&os;/&arch; &release.current; Release NotesThe &os; Project$FreeBSD$200020012002200320042005The &os; Documentation Project
&tm-attrib.freebsd;
&tm-attrib.ibm;
&tm-attrib.ieee;
&tm-attrib.intel;
&tm-attrib.sparc;
&tm-attrib.general;
The release notes for &os; &release.current; contain a summary
of the changes made to the &os; base system on the
&release.branch; development line.
This document lists applicable security advisories that were issued since
the last release, as well as significant changes to the &os;
kernel and userland.
Some brief remarks on upgrading are also presented.IntroductionThis document contains the release notes for &os;
&release.current; on the &arch.print; hardware platform. It
describes recently added, changed, or deleted features of &os;.
It also provides some notes on upgrading
from previous versions of &os;.
The &release.type; distribution to which these release notes
apply represents the latest point along the &release.branch; development
branch since &release.branch; was created. Information regarding pre-built, binary
&release.type; distributions along this branch
can be found at .
]]>
The &release.type; distribution to which these release notes
apply represents a point along the &release.branch; development
branch between &release.prev; and the future &release.next;.
Information regarding
pre-built, binary &release.type; distributions along this branch
can be found at .
]]>
This distribution of &os; &release.current; is a
&release.type; distribution. It can be found at or any of its mirrors. More
information on obtaining this (or other) &release.type;
distributions of &os; can be found in the Obtaining
&os; appendix to the &os;
Handbook.
]]>
All users are encouraged to consult the release errata before
installing &os;. The errata document is updated with
late-breaking information discovered late in the
release cycle or after the release. Typically, it contains
information on known bugs, security advisories, and corrections to
documentation. An up-to-date copy of the errata for &os;
&release.current; can be found on the &os; Web site.What's NewThis section describes
the most user-visible new or changed features in &os;
since &release.prev;.
In general, changes described here are unique to the &release.branch;
branch unless specifically marked as &merged; features.
Typical release note items
document recent security advisories issued after
&release.prev.historic;,
new drivers or hardware support, new commands or options,
major bug fixes, or contributed software upgrades. They may also
list changes to major ports/packages or release engineering
practices. Clearly the release notes cannot list every single
change made to &os; between releases; this document focuses
primarily on security advisories, user-visible changes, and major
architectural improvements.Security AdvisoriesKernel ChangesA new sysctl variable kern.malloc_stats
has been added. This allows to export kernel malloc
statistics via a binary structure stream.A new sysctl variable vm.zone_stats
has been added. This allows to export &man.uma.9; allocator
statistics via a binary structure stream.Boot Loader ChangesA new option ,
which allows setting the boot2
serial console speed in the /boot.config
file or on the boot: prompt line,
has been added.A new loader tunable
comconsole_speed to change
the serial console speed has been added.
If the previous stage boot loader requested a serial console
then the default speed is determined from the current serial port
speed, and otherwise it is set to 9600 or the value of
the kernel option BOOT_COMCONSOLE_SPEED
at compile time.Hardware SupportThe &man.acpi.thermal.4; driver now supports
passive cooling.Support for the PadLock Security Co-processor in VIA C3
processors has been added to the &man.crypto.9; subsystem.
&merged;A bug which prevents the &man.ichsmb.4; kernel module
from unloading has been fixed.The loader tunable debug.mpsafevfs
is set to 1 by default.The smbios(4) driver support for amd64 has been
added.A new loader tunable
hw.apic.enable_extint has been added.
This tunable can be used not to mask the ExtINT pin on the first
I/O APIC. At least one chipset for Intel Pentium III seems
to need this even though all of the pins in the 8259A's are masked.
