openbsd
6 years agoAdd ssh-keyscan -D option to make it print its results in SSHFP format
djm [Fri, 23 Feb 2018 05:14:05 +0000 (05:14 +0000)]
Add ssh-keyscan -D option to make it print its results in SSHFP format
bz#2821, ok dtucker@

6 years agoAdd missing braces.
dtucker [Fri, 23 Feb 2018 04:18:46 +0000 (04:18 +0000)]
Add missing braces.
Caught by the tinderbox's -Werror=misleading-indentation,  ok djm@

6 years agolint fix
dlg [Fri, 23 Feb 2018 03:03:36 +0000 (03:03 +0000)]
lint fix

6 years agounbreak interop test after SSHv1 purge;
djm [Fri, 23 Feb 2018 03:03:00 +0000 (03:03 +0000)]
unbreak interop test after SSHv1 purge;
patch from Colin Watson via bz#2823

6 years agoadd a SECURITY CONSIDERATIONS section.
dlg [Fri, 23 Feb 2018 03:01:34 +0000 (03:01 +0000)]
add a SECURITY CONSIDERATIONS section.

mdoc(7) says that section goes last, which is where i put it. i
kind of want it before EXAMPLES though.

6 years agoprovide some (probably too many) nvgre(4) examples
dlg [Fri, 23 Feb 2018 02:52:28 +0000 (02:52 +0000)]
provide some (probably too many) nvgre(4) examples

6 years agoAdd BindInterface ssh_config directive and -B command-line argument
djm [Fri, 23 Feb 2018 02:34:33 +0000 (02:34 +0000)]
Add BindInterface ssh_config directive and -B command-line argument
to ssh(1) that directs it to bind its outgoing connection to the
address of the specified network interface.

BindInterface prefers to use addresses that aren't loopback or link-
local, but will fall back to those if no other addresses of the
required family are available on that interface.

Based on patch by Mike Manning in bz#2820, ok dtucker@

6 years agotry to fix the nvgre words a bit
dlg [Thu, 22 Feb 2018 23:03:34 +0000 (23:03 +0000)]
try to fix the nvgre words a bit

6 years agosync
naddy [Thu, 22 Feb 2018 22:43:20 +0000 (22:43 +0000)]
sync

6 years agospeeling
dlg [Thu, 22 Feb 2018 22:17:01 +0000 (22:17 +0000)]
speeling

6 years agoIn x509.h rev. 1.32 2018/02/20 17:09:20, jsing@ provided
schwarze [Thu, 22 Feb 2018 21:53:23 +0000 (21:53 +0000)]
In x509.h rev. 1.32 2018/02/20 17:09:20, jsing@ provided
X509_NAME_get0_der(3).  Document it without using anything
from the existing OpenSSL X509_NAME_get0_der(3) manual page
because that page fails to mention the similarity to i2d_X509_NAME(3)
and also fails to explain how both differ, likely causing users
to pick the wrong one for their purposes.

6 years agoSet the PG_G (global) bit on the special page table entries that are shared
guenther [Thu, 22 Feb 2018 20:36:40 +0000 (20:36 +0000)]
Set the PG_G (global) bit on the special page table entries that are shared
between the u-k and u+k tables, because they're actually in *all* tables.

ok bluhm@ kettenis@ mlarkin@

6 years agoThe compile time assertion for cpu info did not work with gcc.
bluhm [Thu, 22 Feb 2018 20:27:14 +0000 (20:27 +0000)]
The compile time assertion for cpu info did not work with gcc.
Rephrase the condition in a way that both gcc and clang accept it.
OK guenther@

6 years agoThe GNU assembler does not understand 1ULL, so replace the constant
bluhm [Thu, 22 Feb 2018 20:18:59 +0000 (20:18 +0000)]
The GNU assembler does not understand 1ULL, so replace the constant
with 1.  Then it compiles with gcc, sign and size do not matter
here.
OK mlarkin@

6 years agosync
jsing [Thu, 22 Feb 2018 17:36:55 +0000 (17:36 +0000)]
sync

6 years agoBump lib{crypto,ssl,tls} minors due to symbol additions.
jsing [Thu, 22 Feb 2018 17:34:42 +0000 (17:34 +0000)]
Bump lib{crypto,ssl,tls} minors due to symbol additions.

