This selection is intended to include all important
and all user-visible changes.
For a complete record of all changes, please see the "source-changes"
mailing list, called "OpenBSD CVS"
in the archives,
or use CVS.
For changes in other releases, click below:
Changes made between OpenBSD 6.5 and -current
- Made wireless drivers call if_input() only once per interrupt, reducing drops caused by the ifq pressure drop mechanism and increasing throughput.
- Merged Unbound 1.9.3.
- Prevented a potential panic caused by vmm(4) decrementing the number of VMs twice in one of the vm_create() error paths.
- Added information about system call memory write protection and stack mappion violations to system accounting. Now daily(8) will print a list of affected processes and lastcomm(1) will flag violations with 'M'.
- Increased datasize-cur for pbuild in login.conf(5) to 4GB for sparc64.
- Enabled nvme(4) on octeon.
- Added octpcie(4), a driver for the PCIe controller found on OCTEON II and OCTEON III.
- Added sfp(4), a driver allowing communication with SFPs connected over an I2C bus and reading pages over the SFP framework.
- Added SFP and I2C ofw frameworks.
- Removed tz, the kernel timezone.
- Disabled base-gcc on armv7.
- Allowed prepending a list of algorithms to the default set in ssh(1) by starting the list with the ^ character.
- Added mcprtc(4), a driver for the Microchip MCP79400 RTC and similar.
- Added mviic(4), a driver to support the I2C controller on the Armada 3700 SoC.
- Added I2C clock gates to mvclock(4).
- Added support for filter-reports to smtpd(8), allowing filters to send freetext reports to other filters/report handlers.
- Added mvdog(4), a driver to support the watchdog on the Armada 3700 SoC.
- Fixed a crash at power down when Supermicro X8DTH-i/6/iF/6F fails to attach uhci(4) via PCI and AHCI.
- Added support for the Allwinner H6 to sxipio(4) and sxiccmu(4).
- Fixed a potential endless loop when em(4) is in an error state.
- Added the set_blksz() and set_nblks() audio(9) driver functions, allowing audio drivers to easily set the block size, matching both playback and recording constraints.
- Introduced "junk" built-in filter actions to smtpd(8).
- Added support to amlclock(4) for obtaining CPU clock frequency.
- Enabled amlmmc(4), a driver for the SD/MMC controller found on various Amlogic SoCs.
- Added clang(1) support to macppc.
- Dropped support for building with gcc(1) on armv7.
- Added bnxt(4) support for MSI-X.
- Added sshsig, a lightweight signature and verification ability for OpenSSH, to ssh-keygen(1). Signatures can be made and verified using
ssh-keygen -Y sign|verify.
- Implemented setting the CPU clock for Allwinner A64 SoCs in sxiccmu(4).
- Made net80211 expose reasons for association failures to have ifconfig(8) display them in "scan" output and on the ieee80211(9) status line.
- Reset the current wireless PHY mode to "auto" when a scan begins if in media autoselect mode, preventing AP selection error when an interface has been switched to a fixed PHY mode.
- Fixed a tap-detection code error in wscons(4) that may prevent handler switching to the DETECT state when necessary.
- Removed configured IPv6 addresses remaining when slaacd(8) detects a link-state change but no new router advertisement.
- Added amldwusb(4), amlusbphy(4) and amlpciephy(4), drivers for the USB controller and PHYs on the Amlogic G12A/B SoCs.
- Prevented WPA APs from appearing as non-WPA to the AP selection logic if the driver announces RSN support.
- Added ure(4) support for RTL8153B.
- Fixed iwm(4) frame length check.
- Used acpi(4) information to attach amd64 PCI busses as on arm64.
- Used unveil(2) at startup for ping(8) and traceroute(8) to render the filesystem read-only.
- Built and enabled amdgpu(4) on arm64.
- Added amlpinctrl(4), a driver to configure pins and control GPIOs on Amlogic SoCs.
- Added support for ethernet on Lenovo USB-C docks.
- Disabled base gcc(1) on i386.
- Kept ieee80211_node(9) structures cached across scans.
- Added imxtmu(4), a driver to upport the temperature sensors on i.MX8M SoCs.
- Fixed a crash resulting from radeondrm(4) error handling.
- Added amlrng(4), a simple random number generator driver for Amlogic SoCs.
-n is honored when deleting entries in arp(8).
- Added amclock(4), a driver for the Amlogic SoC clocks.
- Began reporting qsfp monitor values in ifconfig(8).
- Added amlreset(4), a driver to support signal controller blocks on Amlogic SoCs.
- Fixed a kernel crash with pf(4) when "set timeout interval 1" was used in pf.conf(5).
- Added amluart(4), a driver for the UARTs found on various Amlogic SoCs.
- Allowed for "port smtp" and "port smtps" on listen statement in smtpd(8).
- Fixed an iked(8) conflict when IKE SA and Child SA rekeying happened at the same time, resulting in lost messages.
- Added Comet Lake pci(4) ids.
-n is honored when setting ndp(8) entries.
- Stopped smtpd(8) processing of records of unexpected types, fixing an issue where CNAME records generate bogus results.
- Fixed incorrect vmctl(8) output when using
vmctl stop with no further arguments.
- Added Intel 100 series LP eMMC/SDXC and Intel WHL-U Host pci(4) ids.
- Added kern.utc_offset to sysctl(2). This is a successor to the DST/TIMEZONE options(4), which are incompatible with KARL. Also switches to using an offset in minutes east of UTC.
- Lowered sysupgrade(8) timeout to 30 minutes per set.
- Fixed a race condition in the invalidation of remote TLB entries for mips64.
- Removed support for semantically opaque interface identifiers (RFC 7217) for IPv6 link local addresses.
- Increased the
/usr auto-allocation size in disklabel(8).
- Switched to loading the TAL installed in
/etc/rpki by default in rpki-client(8). Added a
-t tal option to pass in TAL files by hand and set the argument to the filename of the output file.
- Added a configuration option for reverse scrolling to wsmouse(4).
- Added support for additional Elantech-4 touchpad models.
- Increased default datasize for pbuild in login.conf(5) to 6GB.
- Added support for the SMBus System Interfaces (SSIF) to ipmi(4).
- Restored MSRs and PAT on main CPU after resume, potentially improving performance of the console on many amd64 machines.
- Enabled TCP and UDP checksum offloading by default for ix(4).
- Added missing sxiccmu(4) OHCI clocks for the Allwinner R40.
- Implemented Linux compatibility acpi(4) interfaces and enabled the ACPI support code in radeon(4) and amdgpu(4).
- Removed snmpctl(8) in favor of snmp(1).
- Fixed a segfault in the iked(8) parser when specifying an invalid transform.
- Prevented a race condition where the acct(2) syscall and accounting thread both tried to close a vnode.
- Fixed an iked(8) NAT traversal detection bug when "local" option is not explicitly set.
- Implemented backlight control for amdgpu(4), allowing setting of the backlight using wsconsctl(8).
- Modified azalia(4) to enable speaker routing on the ThinkPad X1C7.
- Fixed a segmentation fault in awk(1).
- Allowed PXE booting using U-Boot by relaxing requirements of the EFI PXE protocol.
- Enabled amdgpu(4) on amd64.
- Added Union Memory NVMe pci(4) ids.
- Modified ospfd(8) to warn when a neighbor changes its source IP address.
- Ensured that mail rejected by the LMTP server in smtpd(8) will stay queued, rather than bouncing.
- Added clock support to sxisyscon(4), a driver for the system controller found on various Allwinner SoCs.
- Fixed pluart(4) output when a machine is under load.
- Imported from OpenSSL 1.1.1 to ultimately support CMS in crypto(3).
- Moved to 6.6-beta.
- Used unveil(2) to restrict ldpd(8) filesystem access.
- Added TSC synchronization for multiprocessor machines and re-enabled TSC as the default amd64 time source.
- Imported snmp(1), a new snmp client which aims to be netsnmp-compatible for supported features.
--address argument to openrsync(1) to bind to the specified address when connecting to an rsync daemon.
- Began supporting WPA2 CCMP encryption/decryption in hardware with iwm(4).
- Disabled filesystem access for dhcpd(8) invoked with -A/-C/-L through use of unveil(2).
-d dst and
-t minutes_west from date(1) as part of the kernel timezone removal effort.
- Added recognition of the azalia(4) Realtek ALC285.
- Mitigated CVE-2019-1125, a potential exploit utilizing a variant of the Spectre side-channel vulnerability in Intel CPUs built since 2012.
- Added uvideo(4) support for dual functions on integrated USB cameras.
- Added uvideo(4) support for the KSMedia 8-bit IR format.
- Improved bgpd(8) RIB reload behavior and removed 'route-collector yes|no' from the bgpd config in favor of 'rde rib Loc-RIB no evaluate', which can be altered during runtime.
- Fixed random kernel hangs on some sparc64 machines by blocking interrupts while sending an IPI on sunv4 (as on sun4u).
- Fixed vnode leak bugs in unveil(2) and realpath(3) where namei(9) reference counted the equal parent and lookup vnode twice.
- Implemented smbios(4) support on arm64.
- Increased maxusers to 80 on arm64, allowing growth up to 128.
- Ensured a one-shot-upgrade on compatible systems by having the bootloader us
fchmod -x upon discovering and opening /bsd.upgrade, so that the file cannot be re-executed on the next boot.
- Added Ampere vendor and eMAG PCIe pci(4) ids.
- Fixed an smtpd(8) crash on excessively large input.
- Fixed a umount(8) device busy error when unveil(2) and chroot(8) are used together.
- Added tpmr(4), an 802.1Q two-port MAC relay implementation.
- Fixed dual booting of MacOS 9.2.2 formatted disks.
- Enabled the AUTOCONF4 dhclient(8) flag, set on startup and able to be set/unset by ifconfig(8).
- Prevented a panic when setting up a gre(4) tunnel when IPv6 duplicate address detection sends a packet too soon.
- Made nc(1) proxy auth work with http 1.1-speaking webservers.
- Added support for 802.11n Tx aggregation to net80211 and iwm(4).
- Added iavf(4) driver for Intel Ethernet Adaptive Virtual Functions compatible with SR-IOV virtual functions of Intel 700 series and newer ethernet controllers.
- Added octeon bootloader to files copied to the boot partition. To use the bootloader, the firmware must be configured to load file "boot" instead of "bsd."
- Increased the maximum channels for uaudio(4) devices from 16 to 64.
- Fixed booting from nvme(4) on sparc64.
- Moved ldomd(8) configuration format from ldomctl(8) into ldom.conf(5).
- Added recognition of sparc64 PCI buses which don't support INTx.
- Added Sun Static Direct I/O pci(4) ids.
- Added checks for programs trying to access files hidden by unveil(2) and added these violators to the lastcomm(1) output and daily mail.
- Fixed a pledge(2) violation in ssh(1) when a combination of a Yubikey, GnuPG and remote forwarding is used.
- Made SMTPS default to port 465 in relay-host.
- Ensured that -n overrides -t in lock(1), irrespective of order.
- Skipped sending mail in secure mode (-S) in vi(1) when executing the :pre[serve] command or dying from SIGTERM, allowing creation of the recovery file without adding to the pledge(2).
- Disabled caches and MMU on 32-bit ARM before jumping to the kernel entry point, to meet OpenBSD/armv7 kernel expectations of a boot with these off while UEFI and U-Boot work with them enabled.
- Applied unveil(2) to switchd(8).
- Ensured bridge(4) will choose the physical interface for delivery when multiple ports share the same MAC address.
- Removed the default timeout from lock(1).
- Prevented a possible race condition during dhclient(8) startup.
- Increased efficiency of poll() in bgpd(8) by allocating increased send and receive buffers for socketpair().
- Added "slow" to the list of ethernet protocol names in pcap(3).
- Allowed the ssh-keygen(1) verbose flag when searching for host keys in known hosts, printing the matching hosts's random art signature.
- Prevented a kernel crash in pf(4) by adding a check to prevent expired once rules from being added to pf_rule_gcl.
- Changed the bgpd(8) Adj-RIB-Out to a per-peer set of RB trees, improving speed.
- Added a bootloader for octeon to be enabled later. The loader program is accompanied by the octboot(4) device, which allows loading and launching kernels.
- Prevented integer overflow when checking mbuf limits.
- Fixed a race condition in ntpd(8) and adjusted to re-resolve and retrieve constraints after clock syncing to correct shifts during time adjustment.
- Made realpath(3) posixly correct by changing the kernel implementation not to succeed on final path components which do not exist.
- Added support for PKCS8 as an optional format for storage of private ssh(1) keys, enabled via
ssh-keygen -m PKCS8.
- Added tls-cert-bundle option to unbound.conf(5). TLS connections are not reused by unbound(8), so TCP and TLS handshakes will disproportionately increase latency compared to UDP.
- Fixed a direct map bug affecting amd64 machines with greater than 1023GB physical memory.
- Provided a notification to stderr to indicate messages have been shown when mandoc(1) output is printed without a pager, to indicate messages may have preceded the output.
- Added an interface to set/update a data property to ldomctl(8).
- Ensured that sndiod(8) will not lose track of which volume controls belong to different instances of the same program upon disconnection and reconnection.
- Included SHA2-variant RSA key algorithms in KEX proposal, allowing ssh-keyscan(1) to harvest keys from servers that disable SHA1 ssh-rsa.
- Added access to timeout(9) status and statistics to sysctl(2), allowing throughput tracking of the timeout layer from userspace.
- Restricted filesystem access for dhclient(8) using unveil(2).
- Enforced a per connection limit of 128 SACK holes managed at the tcp(4) socket, further preventing an unlikely attack where the lists of SACK options grow due to an attacker attaching all sack holes to a limited number of TCP connections, consuming CPU.
- Added the missing openssl(1) option
- Ensured that uvideo(4) devices are allowed sufficient probe buffer size for the given version.
- Implemented Linux kthread(9) drm(4) interfaces.
- Added OpenBSD::Unveil, a perl interface to unveil(2).
- Fixed a vfs(9) unlinking failure due to unveil(2), which led to a file system which could not be unmounted.
- Added support for version 3.0 of the 'mdstore' protocol to ldomctl(8).
- Fixed a race condition in mpii(4) devices by waiting for ports to finish scanning.
- Added user instructions to manually run
/usr/libexec/reorder_kernel in case of syspatch(8) kernel update failure.
- Handled unreliable ntp peers by removing them from the pool upon non-response in ntpd(8), preserving good peers and re-resolving to find a replacement.
- Modified octeon to allow all network interfaces for root device selection when there is no explicit device class match for a given boot device.
- Improved file cleanup code for syslogd(8) that had been blocked by unveil(2), preserving the ability to remove a stale
- Prevented a panic with bwfm(4) devices due to an overflowing async ring buffer.
- Added aggr(4), a dedicated driver to implement 802.1AX link aggregration.
- Fixed a free(3) size panic when detaching a crypto softraid(4) volume on i386.
- Updated the mac/vlan filters appropriately when the mac address changes on an ixl(4) device.
- Added server time.cloudflare.com to ntpd.conf(5).
- Improved handling of Raven, Raven2 and Picasso amdgpu(4) devices.
- Added tsleep_nsec(9), msleep_nsec(9) and rwsleep_nsec(9), which take timeouts in nanoseconds and use INFSLP to indicate a timeout should not be set.
- Stopped a segfault in mandoc(1) when /tmp is not writable.
- Locked the kernel when removing file descriptors from the descriptor table, preventing a race with kevent(2).
- Fixed a bug in pf(4) where the next hop interface configured with 'route-to' was not used when using source address tracking.
- Added thermal zone handling code to link together thermal sensors and cooling devices to actively or passively cool devices. Registered cpu(4) as a cooling device to support passive cooling and rktemp(4) as a thermal sensor.
- Switched the default compiler on octeon to clang(1).
- Merged Mesa 19.0.8.
- Stored the current filter parameter in the smtpd(8) session, fixing a bug where filters in a chain received a null parameter.
