OpenBSD
-current Changelog
This selection is intended to include all important
and all user-visible changes.
For a complete record of all changes, please see the "source-changes"
mailing list, called "OpenBSD CVS"
in the archives,
or use CVS.
For changes in other releases, click below:
2.0,
2.1,
2.2,
2.3,
2.4,
2.5,
2.6,
2.7,
2.8,
2.9,
3.0,
3.1,
3.2,
3.3,
3.4,
3.5,
3.6,
3.7,
3.8,
3.9,
4.0,
4.1,
4.2,
4.3,
4.4,
4.5,
4.6,
4.7,
4.8,
4.9,
5.0,
5.1,
5.2,
5.3,
5.4,
5.5,
5.6,
5.7,
5.8,
5.9,
6.0,
6.1,
6.2,
6.3,
6.4,
6.5,
6.6,
6.7,
6.8,
6.9,
7.0,
7.1,
7.2,
7.3,
7.4.
Changes made between OpenBSD 7.4 and -current
- Fixed smtpd(8) IPv6 addresses table lookups.
- Added axen(4) support for AX88179A and prevented incorrect recording of dummy headers as dropped frames.
- Improved vmd(8) error messages when out of tap devices.
- Enabled Apple brightness keys for arches other than macppc.
- Enabled running connect(2) system call in parallel within inet domain.
- Relaxed smtpd(8) ORCTP syntax validation to allow parameters which are not valid rfc822 addresses.
- Updated to 2023dgtz.
- Prevented simultaneous dt(4) open.
- Protected the link between pf(4) and inp with mutex.
- Moved fdt attachment into sys/conf/files.conf instead of duplicating it on an MD basis.
- Increased i386 login.conf(5) datasize to 1536MB for running llvm-tblgen.
- Added TCP Segmentation Offload (TSO) support for em(4).
- Set ixl(4) IXL_TX_PKT_DESCS to 8 from 32, which is unnecessary for ixl and could cause interface lockup with oactive.
- Fixed iwx(4) device info table entries for So+Hr devices.
- Improved the RTKit code from arm64, introducing crashlog and syslog parsing support and fixes needed to bring up the DCP.
- Protected em(4) refill timeout with splnet.
- Added a per cpu pool cache for pmap_pv_pool on arm64.
- Removed the last users of SSL_set_debug(3) in openssl(1) and began removing the API from libssl.
- Made loopback interface counters MP safe.
- Prevented potential kernel crashes when opening a drm device node by checking for validity of the minor and returning ENXIO if invalid.
- Introduced qwx(4), a work-in-progress port of the Linux ath11k driver.
- Fixed Tx watchdog trigger and freeze in dwqe(4).
- Made eephy(4) assume of RGMII-to-Copper mode by default for 88E151x PHYs.
- Added aplpcie(4) stream ID mapping support for the PCIe controller found on M2 Pro/Max SoCs.
- Removed flags from the prefix before comparing with the received key so that tmux(1) modifier keys with flags work correctly.
- Corrected tmux(1) handling of window ops with no pane.
- Fixed rsync(1) handling of skipped elements on the very first element transmitted.
- Added 'pax' format support for mtime and atime to tar(1).
- Prevented rpki-client(8) from accepting empty delta elements.
- Improved handling of SError interrupts on arm64.
- Rewrote dev_mkdb(8) with FTS, adding support for the devices in nested directories.
- Relaxed ftp(1) -C pledge to unbreak shelling out in interactive mode.
- Updated to perl 5.36.3.
- Added apldart(4) support for "locked" DARTs.
- Added 'pax' format support for files over 8GB to tar(1).
- Updated rge(4) microcode, initialization and reset behavior.
- Added support for new TEMPerGOLD sensor to ugold(4).
- Added strnstr(9) string search within character limit.
- Updated to nsd 4.8.0.
- Prevented creation of an sd(4) larger than what the namespace will allow.
- Added checksum offloading for TCP/UDP in IPv7 packets to vio(4).
- Ensured that iwm(4)/iwx(4) devices announce VHT capabilities in probe requests.
- Added a malloc(3) type for pinsyscall(2) arrays.
- Added display of the RTR protocol version in the bgpctl(8) 'show rtr' output.
- Released OpenSSH 9.6.
- Made ssh-agent(1) record failed session-bind attempts and refuse signing operations on that connection henceforth.
- Banned user/hostnames provided to ssh(1) on the commandline that contain most shell metacharacters.
