OpenBSD 7.5 Changelog

This selection is intended to include all important and all user-visible changes. For a complete record of all changes, please see the "source-changes" mailing list, called "OpenBSD CVS" in the archives, or use CVS.

For changes in other releases, click below:
2.0, 2.1, 2.2, 2.3, 2.4, 2.5, 2.6, 2.7, 2.8, 2.9, 3.0, 3.1, 3.2, 3.3, 3.4, 3.5, 3.6,
3.7, 3.8, 3.9, 4.0, 4.1, 4.2, 4.3, 4.4, 4.5, 4.6, 4.7, 4.8, 4.9, 5.0, 5.1, 5.2, 5.3,
5.4, 5.5, 5.6, 5.7, 5.8, 5.9, 6.0, 6.1, 6.2, 6.3, 6.4, 6.5, 6.6, 6.7, 6.8, 6.9, 7.0,
7.1, 7.2, 7.3, 7.4, 7.6, current.

Changes made between OpenBSD 7.4 and 7.5

Fixed ssh-keygen(1) find-principals on allowed_signers files with blank lines.
Disabled LRO in ix(4) on sparc64 by default for stability for the 7.5 release.
Enabled dwxe(4) on riscv64.
Added Allwinner D1 ethernet controller clocks and reset support to sxiccmu(4).
Added SPI clocks for other 64-bit Rockchip SoCs in rkclock(4).
Added backup of disklabel for softraid(4) chunks to security(8).
Converted 't_lock', 'r_keypair_lock' and 'c_lock' rwlock(9)s to corresponding mutex(9)es.
Switched to using whois.internic.net for whois(1) -i.
Added validation for IPv4 packet options in divert(4).
Fixed detection of qcpas0 driver on x13s when booted in ACPI mode.
Separated ssh(1) parsing of string array options from applying them to the active configuration. Fixed some cases where the config parser improperly rejected valid configuration.
Started flushing the D-cache before disabling the cache on armv7 in efiboot.
Added a workaround for an 88100 errata where FPU imprevise exceptions could be raised in error.
Fixed awacs(4) audio on some iMac G3 models.
Bumped smtpd(8) version to 7.5.0.
Added support for attaching rkpmic(4) to an SPI bus. Added support for the RK806 PMIC which can attach to both I2C and SPI.
Added rkspi(4), a driver for the SPI controller found on various Rockchip SoCs.
Added clocks for the RK3588 SPI controller to rkclock(4).
Made iked(8) trigger retransmission only for fragment 1/x to prevent each received fragment triggering retransmission of the full fragment queue.
Bumped OpenIKED to 7.4.
Bumped libressl to 3.9.0.
Removed GOST and STREEBOG support from libressl.
Added mktemp(1) suffix support for compatibility with the GNU version. It is now possible to use templates where the Xs are not at the end.
Added mkdtemps(3), identical to mkdtemp(3) except that it permits a suffix to exist in the template.
Allowed fdisk(8) to add GPT partitions of protected types, making it possible to provision virtual machine images that need a "BIOS Boot" partition.
Bumped rpki-client(8) to 9.0.
Bumped bgpd(8) to 8.4.
Prevented arm64 printing of CPU feature flags in dmesg(8) unless they differ from the previous entry.
Protected pool_get() with kernel lock in sys_ypconnect().
Added rpki-client(8) -x to enable processing of experimental file formats (currently only the Signed Prefix list).
Moved from 7.5-beta to 7.5.
Enabled IPv6 AF for ppp(4).
Enabled MSIs on RK3588 in dwpcie(4).
Added GMAC related RK3588 clocks to rkclock(4).
Added RK3588 support to dwqe(4).
Fixed Tx rate selection for management frames in iwx(4).
Made rpki-client(8) track the number of new files moving from 'staging' to 'validated cache'.
Added new accounting flag ABTCFI to acct(5) to indicate SIGILL + code ILL_BTCFI has occurred in the process.
Explicitly disabled MSR_CET_NO_TRACK_EN in MSR_S_CET to prevent accidentally allowing "notrack" indirect branches.
Changed the system uptime clock to start at 0.0 rather than 1.0, fixing a problem in sdmmc(4) during boot.
Added rpki-client(8) support for RPKI Signed Prefix Lists.
Added suspend/resume support to qwx(4).
Imported mwx(4), a driver for Mediatek MT7921 and MT7922 802.11ax devices.
Handled /reserved-memory nodes from device trees on arm64.
Added multithreading to vmd(8)'s vionet, allowing RX and TX to operate independently to reduce overall network latency for guests and alleviate the TX side dominating cpu time.
Added the 7.6 fw key.
Implemented disassociation (RUN->AUTH/INIT) in the qwx(4) driver state machine.