6 years agoProvide SSL_is_server().
jsing [Thu, 22 Feb 2018 17:30:25 +0000 (17:30 +0000)]
Provide SSL_is_server().

6 years agoProvide SSL_up_ref().
jsing [Thu, 22 Feb 2018 17:29:24 +0000 (17:29 +0000)]
Provide SSL_up_ref().

6 years agoProvide SSL_CTX_get_ciphers().
jsing [Thu, 22 Feb 2018 17:27:06 +0000 (17:27 +0000)]
Provide SSL_CTX_get_ciphers().

6 years agoProvide SSL_SESSION_up_ref().
jsing [Thu, 22 Feb 2018 17:25:18 +0000 (17:25 +0000)]
Provide SSL_SESSION_up_ref().

6 years agoProvide X509_chain_up_ref().
jsing [Thu, 22 Feb 2018 17:22:02 +0000 (17:22 +0000)]
Provide X509_chain_up_ref().

From BoringSSL.

6 years agoProvide X509_STORE_get0_objects(), X509_STORE_get_ex_data() and
jsing [Thu, 22 Feb 2018 17:19:31 +0000 (17:19 +0000)]
Provide X509_STORE_get0_objects(), X509_STORE_get_ex_data() and
X509_STORE_set_ex_data().

6 years agoProvide X509_OBJECT_get0_X509() and X509_OBJECT_get0_X509_CRL().
jsing [Thu, 22 Feb 2018 17:17:09 +0000 (17:17 +0000)]
Provide X509_OBJECT_get0_X509() and X509_OBJECT_get0_X509_CRL().

6 years agoProvide X509_STORE_up_ref().
jsing [Thu, 22 Feb 2018 17:15:09 +0000 (17:15 +0000)]
Provide X509_STORE_up_ref().

6 years agoProvide X509_STORE_CTX_get0_chain() and X509_STORE_CTX_get0_store().
jsing [Thu, 22 Feb 2018 17:11:30 +0000 (17:11 +0000)]
Provide X509_STORE_CTX_get0_chain() and X509_STORE_CTX_get0_store().

6 years agoIn x509.h rev. 1.30 2018/02/20 17:04:58, jsing@ provided
schwarze [Thu, 22 Feb 2018 17:10:00 +0000 (17:10 +0000)]
In x509.h rev. 1.30 2018/02/20 17:04:58, jsing@ provided
X509_CRL_get0_lastUpdate(3) and X509_CRL_get0_nextUpdate(3).
Document them.

6 years agoProvide X509_get0_tbs_sigalg().
jsing [Thu, 22 Feb 2018 17:09:28 +0000 (17:09 +0000)]
Provide X509_get0_tbs_sigalg().

6 years agoProvide X509_set1_notBefore() and X509_set1_notAfter().
jsing [Thu, 22 Feb 2018 17:06:42 +0000 (17:06 +0000)]
Provide X509_set1_notBefore() and X509_set1_notAfter().

6 years agoProvide X509_get0_pubkey().
jsing [Thu, 22 Feb 2018 17:05:35 +0000 (17:05 +0000)]
Provide X509_get0_pubkey().

6 years agoProvide X509_CRL_set1_lastUpdate() and X509_CRL_set1_nextUpdate().
jsing [Thu, 22 Feb 2018 17:01:44 +0000 (17:01 +0000)]
Provide X509_CRL_set1_lastUpdate() and X509_CRL_set1_nextUpdate().