- Reintroduced ifiq_input counting backpressure by counting the number of times a nic has tried to queue packets before the stack processes them as a measure of load on the network stack, and beginning to drop packets when the load is too high.
- Implemented proper HDMI audio support for serial DVO.
- Updated libexpat to 2.2.7, including a fix for a potential denial-of-service attack (CVE-2018-20843).
- Modified amd64 and i386 to write back and invalidate caches before updating CPU microcode and added a compiler-level memory barrier to the instruction.
- Merged Unbound 1.9.2.
- Fixed a problem with the bgpd(8) session engine which caused it to spin with a poll timeout of 0.
- Enabled MSI-X interrupts.
- Allowed additional video(4) ioctls for the video pledge needed by chromium.
- Fixed sign handling in emulated floating point operations on sparc64.
- Added support for OCSP stapling to bgpd(8) due to an uninitialized peer id.
- Removed irrfilter from bgpctl(8). Other tools can be used to generate AS and prefix sets based on IRR data, such as bgpq3 (in ports).
- Added the glkgpio(4) driver for the gpio controllers on Intel's Gemini Lake SoC.
- Stopped retrying to get the usb descriptor in usbd_new_device() when the call times out, making reattaching USB at resume happen more quickly.
- Readded communities lost after the bgpd(8) community changes by dumping them explicitly with mrt.
- Added an option to build octeon kernels using clang(1).
- Unlocked getrlimit(2) and setrlimit(2) syscalls.
- Added ps(1) '-o pledge' option, which prints a comma-separated list of pledges active on each process.
- Exported the state of unveil(2) to allow display by ps(1) and added status flags 'u' or 'U' to process installed unveils not yet locked and locked, respectively.
- Invalidated icache when changing pmap(1) mapping on octeon, preventing running of previous instructions.
- Made taskq_barrier(9) work for multi-threaded task queues.
- Updated clang(1) build infrastructure for LLVM 8.0.0.
- Merged LLVM 8.0.0 release.
- Unlocked read(2) and write(2) syscalls.
- Switched KARL to using install(1) -F rather than cp for fsync(2) to reduce likelihood of an incomplete kernel transfer to disk.
- Fixed conversions to long double on sparc64.
- Made resource limit access MP-safe.
- Encrypted private ssh(1) keys that are not in use as protection against speculation and memory sidechannel attacks like Spectre, Meltdown, Rowhammer and Rambleed.
- Added a -A flag to show-options in tmux(1) to show parent options.
- Added a DNS probe to determine whether ntpd(8) should attempt an (auto) settime or give up.
- Added -f flag to reput and reget in sftp(1) and settled on use of the -p and -R forms of existing switches.
- Modified test (aka "[") in ksh(1) to allow use of string greater/less than operators, matching the behavior of test(1) and other shells like bash and dash.
- Fixed potentially stalling TCP connections on wifi by stopping probe of Tx rate in the case of transmission failure or excessive retries.
- Merged libc++, libc++abi and libunwind version 8.0.0.
- Added the aplgpio(4) driver for the gpio controllers on Intel's Apollo Lake SoC.
- Imported Kristaps Dzonsons' RPKI validator, rpki-client(8).
- Prevented a panic in pci_intr_establish(9) by assigning an address to the BAR used by the MSI-X tables if none has been assigned.
- Rewrote bgpd(8) community matching and handling code and improved performance for setups using many communities.
- Removed the old userland realpath(3) and replaced it with __realpath(2), a kernel implementation. This will prevent calling readlink() on every component of a path and improve performance for unveil(2).
- Added a -c option to logger(1) for passing LOG_CONS to syslog(3).
- Replaced chroot(2) with unveil(2) for acme-client(1).
- Rewrote doas(1) environment inheritance not to inherit, and instead reset to the target user's values.
- Restricted sysctl(2) filesystem access to read only _PATH_DEVDB and /dev through unveil(2).
- Stopped tmux(1) from looping if a menu item contains invisible characters.
- Converted assorted kernel code from use of hz(9) to timeout_add_sec(9) et al.
- Added additional Apollo Lake pci(4) ids.
- Prevented a crash when the environment variable is present but empty in tmux(1).
- Protected against a kernel crash due to missing inp_ppcb when fstat(1) was called often and TCP was aborted with reset.
- Added regular expression support for the format search, match and substitute modifiers in tmux(1).
- Implemented elliptic curve (ECDSA) domain keys in acme-client(1).
- Modified tmux(1) to pass the target on to new commands with if -F.
- Changed the number of wsmouse(4) devices created by MAKEDEV to 10, allowing X input configs for many devices at once on newer machines.
- Implemented SHA-2 support for snmpd(8) authentication (RFC 7860).
- Added the mcx(4) driver to sparc64.
- Implemented MSI-X support on sparc64.
- Allowed drm(4) allocation of memory without constraints if the hardware supports 64-bit DMA.
- Introduced ntpd(8) automatic settime mode.
- Included mount_nfs(8) on the amd64 ramdisk_cd.
- Skipped PCI host bridges and devices not present with acpi(1) when establishing the mapping between ACPI device nodes and PCI devices.
- Added the ukspan(4) driver for the Keyspan USA19HS USB serial adapter.
- Implemented RFC 8555 "Automatic Certificate Management Environment (ACME)" to enable acme-client(1) to communicate with the v02 Let's Encrypt API. IMPORTANT NOTE: Users must change the api url in /etc/acme-client.conf to https://acme-v02.api.letsencrypt.org/directory. The v01 API will no longer be usable. Additionally, the acme-client(1) -A and -D flags have been removed.
- Enabled mcx(4) on arm64.
- Added a -v flag to source-file in tmux(1) to show the commands and line numbers.
- Introduced an ECDSA privsep engine and the code required for smtpd(8) to load and use ECDSA certificates.
- Supported 64BIT DMA for io in mpii(4).
- Increased MAXCPUs to 32 in arm64, allowing use of all cores on the Ampere eMAG.
- Prevented corruption of the pckbc(4) command queue when the first of multiple synchronous commands to timeout clears the command queue.
- Allowed mg(1) beginning-of-buffer and end-of-buffer commands the ability to take a numeric argument and remove n/10th of the way from the top or bottom of the current buffer respectively.
- Fixed MSI/MSI-X on arm64 machines with agintc(4).
- Implemented mcx(4) rx filtering using the flow table.
- Switched bintime routines to bintimeadd(9) and introduced bintimecmp(9), with similar behavior to the timeradd(3) macros.
- Used a simple hash table to look up blocks by the fast-hash in openrsync(1) and used a rolling computation, putting openrsync speed on par with gpl rsync for file updates.
- Added mandoc(1) support for 'prefers-color-scheme: dark'.
- Called uvm_growkernel(9) before uvm is initialized on arm64 to ensure machines with large amounts of physical memory do not fail to initialize uvm.
- Added support for the Cortex-A65 CPU.
- Re-enabled RETGUARD leaf function optimization for arm64.
- Added relayd(8) support for SNI with new 'tls keypair' option to load additional certificates.
- Checked the type of a network statement when looking for duplicates in bgpd(8). This fixes added network 0.0.0.0/0 after 'network inet static'.
- Added MSI-X support for acpipci(4), pciecam, dwpcie(4) and rkpcie(4).
- Changed vmctl(8) syntax to specify command options before the create, start and stop commands, matching commonly-expected style.
- Added mcx(4) jumbo frame support, setting the port MTU up to 9500.
- Worked around an ntpd(8) bootstrap failure in a dnssec environment by repeating a failed DNS lookup after an incorrect time leads to dnssec validation failure and disallows setting the correct time.
- Made improvements to bgpd(8) peer finding in the case where many peers have been configured.
- Fixed ubcmtp(4) multitouch by properly reading multi-finger data on type4 devices with padding between finger data.
- Fixed a tmux(1) crash when killing the current window.
- Supported virtio(4) 1.0 for virtio_pci.
- Modified tcpdump(8) to support '-T erspan' and allow arbitrary gre protocols.
- Allowed specifying area by number as well as id in ospf6d(8).
- Updated perl(1) to 5.28.2.
- Shutdown the service port when behind a captive portal with unwind(8), allowing bypass of captive portals that correctly answer SOA queries for the root zone and return NXDOMAIN for the captive portal redirect domain if edns0 is present.
- Implemented 'show mrt neighbors' in bgpctl(8), a command to print the neighbor table of MRT TABLE_DUMP_V2 dumps.
- Replaced the tmux(1) parser code, unifying parsing of the configuration file and string commands (and allowing constructs formerly unique to configuration to be used in string commands).
- Merged Mesa 19.0.5.
- Prevented more than one thread from opening a wscons(4) device in read/write mode.
- Ignored APM_UPDATE_TIME events in i386/amd64 apm(4). This prevents constant erosion of the system wallclock on certain systems.
- Stopped duplicate lease negotiation and application in dhclient(8) when RTM_IFINFO reports a change to the MTU of the interface, which had been confusing Google Compute Engine.
- Added amdgpu(4) from linux 4.19.44 to support recent AMD Radeon cards.
- Modified vmd(8) to drop fatalx calls when claiming a new vm id, preventing a crash of vmd and existing vms.
- Adjusted ssh(1) to default to using the rsa-sha2-512 signature algorith when signing certificates with an RSA key. This will render these certificates incompatible with OpenSSH < 7.2 unless the default is overridden by use of the (1) -t flag.
- Fixed integer overflow in block size calculation in aucat(1), fixing truncation of contents of files with rate above 64kHz generated in offline (-n) mode.
- Used unveil(2) on tetris(6).
- Prevented dhclient(8) from repeatedly obtaining a new/renewed lease when interface-mtu is present in a lease.
- Mitigated Intel's Microarchitectural Data Sampling vulnerability by using the new CPU VERW behavior if available or by using the proper sequence from Intel's "Deep Dive" doc in the return-to-userspace and enter-VMM-guest paths. Updated vmm(4) to pass through the MSR bits so that guests can apply the optimal mitigation.
- Added tcpdump(8) handling specific to ERSPAN type I.
- Improved athn(4) support for AR9271 to use the correct clock control register.
- Fixed vmd(8) -b to allow use of 'vmctl start foo -b /bsd -d disk.img -cL'.
- Adjusted ospfctl(8) to accept address and number format for 'ospfctl show database area XXX'.
- Modified vmctl(8) to treat vms disabled in vm.conf the same as any other vm which is stopped.
- Stopped changing router-id on ospfd(8) reload if unspecified.
- Attached two dwiic(4)-pci devices that are now functioning, enabling correct behavior of the trackpad and trackpoint of the Dell Precision 7520.
- Added support to the amd64 BIOS bootloader to load a kernel at a random virtual address.
- Allowed specification of a cmdfile for config(8) rather than piping in commands for -ef.
- Added support for 'boot device' to vm.conf(5) grammar, the '-B device' counterpart from vmctl(8).