The default is still to mask the ExtINT pin.Multimedia SupportThe &man.sound.4; driver now supports
wider range sampling rate, multiple precisions choice,
and 24/32 bit PCM format conversion.The &man.snd.als4000.4; driver is now MPSAFE.The &man.snd.cmi.4; driver is now MPSAFE.The &man.snd.via8233.4; driver is now MPSAFE.The &man.snd.via8233.4; driver is now supported
on &os;/amd64.The &man.snd.via82c686.4; driver is now MPSAFE.Network Interface SupportThe &man.dc.4; driver is now MPSAFE. &merged;The &man.de.4; driver has been converted to the &man.bus.dma.9;
API and is now MPSAFE.The &man.ed.4; driver is now MPSAFE.The &man.el.4; driver has been removed.The &man.my.4; driver is now MPSAFE. &merged;The &man.pcn.4; driver is now MPSAFE. &merged;The &man.sf.4; driver is now MPSAFE. &merged;The &man.ste.4; driver is now MPSAFE.Network ProtocolsThe &man.gre.4; driver, which is for GRE encapsulation
found in RFC 1701 and RFC 1702 now supports IPv6 over GRE.The path MTU discovery for multicast packets in the &os;
&man.ip6.4; stack has been disabled by default because
notifying path MTU by a lot of routers in multicast
can be a kind of distributed Denial-of-Service attack to a router.
This feature can be enabled by using a new sysctl variable
net.inet6.ip6.mcast_pmtu.The &man.ipfw.4;, IP packet filter now supports IPv6.
The &man.ip6fw.8; is deprecated and will be removed
in the future releases.The &man.natm.4;, Native Mode ATM protocol layer is now MPSAFE.A new sysctl variable net.inet.icmp.reply_from_interface
has been added. This allows the &man.icmp.4;
reply to non-local packets generated with
the IP address the packet came through in.
This is useful for routers to show in &man.traceroute.8;
the actual path a packet has taken instead of
the possibly different return path.A new sysctl variable net.inet.icmp.quotelen
has been added. This allows to change length of
the quotation of the original packet in an ICMP reply.
The minimum of 8 bytes is internally enforced.
The maximum quotation is the remaining space in the
reply mbuf. This option is added in response to the
issues raised in I-D
draft-gont-icmp-payload-00.txt.The &man.icmp.4; now always quotes the entire TCP header
when responding and allocate an mbuf cluster if needed.
This change fixes the TCP issues raised in I-D
draft-gont-icmp-payload-00.txt.A new socket option IP_MINTTL has been added.
This may be used to set the minimum acceptable
TTL a packet must have when received on a socket.
All packets with a lower TTL are silently dropped,
and this works on already connected/connecting and
listening sockets for RAW, UDP, and TCP. This option
is only really useful when set to 255 preventing packets
from outside the directly connected networks reaching
local listeners on sockets. Also, this option allows
userland implementation of The Generalized TTL
Security Mechanism (GTSM) found in RFC 3682.The stealth forwarding now supports IPv6 as well as IPv4.
This behavior can be controlled by using a new sysctl variable
net.inet6.ip6.stealth.Disks and StorageThe &man.ata.4; driver now supports a workaround
for some controllers whose DMA does not work properly
in 48bit mode. For the suspicious controllers
the PIO mode will be used for access to over 137GB areas.A new GEOM class GEOM_ZERO has been added.
It creates very huge provider (41PB) /dev/gzero
and mainly for performance testing.
On BIO_READ request it zero-fills
bio_data and on BIO_WRITE
it does nothing.The GEOM_LABEL class now supports
Ext2FS and ReiserFS.The &man.mpt.4; driver has been updated to support
various new features such as RAID volume and RAID member
state/settings reporting, periodic volume re-synchronization
status reporting, and sysctl variables for volume
re-synchronization rate, volume member write cache status,
and volume transaction queue depth.A new GEOM-based disk encryption facility, GEOM_ELI, has been
added. It uses the &man.crypto.9; framework for hardware acceleration
and supports different cryptographic algorithms. See &man.geli.8; for
more information. &merged;The &man.umass.4; driver now supports
PLAY_MSF,
PLAY_TRACK,
PLAY_TRACK_REL,
PAUSE,
PLAY_12 commands so that
the &man.cdcontrol.1; utility can handle USB CD drive.File SystemsA part of the FreeBSD NFS subsystem (the interface with
the protocol stack and callouts) is now MPSAFE.Contributed SoftwareUserland ChangesPadding of ai_addrlen
in struct addrinfo has been removed,
which was originally for the ABI compatibility.
For example, this change break the ABI compatibility of
&man.getaddrinfo.3; function on 64-bit architecture including
&os;/alpha, &os;/amd64, &os;/ia64, and &os;/sparc64.The &man.bsdiff.1; and &man.bspatch.1; utilities
have been added. These are tools for constructing and
applying binary patches.The &man.cmp.1; utility now supports an
flag to compare the symbolic link itself rather than the
file that the link points to.The &man.ifconfig.8; utility now supports
a flag to allow printing
potentially sensitive keying material to standard output.
