2473 lines
101 KiB
Plaintext
2473 lines
101 KiB
Plaintext
<!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook V4.1-Based Extension//EN" [
|
|
<!ENTITY % articles.ent PUBLIC "-//FreeBSD//ENTITIES DocBook FreeBSD Articles Entity Set//EN">
|
|
%articles.ent;
|
|
|
|
<!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN">
|
|
%release;
|
|
]>
|
|
|
|
<article>
|
|
<articleinfo>
|
|
<title>&os; &release.current; Release Notes</title>
|
|
|
|
<corpauthor>The &os; Project</corpauthor>
|
|
|
|
<pubdate>$FreeBSD$</pubdate>
|
|
|
|
<copyright>
|
|
<year>2000</year>
|
|
<year>2001</year>
|
|
<year>2002</year>
|
|
<year>2003</year>
|
|
<year>2004</year>
|
|
<year>2005</year>
|
|
<year>2006</year>
|
|
<year>2007</year>
|
|
<year>2008</year>
|
|
<year>2009</year>
|
|
<holder role="mailto:doc@FreeBSD.org">The &os; Documentation Project</holder>
|
|
</copyright>
|
|
|
|
<legalnotice id="trademarks" role="trademarks">
|
|
&tm-attrib.freebsd;
|
|
&tm-attrib.ibm;
|
|
&tm-attrib.ieee;
|
|
&tm-attrib.intel;
|
|
&tm-attrib.sparc;
|
|
&tm-attrib.general;
|
|
</legalnotice>
|
|
|
|
<abstract>
|
|
<para>The release notes for &os; &release.current; contain a summary
|
|
of the changes made to the &os; base system on the
|
|
&release.branch; development line.
|
|
This document lists applicable security advisories that were issued since
|
|
the last release, as well as significant changes to the &os;
|
|
kernel and userland.
|
|
Some brief remarks on upgrading are also presented.</para>
|
|
</abstract>
|
|
</articleinfo>
|
|
|
|
<sect1 id="intro">
|
|
<title>Introduction</title>
|
|
|
|
<para>This document contains the release notes for &os;
|
|
&release.current;. It
|
|
describes recently added, changed, or deleted features of &os;.
|
|
It also provides some notes on upgrading
|
|
from previous versions of &os;.</para>
|
|
|
|
<![ %release.type.current [
|
|
|
|
<para>The &release.type; distribution to which these release notes
|
|
apply represents the latest point along the &release.branch; development
|
|
branch since &release.branch; was created. Information regarding pre-built, binary
|
|
&release.type; distributions along this branch
|
|
can be found at <ulink url="&release.url;"></ulink>.</para>
|
|
|
|
]]>
|
|
|
|
<![ %release.type.snapshot [
|
|
|
|
<para>The &release.type; distribution to which these release notes
|
|
apply represents a point along the &release.branch; development
|
|
branch between &release.prev; and the future &release.next;.
|
|
Information regarding
|
|
pre-built, binary &release.type; distributions along this branch
|
|
can be found at <ulink url="&release.url;"></ulink>.</para>
|
|
|
|
]]>
|
|
|
|
<![ %release.type.release [
|
|
|
|
<para>This distribution of &os; &release.current; is a
|
|
&release.type; distribution. It can be found at <ulink
|
|
url="&release.url;"></ulink> or any of its mirrors. More
|
|
information on obtaining this (or other) &release.type;
|
|
distributions of &os; can be found in the <ulink
|
|
url="&url.books.handbook;/mirrors.html"><quote>Obtaining
|
|
&os;</quote> appendix</ulink> to the <ulink
|
|
url="&url.books.handbook;/">&os;
|
|
Handbook</ulink>.</para>
|
|
|
|
]]>
|
|
|
|
<para>All users are encouraged to consult the release errata before
|
|
installing &os;. The errata document is updated with
|
|
<quote>late-breaking</quote> information discovered late in the
|
|
release cycle or after the release. Typically, it contains
|
|
information on known bugs, security advisories, and corrections to
|
|
documentation. An up-to-date copy of the errata for &os;
|
|
&release.current; can be found on the &os; Web site.</para>
|
|
|
|
</sect1>
|
|
|
|
<sect1 id="new">
|
|
<title>What's New</title>
|
|
|
|
<para>This section describes the most user-visible new or changed
|
|
features in &os; since &release.prev;, and changes shown in
|
|
Release Notes for the previous releases are marked as
|
|
<literal>[7.1R]</literal> and <literal>[7.2R]</literal>.</para>
|
|
|
|
<para>Typical release note items document recent security
|
|
advisories issued after &release.prev;, new drivers or hardware
|
|
support, new commands or options, major bug fixes, or
|
|
contributed software upgrades. They may also list changes to
|
|
major ports/packages or release engineering practices. Clearly
|
|
the release notes cannot list every single change made to &os;
|
|
between releases; this document focuses primarily on security
|
|
advisories, user-visible changes, and major architectural
|
|
improvements.</para>
|
|
|
|
<sect2 id="security">
|
|
<title>Security Advisories</title>
|
|
|
|
<para>Problems described in the following security advisories have
|
|
been fixed. For more information, consult the individual
|
|
advisories available from
|
|
<ulink url="http://security.FreeBSD.org/"></ulink>.</para>
|
|
|
|
<informaltable frame="none" pgwide="0">
|
|
<tgroup cols="3">
|
|
<colspec colwidth="1*">
|
|
<colspec colwidth="1*">
|
|
<colspec colwidth="3*">
|
|
<thead>
|
|
<row>
|
|
<entry>Advisory</entry>
|
|
<entry>Date</entry>
|
|
<entry>Topic</entry>
|
|
</row>
|
|
</thead>
|
|
|
|
<tbody>
|
|
<row role="7.1">
|
|
<entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-08:05.openssh.asc"
|
|
>SA-08:05.openssh</ulink></entry>
|
|
<entry>17 April 2008</entry>
|
|
<entry><para>OpenSSH X11-forwarding privilege escalation</para></entry>
|
|
</row>
|
|
|
|
<row role="7.1">
|
|
<entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-08:06.bind.asc"
|
|
>SA-08:06.bind</ulink></entry>
|
|
<entry>13 July 2008</entry>
|
|
<entry><para>DNS cache poisoning</para></entry>
|
|
</row>
|
|
|
|
<row role="7.1">
|
|
<entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-08:07.amd64.asc"
|
|
>SA-08:07.amd64</ulink></entry>
|
|
<entry>3 September 2008</entry>
|
|
<entry><para>amd64 swapgs local privilege escalation</para></entry>
|
|
</row>
|
|
|
|
<row role="7.1">
|
|
<entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-08:08.nmount.asc"
|
|
>SA-08:08.nmount</ulink></entry>
|
|
<entry>3 September 2008</entry>
|
|
<entry><para>&man.nmount.2; local arbitrary code execution</para></entry>
|
|
</row>
|
|
|
|
<row role="7.1">
|
|
<entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-08:09.icmp6.asc"
|
|
>SA-08:09.icmp6</ulink></entry>
|
|
<entry>3 September 2008</entry>
|
|
<entry><para>Remote kernel panics on IPv6 connections</para></entry>
|
|
</row>
|
|
|
|
<row role="7.1">
|
|
<entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-08:10.nd6.asc"
|
|
>SA-08:10.nd6</ulink></entry>
|
|
<entry>1 October 2008</entry>
|
|
<entry><para>IPv6 Neighbor Discovery Protocol routing vulnerability</para></entry>
|
|
</row>
|
|
|
|
<row role="7.1">
|
|
<entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-08:11.arc4random.asc"
|
|
>SA-08:11.arc4random</ulink></entry>
|
|
<entry>24 November 2008</entry>
|
|
<entry><para>&man.arc4random.9; predictable sequence vulnerability</para></entry>
|
|
</row>
|
|
|
|
<row role="7.1">
|
|
<entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-08:12.ftpd.asc"
|
|
>SA-08:12.ftpd</ulink></entry>
|
|
<entry>23 December 2008</entry>
|
|
<entry><para>Cross-site request forgery in &man.ftpd.8;</para></entry>
|
|
</row>
|
|
|
|
<row role="7.1">
|
|
<entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-08:13.protosw.asc"
|
|
>SA-08:13.protosw</ulink></entry>
|
|
<entry>23 December 2008</entry>
|
|
<entry><para>netgraph / bluetooth privilege escalation</para></entry>
|
|
</row>
|
|
|
|
<row role="7.2">
|
|
<entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:01.lukemftpd.asc"
|
|
>SA-09:01.lukemftpd</ulink></entry>
|
|
<entry>07 January 2009</entry>
|
|
<entry><para>Cross-site request forgery in
|
|
&man.lukemftpd.8;</para></entry>
|
|
</row>
|
|
|
|
<row role="7.2">
|
|
<entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:02.openssl.asc"
|
|
>SA-09:02.openssl</ulink></entry>
|
|
<entry>07 January 2009</entry>
|
|
<entry><para>OpenSSL incorrectly checks for malformed
|
|
signatures</para></entry>
|
|
</row>
|
|
|
|
<row role="7.2">
|
|
<entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:03.ntpd.asc"
|
|
>SA-09:03.ntpd</ulink></entry>
|
|
<entry>13 January 2009</entry>
|
|
<entry><para>ntpd cryptographic signature
|
|
bypass</para></entry>
|
|
</row>
|
|
|
|
<row role="7.2">
|
|
<entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:04.bind.asc"
|
|
>SA-09:04.bind</ulink></entry>
|
|
<entry>13 January 2009</entry>
|
|
<entry><para>BIND DNSSEC incorrect checks for
|
|
malformed signatures</para></entry>
|
|
</row>
|
|
|
|
<row role="7.2">
|
|
<entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:05.telnetd.asc"
|
|
>SA-09:05.telnetd</ulink></entry>
|
|
<entry>16 February 2009</entry>
|
|
<entry><para>telnetd code execution
|
|
vulnerability</para></entry>
|
|
</row>
|
|
|
|
<row role="7.2">
|
|
<entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:06.ktimer.asc"
|
|
>SA-09:06.ktimer</ulink></entry>
|
|
<entry>23 March 2009</entry>
|
|
<entry><para>Local privilege escalation</para></entry>
|
|
</row>
|
|
|
|
<row role="7.2">
|
|
<entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:07.libc.asc"
|
|
>SA-09:07.libc</ulink></entry>
|
|
<entry>04 April 2009</entry>
|
|
<entry><para>Information leak in &man.db.3;</para></entry>
|
|
</row>
|
|
|
|
<row role="7.2">
|
|
<entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:08.openssl.asc"
|
|
>SA-09:08.openssl</ulink></entry>
|
|
<entry>22 April 2009</entry>
|
|
<entry><para>Remotely exploitable crash in
|
|
OpenSSL</para></entry>
|
|
</row>
|
|
|
|
<row role="8.0">
|
|
<entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:09.pipe.asc"
|
|
>SA-09:09.pipe</ulink></entry>
|
|
<entry>10 June 2009</entry>
|
|
<entry><para>Local information disclosure via direct pipe writes</para></entry>
|
|
</row>
|
|
|
|
<row role="8.0">
|
|
<entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:10.ipv6.asc"
|
|
>SA-09:10.ipv6</ulink></entry>
|
|
<entry>10 June 2009</entry>
|
|
<entry><para>Missing permission check on SIOCSIFINFO_IN6 ioctl</para></entry>
|
|
</row>
|
|
|
|
<row role="8.0">
|
|
<entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:11.ntpd.asc"
|
|
>SA-09:11.ntpd</ulink></entry>
|
|
<entry>10 June 2009</entry>
|
|
<entry><para>ntpd stack-based buffer-overflow vulnerability</para></entry>
|
|
</row>
|
|
|
|
<row role="8.0">
|
|
<entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:12.bind.asc"
|
|
>SA-09:12.bind</ulink></entry>
|
|
<entry>29 July 2009</entry>
|
|
<entry><para>BIND &man.named.8; dynamic update message remote DoS</para></entry>
|
|
</row>
|
|
<row role="8.0">
|
|
<entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:14.devfs.asc"
|
|
>SA-09:14.devfs</ulink></entry>
|
|
<entry>2 Oct 2009</entry>
|
|
<entry><para>Devfs / VFS NULL pointer race condition</para></entry>
|
|
</row>
|
|
</tbody>
|
|
</tgroup>
|
|
</informaltable>
|
|
</sect2>
|
|
|
|
<sect2 id="kernel">
|
|
<title>Kernel Changes</title>
|
|
|
|
<para role="8.0">The &os; <filename>GENERIC</filename> kernel now
|
|
includes Trusted BSD MAC (Mandatory Access Control) support.
|
|
No MAC policy module is loaded by default.</para>
|
|
|
|
<para role="8.0" arch="i386">A loader
|
|
tunable <varname>hw.clflush_disable</varname> has been added
|
|
to avoid panic (trap 9)
|
|
at <function>map_invalidate_cache_range()</function> even if
|
|
Intel CPU is used. This tunable can be set
|
|
to <literal>-1</literal> (default), <literal>0</literal> and
|
|
<literal>1</literal>. The <literal>-1</literal> is same as
|
|
the current behavior, which automatically
|
|
disables <literal>CLFLUSH</literal> on Intel CPUs without
|
|
<literal>CPUID_SS</literal> (this should occurr on Xen
|
|
only). You can specify <literal>1</literal> when this panic
|
|
happens on non-Intel CPUs (such as AMD's). Because disabling
|
|
<literal>CLFLUSH</literal> can reduce performance, you can try
|
|
with setting <literal>0</literal> on Intel CPUs
|
|
without <literal>SS</literal> to
|
|
use <literal>CLFLUSH</literal> feature.</para>
|
|
|
|
<para role="8.0">The &man.jail.8; subsystem has been updated. Changes include:</para>
|
|
|
|
<itemizedlist role="7.2">
|
|
<listitem>
|
|
<para role="8.0">A new virtualization container
|
|
named <quote>vimage</quote> has been implemented. This is
|
|
not enabled by default. To enable this, add the following
|
|
kernel options to your kernel configuration file and
|
|
rebuild the kernel:</para>
|
|
|
|
<programlisting>options VIMAGE</programlisting>
|
|
|
|
<para>Note that <literal>options SCTP</literal> in the
|
|
<filename>GENERIC</filename> kernel is not compatible with
|
|
<literal>options VIMAGE</literal>. This limitation will
|
|
be fixed in the next release.</para>
|
|
|
|
<para>The vimage is a jail with a virtualized instance of
|
|
the &os; network stack. It can be created by using
|
|
&man.jail.8; command like this:</para>
|
|
|
|
<screen>&prompt.root; jail -c vnet name=<replaceable>vnet1</replaceable> host.hostname=<replaceable>vnet1.example.net</replaceable> path=/ persist</screen>
|
|
|
|
<para>The vimage has own loopback interface and a separated
|
|
network stack including the L3 routing tables. Network
|
|
interfaces on the system can be moved by using
|
|
&man.ifconfig.8; <option>vnet</option> option between the
|
|
different vimage jails and outside of them.</para>
|
|
|
|
<para>Furthermore, the &man.epair.4; pseudo-interface driver
|
|
has been added to help communication between vimage jails.
