version 1.9, 2018/03/24 17:10:16 |
version 1.10, 2018/03/24 17:26:39 |
|
|
|
|
<li>Routing daemons and other userland network improvements: |
<li>Routing daemons and other userland network improvements: |
<ul> |
<ul> |
|
<li><a href="https://man.openbsd.org/bgpctl.8">bgpctl(8)</a> has a new |
|
<b>ssv<b/> option which outputs rib entries as a single semicolon-seperated |
|
like for selection before output. |
<li>... |
<li>... |
</ul> |
</ul> |
<p> |
<p> |
|
|
<li>Security improvements: |
<li>Security improvements: |
<ul> |
<ul> |
|
<li>Use even more trap-sleds on various architectures. |
|
<li>More use of .rodata for constant variables in assembly source. |
|
<li>Stop using x86 "repz ret" in dusty corners of the tree. |
|
<li>Introduce "execpromises" in |
|
<a href="https://man.openbsd.org/pledge.2">pledge(2)</a>. |
|
<li>Prepare for the introduction of <b>MAP_STACK</b> to |
|
<a href="https://man.openbsd.org/mmap.2">mmap(2)</a> after 6.3. |
|
<li>Push a small piece of KARL-linked kernel text into the random |
|
number generator as entropy at startup. |
|
<li>Put a small random gap at the top of thread stacks, so that attackers |
|
have yet another calculation to perform for their ROP work. |
<li>... |
<li>... |
</ul> |
</ul> |
<p> |
<p> |
|
|
<li>Code reorganization and other improvements to |
<li>Code reorganization and other improvements to |
<a href="https://man.openbsd.org/malloc.3">malloc(3)</a> |
<a href="https://man.openbsd.org/malloc.3">malloc(3)</a> |
and friends to make them more efficient. |
and friends to make them more efficient. |
|
<li>When performing suspend or hibernate operations, ensure all filesystems |
|
are properly syncronized and marked clean, or if they cannot be |
|
put into perfectly clean state on disk (due to open+unlinked files) |
|
then mark them dirty, so that a failed resume/unhinbernate is gauranteed |
|
to perform fsck. |
<li>... |
<li>... |
</ul> |
</ul> |
<p> |
<p> |