| version 1.43, 2022/10/02 09:43:24 |
version 1.44, 2022/10/02 19:48:50 |
|
|
| <li>Added support for Apple M2 |
<li>Added support for Apple M2 |
| <li>Added support for Lenovo ThinkPad x13s and other machines using |
<li>Added support for Lenovo ThinkPad x13s and other machines using |
| the Qualcomm Snapdragon 8cx Gen 3 (SC8280XP) SoC. |
the Qualcomm Snapdragon 8cx Gen 3 (SC8280XP) SoC. |
| <li>... |
|
| </ul> |
</ul> |
| |
|
| <li>Various kernel improvements: |
<li>Various kernel improvements: |
|
|
| <li>Added support for switching from glass console to serial console |
<li>Added support for switching from glass console to serial console |
| on arm64 systems that default to glass console. |
on arm64 systems that default to glass console. |
| <li><a href="https://man.openbsd.org/pf.4">pf(4)</a> automatically allows |
<li><a href="https://man.openbsd.org/pf.4">pf(4)</a> automatically allows |
| IGMP and ICMP6 MLD packets with router alert option. |
IGMP and ICMP6 MLD packets with router alert option. |
| Special allow-opts rules are no longer needed for multicast |
Special allow-opts rules are no longer needed for multicast |
| discovery. |
discovery. |
| <li>Fixed a <a href="https://man.openbsd.org/pf.4">pf(4)</a> NULL |
<li>Fixed a <a href="https://man.openbsd.org/pf.4">pf(4)</a> NULL |
| dereference panic triggered by <a |
dereference panic triggered by <a |
| href="https://man.openbsd.org/relayd.8">relayd(8)</a>. |
href="https://man.openbsd.org/relayd.8">relayd(8)</a>. |
|
|
| href="https://man.openbsd.org/ddb.4">ddb(4)</a>. |
href="https://man.openbsd.org/ddb.4">ddb(4)</a>. |
| <li>Added a "show swap" command to <a |
<li>Added a "show swap" command to <a |
| href="https://man.openbsd.org/ddb.4">ddb(4)</a> to help debugging. |
href="https://man.openbsd.org/ddb.4">ddb(4)</a> to help debugging. |
| |
|
| |
|
| <li>Count dropped network packets due to low memory in |
<li>Count dropped network packets due to low memory in |
| <a href="https://man.openbsd.org/netstat.1">netstat(1)</a>. |
<a href="https://man.openbsd.org/netstat.1">netstat(1)</a>. |
| <li>Simplified machine command handling in <a |
<li>Simplified machine command handling in <a |
|
|
| href="https://man.openbsd.org/kqueue.2">kqueue(2)</a> wakeup, found by |
href="https://man.openbsd.org/kqueue.2">kqueue(2)</a> wakeup, found by |
| a Go testcase hang. |
a Go testcase hang. |
| <li>Bumped the maximum number of supported CPUs to 256 on arm64. |
<li>Bumped the maximum number of supported CPUs to 256 on arm64. |
| |
<!-- XXX should the following be here (swapper, pmem...) or maybe one entry describing them together? --> |
| <!-- XXX should the following be here (swapper, pmem...) or maybe one entry describing them together? --> |
|
| <li>Ensure uvm_swap_io() can succeed, even in out of memory |
<li>Ensure uvm_swap_io() can succeed, even in out of memory |
| situations, by reserving a second segment for the page daemon. |
situations, by reserving a second segment for the page daemon. |
| <li>Ensured progress in the swapper by pre-allocating pages in a DMA-reachable region. |
<li>Ensured progress in the swapper by pre-allocating pages in a DMA-reachable region. |
|
|
| returning an error. Previously an error could be returned to the fault |
returning an error. Previously an error could be returned to the fault |
| handler which would result in processes dying when a system was under |
handler which would result in processes dying when a system was under |
| a lot of memory pressure. |
a lot of memory pressure. |
| |
