At the time of writing, the amount raised in 2022 stands at a little over 50% of the stated goal.
The Foundation needs your help to sustainably fund the project. Please head over to the Foundation's donations page, and make sure you drag your employer over there too!
With about 30 days left in 2022, we know we can do it!
misc@with the subject "Locking network card configuration" where the problem description is, when two or more network interfaces are attached to the same USB bus, their numbering may not be entirely predictable. The question is, what workarounds are possible?
The thread, where several developers offered their insights, and which soon migrated to
tech@ with the subject switched to "lladdr support for netstart/hostname.if (was: Re: Locking network card configuration)" and later "lladdr support for netstart/hostname.if" turned up several suggestions, with several patches, and potential support for link level address (MAC address) tied configuration via a new
hostname.MAC(5) file to supplement the more familiar
hostname.if(5) config file, complete with corresponding
Please read the messages and patches, and if you have useful input for the developers on this, please chime in via
tech@ or in comments here if you prefer.
Once again, an interesting feature that may materialize for testing in snapshots in the near future.
techmailing list, Theo de Raadt (
deraadt@) summarized the state of the new memory protections work. The thread also includes a followup from Otto Moerbeek (
otto@) on consequent changes to the memory allocation mechanisms.
From: "Theo de Raadt" <deraadt () openbsd ! org> Date: Fri, 18 Nov 2022 03:10:05 +0000 To: openbsd-tech Subject: More on mimmutable [LONG] I am getting close to having the big final step of mimmutable in the tree. Here's a refresher on the how it works, what's already done, and the next bit to land. DESCRIPTION The mimmutable() system call changes currently mapped pages in the region to be marked immutable, which means their protection or mapping may not be changed in the future. mmap(2), mprotect(2), and munmap(2) to pages marked immutable will return with error EPERM.
tobhe@) posted to
tech@asking people with access to the relevant hardware to test updates to the arm64 bootloader code:
From: Tobias Heider <tobhe () openbsd ! org> Date: Fri, 18 Nov 2022 16:57:12 +0000 To: openbsd-tech Subject: Help testing Apple M1/M2 bootloader update Hi all, we are working on automated bootloader and device-tree updates for Apple Silicon machines. This is necessary because both drivers and device trees are moving targets and without a way to update both we end up in situations where drivers suddenly stop working.
* got 0.79; 2022-11-08 - repair build on OpenBSD/sparc64 (patch by Ted Bullock) - fix crash in gotd if client gets disconnected on error (reported by Mikhail) - fix crash in got-send-pack when server does not announce any capabilities - make gotd work as intended on an empty repository - prevent freeing of bogus pointers in got_inflate_end() and got_deflate_end() - reduce delta cache size to avoid running out of memory on large pack files - add missing free of delta buffers in several error paths - make 'got clone -b' work for repositories which lack a valid HEAD reference - use sub-second precision when checking for objects/pack/ modification - fix capabilities announced by gotsh when no references exist in repository
CVSROOT: /cvs Module name: src Changes by: firstname.lastname@example.org 2022/11/08 04:05:57 Modified files: sys/kern : syscalls.master Log message: Mark mmap(2), munmap(2) and mprotect(2) as NOLOCK. Accesses to data structures used by these syscalls are serialized by the VM map lock with the exception of file mappings which are still protected by the KERNEL_LOCK(). Unlocking this set of syscalls improves most of userland workloads. Tested by many including robert@ (since 2 years), mlarkin@, kn@, sdk@, jca@, aoyama@, naddy@, Scott Bennett and others. Thanks to all! Joint work with kn@. ok robert@, aja@, kettenis@, kn@, deraadt@, beck@
The improvement in workload performance can
be quite marked.
request for testing,
Mike Larkin (
reported build performance improvement of over 12%!
* got 0.78; 2022-11-03 - gotsh.1: Use Sx for referencing EXAMPLES (patch by Josiah Frentsos) - change got_pack_parse_offset_delta tslen argument to size_t (op) - fix regression test failures with Git 2.30.5 / 2.38.1 or later installed - fix gotd(8) usage() string (patch by Josiah Frentsos) - regress/rebase.sh: remove accidentally included absolute path to "got" (naddy) - fix off_t type mismatches in printf format string arguments (naddy, op) - fix spelling of "FastCGI" (patch by Josiah Frentsos) - add missing `goto done;' on error path of read_raw_delta_data() (op) - add bounds check when reading a delta offset from a packed object (op) - check size before calling mmap(2) (op) - sort getopt() option lists and switch statements (patch by Josiah Frentsos) - make got.conf(5) warn about remotes configured in locally-shared repositories - add missing check for errors from got_gotconfig_read() in open_worktree() - plug a memory leak on error in got_gotconfig_read() - convert pack filesize variables to off_t for large packs on 32-bit arch (op) - remove sendfd pledge promise from gotd repo_read and repo_write processes - add gotctl(8); initially supported commands are 'info' and 'stop' - respect umask when creating or changing files and directories (op) - fix typo which caused a double-free in gotd repo_write_shutdown() - got-fetch-pack: fix wrong memmove length leading to dubious checksum failures - avoid incomplete writes of pack file data in gotsh and got-send-pack - add a test suite for gotd(8); check basic clone and send functionality - require space between commit author name and email, for Git compatibility - gotwebd: avoid 500 error code if erroring out in plaintext mode (landry) - gotwebd: add respect_exportok flag, defaulting to off (landry) - respect open files resource limit when sizing pack cache; regression from 0.71 - provide a diff of changes in a temp file while editing a commit log message - fix memory and file descriptor leak for raw objects (regression from 0.77) - remove casts which made older gcc versions unhappy - fix free of wrong address on error in gotweb's parse.y
We have released LibreSSL 3.6.1, which will be arriving in the LibreSSL directory of your local OpenBSD mirror soon. This is the first stable portable LibreSSL release from the OpenBSD 7.2 branch. It includes the following fixes from LibreSSL 3.6.0: - Custom verification callbacks could cause the X.509 verifier to fail to store errors resulting from leaf certificate verification. Reported by Ilya Shipitsin. - Unbreak ASN.1 indefinite length encoding. Reported by Niklas Hallqvist. - Fix endian detection on macOS Reported by jiegec on Github For the changes from LibreSSL 3.5.x, see the 3.6.0 release notes here: https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.0-relnotes.txt The LibreSSL project continues improvement of the codebase to reflect modern, safe programming practices. We welcome feedback and improvements from the broader community. Thanks to all of the contributors who helped make this release possible.