|
|
It emulates a pair of back-to-back connected Ethernet
|
|
interfaces. For example, the following commands create an
|
|
interface pair of &man.epair.4;:</para>
|
|
|
|
<screen>&prompt.root; ifconfig epair0 create
|
|
epair0a
|
|
&prompt.root; ifconfig epair0a
|
|
epair0a: flags=8842<BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
|
|
ether 02:c0:64:00:07:0a
|
|
&prompt.root; ifconfig epair0b
|
|
epair0b: flags=8842<BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
|
|
ether 02:c0:64:00:08:0b</screen>
|
|
|
|
<para>The &man.epair.4; pseudo-interfaces and any physical
|
|
interfaces on the system can be moved between vimage jails
|
|
by using &man.ifconfig.8; <option>vnet</option> option as
|
|
described above. Even after half of an &man.epair.4; pair
|
|
is moved, the back-to-back connection still valid and can
|
|
be used for inter-jail communication.</para>
|
|
|
|
<para>Note that vimage is still considered as an
|
|
experimental feature.</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>A jail can now have arbitrary named parameters similar
|
|
to environmental variables and the fixed jail parameters
|
|
in the previous releases have been replaced with them.
|
|
The jail name can now be used for identifying the jail in
|
|
&man.jexec.8; and &man.killall.1;.</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>Multiple IPv4 and/or IPv6 addresses per jail are now
|
|
supported. It is even possible to have jails without
|
|
an IP address at all, which basically gives one a chrooted
|
|
environment with restricted process view and no
|
|
networking.</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>SCTP (&man.sctp.4;) with IPv6 in jails has been
|
|
implemented.</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>Specific CPU binding by using &man.cpuset.1; has been
|
|
implemented. Note that the current implementation allows
|
|
the superuser inside of the jail to change the CPU
|
|
bindings specified.</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>A &man.jail.8; can start with a specific route
|
|
FIB now.</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>The &man.ddb.8; kernel debugger now supports a
|
|
<literal>show jails</literal> subcommand.</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>Compatibility support which permits 32-bit jail
|
|
binaries to be used on 64-bit systems to manage jails has
|
|
been added.</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>Note that both version numbers of
|
|
<literal>jail</literal> and <literal>prison</literal> in
|
|
the &man.jail.8; have been updated for the new
|
|
features.</para>
|
|
</listitem>
|
|
</itemizedlist>
|
|
|
|
<para role="8.0">The &man.ksyms.4;, kernel symbol table
|
|
interface driver has been added. It creates a character
|
|
device <filename>/dev/ksyms</filename> and provides
|
|
read-only access to a snapshot of the kernel symbol
|
|
table.</para>
|
|
|
|
<para role="8.0" arch="amd64,i386">The &os; Linux emulation
|
|
layer has been updated to version 2.6.16 and the default Linux
|
|
infrastructure port is
|
|
<filename>emulators/linux_base-f10</filename> (Fedora
|
|
10).</para>
|
|
|
|
<para role="8.0" arch="arm">The &os;/&arch.arm; now
|
|
supports mini dump.</para>
|
|
|
|
<para role="8.0" arch="powerpc">The &os;/&arch.powerpc; now
|
|
supports kernel core dump.</para>
|
|
|
|
<para role="8.0" arch="amd64,i386">The &os; virtual memory
|
|
subsystem now supports fully transparent use of
|
|
<application>superpages</application> for application memory;
|
|
application memory pages are dynamically promoted to or
|
|
demoted from superpages without any modification to
|
|
application code. This change offers the benefit of large
|
|
page sizes such as improved virtual memory efficiency and
|
|
reduced TLB (translation lookaside buffer) misses without
|
|
downsides like application changes and virtual memory
|
|
inflexibility. This can be enabled by setting a loader tunable
|
|
<varname>vm.pmap.pg_ps_enabled</varname> to
|
|
<literal>1</literal> and is enabled by default on
|
|
&arch.amd64;.</para>
|
|
|
|
<para role="7.2">The &man.ddb.8; kernel debugger now supports a
|
|
<command>show mount</command> subcommand.</para>
|
|
|
|
<para role="7.2">The &os; DTrace subsystem now supports a probe for
|
|
process execution.</para>
|
|
|
|
<para role="7.2" arch="amd64">The &os; kernel virtual address
|
|
space has been increased to 6GB. This allows subsystems to use
|
|
larger virtual memory space than before. For example, the
|
|
&man.zfs.8; adaptive replacement cache (ARC) requires large
|
|
kernel memory space to cache file system data, so it benefits
|
|
from the increased address space. Note that the ceiling on
|
|
the kernel map size is now 60% of the size of physical memory
|
|
rather than an absolute quantity.</para>
|
|
|
|
<para role="7.2">The &man.kld.4; now supports installing 32-bit
|
|
system calls to the &os; syscall translation layer from kernel
|
|
modules.</para>
|
|
|
|
<para role="7.2">The &man.ktr.4; now supports a new KTR tracepoint in the
|
|
<literal>KTR_CALLOUT</literal> class to note when a callout
|
|
routine finishes executing.</para>
|
|
|
|
<para role="7.2">Types of variables used to track the amount of allocated
|
|
System V shared memory have been changed from
|
|
<literal>int</literal> to <literal>size_t</literal>. This
|
|
makes it possible to use more than 2 GB of memory for shared
|
|
memory segments on 64-bit architectures. Please note the new
|
|
BUGS section in &man.shmctl.2; and
|
|
<filename>/usr/src/UPDATING</filename> for limitations of this
|
|
temporary solution.</para>
|
|
|
|
<para role="7.2">The &man.sysctl.3; leaf nodes have a flag to tag
|
|
themselves as MPSAFE now.</para>
|
|
|
|
<para role="7.2">The &os; 32-bit system call translation layer now
|
|
supports installing 32-bit system calls for
|
|
<literal>VFS_AIO</literal>.</para>
|
|
|
|
<para role="7.1">The &man.clock.gettime.2; and the related system calls now
|
|
support a clock ID <literal>CLOCK_THREAD_CPUTIME_ID</literal>,
|
|
as defined in POSIX.</para>
|
|
|
|
<para role="7.1">The &man.cpuset.2; system call has been added. This is an
|
|
API for thread to CPU binding and CPU resource grouping and
|
|
assignment.</para>
|
|
|
|
<para role="7.1">The DTrace, a comprehensive dynamic tracing framework and
|
|
&man.dtrace.1; userland utility have been imported from
|
|
OpenSolaris. DTrace provides a powerful infrastructure to
|
|
permit administrators, developers, and service personnel to
|
|
concisely answer arbitrary questions about the behavior of the
|
|
operating system and user programs.</para>
|
|
|
|
<para role="7.1">The &man.ddb.4; kernel debugger now has an output capture
|
|
facility. Input and output from &man.ddb.4; can now be captured
|
|
to a memory buffer for later inspection using &man.sysctl.8; or
|
|
a textdump. The new <command>capture</command> command controls
|
|
this feature.</para>
|
|
|
|
<para role="7.1">The &man.ddb.4; debugger now supports a simple scripting
|
|
facility, which supports a set of named scripts consisting of a
|
|
set of &man.ddb.4; commands. These commands can be managed from
|
|
within &man.ddb.4; or with the use of the new &man.ddb.8;
|
|
utility. More details can be found in the &man.ddb.4; manual
|
|
page.</para>
|
|
|
|
<para role="7.1">The &man.ddb.4; <command>ex</command> command now supports
|
|
an <option>/S</option> mode which interprets and prints the
|
|
value at the requested address as a symbol. For example,
|
|
<userinput>ex /S <replaceable>aio_swake</replaceable></userinput>
|
|
prints the name of the function currently registered in
|
|
via <replaceable>aio_swake</replaceable> hook.</para>
|
|
|
|
<para role="7.1">The &man.ddb.4; <command>show conifhk</command> command has
|
|
been added. This lists hooks currently waiting for completion
|
|
in <function>run_interrupt_driven_config_hooks()</function>.</para>
|
|
|
|
<para role="7.1">The &man.fcntl.2; system call now supports
|
|
<literal>F_DUP2FD</literal> command. This is equivalent to
|
|
&man.dup.2;, and compatible with the Sun Solaris and the IBM
|
|
AIX.</para>
|
|
|
|
<para role="7.1">The &os;'s &man.linux.4; ABI support now implements
|
|
<function>sched_setaffinity()</function> and
|
|
<function>sched_getaffinity()</function> using real CPU affinity
|
|
setting primitives.</para>
|
|
|
|
<para role="7.1">The &man.procstat.1; utility has been added. This is a
|
|
process inspection utility which provides some of the missing
|
|
functionality from &man.procfs.5; and new functionality for monitoring
|
|
and debugging specific processes.</para>
|
|
|
|
<para role="7.1">The client side functionality of &man.rpc.lockd.8; has been
|
|
implemented in the &os; kernel. This implementation provides the
|
|
correct semantics for &man.flock.2; style locks which are used
|
|
by the &man.lockf.1; command line tool and the &man.pidfile.3;
|
|
library. It also implements recovery from server restarts and
|
|
ensures that dirty cache blocks are written to the server before
|
|
obtaining locks (allowing multiple clients to use file locking
|
|
to safely share data). Also, a new kernel option
|
|
<literal>options NFSLOCKD</literal> has been added and enabled
|
|
by default. If the kernel support is enabled, &man.rpc.lockd.8;
|
|
automatically detects and uses the functionality.</para>
|
|
|
|
<para role="7.1">The &os; kernel now supports a new textdump format of kernel
|
|
dumps. A textdump provides higher-level information via
|
|
mechanically generated/extracted debugging output, rather than a
|
|
simple memory dump. This facility can be used to generate brief
|
|
kernel bug reports that are rich in debugging information, but
|
|
are not dependent on kernel symbol tables or precisely
|
|
synchronized source code. More information can be found in the
|
|
&man.textdump.4; manual page.</para>
|
|
|
|
<para role="7.1">The &man.wait4.2; system call now supports
|
|
<option>WNOWAIT</option> flag to keep the process whose status
|
|
is returned in a waitable state and <option>WSTOPPED</option>
|
|
which is equivalent to <option>WUNTRACED</option>.</para>
|
|
|
|
<para role="7.1" arch="amd64,i386,sparc64">The &os; kernel now has
|
|
initial support of binding interrupts to CPUs.</para>
|
|
|
|
<para role="7.1" arch="amd64,i386"> The &man.sched.ule.4; scheduler is now the default
|
|
process scheduler in <filename>GENERIC</filename>
|
|
kernels.</para>
|
|
|
|
<para role="7.1">The sysctl
|
|
variables <varname>kern.features.compat_freebsd[456]</varname>
|
|
have been added. These are corresponding to the kernel options
|
|
<literal>COMPAT_FREEBSD[456]</literal>.</para>
|
|
|
|
<sect3 id="boot">
|
|
<title>Boot Loader Changes</title>
|
|
|
|
<para role="8.0">The <application>boot0</application> boot
|
|
loader now preserves volume ID at offset
|
|
0x1b8 used in other operating systems </para>
|
|
|
|
<para role="8.0">The &man.boot0cfg.8; utility now supports a
|
|
new <option>-i</option> option to set the volume ID.</para>
|
|
|
|
<para role="8.0" arch="arm,powerpc">The &man.loader.8; now
|
|
supports U-Boot support library.</para>
|
|
|
|
<para role="7.2">The &man.boot.8; now supports 4-byte volume ID that
|
|
certain versions of &windows; put into the MBR and invoking
|
|
PXE by pressing the F6 key on some supported BIOSes.</para>
|
|
|
|
<para role="7.2" arch="i386">The &man.boot.8; BTX loader has been
|
|
improved. This fixes several boot issues on recent machines
|
|
reported for 7.1-RELEASE and before.</para>
|
|
|
|
<para role="7.2">The &man.loader.8; is now able to obtain DHCP options
|
|
from network boot via &man.kenv.2; variables.</para>
|
|
|
|
<para role="7.2">A bug in the &man.loader.8; has been fixed. Now the
|
|
following line works as expected:</para>
|
|
|
|
<programlisting>loader_conf_files="<replaceable>foo</replaceable> <replaceable>bar</replaceable> ${<replaceable>variable</replaceable>}"</programlisting>
|
|
|
|
<para role="7.1" arch="amd64,i386">The BTX kernel used by the boot
|
|
loader has been changed to invoke BIOS routines from real
|
|
mode. This change makes it possible to boot &os; from USB
|
|
devices.</para>
|
|
|
|
<para role="7.1" arch="amd64,i386">A new gptboot boot loader has
|
|
been added to support booting from a GPT labeled disk. A
|
|
new <command>boot</command> command has been added to
|
|
&man.gpt.8;, which makes a GPT disk bootable by writing the
|
|
required bits of the boot loader, creating a new boot
|
|
partition if required.</para>
|
|
</sect3>
|
|
|
|
<sect3 id="proc">
|
|
<title>Hardware Support</title>
|
|
|
|
<para role="8.0">The &os; now includes experimental support
|
|
for &arch.mips; platform.</para>
|
|
|
|
<para role="8.0">Support for RTC on Dallas Semiconductor chips
|
|
has been improved. The DS133x and DS1553 are now
|
|
supported.</para>
|
|
|
|
<para role="8.0" arch="arm">The &os;/&arch.arm; now supports
|
|
Feroceon and Sheeva embedded CPU, Marvell Orion (88F5281),
|
|
Kirkwood (88F6281), Discovery Innovation (MV-78100)
|
|
systems-on-chip CPU.</para>
|
|
|
|
<para role="8.0" arch="powerpc">The &os;/&arch.powerpc; now
|
|
supports SMP machines</para>
|
|
|
|