<!-- ... up to here --> |
| |
|
| <li>Added support for using non-standard UARTs (such as the Synopsys |
<li>Added support for using non-standard UARTs (such as the Synopsys |
| DesignWare UART) as an early console. |
DesignWare UART) as an early console. |
| |
|
| <li>Remove NexGen CPU identification code as the kernel cannot run on these CPUs anyway. |
<li>Remove NexGen CPU identification code as the kernel cannot run on these CPUs anyway. |
| <li>Remove Rise CPU identification code. |
<li>Remove Rise CPU identification code. |
| <li>Dropped detection code for 386sx/386dx CPUs. OpenBSD/i386 hasn't |
<li>Dropped detection code for 386sx/386dx CPUs. OpenBSD/i386 hasn't |
| actually supported running on either for some time. |
actually supported running on either for some time. |
| <li>Dropped detection code for Cyrix CPUs older than the Cyrix M2. |
<li>Dropped detection code for Cyrix CPUs older than the Cyrix M2. |
| |
|
| <li>Implemented the fundamentals for suspend/resume on arm64. |
<li>Implemented the fundamentals for suspend/resume on arm64. |
| <li>Simplified TSC synchronization testing on amd64. |
<li>Simplified TSC synchronization testing on amd64. |
| |
|
| <li>Corrected sparc64 ofwboot to default to the <a |
<li>Corrected sparc64 ofwboot to default to the <a |
| href="https://man.openbsd.org/softraid.4">softraid(4)</a> volume on the |
href="https://man.openbsd.org/softraid.4">softraid(4)</a> volume on the |
| boot device to make root on softraid work out of the box on sparc64 |
boot device to make root on softraid work out of the box on sparc64 |
|
|
| <li>Added support for booting from RAID 1C <a |
<li>Added support for booting from RAID 1C <a |
| href="https://man.openbsd.org/softraid.4">softraid(4)</a> volumes on |
href="https://man.openbsd.org/softraid.4">softraid(4)</a> volumes on |
| amd64, sparc64 and arm64. |
amd64, sparc64 and arm64. |
| |
|
| <li>Removed the obsolete kern.nselcoll <a |
<li>Removed the obsolete kern.nselcoll <a |
| href="https://man.openbsd.org/sysctl.2">sysctl(2)</a>. |
href="https://man.openbsd.org/sysctl.2">sysctl(2)</a>. |
| <li>Changed mips64, octeon, and loongson to trigger deferred clock |
<li>Changed mips64, octeon, and loongson to trigger deferred clock |
|
|
| switching between them depending on their quality properties. This |
switching between them depending on their quality properties. This |
| improves how timers backing <a |
improves how timers backing <a |
| href="https://man.openbsd.org/delay.9">delay(9)</a> are managed. |
href="https://man.openbsd.org/delay.9">delay(9)</a> are managed. |
| |
|
| </ul> |
</ul> |
| |
|
| <li>SMP Improvements |
<li>SMP Improvements |
|
|
| <li>Made <a href="https://man.openbsd.org/unix.4">unix(4)</a> domain |
<li>Made <a href="https://man.openbsd.org/unix.4">unix(4)</a> domain |
| sockets locking per-socket rather than coarse locking of the entire |
sockets locking per-socket rather than coarse locking of the entire |
| domain sockets layer. |
domain sockets layer. |
| |
|
| <li>... |
|
| </ul> |
</ul> |
| |
|
| <li>Direct Rendering Manager and graphics drivers |
<li>Direct Rendering Manager and graphics drivers |
|
|
| <li>Added forest (-f) mode to <a |
<li>Added forest (-f) mode to <a |
| href="https://man.openbsd.org/ps.1">ps(1)</a>. |
href="https://man.openbsd.org/ps.1">ps(1)</a>. |
| <li>Sped up <a href="https://man.openbsd.org/wc.1">wc(1)</a> word counting. |
<li>Sped up <a href="https://man.openbsd.org/wc.1">wc(1)</a> word counting. |
| |
|
| </ul> |
</ul> |
| |
|
| <li>Improved hardware support and driver bugfixes, including: |
