OpenBSD Journal
Home : : Add Story : : Archives : : About : : Create Account : : Login :
KARL - kernel address randomized link
Contributed by rueda on Tue Jun 13 02:52:37 2017 (GMT)
from the Charlemagne dept.

In a message to the tech@ mailing list, Theo de Raadt (deraadt@) has announced a new randomization feature for kernel protection:

Over the last three weeks I've been working on a new randomization
feature which will protect the kernel.
Recently I moved all our kernels to a new mapping model, with patrick
and visa taking care of two platforms.
As a result, every new kernel is unique.  The relative offsets between
functions and data are unique.
However, snapshots of -current contain a futher change, which I
worked on with Robert Peichaer (rpe@):

That change is scaffolding to ensure you boot a newly-linked kernel
upon every reboot.[...]

Read the full message for the juicy details.

Note that, because of the new mechanisms, unhibernate does not work on -current (for now).

[ 18 comments 52d11:24 ago ] (flat) (expanded)

OpenBSD Daily, code review, and you
Contributed by pitrh on Fri Jun 9 16:48:32 2017 (GMT)
from the a-source-a-day-keeps-the-bugs-away dept.

OpenBSD developer Adam Wolk (awolk@) talks about a community effort to read at least one C source file from OpenBSD every day at

I made a new years resolution to read at least one C source file from OpenBSD daily. The goal was to both get better at C and to contribute more to the base system and userland development.

[ 4 comments 1d6m ago ] (flat) (expanded)

Running OpenBSD on Azure
Contributed by rueda on Fri Jun 09 11:21:52 2017 (GMT)
from the bright blue puffy dept.

A new Microsoft Azure blog entry, Running OpenBSD on Azure, describes OpenBSD support:

Today we are happy to share you that Azure supports OpenBSD 6.1 with the collaboration effort from Esdenera and Microsoft. Meanwhile Esdenera brings their firewall product based on OpenBSD on board Azure Marketplace now.

[Esdenera is Reyk (reyk@) Flöter's company.]

The Register covers this development in Microsoft Azure adds OpenBSD support. Repeat. Azure adds OpenBSD support.

This results from the efforts of mikeb@, reyk@, jsg@, and others.

[ 2 comments 67d2m ago ] (flat) (expanded)

d2k17 Hackathon Report: Florian Obser on slaacd(8)
Contributed by rueda on Fri Jun 09 01:34:09 2017 (GMT)
from the in this case, keep slaacing dept.

Florian Obser (florian@) kindly supplied a report on his d2k17 activities:

I wanted to take an overnight train from Amsterdam to Munich but that service had been cancelled sometime last year. So I had to fly to not lose too much time.

[ 1 comment 69d14:58 ago ] (flat) (expanded)

d2k17 Hackathon Report: Antoine Jacoutot on rc.d, syspatch, and more
Contributed by rueda on Thu Jun 08 06:33:25 2017 (GMT)
from the shell be right, mate dept.

Our next d2k17 report comes from Antoine Jacoutot (ajacoutot@), who writes:

My name is Antoine Jacoutot. After five hours on a hellish train ride, I have come to Starnberg with only one goal: to fix rc.d. But to do that, I can't be the OpenBSD developer I once was. To honor systemd's memory, I must be someone else. I must be something else.

[ 8 comments 5d21:06 ago ] (flat) (expanded)

d2k17 Hackathon Report: Ken Westerback on XS_NO_CCB removal and dhclient link detection
Contributed by rueda on Mon Jun 05 01:21:08 2017 (GMT)
from the sequential improvement dept.

Our second d2k17 report is from Ken Westerback (krw@), who writes:

I arrived at Starnberg with a clear and overriding focus -- to finally expunge the obsolete XS_NO_CCB construct from our SCSI code. In fact I was so focused on this issue I walked right past my pre-d2k17 hotel and wandered the streets of Starnberg for 30 minutes until I found it sitting right across the street from the BahnHof I started at.

[ 1 comment 5d21:06 ago ] (flat) (expanded)

d2k17 Hackathon Report: Stefan Sperling on USB audio, WiFi Progress
Contributed by pitrh on Fri Jun 02 01:39:40 2017 (GMT)
from the sunshine and krautwerk dept.

The first report from the recently completed d2k17 hackathon comes from Stefan Sperling, who writes:

This hackathon I took time to kick off a project I have been wanting to try for some time but never got around to: Adding sound support for my laptop which uses an internal USB audio device wired to xhci(4). Our xhci(4) driver lacks support for data transfers with guaranteed bandwidth and timing constraints (aka isochronous transfers). The first step is to add support for such transfers (mpi@ tells me the rabbit hole ends up in uaudio(4) but I'll worry about that later). To get started, I spent some time reading parts of the USB 2.0 and USB 3.1 specs, as well Intel's data sheet for the xHC interface (linked from Equipped with this new knowledge, I started brushing up an old work-in-progress diff that mpi@ shared with me. I did not make much progress and eventually got side-tracked into the wireless stack. But having finally explored this problem space feels good! I will try to keep exploring.

[ 2 comments 7d20:31 ago ] (flat) (expanded)

MWL's "Relayd and Httpd Mastery" Published
Contributed by rueda on Tue May 30 09:58:30 2017 (GMT)
from the fending off the sharks dept.

Relayd and Httpd Mastery, the latest book in the "Mastery" series by Michael W Lucas, is now available.

From the author's page for the book:

The httpd web server provides a fast, stable, secure environment for your web applications. The relayd load balancer lets you distribute Internet application load across multiple hosts. Between the two, you can slash hundreds of thousands of dollars off the cost of building, deploying, and managing applications.

(Those who purchased the book very early should check "Relayd and Httpd Mastery," both the good and the bad.)

MWL's site lists the ways to purchase the book in ebook and printed formats.

[ 4 comments 5d21:07 ago ] (flat) (expanded)

Ted Unangst on notable recent changes in OpenBSD
Contributed by rueda on Wed May 31 23:32:54 2017 (GMT)
from the the-saga-continues dept.

The flak reports by Ted Unangst (tedu@) continue with parts 620, 621, and 622.

As always, there are plenty of interesting developments.

Update: part 623

[ 1 comment 69d18:43 ago ] (flat) (expanded)

Support OpenBSD!

Donate to OpenBSD

Buy OpenBSD products


We are constantly on the lookout for stories of how you put OpenBSD to work. Please submit any informative articles on how OpenBSD is helping your company.

Older Stuff
Wednesday, May 10
23:39 OpenBSD Community Goes Gold (0)
Wednesday, May 03
07:11 Official OpenBSD 6.1 CD - There's only One! (12)
04:10 Errata and (First) Binary Patches Announced (7)
Monday, May 01
10:25 OpenSSH Removes SSHv1 Support (8)
Thursday, April 27
20:57 OpenBSD 6.1 Song Released (1)
Tuesday, April 25
04:12 The many ways of running firefox on OpenBSD (6)
Friday, April 21
00:19 clang(1) added to base on amd64 and i386 (3)
Tuesday, April 11
14:51 OpenBSD 6.1 Released (9)
Sunday, April 09
11:51 Getting OpenBSD running on Raspberry Pi 3 (12)

Older Stuff...
Yesterday's Edition...

OpenBSD Errata

OpenBSD Resources

Users wishing RSS/RDF summary files of OpenBSD Journal, can retrieve: [xml]

[ Home | Add Story | Archives | Polls | About ]

Copyright © 2004-2008 Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to April 2nd 2004 as well as images and HTML templates were copied from the fabulous original with Jose's and Jim's kind permission. Some icons from used with permission from Kathleen. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. Search engine is ht://Dig. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]