version 1.10, 2023/10/07 12:55:08 |
version 1.11, 2023/10/10 21:33:54 |
|
|
|
|
<li>New/extended platforms: |
<li>New/extended platforms: |
<ul> |
<ul> |
<li>... |
<li>On arm64, implement branch target protection using the branch |
|
target identification feature introduced in Armv8.5. This provides |
|
"head-CFI" to complement the "tail-CFI" provided by retguard, and is |
|
supported on Apple M2. |
</ul> |
</ul> |
|
|
<li>Various kernel improvements: |
<li>Various kernel improvements: |
<ul> |
<ul> |
<li>... |
<li>On amd64, identify IBT capability in cpu(4) dmesg lines. |
|
<li>On arm64, show BT and SBSS features in dmesg(8). |
|
<li>Map device tree read/write to unbreak root on softraid(4). |
</ul> |
</ul> |
|
|
<li>SMP Improvements |
<li>SMP Improvements |
|
|
|
|
<li>VMM/VMD improvements |
<li>VMM/VMD improvements |
<ul> |
<ul> |
<li>... |
<li>Avoid use of uninitialised memory in vmd(8). |
</ul> |
</ul> |
|
|
<li>Various new userland features: |
<li>Various new userland features: |
<ul> |
<ul> |
<li>... |
<li>Update zoneinfo to tzdata2023c. |
</ul> |
</ul> |
|
|
<li>Various bugfixes and tweaks in userland: |
<li>Various bugfixes and tweaks in userland: |
<ul> |
<ul> |
<li>... |
<li>Refactoring and documenting of fdisk(8) code, to make the code |
|
easier to maintain. |
|
<li>In clang, allow out-of-class defaulting of comparison operators, |
|
by ways of backporting an upstream commit. |
|
<li>Improve the code of aucat(1) and fix spelling mistakes. |
|
<li>Improve the code quality of find(1). |
|
<li>Many changes in mg(1): |
|
<ul> |
|
<li>Improve the readability of the code of mg(1). |
|
<li>In mg(1), fall back to /bin/sh if $SHELL is undefined. |
|
<li>Fix parsing of tag files with duplicate entries in mg (1). |
|
Instead of erroring out ignore duplicates. Fixes using |
|
/var/db/libc.tags again. |
|
<li>In mg(1), change tagvisit (aka visit-tag-table) to immediately |
|
load the tag file, and drop the lazy mechanics. |
|
<li>Remove useless global variable in mg(1). |
|
<li>Plug memory leak in mg(1). |
|
<li>Replace strncpy() with strlcpy() in mg(1). |
|
<li>Skip checking permissions of conffile with access(2). |
|
</ul> |
|
<li>On aarch64 architectures improve how BTI control flow integretry |
|
enforcement is implemented in the executable entry point and enable |
|
support for BTI control flow integrety checks in libc assembly |
|
functions. |
|
|
</ul> |
</ul> |
|
|
<li>Improved hardware support and driver bugfixes, including: |
<li>Improved hardware support and driver bugfixes, including: |
<ul> |
<ul> |
<li>... |
<li>Add support for the RK3568 32k RTC clock in rkclock(4) |
|
<li>In dwpcie(4) attach Baikal-M PCIe. |
|
<li>In openfirmware, implement regulator notifiers which get called |
|
when the voltage/current for a regulator is changed or when the |
|
regulator gets initialized when it attaches for the first time. The |
|
latter makes it possible to register a notifier for a regulator that |
|
hasn't attached yet. |
|
<li>Add rkiovd(4), a driver for the IO voltage domains on Rockchip SoCs. |
|
|
</ul> |
</ul> |
|
|
<li>New or improved network hardware support: |
<li>New or improved network hardware support: |
<ul> |
<ul> |
<li>... |
<li>Fix dwqe(4) on several boards that use rgephy(4) by configuring |
|
the RGMII interface before taking the PHY out of reset. |
|
<li>Document that Intel i226 adapters are supported by igc(4). |
|
<li>Add ngbe(4), a driver for WangXun WX1860 PCI Express 10/100/1Gb Ethernet devices. |
</ul> |
</ul> |
|
|
<li>Added or improved wireless network drivers: |
<li>Added or improved wireless network drivers: |
<ul> |
<ul> |
<li>... |
<li>Improve how Quectel LTE&5G devices attach to umb(4). |
</ul> |
</ul> |
|
|
<li>IEEE 802.11 wireless stack improvements and bugfixes: |
<li>IEEE 802.11 wireless stack improvements and bugfixes: |
|
|
|
|
<li>Installer, upgrade and bootloader improvements: |
<li>Installer, upgrade and bootloader improvements: |
<ul> |
<ul> |
<li>... |
<li>In the arm64 ramdisk, simplify apple firmware copying to make it |
|
easier to add new firmware. |
|
<li>On armv7 and arm64, silence informational messages from dd(1) |
|
when zeroing a disk's first 1MB. Use character not block devices with |
|
dd(1) like on other architectures. |
|
<li>Refactor the code of md_installboot() on armv7 and arm64 to be |
|
more in line with other architectures. |
|
<li>Improve the dialogue of the installer without affecting |
|
autoinstall(8) files. |
|
<li>Enable ufshci(4) on arm64 RAMDISKs. |
|
|
</ul> |
</ul> |
|
|
<li>Security improvements: |
<li>Security improvements: |
<ul> |
<ul> |
<li>... |
<li>Change malloc(3) chunk sizes to be fine grained. [needs better explaination] |
|
<li>In malloc(3), check all chunks in the delayed free list for write-after-free. |
</ul> |
</ul> |
|
|
<li>Changes in the network stack: |
<li>Changes in the network stack: |
|
|
<ul> |
<ul> |
<li>IPsec support was improved: |
<li>IPsec support was improved: |
<ul> |
<ul> |
<li>... |
<li>In isakmpd(8), avoid a double free in ec_init() when using the OpenSSL API. |
|
<li>In iked(8), do not treat the return value of i2d_ECDSA_SIG() as |
|
lenght as it can be negative. |
|
<li>Prepare isakmpd(8) for a libcrypto library that is lacking binary field |
|
support. |
|
<li>In isakmpd(8), avoid a potential crash by addind a missing NULL check. |
|
|
</ul> |
</ul> |
<li>In <a href="https://man.openbsd.org/bgpd.8">bgpd(8)</a>, |
<li>In <a href="https://man.openbsd.org/bgpd.8">bgpd(8)</a>, |
<ul> |
<ul> |
|
|
<li>... |
<li>... |
</ul> |
</ul> |
|
|
<li>... |
<li>Make dig(1) use less deprecated LibreSSL API. |
|
<li>In ypldap(8), reduce memory usage when updating larger directories. |
</ul> |
</ul> |
|
|
<li><a href="https://man.openbsd.org/tmux.1">tmux(1)</a> improvements and bug fixes: |
<li><a href="https://man.openbsd.org/tmux.1">tmux(1)</a> improvements and bug fixes: |
<ul> |
<ul> |
<li>... |
<li>For passthrough, don't write to clients attached to different sessions. |
|
<li>Add a format to show if there are unseen changes while in a mode. |
</ul> |
</ul> |
|
|
<li>LibreSSL version 3.8.2 |
<li>LibreSSL version 3.8.2 |