<li>Improved hardware support and driver bugfixes, including: |
|
|
| out of the UNDEFINED state. |
out of the UNDEFINED state. |
| <li>Added Wacom One S (CTL-472) support to <a |
<li>Added Wacom One S (CTL-472) support to <a |
| href="https://man.openbsd.org/uwacom.4">uwacom(4)</a>. |
href="https://man.openbsd.org/uwacom.4">uwacom(4)</a>. |
| |
|
| </ul> |
</ul> |
| |
|
| <li>New or improved network hardware support: |
<li>New or improved network hardware support: |
| <ul> |
<ul> |
| |
|
| <li>Increased rx buffer size on <a |
<li>Increased rx buffer size on <a |
| href="https://man.openbsd.org/uaq.4">uaq(4)</a> to 62kB. |
href="https://man.openbsd.org/uaq.4">uaq(4)</a> to 62kB. |
| <li>Repaired <a href="https://man.openbsd.org/rge.4">rge(4)</a> |
<li>Repaired <a href="https://man.openbsd.org/rge.4">rge(4)</a> |
|
|
| <li>Fixed integer overflows in the <a |
<li>Fixed integer overflows in the <a |
| href="https://man.openbsd.org/iwm.4">iwm(4)</a> and <a |
href="https://man.openbsd.org/iwm.4">iwm(4)</a> and <a |
| href="https://man.openbsd.org/iwx.4">iwx(4)</a> firmware file parsers. |
href="https://man.openbsd.org/iwx.4">iwx(4)</a> firmware file parsers. |
| |
|
| </ul> |
</ul> |
| |
|
| <li>IEEE 802.11 wireless stack improvements and bugfixes: |
<li>IEEE 802.11 wireless stack improvements and bugfixes: |
|
|
| <li>Added support for wildcards in <a |
<li>Added support for wildcards in <a |
| href="https://man.openbsd.org/fw_update.8">fw_update(8)</a> patterns. |
href="https://man.openbsd.org/fw_update.8">fw_update(8)</a> patterns. |
| |
|
| <!-- XXX no idea where to put bootblock stuff --> |
<!-- XXX no idea where to put bootblock stuff --> |
| <li>Added NFS client support to the luna88k RAMDISK kernel. |
<li>Added NFS client support to the luna88k RAMDISK kernel. |
| <li>Made the EFI bootloader provide the extra parameters necessary to |
<li>Made the EFI bootloader provide the extra parameters necessary to |
| use non-standard UARTs on the AMD Ryzen Embedded V1000 SoCs as console. |
use non-standard UARTs on the AMD Ryzen Embedded V1000 SoCs as console. |
| <li>Switched bootloaders to the extended BOOTARG_CONSDEV struct. |
<li>Switched bootloaders to the extended BOOTARG_CONSDEV struct. |
| <li>Added UFS2 support to landisk boot blocks. |
<li>Added UFS2 support to landisk boot blocks. |
| |
|
| |
|
| </ul> |
</ul> |
| |
|
| <li>Security improvements: |
<li>Security improvements: |
|
|
| dynamically linked to allow them to benefit from all the additional |
dynamically linked to allow them to benefit from all the additional |
| mitigations that dynamically linked executables gain. NFS mounting of |
mitigations that dynamically linked executables gain. NFS mounting of |
| /usr must now use statically configured IP addresses. |
/usr must now use statically configured IP addresses. |
| |
|
| </ul> |
</ul> |
| |
|
| <li>Changes in the network stack: |
<li>Changes in the network stack: |
| <ul> |
<ul> |
| |
<li>Added the <a |
| |
href="https://man.openbsd.org/recvmmsg.2">recvmmsg(2)</a> system call |
| |
that allows receiving multiple msghdrs at once, and the <a |
| |
href="https://man.openbsd.org/sendmmsg.2">sendmmsg</a> syscall that |
| |
allows sending multiple msghdrs at once. |
| <li>Relaxed address availability check for <a |
<li>Relaxed address availability check for <a |
| href="https://man.openbsd.org/multicast.4">multicast(4)</a> binds so |
href="https://man.openbsd.org/multicast.4">multicast(4)</a> binds so |
| processes listening for the same multicast address do not need to be |
