OpenBSD Journal

Theo de Raadt (deraadt@) has committed -fret-clean for clang: CVSROOT: /cvs Module name: src Changes by: deraadt@cvs.openbsd.org 2024/06/02 09:40:43 Modified files: gnu/llvm/clang/include/clang/Driver: Options.td gnu/llvm/clang/lib/Driver/ToolChains: Clang.cpp gnu/llvm/llvm/lib/Target/X86: X86.h X86TargetMachine.cpp gnu/usr.bin/clang/libLLVMX86CodeGen: Makefile share/man/man1 : clang-local.1 Log message: add -fret-clean option (amd64 and i386 only at first), defaulting to off. This causes the caller to cleans the return address off the stack after a callq completes. The option is best used in low-level libraries (such as libc), because libc contains low-level system call stubs. The option reduces hints (found on the stale parts of the stack) about libc.so's mapping location, and together with random-relinking, relro got/pic, and xonly makes some exploit methods more difficult. ok mortimer, mlarkin, much discussion with kettenis, in snaps for 2 weeks.

See our earlier article for more discussion.

For now, this is only for amd64 and i386.

Future versions of OpenBSD may include core system libraries and binaries built with logic to remove return addresses off the stack. With this in place, whole classes of bugs would be harder to exploit.

In a message to the tech@ mailing list titled clang -fret-clean: cleaning return addresses off stack, Theo de Raadt (deraadt@) explains how this would work and includes code to implement the feature for the X86 architecture only:

List: openbsd-tech Subject: clang -fret-clean: cleaning return addresses off stack From: "Theo de Raadt" <deraadt () openbsd ! org> Date: 2024-05-25 6:18:59 There are many address space mitigations in play now which make standard control-flow methods and ROP-style methods more difficult than ever before. None of them are a silver bullet; added up they are a big deal, but noone is saying they are a comprehensive solution, One thing I've worried about for a while is that program bugs being exercised tend to happen in the main program, or in some large library. But many types of attack methodology require reaching system calls via libc, in as direct and simple fashion as possible. ASLR location of libc has made that a bit harder, boot-time random relinking of libc makes it even more difficult. But there's a few things which do hint at where libc is mapped.

Read more…

As you may be aware, OpenBSD runs on Apple Silicon M series processors, thanks to the efforts of the OpenBSD/arm64 developers.

For those running our favorite operating system alongside the Apple product, sometimes special measures are needed, though.

Mark Kettenis (kettenis@) sent a message titled Important message for Apple Silicon OpenBSD/arm64 users to the misc@ and arm@ mailing lists, warning about possible firmware issues:

Subject: Important message for Apple Silicon OpenBSD/arm64 users From: Mark Kettenis <mark.kettenis () xs4all ! nl> Date: 2024-05-21 20:54:21 As indicated here: https://social.treehouse.systems/@AsahiLinux/112449204541186432 The system firmware that comes with macOS Sonoma 14.5 triggers a bug in the m1n1 bootloader that is used to boot OpenBSD on these machines. The bug will prevent OpenBSD from booting on some machines after the macOS update has been installed. The recommended fix is to update the "stage1" m1n1 by booting into macOS and running:

Read more…

YES! KDE6 landed in OpenBSD -current

Rafael Sadowski (rsadowski@) writes in his most recent blog entry on KDE6 on OpenBSD, and goes on to say

We are currently in an excellent phase ahead of the upcoming OpenBSD release 7.6, which gives us plenty time to thoroughly test KDE Plasma 6. My goal is to make sure it works well and is stable for everyone.

Also worth noting is some still in progress work, Stay tuned for more updates as we progress towards the integration of KDE Plasma 6 into OpenBSD 7.6.

But don't just take our word for it, read the whole thing, KDE6 on OpenBSD over at Rafael's blog. There you will find detailed descriptions of how to perform the upgrade, and a video of the important points.