<para role="8.0" arch="powerpc">The &os;/&arch.powerpc; now
|
|
supports E500 (Book-E) embedded CPU and Freescale
|
|
PowerQUICCIII MPC85xx system-on-chip (including single and
|
|
dual-core).</para>
|
|
|
|
<para role="8.0">The &man.acpi.4; subsystem now supports the System
|
|
Resource Affinity Table (SRAT) used to describe affinity
|
|
relationships between CPUs and memory, ACPI 3.0 fields in
|
|
the MADT including X2APIC entries and UIDs for local SAPICs, and
|
|
ACPI 3.0 flags in the FADT.</para>
|
|
|
|
<para role="8.0" arch="powerpc">The &man.cpufreq.4; framework now
|
|
supports PowerPC G5, along with a skeleton SMU driver in order to slew
|
|
CPU voltage during frequency changes.</para>
|
|
|
|
<para role="8.0">The sec(4) driver has been added to provide
|
|
support for the integrated security engine found in
|
|
Freescale system-on-chip devices.</para>
|
|
|
|
<para role="8.0">The &os; TTY layer has been replaced with a
|
|
new one which has better support for SMP and robust resource
|
|
handling. A tty now has own mutex and it is expected to
|
|
improve scalability when compared to the old implementation
|
|
based on the Giant lock.</para>
|
|
|
|
<para role="8.0" arch="amd64,i386">The &man.uart.4; driver is now the
|
|
default driver for serial port devices in favor of the
|
|
&man.sio.4; driver. Note that the device nodes have been
|
|
renamed from
|
|
<filename>/dev/cuad<replaceable>N</replaceable></filename> and
|
|
<filename>/dev/ttyd<replaceable>N</replaceable></filename> to
|
|
<filename>/dev/cuau<replaceable>N</replaceable></filename> and
|
|
<filename>/dev/ttyu<replaceable>N</replaceable></filename>.</para>
|
|
|
|
<important>
|
|
<para>Users who are upgrading will need to change their
|
|
kernel configurations and possibly also
|
|
<filename>/boot/loader.conf</filename> and
|
|
<filename>/boot/device.hints</filename>.</para>
|
|
</important>
|
|
|
|
<para role="8.0">The &os; USB subsystem has been reimplemented
|
|
to support modern devices and better SMP scalability. The
|
|
new implementation includes Giant-lock-free device drivers,
|
|
a Linux compatibility layer, &man.usbconfig.8; utility, full
|
|
support for split transaction and isochronous transaction,
|
|
and more. Device node names for USB devices are now in a
|
|
the form
|
|
of <filename>/dev/usb/<replaceable>bus</replaceable>.<replaceable>dev</replaceable>.<replaceable>endpoint</replaceable></filename>,
|
|
and <filename>/dev/usbctl</filename> is the master device
|
|
node. Note that the &man.ugen.4; driver has nodes for each device as <filename>/dev/ugen<replaceable>bus</replaceable>.<replaceable>dev</replaceable></filename> for backward compatibility.</para>
|
|
|
|
<para role="7.2" arch="sparc64">&os; now supports Ultra SPARC III
|
|
(Cheetah) processor family.</para>
|
|
|
|
<para role="7.2">The &man.acpi.4; subsystem now supports a &man.sysctl.8;
|
|
variable <varname>debug.batt.batt_sleep_ms</varname>. On
|
|
some laptops with smart batteries, enabling battery
|
|
monitoring software causes keystrokes from &man.atkbd.4; to
|
|
be lost. This sysctl variable adds a delay in millisecond
|
|
to the status checking code as a workaround.</para>
|
|
|
|
<para role="7.2">The &man.acpi.asus.4; driver now supports Asus A8Sr
|
|
notebooks.</para>
|
|
|
|
<para role="7.2" arch="powerpc">Support for the AltiVec, a floating point
|
|
and integer SIMD instruction set has been added.</para>
|
|
|
|
<para role="7.2">The &man.cpuctl.4; driver, which provides a special
|
|
device <filename>/dev/cpuctl</filename> as an interface to
|
|
the system CPU has been added. The &man.cpuctl.4;
|
|
functionality includes the ability to retrieve CPUID
|
|
information, read/write machine specific registers (MSR),
|
|
and perform CPU firmware updates.</para>
|
|
|
|
<para role="7.2">The &man.cpufreq.4; driver now supports an
|
|
<varname>hw.est.msr_info</varname> loader tunable. When
|
|
this is set to <literal>1</literal>, it attempts to build a
|
|
simple list containing just the high and low frequencies if
|
|
it cannot obtain a frequency list from either ACPI or the
|
|
static tables. This is disabled by default.</para>
|
|
|
|
<para role="7.2" arch="amd64,i386">CPU frequency change notifiers are now
|
|
disabled when the TSC is P-state invariant. Also, a new
|
|
loader tunable
|
|
<varname>kern.timecounter.invariant_tsc</varname> has been
|
|
added to force this behavior by setting it to
|
|
non-zero.</para>
|
|
|
|
<para role="7.2">The &man.atkbd.4; driver now disables the interrupt
|
|
handler which is called from the keyboard callback function
|
|
when polled mode is enabled. This fixes the problem of
|
|
duplicated/missing characters at the mountroot prompt on
|
|
multi CPU systems while &man.kbdmux.4; is enabled.</para>
|
|
|
|
<para role="7.2">In the &man.pci.4; subsystem INTx is now disabled when
|
|
MSI/MSIX is enabled. This change fixes interrupt storm
|
|
related issues.</para>
|
|
|
|
<para role="7.2" arch="sparc64">The schizo(4) driver for Schizo
|
|
Fireplane/Safari to PCI 2.1 and Tomatillo JBus to PCI 2.2
|
|
bridges has been added.</para>
|
|
|
|
<para role="7.2">The &man.u3g.4; driver for USB based 3G cards and
|
|
dongles including Vodafone Mobile Connect Card 3G, Qualcomm
|
|
CDMA MSM, Huawei E220, Novatel U740, Sierra MC875U, and more
|
|
has been added. This provides support for the multiple
|
|
USB-to-serial interfaces exposed by many 3G USB/PC Card
|
|
modems, and the device is accessed through the &man.ucom.4;
|
|
driver which makes it behave like a &man.tty.4;.</para>
|
|
|
|
<para role="7.2">The &man.sched.ule.4; scheduler now supports
|
|
the loader tunable
|
|
<varname>machdep.hyperthreading_enabled</varname> just like
|
|
&man.sched.4bsd.4;. Note that it cannot be modified at
|
|
run-time.</para>
|
|
|
|
<para role="7.1">The &man.cmx.4; driver, a driver for Omnikey CardMan 4040
|
|
PCMCIA smartcard readers, has been added.</para>
|
|
|
|
<para role="7.1" arch="sparc64">The &man.kbdmux.4; driver now
|
|
supports &arch.sparc64;. The &man.sunkbd.4; driver now
|
|
supports &man.atkbd.4; emulation like &man.ukbd.4;.</para>
|
|
|
|
<para role="7.1">The <filename>nvram(4)</filename> driver is now
|
|
MPSAFE.</para>
|
|
|
|
<para role="7.1">An option of the &man.puc.4;
|
|
driver, <literal>PUC_FASTINTR</literal>, is no longer
|
|
supported.</para>
|
|
|
|
<para role="7.1">The &man.psm.4; driver now attempts detection of Synaptics
|
|
touchpad before IntelliMouse. Some touchpads will pretend to
|
|
be IntelliMouse causing the IntelliMouse probe to work and the
|
|
Synaptics detection never to be done.</para>
|
|
|
|
<para role="7.1">The &man.uslcom.4; driver, a driver for Silicon
|
|
Laboratories CP2101/CP2102-based USB serial adapters, has been
|
|
imported from OpenBSD.</para>
|
|
|
|
<sect4 id="mm">
|
|
<title>Multimedia Support</title>
|
|
|
|
<para role="8.0">The &os; audio subsystem has been improved.
|
|
The changes include volume per channel, high quality
|
|
fixed-point band-limited SINC sampling rate converter,
|
|
bit-perfect mode, transparent/adaptive virtual channel,
|
|
and exclusive stream. For more details, see the
|
|
&man.snd.4; manual page.</para>
|
|
|
|
<para role="7.2">The &man.agp.4; driver now supports Intel G4X series
|
|
graphics chipsets.</para>
|
|
|
|
<para role="7.2">The Direct Rendering Manager
|
|
(<application>DRM</application>), a kernel module that
|
|
gives direct hardware access to DRI clients, has been
|
|
updated. Support for AMD/ATI r500, r600, r700, and IGP
|
|
based chips, XGI V3XE/V5/V8, and Intel i915 chipsets has
|
|
been improved.</para>
|
|
|
|
<para role="7.2">A new loader tunable <varname>hw.drm.msi</varname> has
|
|
been added to control if DRM uses MSI or not. This is set
|
|
to <literal>1</literal> (enabled) by default.</para>
|
|
|
|
<para role="7.2">The snd_au88x0(4) driver for Aureal Vortex
|
|
1/2/Advantage PCI has been removed because it has been
|
|
broken for a long time.</para>
|
|
|
|
<para role="7.2">The &man.snd.hda.4; driver has been updated. These
|
|
changes include support for multiple codecs per HDA bus,
|
|
multiple functional groups per codec, multiple audio
|
|
devices per functional group, digital (SPDIF/HDMI) audio
|
|
input/output, suspend/resume, and part of multichannel
|
|
audio.</para>
|
|
|
|
<para role="7.2">Note that due to added HDMI audio and
|
|
logical audio devices support, the updated driver often
|
|
provides several PCM devices. This means that in some
|
|
cases the system default audio device no longer
|
|
corresponds to the users's habitual audio connectors. In
|
|
such cases the default device can be specified in audio
|
|
applications' setup or defined globally via
|
|
<varname>hw.snd.default_unit</varname> sysctl variable, as
|
|
described in the &man.sound.4; manual page.</para>
|
|
|
|
<para role="7.1">The &man.agp.4; driver now supports the
|
|
Intel G33 and G45.</para>
|
|
|
|
<para role="7.1" arch="i386">The <filename>dpms(4)</filename> driver has
|
|
been added to use the VESA BIOS for DPMS during suspend and
|
|
resume.</para>
|
|
|
|
<para role="7.1">The <application>DRM</application> kernel driver now
|
|
supports i915 GME devices.</para>
|
|
</sect4>
|
|
|
|
<sect4 id="net-if">
|
|
<title>Network Interface Support</title>
|
|
|
|
<para role="8.0">The &man.bwi.4; driver has been added to
|
|
provide support for Broadcom BCM43xx IEEE 802.11b/g wireless
|
|
network interfaces.</para>
|
|
|
|
<para role="8.0" arch="sparc64">The &man.cas.4; driver has
|
|
been added to provide support for Sun Cassini/Cassini+ and
|
|
National Semiconductor DP83065 Saturn Gigabit Ethernet
|
|
devices.</para>
|
|
|
|
<para role="8.0">The &man.cxgbtool.8; now supports an
|
|
interactive mode for scripting of repeatedly performed
|
|
tasks.</para>
|
|
|
|
<para role="8.0">The &man.fxp.4; driver has been improved. Changes include:</para>
|
|
|
|
<itemizedlist>
|
|
<listitem>
|
|
<para role="8.0">The multicast filter re-programming
|
|
is now more robust.</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para role="7.2">The checksum offload feature can be controlled by
|
|
&man.ifconfig.8; now.</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para role="7.2">Rx checksum offload support for 82559 or later
|
|
controllers has been added.</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para role="7.2">TSO (TCP Segmentation Offload) support for 82550
|
|
and 82551 controllers has been added.</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para role="7.2">WoL (Wake on LAN) support for 82550, 82551, 82558,
|
|
and 82559-based controllers has been added. Note that
|
|
ICH based controllers are treated as 82559, and 82557,
|
|
earlier revisions of 82558, and 82559ER have no WoL
|
|
capability.</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para role="7.2">VLAN hardware tag insertion/stripping support and
|
|
Tx/Rx checksum offload for VLAN frames support has
|
|
been added. Note that the VLAN hardware assistance is
|
|
available only on 82550 or 82551-based
|
|
controllers.</para>
|
|
</listitem>
|
|
</itemizedlist>
|
|
|
|
<para role="8.0" arch="arm,powerpc">The mge(4) driver has
|
|
been added to provide support for Marvell Gigabit Ethernet
|
|
controllers found on ARM-based SOCs (Orion, Kirkwood,
|
|
Discovery), as well as on system controllers for PowerPC
|
|
processors (MV64430, MV6446x).</para>
|
|
|
|
<para role="8.0">The &man.miibus.4; driver now supports
|
|
the Marvell 88E3016.</para>
|
|
|
|
<para role="8.0">The &man.msk.4; driver now supports Yukon
|
|
FE+ A0 including 88E8040, 88E8040T, 88E8048 and
|
|
88E8070.</para>
|
|
|
|
<para role="8.0">The &man.mwl.4; driver has been added to
|
|
provide support for Marvell 88W8363 IEEE 802.11n wireless
|
|
network devices.</para>
|
|
|
|
<para role="8.0">The &man.mxge.4; driver now supports some newer
|
|
revisions and 10GBASE-LRM and 10GBASE-Twinax media
|
|
types. The firmware version has been updated to 1.4.43.</para>
|
|
|
|
<para role="8.0">The &man.nge.4; driver has been improved and
|
|
now works on all platforms.</para>
|
|
|
|
<para role="8.0">The tsec(4) driver has been added to
|
|
provide support for Freescale integrated Three-Speed
|
|
Ethernet Controller (TSEC). This driver also works with
|
|
the enhanced version of the controller (eTSEC).</para>
|
|
|
|
<para role="8.0">The &man.uath.4; driver for USB wireless LAN
|
|
adapter based on Atheros AR5005UG and AR5005UX chipsets
|
|
has been added. The &man.uathload.8; utility, a firmware
|
|
loader for the Atheros USB wireless driver has also been
|
|
added.</para>
|
|
|
|
<para role="8.0">The &man.urtw.4; driver has been added to
|
|
provide support for Realtek RTL8187B/L USB IEEE 802.11b/g
|
|
wireless network devices.</para>
|
|
|
|
<para role="8.0">The &man.xl.4; driver now supports TX
|
|
checksum offload.</para>
|
|
|
|
<para role="7.2">The &man.ae.4; driver now supports WoL
|
|
(Wake on LAN).</para>
|
|
|
|
<para role="7.2" arch="amd64,i386">The &man.ale.4; driver is now
|
|
included in the <filename>GENERIC</filename>
|
|
kernel.</para>
|
|
|
|
<para role="7.2">The &man.ath.hal.4;, Atheros Hardware Access Layer,
|
|
has been updated to the open source version.</para>
|
|
|
|
<para role="7.2">The &man.axe.4; driver has been improved in
|
|
performance by eliminating extra context switches and now
|
|
supports the Apple USB Ethernet adapter.</para>
|
|
|
|
<para role="7.2">The &man.bce.4; driver's firmware has been updated to
|
|
the latest version (4.6.X).</para>
|
|
|
|
<para role="7.2">The ciphy(4) driver now supports Vitesse VSC8211
|
|
PHY.</para>
|
|
|
|
<para role="7.2">The &man.cxgb.4; driver has been updated to firmware
|
|
revision 4.7 and now supports hardware MAC
|
|
statistics.</para>
|
|
|
|
<para role="7.2">A bug in the &man.igb.4; driver, which prevented the
|
|
loader tunable <varname>hw.igb.ave_latency</varname> from
|
|
working, has been fixed.</para>
|
|
|
|
<para role="7.2">The &man.ixgbe.4; driver has been updated to
|
|
version 1.7.4.</para>
|
|
|
|
<para role="7.2">The &man.jme.4; driver now supports newer JMicron
|
|
JMC250/JMC260 revisions.</para>
|
|
|
|
<para role="7.2">The &man.msk.4; driver has been improved. An issue
|
|
which made it hang up in a certain condition has been
|
|
fixed. Hardware MAC statistics support has been added
|
|
and users can get the information via sysctl variables
|
|
named
|
|
<varname>dev.msk.<replaceable>N</replaceable>.stats</varname>.</para>
|
|
|
|
<para role="7.2">The &man.nfe.4; driver now supports hardware MAC
|
|
statistics.</para>
|
|
|
|
<para role="7.2">The &man.re.4; driver has been improved. It now
|
|
detects the link status. A new loader tunable
|
|
<varname>hw.re.prefer_iomap</varname> has been added, to
|
|
disable memory register mapping. This tunable is
|
|
<literal>0</literal> for all controllers except RTL8169SC
|
|
family.</para>
|
|
|
|
<para role="7.2">The &man.rl.4; driver has been improved. It now
|
|
detects the link status and a bug which prevented it from
|
|
working on systems with more than 4GB memory has been
|
|
fixed.</para>
|
|
|
|
<para role="7.2">A bug in &man.sis.4; on VLAN tagged frame handling has
|
|
been fixed.</para>
|
|
|
|
<para role="7.2">The &man.txp.4; driver now works on all supported
|
|
architectures. Support has been added for &man.altq.4;,
|
|
WoL, checksum offload when VLAN enabled, and link state
|
|
change handling has been improved, and new sysctl
|
|
variables
|
|
<varname>dev.txp.<replaceable>N</replaceable>.stats</varname>
|
|
for MAC statistics have been added. New sysctl variables
|
|
<varname>dev.txp.<replaceable>N</replaceable>.process_limit</varname>
|
|
has been added, to control how many received frames should
|
|
be served in Rx handler (set to 64 by default and valid
|
|
ranges are 16 to 128 in unit of frames). The firmware has
|
|
been updated to the latest version.</para>
|
|
|
|
<para role="7.1">The &man.ae.4; driver has been added to provide
|
|
support for the Attansic/Atheros L2 FastEthernet
|
|
controllers.</para>
|
|
|
|
<para role="7.1">The &man.jme.4; driver has been added to
|
|
provide support for PCIe adapters based on JMicron JMC250
|
|
gigabit Ethernet and JMC260 fast Ethernet controllers.</para>
|
|
|
|
<para role="7.1">The &man.age.4; driver has been added to
|
|
provide support for Attansic/Atheros L1 gigabit Ethernet
|
|
controller.</para>
|
|
|
|
<para role="7.1">The &man.malo.4; driver has been added to
|
|
provide support for Marvell Libertas 88W8335 based PCI network
|
|
adapters.</para>
|
|
|
|
<para role="7.1">The bm(4) driver has been added to
|
|
provide support for Apple Big Mac (BMAC) Ethernet controller,
|
|
found on various Apple G3 models.</para>
|
|
|
|
<para role="7.1">The et(4) driver has been added to
|
|
provide support for Agere ET1310 10/100/Gigabit Ethernet
|
|
controller.</para>
|
|
|
|
<para role="7.1">The &man.glxsb.4; driver has been added
|
|
to provide support for the Security Block in AMD Geode LX
|
|
processors.</para>
|
|
|
|
<para role="7.1">The &man.ale.4; driver has been added to provide support
|
|
for Atheros AR8121/AR8113/AR8114 Gigabit/Fast Ethernet controllers.
|
|
This driver is not enabled in <filename>GENERIC</filename>
|
|
kernels for this release.</para>
|
|
|
|
<para role="7.1">The &man.em.4; driver has been split into two drivers
|
|
with some common parts. The &man.em.4; driver will continue
|
|
to support adapters up to the 82575, as well as new
|
|
client/desktop adapters. A new &man.igb.4; driver
|
|
will support new server adapters.</para>
|
|
|
|
<para role="7.1">The &man.hme.4; driver has been improved.</para>
|
|
|
|
<para role="7.1">A bug in some of the &man.miibus.4; supported drivers that
|
|
IEEE 802.3 auto-negotiation was performed in a wrong order,
|
|
has been fixed. Now it chooses the correct technologies
|
|
supported by IEEE 802.3 in the order described in Annex
|
|
28B.3.</para>
|
|
|
|
<para role="7.1">A workaround has been added for a bug in TCP/UDP
|
|
hardware checksum offload of the &man.msk.4; driver for
|
|
short frames. Note that for frames that requires hardware
|
|
VLAN tag insertion, the checksum offload workaround does not
|
|
work due to changes of checksum offset in mbuf after the
|
|
VLAN tag. So disabling hardware checksum offload for the
|
|
VLAN interface is needed in such cases.</para>
|
|
|
|
<para role="7.1">The &man.ndis.4; NDIS miniport driver wrapper has been
|
|
improved.</para>
|
|
|
|
<para role="7.1">The &man.sf.4; driver has been improved and now supports
|
|
checksum offloading.</para>
|
|
|
|
<para role="7.1">The &man.stge.4; driver now supports WOL (Wake on
|
|
LAN).</para>
|
|
|
|
<para role="7.1">The &man.vr.4; driver has been improved.</para>
|
|
|
|
<para role="7.1" arch="amd64,i386"> The &man.wpi.4; driver has
|
|
been updated to include a number of stability fixes.</para>
|
|
</sect4>
|
|
</sect3>
|
|
|
|
<sect3 id="net-proto">
|
|
<title>Network Protocols</title>
|
|
|
|
<para role="8.0">The &os; netisr framework has been
|
|
reimplemented for parallel threading support. This is a
|
|
kernel network dispatch interface which allows device
|
|
drivers (and other packet sources) to direct packets to
|
|
protocols for directly dispatched or deferred processing.
|
|
The new implementation supports up to one netisr thread per
|
|
CPU, and several benchmarks on SMP machines show substantial
|
|
performance improvement over the previous version.</para>
|
|
|
|
<para role="8.0">A bug in the &man.gif.4; that EtherIP packets
|
|
sent by combination of &man.if.bridge.4; and &man.gif.4;
|
|
have a reversed version field has been fixed. If you need
|
|
to communicate with older &os; releases via EtherIP, use new
|
|
flags <literal>accept_rev_ethip_ver</literal>
|
|
and <literal>send_rev_ethip_ver</literal> to control
|
|
handling the reversed version field. These can be set by
|
|
&man.ifconfig.8 utility to &man.gif.4; interfaces. The
|
|
EtherIP implementation found on &os; 6.1, 6.2, 6.3, 7.0,
|
|
7.1, and 7.2 had an interoperability issue because it sent
|
|
the incorrect EtherIP packets and discarded the correct
|
|
ones. For more details, see &man.gif.4; manual page.</para>
|
|
|
|
<para role="8.0">The IGMPv3 and SSM (Source-Specific Multicast)
|
|
including IPv6 SSM and MLDv2 have been added. Although the
|
|
old KAME MLDv2 hooks have been replaced with the new
|
|
implementation, the related kernel programming interfaces have been
|
|
preserved.</para>
|
|
|
|
<para role="8.0">The multicast routing code has been improved
|
|
and the IPv4 and IPv6 support has been split.</para>
|
|
|
|
<para role="8.0">The &os; now supports the upcoming Wireless
|
|
Mesh standard, IEEE 802.11s. The current implementation is
|
|
based on the March 2009 D3.0 draft version.</para>
|
|
|
|
<para role="8.0">The wireless network support layer (net80211)
|
|
now uses pseudo-interfaces named as
|
|
<literal>wlan<replaceable>N</replaceable></literal> instead
|
|
of a device driver name like <literal>em0</literal>
|
|
directly. The
|
|
<literal>wlan<replaceable>N</replaceable></literal>
|
|
interface is created by &man.ifconfig.8; as an instance of
|
|
the parent interface and used for actual communication
|
|
similar to &man.vlan.4, IEEE 802.1Q VLAN network interface.
|
|
Note that multiple instances (to realize multiple BSSes with
|
|
a single AP device, for example) can be created if the
|
|
parent interface supports it. For more details, see
|
|
&man.ifconfig.8; manual page.</para>
|
|
|
|
<para role="8.0">The net80211 layer now supports TDMA for long
|
|
distance point-to-point links using &man.ath.4;
|
|
devices.</para>
|
|
|
|
<para role="8.0">An infrastructure for caching flows as a means
|
|
of accelerating L2 and L3 lookups has been added. This is
|
|
called <quote>flow table</quote> and enabled by default on
|
|
&arch.amd64 and &arch.i386; platforms. This also provides
|
|
stateful load balancing when used
|
|
with <literal>RADIX_MPATH</literal>
|
|
|
|
<para role="8.0">The &os; L2 address translation table has been
|
|
reimplemented to reduce lock contention on parallel
|
|
processing and simplify the routing logic. The new
|
|
implementation has L2 address translation tables for both
|
|
ARP (for IPv4) and NDP (for IPv6) which are separated from
|
|
the L3 routing tables, and supports flow table caches for both
|
|
the routing table and the L2 information. One of the
|
|
user-visible changes is that a concept of cloned route (a
|
|
route generated by an entry
|
|
with <literal>RTF_CLONING</literal> flag) is deprecated.
|
|
This means routing flags <literal>RTF_CLONING</literal>,
|
|
<literal>RTF_WASCLONE</literal>,
|
|
and <literal>RTF_LLINFO</literal> are obsolete.</para>
|
|
|
|
<para role="8.0">The &man.ipsec.4; subsystem now supports
|
|
NAT-Traversal (RFC 3948). This is disabled by default. To
|
|
enable this add the following kernel option and rebuild the
|
|
kernel:</para>
|
|
|
|
<programlisting>device crypto
|
|
options IPSEC
|
|
options IPSEC_NAT_T</programlisting>
|
|
|
|
<para role="7.2">IPv4 source address selection for unbound sockets has
|
|
been implemented as follows:</para>
|
|
|
|
<orderedlist>
|
|
<listitem>
|
|
<para>If we found a route, use the address corresponding
|
|
to the outgoing interface.</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para role="7.2">Otherwise we assume the foreign address is reachable
|
|
on a directly connected network and try to find a
|
|
corresponding interface to take the source address
|
|
from.</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para role="7.2">As a last resort use the default jail address.</para>
|
|
</listitem>
|
|
</orderedlist>
|
|
|
|
<para role="7.2">This also changes the semantics of selecting the IP for
|
|
processes within a &man.jail.8; as it now uses the same
|
|
logic as outside the &man.jail.8;.</para>
|
|
|
|
<para role="7.2">The TCP MD5 Signature Option (RFC 2385) for IPv6 has
|
|
been implemented in the same way it has been implemented for
|
|
IPv4.</para>
|
|
|
|
<para role="7.2">The &man.ng.netflow.4; Netgraph node now includes
|
|
support for generating egress netflow instead or in addition
|
|
to ingress. An <literal>NGM_NETFLOW_SETCONFIG</literal>
|
|
control message has been added to control the new
|
|
functionality.</para>
|
|
|
|
<para role="7.2">The &man.tap.4; Ethernet tunnel software network
|
|
interface now supports a new <literal>TAPGIFNAME</literal>
|
|
character device ioctl. This is a convenient shortcut to
|
|
obtain the network interface name using a file descriptor to
|
|
a character device.</para>
|
|
|
|
<para role="7.2">The &man.tap.4; now supports
|
|
<literal>SIOCSIFMTU</literal> ioctl to set a higher MTU than
|
|
1500 (ETHERMTU). This allows &man.tap.4; devices to be
|
|
added to the same bridge (which requires all interface
|
|
members to have the same MTU) with an interface configured
|
|
for jumbo frames.</para>
|
|
|
|
<para role="7.2">The domains list for handling the list of supported
|
|
domains in the &man.unix.4; (UNIX domain protocol family)
|
|
subsystem is now MPSAFE.</para>
|
|
|
|
<para role="7.1">The &man.arp.8; utility now
|
|
supports <literal>reject</literal>
|
|
and <literal>blackhole</literal> keywords. In the entry
|
|
marked as <literal>reject</literal>, traffic to the host will
|
|
be discarded and the sender will be notified the host is
|
|
unreachable. In the entry marked as <literal>blackhole</literal>,
|
|
traffic is discarded but the sender is not notified.</para>
|
|
|
|
<para role="7.1">The &man.bpf.4; now supports an
|
|
ioctl <literal>BIOCSETFNR</literal>. This is just like
|
|
<literal>BIOCSETF</literal>, but it does not drop all the
|
|
packets buffered on the descriptor and reset the
|
|
statistics.</para>
|
|
|
|
<para role="7.1">The &man.if.bridge.4; interface can limit the
|
|
number of source MACs that can be behind a bridge interface
|
|
via <literal>ifmaxaddr</literal> parameter of
|
|
&man.ifconfig.8;.</para>
|
|
|
|
<para role="7.1">A bug in the &man.carp.4; interface configuration which
|
|
leads to a system panic has been fixed.</para>
|
|
|
|
<para role="7.1">The &man.dummynet.4; subsystem now supports
|
|
<literal>fast</literal> mode operation which allows certain
|
|
packets to bypass the dummynet scheduler. This can achieve
|
|
lower latency and lower overhead when the packet flow is under
|
|
the pipe bandwidth, and eliminate recursion in the subsystem.
|
|
The new sysctl variable
|
|
<varname>net.inet.ip.dummynet.io_fast</varname> has been
|
|
added to enable this feature.</para>
|
|
|
|
<para role="7.1">The &man.enc.4; interface now supports sysctl
|
|
variables to control whether the firewalls or &man.bpf.4;
|
|
will see inner and outer headers or just inner or outer
|
|
headers for incoming and outgoing IPsec packets.</para>
|
|
|
|
<para role="7.1">The &man.gre.4; now supports
|
|
ioctls <literal>GRESKEY</literal>
|
|
and <literal>GREGKEY</literal> which allows set or get GRE
|
|
key used for outgoing packets.</para>
|
|
|
|
<para role="7.1">A bug in the &man.ipsec.4; subsystem that PMTU was broken
|
|
in those cases when there was a route with a lower MTU than
|
|
the MTU of the outgoing interface, has been fixed.</para>
|
|
|
|
<para role="7.1">The netatm subsystem has been removed due to
|
|
lacking multiprocessor support.</para>
|
|
|
|
<para role="7.1">The &man.ng.nat.4; now supports redirect functionality
|
|
in <filename>libalias</filename>. For more details, see the
|
|
manual page.</para>
|
|
|
|
<para role="7.1">The &man.ng.pptpgre.4; now supports multiple hooks like
|
|
&man.ng.l2tp.4;, to use one pair of pptpgre and ksocket nodes for all
|
|
calls between two peers.</para>
|
|
|
|
<para role="7.1">The &man.resolver.3; now allows underscore in domain
|
|
names. Although this is a violation of RFC 1034 [STD 13], it is
|
|
accepted by certain name servers as well as other popular operating
|
|
systems' resolver library.</para>
|
|
|
|
<para role="7.1">A socket option <literal>TCP_CONGESTION</literal> for TCP
|
|
sockets has been added. This is for setting and retrieving the
|
|
congestion control algorithm. The name used is to allow
|
|
compatibility with Linux.</para>
|
|
|
|
<para role="7.1">The &man.rwlock.9; has been used throughout
|
|
the <varname>inpcbinfo</varname> and <varname>inpcb</varname>
|
|
infrastructure, and protocols that depend on that
|
|
infrastructure, including UDP, TCP, and IP raw sockets to
|
|
reduce the lock contentions.</para>
|
|
|
|
<para role="7.1">The &os; now supports multiple routing tables. To
|
|
enable this, the following steps are needed:</para>
|
|
|
|
<itemizedlist role="7.1">
|
|
<listitem>
|
|
<para>Add the following kernel configuration option and
|
|
rebuild the kernel. The <literal>2</literal> is the number
|
|
of FIB (Forward Information Base, synonym for a routing
|
|
table here). The maximum value is 16.</para>
|
|
|
|
<programlisting>options ROUTETABLES=2</programlisting>
|
|
|
|
<para>The procedure for rebuilding the &os; kernel is
|
|
described in the <ulink
|
|
url="http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/makeworld.html#AEN30408">&os;
|
|
Handbook</ulink>.</para>
|
|
|
|
<para>This number can be modified on boot time. To do so, add
|
|
the following to <filename>/boot/loader.conf</filename> and
|
|
reboot the system:</para>
|
|
|
|
<programlisting>net.fibs=6</programlisting>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>Set a loader tunable <varname>net.my_fibnum</varname> if
|
|
needed. This means the default number of routing tables.
|
|
If not specified, <literal>0</literal> will be used.</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>Set a loader tunable
|
|
<varname>net.add_addr_allfibs</varname> if needed. This
|
|
enables to add routes to all FIBs for new interfaces by
|
|
default. When this is set to <literal>0</literal>, it will
|
|
only allocate routes on interface changes for the FIB of the
|
|
caller when adding a new set of addresses to an interface.
|
|
Note that this tunable is set to <literal>1</literal> by
|
|
default.</para>
|
|
</listitem>
|
|
</itemizedlist>
|
|
|
|
<para>To select one of the FIBs, the new &man.setfib.1; utility
|
|
can be used. This set an associated FIB with the process. For
|
|
example:</para>
|
|
|
|
<screen>&prompt.root; setfib -3 ping target.example.com</screen>
|
|
|
|
<para>The FIB #3 will be used for the &man.ping.8; command.</para>
|
|
|
|
<para>The FIB which the packet will be associated with will be
|
|
determined in the following rules:</para>
|
|
|
|
<itemizedlist role="7.1">
|
|
<listitem>
|
|
<para>All packets which have a FIB associated with them will
|
|
use the FIB. If not, FIB #0 will be used.</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>A packet received on an interface for forwarding uses
|
|
FIB #0.</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>A TCP listen socket associated with an FIB will generate
|
|
accept sockets which are associated with the same FIB.</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>A packet generated in response to other packet uses the
|
|
FIB associated with the packet being responded to.</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>A packet generated on tunnel interfaces such as
|
|
&man.gif.4; and &man.tun.4; will be encapsulated using the
|
|
FIB of the process which set up the tunnel.</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>Routing messages will be associated with the process's
|
|
FIB.</para>
|
|
</listitem>
|
|
</itemizedlist>
|
|
|
|
<para>Also, the &man.ipfw.8; now supports an action rule
|
|
<literal>setfib</literal>. The following action:</para>
|
|
|
|
<programlisting>setfib <replaceable>fibnum</replaceable></programlisting>
|
|
|
|
<para>will make the matched packet use the FIB specified in
|
|
<replaceable>fibnum</replaceable>. The rule processing
|
|
continues at the next rule.</para>
|
|
</sect3>
|
|
|
|
<sect3 id="disks">
|
|
<title>Disks and Storage</title>
|
|
|
|
<para role="8.0">The &os; CAM SCSI subsystem (&man.cam.4;) now
|
|
includes experimental support for ATA/SATA/AHCI-compliant
|
|
devices. This is disabled by default. To enable this,
|
|
adding the following kernel options to your kernel
|
|
configuration file and rebuild the kernel:</para>
|
|
|
|
<programlisting>device ahci
|
|
device siis</programlisting>
|
|
|
|
<para role="8.0">The current implementation supports
|
|
AHCI-compliant controllers and SiliconImage
|
|
SiI3124/SiI3132/SiI3531 controllers. The device node of an
|
|
ATA drive is <literal>ada</literal> and an ATAPI
|
|
drive is <literal>cd</literal>.</para>
|
|
|
|
<para role="8.0">The &os; iSCSI initiator implementation has
|
|
been improved and supports IPv6.</para>
|
|
|
|
<para role="8.0">A userland utility &man.mfiutil.8; for the
|
|
&man.mfi.4; devices has been added. This includes basic
|
|
features to monitor controller, array, and drive status,
|
|
change basic attributes, create/delete arrays and spares,
|
|
and flush the controller firmware. Note that this is a
|
|
small utility, not a replacement of MegaCLI in the Ports
|
|
Collection which is supported officially and provides more
|
|
functionality.</para>
|
|
|
|
<para role="8.0">A userland utility &man.mptutil.8; for the
|
|
&man.mpi.4; devices has been added. This includes basic
|
|
features to monitor controller, array, and drive status,
|
|
change basic attributes, and create/delete arrays and
|
|
spares.</para>
|
|
|
|
<para role="8.0">The &man.siis.4; driver has been added to
|
|
provide support for SiliconImage SiI3124/3132/3531 SATA2
|
|
controllers. It supports Serial ATA and ATAPI devices, port
|
|
multipliers (including FIS-based switching), hardware
|
|
command queues (31 commands per port) and Native Command
|
|
Queuing.</para>
|
|
|
|
<para role="7.2">The &man.ata.4; driver now supports Marvell PATA M88SX6121.</para>
|
|
|
|
<para role="7.2">The &man.ata.4; driver now recognizes nForce MCP67 and
|
|
MCP73 SATA controllers as AHCI.</para>
|
|
|
|
<para role="7.2">The &man.ataraid.4; driver now includes preliminary support
|
|
for DDF metadata found on Adaptec HostRAID controllers.
|
|
Note that spares and rebuilds are not supported yet.</para>
|
|
|
|
<para role="7.2">The &man.cam.4; SCSI subsystem now supports a new sysctl
|
|
variable <varname>kern.cam.cd.retry_count</varname>. This
|
|
controls the number of retries for the CD media. When
|
|
trying to read scratched or damaged CDs and DVDs, the
|
|
default mechanism is sub-optimal, and programs like
|
|
<application>ddrescue</application> do much better if you
|
|
turn off the retries entirely since their algorithms do it
|
|
by themselves. This value is set to <literal>4</literal>
|
|
(for a total of 5 attempts) by default. Setting it to
|
|
<literal>0</literal> turns off all retry attempts.</para>
|
|
|
|
<para role="7.2">A bug in the &man.ciss.4; driver which caused low
|
|
<quote>max device openings</quote> count and led to poor
|
|
performance has been fixed.</para>
|
|
|
|
<para role="7.2">The &man.glabel.8; GEOM class now supports a new
|
|
UFS-based label called <literal>ufsid</literal> that can be
|
|
used to reference UFS-carrying devices by the unique file
|
|
system ID. This file system ID is automatically generated
|
|
and detected when the &man.glabel.8; GEOM class is enabled. An
|
|
example of this new label is:
|
|
<filename>/dev/ufsid/48e69c8b5c8e1b43</filename>. The
|
|
benefit of using GEOM labels in general is to avoid problems
|
|
of device renaming when shifting drives or
|
|
controllers.</para>
|
|
|
|
<para role="7.2">The &man.gjournal.8; GEOM class now supports the root
|
|
file system. Previously, an unclean shutdown would make it
|
|
impossible to mount the root file system at boot.</para>
|
|
|
|
<para role="7.2">The &man.gpart.8; utility has been updated. The APM
|
|
scheme now supports Tivo Series 1 partitions (read only), a
|
|
new EBR scheme to support Extended Boot Records has been
|
|
added, the BSD scheme now support bootcode, and bugs in the
|
|
PC98 and VTOC8 schemes have been fixed.</para>
|
|
|
|
<para role="7.2">An issue in &man.gvinum.8; with access permissions
|
|
to underlying disks used by a gvinum plex has been fixed.
|
|
If the plex is a raid5 plex and is being written to, parity data might
|
|
have to be read from the underlying disks, requiring them to be opened for
|
|
reading as well as writing.</para>
|
|
|
|
<para role="7.2">The &man.hptmv.4; driver has been updated to version
|
|
1.16 from HighPoint.</para>
|
|
|
|
<para role="7.2">The &man.mmc.4; and &man.mmcsd.4; drivers now support MMC
|
|
and SDHC cards, high speed timing, wide bus, and multiblock
|
|
transfers.</para>
|
|
|
|
<para role="7.2" arch="sparc64">The &man.mpt.4; driver is now in the
|
|
<filename>GENERIC</filename> kernel.</para>
|
|
|
|
<para role="7.2">The &man.sdhci.4; driver has been added. This supports
|
|
PCI devices with class 8 and subclass 5 according to the SD
|
|
Host Controller Specification.</para>
|
|
|
|
<para role="7.2">The &man.sdhci.4; driver now supports kernel dumping and
|
|
a sysctl variable <varname>hw.sdhci.debug</varname> for debug
|
|
level.</para>
|
|
|
|
<para role="7.2">The &man.twa.4; driver now supports 64-bit DMA.</para>
|
|
|
|
<para role="7.2">The &man.mmc.4; &man.mmcsd.4;, and &man.sdhci.4; driver
|
|
are now included as kernel modules.</para>
|
|
|
|
<para role="7.1">The &man.aac.4; driver now supports 64-bit array support
|
|
for RAIDs larger than 2TB and simultaneous opens of the device
|
|
for issuing commands to the controller.</para>
|
|
|
|
<para role="7.1">The &man.ata.4; driver now supports a loader variable
|
|
<varname>hw.ata.ata_dma_check_80pin</varname>. This can be
|
|
used to disable the 80pin cable check on broken systems such
|
|
as certain laptops and Soekris boards. The default value is
|
|
<literal>1</literal>.</para>
|
|
|
|
<para role="7.1">A data corruption problem of the &man.ata.4; driver on
|
|
ServerWorks HT1000 chipsets has been fixed.</para>
|
|
|
|
<para role="7.1">The &man.ciss.4; driver now supports a loader tunable
|
|
<varname>hw.ciss.nop_message_heartbeat</varname> for
|
|
NOP-message polling in <function>ciss_periodic()</function>.
|
|
This can be used as a workaround for
|
|
<literal>ADAPTER HEARTBEAT FAILED</literal> issue.
|
|
The default value is <literal>0</literal> (disabled).</para>
|
|
|
|
<para role="7.1">The <filename>geom_part</filename> GEOM class can be built
|
|
as a kernel module.</para>
|
|
|
|
<para role="7.1">The <filename>geom_linux_lvm</filename> GEOM class can be
|
|
built as a kernel module.</para>
|
|
|
|
<para role="7.1">The &man.hptrr.4; driver has been updated to version 1.2
|
|
from Highpoint.</para>
|
|
|
|
<para role="7.1">A buffer overflow in the &man.iir.4; driver has been
|
|
fixed. This likely fixes a great number of weird problems
|
|
that have been reported with this driver.</para>
|
|
|
|
<para role="7.1">The &man.mpt.4; driver now supports <literal>mpt_user</literal>
|
|
personality.</para>
|
|
|
|
<para role="7.1">The &man.rr232x.4; driver has been superseded by
|
|
&man.hptrr.4; driver.</para>
|
|
|
|
<para role="7.1">The &man.twa.4; driver has been improved with regard to
|
|
stability on machines with a plenty of memory and high CPU
|
|
load.</para>
|
|
</sect3>
|
|
|
|
<sect3 id="fs">
|
|
<title>File Systems</title>
|
|
|
|
<para role="8.0"><quote>dangerously dedicated</quote> mode for
|
|
the UFS file system is no longer supported.</para>
|
|
|
|
<important>
|
|
<para>Such disks will need to be reformatted to work with
|
|
this release.</para>
|
|
</important>
|
|
|
|
<para role="8.0">The &man.gvinum.8; now supports commands
|
|
found in the old vinum implementation including
|
|
<command>attach</command>, <command>detach</command>,
|
|
<command>start</command>, <command>stop</command>,
|
|
<command>concat</command>, <command>mirror</command>,
|
|
<command>stripe</command>, and
|
|
<command>raid5</command>.</para>
|
|
|
|
<para role="8.0">The &man.gvinum.8; now
|
|
supports <literal>grow</literal> command to make it easier
|
|
for users to extend plexes without having to understand all
|
|
of the implementation internals.</para>
|
|
|
|
<para role="8.0">The &os; NFS subsystem now
|
|
supports <literal>RPCSEC_GSS</literal> authentication on
|
|
both the client and server. This replaces the RPC
|
|
implementation of the NFS client and server with the newer
|
|
RPC implementation originally developed to support the NFS
|
|
Lock Manager. It supports both the new RPC implementation
|
|
and the older legacy implementation inherited from the
|
|
original NFS codebase and the default is to use the new one.
|
|
To use <literal>RPCSEC_GSS</literal> on either client or
|
|
server, you must build a kernel which includes
|
|
the <literal>KGSSAPI</literal> option and the &man.crypto.4;
|
|
device. For more details, see &man.gssd.8; manual
|
|
page.</para>
|
|
|
|
<para role="8.0">The &os; NFS subsystem now includes a new,
|
|
experimental implementation with support for NFSv2, NFSv3, and
|
|
NFSv4. This is not enabled by default. To enable this, add
|
|
the following kernel options to your kernel configuration
|
|
file and rebuild the kernel:</para>
|
|
|
|
<programlisting role="8.0">options NFSCL # for NFS client
|
|
options NFSD # for NFS server</programlisting>
|
|
|
|
<para role="8.0">The fstype for &man.mount.8; program is
|
|
<literal>newnfs</literal>, and &man.mount.newnfs.8; program
|
|
has also been added. The old, unmaintained NFSv4 client
|
|
based on an implementation from the University of Michigan was
|
|
removed from the &os; source tree.</para>
|
|
|
|
<para role="8.0">The &os; NFS subsystem now uses TCP as the
|
|
default transport.</para>
|
|
|
|
<para role="8.0">The shared vnode locking for pathname lookups
|
|
in the &man.VFS.9; subsystem has been improved. This is
|
|
enabled by default. Setting a sysctl variable
|
|
<varname>vfs.lookup_shared</varname> to <literal>0</literal>
|
|
disables it. Note that the
|
|
<literal>LOOKUP_SHARED</literal> kernel option equivalent to
|
|
the sysctl variable has been removed.</para>
|
|
|
|
<para role="8.0">The <application>ZFS</application> file system
|
|
has been updated to version 13. The changes include ZFS
|
|
operations by a regular user, L2ARC, ZFS Intent Log on
|
|
separated disks (slog), sparse volumes, and so on.</para>
|
|
|
|
<para role="7.2">The semantics of &man.acl.3; extended access control
|
|
lists has been changed as follows:</para>
|
|
|
|
<itemizedlist role="7.2">
|
|
<listitem>
|
|
<para>The inode modification time (mtime) is not updated
|
|
when extended attributes are added, modified, or removed.</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>The inode access time (atime) is not updated
|
|
when extended attributes are queried.</para>
|
|
</listitem>
|
|
</itemizedlist>
|
|
|
|
<para role="7.2">The &os; NFS file system now supports a sysctl variable
|
|
<varname>vfs.nfs.prime_access_cache</varname> to determine
|
|
whether or not <function>nfs_getattr()</function> will use
|
|
an ACCESS RPC to prime the access cache instead of a simple
|
|
GETATTR RPC. This is because on many NFS servers an ACCESS
|
|
RPC is much more expensive to service than a GETATTR RPC for
|
|
files in an NFSv3 mount. The sysctl variable is enabled by
|
|
default to maintain the previous behavior.</para>
|
|
|
|
<para role="7.2">The &os; UDF file system now supports a fifo.</para>
|
|
|
|
<para role="7.1">The &man.fdescfs.5; is now MPSAFE.</para>
|
|
|
|
<para role="7.1">The &man.gpart.8; now supports BSD disklabels (option
|
|
<literal>GEOM_PART_BSD</literal>) and
|
|
VTOC8 disklabels (option
|
|
<literal>GEOM_PART_VTOC8</literal>).</para>
|
|
|
|
<para role="7.1">The &man.gvinum.8; now accepts <replaceable>volume</replaceable>
|
|
parameter when creating a plex.</para>
|
|
|
|
<para role="7.1">A pathname lookup bug of a UNIX domain socket in the
|
|
<filename>unionfs(7)</filename> has been fixed.</para>
|
|
</sect3>
|
|
</sect2>
|
|
|
|
<sect2 id="userland">
|
|
<title>Userland Changes</title>
|
|
|
|
<para role="8.0">The GCC stack protection (also known as
|
|
ProPolice) has been enabled in the &os; base system.</para>
|
|
|
|
<para role="8.0">A BSD-licensed &man.ar.1; utility has been added
|
|
in favor of one in <application>GNU binutils</application> and
|
|
it is now the default utility for building the &os; base
|
|
system.</para>
|
|
|
|
<para role="8.0">The &man.awk.1; utility now supports 64 files.
|
|
The upper limit was 20 in prior releases.</para>
|
|
|
|
<para role="8.0">The &man.bsnmpd.1; program now supports OIDs
|
|
for ZFS.</para>
|
|
|
|
<para role="8.0">The &man.camcontrol.8; program now supports a
|
|
new modularized ATA kernel module and various ATA
|
|
commands.</para>
|
|
|
|
<para role="8.0">The &man.cat.1; and &man.cp.1; now use a larger
|
|
buffer if the number of pages of the physical memory on the
|
|
system is grater than 32k. This reduces the number of context
|
|
switches.</para>
|
|
|
|
<para role="8.0">A new BSD-licensed &man.cpio.1; utility has been
|
|
added in favor of <application>GNU cpio</application> and it
|
|
is now the default utility in the &os; base system.</para>
|
|
|
|
<para role="8.0">A script for the &man.crashinfo.8; utility for
|
|
simple analysis of crash dump has been added. It generates a
|
|
text file containing the output of several commands run against
|
|
the core dump such as &man.kgdb.1; (stack trace), &man.ps.1;,
|
|
&man.netstat.1;,
|
|
&man.vmstat.8;,
|
|
&man.iostat.8;,
|
|
&man.dmesg.8;,
|
|
and
|
|
&man.fstat.1;.</para>
|
|
|
|
<para role="8.0">The &man.df.1; utility's <option>-h</option>
|
|
flag now supports displaying inode counts in a human-readable
|
|
format when a flag <option>-i</option> is specified.</para>
|
|
|
|
<para role="8.0">The &man.df.1; utility now supports
|
|
a <option>-T</option> flag to display file system type in each
|
|
entry.</para>
|
|
|
|
<para role="8.0">A bug in the &man.dhclient.8; that can create a
|
|
malformed <filename>/etc/resolv.conf</filename> has been
|
|
fixed.</para>
|
|
|
|
<para role="8.0">The &man.dhclient.8; now uses an
|
|
<option>-n</option> flag when invoking &man.route.8; command.
|
|
This eliminates a long delay in the case that it gets a lease
|
|
but DNS service is not working.</para>
|
|
|
|
<para role="8.0">The &man.dhclient.8; utility now
|
|
uses <literal>68</literal> (bootpc) as the source port for
|
|
unicast <literal>DHCPREQUEST</literal> packets instead of
|
|
allowing the protocol stack to pick a random source port.
|
|
This fixes the behavior where &man.dhclient.8; would never
|
|
transition from <literal>RENEWING</literal>
|
|
to <literal>BOUND</literal> without going
|
|
through <literal>REBINDING</literal> in some networks which
|
|
has a tight policy on DHCP spoofing.</para>
|
|
|
|
<para role="8.0">The &man.env.1; utility now supports a
|
|
<option>-u <replaceable>name</replaceable></option> option
|
|
that completely unsets the given name instead of setting it to
|
|
a null value.</para>
|
|
|
|
<para role="8.0">The &man.find.1; utility now supports a number
|
|
of primaries found in <application>GNU find</application>
|
|
including <option>-ignore_readdir_race</option>,
|
|
<option>-noignore_readdir_race</option>,
|
|
<option>-noleaf</option>, <option>-gid</option>,
|
|
<option>-uid</option>, <option>-wholename</option>,
|
|
<option>-iwholename</option>, <option>-mount</option>,
|
|
<option>-d</option>, <option>-lname</option>,
|
|
<option>-ilname</option>, <option>-quit</option>,
|
|
<option>-samefile</option>, and <option>-true</option>.</para>
|
|
|
|
<para role="8.0">The &man.fsck.8; utility now supports a
|
|
<option>-r</option> flag to free up excess unused inodes.
|
|
Decreasing the number of preallocated inodes reduces the
|
|
running time of future runs of fsck and frees up space that
|
|
can allocated to files. This flag is ignored when running in
|
|
preen mode.</para>
|
|
|
|
<para role="8.0">The &man.freebsd-update.8; now supports backing
|
|
up the old kernel when installing a new kernel. The backup
|
|
kernel will be written
|
|
to <filename>/boot/kernel.old</filename> if the directory does
|
|
not exist or the directory was created by freebsd-update in a
|
|
previous backup. Otherwise the &man.freebsd-update.8; will
|
|
generate a new directory name for use by the backup. This is
|
|
enabled by default.</para>
|
|
|
|
<para role="8.0">The &man.gdbserver.1; now supports &arch.arm;
|
|
and &arch.powerpc; platforms.</para>
|
|
|
|
<para role="8.0">The &man.gpt.8; program has been removed in
|
|
favor of &man.gpart.8;.</para>
|
|
|
|
<para role="8.0">The &man.gzip.1; utility now supports
|
|
uncompressing files which are created
|
|
by <application>pack</application> found in some commercial
|
|
UNIX-like systems.</para>
|
|
|
|
<para role="8.0">The &man.i2c.8; utility for diagnostics of I2C has
|
|
been added.</para>
|
|
|
|
<para role="8.0">The &man.ifconfig.8; now
|
|
supports <option>vnet</option> and <option>-vnet</option>
|
|
option to allow moving interfaces between jails with
|
|
vimage.</para>
|
|
|
|
<para role="8.0">A BSD-licensed <filename>libdwarf</filename>
|
|
library has been added for DTrace clients.</para>
|
|
|
|
<para role="8.0">The <filename>libmsun</filename> library now supports
|
|
<function>acosl()</function>,
|
|
<function>asinl()</function>,
|
|
<function>atanl()</function>,
|
|
<function>atan2l()</function>,
|
|
<function>cargl()</function>,
|
|
<function>csqrtl()</function>,
|
|
<function>fmodl()</function>,
|
|
<function>hypotl()</function>,
|
|
and
|
|
<function>remquol()</function>
|
|
functions.</para>
|
|
|
|
<para role="8.0">The <filename>libproc</filename>
|
|
library has been added for DTrace clients.</para>
|
|
|
|
<para role="8.0">The &man.mtest.8; utility now supports IPv6.</para>
|
|
|
|
<para role="8.0">The &man.mount.8; program now supports
|
|
an <option>-o
|
|
mountprog=<replaceable>filename</replaceable></option> option
|
|
to allow an alternative program to be used for mounting a file
|
|
system. This is useful for non-&man.nmount.2; based file
|
|
systems such as FUSE.</para>
|
|
|
|
<para role="8.0">The &man.nfscbd.8;, &man.nfsuserd.8;,
|
|
&man.nfsdumpstate.8;, and &man.nfsrevoke.8; utilities for the
|
|
new NFSv4 subsystem has been added.</para>
|
|
|
|
<para role="8.0">The &man.pmcannotate.8; utility has been added.
|
|
This prints out sources of a tool (in C or assembly) with
|
|
inlined profiling informations retrieved by a prior
|
|
&man.pmcstat.8; analysis.</para>
|
|
|
|
<para role="8.0">The &man.route.8; utility now
|
|
supports <command>show</command>,
|
|
<command>weights</command>, and <command>sticky</command>
|
|
commands. For more details, see the &man.route.8; manual
|
|
page.</para>
|
|
|
|
<para role="8.0">The &man.rtld.1; now supports a new
|
|
environment variable <varname>LD_ELF_HINTS_PATH</varname> for
|
|
overriding the rtld hints file. This environment variable
|
|
would be ignored if the process uses setuid and/or setgid.
|
|
This feature gives a convenient way to use a custom set of
|
|
shared library that is not in the default location.</para>
|
|
|
|
<para role="8.0">The &man.rtld.1; now supports the dynamic
|
|
string token substitution in the rpath and soneeded pathes. The
|
|
<varname>$ORIGIN</varname>,
|
|
<varname>$OSNAME</varname>,
|
|
<varname>$OSREL</varname>
|
|
and <varname>$PLATFORM</varname>
|
|
tokens are supported. Enabling
|
|
the substitution requires <literal>DF_ORIGIN</literal>
|
|
flag in <literal>DT_FLAGS</literal> or
|
|
<literal>DF_1_ORIGIN</literal> if
|
|
<literal>DF_FLAGS_1</literal>, that may be set
|
|
with <option>-z</option> origin <application>GNU
|
|
ld</application> flag. This translation is unconditionally
|
|
disabled for setuid/setgid processes.
|
|
The <varname>$ORIGIN</varname> translation relies on
|
|
the <literal>AT_EXECPATH</literal> auxinfo supplied by the
|
|
&os; kernel.</para>
|
|
|
|
<para role="8.0">It is no longer possible to create UFS
|
|
filesystems in <quote>dangerously dedicated</quote> mode using
|
|
&man.sysinstall.8; since this mode is no longer supported.</para>
|
|
|
|
<para role="8.0">&man.sysinstall.8; menus have been simplified
|
|
to reduce confusion and duplication with other parts of the
|
|
system. The <application>Xorg</application> window system
|
|
should be installed just like any other package.