processes listening for the same multicast address do not need to be |
|
|
| where a pool defined like "172.16.0.0/16" would count as a pool size |
where a pool defined like "172.16.0.0/16" would count as a pool size |
| of one address. Also fixed random selection of source address to be |
of one address. Also fixed random selection of source address to be |
| uniform across the whole pool. |
uniform across the whole pool. |
| |
<li>Fixed a kernel panic in <a |
| |
href="https://man.openbsd.org/pf.4">pf(4)</a> if IP options with an |
| |
ICMP payload were truncated. Such packets will now be dropped instead. |
| <li>Allow forwarding to and from IPs in the 240/4 range. |
<li>Allow forwarding to and from IPs in the 240/4 range. |
| <li>Corrected the Virtual Ethernet Bridge <a |
<li>Corrected the Virtual Ethernet Bridge <a |
| href="https://man.openbsd.org/veb.4">veb(4)</a> to avoid calling |
href="https://man.openbsd.org/veb.4">veb(4)</a> to avoid calling |
| if_enqueue from an smr critical section. |
if_enqueue from an smr critical section. |
| <li>Fixed a kernel panic in <a |
<li>Reworked the kroute rttimer code to fix icmp_pmtu_timeout crashes. |
| href="https://man.openbsd.org/pf.4">pf(4)</a> if IP options with an |
|
| ICMP payload were truncated. Such packets will now be dropped instead. |
|
| <li>Reworked the rttimer code to fix icmp_pmtu_timeout crashes. |
|
| <li>Fixed an interrupt storm upon suspend on Amlogic arm64 boards. |
<li>Fixed an interrupt storm upon suspend on Amlogic arm64 boards. |
| |
|
| <li>Fixed a race between pflow_output_process() and |
<li>Fixed a race between pflow_output_process() and |
| pflow_clone_destroy() in <a |
pflow_clone_destroy() in <a |
| href="https://man.openbsd.org/pflow.4">pflow(4)</a>. |
href="https://man.openbsd.org/pflow.4">pflow(4)</a>. |
| <li>Added a missing input validation step to <a |
<li>Added a missing input validation step to <a |
| href="https://man.openbsd.org/pipex.4">pipex(4)</a> mppe keylenbits. |
href="https://man.openbsd.org/pipex.4">pipex(4)</a> mppe keylenbits. |
| <li>Added the <a |
</ul> |
| href="https://man.openbsd.org/recvmmsg.2">recvmmsg(2)</a> system call |
|
| that allows receiving multiple msghdrs at once. |
|
| |
|
| </ul> |
|
| |
|
| <li>Routing daemons and other userland network improvements: |
<li>Routing daemons and other userland network improvements: |
| <ul> |
<ul> |
| <li>IPsec support was improved: |
<li>IPsec support was improved: |
|
|
| <li>Added <a href="https://man.openbsd.org/iked.8">iked(8)</a> |
<li>Added <a href="https://man.openbsd.org/iked.8">iked(8)</a> |
| connection statistics for successful and failed connections, error |
connection statistics for successful and failed connections, error |
| types, and other events that can be printed with "ikectl show stats". |
types, and other events that can be printed with "ikectl show stats". |
| |
|
| </ul> |
</ul> |
| <li>In <a href="https://man.openbsd.org/bgpd.8">bgpd(8)</a>, |
<li>In <a href="https://man.openbsd.org/bgpd.8">bgpd(8)</a>, |
| <ul> |
<ul> |
|
|
| <li>Made sure only one <a |
<li>Made sure only one <a |
| href="https://man.openbsd.org/bgpd.8">bgpd(8)</a> roa softreconfig |
href="https://man.openbsd.org/bgpd.8">bgpd(8)</a> roa softreconfig |
| runner is run at any time. |
runner is run at any time. |
| |
|
| </ul> |
</ul> |
| <li><a href="https://man.openbsd.org/rpki-client.8">rpki-client(8)</a> saw some changes: |
<li><a href="https://man.openbsd.org/rpki-client.8">rpki-client(8)</a> saw some changes: |
| <ul> |
<ul> |
|
|
| <li>Add support for validating Autonomous System Provider Authorization |
<li>Add support for validating Autonomous System Provider Authorization |
| (ASPA) objects conforming to draft-ietf-sidrops-aspa-profile-10. |
(ASPA) objects conforming to draft-ietf-sidrops-aspa-profile-10. |
| Validated ASPA payloads are visible in JSON and filemode (-f) output. |
Validated ASPA payloads are visible in JSON and filemode (-f) output. |
| <li>Set rsync connection I/O idle timeout to 15 seconds. |
<li>Set <a href="https://man.openbsd.org/openrsync.1">rsync(1)</a> connection I/O idle timeout to 15 seconds. |
| <li>Unify the maximum idle I/O and connect timeouts for rsync & HTTPS. |
<li>Unify the maximum idle I/O and connect timeouts for <a href="https://man.openbsd.org/openrsync.1">rsync(1)</a> & HTTPS. |
| <li>rpki-client now performs stricter EE certificate validation: |
<li><a href="https://man.openbsd.org/rpki-client.8">rpki-client(8)</a> now performs stricter EE certificate validation: |
| <ul> |
<ul> |
| <li>Disallow AS Resources extensions in ROA EE certificates. |
<li>Disallow AS Resources extensions in ROA EE certificates. |
| <li>Disallow Subject Information Access (SIA) extensions in RPKI |
<li>Disallow Subject Information Access (SIA) extensions in RPKI |
|
|
| <li>Improve compliance with the HTTP protocol specification. |
<li>Improve compliance with the HTTP protocol specification. |
| </ul> |
</ul> |
| |
|
| <li>In <a href="https://man.openbsd.org/ldapd.8">ldapd(8)</a>, |
|
| match password schemas case sensitive. |
|
| |
|
| <li>In <a href="https://man.openbsd.org/snmpd.8">snmpd(8)</a>, |
<li>In <a href="https://man.openbsd.org/snmpd.8">snmpd(8)</a>, |
| <ul> |
<ul> |
| <li>Allow object names to be used in addition to OIDs in |
<li>Allow object names to be used in addition to OIDs in |
|
|
| <a href="https://man.openbsd.org/snmpd.8">snmpd(8)</a> metrics. |
<a href="https://man.openbsd.org/snmpd.8">snmpd(8)</a> metrics. |
| </ul> |
</ul> |
| |
|
| |
<li>In <a href="https://man.openbsd.org/ldapd.8">ldapd(8)</a>, |
| |
match password schemas case sensitive. |
| <li>In <a href="https://man.openbsd.org/ospfd.8">ospfd(8)</a>, |
<li>In <a href="https://man.openbsd.org/ospfd.8">ospfd(8)</a>, |
| relax the limitations on what is an acceptable unicast IP. There are no |
relax the limitations on what is an acceptable unicast IP. There are no |
| more experiments in IPv4 and so there is less reason for network |
more experiments in IPv4 and so there is less reason for network |
|
|
| instead of <a href="https://man.openbsd.org/alarm.3">alarm(3)</a>. |
instead of <a href="https://man.openbsd.org/alarm.3">alarm(3)</a>. |
| This allows failing over to another IP address for hosts that have |
This allows failing over to another IP address for hosts that have |
| more than one. |
more than one. |
| |
|
| </ul> |
</ul> |
| |
|
| <li><a href="https://man.openbsd.org/tmux.1">tmux(1)</a> improvements and bug fixes: |
<li><a href="https://man.openbsd.org/tmux.1">tmux(1)</a> improvements and bug fixes: |
|
|
| href="https://man.openbsd.org/tmux.1">tmux(1)</a>. |
href="https://man.openbsd.org/tmux.1">tmux(1)</a>. |
| <li>Fixed <a href="https://man.openbsd.org/tmux.1">tmux(1)</a> window |
<li>Fixed <a href="https://man.openbsd.org/tmux.1">tmux(1)</a> window |
| size reporting. |
size reporting. |
| |
|
| </ul> |
</ul> |
| |
|
| <li>LibreSSL version 3.6.0 |
<li>LibreSSL version 3.6.0 |
![[BACK]](/icons/back.gif){kind=icon}
Return to 72.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www