With the following commit, Damien Miller (djm@) commenced the process of splitting sshd(8) into multiple binaries:

CVSROOT: /cvs Module name: src Changes by: djm@cvs.openbsd.org 2024/05/16 18:30:24 Modified files: usr.bin/ssh : Makefile Makefile.inc auth-rhosts.c auth.c auth.h auth2-gss.c auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c auth2-pubkey.c auth2.c channels.c kex.c kex.h kexgexs.c misc.c misc.h monitor.c monitor.h monitor_wrap.c monitor_wrap.h msg.c packet.c packet.h pathnames.h servconf.c servconf.h serverloop.c session.c ssh_api.c sshd.c usr.bin/ssh/sshd: Makefile Added files: usr.bin/ssh : sshd-session.c usr.bin/ssh/sshd-session: Makefile Log message: Start the process of splitting sshd into separate binaries. This step splits sshd into a listener and a session binary. More splits are planned.

Read more…

Is the classical TCP congestion control mechanism known as Nagle's algorithm (RFC 896 - Congestion Control) headed for the scrap heap of history?

A recent post on tech@ titled Add sysctl to disable Nagle's algorithm (RFC 896 - Congestion Control) from Job Snijders (job@) with a patch to implement the disabling sysctl indicates that some at least think that deprecation is in order.

The message leads in,

List: openbsd-tech Subject: Add sysctl to disable Nagle's algorithm (RFC 896 - Congestion Control) From: Job Snijders <job () openbsd ! org> Date: 2024-05-13 18:41:55 Dear all, Back in the early 1980s, a suggestion was put forward how to improve TCP congestion control, also known as "Nagle's algorithm". See RFC 896. Nagle's algorithm can cause consecutive small packets from userland applications to be coalesced into a single TCP packet. This happens at the cost of an increase in latency: the sender is locally queuing up data until it either receives an acknowledgement from the remote side or sufficient additional data piled up to send a full-sized segment.

Read more…

The LibreSSL project has announced the release of [bugfix] version 3.9.2 of the software:

We have released LibreSSL 3.9.2, which will be arriving in the LibreSSL directory of your local OpenBSD mirror soon. It includes the following change from LibreSSL 3.9.1: * Bugfixes - OpenBSD 7.5 errata 003. A missing bounds check could lead to a crash due to dereferencing a zero-sized allocation. The LibreSSL project continues improvement of the codebase to reflect modern, safe programming practices. We welcome feedback and improvements from the broader community. Thanks to all of the contributors who helped make this release possible.

Version 0.99 of Game of Trees has been released (and the port updated).

* got 0.99; 2024-05-05 see git repository history for per-change authorship information - make 'got fetch' work with URLs which refer to $HOME via a tilde: ~user - replace strftime %G-%m-%d with %F to prevent 2024-12-30 -> 2025-12-30 - fix spurious errors from got-fetch-http when server has no more data to send - prevent gotd notification process from exiting due to EPIPE - fix I/O hangs with TLS in got-notify-http - document http and https protocol support in got.conf(5), too - fix an fd leak in gotd's notify process causing endless CPU spin - back out got stage -R option addition; deemed too inconvenient in practice - fix got-fetch-http GET request URL; add leading slash and avoid double slashes - allow custom GOT_TEST_HTTP_PORT when running regression tests - gotwebd: add magic ".git" handling; try foo.git if repository foo is not found - expose authenticated gotd user account in HTTP notifications - gotd.conf(5) HTTP/JSON documentation fixes - fix endless loop upon Ctrl-D (EOF) input during got stage/unstage/revert -p - make gotd notifications work when 'git push' is used instead of 'got send' - make got stage -p behave the same way in interactive and -F modes for 'q' - fix lingering gotd processes from clients closing connections early - regress: prevent spurious failure of gotd test_clone_basic_access_denied - fix an issue where 'git fetch' would error or hang against gotd - use polling read in got_pkt_readn() to avoid endless hangs in gotsh

And we, too, are curious what the next version number will be :)

Regular readers will be aware that OpenBSD ships with its own mail server implementation, OpenSMTPD, in its base system.

In a recent message to the tech@ mailing list, Omar Polo (op@) asked for comments or oks for a patches implementing a change of table protocols. A little later, Gilles Chehade (gilles@) posted to the misc@opensmtpd.org mailing list with the backstory for this change.