- Added tee(1) to the ramdisk filesystem to provide a moving progress bar during auto upgrade/install and a clean log.
- Emulated kvm pvclock in vmm(4), compatible with pvclock(4) in OpenBSD.
- Added elf(3) support for -znoretpolineplt and made -zretpolineplt the default. Affects i386 and amd64.
- Fixed ifconfig(8) newflags. Added a new 'stayauth' nwflag which can be set to let net80211 ignore deauth frames, useful when deauth frames are being spoofed by an attacker.
- Ensured the extended acpi(4) PM register descriptions actually exist before using them, fixing machines with ACPI 1.0.
- Added first drm render node to the fbtab(5) list of devices to change when logging in on ttyC0. Added drm0 to loongson and added the complete set of wscons and drm devices to arm64.
- Added simple menus to tmux(1) tree, client and buffer modes.
- Added the colemak keyboard layout.
- Added support for remapping ACPI(4) PM registers using the 'extended' gasio representation from the FADT, fixing the Lanner NCA-1510.
- Enabled reporting of the vm state through use of the vmctl(8) 'status' command.
- Modified ld.so(1) to prune visited leaves when walking dependencies to call init functions in topological sort order, greatly reducing cost.
- Repaired and improved v6 default route selection in install.sub, fixing autoinstalls.
- Added support for IKEv2 Message Fragmentation (RFC 7383) to iked(8).
- Implemented interrupt controller functionality in rkgpio(4), allowing use of the fusbtc(4) interrupt on the RockPro64.
- Added fusbtc(4) to support the Fairchild FUSB302 USB Type-C controller.
- Synced vm state in vmd(8) when (un)pausing a vm to ensure both vmm(4) and vmd(8) processes know the vm is paused.
- Handled some unhandled instructions for SVM which led to vmm(4) guest termination, as well as RDTSCP and INVLPGA instructions.
- Added sysupgrade(8) support to the sparc64 bootloader.
- Added logging of ssh(1) PermitOpen and PermitListen violations.
- Added a fallback to ehci(4) which enables the USB ports on the RockPro64.
- Added support for simple tmux(1) menus usable with mouse or keyboard. Introduced the command "display-menu" to show a menu bound to the mouse on status line by default.
- Enabled switching between wireless and wired interfaces in dhclient(8), setting the default route with the interface address and allowing two default routes in the routing table. A wired interface will be preferred when connected.
- Explicitly disabled BCM4331 chips present in 2011-2012 Apple Mac systems to prevent an interrupt storm that can result when the Mac EFI firmware enables, but does not disable, the wireless controller.
- Added Intel Atom C3000 pci(4) ids.
- Added port protection support to switch(4). Domain membership is checked for unicast, flooded (broadcast) and local (host-network-bound, e.g. trunk) traffic.
- Introduced malloc_conceal(3) and calloc_conceal(3), which return memory in pages marked MAP_CONCEAL and call freezero() on free().
- Implemented DNS block lists in unwind(8).
- Fixed a bridge(4) memory leak when multiple interfaces do MAC filtering.
- Added support for from/to in relayd(8) filter rules.
- Introduced a -k flag to sysupgrade(8) to preserve the files in /home/_sysupgrade after upgrading.
- Added measurement of poll intervals with monotonic clock to acpisbs(4).
- Added consistent use of 'ifconfig $_if [-inet| -inet6]' to clear existing configurations completely after restarting an install.
- Added a sysctl(8) accessor to struct pf_status to allow export of current status and statistics without super-user rights via sysctl. Used this to print
- Changed the behavior of swap-window -d in tmux(1) to match swap-pane.
- Preserved dhcp configuration when restarting an install.
- Modified systat(1) to allow the use of 'b' to switch to stats since boot.
- Added ucrcom(4), a driver for the serial console of certain chromebooks.
- Removed ld.so-local stack-protector handling functions on retguard systems, as hard-traps are used.
- Set the REQUEST_URI CGI variable to the requested URI and query string instead of the rewritten ones in httpd(8).
- Fixed integer overflow with an excessively large number of kqueue(2) events.
- Added support for more Intel 300 Series PCH to ichiic(4).
- Moved bgpd(8) pfkey socket to the parent process. The refreshing of the keys is done whenever the session state changes to IDLE or ACTIVE, which should behave better when reloading configs with auth changes.
- Fixed a bug in pkg_info(1) -S where version elements were ignored.
- Ensured mcx(4) completion queues are always rearmed to prevent rx or tx completion stalling.
- Adjusted unwind(8) to try to resolve the DNSSEC trust anchor only if we have a validating resolver context.
- To restore lockf(3) deadlock detection, introduced a list for all pending blocked locks to be scanned before waiting on a blocking lock in order to determine whether sleeping would cause a deadlock.
- Enforced store/load order when setting or clearing AST flag on mips64, preventing an unlikely case with inter-CPU ASTs where the receiving CPU uses stale state. Ensured that the clearing store is performed before other memory accesses, preventing potential loss of an AST request.
- Issued a write-write barrier before sending IPI on mips64, preventing a receiving CPU from observing an old state when processing the interrupt.
- Made the interrupt and trap return paths check for ASTs with interrupts disabled, fixing unintentional delay of ASTs on MP mips64.
- Fixed reloading of network statements that have no fixed prefix specification in bgpd(8).
- Fixed a logic error when configuring the alc(4) driver to use msi.
- Fixed the case where switchd(8) does not save a copy of a packet needing forwarding.
