The OpenBSD development team announced a few days ago the release of the new version of OpenBSD 7.7, marking a significant advance in both functionality and compatibility.
This new version of OpenBSD 7.7 sIt is distinguished by key improvements in compatibility with modern hardware, a notable optimization of its internal resources, new layers of protection for critical environments, improved management of system resources, and a significant reinforcement of its security mechanisms.
Major New Features in OpenBSD 7.7
One of the highlights of OpenBSD 7.7 is the DRM framework updatenow synchronized with Linux Kernel 6.12.21, which is a big jump from the previous version based on 6.6.52.
This allows for much more up-to-date support for modern graphics chips. In particular, the driver inteldrm now includes support for the GPUs of the generation Intel's Arrow Lake, while amdgpu expands support for include the new ones Ryzen AI 300 GPU and the Radeon RX 9070.
OpenBSD 7.7 also significantly improves its support for the ARM64 architecture, as it introduces support for scalable vector extensions (SVE), while in devices Apple with M1 chips has managed to establish power states that optimize consumption.
At the virtualization level, the platform x86_64 now includes AMD SEV support, a technology that protects virtual machines even from access by the hypervisor or the host system administrator. In addition, the memory accessible for DMA has been expanded to exceed the 4 GB barrier.
Improvements to memory management and multiprocessing are other new features in OpenBSD 7.7. This includes the implementation of ptrace to allow for advanced debugging in multithreaded applications, while several system calls have been freed from global locking, improving parallelism and performance on multi-core systems. Likewise, handling of out-of-memory conditions has been hardened, preventing unexpected failures under extreme load conditions.
Network support and security improvements
The network subsystem introduces support for AF_FRAME sockets, allowing a more direct communication at the Ethernet level, and optimizes the sending of TCP/UDP packets thanks to a new hash algorithm and the introduction of independent queues per flow. The pfctl utility can now handle network interfaces with bandwidths exceeding 4 Gbit, while the relayd daemon now supports TLS authentication with client certificates.
On the security improvements side, the process sshd-auth now uses a random binary recomposition technique at every boot, making it difficult to create exploits. Mountd, meanwhile, has been isolated through specific system calls, limiting its attack surface. Also notable is the increased utility fw_update, which now allows firmware downloads without root privileges.
The command sysctl now supports bulk loading of configurations from a file, facilitating automation in scripting environments. pkg_add has been enhanced to automatically run ldconfig after installing packages that modify system shared libraries. Additionally, sysupgrade allows for offline upgrades by using locally stored packages.
Expanded compatibility and hardware improvements
OpenBSD 7.7 introduces compatibility improvements with more devices, including MediaTek and Qualcomm Snapdragon SoCs last generation, laptops like the Samsung Galaxy Book4 Edge, ThinkPad T14 Gen 5, and several Chromebook models. New network drivers, such as ice for Intel E810 cards and ixv for virtual adapters, strengthen connectivity. Furthermore, the strategy of moving network operations directly to the card, relieving the CPU load, has intensified.
In addition, the number of ports has increased significantly across all architectures, and Many applications have received recent versions, such as Firefox 137, LibreOffice 25.2.1.2, GNOME 47, to name just a few. In addition, the system includes updated components such as LibreSSL 4.1.0 with support for new cryptographic architectures and algorithms, OpenSSH 10 with authentication and privacy improvements, and the Xenocara graphical stack based on X.Org 7.7 with xserver 21.1.16 and Mesa 23.3.6.
Finally, if you are interested in knowing more about it, you can check the details in the following link