6 years agoProvide X509_CRL_get0_extensions() and X509_CRL_get_signature_nid().
jsing [Thu, 22 Feb 2018 16:58:45 +0000 (16:58 +0000)]
Provide X509_CRL_get0_extensions() and X509_CRL_get_signature_nid().

6 years agoProvide X509_CRL_up_ref().
jsing [Thu, 22 Feb 2018 16:53:42 +0000 (16:53 +0000)]
Provide X509_CRL_up_ref().

6 years agoProvide X509_REQ_get_signature_nid().
jsing [Thu, 22 Feb 2018 16:50:30 +0000 (16:50 +0000)]
Provide X509_REQ_get_signature_nid().

6 years agoProvide X509_REVOKED_get0_extensions(), X509_REVOKED_get0_revocationDate()
jsing [Thu, 22 Feb 2018 16:47:50 +0000 (16:47 +0000)]
Provide X509_REVOKED_get0_extensions(), X509_REVOKED_get0_revocationDate()
and X509_REVOKED_get0_serialNumber().

6 years agoProvide DH_get0_engine().
jsing [Thu, 22 Feb 2018 16:41:04 +0000 (16:41 +0000)]
Provide DH_get0_engine().

6 years agoProvide BIO_up_ref().
jsing [Thu, 22 Feb 2018 16:38:43 +0000 (16:38 +0000)]
Provide BIO_up_ref().

6 years agoIn x509.h rev. 1.30 2018/02/20 17:04:58, jsing@ provided
schwarze [Thu, 22 Feb 2018 16:26:27 +0000 (16:26 +0000)]
In x509.h rev. 1.30 2018/02/20 17:04:58, jsing@ provided
X509_CRL_get0_signature(3) and in rev. 1.31 2018/02/20 17:06:19
X509_REQ_get0_signature(3).  Document them.

6 years agoIn bn.h rev. 1.37 2018/02/20 17:02:30, jsing@ provided BN_get_rfc*(3)
schwarze [Thu, 22 Feb 2018 15:22:06 +0000 (15:22 +0000)]
In bn.h rev. 1.37 2018/02/20 17:02:30, jsing@ provided BN_get_rfc*(3)
as aliases for get_rfc*(3).  Mention them in the manual page.

6 years agovarious tweaks;
jmc [Thu, 22 Feb 2018 13:23:47 +0000 (13:23 +0000)]
various tweaks;

6 years agoRemove an unused variable.
nicm [Thu, 22 Feb 2018 11:42:41 +0000 (11:42 +0000)]
Remove an unused variable.

6 years agoCheck prefix when retrying so it is checked while repeat flag is
nicm [Thu, 22 Feb 2018 10:58:12 +0000 (10:58 +0000)]
Check prefix when retrying so it is checked while repeat flag is
set. GitHub issue 1239.

6 years agoAdd exit-empty option to exit server if no sessions (defaults to on).
nicm [Thu, 22 Feb 2018 10:54:51 +0000 (10:54 +0000)]
Add exit-empty option to exit server if no sessions (defaults to on).

6 years agoremove some debug code in nvgre
dlg [Thu, 22 Feb 2018 09:47:12 +0000 (09:47 +0000)]
remove some debug code in nvgre

6 years agoAlways reallocate a new memory chunk when changing the gateway of a
mpi [Thu, 22 Feb 2018 08:47:20 +0000 (08:47 +0000)]
Always reallocate a new memory chunk when changing the gateway of a
route entry.

This makes sure we pass the correct size to free(9).

Reproted by and ok dlg@

6 years agotypo;
jmc [Thu, 22 Feb 2018 08:46:05 +0000 (08:46 +0000)]
typo;

6 years agoSame change as rev 1.22 in ospfd:
claudio [Thu, 22 Feb 2018 07:43:29 +0000 (07:43 +0000)]
Same change as rev 1.22 in ospfd:
The IF_EVT_NBR_CHNG event needs to be fired when a neighbor transitions to
a state of 2-Way or higher. There is no need to trigger the event for new
neighbors. With this situations with multiple DRs after a netsplit should
be solved.
OK sthen@ and remi@

6 years agoThe IF_EVT_NBR_CHNG event needs to be fired when a neighbor transitions to
claudio [Thu, 22 Feb 2018 07:42:38 +0000 (07:42 +0000)]
The IF_EVT_NBR_CHNG event needs to be fired when a neighbor transitions to
a state of 2-Way or higher. There is no need to trigger the event for new
neighbors. With this situations with multiple DRs after a netsplit should
be solved.
OK sthen@ and remi@

6 years agodon't get in the way of setting the rdomain on gre(4)
dlg [Thu, 22 Feb 2018 07:33:24 +0000 (07:33 +0000)]
don't get in the way of setting the rdomain on gre(4)

6 years agoslight tweak
dlg [Thu, 22 Feb 2018 07:27:26 +0000 (07:27 +0000)]
slight tweak

6 years agoreorganise the manpage with subsections for each type of interface.
dlg [Thu, 22 Feb 2018 07:24:58 +0000 (07:24 +0000)]
reorganise the manpage with subsections for each type of interface.

the page was getting a bit cumbersome with the arrival of nvgre,
so hopefully this makes it a bit more straightforward.

jmc@ says he can fix stuff as i go

6 years agomake the Nd lines (subjectively) less worse
dlg [Thu, 22 Feb 2018 01:35:04 +0000 (01:35 +0000)]
make the Nd lines (subjectively) less worse

6 years agoimplement nvgre(4) based on rfc7637 aka NVGRE
dlg [Wed, 21 Feb 2018 22:20:19 +0000 (22:20 +0000)]
implement nvgre(4) based on rfc7637 aka NVGRE

NVGRE is short for Network Virtualization Using Generic Routing
Encapsulation.

it provides an overlay ethernet network with multiple ip peers,
rather than a tunnel to a single peer like egre(4) provides. unlike
egre the vnetid is mandantory and always 24 bits. it offers similar
functionality to vxlan(4).

6 years agoMark VIA padlock as capable of dealing with ESN
mikeb [Wed, 21 Feb 2018 21:09:57 +0000 (21:09 +0000)]
Mark VIA padlock as capable of dealing with ESN

There are no actual changes to the driver since the software crypto
driver is called to handle authentication operations.

This enabled padlock to be used when tunnels are setup with iked(8).

Tested by and OK fcambus

6 years agoDelete the kernel link kit tgz after extraction to align with the
rpe [Wed, 21 Feb 2018 20:02:37 +0000 (20:02 +0000)]
Delete the kernel link kit tgz after extraction to align with the
libexec/reorder_kernel script.

OK tb

6 years agoTweak comments.
rpe [Wed, 21 Feb 2018 19:57:21 +0000 (19:57 +0000)]
Tweak comments.

OK tb

6 years agoIf there is one interface, and it is configured via dhcp, and the lease
rpe [Wed, 21 Feb 2018 19:54:25 +0000 (19:54 +0000)]
If there is one interface, and it is configured via dhcp, and the lease
contains both domain-name and domain-search options make sure to use the
first domain-name entry (there might be multiple).

This issue was noticed by Raf Czlonka, thanks for reporting
Discussed with, tested and OK krw

6 years agoMeltdown: implement user/kernel page table separation.
guenther [Wed, 21 Feb 2018 19:24:15 +0000 (19:24 +0000)]
Meltdown: implement user/kernel page table separation.

On Intel CPUs which speculate past user/supervisor page permission checks,
use a separate page table for userspace with only the minimum of kernel code
and data required for the transitions to/from the kernel (still marked as
supervisor-only, of course):
 - the IDT (RO)
 - three pages of kernel text in the .kutext section for interrupt, trap,
   and syscall trampoline code (RX)
 - one page of kernel data in the .kudata section for TLB flush IPIs (RW)
 - the lapic page (RW, uncachable)
 - per CPU: one page for the TSS+GDT (RO) and one page for trampoline
   stacks (RW)

When a syscall, trap, or interrupt takes a CPU from userspace to kernel the
trampoline code switches page tables, switches stacks to the thread's real
kernel stack, then copies over the necessary bits from the trampoline stack.
On return to userspace the opposite occurs: recreate the iretq frame on the
trampoline stack, switch stack, switch page tables, and return to userspace.

mlarkin@ implemented the pmap bits and did 90% of the debugging, diagnosing
  issues on MP in particular, and drove the final push to completion.
Many rounds of testing by naddy@, sthen@, and others
Thanks to Alex Wilson from Joyent for early discussions about trampolines
  and their data requirements.
Per-CPU page layout mostly inspired by DragonFlyBSD.

ok mlarkin@ deraadt@

6 years agoCall socreate() before falloc() in sys_socket().
mpi [Wed, 21 Feb 2018 09:30:02 +0000 (09:30 +0000)]
Call socreate() before falloc() in sys_socket().

This is similar to what we do in sys_socketpair() and will allow us
to grab the KERNEL_LOCK() only after having created a socket.

This time with correct non-blocking check.

Tested by landry@, previous diff ok tedu@

6 years agoif egre takes the packet, it's done, don't fall through to l3 processing.
dlg [Wed, 21 Feb 2018 05:20:17 +0000 (05:20 +0000)]
if egre takes the packet, it's done, don't fall through to l3 processing.

6 years agowhitespace fixes
dlg [Wed, 21 Feb 2018 05:19:11 +0000 (05:19 +0000)]
whitespace fixes

6 years agoadd bsd.mp
jsg [Wed, 21 Feb 2018 00:43:03 +0000 (00:43 +0000)]
add bsd.mp

6 years agomatch linux whitespace in ioctl list
jsg [Wed, 21 Feb 2018 00:04:41 +0000 (00:04 +0000)]
match linux whitespace in ioctl list

6 years agoAdd GENERIC.MP directory.
kettenis [Tue, 20 Feb 2018 23:57:54 +0000 (23:57 +0000)]
Add GENERIC.MP directory.

6 years agoAdd GENERIC.MP.
kettenis [Tue, 20 Feb 2018 23:48:23 +0000 (23:48 +0000)]
Add GENERIC.MP.

6 years agoRelease the secondary CPUs.
kettenis [Tue, 20 Feb 2018 23:46:48 +0000 (23:46 +0000)]
Release the secondary CPUs.

6 years agoMake arm64 pmap (somewhat) mpsafe.
kettenis [Tue, 20 Feb 2018 23:45:24 +0000 (23:45 +0000)]
Make arm64 pmap (somewhat) mpsafe.

6 years agostop mixing bsd and c99 fixed width types and just use c99 types everywhere
jsg [Tue, 20 Feb 2018 23:44:19 +0000 (23:44 +0000)]
stop mixing bsd and c99 fixed width types and just use c99 types everywhere

6 years agoFix bogus check. Spotted by brynet, thanks.
tb [Tue, 20 Feb 2018 21:11:15 +0000 (21:11 +0000)]
Fix bogus check. Spotted by brynet, thanks.

6 years agoRSA_get_flags should be RSA_test_flags.
tb [Tue, 20 Feb 2018 20:59:19 +0000 (20:59 +0000)]
RSA_get_flags should be RSA_test_flags.

Noted by sthen. Rides previous minor bump.

6 years agowhitespace nit
tb [Tue, 20 Feb 2018 18:51:35 +0000 (18:51 +0000)]
whitespace nit

6 years agosync
tb [Tue, 20 Feb 2018 18:20:29 +0000 (18:20 +0000)]
sync

6 years agoCrank lib{crypto,ssl,tls} minors after symbol addition.
tb [Tue, 20 Feb 2018 18:19:07 +0000 (18:19 +0000)]
Crank lib{crypto,ssl,tls} minors after symbol addition.

6 years agoProvide BIO_meth_{g,s}et_callback_ctrl()
tb [Tue, 20 Feb 2018 18:17:17 +0000 (18:17 +0000)]
Provide BIO_meth_{g,s}et_callback_ctrl()

with & ok jsing

6 years agoProvide BIO_meth_get_{create,ctrl,destroy,gets,puts,read}()
tb [Tue, 20 Feb 2018 18:13:31 +0000 (18:13 +0000)]
Provide BIO_meth_get_{create,ctrl,destroy,gets,puts,read}()

ok jsing

6 years agoZap an 'int' that snuck in.
tb [Tue, 20 Feb 2018 18:10:27 +0000 (18:10 +0000)]
Zap an 'int' that snuck in.

ok jsing

6 years agoProvide SSL_SESSION_get_protocol_version()
tb [Tue, 20 Feb 2018 18:07:11 +0000 (18:07 +0000)]
Provide SSL_SESSION_get_protocol_version()

ok jsing

6 years agoProvide EVP_PKEY_get0_EC_KEY() and 'if (ret)' vs 'if (ret != 0)' cosmetics.
tb [Tue, 20 Feb 2018 18:05:28 +0000 (18:05 +0000)]
Provide EVP_PKEY_get0_EC_KEY() and 'if (ret)' vs 'if (ret != 0)' cosmetics.

ok jsing

6 years agoProvide DH_set_length()
tb [Tue, 20 Feb 2018 18:01:42 +0000 (18:01 +0000)]
Provide DH_set_length()

ok jsing

6 years agoProvide DH_bits()
tb [Tue, 20 Feb 2018 17:59:31 +0000 (17:59 +0000)]
Provide DH_bits()

ok jsing

6 years agoProvide BIO_{g,s}et_shutdown().
tb [Tue, 20 Feb 2018 17:55:26 +0000 (17:55 +0000)]
Provide BIO_{g,s}et_shutdown().

ok jsing

6 years agoProvide DSA_get0_engine()
tb [Tue, 20 Feb 2018 17:52:27 +0000 (17:52 +0000)]
Provide DSA_get0_engine()

ok jsing

6 years agoProvide DSA_SIG_{g,s}et0()
tb [Tue, 20 Feb 2018 17:48:35 +0000 (17:48 +0000)]
Provide DSA_SIG_{g,s}et0()

ok jsing

6 years agoProvide DSA_{clear,set,test}_flags()
tb [Tue, 20 Feb 2018 17:45:44 +0000 (17:45 +0000)]
Provide DSA_{clear,set,test}_flags()

ok jsing

6 years agoProvide RSA_{clear,set,test}_flasg()
tb [Tue, 20 Feb 2018 17:42:32 +0000 (17:42 +0000)]
Provide RSA_{clear,set,test}_flasg()

ok jsing

6 years agoProvide DH_{clear,set,test}_flags().
tb [Tue, 20 Feb 2018 17:38:15 +0000 (17:38 +0000)]
Provide DH_{clear,set,test}_flags().

ok jsing

6 years agoProvide BIO_get_new_index().
jsing [Tue, 20 Feb 2018 17:15:27 +0000 (17:15 +0000)]
Provide BIO_get_new_index().

Based on BoringSSL.

6 years agoProvide BN_GENCB_new(), BN_GENCB_free() and BN_GENCB_get_arg()
jsing [Tue, 20 Feb 2018 17:13:14 +0000 (17:13 +0000)]
Provide BN_GENCB_new(), BN_GENCB_free() and BN_GENCB_get_arg()

6 years agoProvide X509_NAME_get0_der().
jsing [Tue, 20 Feb 2018 17:09:20 +0000 (17:09 +0000)]
Provide X509_NAME_get0_der().

