Announcement

**tildearrow** · 30 April 2021, 10:03 PM

This fast? How?! It's only been ~4 months since Linux got early M1 support and now OpenBSD?

**andrei_me** · 30 April 2021, 10:17 PM

Are they basing their work upon Linux patches??

**microcode** · 30 April 2021, 11:08 PM

Cool, I wonder if Rosenzweig's GPU work will be ISC licensed on the kernel side of things, or MIT like AMDGPU. That's how DRM drivers end up in OpenBSD.

**kylew77** · 01 May 2021, 12:52 AM

It is also the project's 50th release! OpenBSD is really shaping up from a research OS into a great daily driver. It is more secure by default than most Linux distros but usability and hardware support isn't Ubuntu standards yet but it is getting better every 6 months!

**kylew77** · 01 May 2021, 12:53 AM

I guess the RISCV support didn't land in time for 6.9 but current now has RISCV support too in addition to the aarch64 M1

**kpedersen** · 01 May 2021, 06:25 AM

I think OpenBSD is the only software I still get excited about updates and actually try them out on day of release. 6.9 is working flawlessly for me and really does feel squeaky clean.

Originally posted by tildearrow View Post

This fast? How?! It's only been ~4 months since Linux got early M1 support and now OpenBSD?

As far as I know it is because the chip isn't actually that special. It is just an aarch64 derivative. Luckily OpenBSD maintains pretty good support also for non-x86 platforms.

The difficulty is reverse engineering Apples bullsh*t. Since that was already done by the early work on Linux, the actual programming to implement it is "the easy part".

Though if it was up to me, I would boycott that crap. Apple will only lock down the bootloader in later models anyway.

**Volta** · 01 May 2021, 06:54 AM

Originally posted by kylew77 View Post

It is also the project's 50th release! OpenBSD is really shaping up from a research OS into a great daily driver. It is more secure by default than most Linux distros but usability and hardware support isn't Ubuntu standards yet but it is getting better every 6 months!

It's light years behind Linux, so keep dreaming. OpenBSD is far from secure outside the base system which is worthless on its own. It's shaping up from a research OS to meaningless OS. That's for sure.

While the implementation of various policy frameworks will mature and grow as needed, OpenBSD will remain stale. With a refusal to implement options for properly restricting users or a system in the event an attacker does gain access, the OpenBSD system will be considered a less reliable and trustworthy platform for use as a server or user operating system.

Extended access control frameworks should not be considered a perfect solution, or the be all and end all of security. There are still many situations where they are insufficient such as large applications that necessarily require wide ranging access to properly function. Even so, the level of control these frameworks provide are the best tools we have to secure systems as best we can.

It is interesting to note that even with Linux not really caring about security and having a non disclosure policy, things still end up being more secure than OpenBSD because of the presence of extended access controls. Being able to restrict access in such a powerful way which reinforces that simply trying to eliminate all bugs at the code level while noble, is an inferior approach.

As much as I am disappointed with the fix silently without disclosure approach to security the Linux kernel project has taken since Greg K-H took over, and having to rely on sites like xorl.wordpress.com to learn about security problems that were fixed, Linux is the only real project making progress with testing and improving extended access control frameworks. With continued development and support the implementations will become easier to use and the problems eradicated until such technology is common, as it should be.

OpenBSD cannot be considered a secure system until it makes some effort towards facilitating locking down a system with more than the standard UNIX permissions model which has been shown to be insufficient, and stop discounting the possibility that a system will be secure because all bugs have been removed. While well intentioned and accurate to a small extent, it is ultimately meaningless if even just one vulnerability is present.The OpenBSD team consists of highly skilled programmers who have an interest in security and have shown excellent skill at auditing code and identifying and fixing vulnerabilities in software. Unfortunately, they have shown no interest in extending OpenBSD to implement extended access controls as almost all other operating systems have done, leaving their system inherently more vulnerable in the event of a successful intrusion. The OpenBSD serve a useful role in the community, similar to dedicate security analysts or advisors, and for this they should be celebrated.

This sums up bsdsism nicely.

**DrYak** · 01 May 2021, 08:04 AM

Originally posted by kpedersen View Post

As far as I know it is because the chip isn't actually that special. It is just an aarch64 derivative. Luckily OpenBSD maintains pretty good support also for non-x86 platforms.

It's not anymore a 3rd-party-licenced PowerVR core like on older iPhones (or some ARM Maali core)

Checkout Rosenzweig's blog posts: Apple's GPU is actually its own beast, geared specifically for Apple's Metal API. Among other it lacks some hardware unit that would be expected or required for Vulkan/OpenGL APIs but aren't needed in Metal.
(So in Linux's Mesa driver, they'll be handled by software, mostly GPU Shaders).

**kpedersen** · 01 May 2021, 10:02 AM

Originally posted by DrYak View Post

It's not anymore a 3rd-party-licenced PowerVR core like on older iPhones (or some ARM Maali core)

Oh, I was talking purely about the CPU. The more important part IMO.

Announcement

OpenBSD 6.9 Released In Beginning To Support Apple's M1 SoC

OpenBSD 6.9 Released In Beginning To Support Apple's M1 SoC

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment