OpenBSD 7.8 Arrives with Major Performance and Hardware Upgrades

OpenBSD 7.8 is here, continuing its tradition of bi-annual releases focused on security, simplicity, and portability. With a base install size of just 597 MB, OpenBSD stands as a testament to minimalist design. Renowned for its security, a standard installation has seen only two remote vulnerabilities in its thirty-year history, making it a benchmark for other operating systems.

Key improvements include a parallelized TCP stack, expanded support for ARM and x86 platforms like the Raspberry Pi 5 and Snapdragon X Elite, and post-quantum cryptography in LibreSSL. To upgrade, simply run sysupgrade followed by pkg_add -u.

Hardware Compatibility: From Raspberry Pi to Snapdragon

OpenBSD 7.8 significantly expands its hardware support, making it a viable and secure alternative to Linux on a wide range of devices.

• ARM Platforms: Full support for Raspberry Pi 5 (BCM2712), including drivers for the PCIe controller and RP1 peripherals. Improved power management for Apple Silicon.
• Snapdragon Support: Initial drivers (qcdrm(4)) for Qualcomm Snapdragon chips, paving the way for devices like the Snapdragon X Elite.
• AMD & Intel: The amdgpio(4) driver now supports wakeup interrupts, fixing resume-from-sleep issues on Ryzen laptops. The DRM framework has been synchronized with Linux 6.12.50.
• Virtualization: Enhanced support for AMD SEV-ES allows guest VMs to run with encrypted states, boosting security in cloud environments. Virtio devices are now updated to specification 1.2.
• New Drivers: Added support for ASUS I2C keyboards (iasuskbd(4)), various WMI sensors (acpiwmi(4)), and AMD power management controllers (amdpmc(4)).

Networking and Kernel: A Focus on Parallelism

The network stack and kernel have received major updates to eliminate bottlenecks and improve responsiveness under heavy loads.

• Parallel TCP Stack: The TCP stack is now multi-threaded (up to 8 threads), distributing traffic processing across CPU cores and removing global locks for faster performance.
• New Daemons: The release introduces lldpd(8) for automatic network topology discovery and bpflogd(8) for simplified traffic logging in tcpdump format.
• Kernel Enhancements: The sleep() system call now uses nanosecond precision, and the new FD_CLOFORK flag prevents file descriptor leaks in forked processes.
• Improved Tooling: The gprof(1) profiler is now fully compatible with OpenBSD's security mechanisms like pledge(), unveil(), and chroot.

Security and Software: Post-Quantum Crypto and Updated Ports

True to its roots, OpenBSD 7.8 reinforces its security posture with cutting-edge cryptography and a wealth of updated software.

• LibreSSL 4.2.0: Introduces an API for ML-KEM (Kyber), a post-quantum cryptographic algorithm, future-proofing TLS connections.
• OpenSSH 10.2: Adds warnings for weak key algorithms and fixes a potential DoS vulnerability by preventing connection slot leaks.
• System Utilities: pkgconf now replaces pkg-config, removing the Perl dependency. The watch(1) command is replaced by the more modern iwatch, and tmux receives 16 new features.

Updated Software Packages

The ports collection has been updated with thousands of packages, with over 12,600 available for amd64. Highlights include:

• Desktop: Firefox 143.0.3, Chromium 141, GNOME 48, KDE Plasma 6.4.5, LibreOffice 25.8.1.1
• Development: LLVM/Clang 19.1.7, Go 1.25.1, Rust 1.90.0, Python 3.12.11, Node.js 22.20.0
• Server & Graphics: PostgreSQL 17.6, Mesa 25.0.7, X.Org 7.7, NSD 4.3.0, Unbound 1.24.0

A Release Focused on Stability and Modernity

OpenBSD 7.8 is a powerful release that balances the project's long-standing commitment to minimalism and security with the practical needs of modern computing. The updates focus on tangible improvements in performance, hardware compatibility, and security rather than superficial features. For those planning to update, using sysupgrade with system snapshots is recommended to minimize downtime.

If you've tried this latest release, share your experience in the comments below.

#openbsd #news