This selection is intended to include all important
and all user-visible changes.
For a complete record of all changes, please see the "source-changes"
mailing list, called "OpenBSD CVS"
in the archives,
or use CVS.
Improved vnet(4) to work better in busy conditions.
Added a bpf(4) timeout (BIOCSWTIMEOUT) between capturing a packet and making the buffer readable, preventing for example pflogd(8) waking every half second even if there is nothing to read. By default this buffer is infinite and must be filled to become readable.
Disabled jump tables by default on sparc64 in preparation for default execute-only.
Stopped holding the vm_map lock while flushing pages in msync(2) and madvise(2). Prevents a 3-thread deadlock between msync(2), page-fault and mmap(2).
Removed dangerous user-settable "addr" variable from MI bootloader, only compiling tty-related code on platforms where it makes sense for the bootloader to control it.
Made time(1) work correctly in the luna88k bootloader.
Fixed ssh(1) progressmeter corruption on wide displays.
Added lastcomm(1) reporting for process kills due to execve(2) from non-pinned syscall address
Attached Apollo Lake HD Audio device to azalia(4), enabling audio.
Made rpki-client(8) ensure there is no trailing garbage in signed objects.
Fixed a possible freeze in execve(2) when a dual-cpu macppc started daemons during boot.
Improved the default choice for the installer's install media disk question.
Made pinsyscall(2) always available for pledged processes.
Added psci(4) support for available deep idle states as advertised in device trees.
Prevented potential panics by disallowing the iwx(4) init task from running in parallel to wakeup code during resume.
Used pinsyscall(2) to tell the kernel the location of the execve stub in libc.so, so it must be called from that region in non-static binaries or else the process will be killed.
Made the kernel validate the execve(2) libc stub location.
Fixed rsync(1) handling of port numbers in rsync://host[:port]/module URLS.
Added -mpls to the route(8) monitor case.
Added scmi(4), a driver for the ARM System Control and Management Interface.
Added support for RK356x TSADC clocks to rkclock(4).
Added dwqe(4), a driver for the Synopsis DesignWare Ethernet QoS controller used on the NXP i.MX8MP, the Rockchip RK35XX series and Intel Elkhart Lake.
Added support for the Shenzhen Tangcheng Technology TCS4525 voltage regulator to fanpwr(4).
Made efiboot fdt support device trees with NOPs in them (like the kernel version).
Fixed an alignment issue in iwx(4) Rx descriptors.
Ensured execute-only rules are applied to forked processes.
Removed backwards compatible padded functions in the kernel.
Made ls(1) work correctly in the luna88k bootloader.
Added iked(8) support for configuring multiple name servers.
Allowed ssh-keygen(1) and ssh-keyscan(1) to accept -0hashalg=sha1|sha256 when outputting SSHFP fingerprints to allow algorithm selection.
Added an sshd(8) -G option that parses and prints the effective configuration without attempting to load private keys and perform other checks.
Stopped the installer from asking to initialize disks that have softraid(4) chunks.
Ensured there is a terminating newline when adding a new entry to ssh(1) known_hosts.
Prevented an openssl(1) crash upon inspecting malformed PKCs7 files.
Switched sparc64 to default --execute-only.
Fixed arbitrary memory read in x509 GENERAL_NAME_cmp().
Extended disklabel(8) template parsing to allow "[mount point] *" as the specification for putting the maximum available free space into a partition, and extended command line parsing to allow "T-" as the specification to read the template from stdin.
Added a tmux(1) L modifier like P, W, S to loop over clients.
Made vmd(8) scan the pci bus to determine bootorder strings.
Prevented smtpd(8) abort due to a connection from a local, scoped ipv6 address.
Made tcpdrop(8) accept netstat-style address.port syntax.
On amd64 cpu with the PKU feature, forced the PKU register to inhibit data read against PKU key1 memory on every exit from kernel to userland and abort the process on (some) traps into the kernel if the register is changed, offering execute-only functionality on most modern intel and AMD cpus.
Made ppb(4) bus range available after detaching, fixing unplugging and replugging thunderbolt devices that were plugged in when the machine was booted.