From OpenSSL.

6 years agoProvide X509_REQ_get0_signature()
jsing [Tue, 20 Feb 2018 17:06:19 +0000 (17:06 +0000)]
Provide X509_REQ_get0_signature()

6 years agoProvide X509_CRL_get0_{last,next}Update() and X509_CRL_get0_signature().
jsing [Tue, 20 Feb 2018 17:04:58 +0000 (17:04 +0000)]
Provide X509_CRL_get0_{last,next}Update() and X509_CRL_get0_signature().

6 years agoProvide BN_get_rfc2409_prime_*() and BN_get_rfc3526_prime_*().
jsing [Tue, 20 Feb 2018 17:02:30 +0000 (17:02 +0000)]
Provide BN_get_rfc2409_prime_*() and BN_get_rfc3526_prime_*().

6 years agomake sure we've read the lenght bytes before checking the length
otto [Tue, 20 Feb 2018 16:22:19 +0000 (16:22 +0000)]
make sure we've read the lenght bytes before checking the length
ok benno@

6 years agoMove getvnetflowid() out of #ifndef SMALL to unbreak 'make release'.
tb [Tue, 20 Feb 2018 15:33:16 +0000 (15:33 +0000)]
Move getvnetflowid() out of #ifndef SMALL to unbreak 'make release'.

Diff from jsg, ok millert, benno

6 years agoConvert key length from bits to bytes
mikeb [Tue, 20 Feb 2018 15:02:13 +0000 (15:02 +0000)]
Convert key length from bits to bytes

Reported by Renaud Allard, fix tested by Renaud (i386) and fcambus@ (amd64).
OK visa, fcambus

6 years agoMake ddb's "show all locks" command show spinlocks in addition
visa [Tue, 20 Feb 2018 14:46:22 +0000 (14:46 +0000)]
Make ddb's "show all locks" command show spinlocks in addition
to sleeplocks.

OK mpi@

6 years agoTest that removing a mpath RTF_CLONING route entry do not remove the
mpi [Tue, 20 Feb 2018 12:44:28 +0000 (12:44 +0000)]
Test that removing a mpath RTF_CLONING route entry do not remove the
RTF_CACHED entry of a sibling RTF_CLONING entry.

6 years agoRemoving an RTF_CLONING route entry should not invalidate an RTF_CACHED
mpi [Tue, 20 Feb 2018 12:43:03 +0000 (12:43 +0000)]
Removing an RTF_CLONING route entry should not invalidate an RTF_CACHED
entry that has been cloned from a different RTF_CLONING route.

Bug report & ok friehm@

6 years agoIntroduce enternewpgrp() & enterthispgrp(), from FreeBSD via guenther@.
mpi [Tue, 20 Feb 2018 12:38:58 +0000 (12:38 +0000)]
Introduce enternewpgrp() & enterthispgrp(), from FreeBSD via guenther@.

This code shuffling will ease the introduction of the proctree lock
in sys_setsid() and sys_setpgid().

Extracted from a larger diff from guenther@, ok visa@

6 years agoDo not leak memory when working out job name in formats.
nicm [Tue, 20 Feb 2018 10:43:46 +0000 (10:43 +0000)]
Do not leak memory when working out job name in formats.

6 years agoCall "vmctl stop" on each VM at shutdown, for OpenBSD guests this means they
sthen [Tue, 20 Feb 2018 10:12:14 +0000 (10:12 +0000)]
Call "vmctl stop" on each VM at shutdown, for OpenBSD guests this means they
are signalled to shutdown cleanly. Wait for each to finish to avoid too much
busy work at once; this may need revising if it turns out to be too slow with
a larger number of VMs (e.g. signal/delay/signal/delay/... then wait for
shutdowns), but let's avoid making it more complex unless we know it's needed.

Based on a diff from abieber@, discussed with mlarkin@ aja@ rpe@, ok rpe