Version 0.114 of Game of Trees has been released (and the port updated):

• preserve author timestamps when rebasing commits
• stop running ssh with -q by default; -q hides host key fingerprint errors
• fix gotsys-read-conf crash when ssh key comments are missing in gotsys.conf
• relax repository path permission checks in gotsys-repo-create
• add gotsys apply -w option which waits until sysconf has been run
• fix gotsysd getting stuck due to missing final messages from libexec helpers
• plug a file descriptor leak in the gotsysd libexec process

In a fediverse post, Stefan Sperling (stsp@) asks for testing of a potential fix for a problem affecting a number of network interface drivers (namely bge, bnx, iavf, igc, ix, ixl, ngbe and pcn), pointing to a message on tech@ with the subject bge/bnx/iavf/igc/ix/ixl/ngbe/pcn: ifq_restart() fix that reads

List:       openbsd-tech
Subject:    bge/bnx/iavf/igc/ix/ixl/ngbe/pcn: ifq_restart() fix
From:       Stefan Sperling <stsp () stsp ! name>
Date:       2025-06-20 10:12:14

A bug has been fixed by yasuaok@ in vmx(4) where the driver was
calling ifq_restart() without actually having made any space on
a full Tx ring. Calling ifq_restart() in this case can lead to
a condition where the interface gets stuck in OACTIVE until the
interface is reset with ifconfig.

Fresh from the recently concluded j2k25 hackathon comes this report from Klemens Nanni (kn@), who writes:

New country, lots of ramen, friends and new folks - heck, yes!

Having missed the last four (our five?, hard to tell…) hackathons, j2k25 aligned just right to finish our holidays with beautiful sights and culinary delights between streaks of hacking, leaving all else aside for a solid week - it was refreshing retreat and sparked plans to make another, even longer trip through Japan!

This time, I brought a few unfished and/or unanswered diffs, but also specifically wanted to look into unfamiliar code, now that folks were around to ask for advice and discuss with.

---

First, the installer and rc(8) were due for cleanup: common code for randomness seed files used by bootloaders and rc seemed unnecessarily different, so I synced their logic, style and comments wrt. subtle, yet important details around the sticky(8) bit:

In some cases, the current dhcpd(8) is not quite as reliable as one would want in providing the requested data to the actual requestor. After some rounds of discussion and experimentation, David Gwynne (dlg@) is circulating a diff on tech@ that switches the daemon to use UDP sockets instead of bpf.

The motivation is summarized as,

tl;dr this replaces bpf with udp sockets in dhcpd, mostly to make it
better at replying with the ip that requests were sent to.

and the full message, with the subject dhcpd(8): use UDP sockets instead of BPF reads,

List:       openbsd-tech
Subject:    dhcpd(8): use UDP sockets instead of BPF
From:       David Gwynne <david () gwynne ! id ! au>
Date:       2025-06-13 3:29:20

tl;dr this replaces bpf with udp sockets in dhcpd, mostly to make it
better at replying with the ip that requests were sent to.

ive been hacking on this because of a problem at work, which i want to
solve by setting up a bunch of "anycast" dhcp servers. ie, i want to
have multiple dhcpd on separate servers with the same IP assigned
as an alias on all of them.

In a long series of commits, Robert Nagy (robert@) updated clang(1)/llvm/lld(1) in -current to version 19.1.7 (from version 16.0.6):

CVSROOT:	/cvs
Module name:	src
Changes by:	robert@cvs.openbsd.org	2025/06/11 06:54:56

Log message:
    import of llvm from LLVM 19.1.7
    
    Status:
    
    Vendor Tag:	LLVM
    Release Tags:	LLVM_19_1_7
    
    U src/gnu/llvm/llvm/.clang-format
[…]

Those building from source should follow the instructions in Following -current and using snapshots before making the leap.

Kristaps Dzonsons (known for mandoc(1), rpki-client(8), and much more) has written an article, Source code sandboxing, on sandboxing from the perspective of developers. It compares the facilities available under several operating systems, and requests relevant contributions.

As Undeadly readers might expect, OpenBSD's pledge(2) and unveil(2) receive favourable appraisal.

Kristaps' article refers to Sandboxing Adoption in Open Source Ecosystems, an academic article published on the subject.

[In 2016, Undeadly published Kristaps Dzonsons on pledge(2).]

Following a discussion on tech@ [initiated by a post with patch from Ted Unangst (tedu@)], the "TearFree" option has been backported to the xenocara modesetting(4) driver in -current:

CVSROOT:	/cvs
Module name:	xenocara
Changes by:	matthieu@cvs.openbsd.org	2025/06/09 12:18:36

Modified files:
	xserver/dix    : pixmap.c 
	xserver/hw/xfree86/common: xf86Mode.c 
	xserver/hw/xfree86/drivers/modesetting: dri2.c driver.c driver.h 
	                                        drmmode_display.c 
	                                        drmmode_display.h 
	                                        dumb_bo.c meson.build 
	                                        modesetting.man 
	                                        pageflip.c present.c 
	                                        vblank.c 
	xserver/hw/xfree86/modes: xf86Crtc.h xf86Rotate.c 
	xserver/include: displaymode.h pixmap.h 
	xserver/present: present.h present_screen.c 

Log message:
Backport TearFree page flips for the modesetting driver from X.Org maaster.

Work done by tedu@ based on previous diffs by jcs@ and stsp@.
One bug fix in master by me. tested and ok tb@. commit on behalf of tedu@

The option is on by default, so users of the relevant hardware can expect smooth(er) scrolling ahead.

Rafael Sadowski (rsadowski@), OpenBSD developer and prolific blogger, has been looking into file system performance optimizations on our favorite operating system, and is now sharing his tips and tricks in FFS optimizations with dirhash on his blog.

He leads in with a TL;DR:

tl;dr

Consider playing with sysctl vfs.ffs.dirhash_maxmem to increase the maximum dirhash cache.

That said, it is worth your time to read the whole thing!

Version 0.113 of Game of Trees has been released (and the port updated):

• tweak 'got status' and 'got add' ignores handling for better git compatibility
• improve redundant pack detection during 'gotadmin cleanup'
• gotwebd: do not forget to initialize *ngroups argument for getgrouplist()
• fix default access for root and _gotd when gotsysd runs without config file
• fix bogus "unexpected privsep message" from gotsh during 'got send'
• fix a race in gotd notification processing causing notify process to exit