- Made ssh(1) and sshd(8) more strict in handling non-compliant peers that send more data than the advertised channel window allows.
- Made it possible to specify certificates when loading PKCS#11 keys in ssh-agent(1).
- Implemented "strict key exchange" in ssh(1) and sshd(8).
- Fixed race between ifconfig(8) destroy and ARP timer.
- Enabled running bind(2) system call in parallel.
- Introduced 'fd_lock' rwlock(9) and used it for 'fd_fbufs_in' fuse(4) buffers queue and 'fd_rklist' knotes list protection.
- Reworked pflowioctl() lock handling to reduce breaking atomicity.
- Moved non-daemon services to run in a different rc(8) process group to avoid SIGHUP at boot.
- Added ktrace(1) and kdump(1) support to observe pinsyscall(2) violations.
- Changed ftp(1) to avoid use of the interactive shell if -o is given.
- Synced loongson login class limits with octeon.
- For amd64 cdXX.iso and installXX.iso, created an EFI system partition image containing the EFI boot loaders to be installed as an El Torito boot image, making the install CDs bootable in EFI mode.
- Used the inpcb table mutex to set addresses, protecting all remaining write access to inp_faddr and inp_laddr.
- Added a workaround for clang which has a broken -fno-zero-initialized-in-bss implementation.
- Changed the default logic to set nkmempages to use physical memory / 4 for up to 1G physmem, and add an extra 16MB per 1G of memory additional. Clamped this down depending on available kernel virtual address space.
- Made rpki-client(8) IP address block checks stricter.
- Adapted arm64 implementation of per-CPU caching for the page table page (vp) pool and the PTE descriptor (pted) pool to the riscv64 pmap implementation.
- Fixed syscall number bounds check computations.
- Imposed constraints on RPKI Trust Anchors.
- When invoking ssh_config(5) KnownHostsCommand to determine the order of host key algorithms to request, ensure that the hostname passed to the command is decorated with the port number for ports other than 22.
- Dropped ftp(1) -o '' support.
- Put pinsyscalls(2) into the pledge(2) "always" group.
- Extended imsg and ibuf API with useful getter methods.
- Created a duplicate entry for kbind(2) (which self-protects) to force the kernel's pinsyscall(2) code to skip validation, rather than labelling it illegal.
- Removed support for syscall(2), the "indirection system call," a dangerous alternative entry point for all system calls and incompatible with the precision system call entry point scheme we are heading towards.
- Turned 'pflowstats' statistics counters into per-CPU counters to make them mpsafe.
- Ensured the syscall table entries for libc and ld.so are aligned on a 4-byte boundary.
- Implemented per-CPU caching for the page table page (vp) pool and the PTE descriptor (pted) pool in the arm64 pmap implementation. This significantly reduces the side-effects of lock contention on the kernel map lock and leads to significant speedups on machines with many CPU scores.
- Synchronized datasize-cur limit for staff with the default class on armv7/i386/loongson/macppc/sparc64.
- Added an rpki-client(8) log warning when a manifest replay is detected and when the same manifestNumber is recycled across multiple issuances of that manifest.
- Turned 'pflow_softc' list into SMR list.
- Introduced ampchwm(4), a driver to access the Ampere Altra Fine-Grained Power Telemetry.
- Added accounting flag and lastcomm(1) report for syscall pinning violations.
- Added a step to flush EPTs after enabling VMX mode in vmm(4).
- Added a new label "sigcodecall" inside every sigtramp definition, used to caculate the start of the syscall for SYS_sigreturn and pinned system calls.
- Populated the non-LOAD openbsd.syscalls section (and PT_OPENBSD_SYSCALL) with {uint offset, uint syscall#} entries in libc and ld.so.
- Fixed support for devices that attach multiple uaudio(4) drivers.
- Added basic write support for pax(1) format archives.
- Fixed sndiod(8) server abort after wrong call to slot->ops->exit().
- Added recv TCP/UDP checksum offloading to vio(4).
- After a failed fetch, made rpki-client(8) use a previously cached and valid RPKI Manifest.
- Introduced 'sc_mtx' mutex(9) to protect most of the pflow_softc structure.
- Ensured TIB_INIT correctly initializes tib_thread_flags.
- Collected .openbsd.syscalls sections into a new PT_OPENBSD_SYSCALLS segment, used to pin system calls to designated call sites.
- Added new TEMPerHUM sensor to ugold(4).
- Added inpcb table mutex protecting addr and port during bind(2) and connect(2).
- Added services entries for Matter, a protocol for discovery and comms with "smart home"/IoT devices which runs over TCP or UDP over v6 over various physical/network layers.
- Protected the socket receive buffer in IP multicast routing.
- Made smtpd(8) reject headers that start with a space or tab.
- Removed eephy(4) "disable auto-negotiation" workaround for Marvell Alaska PHYs.
- Protected access to the gnu warning map with a mutex to avoid random crashes.
- Made malloc(3) save backtraces to show in leak dump with depth of backtrace set via malloc option D (aka 1), 2, 3 or 4.
- Made uthum(4) TEMPer{1,2} devices display minus degC.
- Enabled smtpd(8) DSN (delivery status notification) for the implicit socket and an smtpd.conf(5) 'no-dsn' option for "listen on socket".
- Made rtm_senddesync_timer() timeout(9) handler mpsafe.
- Made ipsp_ids_gc() timeout(9) handler mpsafe.
- Fixed virtio(4) handling of feature bits >= 32.
- The pipex(4) layer is completely mp-safe, so moved the pipex_timer() timeout(9) handler out of kernel lock.
- Ensured read of a complete struct fsinfo even if the filesystem sectors are smaller.
- Prevented a pf(4) race between pf_test() and pf_purge_expired_states().
- Allowed smtpd(8) to parse tables and filter listing over multiple lines.
- Overhauled ugold(4) device identification logic and added support for additional devices.
- Unlocked the bind(2) syscall.
- Changed to running TCP syn cache timer without kernel lock.
- Deferred relayd(8) relay_read_http header parsing until after line continuation, preventing potential request smuggling attacks.
- Added mpii(4) support for new SAS HBAs (codenamed Aero and Sea, sold as Broadcom HBA 9500, Dell HBA350/5, Lenovo ThinkSystem 440 HBA, Supermicro AOC-S3808/16), which shared a hardware problem resulting in reads of some registers returning all zeros under transient conditions.
- Increased the number of address ranges in acpi attach args from 4 to 8.
- Updated awk(1) to the Nov 27, 2023 version.
- Tightened up relayd(8) header parsing.
- Avoided a ypbind(8) crash when no default domain is set.
- Implemented rsync(1) --omit-link-times (-J) option to omit symlinks from --times.
- Added rsync(1) --no-O and --no-omit-dir-times options for compatibility.
- Added arm64 bti pads for range extension thunks.
- Fixed perl read/write past buffer end.
- Fixed oslog support and arm64 booting with newer firmware such as that currently installed by the Asahi installer.
- Updated awk(1) to the Nov 24, 2023 version.
- Allowed dhcpleased(8) to request "IPv6-only preferred" and deconfigure IPv4 on the interface if the server replies with this option.
- Fixed vmm(4) memory scribbling by updating GDTR/TR if vcpu moves.
- Required rpki-client(8) files to be at least 100 bytes minimum in the RRDP and RSYNC transports.
- Added rsync(1) --omit-dir-times (-O) to omit directories from --times.
- Added an ifconfig(8) endpoint command for "bridges" that use addresses as endpoints, usable to add static entries on interfaces like vxlan(4).
- Added ifconfig(8) support for specifying ports on the src address in tunnel endpoints.
- Added operating performance point info about each arm64 cpu via kstat(1).
- Exposed the states of thermal zones as kstats(1).
- Fixed race when initializing TSC.
- Added wskbd(4) support for keyboard backlight hotkeys and hooked up macppc Apple keyboards.
- Added support for keyboard backlights on Apple Powerbooks.
- Made dhcp-options(5) recognize option ipv6-only-preferred (RFC8925).
- Prevented ftp(1) dropping into the "ftp> " shell when piping to stdout.
- Updated awk(1) to the Nov 20, 2023 version.
- Prevented short-circuiting of localhost resolution when AI_NUMERICHOST is set.
- Added mkhybrid(8) '-e' (-eltorito-boot-efi) option for writing an EFI eltorito boot image, in addition to or instead of the x86 boot image, to the output file.
- Prevented erroring out when .gcc_except_table relocs point at discarded sections, allowing fortran ports and others to build on riscv64.
- Changed to only enable BTI and PAC by default on arm64.
- Disabled LOAD_STACK_GUARD on OpenBSD/armv7.
- Prevented exit(2) from being called by a crt0 helper function with no debugging information by aborting instead.
