The OpenBSD project has released OpenBSD 6.9, the project's 50th release. As usual the release page offers highlights, installation and upgrade instructions as well as links to other resources such as the detailed changelog.

Notable improvements include, but are not limited to

• The arm64 platform now has OpenBSD booting multi-user on Apple M1
• Numerous improvements to the relatively fresh powerpc64 platform
• A generous sprinkling of multicore untangling in the network stack
• A fresh virtual Ethernet Bridge device veb(4), more details in Introducing veb(4) - a new Virtual Ethernet Bridge
• New daemons dhcpleased(8) (see also) and resolvd(8) (see also) introduced to make road warriors' lives easier. (These daemons are not enabled by default.)
• rpki-client(8) has seen major work, including initial support for RRDP (The RPKI Repository Delta Protocol, RFC 8182).
• For enhanced privacy control for video recording, the sysctl(8) parameter kern.video.record was added. (See earlier report). This is analogous to kern.audio.record.
• Major updates to packages

Those upgrading from 6.8 or earlier releases should consult the Upgrade Guide.

Thanks to the developers for all the good work that went into this excellent new release!

While your install sets download or when your packages update, please take the time to look at and use one or more of the recommended ways to support the project, such as making a donation. You can also get merchandise and help OpenBSD visibility. Corporate entities may prefer sending some money in the direction of the OpenBSD Foundation, which is a Canadian non-profit corporation.

With the following commit, Dale Rahn (drahn@) imported initial support for the 64-bit RISC-V architecture:

CVSROOT:	/cvs
Module name:	src
Changes by:	drahn@cvs.openbsd.org	2021/04/22 20:42:17

Added files:
	sys/arch/riscv64: Makefile 
	sys/arch/riscv64/compile: Makefile Makefile.inc 
	sys/arch/riscv64/compile/GENERIC: Makefile 
	sys/arch/riscv64/compile/RAMDISK: Makefile 
	sys/arch/riscv64/conf: GENERIC Makefile.riscv64 RAMDISK 
	                       files.riscv64 kern.ldscript 
	sys/arch/riscv64/dev: mainbus.c mainbus.h plic.c plic.h 
	                      riscv_cpu_intc.c riscv_cpu_intc.h 
	                      simplebus.c simplebusvar.h timer.c timer.h 
	sys/arch/riscv64/include: _float.h _types.h asm.h atomic.h 
	                          bootconfig.h bus.h cdefs.h conf.h 
	                          cpu.h cpufunc.h db_machdep.h 
	                          disklabel.h elf.h endian.h exec.h 
	                          fdt.h fenv.h frame.h ieee.h ieeefp.h 
	                          intr.h kcore.h limits.h 
	                          loadfile_machdep.h mutex.h param.h 
	                          pcb.h pmap.h proc.h profile.h pte.h 
	                          ptrace.h reg.h reloc.h riscv64var.h 
	                          riscvreg.h sbi.h setjmp.h signal.h 
	                          softintr.h spinlock.h syscall.h tcb.h 
	                          timetc.h trap.h vmparam.h 
	sys/arch/riscv64/riscv64: ast.c autoconf.c bus_dma.c bus_space.c 
	                          conf.c copy.S copyinout.S copystr.S 
	                          cpu.c cpufunc_asm.S cpuswitch.S 
	                          db_disasm.c db_interface.c db_trace.c 
	                          disksubr.c fpu.c genassym.cf intr.c 
	                          locore.S locore0.S machdep.c mem.c 
	                          pagezero.S pmap.c process_machdep.c 
	                          sbi.c sig_machdep.c softintr.c 
	                          support.S syscall.c trap.S 
	                          trap_machdep.c vm_machdep.c 

Log message:
Initial import of OpenBSD/riscv64

This work is based on the effort:
https://www.openbsd.org/papers/Porting_OpenBSD_to_RISCV_FinalReport.pdf
"Porting OpenBSD to RISC-V ISA"
by
Brian Bamsch <bbamsch@google.com>
Wenyan He <wenyan.he@sjsu.edu>
Mars Li <mengshi.li.mars@gmail.com>
Shivam Waghela <shivamwaghela@gmail.com>

With additional work by Dale Rahn <drahn@openbsd.org>

Congratulations and thanks to all involved!

We received a contribution from Sven G, about checking the temperature in the garage where his dog sleeps with OpenBSD:

I was inspired by the April 2017 article in undeadly.org about getting OpenBSD running on a Raspberry Pi 3B+. My goal was to use a Raspberry Pi running OpenBSD to monitor the temperature in my garage from my home. My dog has his own little "apartment" inside the garage, so I want to keep an eye on the temperature. (I don't rely on this device. He sleeps inside the house whenever he wants.)

If anything seems wrongheaded, please chalk it up to a frothy mixture of enthusiasm, ignorance, stubbornness, and "just-because-I-wanted-to-do-it-this-way-ness."

Dr. Brian Robert Callahan (bcallah@) blogged about his work in getting D compiler(s) working under OpenBSD.

The first paragraph reads:

I got GDC, the GNU D Compiler, working on OpenBSD. Supporting D has been a very long time coming. Here's the story of how we got here and where we need to go next.

Read the full post for all the details, including an explanation of why there isn't yet a port.

Hoping to be able to make a conference in Vienna in September (and doing it digitally if not), the EuroBSDCon is now accepting submissions for presentations and tutorials.
Read more at 2021.EuroBSDCon.org

In a recent blog post, OpenBSD developer Solène Rapenne (solene@) offers an over view of the security features offered by a default OpenBSD installation.

The first paragraph of the introduction reads,

In this text I will explain what makes OpenBSD secure by default when you install it. Do not take this for a security analysis, but more like a guide to help you understand what is done by OpenBSD to have a secure environment. The purpose of this text is not to compare OpenBSD to other OSes but to say what you can honestly expect from OpenBSD.

A worthy reminder of how the system works, and a very handy piece to show to anybody who wonders why one would choose to use OpenBSD over anything else. You can read the whole thing here.

With the following commit, Florian Obser (florian@) imported dhcpleased(8), DHCP daemon to acquire IPv4 address leases from servers, plus dhcpleasectl(8), a utility to control the daemon:

CVSROOT:	/cvs
Module name:	src
Changes by:	florian@cvs.openbsd.org	2021/02/26 09:16:37

Added files:
	sbin/dhcpleased: Makefile bpf.c bpf.h checksum.c checksum.h 
	                 control.c control.h dhcpleased.8 dhcpleased.c 
	                 dhcpleased.h engine.c engine.h frontend.c 
	                 frontend.h log.c log.h 
	usr.sbin/dhcpleasectl: Makefile dhcpleasectl.8 dhcpleasectl.c 
	                       parser.c parser.h 

Log message:
Import dhcpleased(8) - a dhcp daemon to acquire IPv4 address leases
from servers.

With the following commit, Florian Obser (florian@) imported resolvd(8), a daemon for handling nameserver configuration:

CVSROOT:	/cvs
Module name:	src
Changes by:	florian@cvs.openbsd.org	2021/02/24 11:10:41

Added files:
	sbin/resolvd   : Makefile resolvd.8 resolvd.c 

Log message:
Import resolvd(8), a daemon to rewrite resolv.conf.
prodding deraadt

Since the initial import, resolvd(8) has seen:

1. some significant reworking
2. improvements to the man page
3. linking to the build

In this commit, David Gwynne (dlg@) adds a new veb(4) driver to the tree. David's goal is to replace the old bridge(4) driver: