| version 1.79, 2023/10/14 19:53:05 |
version 1.80, 2023/10/14 21:13:43 |
|
|
| <li>On arm64, use the deep idle state available on Apple M1/M2 cores |
<li>On arm64, use the deep idle state available on Apple M1/M2 cores |
| in the idle loop and for suspend, resulting in power savings. |
in the idle loop and for suspend, resulting in power savings. |
| <!-- reverted <li>In <a href="https://man.openbsd.org/xhci.4">xhci(4)</a>, when |
<!-- reverted <li>In <a href="https://man.openbsd.org/xhci.4">xhci(4)</a>, when |
| detaching devices when we suspend, we need to continue processing |
detaching devices during suspend, must continue processing |
| command completion events. This fixes USB suspend/resume in Apple |
command completion events. This fixes USB suspend/resume in Apple |
| M1/M2. --> |
M1/M2. --> |
| </ul> |
</ul> |
|
|
| the RGMII interface before taking the PHY out of reset. |
the RGMII interface before taking the PHY out of reset. |
| <li>Improve <a href="https://man.openbsd.org/dwqe.4">dwqe(4)</a> and |
<li>Improve <a href="https://man.openbsd.org/dwqe.4">dwqe(4)</a> and |
| determine PHY mode and pass the appropriate flags down to the PHY when |
determine PHY mode and pass the appropriate flags down to the PHY when |
| we attach it. |
attaching. |
| <li>Report in <a href="https://man.openbsd.org/dmesg.8">dmesg(8)</a> on |
<li>Report in <a href="https://man.openbsd.org/dmesg.8">dmesg(8)</a> on |
| which gmac the <a href="https://man.openbsd.org/dwqe.4">dwqe(4)</a> |
which gmac the <a href="https://man.openbsd.org/dwqe.4">dwqe(4)</a> |
| driver is attaching to. |
driver is attaching to. |
|
|
| |
|
| <li>Security improvements: |
<li>Security improvements: |
| <ul> |
<ul> |
| <li>We enabled support for branch target identification (BTI) in both |
<li>Enabled support for branch target identification (BTI) in both |
| the kernel and userland. On hardware that supports this feautre, it |
the kernel and userland. On hardware that supports this feautre, it |
| helps enforcing control flow integrety by making sure malicious code |
helps enforcing control flow integrety by making sure malicious code |
| cannot jump into the middle of a function. |
cannot jump into the middle of a function. |
| <li>We enabled support for pointer authentication (PAC) in userland. On |
<li>Enabled support for pointer authentication (PAC) in userland. On |
| hardware that supports this feature it helps enforcing control flow |
hardware that supports this feature it helps enforcing control flow |
| integrety by making sure malicious code cannot manipulate a |
integrety by making sure malicious code cannot manipulate a |
| function's return address. |
function's return address. |
| <li>On the amd64 architecture, we enabled support for indirect |
<li>On the amd64 architecture, enabled support for indirect |
| branch tracking (IBT) in both the kernel and userland. On hardware |
branch tracking (IBT) in both the kernel and userland. On hardware |
| that supports this feature, it helps enforcing control flow integrety |
that supports this feature, it helps enforcing control flow integrety |
| by making sure malicious code cannot jump into the middle of a |
by making sure malicious code cannot jump into the middle of a |
| function. |
function. |
| <li>On the arm64 architecture, we enabled support for branch target |
<li>On the arm64 architecture, enabled support for branch target |
| identification (BTI) in both the kernel and userland. On hardware |
identification (BTI) in both the kernel and userland. On hardware |
| that supports this feature, it helps enforcing control flow integrety |
that supports this feature, it helps enforcing control flow integrety |
| by making sure malicious code cannot jump into the middle of a |
by making sure malicious code cannot jump into the middle of a |
| function. |
function. |
| <li>On the arm64 architecture, we enabled support for pointer |
<li>On the arm64 architecture, enabled support for pointer |
| authentication (PAC) in userland. On hardware that supports this |
authentication (PAC) in userland. On hardware that supports this |
| feature it helps enforcing control flow integrety by making sure |
feature it helps enforcing control flow integrety by making sure |
| malicious code cannot manipulate a function's return address. |
malicious code cannot manipulate a function's return address. |
|
|
| remove artificial limit of 2 hours on a PIO lifetime. |
remove artificial limit of 2 hours on a PIO lifetime. |
| <li>Make <a href="https://man.openbsd.org/ypldap.8">ypldap(8)</a> |
<li>Make <a href="https://man.openbsd.org/ypldap.8">ypldap(8)</a> |
| more resilient when some servers are |
more resilient when some servers are |
| misbehaving: keep trying LDAP servers until we get full results from |
misbehaving: keep trying LDAP servers until full results arrive |
| one, rather than just until one accepts the TCP connection. |
rather than just until one accepts the TCP connection. |
| <li>New <a href="https://man.openbsd.org/ifconfig.8#wgdescription" |
<li>New <a href="https://man.openbsd.org/ifconfig.8#wgdescription" |
| >wgdescription</a> parameter to |
>wgdescription</a> parameter to |
| <a href="https://man.openbsd.org/ifconfig.8">ifconfig(8)</a> |
<a href="https://man.openbsd.org/ifconfig.8">ifconfig(8)</a> |
![[BACK]](/icons/back.gif){kind=icon}
Return to 74.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www