Revised arm64 implementation of pmap_protect(9) in preparation for execute-only support.
In disklabel(8), used the size of the largest chunk of free space, not the total of all such chunks, when checking for sufficient space to add a partition.
Changed arm64 suspend idle loop from WFE to WFI, avoiding spurious wakeups while other CPUs are still active.
Changed vmd(8) to only open /dev/vmm once, having the parent process send the fd to the vmm child process.
Added dwge(4) support for "enhanced descriptor" mode found on some variants of the Synopsys DesignWare GMAC.
Changed the ld.lld(1) default to --execute-only on amd64 and sparc64.
Created /dev/efi on amd64 and arm64.
Implemented access to EFI variables ESRT through an ioctl(2) interface compatible with what FreeBSD and NetBSD have.
Made amd64 cpuid recognize protection keys for supervisor mode (PKS).
Fixed .wav files generated by aucat(1) by using extended header format.
Added aspa-set to openbgpd config output in rpki-client(8), which can be disabled with the -A flag.
Prepared the mips64 (octeon, loongson) kernel to run --execute-only ld.so(1).
Switched hppa, arm64 and riscv64 to --execute-only by default.
Added ASPA validation functions to the bgpd(8) RDE.
Enabled TLB read inhibit on OCTEON Plus and newer SoCs.
Added mips64 TLB bypass for instruction emulation.
Added MIPS64r2 TLB read inhibit support.
Added retguard to amd64 syscalls.
Prepared hppa ld.so(1) to support execute-only text.
Switched luna88k boot loader to MI boot code.
Fixed frame buffer corruption and additional bugs after wakeup on Apple Silicon laptops and the Lenovo x13s.
Added short options for timeout(1) --foreground and --preserve-status.
Hid the WAITPKG cpu feature from vmm(4) guests, preventing invalid instruction exceptions. Also added WAITPKG feature identification to i386 and amd64.
Set the arm64 default for the machdep.lidaction sysctl(8) to 1.
Generated "combreloc" scripts for the new ld.bfd(1) linker script template.
Adopted a workaround for a bug in the ARM generic timer on the A64, disabling userland timecounter support on affected hardware pending a similar libc workaround.
Added the audioctl(8) -w option to display variables periodically.
Made ld.lld(1) accept --executable-only on aarch64, riscv64 and mips64.
Made net80211 drop beacons received on secondary HT/VHT channels, preventing iwm(4) firmware panics and making association work with 11ac APs which transmit beacons on channels other than their primary.
Made use of the PA-RISC architecture supporting execute-only mappings with a "remain at privilege level 3" gateway page.
Removed copystr(9) from public API.
Added an sshd_config(5) ChannelTimeouts directive that allows configurable channel inactivity timeouts.
Ensured that the signal trampoline can be PROT_EXEC everywhere.
Added a dummy --no-execute-only option to ld.bfd(1) for compatibility with ld.lld(1) architectures, useful for ports.
Ensured pfctl(8) correctly adds addresses to the undefined/inactive
table.
Suppressed sftp(1) "Connection closed" messages in quiet mode.
Added support for authenticating geofeed data CSV files in rpki-client(8) filemode.
Added ifconfig(8) -M (mac) to find the mac address on an interface and print it.
Disabled screen backlight with aplsmc(4) on Apple Silicon laptops when the lid is closed.
Prevented an unwind(8) crash when a tcp query is larger than the length field indicated.
Added pwmleds(4), a driver for PWM controlled LEDs.
Protected interface tables in pf(4) with PF_LOCK(), allowing removal of NET_LOCK() protection from the ioctl(2) code path in pf.
Copied apple-boot firmware to EFI system partition, enabling automatic bootloader updates on Apple Silicon computers.
Improved mcx(4) performance by using interrupt-based command completion.
Added aplpwm(4), a driver for the PWM controller found on Apple Silicon.
Made aplhidev(4) wait for a reply when switching the touchpad into raw mode, preventing SMC crashes on machines with firmware from macOS 12.6.1.
Fixed the DIOCIGETIFACES ioctl so all network interfaces and interface groups are reported in pfctl(8).
Switched riscv64, mips64, loongson and octeon to clockintr(9).
Wired up HMAC to raw private key methods for Ruby's OpenSSL gem.
Fixed ed(1) to print bytes read/written and the ? prompt to stdout, not stderr.
Began implementing ASPA support in bgpd(8).
Placed mutexes after struct vm_map fields inspected bylibkvm and procmap(8).
Aded rpki-client(8) shortlist functionality, companion to skiplist, which will connect only to the hosts specified when using -H at least once, followed by FQDN.
Prevented Ed25519 signature malleability in accordance with RFC 8032.
Added restrictions to the input getaddrinfo(3) will attempt to resolve.
Added apple-boot firmware for Apple arm64 machines in fw_update(8) patterns.
Unlocked SIOCGIFCONF, SIOCGIFGMEMB, SIOCGIFGATTR, and SIOCGIFGLIST.
Updated NSD to 4.6.1.
Fixed delays with mips64 clock due to missing clock trigger on loongson.
Relaxed the list of interfaces supporting IPv6 to allow non-multicast interfaces to support IPv6.
Increased the size of amd64 EFI partition to accommodate newer x86 firmware updating methods.
Handled ssh(1) dynamic remote port forwarding in escape commandline's -R processing.
Bumped LibreSSL to 3.7.
Ported EVP raw key API from OpenSSL to deal with Curve25519 based keys.
Added suspend/resume support to control the power domain to aplsart(4).
Added qcpdc(4), a driver for the Qualcomm Power Domain controller found on Qualcomm SoCs.
Made the power button function as a wakeup button during suspend in aplsmc(4).
Put CPUs in the lowest P-state before the final suspend step, needed for systems where we park CPUs in a low-power idle state ourselves.
Cleaned up multiple devices from retired architectures.
Changed the default procmap(1) output to -a format.
Added support for per-cpu event counters, to be used for clock and IPI counters where the event counted occurs across all CPUs in the system.
Hooked up gpiobl(4) to the screen burner instead of wsdisplay(4) brightness control, allowing automatic screen blanking with X and wscons(4) once wsfb(4) is fixed.
Allowed IPPROTO_TCP:TCP_NODELAY in pledge(2) "stdio".
Added qcpwm(4), a driver for the PWM found on Qualcomm SoCs.
Implemented wakeup interrupt support in aplintc(4).
Prevented acme-client(1) from leaking an http get request when receiving a redirect without a location header.
Made rpki-client(8) error out upon receipt of an ROA payload with too many ipAddrBlocks.
Added gpiobl(4), a driver for gpio controlled display backlights, to allow screen shutoff for Apple Silicon laptops until a proper display controller driver is implemented.
Implemented alternative mailbox handling mechanism required by newer bwfm(4) firmware.
Removed locking in vmm(4) vmm_intr_pending, reducing slowdowns due to requests for a lock held while the VM is running.
Switched amd64 and arm64 to the clockintr(9) subsystem.
Extended arm64 suspend/resume to include support for parking CPUs in a WFE/WFI loop.
Made installboot skip softraid(4) keydisks silently.
Switched libressl to use BoringSSL's date conversion scheme.
Introduced a new kern.autoconf_serial sysctl(8) that can be used by userland to monitor state changes of the kernel device tree.
Set vmm(4) RAX guest register state based on VMCB.
Modified TCP receive buffer size auto-scaling to use the smoothed RTT (SRTT) instead of the timestamp option, which improves performance on high latency networks if the timestamp option isn't available.
Set up logger(1) traps earlier to ensure kernel relinking does not fail silently without log trace when /usr is mounted read-only.
Fixed ssh-keygen(1) parsing of hex cert expiry time.
Allocated reference for vm and vcpu SLISTs in vmm(4), keeping vmm from triggering excessive wakeup calls while iterating through the list of vms while servicing an ioctl(2).
Enabled em(4) IPv4, TCP and UDP checksum offloading and VLAN HW tagging for 82575, 82576, i350 and i210.
