===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/69.html,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- www/69.html 2021/04/09 18:56:02 1.9
+++ www/69.html 2021/04/09 21:27:41 1.10
@@ -101,9 +101,32 @@
physical address space, needing a larger TCE table.
Introduced power-saving mode on POWER9 (ISA v3).
Enabled floating-point exceptions on powerpc64.
+ Added support for ipmi(4) on PowerNV systems.
+
+ Recognized Apple Icestorm cores on arm64.
+ Added basic support for BCM4379, found on the Apple M1 SoCs, to
+ bwfm(4).
+ Added exuart(4)
+ support for hte UART found on the Apple M1 SoC.
+ Added apldog(4), a
+ driver for the watchdog on Apple M1 SoCs, allowing reboot of the
+ machine.
+ Added aplintc(4),
+ a driver for the interrupt controller found on Apple M1 SoCs.
+ Added aplpcie(4),
+ a driver for the PCIe host bridge on Apple M1 SoCs.
+ Increased RX buffers available to the bwfm(4) chip to 256,
+ allowing use of the Apple M1's wifi.
+ Added apldart(4),
+ a driver for the IOMMU on Apple M1 SoCs.
+ Added smmu(4), a
+ driver for the ARM System MMU.
+
Made loongson kernels recognize Lynloong LM9002/9003 and LM9013.
Use native display resolution 1368x768 for Lynloong all-in-one computers.
@@ -155,6 +178,9 @@
Allowed a process to open a video(4) device multiple
times. Fixes webcam usage with Firefox and BigBlueButton.
+ Enabled multiple opens of a video(4) device as
+ described in the V4L2 specification.
Added trace points for malloc(9) and free(9), making them
@@ -167,11 +193,26 @@
Disabled com(4) on
sparc64 for m3000s. Console i/o should fall back to ofw routines.
+ In softraid(4), added the RAID1C (raid1 + crypto) softraid(4) discipline,
+ encrypting data like the CRYPTO discipline and accepting multiple
+ chunks during creation and assembly like the RAID1 discipline.
+ Corrected raidlevel verification specified by the -c option in bioctl(8).
-
+ Added a barrier between reading the cqe flags and the command ID
+ to prevent completion of the wrong scsi io for nvme(4) drives.
+ Prevent nvme(4)
+ attachment to devices with size zero.
Introduced new function if_unit(9), returning a
pointer to the interface descriptor corresponding to the unique name.
+ Clear interrupts on luna88k processors more efficiently at boot
+ time.
+ Added acpiiort(4), a driver
+ for the ACPI I/O Remapping Table.
@@ -180,7 +221,9 @@
Made uvm_pagealloc(9) of the physical memory allocator mp-safe.
Unlocked getppid(2).
Introduced locking for amaps and anons, improving build performance.
+Moved UNIX domain sockets out of the kernel lock, using the new "unp_lock" rwlock(9) as solock()'s backend to protect the whole layer.
+
Implemented linux interval tree functions for drm(4).
Fixed wsconsctl(8) display commands when using drm(4) drivers on macppc.
@@ -188,8 +231,16 @@
Fixed a panic associated with locks and drm(4) on macppc with Powerbook5,6 and RV350.
Revised the initialization of the drm(4) Linux emulation layer to call it only when the first drm instance attaches.
Fixed DRI3 support on amdgpu(4) and ati(4).
+Created /dev/ drm nodes with the same names as linux to simplify libdrm and negate the need for certain ports patches.
+
+
+ Prevented memory corruption or improper page access in vmm(4) due to improper TLB
+ flushing for now by wiring the pages used by virtual machines.
+
+
Various new userland features:
@@ -205,7 +256,33 @@
href="https://man.openbsd.org/sndiod.8">sndiod(8) and for aucat(1), removing most of
the aliasing noise during resampling.
+ Disabled sndiod(8)
+ autovolume by default and set the default volume to 127. Setting "-w
+ on" will replicate the previous behavior of automatically decreasing
+ playback volume when new programs start playing.
+ Allowed mixing of alternative devices (-F) with different
+ capabilities in sndiod(8) by treating any
+ device as full-duplex.
+ Enabled build and install of lldb(1).
+ Added logger(1)
+ support to rcctl(8), rc.subr(8) and rc.d(8) for daemons logging
+ to stdout/stderr.
+
+
+ Introduced dhcpleased(8), a dhcp
+ daemon to acquire IPv4 address leases from servers.
+ Added resolvd(8),
+ a daemon to rewrite resolv.conf(5).
+
+
+
+
Various bugfixes and tweaks in userland:
@@ -250,6 +327,21 @@
pledge to the "-C" code path.
Inproved performance of malloc(3)'s cache.
