honk.any-key.press

undeadly rss

Feed: OpenBSD Journal
ronk: RSS-to-honk bot

undeadly honked 14 Nov 2025 12:00 +0100

In -current, Theo de Raadt (deraadt@) has started the transition to support for 52 disk partitions (on a subset of hardware architectures):

CVSROOT:	/cvs
Module name:	src
Changes by:	deraadt@cvs.openbsd.org	2025/11/13 13:59:14

Modified files:
	sys/dev/ata    : wd.c 
	sys/kern       : kern_pledge.c 
	sys/sys        : disklabel.h dkio.h 
	sys/scsi       : sd.c 
	sys/dev/isa    : fdreg.h 
	sys/arch/sparc64/dev: fd.c 

Log message:
Begin transition to 52-partition support.  The partition encoding used
to be lowest 4 bits of dev_t, and now becomes 6.  This supplies 64
partitions in struct disklabel.d_partitions[MAXPARTITIONSUNIT], but we
only use 52 of these slots (an architecture can be either 16 partition
or 52 partition, depending on MD define MAXPARTITIONS).  The
52-partition limit is due to single-character representation limit of
a-zA-Z.  We supply a backwards-compat ioctl for a while which can read
an disklabel structure.

undeadly honked 12 Nov 2025 15:00 +0100

Source and state limiters introduced in pf

David Gwynne (dlg@) has introduced source and state limiters, which provide a massive increase in the flexibily of pf traffic limiting:

CVSROOT:	/cvs
Module name:	src
Changes by:	dlg@cvs.openbsd.org	2025/11/10 21:06:20

Modified files:
	sbin/pfctl     : parse.y pfctl.8 pfctl.c pfctl_parser.c 
	                 pfctl_parser.h 
	share/man/man5 : pf.conf.5 
	sys/net        : pf.c pf_ioctl.c pf_table.c pfvar.h pfvar_priv.h 

Log message:
introduce source and state limiters in pf.

both source and state limiters can provide constraints on the number
of states that a set of rules can create, and optionally the rate
at which they are created. state limiters have a single limit, but
source limiters apply limits against a source address (or network).
the source address entries are dynamically created and destroyed,
and are also limited.

undeadly honked 12 Nov 2025 14:00 +0100

Big news for small /usr partitions

Several recent commits have improved sysupgrade(8) handling of low free disk space in /usr:

Firstly, Stuart Henderson (sthen@) modified the installer to increase free space prior to installing:

CVSROOT:	/cvs
Module name:	src
Changes by:	sthen@cvs.openbsd.org	2025/11/01 06:54:17

Modified files:
	distrib/miniroot: install.sub 

Log message:
Before extracting on an upgrade, remove share/relink/*, not just
share/relink/usr/lib/*. The old files aren't useful post-upgrade and
this increases the chance of successfully extracting base*.tgz files,
so that people low on space in /usr have a better chance of getting
into the system after a reboot.

"install.sub can delete the entire relink space" deraadt@