This selection is intended to include all important
and all user-visible changes.
For a complete record of all changes, please see the "source-changes"
mailing list, called "OpenBSD CVS"
in the archives,
or use CVS.
Made the arm64 ramdisk installer fetch bwfm(4) firmware from the EFI System Partition on Apple Silicon devices for use during installation and addition to the newly installed system.
Extended and reordered the process accounting information structure acct(5). Flag Day for the acct(2) file format.
Added seq(1), a command to print sequences of numbers.
Added new _MAXCOMLEN (a proper string expanded to 24 bytes including the NUL) to syslimits, allowing replacement of the MAXCOMLEN symbol from sys/param.h in userland.
Updated libexpat to 2.4.6.
Stopped hiding the mtu on "bridge" interfaces which do handle l3 traffic in ifconfig(8).
Added aplcpu(4), a driver to control the CPU performance levels on Apple SoCs.
Prevented a potential crash when slaacd(8) receives more than 7 nameservers.
Updated xorg-server to 21.1.3, leaving in place an earlier change to compute the screen resolution from dimensions returned by the screen, reverted by upstream.
Correlated uaudio(4) and ucc(4) devices attached over USB in order to adjust the volume of the correct attached audio device rather than the first one attached. (Reverted 2022/03/29)
Added a key in tmux(1) copy mode to toggle the position indicator.
Introduced apldma(4), a driver for the DMA controller found on Apple SoCs.
Allowed ssh-keygen(1) -Y find-principals to match wildcard principals in allowed_signers files.
Added a tmux(1) option to show arrows for the active pane indicator.
Attempted to guarantee that on copy-on-write faulting, the new copy can't be written to while any thread can see the original version of the page via a not-yet-flushed stale TLB entry.
Changed isakmpd(8) to log a warning when proto is NULL rather than dereferencing it.
Updated libexpat to 2.4.4, fixing CVE-2022-23852 and CVE-2022-23990.
Introduced aplnco(4), a driver for the Numerically-controlled oscillator (NCO) clock which drives the audio clocks on Apple silicon.
Introduced tascodec(4), a driver for the TI TAS2770/TAS5770 digital audio amplifier codec found on Apple M1 Macs.
Allowed rsync:// URIs as files in rpki-client(8) -f mode.
Fixed an issue where com(4) would attach for a disabled serial port leading to misdirection of the hardware variant and a subsequent hang when /etc/rc runs ttyflags(8) -a.
Made ssh-keysign(8) use the requested signature algorithm and not the default for the keytype.
Made ssh(1) UpdateHostkey signature verification logic more strict.
Fixed sshd(8) signature algorithm selection logic for UpdateHostkeys.
Fixed wrong pointer assignment causing the driver to read block ack request information sent by firmware from the wrong offset in iwx(4).
Returned to a shell-script based fw_update(8), written to be usable by the install script, allowing earlier retrieval of downloaded firmwares.
Added a basic printer for EAPOL packets to tcpdump(8).
Changed ssh-keygen(1) to allow selection of hash algorithm at sshsig signing time.
Fixed an ssh-keygen(1) NULL dereference when using find-principals and matching an allowed_signers line that contains a namespace restriction but no restriction specified on command line.
Introduced mpfclock(4), a driver for the PolarFire SoC MSS clock controller.
Fixed hibernate setups where a removed umass(4) device results in a renumbered softraid(4) device.
Restricted the pci(4) ioctl interface to devices detected by hthe kernel, preventing Xorg PCI probes from breaking the WiFi chip on M1 macs.
Made the dhcpleased(8) host name DHCP option configurable.
Corrected checksums written by fdisk(8) on big-endian architectures to be little-endian as per spec.
Rewrote arm64 kernel FPU handling code to fix the random crashes seen with SMP kernels on Apple M1.
Added attempts to turn on less-capable mouse modes when tmux(1) turns on more-capable ones, in case the terminal doesn't support the desired mode.
Made iwm(4) attach to PCI devices with product ID 0x31dc, part of the 9560 chip family.
Introduced mtw(4), a driver for MediaTek MT7601U wifi devices.
Added unbound and host-bound options for ssh(1) PubkeyAuthentication for hardware devices unable to sign longer pubkey authentication challenges.
Required host-bound userauth requests for forwarded SSH connections.
Gave ssh-agent(1) the ability to parse restrict-destination-v00@openssh.com constraints and to apply them to keys.
Made ssh-add(1) accept a list of "destination constraints" that allow restricting where keys may be used in conjunction with an ssh-agent/ssh that supports session ID/hostkey binding.
Implemented em(4) support for selecting SMGII or SerDes mode depending on the plugged-in SFP transceiver and for reading out transceiver information via ifconfig(8).
Used "rng-seed" and "kaslr-seed" properties from the device tree to mix extra entropy into the pool for arm64.
Added acpipci(4) support for interrupts represented by ACPI PCI Interrupt Link Devices, making PCI interrupts work on QEMU's SBSA target.
Fixed a potential DOS associated with BIO_indent(3) when a caller asks for a negative number of bytes of output.
Fixed a bug where iked(8) sent zero-prefixed NAT-T messages on port 500, causing parsing errors.
Introduced aplpmgr(4), a driver for the power management controller found on various Apple SoCs.
Taught the net80211 stack to remove corresponding frames from ic_pwrsaveq when a power-saving client decides to leave our hostap interface, preventing a panic.
Allowed fdisk(8) to extend the default OpenBSD partition to the end of the disk, rather than truncating at the end of the last full cylinder.
Fixed spurious abort of a VM by vmd(8) when the scheduler moves a VM to a different core while it is sleeping on a lock.
Fixed broken vmd(8) "boot device cdrom" feature after a fix in seabios.
Disabled probe requests during scans in iwx(4) again, preventing device timeouts for some devices.
Implemented bgscan_done() handlers for iwx(4) and iwm(4).
Introduced an optional driver-specific bgscan_done() handler which allows the driver to take control of the roaming teardown sequence, ensuring that race conditions between firmware state and net80211 state are avoided.
Fixed an xserver 1.21.1 crash when attempting to run fvwm(1) on an x61/965gm with the modesetting driver on amd64.
Prevented a potential race which could make umount(8) fail spuriously in the installer.
Improved the testing of credentials against inserted FIDO keys, reducing spurious "Confirm user presence" notifications for key handles relating to FIDO keys which are not currently inserted.
Ensured ^C may be used to kill ssh(1) sessions where SessionType=none.
Fixed removal of SAs that could not be flushed with ipsecctl(8) -F.
Fixed booting from an IDE block device on the Sun Blade 100.
Prevented select(2) from blocking if registering found pending events.
Introduced pcyrtc(4), a driver for the NXP PCF85063A/TP RTC chips.
Implemented RFC6840 (AD flag processing) if using trusted name servers.
Aligned memory allocation for USB device drivers and USB HC drivers, enlarging the USB memory pool.
Added ikectl(8) "show certinfo" to show trusted CAs and certificates.
Introduced iicmux(4), a driver that switches between I2C busses connected to a single I2C controller by using the pin muxing facilities of an SoC.
Made config(8) -c cmdfile use lines from the command file for all input, not just commands. This allows complex actions like changing device parameters.
Allowed interface names as scope-id in IPv6 link-local addresses in unbound(8).
Added support for PPP IPCP extensions for DNS to sppp(4).
Fixed broken key exchange negotiation with matching proposals in iked(8).
Added the sntrup761x25519-sha512@openssh.com hybrid ECDH/x25519 + Streamlined NTRU Prime post-quantum KEX to the default KEXAlgorithms list fo ssh_config(5) and sshd_config(5).
Fixed ssh-keysign(8) for KEX algorithms that use SHA384/512 exchange hashes.
Added gpiokeys(4) for arm64, a driver which handles events triggered by GPIO keys such as lid status and power button.
Limited the number of publication points under a given TAL in rpki-client(8).
Documented install.site(5), OpenBSD installation and upgrade customization.
Fixed handling of interrupts shared between multiple swiic(4) devices.
Allowed passing a different signal than SIGTERM in the default rc_stop() function in rc.subr(8).
Made the kqread event filter MP-safe.
Corrected httpd(8) version string checking, responding with 505 Version Not Supported rather than 400 Bad Request when the version format is incorrect.
Changed sysctl(8) default to hw.perfpolicy=auto at startup, defaulting to 100% performance with AC power connected and using the auto algorithm when on battery.
Implemented openrsync(1) --max-size and --min-size.
When downloading resident keys from a FIDO token, made ssh(1) pass back the user ID that was used when the key was created and append it to the filename the key was written to (if not the default).
Cleaned up irrelevant uses of 3rd mode_t parameter for open(2)/openat(2), unused when not creating files.
Ensured armv7 and arm64 efiboot allocate fresh memory for the device tree with at least one page of free space to extend into. This fixes booting on VMWare Fusion.
Added rejection of malformed Subject Alternative Names at certificate creation time to LibreSSL.
Added a way to force a color to RGB in tmux(1) and a format to display it.
Stopped prompting whether to fall back to HTTP in the installer, making the fallback automatic.
Fixed a panic by prohibiting renames of tmpfs mount-points.
Set klist lock for sockets to make socket event filters MP-safe.
Made pipe event filters MP-safe.
In httpd(8), stopped sending content alongside responses to HEAD requests.
Stopped duplicating "Connection: close" headers in relayd(8), only adding it if it's not a websocket response.
Provided common btrace(8) scripts kprofile.bt (to save kernel stackframes and produce flamegraphs) and runqlat.bt (to measure the latency of the scheduler runqueues).
Added call to unveil(2) to restrict stty(1) -f filesystem access.
Added support for tpm2 CRB interface to tpm(4), fixing recent S4 regressions on the Surface Go 2 caused by a firmware change.
Retired asynchronous crypto API.
Added new OpenSSL api SSL_write_ex, SSL_read_ex and SSL_peek_ex.
Annotated an httpd(8) 413 error with "request body too large" in the error log.
Fixed double free after allocation failure in bpf(4).
Provided a way to determine our maximum legacy version for TLS in libssl, unbreaking RSA KEX for the TLS client when the non-version specific method is used with TLSv1.0 or TLSv1.1.
Called pledge(2) later to prevent it from killing various games using ncurses when both stdout and stderr are redirected to a non-tty.
Removed unusable route(8) -T and exec support from ramdisk.
Reinstated the fips mode test functions to libcrypto.
Added rcctl(8) "ls rogue" to show daemons which are running but not set as "enabled" in rc.conf.local(8).
Fixed a potential buffer overflow in openssl(1) certhash.
Renamed Pacific/Enderbury timezone to Pacific/Kanton.
Fixed an interrupt storm on dwge(4) variants which support Energy Efficient Ethernet when connected to a switch which does so as well.
Ensured enabled resolvers are honored by unwind(8) to keep unused forwarders disabled properly.
Implemented rsync(1) --compare-dest, allowing specification of additional directories to check for files to be available.
Prevented ssh(1) memory leak if getaddrinfo returns no addresses.
Explicitly stopped iwx(4) Rx block ack when roaming between access points.
Added support for 802.11n 40MHz channels to the iwm(4) driver.
Added monitoring of 20/40MHz channel width changes in beacons sent by our access point, notifying drivers when the channel width has changed.
Added support for 40MHz channels to net80211 RA.
Fixed establishing legacy INTx interrupts on machines without a (usable) MSI interrupt controller.
Merged bugfixes from upstream into less(1) including fixes for the prompt hiding feature (CTRL-P) and an integer overflow.
Cached the old BSSID when roaming with iwm(4) so firmware commands can continue using it while roaming to a new AP.
Stopped pkg_add(1) from communicating warnings starting with "XXX" which appeared to indicate errors.
Ensured iwm(4) uses only the HT (high throughput) frame format for data frames.
Allowed AUTH->AUTH state transitions in the iwm(4) and iwx(4) drivers again, needed if the access point uses band-steering.
Removed the ifconfig(8) autoconfprivacy deprecation warning.
Retired the Loongson platform.
Fixed iwm(4) performance drop after roaming between APs in 11n mode.
Applied a workaround in mvkpcie(4) to fix an external abort under load with athn(4).
Added relicensed wireless firmwares from Realtek for rsu(4), rtwn(4) and urtwn(4) devices, allowing these devices to work without requiring a separate firmware download.
Added a workaround for buggy athn(4) devices to prevent filling up the node cache when used in hostap mode.
Made redistributable firmwares available across all architectures.
Enabled X509_V_FLAG_TRUSTED_FIRST by default in the legacy verifier.
Deleted expired DST Root CA X3.
Prevented iwm(4) and iwx(4) attempts to transition toward the same state where this would result in a redundant or illegal state transition and a potential hang.
Removed the constraint that fdisk(8) -b specified block count or block size must be greater than 63.
Added support to pchgpio(4) for Cannon Lake H and Tiger Lake H platforms.
Fixed a crash in tmux(1) when a session with multiple clients is destroyed but tmux does not close completely due to other sessions.
Introduced gpiocharger(4), a driver providing support for battery chargers connected to GPIO pins, such as those found on the Pinebook Pro.
Introduced gpioleds(4) for arm64, a driver providing support for LEDs connected to GPIO pins, such as those found on the Pinebook Pro.
Reset the Tx timer upon validation of a BA notification sent by iwx(4) and iwm(4) firmware.