- Added support for the EFI Random Number Generator Protocol, using it to XOR random data into the buffer we feed the kernel for amd64.
- Relaxed a check in knote(9) to prevent a panic without KERNEL_LOCK().
- Began to assume eDP is present on port A when there is no VBT, making inteldrm(4) work on a Gemini Lake system (HP Stream Laptop 14-cb1XX) where finding the VBT fails.
- Improved the interaction among efifb(4), inteldrm(4) and radeondrm(4) for a serial console by introducing a 'primary' device, the one set up and used by firmware. This should help X to work correctly out of the box with multiple cards or with a serial console.
- Added mcx(4) driver for Mellanox ConnectX-4 (and later) Ethernet controllers.
- Began to allow panes to be empty in tmux(1), allowing output to be piped to them with split-window or display-message -I.
- Adjusted installer to remember 'autoconf' if install restarts.
- Added a 'forwarded' log format extending the 'combined' log format for httpd(8), allowing tracking of request origins behind a proxy. This format is compatible with log analyzers like GoAccess and Webalizer.
- Fixed endless loop / OOB write on 64 bit systems with large buffers.
- Improved man(1) matching for requests for a specific section.
- Renamed the -c option in sysupgrade(8) to -s to indicate snapshots, and implemented a -r option to force an upgrade to the next release.
- Added a -n option to sysupgrade(8) for a no-reboot option.
- Adjusted sysupgrade(8) to only fetch and upgrade if a new snapshot is available.
- Avoided opening httpd(8) log files on 'no log,' preventing startup failures where the log/directory is missing but logging is disabled anyway.
- Avoided running the activate function for a partially-attached ehci(4) driver, preventing a panic during suspend for the Realtek DASH ehci.
- Added support for the cryptographic coprocessor found on newer AMD Ryzen CPUs/APUs.
- Allowed non-root users to become master when they are the first to open a drm(4) device.
- Increased datasize and maxproc for the pbuild class in login.conf(5).
- Used the proper UAC-v2.0 request in uaudio(4) to read the device controls, fixing STALL errors in mixer requests causing the mixer to be unusable.
- Protected tun(4) wakeup with KERNEL_LOCK, rather than NET_LOCK.
- Pulled cdfs and cdrom production into the full ramdisk build for i386.
- Added a 'set_rate' method to the envy(4) codec API, allowing card-specific codec initialization code called when the sample rate is changed. Implemented this method for ESI Juli@ cards, switching the AK5385 and AK4358 chips among single-, double- and quad-speed modes depending on host sample rate and suppressing aliasing noise.
- Enabled mvmdio(4) and mvneta(4) on arm64.
- Enabled EnvyHT-specific sample rates (above 96kHz) on the host controller for envy(4) devices.
- Added support for the Armada 3720 pinctrl controller to mvpinctrl(4). This controller also includes GPIO controller functionality.
- Added mvuart(4) to support the Armada 3720's serial console.
- Added support for the Armada 3720 clocks to mvclock(4) and added mvuart(4) to support the serial console.
- Allowed enabling of regulators with the 'regulator-always-on' property.
- Added unveil(2) to chpass(1).
- Fixed user options crash in tmux(1).
- Began the process of making Makefiles more similar across architectures.
- Restricted hotplugd(8) filesystem access with unveil(2).
- Fixed a memory leak in window tree search in tmux(1).
- Added an equivalent test for master in drm_fb_helper_is_bound() for drm(4). This prevents black screens on hotplugging a new display with X(7) running, which required a vt switch.
- Added a check to ospfd(8) and ospf6d(8) that any "depend on" interfaces are in the same rdomain.
- Changed default Ruby version in ports(7) to 2.6.
- Removed the KERNEL_LOCK from the bridge(4) output fast-path.
- Cranked BUFCACHEPERCENT back down to 20 after the increase to 80 exposed a few problems.
- Started a cleanup of boot media creation and made the process use the new vnconfig(8) vnd-auto-allocate mode.
- Removed the need for the -A option from vnconfig(8).
- Silenced all of the OKs from signify(1) while it is verifying the install sets for sysupgrade(8).
- Modified syspatch(8) to default to using cdn.openbsd.org if there isn't a proper /etc/installurl.
- Changed sysupgrade(8) to re-verify the signature only for SHA256 when checking the old files.
- Regenerated moduli(5).
- Imported libdrm 2.4.98.
- Removed vnconfig(8) functionality from mount_vnd(8).
- Added sysupgrade(8), a tool to upgrade OpenBSD to the next release or a new snapshot.
- Split vnconfig(8) out of mount_vnd(8).
- Extended the maximum size of the bgpd(8) shutdown communication message to 255 bytes. Made the same adjustment to bgpctl(8).
- Fixed a potential panic in inteldrm(4) caused by an interrupt coming in before the interrupt handler is set up.
- Adjusted tmux(1) to automatically scroll when dragging to create a selection with the mouse when the cursor reaches the top or bottom line.
- Added support for the USB serial adapter found in Juniper SRX 300 to uslcom(4).
- Used unveil(2) to restrict file system access in relayd(8) to read only.
- Added a watchdog for unattended upgrade to reboot after 30 minutes in case the script halts.
- Changed most bootloaders to boot from /bsd.upgrade if it is present.
- Implemented SIOCGIFSFFPAGE in bnxt(4) so that ifconfig(1) can get transceiver information from it.
- Added the pci(4) product id for the VMware nvme(4) interface.
- Added support for ccp(4) at acpi(4).
- Added pinctrl(4) support for 'pinconf-single' devices and support for bias and drive-strength properties, needed for HiSilicon SoCs.
- Added the octiic(4) driver for OCTEON two-wire serial interfaces.
- Removed file name and line number output from witness(4), along with the wrapper for mutexes.
- Added -no-clear variants of copy-selection and copy-pipe to tmux(1) which do not clear the selection after copying.
- Checked for linkstate instead of IF_STA_POINTTOPOINT for originating router LSAs for P2P interfaces in ospfd(8), making 'passive' work on P2P interfaces.
- Modified vmm(4) to flush guest TLB entries if the guest disables paging.
- Began to change only the clock frequency and skip setting voltage on arm64 systems supporting DVFS which do not expose a regulator.
- Added support for official Linux device tree bindings and the 'stub' clocks handling CPU clock frequency on the Hi3670.
- Stopped prompting for disks that do not contain a root partition during upgrades. This defaults to the correct disk when full disk encryption is in use, and will be useful for future unattended upgrades.
- Set vlan(4) to use if_vinput instead of if_input, bypassing ifiqs and improving vlan input speeds.
- Added if_vinput so pseudo (ethernet) interfaces can bypass ifiqs, running interface input handlers directly rather than queuing the packets for a nettq to run and improving performance.
- Disabled mobileip(4).
- Added support for rxprio to gre(4).
- Implemented the roff(7) .break request, preventing infinite loops.
- Built clang(1) on powerpc.
- Used IPL_TTY to prevent 'locking against myself' panics for drm/i915.
- Fixed crashes seen with the 'intel' X driver with the new inteldrm(4) kernel driver by fixing rbtree_postorder_for_each_entry_safe() implementation.
- Fixed unreliable 'ifconfig mode' with some wireless drivers by interpreting ENETRESET from ifm_change() as success in ifmedia_ioctl().
- Added stdio pledge(2) to nl(1) after opening a file but before doing operations.
- Completed conversion of rdsetroot(8) to -lelf on alpha.
- Adjusted dma-range bufcache to 80% from 20%, to learn the downsides of this change based on user reports.
- Avoided an underflow in the rip6 delivered counter in netstat(1).
- Fixed netstat(1) statistics so 'netstat -s -f inet6 -p rip6' correctly copies out rip6counters, not ip6counters.
- Adapted radeon_detach_kms() to struct drm_device being split from drm softc. Avoids uvm_fault() when firmware is missing and radeondrm(4) is forcibly detached.
- Added a subsystem lock for vfs_lockf.c, allowing calling lf_advlock() and lf_purgelocks() without the kernel lock.
- Implemented factored-out txprio and rxprio checks.
- Implemented rxprio in mpw(4), mpe(4) and mpip(4). Added rxprio support to etherip(4) and bpe(4).
- Added support to ifconfig(8) for getting and setting rxprio, finishing support for RFC 2983. Implemented configuring rxprio in vlan(4).
- Modified pfctl(8) to always check for namespace collisions on table commands.
- Fixed pfctl(8) table definition parsing as unprivileged user, printing a brief notice if -v was given to help find duplicate definitions by hand.
- Modified sshd(8) -T to assume any attribute not provided by -C does not match, allowing it to work when sshd_config(5) contains a Match directive with or without -C.
- Released OpenSSH 8.0.
- Switched powerpc to big PIC to allow clang(1) to build libc++abi and libc++.
- Used txprio to control the use of exp as a priority field for mpw(4), mpip(4) and mpe(4). Intermediate LSPs can use the exp field to manage prioritization of encapsulated traffic.
- Prevented attaching drivers to devices for which a driver was attached early with simplebus on armv7 and arm64.
- Adjusted myx(4) i2c reads to read only one byte at a time, increasing reliability.
- Fixed sff page reads for myx(4) devices on little endian architectures.
- Rewrote rdsetroot(8) using libelf(3).
- Imported xf86-video-amdgpu 19.0.1 for amd64 and i386.
- Implemented tx mitigation by calling the hardware transmit routine per several packets rather than for individual packets. Defers calls to the transmit routine to a network taskq, or until a backlog of packets has built up.
- Introduced 'pfctl -FR' to reset pfctl(8) settings to defaults.
- Removed old -vlan and -vlandev code from ifconfig(8), using these instead as aliases for -vnetid and -parent.
- Added basic support to ifconfig(8) to display xfp and qsfp+ information.
- Implemented SIOCGIFSFFPAGE to allow ifconfig(8) to get transceiver information from myx(4) devices.
- Applied strvis(3) to strings from USB devices in usbdevs(8).
- Removed the potential for double-frees in copied cipher data by zeroing and freeing following EVP_CIPHER_CTX_copy() in evp(3). Used calloc(3) when allocating cipher_data to avoid use of uninitialized memory.
- Updated shared drm code, inteldrm(4) and radeondrm(4) to linux 4.19.34. This adds support for Intel Broxton/Apollo Lake, Amber Lake, Gemini Lake, Coffee Lake, Whiskey Lake, Cannon Lake and Ice Lake hardware.
- Stopped using splnet(9) when running the network stack now that it is using the NET_LOCK for protection, reducing latency spikes.
- Increased information displayed for -v and -vv options for tcpdump(8) during md5 authentication.
- Added missing compatibles for newer Linux kernel bindings to mvpinctrl(4).
- Fixed a leak in SSL_dup_CA_list() in ssl(3).