Made static TEXTREL binaries perform the mimmutable(2) operations themselves since a loader may want to perform text relocations inside mprotect permission flips.
Added mount_nfs(8) to the sparc64 installer, to fetch sets over NFS.
Introduced clockintr(9), a machine-independent clock interrupt controller.
Made the /var/run/ld.so.hints file mapping immutable.
Stopped attaching to the multiport USB controller on Lenovo X13s machines since it leads to hard resets.
Improved ssh-keyscan(1) to accept CIDR address ranges for targets to scan.
Updated libexpat to 2.5.0.
Limited display of wireguard peers by ifconfig(8) to when either a wireguard interface is specified or the flag "-A" is used.
Implemented the waitid(2) system call which is now part of POSIX and used by Mozilla.
Increased ssh(1) paranoia when dealing with host/domain names coming from the resolver by refusing to follow CNAMEs with invalid characters and never writing a name with bad characters to a known_hosts file.
Improved scp(1) handling of globbing when using the SFTP protocol for transport.
Stopped netstart(8) from waiting for autoconf during a dry-run (-n).
Made sure apldma(4) driver is attached before allocating a channel. Prevents a crash on M2 Macbook Air.
Introduced pijuice(4), an apm/sensor driver for the PiJuice HAT UPS.
Bumped tsleep timeout for bwfm(4) PCI devices to help prevent failures loading firmware, particularly on Apple M2 laptops.
Synced pbuild class for powerpc64 and riscv64 to amd64 and arm64, increasing to 8G.
Added support to gunzip(1) for zip files that contain a single member.
Bumped pbuild's login.conf datasize-cur to 8G on arm64.
Added hw.power, machdep.lidaction, and machdep.pwraction support for macppc.
Allowed changing of immutable RW regions to R for recent chrome renderers.
Made the read-only relro portion of static binaries mimmutable(2).
Adapted sigaltstack(2) to work on mimmutable regions allowing the stack to be marked immutable again.
Automatically marked immutable certain regions in program and ld.so(1) LOADs.
Added hooks to disable and enable GPIO interrupts.
Added support for the Rockchip RK3568 processor.
Added zap-to-char and zap-up-to-char to mg(1). Bound zap-to-char to M-z.
Stopped attempting to use EFI runtime services on UEFI versions before 2.1.
Implemented openmetric output via the bgpctl(8) show metric command.
Preserved the marked pane when renumbering windows in tmux(1).
Improved the clickpad/touchpad detection in hidmt.
Fixed a bug in the initialization mechanism of wsmouse(4).
Went back to the old approach to sigaltstack(2) but added checks for assuring it is a non-syscall region and protection needing to be exactly RW besides the existing placement in a new anonymous mapping.
Converted the remaining I2C RTC drivers to use todr_attach().
Implemented the RFC 8781 PREF64 router advertisement option in rad(8).
Added passing of boot device information from the bootloader to the kernel on luna88k.
Fixed a crash when using virtio(4) with agintc(4) by properly implementing LPI interrupts.
Added support for the RK3568 PCIe controller to dwpcie(4).
Implemented support for message based interrupts on arm64.
Added client certificate authentication and an optional SASL EXTERNAL bind to ypldap(8).
Allowed assigning a quality number to RTC implementations so the "best" RTC can be chosen if a system has more than one.
Had the kernel inform the user if the disklabel(5) is obsolete.
Added support for the Rockchip RK817 PMIC.
Restored recalculation of the checksum of normalized packets in pf(4).
Added the new mimmutable(2) system call, which locks the permissions (PROT_*) of memory mappings so they cannot be changed by later mmap(2), mprotect(2), or munmap(2) calls, which will error with EPERM instead.
Added identifiers for the new "mutable bss" ELF section.
Fixed sparc64's ofwboot.net after it was broken by the last libz update.
Made ssh(1) honor the user's umask if it is more restrictive than the ssh default.
Increased the number of vdsp(4) devices created by default on sparc64 to 24.
Made ldomctl(8) accept more descriptive name-based paths in addition to number-based paths in ldom.conf(5).