The message follows in full below (apparently the otherwise fine marc.info archive site no longer archives the list):

Date: Fri, 03 May 2024 08:22:03 +0000 From: gilles@poolp.org To: misc@opensmtpd.org Subject: smtpd: change the table protocol Hello, This is a copy of a mail I sent to OpenBSD hackers a few days ago so you are aware of work being done on OpenSMTPD by Omar Polo. ~~~ TL;DR: proposal to change table backends wire protocol to one that's closer to filters, it has proven to work for years now, comes with many benefits and it is a very trivial change that we can pull in a handful of hours: https://tmp.omarpolo.com/smtpd-tables.7.html

Read more…

Have you had your laptop accidentally un-hibernate while you weren't looking, leaving you with a totally drained battery?

Now OpenBSD-current has a fix for that, thanks to this commit by Klemens Nanni (kn@). The commit message reads,

List: openbsd-cvs Subject: CVS: cvs.openbsd.org: src From: Klemens Nanni <kn () cvs ! openbsd ! org> Date: 2024-04-25 18:31:49 CVSROOT: /cvs Module name: src Changes by: kn@cvs.openbsd.org 2024/04/25 12:31:49 Modified files: sys/lib/libsa : softraid.c sys/arch/amd64/stand/boot: boot.8 sys/arch/amd64/stand/efiboot: Makefile.common cmd_i386.c conf.c efiboot.c efiboot.h Log message: Add boot.conf(8) 'mach idle [secs]' to halt at idle passphrase prompts

Read more…

The version control system gameoftrees 0.98 has been released and should soon show up in OpenBSD -current packages. An update for the -portable version will follow as well.

The main improvements in the new release are listed in the release notes as

- speed up got tag -l by caching timestamps in got_ref_cmp_tags() - provide a macro for vi(1) path for use by -portable at compile time - avoid a rename/stat race when gotd installs a new pack and then uses it - make 'got ref -l' output consistent when packed references exist - make 'got ref -l' work consistently when a reference argument is given - add initial support for notifications to gotd(8), via email and http/json

Read more…

The OpenBSD toolbox for network debugging just got better. In a recent thread on tech@ titled pfctl show fragment info, Alexander Bluhm (bluhm@) posted a patch to enable packet reassembly statistics in pfctl(8).

Several other developers joined in, and Claudio Jeker (claudio@) suggested that systat(8) should too be enhanced to display packet reassembly data in pf(4) related views.

This suggestion was well received, and the resulting code has now been committed,

Read more…

The work to improve the capabilities of the network stack is about to take a noticeable step forward. In a message to tech@ titled parallel raw IP input, Alexander Bluhm (bluhm@) posted a patch that he describes as

List: openbsd-tech Subject: parallel raw IP input From: Alexander Bluhm <bluhm () openbsd ! org> Date: 2024-04-11 20:24:39 Hi, As mvs@ mentioned, running raw IP in parallel is easier as it is less complex than UDP. Especially there is no socket splicing. So I fixed one race in rip_input() and reused my shared net lock ip_deliver() loop.

Read more…

A series of commits by Jeremie Courreges-Anglas (jca@) has modified tar(1) such that its default write format (for archives) is that of pax(1). The message with the final commit captures the gist of the change:

CVSROOT: /cvs Module name: src Changes by: jca@cvs.openbsd.org 2024/04/16 17:09:35 Modified files: bin/pax : options.c tar.1 Log message: Switch tar(1) write default format to 'pax' Lets us store longer file names, link names, finer grained timestamps, larger archive member files, etc; at the expense of larger uncompressed archives and less widespread support across the ecosystem. If you're unhappy with the new defaults, you can use -F ustar. Or you can help fix bugs / find a better middle ground. Prodding from various including job@ and deraadt@ ok sthen@ caspar@ millert@

The OpenSMTPD project has released its first post-OpenBSD 7.5 version, OpenSMTPD 7.5.0p0, with a number of notable improvements.

The announcement reads,

Subject: OpenSMTPD 7.5.0p0 Released From: Omar Polo <op () openbsd ! org> Date: 2024-04-10 8:38:12 OpenSMTPD is a FREE implementation of the SMTP protocol with some common extensions. It allows ordinary machines to exchange e-mails with systems speaking the SMTP protocol. It implements a fairly large part of RFC5321 and can already cover a large range of use-cases. It runs on OpenBSD, NetBSD, FreeBSD, DragonFlyBSD, Linux and OSX. The archives are now available from the main site at www.OpenSMTPD.org

Read more…

It's been 20 years since the first undeadly.org post appeared.

At that point in our history, we had been enjoying frequent updates to the OpenBSD Journal at the deadly.org site for more than four years, and most of us thought it was an April's Fool prank when the the editors announced that they were ceasing publication, effective immediately on April 1st, 2004.

Fortunately, Daniel Hartmeier quickly realized the announcement was not a joke, and went to work on a functionally equivalent CGI binary written in C and negotiated to take over the archive of existing articles. The rescued (resurrected?) site went live at undeadly.org on April 9th, 2004.

At the time, the eagerly anticipated upcoming release was OpenBSD 3.5 (which we covered on April 30th of that year). As the release song strongly hints, the introduction of the CARP redundancy protocol was a major item in that release. The release also introduced the OpenBSD/amd64 platform, and included a number of improvements in hardware support and security, with privilege separation introduced in several daemons and important utilities. All the details can be had at the OpenBSD 3.5 release page.

It's been 20 years, what have we got to show for it?

We hope you have been enjoying the site's updates, and we hope that undeadly.org has been a positive factor in promoting all things OpenBSD. The site and its editors have every intention of going on running the site.

If you want to help out, please submit items about OpenBSD that you find noteworthy.

We value your submissions even more than your comments.

All the best from the undeadly.org editors.

Every six months, spring and fall, a new OpenBSD release emerges on the web and familiar download mirrors.

The OpenBSD project has released OpenBSD 7.5, the project's 56th release, with numerous improvements and support for 14 hardware platforms.

Notable enhancements and new features include

• clang(1)/llvm updated to version 16 [see earlier report]
• malloc(3) leak detection now supports backtraces [see earlier report]
• syscall(2) has been removed [see earlier report]
• TSO for em(4) [see earlier report]
• KMS for Apple silicon machines
• pinsyscalls(2) and related work [see earlier report]
• Soft updates (softdep) support removed [see earlier report]
• New wi-fi driver qwx(4) [see earlier report]
• New code for SIGILL faults to help identify misbranches [see earlier report]
• New wi-fi driver mwx(4) [see earlier report]
• IPv6 support in ppp(4) [see earlier report]
• Improved auto-index in httpd(8) [see commit]
• Updated versions of LibreSSL (version 3.9.0). OpenSSH (version 9.7), OpenSMTPD (version 7.5), rpki-client and more

All this along with added support for various new hardware, numerous performance improvements and of course security enhancements.

See the OpenBSD 7.5 release page for a more detailed list, or the daily changelog for even more day to day detail.

As usual, the Installation Guide details how to get the system up and running with a fresh install, while those who already run earlier releases should follow the Upgrade Guide, in most cases using sysupgrade(8) to upgrade their systems.

In addition to the base system, the new release comes with a number of prebuilt packages. The number of binary packages available for the more popular architectures are:

amd64: 12309
aarch64: 12145
i386: 10830
sparc64: 9432

Thanks to the developers for all the great work!

And to all OpenBSD users: Happy hacking!

In a not-quite-unexpected announcement, the LibreSSL development team released the new versions. The announcement reads,

Subject: LibreSSL 3.8.4 and 3.9.1 released From: Brent Cook <busterb () gmail ! com> Date: 2024-03-28 4:47:28 We have released LibreSSL 3.8.4 and 3.9.1 which will be arriving in the LibreSSL directory of your local OpenBSD mirror soon. LibreSSL 3.9.1 is the first stable release for the 3.9.x branch, and will also be available with OpenBSD 7.5.

Read more…

OpenSSH 9.7/9.7p1 has been released.

The complete release notes may be found here: https://www.openssh.com/releasenotes.html#9.7p1

Read more…

Version 0.97 of Game of Trees has been released (and the port updated).

* got 0.97; 2024-03-11 see git repository history for per-change authorship information - improve error messages shown upon execv failure - fix 'gotadmin pack' crash upon Ctrl-C due to invalid imsg_free() - significantly speed up deltification of large files - improve error handling in got_privsep_recv_imsg()

Just in time for the release of OpenBSD 7.5!