+ Made editing GPT in fdisk(8) safer by
+ defaulting offset to the beginning of the largest free space and
+ preventing the creation of overlapping partitions.
+ Fixed a crash that could occur in sndiod(8) when a usb
+ device is unplugged.
+ Append .html suffixes to temporary files in mandoc(1) to allow
+ recognition by browsers.
+ Allow specification of a path to the mg(1) startup file on the
+ command line.
+
+
Improved hardware support and driver bugfixes, including:
@@ -292,7 +384,21 @@
Added Gemini Lake I2C id to dwiic(4), making the
touchpad work on the Teclast F7 Plus laptop.
+ Introduced ujoy(4), a
+ restricted subset of uhid(4) for game controllers
+ which uses /dev/ujoy/* device nodes.
+ Set up ims(4) devices
+ in X11 to behave like touchpads.
+ Stopped relying on USB devices to correctly present their
+ indices, instead searching for the correct interfaces. This fixes E+
+ Corp. DAC Audio devices.
+ Introduced uhidpp(4), a driver for
+ Logitech HID++ devices.
+
+
Optimized arm64 copyin(9), Implemented intx support in mvkpcie(4).
+ Added cryptox(4),
+ a driver for armv8 cryptographic extensions.
+ Added support for PCIe on the NanoPi R4S to rkpcie(4).
@@ -352,6 +462,9 @@
href="https://man.openbsd.org/rge.4">rge(4).
Enabled IPv4 and TCP/UDP checksum offload on transmission in ogx(4).
+ Raised the maximum number of queues/interrupts from 1 to 16 on mcx(4) devices.
+ Added support for the Netgear ProSecure UTM25 to octeon.
@@ -370,6 +483,8 @@
href="https://man.openbsd.org/bwfm.4">bwfm(4) on the BCM43602 that
was triggering "unexpected pairwise key update" errors.
Enabled athn(4) for arm64.
+ Added support for version 7 of the bwfm(4) PCIe interface.
@@ -401,8 +516,38 @@
to renew pltime/vltime of privacy addresse per RFC 4941.
Fixed wg(4) on macppc
by keeping track of allowed ips pointer correctly.
+ Use the toeplitz hash algorithm to a flowid for tcp packets,
+ which in turn is used to choose the tx ring on network cards with
+ multiple rings.
+ Fixed wg(4) ioctl to
+ handle multiple wgpeers.
+ Removed the direct ACK on every other data segment. After
+ receiving a data segment, we were sending out two ACKs, the first one
+ in tcp_input() direct after receiving and the second ACK after the
+ userland or the sosplice task read some data out of the socket buffer.
+ This change removes the ACK in tcp_input(), saving processing time and
+ improving network performance.
+ Removed the maxburst feature from tcp_output().
+ Added a MONITOR feature to interfaces. Packets received on these
+ interfaces do not enter the network stack for further processing. This
+ can be used to watch traffic, for example with bpf(4) without risk of the packets
+ interfering with the system.
+ Added etherbridge, the internals of a reusable learning bridge
+ interface providing common code reusable for other drivers needing a
+ mac learning bridge.
+ Introduced veb(4), a
+ Virtual Ethernet Bridge driver.
+ Added support for adding and deleting mac addr entries on nvgre(4).
+ Added support for adding and deleting address table entries to bpe(4), veb(4) and etherbridge.
+
+
+
Installer improvements:
@@ -443,7 +588,25 @@
"show sets" to display information about the roa-set, as-sets and
prefix-sets loaded into bgpd(8).
+ Introduced the bgpd.conf(5) per
+ neighbor and global config option "reject as-set yes/no" to allow
+ rejection of received UPDATES with AS_SET segments. These rejected
+ prefixes can be viewed with bgpctl(8) "show rib in
+ error".
+ Properly implemented "rde med compare strict" in bgpd(8) and ensured that the
+ order of prefixes is always correct.
+ Added RTR support to OpenBGPD.
+ Added bgpctl(8)
+ "show rtr" to display basic information about RTR sessions.
+ Introduced bgpd(8)
+ rde evaluate all
to work around path hiding in IXP
+ route-server environments.
+
+
Allowed use of ospfd(8) on interfaces that
share the same IP.
@@ -514,11 +677,28 @@
IPv6 support.
Created a path MTU host route for IPsec(4) over IPv6.
+ Added support for INVALID_KE_PAYLOAD in iked(8) CREATE_CHILD_SA
+ exchange.
+ Added support for RSA-PSS PKCS1 signatures to iked(8).
+ Fixed path MTU discovery for ESP tunnels in IPv6.
+ Upgraded to OpenSSL 1.1 compatible crypto API in iked(8).
+ Added an optional "group none" transform for child SAs in iked(8) to ensure the
+ ability to negotiate optional PFS.
+ Added iked(8)
+ dynamic address configuration for roadwarrior clients, with a new
+ "iface" config option which can be used to specify an interface for
+ the virtual addresses received from the peer.
Fixed ldapd(8) cert
and key path inference for absolute paths.
+ Applied unveil(2)
+ to ldapd(8).
@@ -526,13 +706,28 @@
href="https://man.openbsd.org/pfctl.8">pfctl(8) and pf(4) to accept any valid
routing domain, even if it does not yet exist.
-
Made pfctl(8)
detect and reject bogus ranges before loading the ruleset to prevent a
panic.
+ Changed route-to in pf.conf(5) to send
+ packets to IPs instead of interfaces.
+ Changed pf_route so pf(4) only runs when packets
+ enter and leave the stack. Running the same packet through pf multiple
+ times creates confusion for the state table. By default, pf states are
+ floating, meaning that packets are matched to states regardless of
+ which interface they're going over. This diff avoids multiple pf(4)
+ traversals of one packet causing confusion in the state table.
+ Prevented the kernel from being stuck in an endless recursion
+ during TCP path MTU discovery when pf(4) changes the routing
+ table when sending packets.
+ When cutting off the head of an overlapping fragment during pf(4) reassembly, reinserted
+ the fragment into the lookup table with the correct index.
-
Implemented RFC 8914 Extended DNS Errors for dig(1).
@@ -557,6 +752,8 @@
drain the raw socket of packets received before we were fully setup to
avoid reporting ICMP responses intended for other instances of ping(8)
running in parallel.
+ Added ping(8) -g
+ option to provide a visual display of packets received and lost.
Changed slaacd(8)
Duplicate Address Detection (DAD) to only generate a new address if we
@@ -569,7 +766,14 @@
Implemented unwind(8) listening on
TCP.
+ Implemented DNS64 synthesis in unwind(8).
+ Disabled logging to syslog(3) for libunbound
+ with unwind(8). Does
+ not prevent logging to stderr with "unwind -d".
+
Removed the -L option from dhclient(8).
Added a simple --timeout implementation to Handle permanent redirects (RFC 7538) in ftp(1) fetch.
+ Introduced ftp(1)
+ support for sending the If-Modified-Since header while fetching over
+ http or https. Switched to using the timestamps from the remote
+ server's Last-Modified header if available when saving local files and
+ introduced the ftp "-u" flag to disable this behavior.
+
Added requests for a new certificate without requiring -F when acme-client(1)
detects an added or removed SAN in the config file not reflected in
@@ -593,8 +803,22 @@
href="https://man.openbsd.org/tcpdump.8">tcpdump(8) logged with pflog(4) for rdr-to, nat-to
and af-to rules.
+ Removed the snmpd(8) traphandler
+ process.
+ When calling getaddrinfo(3) with
+ AI_ADDRCONFIG, consider the routing domain when checking for available
+ address families. This ensures that name resolution is only performed
+ for the address families available in the rdomain.
+ Implemented the nc(1)
+ -D socket debug option in tcpbench(1), allowing
+ analysis of TCP connections.
+
+
tmux(1) improvements and bug fixes:
@@ -698,6 +922,18 @@
href="https://man.openbsd.org/ssh_config.5">ssh_config(5).
Added PerSourceMaxStartups and PerSourceNetBlockSize options to
sshd(8).
+ Renamed the PubkeyAcceptedKeyTypes keyword to
+ PubkeyAcceptedAlgorithms in ssh_config(5) and sshd_config(5).
+ Renamed the HostbasedKeyTypes keyword in ssh_config(5) and the
+ HostbasedAcceptedKeyTypes keyword in sshd_config(5) to
+ HostbasedAcceptedAlgorithms.
+ Added PermitRemoteOpen to ssh(1) for remote dynamic
+ forwarding with SOCKS.
Potentially incompatible changes.
@@ -735,11 +971,11 @@
- Xenocara (based on X.Org 7.7 with xserver 1.20.10 + patches,
- freetype 2.10.4, fontconfig 2.12.4, Mesa 20.0.8, xterm 363,
+ freetype 2.10.4, fontconfig 2.12.4, Mesa 20.0.8, xterm 366,
xkeyboard-config 2.20, fonttosfnt 1.2.1 and more)
- LLVM/Clang 10.0.1 (+ patches)
- GCC 4.2.1 (+ patches) and 3.3.6 (+ patches)
-
- Perl 5.30.3 (+ patches)
+
- Perl 5.32.1 (+ patches)
- NSD 4.3.6
- Unbound 1.13.1
- Ncurses 5.7