Made bwfm(4) work with MAC addresses set via ifconfig lladdr.
Fixed a deadlock in openrsync(1) when big files are synced using the hash algorithm.
Fixed pthread errors which could lead to crashes on sparc64.
Prevented ioctl(WSKBDIO_GETENCODINGS) NULL dereference when sysctl machdep.forceukbd is enabled with no USB keyboard attached.
Removed dt(4) clock interrupt staggering to reduce profiling overhead.
Moved to 7.5-beta.
Added JH7100 I2C clocks to stfclock(4).
Added TCP Segmentation Offload (TSO) support to em(4).
Fixed issues in intel wifi drivers where only a subset of channels were scanned.
Enabled qwx(4) on arm64 and amd64.
Added TCP/UDP Checksum Offloading for IPv4/6 to vmx(4).
Fixed bogus packet length calculation in the ix(4) RX/LRO path, which could lead to TSO tagging forwarded packets incorrectly.
Made qwx(4) work with custom MAC addresses set via ifconfig(8).
Enabled the pool gc thread on m88k MULTIPROCESSOR kernels.
Synced with unbound(8) to fix CVE-2023-50387 and CVE-2023-50868, usable to cause high CPU load and potentially denial of service with specifically crafted DNSSEC responses.
Added two new values for the tmux(1) destroy-unattached option to destroy sessions only if they are not members of sessions groups.
Disabled hardclock() on secondary CPUs, reducing every system's normal clock interrupt rate by (HZ - HZ/10) per secondary CPU.
Added Allwinner H616 support to ehci(4).
Added vi(1) showfilename set option to display the file name in the lower left corner.
Enabled disk encryption in unattended installations using a plaintext passphrase or keydisk.
Used 'sb_mtx' instead of 'inp_mtx' in the receive path for inet sockets.
Made pkg-config(1) accept both "CFlags:" and "Cflags:".
Updated libexpat to 2.6.0.
Grew arm64 iso media.
Stopped 'sysctl hw.ucomnames' from returning an error on systems without ucom(4) support.
Fixed locked address interfaces in vmd(8).
Moved dt(4) interval/profile entry points from the fixed-frequency hardclock() to a dedicated clock interrupt callback so probes can fire at arbitrary frequencies.
Enabled igc(4) on sparc64.
Made ifconfig(8) display the Tx rate selected by qwx(4) firmware.
Added nochroot parameter to radiusd(8) module_drop_privilege() so that modules can use unveil(2) instead of chroot(2) if needed.
Marked full qwx(4) Tx queues, such that the OACTIVE mechanism will be used.
Added Allwinner H616 support to sxiccmu(4), sximmc(4) and sxipio(4).
Added and installed the zonenow.tab file, a table where each row stands for a timezone where civil timestamps are predicted to agree from now on.
Implemented basic bpf(4) support for qwx(4).
Added risc-v support code for clang -msave-restore.
Added a netstat counter for route cache.
Used the 'sb-mtx' mutex(9) to protect 'sb_timeo_nsecs'.
Stopped sending route messages while rebooting after a panic, to prevent an additional panic in the knote(9) layer.
Update timezone info to include Kazakhstan's switch to unified UTC+5 and Palestine time change after Ramadan.
Made btrace(8) print statistics on stderr to be able to redirect bt(5) script output.
Added a DMA constraint for the x13s.
Reworked socket buffers locking for shared netlock, introducing 'sb_mtx' mutex(9) to protect sockbuf.
Prevented cpu spinning when a vio(4) device would be activated by a driver but before virtqueues were provided.
Removed Softdep.
Added new amd64-only sysctl machdep.retpoline which says whether the cpu requires retpoline.
Implemented Multiple Message MSI support on arm64, currently working only on systems that use agintcmsi(4) as the MSI controller combined with the dwpcie(4) Hots/PCIe bridge.
Implemented qwx_tx() in qwx(4), enabling the 4-way handshake.
Ensured that smtpd(8) only processes the .forward file of the alternate delivery user provided in a dispatcher, and no other recipient .forward file.
Disallowed custom commands and file reading in a .forward file, allowing only forwarding addresses and users, so that smtpd(8) can't execute custom commands set by root in a .forward.
Reverted smtpd(8) to running lmtp deliveries as the recipient user, not SMTPD_USER (_smtpd).
Implemented the basics of the qwx(4) data frame Rx path, allowing our net80211 stack to see the initial WPA handshake packet sent by the AP.
Made vmd(8) explain missing agentx group on getgrnam(3) failure.
Added sximmc(4) Allwinner D1 support and enabled it on riscv64.
In aucat(1), fixed MIDI control of the levels of individual files.
Added a route generation number that is updated whenever the routing table changes, allowing discarding of older cached routes without waiting for socket closure or invalidation.
Added MediaTek UART support.
Rewrote vmd(8)'s vionet to be zero-copy.
Increased macppc and arm maximum text segment size to accommodate clang.
Fixed a race in rpki-client(8) between scheduling a new request onto an idle connection and closing the same connection.
Updated to libdrm 2.4.120.
Changed TCP timers to run without kernel lock.
Handled qwx(4) association state transitions from ASSOC to RUN, allowing successful completion of the association sequence with the AP.
Prevented a kernel panic in the case that apldrm(4) fails to create a framebuffer without propagating an error to its callers.
Added qwx(4) support for sending management frames.
Allowed escaping inside quotes in smtpd(8).
Updated to xbiff 1.0.5.
Updated to xeyes 1.3.0.
Updated to fonttosfnt 1.2.3.
Updated to xserver 21.1.11.
Forced -fno-stack-protector on "boot block" that can't have a stack protector (alpha and sparc64).
Set -fno-stack-protector in NORMAL_C_NOP, used to compile mcount.c, ensuring there is never a stack protector prologue/epilogue in the functions in that file.
Enabled the openssl(1) command line tool to generate ECDSA certificates and CMS products.
Added the sxitimer(4) driver to riscv64 to be able to trigger external interrupts on the Allwinner D1.
Added sxirtc(4) support for newer SoCs that store the data as number of days since the Unix epoch instead of a calendar date.
Implemented an initial SMIv2 parser in snmpd(8).
Put checksum flags in bpf_hdr to use them in userland dhcpleased(8) so it can accept non-calculatred checksums verified by hardware/hypervisor.
Added Allwinner D1 support to sxidog(4), support for the USB PHY to ehci(4) and initial clock support to sxiccmu(4).
Unlocked listen(2).
Added bgplgd(8) -V to list version.
Implemented T-Head cache management operations needed to handle SoCs like the Allwinner D1 on riscv64.
Updated libcxx, libcxxabi and libunwind to 16.0.6.
Made btrace(8) return 0 when accessing an argument not defined in a probe.
Updated awk(1) to the Jan 22, 2024 version.
Fixed various NULL dereferences in PKCS #12.
Implemented RFC7606 treat-as-withdraw for ORIGIN attributes with an invalid value in bgpd(8).
Implemented qwx(4) qwx_auth() to move the device from SCAN into AUTH state.
Added processing for scan results to qwx(4).
Implemented multi-vector MSI interrupts in qwx(4).
Switched clockintr(9) from callee- to caller-allocated clockintr structs to remove dt(4)-incompatible behavior.
Implemented a per connection peerid for iked(8) control replies.
Added iwm(4) to arm64 GENERIC.
Tagged packets going out a sec(4) interface to prevent route/encap loops.
Implemented a workaround to a T-Head page attribute extension violating the RISC-V specification. This is designed to make use of the Svpbmt extension and gets us closer to booting OpenBSD on an Allwinner D1 SoC.
Introduced pipex_iterator() to perform 'pipex_session_list' for each walkthrough with 'pipex_list_mtx' mutex(9) relocking.
Forced Apple backlight update after resume.
Updated to zlib 1.3.1.
Explicitly disabled eephy(4) Energy-Efficient Ethernet (EEE) on Marvell E151x.
Changed igc(4) default duplex setting and simplied the setup of srrctl.BSIZEPKT.
Made login.conf(5) and crypt_newhash(3) and the underlying code consistent regarding bcrypt,a instead of blowfish,a.
Added apldcp(4), a driver to control the display coprocessor integrated on Apple SoCs.
Added apldrm(4), a driver providing kernel mode setting (KMS) functionality for the graphics hardware integrated on Apple SoCs.
Reduced static binary size by switching to use of libc-private __hash_open() in /etc files cases where the dbopen(3) function otherwise pulls in all three database backends.
Increased buffer size to avoid truncating styles in tmux(1).
Created a new libc-private function for when getpwnam(3) reaches out to yp(8) which can skip socket/address work which isn't needed. Reduces text segment by ~100k in most static binaries and removes 5-7 system call stubs, which might matter for non-pledged binaries which otherwise lack socket(2).
Rewrote assorted imsg code to use new ibuf API.
Disallowed madvise(2) and msync(2) memory/mapping destructive ops on immutable memory regions for these operationS, instead returning EPERM.
Increased max VM mem size to 128GB by removing vmd(8) limit.
Improved formatting for pax(1) extended header times.
Replaced pinsyscall(2) with the new pinsyscalls(2) which handles all system calls.
Made mktemp(3) callback-driven and split into multiple files so only the necessary system calls will be reachable from the binary.
Implemented Multiple Message MSI support on amd64 to aid qwx(4) development.
Added iwn(4) to arm64 GENERIC.
Added TSO support to bnxt(4).
Unified inpcb API for inet and inet6.
Completed base program conversion to use imsg_get_fd() in place of imsg.fd.
Used solock() instead of netlock within fill_ifile(), making all socket types protected.
Fixed core file writing when a file map into memory has later been truncated to be smaller than the mapping.
Updated drm to linux 6.6.12.
Made the kernel read pinsyscall tables out of PT_OPENBSD_SYSCALLS in the main program or ld.so, and accept a submission of that information for libc.so from ld.so via pinsyscalls(2). At system call invocation, the syscall number is matched to the specific address from which it must come.
Patched X server and Xwayland vulnerabilities CVE-2023-6816, CVE-2024-0229, CVE-2024-21885, CVE-2024-21886, CVE-2024-0408 and CVE-2024-0409.
Added an iked(8) debug message when no policy is found.
Ensured a proper string is returned by getaddrinfo(3) when AI_CANONNAME or AI_FQDN is set.
Added arm64 support for bringing up RTKit while !cold.
Implemented 'pfctl(8) -a "*" -sT' behavior to print all tables attached to every anchor loaded to pf(4) (to join the existing "" -sr, which shows the rules found in every anchor).
Prevented vio(4) panics by polling device status after issuing device reset to avoid a potential race condition.
Changed ld.so to only load the first libc version encountered requested and substituting it for all further loads, ensuring that the libc version requested by an executable itself is the one loaded.
Provided a more complete implementation of the drm "component" APIs.
Switched to sending UDP packets in parallel now that sending UDP packets via datagram socket is MP safe.
Fixed Linux NFS clients freezing after five minutes of inactivity.
Extended rpki-client(8) -P to work for Trust Anchor certificates.
Improved bgpd(8) RTR version negotiation.
Made qwx(4) handle MHI M1->M2 state transitions.
Made DSA key support compile-time optional, defaulting to on.
Split UDP PCB table into IPv4 and IPv6 tables, reducing contention on the per table lock.
Prevented a potential bnxt(4) crash after failure to bring up a queue.
Added instruction length to vm exit information to allow vmd(8) to manipulate the instruction pointer after io emulation, preparation for emulating string-based io instructions.
Added a "global" ChannelTimeout type to ssh(1) and sshd(8) that watches all open channels and will close all open channels if there is no traffic on any of them for the specified interval.
Converted bgpd(8) parent processing imsg handling over to new imsg API.
Deleted support for FFS filesystems before the in-inode symlink optimization.
Implemented acpi(4) RootPathString support in the LoadTable() AML function, fixing OpenBSD boot on an older version of Hyper-V.
Made syscalls error out if taking more than six arguments.
Updated xserver to 21.1.10.
Added certificate revocation timestamps to rpki-client(8) filemode warning messages.
Prevented use after free of TLS context at syslogd(8) shutdown.
Improved httpd(8) auto-index, adding human-readable file sizes and allowing per-column sorting.
Fixed smtpd(8) IPv6 addresses table lookups.
Added axen(4) support for AX88179A and prevented incorrect recording of dummy headers as dropped frames.
Improved vmd(8) error messages when out of tap devices.
Enabled Apple brightness keys for arches other than macppc.
Enabled running connect(2) system call in parallel within inet domain.
Relaxed smtpd(8) ORCTP syntax validation to allow parameters which are not valid rfc822 addresses.
Updated to 2023dgtz.
Prevented simultaneous dt(4) open.
Protected the link between pf(4) and inp with mutex.
Moved fdt attachment into sys/conf/files.conf instead of duplicating it on an MD basis.
Increased i386 login.conf(5) datasize to 1536MB for running llvm-tblgen.
Added TCP Segmentation Offload (TSO) support for em(4).
Set ixl(4) IXL_TX_PKT_DESCS to 8 from 32, which is unnecessary for ixl and could cause interface lockup with oactive.
Fixed iwx(4) device info table entries for So+Hr devices.
Improved the RTKit code from arm64, introducing crashlog and syslog parsing support and fixes needed to bring up the DCP.
Protected em(4) refill timeout with splnet.
Added a per cpu pool cache for pmap_pv_pool on arm64.
Removed the last users of SSL_set_debug(3) in openssl(1) and began removing the API from libssl.
Made loopback interface counters MP safe.
Prevented potential kernel crashes when opening a drm device node by checking for validity of the minor and returning ENXIO if invalid.
Introduced qwx(4), a work-in-progress port of the Linux ath11k driver.
Fixed Tx watchdog trigger and freeze in dwqe(4).
Made eephy(4) assume of RGMII-to-Copper mode by default for 88E151x PHYs.
Added aplpcie(4) stream ID mapping support for the PCIe controller found on M2 Pro/Max SoCs.
Removed flags from the prefix before comparing with the received key so that tmux(1) modifier keys with flags work correctly.
Corrected tmux(1) handling of window ops with no pane.
Fixed rsync(1) handling of skipped elements on the very first element transmitted.
Added 'pax' format support for mtime and atime to tar(1).
Prevented rpki-client(8) from accepting empty delta elements.
Improved handling of SError interrupts on arm64.
Rewrote dev_mkdb(8) with FTS, adding support for the devices in nested directories.
Relaxed ftp(1) -C pledge to unbreak shelling out in interactive mode.
Updated to perl 5.36.3.
Added apldart(4) support for "locked" DARTs.
Added 'pax' format support for files over 8GB to tar(1).
Updated rge(4) microcode, initialization and reset behavior.
Added support for new TEMPerGOLD sensor to ugold(4).
Added strnstr(9) string search within character limit.
Updated to nsd 4.8.0.
Prevented creation of an sd(4) larger than what the namespace will allow.
Added checksum offloading for TCP/UDP in IPv6 packets to vio(4).
Ensured that iwm(4)/iwx(4) devices announce VHT capabilities in probe requests.
Added a malloc(3) type for pinsyscall(2) arrays.
Added display of the RTR protocol version in the bgpctl(8) 'show rtr' output.
Released OpenSSH 9.6.
Made ssh-agent(1) record failed session-bind attempts and refuse signing operations on that connection henceforth.
Banned user/hostnames provided to ssh(1) on the commandline that contain most shell metacharacters.
Made ssh(1) and sshd(8) more strict in handling non-compliant peers that send more data than the advertised channel window allows.
Made it possible to specify certificates when loading PKCS#11 keys in ssh-agent(1).
Implemented "strict key exchange" in ssh(1) and sshd(8).
Fixed race between ifconfig(8) destroy and ARP timer.
Enabled running bind(2) system call in parallel.
Introduced 'fd_lock' rwlock(9) and used it for 'fd_fbufs_in' fuse(4) buffers queue and 'fd_rklist' knotes list protection.
Reworked pflowioctl() lock handling to reduce breaking atomicity.
Moved non-daemon services to run in a different rc(8) process group to avoid SIGHUP at boot.
Added ktrace(1) and kdump(1) support to observe pinsyscall(2) violations.
Changed ftp(1) to avoid use of the interactive shell if -o is given.
Synced loongson login class limits with octeon.
For amd64 cdXX.iso and installXX.iso, created an EFI system partition image containing the EFI boot loaders to be installed as an El Torito boot image, making the install CDs bootable in EFI mode.
Used the inpcb table mutex to set addresses, protecting all remaining write access to inp_faddr and inp_laddr.
Added a workaround for clang which has a broken -fno-zero-initialized-in-bss implementation.
Changed the default logic to set nkmempages to use physical memory / 4 for up to 1G physmem, and add an extra 16MB per 1G of memory additional. Clamped this down depending on available kernel virtual address space.
Made rpki-client(8) IP address block checks stricter.
Adapted arm64 implementation of per-CPU caching for the page table page (vp) pool and the PTE descriptor (pted) pool to the riscv64 pmap implementation.
Fixed syscall number bounds check computations.
Imposed constraints on RPKI Trust Anchors.
When invoking ssh_config(5) KnownHostsCommand to determine the order of host key algorithms to request, ensure that the hostname passed to the command is decorated with the port number for ports other than 22.
Dropped ftp(1) -o '' support.
Put pinsyscalls(2) into the pledge(2) "always" group.
Extended imsg and ibuf API with useful getter methods.
Created a duplicate entry for kbind(2) (which self-protects) to force the kernel's pinsyscall(2) code to skip validation, rather than labelling it illegal.
Removed support for syscall(2), the "indirection system call," a dangerous alternative entry point for all system calls and incompatible with the precision system call entry point scheme we are heading towards.
Turned 'pflowstats' statistics counters into per-CPU counters to make them mpsafe.
Ensured the syscall table entries for libc and ld.so are aligned on a 4-byte boundary.
Implemented per-CPU caching for the page table page (vp) pool and the PTE descriptor (pted) pool in the arm64 pmap implementation. This significantly reduces the side-effects of lock contention on the kernel map lock and leads to significant speedups on machines with many CPU scores.
Synchronized datasize-cur limit for staff with the default class on armv7/i386/loongson/macppc/sparc64.
Added an rpki-client(8) log warning when a manifest replay is detected and when the same manifestNumber is recycled across multiple issuances of that manifest.
Turned 'pflow_softc' list into SMR list.
Introduced ampchwm(4), a driver to access the Ampere Altra Fine-Grained Power Telemetry.
Added accounting flag and lastcomm(1) report for syscall pinning violations.
Added a step to flush EPTs after enabling VMX mode in vmm(4).
Added a new label "sigcodecall" inside every sigtramp definition, used to caculate the start of the syscall for SYS_sigreturn and pinned system calls.
Populated the non-LOAD openbsd.syscalls section (and PT_OPENBSD_SYSCALL) with {uint offset, uint syscall#} entries in libc and ld.so.
Fixed support for devices that attach multiple uaudio(4) drivers.
Added basic write support for pax(1) format archives.
Fixed sndiod(8) server abort after wrong call to slot->ops->exit().
Added recv TCP/UDP checksum offloading to vio(4).
After a failed fetch, made rpki-client(8) use a previously cached and valid RPKI Manifest.
Introduced 'sc_mtx' mutex(9) to protect most of the pflow_softc structure.
Ensured TIB_INIT correctly initializes tib_thread_flags.
Collected .openbsd.syscalls sections into a new PT_OPENBSD_SYSCALLS segment, used to pin system calls to designated call sites.
Added new TEMPerHUM sensor to ugold(4).
Added inpcb table mutex protecting addr and port during bind(2) and connect(2).
Added services entries for Matter, a protocol for discovery and comms with "smart home"/IoT devices which runs over TCP or UDP over v6 over various physical/network layers.
Protected the socket receive buffer in IP multicast routing.
Made smtpd(8) reject headers that start with a space or tab.
Removed eephy(4) "disable auto-negotiation" workaround for Marvell Alaska PHYs.
Protected access to the gnu warning map with a mutex to avoid random crashes.
Made malloc(3) save backtraces to show in leak dump with depth of backtrace set via malloc option D (aka 1), 2, 3 or 4.
Made uthum(4) TEMPer{1,2} devices display minus degC.
Enabled smtpd(8) DSN (delivery status notification) for the implicit socket and an smtpd.conf(5) 'no-dsn' option for "listen on socket".
Made rtm_senddesync_timer() timeout(9) handler mpsafe.
Made ipsp_ids_gc() timeout(9) handler mpsafe.
Fixed virtio(4) handling of feature bits >= 32.
The pipex(4) layer is completely mp-safe, so moved the pipex_timer() timeout(9) handler out of kernel lock.
Ensured read of a complete struct fsinfo even if the filesystem sectors are smaller.
Prevented a pf(4) race between pf_test() and pf_purge_expired_states().
Allowed smtpd(8) to parse tables and filter listing over multiple lines.
Overhauled ugold(4) device identification logic and added support for additional devices.
Unlocked the bind(2) syscall.
Changed to running TCP syn cache timer without kernel lock.
Deferred relayd(8) relay_read_http header parsing until after line continuation, preventing potential request smuggling attacks.
Added mpii(4) support for new SAS HBAs (codenamed Aero and Sea, sold as Broadcom HBA 9500, Dell HBA350/5, Lenovo ThinkSystem 440 HBA, Supermicro AOC-S3808/16), which shared a hardware problem resulting in reads of some registers returning all zeros under transient conditions.
Increased the number of address ranges in acpi attach args from 4 to 8.
Updated awk(1) to the Nov 27, 2023 version.
Tightened up relayd(8) header parsing.
Avoided a ypbind(8) crash when no default domain is set.
Implemented rsync(1) --omit-link-times (-J) option to omit symlinks from --times.
Added rsync(1) --no-O and --no-omit-dir-times options for compatibility.
Added arm64 bti pads for range extension thunks.
Fixed perl read/write past buffer end.
Fixed oslog support and arm64 booting with newer firmware such as that currently installed by the Asahi installer.
Updated awk(1) to the Nov 24, 2023 version.
Allowed dhcpleased(8) to request "IPv6-only preferred" and deconfigure IPv4 on the interface if the server replies with this option.
Fixed vmm(4) memory scribbling by updating GDTR/TR if vcpu moves.
Required rpki-client(8) files to be at least 100 bytes minimum in the RRDP and RSYNC transports.
Added rsync(1) --omit-dir-times (-O) to omit directories from --times.
Added an ifconfig(8) endpoint command for "bridges" that use addresses as endpoints, usable to add static entries on interfaces like vxlan(4).
Added ifconfig(8) support for specifying ports on the src address in tunnel endpoints.
Added operating performance point info about each arm64 cpu via kstat(1).
Exposed the states of thermal zones as kstats(1).
Fixed race when initializing TSC.
Added wskbd(4) support for keyboard backlight hotkeys and hooked up macppc Apple keyboards.
Added support for keyboard backlights on Apple Powerbooks.
Made dhcp-options(5) recognize option ipv6-only-preferred (RFC8925).
Prevented ftp(1) dropping into the "ftp> " shell when piping to stdout.
Updated awk(1) to the Nov 20, 2023 version.
Prevented short-circuiting of localhost resolution when AI_NUMERICHOST is set.
Added mkhybrid(8) '-e' (-eltorito-boot-efi) option for writing an EFI eltorito boot image, in addition to or instead of the x86 boot image, to the output file.
Prevented erroring out when .gcc_except_table relocs point at discarded sections, allowing fortran ports and others to build on riscv64.
Changed to only enable BTI and PAC by default on arm64.
Disabled LOAD_STACK_GUARD on OpenBSD/armv7.
Prevented exit(2) from being called by a crt0 helper function with no debugging information by aborting instead.
Built and installed tzdata.zi and leap-seconds.list, now expected by third-party software.
Corrected renewal of expired certificates in iked(8).
Switched to using tset(1) -I for all terminals, not just xterm.
Increased mips64 MAXTSIZ and octeon login class limits to accommodate llvm-16.
Improved rpki-client(8) CRL extension checking.
Made smtpd(8) treat an MX of "localhost" as if it were a "Null MX".
Made ssh(1) filter addresses by AddressFamily when connecting by socket if one was specified.
Enabled ssh(1) keystroke timing obfuscation as an option only when a channel with a tty is open.
Ensured correct denominators when converting NTP fixed point values to double and vice-versa in ntpd(8).
Improved fw_update(1) output on errors and improved ftp error handling.
Made grep(1) -m behavior match GNU grep.
Raised i386's datasize for the 'daemon' class to 1500M for llvm-16.
Removed libcsi (for now).
Enabled UDF on arm64 install media.
Bumped datasize for staff in riscv64 to match amd64.
Eliminated the timegm(3) dependency in libcrypto.
Bumped armv7 MAXDSIZ to 2G for llvm-16.
Fixed parsing of branch target protection options on arm64 to enable BTI and PAC again by default.
Stopped attempting to modify route info sockaddr in rtm_addrs().
Bumped amd64/arm64/sparc64/riscv64/armv7/powerpc64 datasizes to 1536M for the default login class to accommodate building llvm-16.
Added fanpwr(4) support for the Rockchip RK8602 and RK8603 voltage regulators.
Updated to llvm 16.0.6 including clang, lld, and lldb, and updated build infrastructure.
Enabled CD9660 in arm64 RAMDISK to allow CD-ROM mounting.
Corrected wrong register offset macros for dwqe(4) DMA burst length.
Added group handling matching fbtab(5) to xenodm.
Prevented fdisk(8) 'flag' from altering other GPT partition attributes when flagging a partition as the only bootable partition.
Made ifq and ifiq interfaces mpsafe.
Enhanced fdisk(8) 'flag' to accept hex values.
Allowed ps(1) to accept numerical user IDs.
Made iked(8) always prefer group from the initial KE payload as responder if supported.
Switched to running arp timeout without kernel lock.
Tightened pax(1) pledge(2) in List and Append modes.
In pflogd(8), avoid restartable syscalls with siginterrupt() against all our handlers.
Added kdump(1) [-p program] to filter dumps by basename.
Eliminated the ioctl whitelist that bio(4) will tunnel for other devices, allowing bio to be used with other (non-raid) related devices.
Prevented vmctl(8) abort when given an invalid "kernel" file.
Increased i386 NKMEMPAGES_MAX_DEFAULT to the same value as on amd64.
In xbf(4), allowed Xen to use backing store devices with 4K-byte sectors.
Implemented RFC 7505 ("Null MX") handling in smtpd(8).
Provided machine/apmvar.h on riscv64 for ports support.
Avoided using MCS9 in iwm(4) Tx rate selection if 40MHz is disabled, fixing a firmware panic in 20MHz mode.
Updated to Perl Term::Cap 1.18.
Added loongson cdXX.iso to MDEXT for it to be included in SHA256.
Fixed vmd(8) block size calculation for vioscsi devices.
Added check to ensure pfctl(8) -f won't accept a directory and install an empty ruleset.
Updated to Mesa 23.1.9.
Added support for cksum(1) -c checking base64 digests in reverse mode.
Updated awk(1) to Oct 30, 2023 version.
Prevented tmux(1) use of combined UTF-8 characters that are too long.
Adjusted KERNEL_ASSERT_UNLOCKED() to not assert during a panic.
Made gnu99 the default for gcc 3.3.6 and 4.2.1 rather than defaulting to gnu89.
Updated to libXrandr 1.5.4.
Updated to xserver 21.1.9.
Updated to xorgproto 2023.2.
Enabled ISO C11 APIs when building libc, even with an older compiler, to ensure needed prototypes are visible.
Dropped relayd(8) and httpd(8) mentions of ssl, long changed to tls. Removed mention of SSL/TLS in favor of TLS.
Fixed awk(1) buffer overflow with utf-8 strings.
Forwarded TCP LRO disabling to parent devices and disabled TCP LR0 on bridged vlan(4) and default for bpe(4), nvgre(4) and vxlan(4).
Made out-of-swap checking more robust, preventing potential deadlocks.
Constructed EFI bootable cdXX.iso and installXX.iso files for arm64.
Fixed unveil(2) in patch(1) with explicit patchfile.
Stopped toggling irq deassert for edge triggered devices in vmd(8).
Made vscsi(4) 'vscsi_filtops' mpsafe and extended the 'sc_state_mtx' mutex(9) to protect 'sc_klist' knotes list.
Fixed several input validation errors in the X server.
Imported regenerated moduli.
Made snmptop work with snmpd(8).
Added an installer fallback IPv6 addres for ftplist1.openbsd.org.
Made three context switches machine-independent: when a process forks and the new proc needs to be scheduled by proc_trampoline, cpu_hatch: when booting APs, and sched_exit: when a proc exits.
Added evp(3) chacha aliases for OpenSSL compatibility.
Made umb(4) delete any existing v4 address before setting a new one, allowing keeping of a working default route when the address changes.
Removed snmpd(8) filter-pf-addresses.
Created __OpenBSD versions of llvm cxa guard implementation using futex() with the correct number of arguments and without using syscall(2).
Prevented wg(4) getting stuck on peer destruction.
Made tmux(1) unzoom a window at the start of destroy so it doesn't happen later after the layout has been freed.
Fixed radiusd(8) to fixup MPPE-{Send,Recv}-Key and Tunnel-Password attributes of the response properly.
When option D is active in malloc(3), store callers for all chunks, avoiding the 0x0 call sites for leak reports.
Ignored wide channel configs not appearing in the 802.11ac spec.
Ensured that iwm(4) uses the 80Mhz primary channel index announced in beacons.
Adopted MI re-upgrade prevention on octeon and powerpc64.
Moved to 7.4-stable.
Added counting of dropped UDP packets to syslogd(8).
Added experimental support for secp256r1 aka P-256 aka prime256v1 to rpki-client(8).
Enabled TCP segmentation offloading for ixl(4).
Added IBM encoded version of the "Spleen 8x16" font.
Added support to encrypt the root disk with a key disk in the installer.
Added forcible read-only mounting of a dirty powerpc64 or octeon filessystem.
Increased max depth for Perl termcaps.
Grew arm64 iso media space.
Updated libXpm to version 3.5.17.
Updated ncurses and associated libraries (form, panel, menu) to 6.4-20230826.
Improved IPv6 link-local address handling in bgpd(8).
Deprecated audio(9) start_{output,input}.
Made fw_update(8) verify but not overwrite SHA256.sig.
Added sxipio(4) Allwinner D1 support.
Allowed rpki-client(8) imposition of constraints on RPKI trust anchors.
Made syslogd(8) retry DNS lookups for remote loghost if not working upon startup.
Ensured pflog(4) logs malformed packets dropped by the default rule as block.
Added a TIMEOUT_MPSAFE flag to timeout(9).
Added bt(5) and btrace(8) support for binary modulo operator ('%').
Fixed a bgpd(8) fatal error when "announce add-path send all" is used.
Removed default sets answer in autoinstall(8) response file such that it now populates only with non-defaults.
Added ssh_config(5) ChannelTimeout support to the client, mirroring the same option in the server.
Added support for reading ED25519 private keys in PEM PKCS8 format.
Added initial support for Elkhart Lake ethernet to dwqe(4).
Prevented pf(4) from passing packets if state cannot be created.
Fixed handling of non-transitive ex-communities to prevent termination by peer in bgpd(8).
Added recognition for GICv4 in the MADT, configuring it as arm,gic-v3.
Made bwfm(8) handle an arbitrary number of D11 cores and only disable them instead of doing a full reset.
Added Message-Id as needed in smtpd(8) for messages received on the submission port.
Added pledge(2) stdio before parsing pfkey messages to ipsecctl(8) -m and -s.
Added bioctl(8) retry on empty passphrase.
Improved ls(1) horizontal alignment in long format.
Silenced list of specific firmware not needing update in pkg_add(1).
Updated awk(1) to Sep 24, 2023 version.
Ignored thermal dual-chain requests from iwx(4) firmware to silence warnings.
Introduced dhcpd(8) log output to stderr and '-v' option to make this output more verbose.
Moved to 7.4-current.