- Built and installed tzdata.zi and leap-seconds.list, now expected by third-party software.
- Corrected renewal of expired certificates in iked(8).
- Switched to using tset(1) -I for all terminals, not just xterm.
- Increased mips64 MAXTSIZ and octeon login class limits to accommodate llvm-16.
- Improved rpki-client(8) CRL extension checking.
- Made smtpd(8) treat an MX of "localhost" as if it were a "Null MX".
- Made ssh(1) filter addresses by AddressFamily when connecting by socket if one was specified.
- Enabled ssh(1) keystroke timing obfuscation as an option only when a channel with a tty is open.
- Ensured correct denominators when converting NTP fixed point values to double and vice-versa in ntpd(8).
- Improved fw_update(1) output on errors and improved ftp error handling.
- Made grep(1) -m behavior match GNU grep.
- Raised i386's datasize for the 'daemon' class to 1500M for llvm-16.
- Removed libcsi (for now).
- Enabled UDF on arm64 install media.
- Bumped datasize for staff in riscv64 to match amd64.
- Eliminated the timegm(3) dependency in libcrypto.
- Bumped armv7 MAXDSIZ to 2G for llvm-16.
- Fixed parsing of branch target protection options on arm64 to enable BTI and PAC again by default.
- Stopped attempting to modify route info sockaddr in rtm_addrs().
- Bumped amd64/arm64/sparc64/riscv64/armv7/powerpc64 datasizes to 1536M for the default login class to accommodate building llvm-16.
- Added fanpwr(4) support for the Rockchip RK8602 and RK8603 voltage regulators.
- Updated to llvm 16.0.6 including clang, lld, and lldb, and updated build infrastructure.
- Enabled CD9660 in arm64 RAMDISK to allow CD-ROM mounting.
- Corrected wrong register offset macros for dwqe(4) DMA burst length.
- Added group handling matching fbtab(5) to xenodm.
- Prevented fdisk(8) 'flag' from altering other GPT partition attributes when flagging a partition as the only bootable partition.
- Made ifq and ifiq interfaces mpsafe.
- Enhanced fdisk(8) 'flag' to accept hex values.
- Allowed ps(1) to accept numerical user IDs.
- Made iked(8) always prefer group from the initial KE payload as responder if supported.
- Switched to running arp timeout without kernel lock.
- Tightened pax(1) pledge(2) in List and Append modes.
- In pflogd(8), avoid restartable syscalls with siginterrupt() against all our handlers.
- Added kdump(1) [-p program] to filter dumps by basename.
- Eliminated the ioctl whitelist that bio(4) will tunnel for other devices, allowing bio to be used with other (non-raid) related devices.
- Prevented vmctl(8) abort when given an invalid "kernel" file.
- Increased i386 NKMEMPAGES_MAX_DEFAULT to the same value as on amd64.
- In xbf(4), allowed Xen to use backing store devices with 4K-byte sectors.
- Implemented RFC 7505 ("Null MX") handling in smtpd(8).
- Provided machine/apmvar.h on riscv64 for ports support.
- Avoided using MCS9 in iwm(4) Tx rate selection if 40MHz is disabled, fixing a firmware panic in 20MHz mode.
- Updated to Perl Term::Cap 1.18.
- Added loongson cdXX.iso to MDEXT for it to be included in SHA256.
- Fixed vmd(8) block size calculation for vioscsi devices.
- Added check to ensure pfctl(8) -f won't accept a directory and install an empty ruleset.
- Updated to Mesa 23.1.9.
- Added support for cksum(1) -c checking base64 digests in reverse mode.
- Updated awk(1) to Oct 30, 2023 version.
- Prevented tmux(1) use of combined UTF-8 characters that are too long.
- Adjusted KERNEL_ASSERT_UNLOCKED() to not assert during a panic.
- Made gnu99 the default for gcc 3.3.6 and 4.2.1 rather than defaulting to gnu89.
- Updated to libXrandr 1.5.4.
- Updated to xserver 21.1.9.
- Updated to xorgproto 2023.2.
- Enabled ISO C11 APIs when building libc, even with an older compiler, to ensure needed prototypes are visible.
- Dropped relayd(8) and httpd(8) mentions of ssl, long changed to tls. Removed mention of SSL/TLS in favor of TLS.
- Fixed awk(1) buffer overflow with utf-8 strings.
- Forwarded TCP LRO disabling to parent devices and disabled TCP LR0 on bridged vlan(4) and default for bpe(4), nvgre(4) and vxlan(4).
- Made out-of-swap checking more robust, preventing potential deadlocks.
- Constructed EFI bootable cdXX.iso and installXX.iso files for arm64.
- Fixed unveil(2) in patch(1) with explicit patchfile.
- Stopped toggling irq deassert for edge triggered devices in vmd(8).
- Made vscsi(4) 'vscsi_filtops' mpsafe and extended the 'sc_state_mtx' mutex(9) to protect 'sc_klist' knotes list.
- Fixed several input validation errors in the X server.
- Imported regenerated moduli.
- Made snmptop work with snmpd(8).
- Added an installer fallback IPv6 addres for ftplist1.openbsd.org.
- Made three context switches machine-independent: when a process forks and the new proc needs to be scheduled by proc_trampoline, cpu_hatch: when booting APs, and sched_exit: when a proc exits.
- Added evp(3) chacha aliases for OpenSSL compatibility.
- Made umb(4) delete any existing v4 address before setting a new one, allowing keeping of a working default route when the address changes.
- Removed snmpd(8) filter-pf-addresses.
- Created __OpenBSD versions of llvm cxa guard implementation using futex() with the correct number of arguments and without using syscall(2).
- Prevented wg(4) getting stuck on peer destruction.
- Made tmux(1) unzoom a window at the start of destroy so it doesn't happen later after the layout has been freed.
- Fixed radiusd(8) to fixup MPPE-{Send,Recv}-Key and Tunnel-Password attributes of the response properly.
- When option D is active in malloc(3), store callers for all chunks, avoiding the 0x0 call sites for leak reports.
- Ignored wide channel configs not appearing in the 802.11ac spec.
- Ensured that iwm(4) uses the 80Mhz primary channel index announced in beacons.
- Adopted MI re-upgrade prevention on octeon and powerpc64.
- Moved to 7.4-stable.
- Added counting of dropped UDP packets to syslogd(8).
- Added experimental support for secp256r1 aka P-256 aka prime256v1 to rpki-client(8).
- Enabled TCP segmentation offloading for ixl(4).
- Added IBM encoded version of the "Spleen 8x16" font.
- Added support to encrypt the root disk with a key disk in the installer.
- Added forcible read-only mounting of a dirty powerpc64 or octeon filessystem.
- Increased max depth for Perl termcaps.
- Grew arm64 iso media space.
- Updated libXpm to version 3.5.17.
- Updated ncurses and associated libraries (form, panel, menu) to 6.4-20230826.
- Improved IPv6 link-local address handling in bgpd(8).
- Deprecated audio(9) start_{output,input}.
- Made fw_update(8) verify but not overwrite SHA256.sig.
- Added sxipio(4) Allwinner D1 support.
- Allowed rpki-client(8) imposition of constraints on RPKI trust anchors.
- Made syslogd(8) retry DNS lookups for remote loghost if not working upon startup.
- Ensured pflog(4) logs malformed packets dropped by the default rule as block.
- Added a TIMEOUT_MPSAFE flag to timeout(9).
- Added bt(5) and btrace(8) support for binary modulo operator ('%').
- Fixed a bgpd(8) fatal error when "announce add-path send all" is used.
- Removed default sets answer in autoinstall(8) response file such that it now populates only with non-defaults.
- Added ssh_config(5) ChannelTimeout support to the client, mirroring the same option in the server.
- Added support for reading ED25519 private keys in PEM PKCS8 format.
- Added initial support for Elkhart Lake ethernet to dwqe(4).
- Prevented pf(4) from passing packets if state cannot be created.
- Fixed handling of non-transitive ex-communities to prevent termination by peer in bgpd(8).
- Added recognition for GICv4 in the MADT, configuring it as arm,gic-v3.
- Made bwfm(8) handle an arbitrary number of D11 cores and only disable them instead of doing a full reset.
- Added Message-Id as needed in smtpd(8) for messages received on the submission port.
- Added pledge(2) stdio before parsing pfkey messages to ipsecctl(8) -m and -s.
- Added bioctl(8) retry on empty passphrase.
- Improved ls(1) horizontal alignment in long format.
- Silenced list of specific firmware not needing update in pkg_add(1).
- Updated awk(1) to Sep 24, 2023 version.
- Ignored thermal dual-chain requests from iwx(4) firmware to silence warnings.
- Introduced dhcpd(8) log output to stderr and '-v' option to make this output more verbose.
- Moved to 7.4-current.