Sat. Jun 6th, 2020

OpenBSD 6.7 releases, Unix-like operating system

3 min read

OpenBSD is a derived from NetBSD Unix-like operating system. Project leader Theo de Raadt launched an OpenBSD project in 1995 to create a secure operating system, and OpenBSD is also known for its high-quality documentation, open-source, and strict software licensing.

openbsd disable Hyper-Threading

Changelog v6.7

General improvements and bugfixes:

  • Reduced the minimum allowed number of chunks in a CONCAT volume from 2 to 1, increasing the number of volumes which can be created on a single disk with bioctl(8) from 7 to 15. This can be used to create more partitions than previously.
  • Rewrote the cron(8) flag-parsing code to be getopt-like, allowing tight formations like -ns and flag repetition. Renamed the “options” field in crontab(5) to “flags”.
  • Added crontab(5) -s flag to the command field, indicating that only a single instance of the job should run concurrently.
  • Added cron(8) support for random time values using the ~ operator.
  • Allowed cwm(1) configuration of window size based on percentage of the master window during horizontal and vertical tiling actions.
  • Allowed use of window-htile and window-vtile with the “empty” group clients in cwm(1).
  • Switched powerpc to a machine-independent mplock implementation, allowing use of witness(4).
  • Added acpi(4) support for the _CCA method, indicating whether DMA is cache-coherent.
  • Switched the default compiler on powerpc to clang.
  • Bumped nvme(4) max physio() i/o size to 128K.
  • Improved apmd(8) support for automatic suspend/hibernate (-z/-Z). The daemon now reacts to power changes messages sent by the battery driver. Those messages are ignored for 60 seconds after a resume, so that the user can take control before the machine goes back to sleep.
  • Prevented a kernel hang when no unlocked ffs_softdep worklist items could be processed.
  • Stopped counting pages mapped as PROT_NONE against the RLIMIT_DATA limit, helping code which reserves large chunks of address space but populates it sparsely.
  • Added the $REQUEST_SCHEME variable to httpd.conf(5), allowing preservation of the original connection type (http or https) for redirect locations
  • Implemented “strip” option in httpd.conf(5) for fastcgi to be able to have multiple chroots under /var/www for FastCGI servers.
  • Changed httpd(8) to send a 408 response when a timeout happens while headers are being received, but close the connection if no request is received.
  • Updated en_US.UTF-8.src to Unicode 12.1.
  • Added a new __tmpfd system call which creates a new, unnamed file in /tmp, intended for shm/fd passing, but in programs that may otherwise lack filesystem access (due to restrictions imposed by unveil(2) or pledge(2)).
  • Imported dt(4), a driver and framework for Dynamic Profiling, and an accompanying bug tracer that speaks the dt(5) language.
  • Added a human-readable mode (-h) to systat(1).
  • Implemented scrolling in top(1) using the 9 and 0 keys.
  • Added timeout_set_flags(9) and TIMEOUT_INITIALIZER_FLAGS(9) to the timeout API, allowing the caller to initialize timeouts with arbitrary flags.
  • Introduced TIMEOUT_SCHEDULED flag and tos_scheduled statistic to timeout(9).
  • Switched to tickless backend in timeout(9), adding new interface timeout_add_ts(9) to avoid backwardly compatible behavior.
  • Added the system clock interface nanoboottime(9), returning the UTC time at which the system booted in seconds and nanoseconds.
  • Introduced efficient page freeing in reverse order from uvm, greatly improving cases of massive page freeing.
  • Added uvm_objfree to uvm to efficiently free all pages from a uvm object, used in the buffer cache for considerable speedup when freeing pages.
  • Modified buffer cache to use individual uvm_objs per buffer to speed page lookups.
  • Speed up sort(1) by not performing a top-level sort when -c is used with a -k field.
  • Modified -z mode verification in signify(1) to save the header and output it, so signify -zV >saved.tgz will keep the signature for later checks.
  • Enabled DNSSEC validation in unbound(8) by default.
  • ntpd(8) now does constraint validation against and 2620:fe::fe by default.
  • Fixed arp(4) issues created by dhclient(8) modifying existing routes.
  • Fixed resolv.conf(5) handling by dhclient(8) when an interface loses link.
  • Restored previous dhclient(8) behaviour of rejecting leases that lack a subnet mask.
  • Enabled dhclient(8) to configure carp(4) interfaces.
  • Fixed dhclient(8) releasing leases without a server identifier.
  • Improved dhclient(8) NAK handling in various corner cases.
  • Fixed dhclient(8) endlessly sending REQUEST messages when an ACK is never received.
  • Prevented dhcpd(8) from referencing freed memory when releasing a lease with an unusually long uid.
  • Corrected parsing of classless static default route “0/0” in dhcpd.conf(5).
  • Increased to 15 the number of softraid(4) CONCAT volumes that can be created on a single disk.
  • Fixed softraid(4) CRYPTO volumes on 4K-sector disks.