This selection is intended to include all important and all
user-visible changes. For a complete record of all changes, please
see the "source-changes" mailing list, called "OpenBSD CVS" in the
archives, or use
CVS.
Do not access VM spaces of exiting processes in sysctl(2).
Avoid 'non-zero mutex count: 1' panic when GuC submission is enabled on gen 12 Intel (Alder Lake, Meteor Lake).
Enable GuC submission on Meteor/Arrow Lake.
Add a 'mach fwsetup' command, which uses the EFI OsIndications feature to reboot the machine into the firmware setup interface, if supported.
Teach btrace(8) how to resolve addresses in callstacks to symbols.
Adapt acme-client(1) renewal calculation for shortlived certificates.
Make rpki-client(8) abort transfers from servers that send excessive data.
Log at level INFO when PerSourcePenalties actually blocks access to a source address range.
Add rge(4) support for RTL8127 Ethernet controller.
Install reject route for prefix delegation, preventing potential routing loops.
Fix TCP keepalive intervals.
Introduce new DL_PARTNUM2NAME() and DL_PARTNAME2NUM() inline functions to replace the unusable 'a'+partnum and partnum-'a' patterns throughout the tree.
Add bus_space(9) implementation for SEV-ES using the GHCB protocol, making OpenBSD work with SEV-ES on kvm/qemu in 1-vCPU VMs.
Update libexpat to version 2.7.3.
Bundle libpng 1.6.50 into libfreetype for displaying emojis.
Use 128 segments for DMA maps of TSO packets in ixl(4) and ice(4) for performance gain.
Do not limit numeric host address conversion by family in resolv.conf.
Add rpipwm(4), a driver for the PWM controller on the RP1 chip.
Add rpiclock(4), a driver for the clock controller on the RP1 chip.
Fix uninitialized firmware path being used in qwx(4) error messages.
Double the size of the amd64 unhibernate chunk table for machines with large amounts of memory.
Make tcpdump -y IEEE802_11_RADIO show more useful information on qwx(4).
Fix HT capabilities announced by qwx(4) for Rx performance.
When adding certificates to an agent with ssh-add(1), set the expiry to the certificate expiry time plus a short (5 min) grace period (or disable with ssh-add -N).
Correct family test when setting Zenbleed chicken bit on i386.
Run ND6 timer at most once per second to stop taking netlock.
Limit softnet threads to number of CPU.
Implement Canonical Cache Representation filemode decoder in rpki-client(8)
Log optional NOTIFICATION data for UPDATE errors if verbose is set in bgpd(8).
Add rpirtc(4), a driver for the firmware-managed RTC on the rpi5.
Make vi(1) 'p' command paste in the correct place.
Add Canonical Cache Representation output to rpki-client(8).
Add support for the BCM2712 PCIe controller.
Update build infrastructure for libunwind-, libcxxabi- and libcxx-19.1.7, giving us a modern c++ library in base.
Improve bwfm(4) stability on the Apple MacBook Air M2.
Add bcmmpi(4), a driver for the MSI controller found on the BCM2712 SoC that remaps MSI to GIC SPIs and acts as a companion MSI controller for bcmpcie(4).
Update build infrastructure for compiler-rt-19.1.7.
Import compiler-rt, libunwind, libcxxabi and libcxx from llvm-19.1.7.
Implement support for "vmmc-supply", needed to power on the WiFi chip on the rpi5.
Fix booting certain linux guests in vmd(8) by loading the full SeaBIOS image in lower bios memory.
Add bcmstbpinctrl(4), a driver for the pin muxing controller found on the rpi5.
Add CPU feature detection for ADX on amd64.
Stop attaching Yubikey as keyboards to avoid accidental output from OTP support.
Unlock ICMPV6CTL_ND6_MAXNUDHINT case of icmp6_sysctl().
Remove net.inet6.ip6.soiikey sysctl.
Unlock the ICMPV6CTL_MTUDISC_*WAT cases of icmp6_sysctl().
Simplify vmd(8) ipc setup in proc.c, removing a security issue where an attacker controlling one end of an imsg channel could craft a message to cause out of bound access array access.
Update to pixman 0.46.4.
Mark vmwpvs interrupt handler mpsafe, and take the kernel lock around calls into the scsi midlayer to add and remove devices.
Have qwx(4) announce HT capabilities to make APs send packets more quickly.
Fix qwx(4) 11n mode against APs which support A-MSDU inside A-MPDU.
Handle ssh localtime_r() failure by returning "UNKNOWN-TIME" which is only used in user-visible contexts.
Make USB ports useable after s0ix resume on AMD 19h/7xh.
Add a warning when the ssh(1) connection negotiates a non-post quantum safe key agreement algorithm.
Add a new -q ("quiet") option to rc.d(8) and rcctl(8) to skip display of the script name and result.
Add support for the SDHC controllers found on the Raspberry Pi 5.
Add bcmstbgpio(4), a driver for the new GPIO controller found on the Raspberry Pi 5.
Increase vmd(8) guest bios area to fit 4 MiB images.
Unlock the KERN_MAXCLUSTERS case of kern_sysctl().
Allow fdisk(8) creation/recovery of GPT partitions with arbitrary types.
Deprecate ssh(1) support for IPv4 type-of-service (TOS) IPQoS keywords.
Unlock ip6_sysctl().
Make apm and hw.cpuspeed work on Snapdragon X Elite machines.
Fix vi(1) crash with expandtab and running external commands.
Support ed25519 keys hosted on PKCS#11 tokens.
Remove unused sysctl_quad.
Prevent possible qwx(4) fatal firmware error while roaming between bands.
Remove sleeping malloc(9) from complicated locking sysctl(2) locks, but keep kernel lock only around sensordev_get() and sensor_find().
add a ssh_config(5) RefuseConnection option that, when encountered while processing an active section in a configuration file, terminates ssh(1) with an error message that contains the argument to the option.
Fix the match() and attach() functions for imt(4) and umt(4).
Load the correct iwx(4) firmware on QuZ devices which use RF JF1/JF2.
Increase softnet kernel threads from 4 to 8.
Add initial support in qcdpc(4) and qcdrm(4) for the MSM Mobile Display Subsystem, with support for the AUX channel of the DisplayPort controllers and the backlight control on eDP panels.
Implement route sourceaddr handling in icmp6 reflection.
Use shared netlock and socket lock for closing sockets.
Add rtable_read(), a "reader" variant of rtable_walk, which doesn't give up the rtable lock when calling the rtentry handler.
Change ownership of the fontconfig cache to the _fc-cache user to run unprivileged when installing fonts.
On arm64 and riscv64, avoid multiple threads of a process continuously faulting on a single page when pmap_enter(9) is asked to enter a mapping that already exists.
Add cpu_xcall(9), an API for cpu xcalls (crosscalls), allowing dispatching of code to run on the specified cpu from an intr context.
Make rpki-client(8) signature checks for certs more complete.
Fix various issues with arm64 backtraces.
Enable LTS in the octeon installer.
Add an MI mechanism for creating an (unmapped) guard page between the PCB and the kernel stack and enable on 64-bit architectures with 4k pages.
Prevent installing a corrupted /bsd on relink errors.
Fix potential refusal of new sshd(8) connections due to mistracking MaxStartups process exits.
Bump maximum message size in the messaging layer between sshd-session and sshd-auth from 256kb to 4MB and implement an early check with sshd(8) -t test mode for the user.
On Apple variants, enter DDB when exuart(4) detects a BREAK.
Avoid a 'pool busy: still out' panic seen when radeondrm(4) firmware is missing on non-efi installs.
Stop setting the .Lk URI in bold font in mandoc.
Allow SEV-ES enabled guests to run on vmm(4)/vmd(8).
Print GPT partitions in offset order rather than partition # order and add explicit descriptions of free chunks to fdisk(8).
Stop tar(1) from exiting silently if the mtime didn't fit in the ustar header when writing out the extended headers.
Allow fdisk(8) interactive editor's 'edit' to accept GPT partition names and menu descriptions as partition IDs.
Do not call ifq_restart() if no space has been made on the Tx ring in several drivers, preventing them from getting stuck in OACTIVE.
Add S: to list tmux(1) sessions with modifiers for sorting.
Switch solisten() from exclusive to shared netlock.
Have icmp_reflect use route sourceaddr, making it behave like the in_pcb source address selection.
Make sndiod(8) use per-program level controls instead of per-client.
Fix dead USB ports after suspend/resume on the Z13.
Remove sysctl for divert6 recv and send space.
Handle sockets that are closing in parallel.
Enable the interactive partition editor's 'edit' command to accept -R style compact GPT partition descriptions.
Introduce a generic powerbutton_event() function that does everything we expect from a power button event in a consistent manner, ensuring all drivers now prevent shutdown within the first 10 seconds after resume.
Update to xterm 399.
Provide m_pool_alloc() failures in mbstat, making the count visible in netstat(1) -m.
Remove newbsd.gdb rather than bsd.gdb from reorder_kernel, saving ~100M-250M on /usr/share.
Implement qcpwm support for the "high resolution" PWMs as found on the x1e80100 machines.
Make rpki-client(8) -v report particularly inefficient HTTP/RRDP transfers.
Import clang, lld and lldb from llvm-19.1.7.
Import llvm-19.1.7.
Fix socket leak in TCP SYN cache.
Implement support for wakeup interrupts in amdgpio(4), making it possible to resume laptops with AMD CPUs from S0ix suspend.
Allow port numbers in API URLs, letting acme-client(1) talk to Let's Encrypt's pebble server.
Change dhcpd(8) to use the rdomain/rtable it was started in.
Change to using the number of CPUs as the upper bound for the exponential backoff in mtx_enter() to prevent hangs on machines like the 80 CPU Ampere Altra.
Use add_protocol to integrate syncfd into the poll fd handling for dhcpd(8), preventing dhcpd sync setup failure.
Add ibufq API to support multithreaded use of ibufs.
Stop bogus "wsdisplay_switch2: not switching" rasops warnings.
Make exit(), fclose(), fflush(), and freopen() comply with POSIX-2008 requirements for setting the underlying file position when flushing read-mode streams, and make an fseek()-after-fflush() not change the underlying file position.
Implement charge limits on qcpas(4) firmware that support it.
Use timingsafe_memcmp when comparing authenticators to ensure constant-time behavior and avoid potential timing side channels.
Implement lid suspend/resume for lids that use a GPIO.
Let the last thread of a process teardown its VM space in exit1().
Export TCP send congestion window for IPv6 also to allow its display with netstat(1) -B.
Add option for vmd.8 to run guests in AMD SEV-ES mode and keyword "seves" for vm.conf(5) to enable it.
Ignore inteldrm opregion backlight requests if we're using native backlight control, fixing some strange brightness changes.
Fix~5s delay on X client startup when ObscureKeystrokeTiming is enabled in openssh.
Fix an inteldrm(4) problem with GuC failing to initialise on hibernate resume.
Move the kernel to using nanoseconds for the sleep time argument instead of ticks. Userland functions don't change but precision is no longer lost converting nanoseconds into ticks.
Add producer/consumer locking, coordinating code producing or updated data and code wanting a consistent read of the data.
Fix pf(4) to allow TCP RST packets in the backwards window if ACK matches.
When there's more than one x11 channel in use in ssh(1), return lastused of most recently used x11 channel instead of the last one found.
Fix processing of GPIO events for pin numbers less than 256 with an _EVT method. Fixes power button on various thinkpads with AMD CPUs.
When fdisk(8) GPT_recover_partition() finds a partition offset of 0 use the first usable LBA of the largest chunk of free space.
Allow ssh(1) X11DisplayOffset to configure higher port ranges.
Provide an EC method that uses homogeneous projective coordinates.
Implement EC field element operations.
Disable libcrypto assembly on arm.
Introduced a new gprof profiling system using profil(2) system call and removed the monstartup(3) interface.
Add [-w percent] and /etc/apm/warnlow hook to apmd(8).
Switch the default PBMAC to hmacWithSHA256.
Switch default to PBES2 for openssl pkcs8 -topk8.
