=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/plus71.html,v retrieving revision 1.1 retrieving revision 1.2 diff -c -r1.1 -r1.2 *** www/plus71.html 2022/03/26 00:58:58 1.1 --- www/plus71.html 2022/03/28 03:24:39 1.2 *************** *** 94,102 ****

Changes made between OpenBSD 7.0 and 7.1

Moved to rpki-client(8) 7.6. !

Made fdisk(1) -A preserve BIOS boot partition.

Used installboot(8) in riscv64 install.md.

Added a key in tmux(1) copy mode to toggle the position indicator. --- 94,309 ----

Changes made between OpenBSD 7.0 and 7.1

Implemented most of CMS related checks in rpki-client(8) required by RFC 6488 section 3. +
Added fix in zlib for CLEAR_HASH macro. +
Added OSC 7 capability to tmux(1) for setting titles. + +
Fixed a small ntpd(8) leak. +
Rate limit rad(8) router advertisements according to RFC 4861. +
Fixed iwm(4) 802.11ac throughput at a distance. + + +
Made sure nothing can map address zero on RISC-V. + +
Fixed crash in slaacd(8) when receiving a negative length field for DNS labels. +
Added code to update hw.power whenever AC state changes on resume. +
Added support for XBox One game controller on usb. + +
Fix IP output routines on raw sockets so route sourceaddr can take effect using sendto(2) or similar. +
Avoid calling setrtable(2) unless "rtable" is set explicitly in login.conf. +
Prevent panic in softraid(4) while rebooting if softraid has been disabled. +
Prevent announcing VHT capabilities on iwm(4) and iwx(4) for 2GHz bands during scans. +
Fixed argument list leak in scp(1). + +
Enabled interrupt moderation on aq(4), aiming at around 20k per second. +
When choosing networks during SSID selection, give a higher score to 11ac and 11n access points, prioritizing 11ac. +
Fixed attach of multiple iwm(4) or iwx(4) interfaces in the same machine. +
Add initial 802.11ac support to iwm(4). +
Added 802.11ac/VHT TX rate adaptation support to the wifi stack. + + +
Made sure sshd(8) does not try to resolve ListenAddress when re-execing. +
Fixed ssh-keygen(1) SEGV when using -Y check-novalidate. +
New logic for pkg_add(1) to avoid excessive moving of files during updates when possible. +
Avoid legacy CSS2 syntax and use CSS3 two-value syntax in mandoc(1). +
Updated time zone database to tzdata2022a. +
Made tcpdump(8) show 802.11ac VHT capability and operation IEs in -v mode. +
Add tmux(1) option to control if it scrolls into history on clear. + +
Make sure iked(8) vroute messages are correctly aligned, fixes autoconfiguration of addresses on octeon. +
Added an option in tmux(1) to set the character for unused areas of the terminal. +
Updated nsd(8) to version 4.4.0. + +
Bumped LibreSSL to 3.5.2. +
Fixed reading motherboard time on Apple machines with old SMC firmware. +
Make su(1) honor the login class routing table when doing a full login with su -l. +
Fixed infinite loop in libcrypto for certain elliptic curve public key operations. +
Enabled IP header checksum offloading in ix(4). +
Changed the way $macros are expanded in bgpd.conf(5). +
Fix TX rate used by rtwn(4) and urtwn(4) for RTS frames. + +
Fixed sndiod(8) crash. +
Enabled checksum offloads on aq(4). +
Added -k flag to gzip(1) and gunzip(1) to retain (de)compressed file. +
Made sure armv7,arm64 and risc-v FDT bootloader code does not write beyond the FDT data structure. +
Added 802.11ac support on iwx(4). +
Added initial 802.11ac (VHT) support to the wifi stack. +
Improved TX performance on urtwn(4) RTL8192EU devices. +
Improved message fragment retransmissions for iked(8). + +
Fix crash in IPSec while doing parallel IP forwarding. +
Add missing error check for x509 constraints code in libcrypto. +
Enable vlan promisc, header stripping and vlan RX/TX offload on aq(4). + +
