flak rss random

openbsd changes of note 623

There may have been a hackathon.

Fix a mbuf leak when reflecting an ICMP packet with IP options. Errata.

Add an idle cycle implementation for R4600/R5000/RM7000 CPUs to use less power.

Tweak sparc64 membars (memory barriers) as a step toward making them usable in userland (librthread).

Other changes to unify and simplify atomic operations, to reduce differences between platforms and between kernel and userland. Allows more code reuse.

Pretty print 1.3.6.1.4.1.311.60.2.1.1, 1.3.6.1.4.1.311.60.2.1.2, and 1.3.6.1.4.1.311.60.2.1.3 in EV certificates.

Add an efi.h header. The first part of support for the kernel to use EFI runtime services.

Suppress clang warnings in the drm code since we don’t want to fix it.

Remove broken save and restore code from trek.

Have patch detect git looking patches and automatically strip off the first path component.

Make ldapd work on filesystems with large block sizes.

Migrate relayd to use libtls for TLS.

Make room for another 4MB (not GB) of .text in sparc64 kernels. Kernels have recently crossed the previous limit of 8MB which causes them to crash immediately after boot. Code bloat is everywhere. Things should be good for another few weeks at least.

Several fixes to getty to avoid leaving the terminal in a strange state.

Use the EFI memory map to discover RAM on arm64. It tells us what reserved memory to avoid.

Allow OpenBGPD to selectively choose which local ASN to use per-peer. Also, dragons and grues.

The ultimate slacker tool, slaacd (stateless address autoconfiguration daemon) receives lots of attention and fixes. Enabled by default.

Suspend and resume code for nvme. Add hibernate support, too.

Add a timeout in rc for daemons that don’t appear to start correctly.

New mutex and condvar implementations for librthread based on futex. Kernel side, use copyin32 to implement futex now that every platform has it.

Critical fixes to the airport file.

Add support for SVM (AMD virtualization extensions) to vmm.

Randomize link-order of libcrypto as we do with libc. Often used in security sensitive contexts and contains lots of tiny functions with interesting epilogues.

A regress test for sparse files and mmap that has caused trouble in the past.

Change the mmap based ksh history file with a simpler plaintext format. There is a magic sed command to upgrade.

Add back clustered read code for MSDOS. Big performance boost for slower USB sticks.

Remove lots of old fonts that aren’t even built into the kernel.

Build more kernels and bootloaders with -ffreestanding to improve clang compat.

Improve rate handling in wireless stack.

Make gcc move switch tables into .rodata instead of .text on i386/amd64. This eliminates the necessity for a program to read its own code. (Makes execute only memory a possibility.)

Move IPv4 & IPv6 incoming/forwarding path, PIPEX ppp processing and IPv4 & IPv6 dispatch functions outside the KERNEL_LOCK() and use the NET_LOCK() to serialize access to most global data structures. IP input queues are no longer used in the forwarding case, but exist as the boundary between the network and transport layers because TCP/UDP & friends still need the KERNEL_LOCK().

Allow replacement of UTF-8 characters in ksh while in vi mode.

Block IPv6 packets with hop by hop options header by default in pf.

Posted 31 May 2017 14:43 by tedu Updated: 31 May 2017 14:43
Tagged: openbsd