This sensitive information will not be printed by default.The &man.libmemstat.3; library has been added.
This is for use by debugging and monitoring applications
in tracking kernel memory statistics. It provides an
abstracted interface to &man.uma.9; and &man.malloc.9;
statistics, wrapped around the binary stream sysctl variables
for the allocators. &merged;A new function &man.memmem.3; has been implemented in
libc. This is the binary equivalent to
&man.strstr.3; and found in glibc.The &man.moused.8; now supports an flag
to enable horizontal virtual scrolling similar to a
flag for vertical virtual scrolling.The &man.netstat.1; utility now supports an
flag for interface stats mode,
which prints all interface statistics in human readable form.A new functions, &man.pidfile.3;, which allow reliable
pidfiles handling have been implemented in
libutil.The &man.ping.8; utility now supports a sweeping
ping in which &man.icmp.4; payload of
packets being sent is increased with given step.
This is useful for testing problematic channels, MTU issues
or traffic policing functions in networks.The &man.pkill.1; utility now supports a
option which allows to
restrict matches to a process whose PID is stored in the
pidfile file. When another new option
is also specified, the pidfile file must be locked with the
&man.flock.2; syscall or created with &man.pidfile.3;.The &man.powerd.8; program now supports a
option which allows to specify pidfile.The shared library version number of all libraries have
been updated due to some possible ABI changes. The libraries
include: snmp_*, libdialog, libg2c, libobjc,
libreadline, libregex, libstdc++, libkrb5, libalias, libarchive,
libbegemot, libbluetooth, libbsnmp, libbz2, libc_r, libcrypt,
libdevstat, libedit, libexpat, libfetch, libftpio, libgpib,
libipsec, libkiconv, libmagic, libmp, libncp, libncurses,
libnetgraph, libngatm, libopie, libpam, libpthread, libradius,
libsdp, libsmb, libtacplus, libthr, libthread_db, libugidfw,
libusbhid, libutil, libvgl, libwrap, libypclnt, libm, libcrypto,
libssh, and libssl.The wcsdup() function has been
implemented. This function is popular in Microsoft and GNU
systems./etc/rc.d ScriptsThe gbde_swap script has
been removed in favor a new encswap
script which also supports &man.geli.8; for swap
encryption.The geli and geli2
scripts has been added for &man.geli.8; device
configuration on boot.The removable_interfaces variable
has been removed.A new variable ifconfig_ifn
has been added. This allows
/etc/rc.d/netif
to be used to start and stop an interface
on a purely manual basis.Contributed Softwarelibpcap has been updated
to v0.9.1 (release).sendmail has been updated from
version 8.13.3 to version 8.13.4.tcpdump has been updated
to v3.9.1 (release).Ports/Packages Collection InfrastructureThe &man.pkg.version.1; now supports an
flag to show the origin recorded on package generation
instead of the package name, and an flag
to list packages whose registered origin is origin only.The &man.portsnap.8; utility (sysutils/portsnap)
has been added into the &os; base system. This is a secure,
easy to use, fast, lightweight, and generally good way for
users to keep their ports trees up to date.Release Engineering and IntegrationThe default partition sizing algorithm of the
&man.sysinstall.8; utility has been changed.On systems where the disk capacity is larger than (3 * RAMsize + 10GB),
the default sizes will now be as follows:PartitionSizeswapRAMsize * 2/512 MB/tmp512 MB/var1024 MB + RAMsize/usrthe rest (8GB or more)On systems where the disk capacity is larger than
(RAMsize / 8 + 2 GB), the default sizes will be
in the following ranges, with space allocated
proportionally:PartitionSizeswapfrom RAMsize / 8 to RAMsize * 2/from 256MB to 512MB/tmpfrom 128MB to 512MB/varfrom 128MB to 1024MB/usrfrom 1536MB to 8192MBOn systems with even less disk space, the existing behavior is not
changed.DocumentationDocumentation of existing functionality has been improved by
the addition of the following manual pages:
&man.acpi.sony.4;, &man.snd.mss.4;, &man.snd.t4dwave.4;.Upgrading from previous releases of &os;Upgrading &os; should, of course, only be attempted after
backing up all data and configuration
files.