Let unwind(8) probe for DNS64 presence with an absolute name, so asr doesn't add search domains and retry. + +
Made fdisk(8) preserve the EFI System partition when auto-allocating space on GPT disks with magic Apple partitions. +
Fixed receive filter handling in aq(4). +
Fixed masked signal traps while in a debugger. +
Fixed overflow protection code in rpki-client(8). + +
Enabled PL011 UART FIFO support in pluart(4). +
Fixed RISC-V lld link code when dealing with object files created with "ld -b". +
Added kernel interfaces for atomic load and store functions for int and long to be used in reference counted struct members. +
Prevented an assert in uvm_page.c when freeing an anon after swapping out its memory. +
Added mtw(4) to fw_update(8). + +
Prevented aq(4) nics from writing to mbufs taken off the ring when the interface was taken down. + +
Updated libexpat to 2.4.7. +
Improved roaming stability on iwn(4), particularly with wpa_supplicant. + + +
Switched aucat(1) internal sample representation and default file encoding to 24-bit. +
Switched sndiod(8) internal sample representation to 24-bit fixed point. +
Renamed net80211 ioctl(2) struct ieee80211_channel to struct ieee80211_chaninfo. +
Updated to xf86-video-amdgpu 22.0.0. +
Prevented a possible deadlock in cad(4). + +
Made the arm64 ramdisk installer fetch bwfm(4) firmware from the EFI System Partition on Apple Silicon devices for use during installation and addition to the newly installed system. + + +
Added support for the BCM4387 to bwfm(4). + +
Improved handling of static compressed gzip files in httpd(8). + +
Added openvpn ports (udp/1194 & tcp/1194) to /etc/services. +
Added an ofw interface to write to an nvmem cell. +
Added RTC support to aplsmc(4). +
Added nvmem support to aplpmu(4) and made it available on Apple SPMI PMUs. + +
Added pax(1) support for mtime/atime/ctime extended headers in !SMALL builds. +
Ensured apldart(4) keeps the DART enabled in front of the display controller to preserve its access to the framebuffer and continued display. +
Added handling for vmd(8) hitting resource limits when starting a vm and added memory error messages for the user. +
Modified aplintc(4) to support a newer interrupt controller, making OpenBSD run on M1 Pro/Max machines. + +
Added rtable capability to login.conf(5). +
Provided a login class for vmd(8). + +
Added mbuf tags to prevent output loops in etherip(4). +
Fixed backtraces on i386 and armv7. +
Added a gzip-static option to httpd.conf(5), allowing delivery of precompressed files with content-encoding gzip. + +
Added a malloc(3) cache of regions between 128k and 2M to accommodate programs allocating and deallocating regions of these sizes quickly. +
Fixed setusercontext(3) error when /etc/login.conf is not present. + +
Protected pfsync(4) tdb flags and lists with a mutex to prevent crashes involving pfsync, IPsec and parallel forwarding. +
Enabled cduart(4) on arm64. + +
Released LibreSSL 3.5.0. +
Fixed kernel stack alignment on riscv64. +
Unlocked getsockname(2). + +
Updated Mesa to 21.3.7. +
Updated to unbound(8) 1.15.0. +
Made it possible to bind and connect to non-default ports in bgpd.conf(5). +
Randomized the password used in fakepw in ssh(1). +
Released OpenSSH 8.9. + +
Extended and reordered the process accounting information structure acct(5). Flag Day for the acct(2) file format. +
Added seq(1), a command to print sequences of numbers. +
Added new _MAXCOMLEN (a proper string expanded to 24 bytes including the NUL) to syslimits, allowing replacement of the MAXCOMLEN symbol from sys/param.h in userland. +
Updated libexpat to 2.4.6. +
Stopped hiding the mtu on "bridge" interfaces which do handle l3 traffic in ifconfig(8). +
Improved stack unwinding on riscv64 in ddb(4). +
Made audio(4) event filters MP-safe. + +
In rpc.rusersd(8) unveil(2) "/dev" read-only instead of using chroot(2). +
Updated to libX11 1.7.3.1. + +
Capped the daemon login class datasize at either 1G or 4G depending on the architecture and set the bgpd class datasize to either 16G or 1G. +
Made ping(8) print out the source address and sequence number when the signature on an icmp echo reply doesn't match. +
Made fw_update(8) use the /snapshots directory only on -current. +
Fixed vi(1) recovery mode. +
Added aplcpu(4), a driver to control the CPU performance levels on Apple SoCs. +
Prevented a potential crash when slaacd(8) receives more than 7 nameservers. +
Updated xorg-server to 21.1.3, leaving in place an earlier change to compute the screen resolution from dimensions returned by the screen, reverted by upstream. +
Moved to OpenBSD 7.1-beta. + +
Enabled subpixel rendering in FreeType. +
Used installboot(8) in install.md for armv7. + +
Made apmd(8) replace /etc/random.seed for hibernate-resumes. +
Enabled TLS verify by default for outbound "smtps://" and "smtp+tls://", restoring documented smtpd(8) behavior. +
Introduced mpfgpio(4), a driver for the PolarFire SoC MSS GPIO controller. + +
If S4 is not available, use S5 for the ACPI-transitions in hibernate support. +
Corrected architecture checking to prevent partial building of binutils-2.17 on unsupported systems. + +
Introduced mpfiic(4), a driver for the PolarFire SoC MSS I2C controller. + +
Correlated uaudio(4) and ucc(4) devices attacked over USB in order to adjust the volume of the correct attached audio device rather than the first one attached. +
Fixed suspend/resume issues with com(4) at acpi(4). +
Ensured the pf(4) "set prio" values are checked consistently. +
Prevented reopening of tun(4)/tap(4) interfaces which are being destroyed. +
Rewrote vxlan(4) to operate independently of bridge(4), create and bind udp sockets and prevent loops. + +
Prevented tweaks to tun(4) if_flags when the NET_LOCK isn't held. +
Used fdisk(8) -b to create the desired 1MB MSDOS boot partition for macppc rather than relying on /usr/mdec/mbr. + +
Added support to explicitly power on some PCIe devices on the M1 and M1 Pro/Max through a GPIO controlled by the SMC. +
Added basic GPIO support to aplsmc(4). +
Improved tracking of mbuf memory usage in the whole system. + + + +
Made rcctl(8) look for the login class in both login.conf and login.conf.d/${class}. +
Enabled receive checksum offloading on ixl(4). +
Stopped smtpd(8) from verifying the cert or CA for a relay using opportunistic TLS. +
Updated Devel::PPPort to 3.6.4. +
Unveil(2) _PATH_LOGIN_CONF_D. +
Introduced support for storing capability databases in /etc/login.conf.d, allowing easy addition of custom login classes from packages. +
Switched to using fdisk(8) -b to create boot partitions on multiple architectures. + +
Stopped unregistering firmware with fw_update(8) when the SHA256.sig cannot be fetched. +
Enabled acpibat(4) use with the Surface Go 3. +
Fixed getcap(1) -f option when passed multiple files. +
Enabled more flexible device matching for I2C devices. +
Increased armv7 ramdisk size. + +
Added a CRL check for manifests to rpki-client(8). +
Re-enabled ixl(4) IPv4, TCP4/6 and UDP4/6 checksum offloading. +
Switched ssh(1) hpdelim interface to accept only ":" as a delimiter. +
Enabled hardware vlan tagging for ixl(4). +
Implemented the poll(2) system call on top of the kqueue(2) subsystem, obsoleting the old, non-MP-safe poll backend. +
Plugged a leak in libtls CRL handling. + +
Reworked ix(4) checksum/vlan offloading and enabled it for IPv6. +
Added ps(1) status flag "c" to indicate a process is chrooted. +
Allowed ddb(4) trace through interrupt on macppc. +
Released rpki-client(8) 7.6. + +
Allowed riscv64 installation on a disk with a GPT. +
Enabled support for displaying an estimated battery recharge time in apm(8) and apmd(8). + +
Grew the dmesg(8) buffer on i386 from 4 to 8 pages. + +
Enforced RFC 6384 certificate policy for RPKI in rpki-client(8).
Moved to rpki-client(8) 7.6. !
Made fdisk(8) -A preserve BIOS boot partition.
Used installboot(8) in riscv64 install.md.
Added a key in tmux(1) copy mode to toggle the position indicator. *************** *** 142,148 ****
Improved how quirks are handled on sdhc(4)-compatible drivers.
Introduced cdsdhc(4), a driver for the Cadence SD/SDIO/eMMC host controller. !
Made transferring multiple files in scp(1) mode create the destination if it doesn't already exist.
Updated libexpat to 2.4.3.
Allowed more memory ranges in hibernate. --- 349,355 ----
Improved how quirks are handled on sdhc(4)-compatible drivers.
Introduced cdsdhc(4), a driver for the Cadence SD/SDIO/eMMC host controller. !
Made transferring multiple files in scp(1) mode create the destination if it doesn't already exist.
Updated libexpat to 2.4.3.
Allowed more memory ranges in hibernate. *************** *** 158,164 ****
Implemented powerdown in arm64.
Improved performance of rev(1). !
Set cpuspeed to 0 in apm(1) when hw.cpuspeed cannot be retrieved.
Fixed sdhc(4) for Jasper Lake eMMC.
Added Synopsys Designware UART support to com(4). --- 365,371 ----
Implemented powerdown in arm64.
Improved performance of rev(1). !
Set cpuspeed to 0 in apm(8) when hw.cpuspeed cannot be retrieved.
Fixed sdhc(4) for Jasper Lake eMMC.
Added Synopsys Designware UART support to com(4). *************** *** 186,192 ****
Added a basic printer for EAPOL packets to tcpdump(8).
Changed ssh-keygen(1) to allow selection of hash algorithm at sshsig signing time. !
Fixed an ssh-keygen(1) NULL dereference when using find-principals and matching an allowed_signers line that contains a namespace restriction but no restriction specified on command line.
Introduced mpfclock(4), a driver for the PolarFire SoC MSS clock controller.
Fixed hibernate setups where a removed umass(4) device results in a renumbered softraid(4) device.
Restricted the pci(4) ioctl interface to devices detected by hthe kernel, preventing Xorg PCI probes from breaking the WiFi chip on M1 macs. --- 393,399 ----
Added a basic printer for EAPOL packets to tcpdump(8).
Changed ssh-keygen(1) to allow selection of hash algorithm at sshsig signing time. !
Fixed an ssh-keygen(1) NULL dereference when using find-principals and matching an allowed_signers line that contains a namespace restriction but no restriction specified on command line.
Introduced mpfclock(4), a driver for the PolarFire SoC MSS clock controller.
Fixed hibernate setups where a removed umass(4) device results in a renumbered softraid(4) device.
Restricted the pci(4) ioctl interface to devices detected by hthe kernel, preventing Xorg PCI probes from breaking the WiFi chip on M1 macs. *************** *** 204,210 ****
Prevented a potential race when assigning new wskbd(4) keymap. !
Fixed veb(4) vport handling to prevent improper drop of packets leaving a vport interface.
Unlocked the bottom part of the uvm fault handler.
Added the chip ids used on Apple M1 Pro/Max and Apple T2 Macs to bwfm(4). --- 411,417 ----
Prevented a potential race when assigning new wskbd(4) keymap. !
Fixed veb(4) vport handling to prevent improper drop of packets leaving a vport interface.
Unlocked the bottom part of the uvm fault handler.
Added the chip ids used on Apple M1 Pro/Max and Apple T2 Macs to bwfm(4).