Contributed by
rueda
on
from the spawn me a sub dept.
Dave Voutila (dv@)
has continued his work on moving
vmd(8)
to a multi-process model.
(Undeadlyfirst reported
on this in 2023.)
This time the
virtio scsi device has been
converted to a subprocess:
CVSROOT: /cvs
Module name: src
Changes by: dv@cvs.openbsd.org 2026/02/22 15:54:54
Modified files:
usr.sbin/vmd : vioscsi.c virtio.c virtio.h vmd.c vmd.h
Log message:
vmd(8): convert virtio scsi device to a subprocess.
Break the virtio scsi device (used as a cd-rom drive) into a
subprocess like the virtio block and network devices. This leaves
only the entropy device (viornd) and vmmci device running in-process
with the vcpus.
ok mlarkin@
Contributed by
Janne Johansson
on
from the ram-a-llama-ding-dong dept.
Every OpenBSD admin has booted bsd.rd at least once — to install, upgrade, or rescue a broken system. But few people stop to look at what’s actually inside that file.
Contributed by
rueda
on
from the veni-vidi-vine dept.
In a move likely to be welcomed by users of streaming
video services,
Robert Nagy (robert@)
has
added a
port for
OpenWV (a free and
open-source reimplementation of
Google's Widevine
CDM),
and
enabled
its use with the chromium port:
Seasoned networkers will know to tell you that legacyIPv4 and modernIPv6 are, in fact, not directly compatible, and shipping traffic between IPv4 and IPv6 networks requires address family translation.
On our favorite operating system and its siblings, that special case has been handled via the af-to option and special case rules since back in the OpenBSD 5.1 days.
But that special case has always felt a bit awkward to some, and now David Gwynne (dlg@) is airing a patch on tech@ with a view to making af-to "less magical".
List: openbsd-tech
Subject: pf: make af-to less magical
From: David Gwynne <david () gwynne ! id ! au>
Date: 2026-01-16 2:11:57
Message-ID: aWmebWvdwBi6z98j () animata ! net
i only recently figured out that af-to is very special in pf, but i dont
think it should be.
currently af-to has the following restrictions:
1. it only works for incoming packets, ie, you can only use it on "pass
in" rules in pf.
2. it forces the translated packet to be forwarded.
a consequence of these, and 2 in particular, is that only one state is
created for an af-to connection over the firewall. this is unlike other
forwarded connections where there's generally two states created, one
when the packet comes in from the wire into the stack, and another when
the packet goes out from the stack to the wire.
Following a recent series of commits by Helg Bredow (helg@) and Stefan Fritsch (sf@), OpenBSD/arm64 now works as a guest operating system under the Apple Hypervisor.
The commits read
List: openbsd-cvs
Subject: CVS: cvs.openbsd.org: src
From: Helg Bredow <helg () cvs ! openbsd ! org>
Date: 2026-01-12 18:15:33
CVSROOT: /cvs
Module name: src
Changes by: helg@cvs.openbsd.org 2026/01/12 11:15:33
Modified files:
sys/dev/pv : viogpu.c
Log message:
viogpu_wsmmap() returns a kva but instead should return a physical
address via bus_dmamem_mmap(9). Without this, QEMU would only show a
black screen when starting X11. On the Apple Hypervisor, the kernel
would panic.
Contributed by
Peter N. M. Hansteen
on
from the strengthen your core muscles dept.
With these twocommits, Mike Larkin (mlarkin@) set the stage for, and next up, bumped the maximum number of processors supported on OpenBSD/amd64 from 64 to 255.
We are constantly on the lookout for stories of how you put OpenBSD to work.
Please submit any informative articles on how OpenBSD is helping your company.
2026-01-14RELIABILITY A malicious RPKI Certification Authority can cause a NULL dereference.
A malicious RPKI Trust Anchor can cause memory exhaustion.
