd.init.mk>
 
@@ -54,8 +58,8 @@
 CFLAGS+=	-I${BOOTSRC}/i386
 
 # Debug me!
-#CFLAGS+=	-g
-#LDFLAGS+=	-g
+CFLAGS+=	-g
+LDFLAGS+=	-g
 
 ${LOADER}: ${LOADER}.bin ${BTXLDR} ${BTXKERN}
 	btxld -v -f aout -e ${LOADER_ADDRESS} -o ${.TARGET} -l ${BTXLDR} \
Index: stand/i386/loader/Makefile.depend
===================================================================
--- stand/i386/loader/Makefile.depend
+++ stand/i386/loader/Makefile.depend
@@ -2,15 +2,12 @@
 # Autogenerated - do NOT edit!
 
 DIRDEPS = \
-	include \
-	include/xlocale \
-	stand/ficl32 \
-	stand/geli \
-	stand/i386/btx/btx \
-	stand/i386/btx/btxldr \
-	stand/i386/btx/lib \
-	stand/i386/libi386 \
-	stand/libsa32 \
+	stand/${MACHINE_CPUARCH}/btx/btx \
+	stand/${MACHINE_CPUARCH}/btx/btxldr \
+	stand/${MACHINE_CPUARCH}/btx/lib \
+	stand/${MACHINE_CPUARCH}/libi386 \
+	stand/ficl \
+	stand/libsa \
 
 
 .include <dirdeps.mk>
Index: stand/i386/loader/main.c
===================================================================
--- stand/i386/loader/main.c
+++ stand/i386/loader/main.c
@@ -128,6 +128,7 @@
      * We can use printf() etc. once this is done.
      * If the previous boot stage has requested a serial console, prefer that.
      */
+    initial_howto |= RB_SERIAL;         /* JUNOS */
     bi_setboothowto(initial_howto);
     if (initial_howto & RB_MULTIPLE) {
 	if (initial_howto & RB_SERIAL)
@@ -166,6 +167,7 @@
     archsw.arch_readin = i386_readin;
     archsw.arch_isainb = isa_inb;
     archsw.arch_isaoutb = isa_outb;
+    archsw.arch_hypervisor = i386_hypervisor;
 #ifdef LOADER_ZFS_SUPPORT
     archsw.arch_zfs_probe = i386_zfs_probe;
 
Index: stand/libsa/Makefile
===================================================================
--- stand/libsa/Makefile
+++ stand/libsa/Makefile
@@ -155,4 +155,9 @@
 .include "${SASRC}/geli/Makefile.inc"
 .endif
 
+.if ${MK_LOADER_VERIEXEC} == "yes" && ${MK_BEARSSL} == "yes"
+.include "${SRCTOP}/lib/libbearssl/Makefile.libsa.inc"
+.include "${SRCTOP}/lib/libve/Makefile.libsa.inc"
+.endif
+
 .include <bsd.lib.mk>
Index: stand/libsa/Makefile.depend
===================================================================
--- stand/libsa/Makefile.depend
+++ stand/libsa/Makefile.depend
@@ -2,10 +2,6 @@
 # Autogenerated - do NOT edit!
 
 DIRDEPS = \
-	include \
-	include/arpa \
-	include/xlocale \
-	lib/libbz2 \
 
 
 .include <dirdeps.mk>
Index: stand/libsa32/Makefile.depend
===================================================================
--- stand/libsa32/Makefile.depend
+++ stand/libsa32/Makefile.depend
@@ -2,10 +2,7 @@
 # Autogenerated - do NOT edit!
 
 DIRDEPS = \
-	include \
-	include/arpa \
-	include/xlocale \
-	lib/libbz2 \
+	stand/libsa \
 
 
 .include <dirdeps.mk>
Index: stand/loader.mk
===================================================================
--- stand/loader.mk
+++ stand/loader.mk
@@ -57,6 +57,10 @@
 SRCS+=	pnp.c
 .endif
 
+.if ${MK_LOADER_VERIEXEC} != "no"
+CFLAGS+= -DLOADER_VERIEXEC -I${SRCTOP}/lib/libve/h
+.endif
+
 # Forth interpreter
 .if ${MK_LOADER_LUA} != "no"
 SRCS+=	interp_lua.c