Have timeout_add_nsec/usec/msec wait at least their specified time.
Made acme-client(1) handle "processing" status by retrying.
Implement a ddb.suspend sysctl that will force "S0ix" suspend and skip suspend of inteldrm(4) and amdgpu(4) such that the display remains on during suspend.
Add -t and -V options from tzcode2013d to zdump(8).
Add acpiwmi(4), a basic WMI driver with support for ASUS laptops.
Import IIJ's iwatch as watch(1), which periodically executes a command and displays its output.
Use a FIFO queue for passing dead threads to the reaper, reducing latency with large numbers of CPUs and jobs.
In ksh(1) VI mode, prevent display corruption when the command line being edited starts with a UTF-8 continuation byte.
Allow packets being sent out pppoe(4) interfaces to bypass queues and go straight onto the underlying interface.
Disallow nc(1) -T with = when arguments are not key=value pairs.
Add support for the ERSPAN Type II protocol as erspan(4).
Correct fw_update deletion of files with spaces.
Make vmd(8) imsg objects opaque and sanitize char[]s.
Add R format modifier to tmux(1) to repeat an argument.
Add -E to run-shell to forward stderr as well as stdout in tmux(1).
Make EVFILT_TIMER mp-safe.
Added a sparc64-specific _raw flavour to the softintr routines for those drivers that need ot be able to schedule soft interrupts at actual hardware levels.
Fix an rm(1) bug where "mkdir exampledir; ln -s examplelink exampledir; rm examplelink/" didn't remove exampledir like POSIX requires.
Move ipsec-enc-alg, ipsec-auth-alg and ipsec-comp-alg sysctl(2) variables out of netlock.
Make sysctl(2) clear and fill memory within same mutex block.
Add missing multicast counter mfc_looksups and mfc_misses to netstat(1).
Add mp-safe multicast stats with per cpu counters.
Make lo(4).4 attach multiple interface queues, allowing local network connections to use multiple softnets.
Fix sign of %z output in zic(8), and add DST offset.
Cache socket lock during TCP input.
Introduce bpflogd(8) to capture packets from BPF and write them to a log file.
Fix ftp(1) fetch behavior around bad URL command line arguments.
Remove DSA signature support from OpenSSH.
Add lldp(8) -s socket to allow connecting to an lldpd(8) on a different unix socket.
Move agent listener sockets from /tmp to under ~/.ssh/agent for both ssh-agent(1) and forwarded sockets in sshd(8). Add ssh-agent(1) -U, -u and -uu flags relating to socket cleanup and -T to return the socket to /tmp.
Fix race in TCP SYN cache get.
Add installer preference for disks bigger than 1G as default root disk.
Add an option variation-selector-always-wide to instruct tmux(1) not to always interpret VS16 as a wide character and assume the terminal does likewise.
Stop adding interfaces with blackhole and reject routes to the egress group, even if a default route points at them.
Enable af_frame, paving the way for lldp support in base.
Update to libSM 1.2.6.
Update to libICE 1.1.2.
Update to libX11 1.8.12.
Update to xtrans 1.6.0.
Stop allowing readdir and readdirplus NFS operations on non-directory vnodes.
Avoid timeout_del_barrier when cancelling the timeout in sleep_finish.
Prevent pkg_add(1) update from advising file removal appropriate only when deleting packages.
Make it possible to run the upper part of the fault handler in parallel.
Remove the functionality of fs.posix.setuid sysctl.
Fix pool corruption in qwx(4) devices when the interface goes down.
Run TCP input in parallel on multiple CPUs. Mark the protocol input function tcp_input() as MP-safe.
Add mqtt and secure-mqtt to etc/services.
Add psp(4)ioctl(2) to encrypt and measure state for AMD SEV-ES.
Add more features for boolean expressions in tmux(1) formats.
Add MI high-level software interrupt dispatcher, providing a common subsystem for the high-level allocation, scheduling, and dispatching of soft interrupts.
Allow tmux(1) bind -r and -N to change an existing key binding if no command is specified.
Make qcscm(4) attach at acpi(4) letting qcom machines that use qcscm also access EFI variables in ACPI mode.