|
|
Configuration of <application>Linux</application> and
|
|
<application>OSF/1</application> emulation should be done via
|
|
kernel rebuilds. Support for installation from tape media was
|
|
removed as it was believed to be broken. Obsolete code to
|
|
support <literal>OLDCARD</literal> was also
|
|
removed.</para>
|
|
|
|
<para role="8.0">&man.sysinstall.8; now understands how to use
|
|
unsliced USB drives as installation source media via
|
|
<filename>/dev/da<replaceable>X</replaceable><replaceable>a</replaceable></filename></para>
|
|
|
|
<para role="8.0">&man.sysinstall.8; now recognizes the new
|
|
<filename>/dev/ada<replaceable>X</replaceable></filename> disk
|
|
devices, if compiled into the kernel.</para>
|
|
|
|
<para role="8.0">&man.sysinstall.8; now uses the
|
|
<filename>freebsd-doc-<replaceable>*</replaceable></filename>
|
|
packages for localized documents.</para>
|
|
|
|
<para role="8.0">&man.sysinstall.8; now ejects the CDROM after
|
|
installation if it was used as source media.</para>
|
|
|
|
<para role="8.0">The &man.traceroute.8; and &man.traceroute6.8;
|
|
now support an
|
|
<option>-a</option> flag to display AS number corresponding to
|
|
the lookup IP address on each hop. It will query the number to
|
|
WHOIS server specified in <option>-A</option> option. If
|
|
no <option>-A</option> is
|
|
specified, <hostid>whois.radb.net</hostid> will be used as the
|
|
default value.</para>
|
|
|
|
<para role="8.0">The &man.tzsetup.8; now supports
|
|
an <option>-s</option> flag to skip the question about
|
|
adjusting the clock to UTC.</para>
|
|
|
|
<para role="8.0">The &man.wake.8; utility, a tool to send Wake on
|
|
LAN frames to hosts on a local Ethernet network has been
|
|
added.</para>
|
|
|
|
<para role="8.0">The &man.ypserv.8; program now
|
|
supports <filename>shadow.byname</filename>
|
|
and <filename>shadow.byuid</filename> maps.</para>
|
|
|
|
<para role="7.2">A bug in the &man.atacontrol.8; utility, which prevents it
|
|
from working when <filename>/usr</filename> is not mounted or
|
|
invoked from <filename>/rescue</filename>, has been
|
|
fixed.</para>
|
|
|
|
<para role="7.2">The &man.btpand.8; daemon from NetBSD has been added.
|
|
This daemon provides support for Bluetooth Network Access
|
|
Point (NAP), Group Ad-hoc Network (GN) and Personal Area
|
|
Network User (PANU) profiles.</para>
|
|
|
|
<para role="7.2">The &man.cpucontrol.8; utility has been added to
|
|
control &man.cpuctl.4; pseudo-device.</para>
|
|
|
|
<para role="7.2">The &man.ncal.1; utility now supports multibyte
|
|
characters.</para>
|
|
|
|
<para role="7.2">The &man.newfs.8; utility now supports
|
|
operations on a regular file.</para>
|
|
|
|
<para role="7.2">The &man.config.8; utility now supports
|
|
multiple <varname>makeoption</varname> lines.</para>
|
|
|
|
<para role="7.2">The &man.csup.1; utility now supports CVSMode to fetch a
|
|
complete CVS repository. Note that the rsync transfer mode is
|
|
currently disabled.</para>
|
|
|
|
<para role="7.2">The &man.dirname.1; utility now accepts multiple arguments
|
|
in the same way that &man.basename.1; does.</para>
|
|
|
|
<para role="7.2">The &man.du.1; utility now supports an <option>-l</option>
|
|
flag. When specified, the &man.du.1; utility counts a file
|
|
with multiple hard links as multiple different files.</para>
|
|
|
|
<para role="7.2">The &man.du.1; utility now supports an <option>-A</option> flag
|
|
to display the apparent size instead of the disk usage. This can be
|
|
helpful when operating on compressed volumes or sparse files.</para>
|
|
|
|
<para role="7.2">The &man.du.1; utility now supports a <option>-B
|
|
<replaceable>blocksize</replaceable></option> option to
|
|
calculate block counts in blocks of
|
|
<replaceable>blocksize</replaceable> bytes. This is different
|
|
from the <option>-k</option> or <option>-m</option> options or
|
|
setting <varname>BLOCKSIZE</varname> and gives an estimate of
|
|
how much space the examined file hierarchy would require on a
|
|
file system with the given
|
|
<replaceable>blocksize</replaceable>. Unless in
|
|
<option>-A</option> mode, <replaceable>blocksize</replaceable>
|
|
is rounded up to the next multiple of 512.</para>
|
|
|
|
<para role="7.2">The &man.dumpfs.8; utility now supports an
|
|
<option>-f</option> flag, which causes it to list all free
|
|
fragments in the file system by fragment (block) number. This
|
|
new mode does the necessary arithmetic to generate absolute
|
|
fragment numbers rather than the cg-relative numbers printed
|
|
in the default mode.</para>
|
|
|
|
<para role="7.2">If <option>-f</option> is passed once, contiguous fragment
|
|
ranges are collapsed into an X-Y format as free block lists
|
|
are currently printed in regular dumpfs output. If specified
|
|
twice, all block numbers are printed individually, allowing
|
|
both compact and more script-friendly representation.</para>
|
|
|
|
<para role="7.2">The &man.fetch.1; utility now supports an
|
|
<option>-i</option> flag which supports the If-Modified-Since
|
|
HTTP 1.1 request. If specified it will cause the file to be
|
|
downloaded only if it is more recent than the mtime of the
|
|
local file. Also, <application>libfetch</application> now
|
|
accepts the mtime in the url structure and a flag to indicate
|
|
when this behavior is desired.</para>
|
|
|
|
<para role="7.2">The &man.fsck.8; utility now supports a
|
|
<option>-C</option> flag for <literal>check clean</literal>
|
|
mode. This checks if the file system was dismounted cleanly
|
|
first and then skip file system checks if true. Otherwise it
|
|
does full checks.</para>
|
|
|
|
<para role="7.2">The &man.fsck.8; utility now supports a
|
|
<option>-D</option> flag for damaged recovery mode, which will
|
|
enable certain aggressive operations that can make
|
|
&man.fsck.8; to survive with file systems that has very
|
|
serious data damage. This is a useful last resort when on
|
|
disk data damage is very serious and causes &man.fsck.8; to
|
|
crash.</para>
|
|
|
|
<para role="7.2">The &man.getaddrinfo.3; function now supports SCTP.</para>
|
|
|
|
<para role="7.2">A bug was fixed in the &man.ipfw.8; utility which displays
|
|
extra messages for a NAT rule even when a <option>-q</option>
|
|
flag is specified.</para>
|
|
|
|
<para role="7.2">The &man.ln.1; utility now supports a <option>-w</option>
|
|
flag to check if the source file actually exists. When the
|
|
flag is specified and the file does not exist, &man.ln.1; will
|
|
issue a warning message.</para>
|
|
|
|
<para role="8.0">The &man.ln.1; utility now allows creating hard
|
|
links to symbolic links because the POSIX.1-2008 requires this
|
|
behavior for <option>-L</option> and <option>-P</option>
|
|
flag.</para>
|
|
|
|
<para role="8.0">The &man.lpr.1; utility now support
|
|
an <option>-m</option> flag to send an email after the job is
|
|
completed and a <option>-t</option> option to set the job
|
|
title.</para>
|
|
|
|
<para role="7.2">The &man.make.1; utility now supports a
|
|
<option>-p</option> flag to print the input graph only,
|
|
without executing any commands. The output is the same as
|
|
<option>-d g1</option>. When combined with <option>-f
|
|
/dev/null</option>, only the built-in rules of make are
|
|
displayed.</para>
|
|
|
|
<para role="7.2">The &man.make.1; utility now supports a
|
|
<option>-Q</option> flag to cause file banners not to be
|
|
generated in addition to the same effect of a
|
|
<option>-q</option> flag when a <option>-j</option> option is
|
|
specified.</para>
|
|
|
|
<para role="7.2">The &man.make.1; utility now supports the
|
|
<varname>.MAKE.JOB.PREFIX</varname> variable. If
|
|
<option>-j</option> and <option>-v</option> are specified, its
|
|
output for each target is prefixed with a token <literal>---
|
|
<replaceable>target</replaceable> ---</literal> the first part
|
|
of which can be controlled via the variable.</para>
|
|
|
|
<para role="7.2">The &man.make.1; utility now supports
|
|
<varname>.MAKE.PID</varname> and <varname>.MAKE.PPID</varname>
|
|
variable. These are set to process ID of the &man.make.1;
|
|
process and its parent process respectively.</para>
|
|
|
|
<para role="7.2">The &man.makefs.8; utility to create a file system image
|
|
from a directory tree has been added.</para>
|
|
|
|
<para role="7.2">The &man.mergemaster.8; utility now supports an
|
|
<option>-F</option> option to automatically install files that
|
|
differ only in their version control ID strings.</para>
|
|
|
|
<para role="7.2">The &man.mount.8; utility now supports an <option>-o
|
|
mountprog=<replaceable>/somewhere/mount_xxx</replaceable></option>
|
|
option to force it to use the specified program to mount the
|
|
file system instead of calling &man.nmount.2; directly. This
|
|
is useful when you want to use third party programs such as
|
|
FUSE, for example.</para>
|
|
|
|
<para role="7.2">The &man.netstat.1; utility now reports &man.unix.4;
|
|
sockets' listen queue statistics when an <option>-L</option>
|
|
flag is specified.</para>
|
|
|
|
<para role="7.2">A bug in the &man.netstat.1; utility has been fixed. It
|
|
crashed with the following options in the previous
|
|
versions:</para>
|
|
|
|
<screen role="7.2">&prompt.user; netstat -m -N foo</screen>
|
|
|
|
<para role="7.2">A bug in the &man.netstat.1; utility has been fixed. The
|
|
<option>-ss</option> option now works in the icmp6 section as
|
|
expected.</para>
|
|
|
|
<para role="7.2">The &man.pciconf.8; utility now supports a
|
|
<option>-b</option> flag, which lists any base address
|
|
registers (BAR) that are assigned resources for each
|
|
device.</para>
|
|
|
|
<para role="7.2">The &man.powerd.8; program has been improved. Changes
|
|
include reasonable CPU load estimation on SMP systems and a
|
|
new mode named as <literal>hiadaptive</literal> for AC-powered
|
|
systems. The <literal>hiadaptive</literal> mode raises the
|
|
CPU frequency twice as fast as <literal>adaptive</literal>, it
|
|
drops the CPU frequency 4 times slower, prefers twice lower
|
|
CPU load and has an additional delay before leaving the
|
|
highest frequency after the period of maximum load.</para>
|
|
|
|
<para role="8.0">The &man.revoke.1; utility has been added. This
|
|
is a wrapper of &man.revoke.2; syscall.</para>
|
|
|
|
<para role="7.2">The &man.stat.1; utility now displays an octal
|
|
representation of suid, sgid and sticky bits when the
|
|
<option>-x</option> flag is specified.</para>
|
|
|
|
<para role="7.2">The &man.strndup.3; function has been added.</para>
|
|
|
|
<para role="8.0">The &man.tftpd.8; program now supports
|
|
a <option>-W</option> option. This is almost the same as
|
|
a <option>-w</option> option but will generate unique named
|
|
based on the submitted filename, a &man.strftime.3; format
|
|
string, and a two digit sequence number. The time format
|
|
string can be set by an <option>-F</option> option.</para>
|
|
|
|
<para role="7.2">The &man.wc.1; utility now supports an <option>-L</option>
|
|
flag to output the number of characters in the longest input
|
|
line.</para>
|
|
|
|
<para role="7.2">A bug in the &man.rpc.yppasswdd.8; program, which causes
|
|
it to leave a zombie process when a password or default shell
|
|
is changed, has been fixed.</para>
|
|
|
|
<para role="7.1">The &man.adduser.8; utility now supports
|
|
a <option>-M</option> option to set the mode of a new user's
|
|
home directory.</para>
|
|
|
|
<para role="7.1">The &man.atacontrol.8; utility now supports
|
|
a <command>spindown</command> command to set or report timeout
|
|
after which the device will be spun down.</para>
|
|
|
|
<para role="7.1">The &man.chflags.1; now supports a <option>-v</option> flag for
|
|
verbose output, a <option>-f</option> flag to ignore errors,
|
|
and <option>-h</option> to allow setting flags on symbolic links
|
|
with the same semantics as (for example) &man.chmod.1;.</para>
|
|
|
|
<para role="7.1">The &man.cp.1; now supports a <option>-a</option> flag, which is
|
|
equivalent to <option>-RpP</option> flags.</para>
|
|
|
|
<para role="7.1">A bug in the &man.cp.1; utility which prevents POSIX.1e ACL (see
|
|
also &man.acl.3;) from copying properly has been fixed.</para>
|
|
|
|
<para role="7.1">The &man.cron.8; utility now supports <option>-m</option> flag which
|
|
overrides the default mail recipient for cron mails unless explicitly
|
|
provided by <literal>MAILTO=</literal> line in <filename>crontab</filename>
|
|
file.</para>
|
|
|
|
<para role="7.1">The &man.dhclient.8; now supports more options described in
|
|
&man.dhcp-options.5;.</para>
|
|
|
|
<para role="7.1">The &man.dhclient.8; now
|
|
supports <function>is_default_interface()</function> function
|
|
which determines if this interface is one with the default
|
|
route.</para>
|
|
|
|
<para role="7.1">A bug in the &man.dhclient.8; that prevents removal of the
|
|
default route from working has been fixed.</para>
|
|
|
|
<para role="7.1">The &man.environ.7;, environment array of strings now
|
|
supports unsetting a variable by setting the first character to
|
|
NULL. This is required by third-party software such as
|
|
<application>Dovecot</application>
|
|
and <application>Postfix</application>.</para>
|
|
|
|
<para role="7.1">The &man.fdisk.8; now supports a <option>-q</option> flag to
|
|
not display any warnings.</para>
|
|
|
|
<para role="7.1">The &man.fetch.1; program and <filename>libfetch</filename>
|
|
library now supports a <varname>NO_PROXY</varname> environment
|
|
variable. This specifies comma- or whitespace-separated list of
|
|
host names for which proxies should not be used. If a single
|
|
asterisk is specified, the use of proxies is disabled.</para>
|
|
|
|
<para role="7.1">The &man.ffsll.3; and &man.flsll.3; functions have been added.
|
|
These functions are the same as &man.ffs.3; and &man.fls.3; except that
|
|
they accept long long as the arguments.</para>
|
|
|
|
<para role="7.1">The &man.fortune.6; program now supports
|
|
<varname>FORTUNE_PATH</varname> environment variable to specify
|
|
search path of the fortune files.</para>
|
|
|
|
<para role="7.1">A bug in the &man.fortune.6; program that prevents
|
|
<option>-e</option> option with multiple files from working has
|
|
been fixed.</para>
|
|
|
|
<para role="7.1">The &man.freebsd-update.conf.5; now supports
|
|
<literal>IDSIgnorePaths</literal> statement.</para>
|
|
|
|
<para role="7.1">The &man.fwcontrol.8; utility now supports <option>-f
|
|
<replaceable>node</replaceable></option> option which specifies
|
|
<replaceable>node</replaceable> as the root node on the next bus
|
|
reset.</para>
|
|
|
|
<para role="7.1" arch="sparc64"> The &man.gcc.1; now
|
|
accepts <option>-mcpu</option> option properly; it was hardcoded
|
|
as <option>-mcpu=ultrasparc</option>.</para>
|
|
|
|
<para role="7.1">The &man.ifconfig.8; command now supports
|
|
display of WPS IE (Wireless Provisioning Services Information
|
|
Element).</para>
|
|
|
|
<para role="7.1">The &man.kgdb.1; command now supports
|
|
an <command>add-kld <replaceable>kld</replaceable></command>
|
|
command to locate a &man.kld.4; and load its symbols.</para>
|
|
|
|
<para role="7.1">The &man.kgdb.1; command now has a shared library backend for kernel
|
|
files that treats &man.kld.4; as shared libraries and
|
|
auto-loading symbols for &man.kld.4; on startup.</para>
|
|
|
|
<para role="7.1">The &man.kgdb.1; now supports a <command>tid</command> command
|
|
and other kernel module related commands even for a remote
|
|
target.</para>
|
|
|
|
<para role="7.1">The &man.kvm.getcptime.3; function to obtain the global CPU
|
|
time statistics from the kernel has been added.</para>
|
|
|
|
<para role="7.1">The <filename>libalias</filename> library now supports
|
|
<literal>PORT</literal> and
|
|
<literal>EPRT</literal>
|
|
FTP commands in lowercase.</para>
|
|
|
|
<para role="7.1">The &man.man.1; now includes a limited support of
|
|
&man.bzip2.1;-compressed manual pages.</para>
|
|
|
|
<para role="7.1">The &man.mdconfig.8; command now supports a
|
|
<option>-v</option> (verbose) flag to <option>-l</option>
|
|
command. It shows size and backing store of all &man.md.4;
|
|
devices at one time.</para>
|
|
|
|
<para role="7.1">The &man.memrchr.3; function has been added. This behaves
|
|
like &man.memchr.3; except that it locates the last occurrence
|
|
of the specified character in the string.</para>
|
|
|
|
<para role="7.1">The incorrect output grammar of &man.morse.6; program has
|
|
been fixed.</para>
|
|
|
|
<para role="7.1">The &man.mountd.8; utility now supports <option>-h
|
|
<replaceable>bindip</replaceable></option> option which
|
|
specifies IP addresses to bind to for TCP and UDP requests.
|
|
This option may be specified multiple times. If no
|
|
<option>-h</option> option is specified,
|
|
<literal>INADDR_ANY</literal> will be used. Note that when
|
|
specifying IP addresses with this option, it will
|
|
automatically add <literal>127.0.0.1</literal> and if IPv6 is
|
|
enabled, <literal>::1</literal> to the list.</para>
|
|
|
|
<para role="7.1">The &man.moused.8; utility now supports <option>-L</option>
|
|
flag which changes the speed of scrolling and changes
|
|
<option>-U</option> option behavior to only affect the scroll
|
|
threshold.</para>
|
|
|
|
<para role="7.1">The &man.mv.1; command now support POSIX
|
|
specification when moving a directory to an existing directory
|
|
across devices.</para>
|
|
|
|
<para role="7.1">The &man.periodic.8; now supports
|
|
<varname>daily_status_mail_rejects_shorten</varname>
|
|
configuration variable in &man.periodic.conf.5;. This allows
|
|
the rejected mail reports to tally the rejects per blacklist
|
|
without providing details about individual sender hosts. The
|
|
default configuration keeps the reports in their original
|
|
form.</para>
|
|
|
|
<para role="7.1">The &man.ping6.8; now uses exit status of
|
|
<literal>0</literal> and <literal>2</literal> in the same manner
|
|
as &man.ping.8;.</para>
|
|
|
|
<para role="7.1">The &man.ping6.8; now supports an <option>-o</option> flag,
|
|
which makes &man.ping6.8; exit successfully after receiving one
|
|
reply packet.</para>
|
|
|
|
<para role="7.1">The &man.ping6.8; now supports <option>-r</option>
|
|
and <option>-R</option> flags, which are equivalent to
|
|
&man.ping.8;'s <option>-a</option> and <option>-A</option>
|
|
flags, respectively.</para>
|
|
|
|
<para role="7.1">The minimum allowed interval of &man.ping6.8; has been
|
|
decreased to 0.000001 from 0.01.</para>
|
|
|
|
<para role="7.1">The &man.realpath.1; utility now supports
|
|
a <option>-q</option> flag to suppress warnings and
|
|
accepts multiple paths on its command line.</para>
|
|
|
|
<para role="7.1">The &man.rfcomm.pppd.8; now supports a <option>-D</option>
|
|
flag to register DUN (Dial-Up Networking) service in addition to
|
|
the LAN (LAN Access Using PPP) service.</para>
|
|
|
|
<para role="7.1">The &man.sdpd.8; now supports a <literal>NAP</literal>,
|
|
<literal>GN</literal>, and <literal>PANU</literal>
|
|
profiles.</para>
|
|
|
|
<para role="7.1">The &man.setkey.8; utility now accepts
|
|
<literal>esp</literal> as a protocol name
|
|
for the <command>spdadd</command> command.</para>
|
|
|
|
<para role="7.1">A bug in &man.telnetd.8; that caused it to
|
|
attempt authentication even when <option>-a off</option>
|
|
option is specified has been fixed.</para>
|
|
|
|
<para role="7.1">The &man.top.1; and &man.vmstat.8; commands now
|
|
support <option>-P</option> flag which displays per-CPU
|
|
statistics.</para>
|
|
|
|
<para role="7.1">The &man.uuid.enc.le.3;, &man.uuid.dec.le.3;,
|
|
&man.uuid.enc.be.3;, and &man.uuid.dec.be.3; functions have been
|
|
added. These functions encode/decode a binary representation of
|
|
a UUID.</para>
|
|
|
|
<para role="7.1">The &man.watch.8; utility now supports more than 10
|
|
&man.snp.4; devices at a time.</para>
|
|
|
|
<para role="7.1">The &man.ypserv.8; daemon now supports a
|
|
<option>-P</option> option to specify the port number on which
|
|
it should listen.</para>
|
|
|
|
<sect3 id="rc-scripts">
|
|
<title><filename>/etc/rc.d</filename> Scripts</title>
|
|
|
|
<para role="7.1">The &man.rc.conf.5; now supports
|
|
<varname>dummynet_enable</varname> variable which allow
|
|
&man.dummynet.4; kernel module to be loaded when
|
|
<varname>firewall_enable</varname> is <literal>YES</literal>.</para>
|
|
|
|
<para role="7.1">The <filename>ntpd</filename> &man.rc.8; script
|
|
can work with no configuration file
|
|
<filename>/etc/ntp.conf</filename> now.</para>
|
|
|
|
<para role="7.1">The <filename>ppp</filename> &man.rc.8;
|
|
script now supports multiple instances. For more details,
|
|
see the description of <varname>ppp_profile</varname>
|
|
variable in &man.rc.conf.5;.</para>
|
|
|
|
<para role="7.1">The <filename>sysctl</filename> &man.rc.8; script now
|
|
supports loading <filename>/etc/sysctl.conf.local</filename> in
|
|
addition to <filename>/etc/sysctl.conf</filename>.</para>
|
|
|
|
<para role="7.1">The &man.rc.conf.5; now supports configuration of
|
|
interfaces and attached networks for firewall rule set by
|
|
<filename>rc.firewall</filename> when
|
|
<varname>firewall_type</varname> is <literal>simple</literal> or
|
|
<literal>client</literal>. See
|
|
<varname>firewall_client_net</varname>,
|
|
<varname>firewall_simple_iif</varname>,
|
|
<varname>firewall_simple_inet</varname>,
|
|
<varname>firewall_simple_oif</varname>, and
|
|
<varname>firewall_simple_onet</varname>.</para>
|
|
</sect3>
|
|
</sect2>
|
|
|
|
<sect2 id="contrib">
|
|
<title>Contributed Software</title>
|
|
|
|
<para role="8.0"><application>ISC BIND</application> has been updated to
|
|
version 9.6.1rc1.</para>
|
|
|
|
<para role="8.0">The <application>ACPI-CA</application> has been
|
|
updated to 20090521.</para>
|
|
|
|
<para role="8.0">The <application>ee</application> (easy editor) has
|
|
been updated to 1.5.0. This version is now licensed under a
|
|
2-clause BSD license, instead of the Artistic license.</para>
|
|
|
|
<para role="8.0">The <application>hostapd</application> has been updated to
|
|
version 0.6.8 + radius ACL support.</para>
|
|
|
|
<para role="8.0">The <application>less</application> has been updated to
|
|
version v436.</para>
|
|
|
|
<para role="8.0">The <filename>libarchive</filename> library has
|
|
been updated to version 2.7.0.</para>
|
|
|
|
<para role="8.0">The <filename>libexpat</filename> library has
|
|
been updated from version 1.95.5 to version 2.0.1.</para>
|
|
|
|
<para role="8.0">The <filename>ncurses</filename> library has been updated
|
|
to version 5.7-20081102.</para>
|
|
|
|
<para role="8.0"><application>OpenBSM</application> 1.1 from
|
|
Trusted BSD Project has been merged.</para>
|
|
|
|
<para role="8.0"><application>TCPDUMP</application> has been
|
|
updated to 4.0.0.</para>
|
|
|
|
<para role="8.0">The timezone database has been updated
|
|
to the <application>tzdata2009f</application> release.</para>
|
|
|
|
<para role="8.0"><application>wpa_supplicant</application> has been updated to
|
|
version 0.6.8</para>
|
|
|
|
<para role="8.0">The <application>ZFS</application> file system
|
|
has been updated from version 6 to version 13.</para>
|
|
|
|
<para role="7.1">The <application>am-utils</application> has been updated from
|
|
version 6.0.10p1 to version 6.1.5.</para>
|
|
|
|
<para role="7.1">The <application>awk</application> has been updated from 1 May
|
|
2007 release to the 23 October 2007 release.</para>
|
|
|
|
<para role="7.1">The <application>bzip2</application> has been updated from
|
|
version 1.0.4 to version 1.0.5.</para>
|
|
|
|
<para role="7.1">The <application>CVS</application> has been updated to
|
|
version 1.11.22.1.</para>
|
|
|
|
<para role="7.1"><application>NTP</application> has been updated to version
|
|
4.2.4p5.</para>
|
|
|
|
<para role="7.1"><application>OpenPAM</application> has been updated from the
|
|
Figwort release to the Hydrangea release.</para>
|
|
|
|
<para role="7.1"><application>OpenSSH</application> has been updated from
|
|
version 4.5p1 to version 5.1p1.</para>
|
|
|
|
<para role="7.1">The &man.resolver.3; library has been updated to
|
|
one of <application>ISC BIND</application> 9.4.3.</para>
|
|
|
|
<para role="7.1"><application>sendmail</application> has been updated from
|
|
version 8.14.2 to version 8.14.4.</para>
|
|
</sect2>
|
|
|
|
<sect2 id="ports">
|
|
<title>Ports/Packages Collection Infrastructure</title>
|
|
|
|
<para role="7.2">A bug in the &man.pkg.create.1; utility, which
|
|
prevented the <option>-n</option> flag from working has been
|
|
fixed.</para>
|
|
|
|
<para role="7.2">The &os; Ports Collection now supports multiple
|
|
&man.make.1; jobs in some supported ports. This is
|
|
automatically enabled when a port is marked as
|
|
<varname>MAKE_JOBS_SAFE</varname> and improves CPU utilization
|
|
at the build stage by passing an option
|
|
<option>-j<replaceable>X</replaceable></option> to the top
|
|
level <filename>Makefile</filename> from the vendor. The
|
|
number <replaceable>X</replaceable> is set to the number of
|
|
CPUs by default, and can be set by users via a &man.make.1;
|
|
variable <varname>MAKE_JOBS_NUMBER</varname>. For more
|
|
details, see <filename>ports/Mk/bsd.port.mk</filename>.</para>
|
|
</sect2>
|
|
|
|
<sect2 id="releng">
|
|
<title>Release Engineering and Integration</title>
|
|
|
|
<para role="8.0">The supported version of
|
|
the <application>GNOME</application> desktop environment
|
|
(<filename role="package">x11/gnome2</filename>) has been
|
|
updated to 2.26.3.</para>
|
|
|
|
<para role="8.0">The supported version of
|
|
the <application>KDE</application> desktop environment
|
|
(<filename role="package">x11/kde4</filename>) has been
|
|
updated to 4.3.1.</para>
|
|
</sect2>
|
|
</sect1>
|
|
|
|
<sect1 id="upgrade">
|
|
<title>Upgrading from previous releases of &os;</title>
|
|
|
|
<para arch="amd64,i386">Upgrades between RELEASE versions (and
|
|
snapshots of the various security branches) are supported using
|
|
the &man.freebsd-update.8; utility. The binary upgrade
|
|
procedure will update unmodified userland utilities, as well as
|
|
unmodified GENERIC or SMP kernels distributed as a part of an
|
|
official &os; release. The &man.freebsd-update.8; utility
|
|
requires that the host being upgraded has Internet
|
|
connectivity.</para>
|
|
|
|
<para>An older form of binary upgrade is supported through the
|
|
<command>Upgrade</command> option from the main
|
|
&man.sysinstall.8; menu on CDROM distribution media. This type
|
|
of binary upgrade may be useful on non-&arch.i386;,
|
|
non-&arch.amd64; machines or on systems with no Internet
|
|
connectivity.</para>
|
|
|
|
<para>Source-based upgrades (those based on recompiling the &os;
|
|
base system from source code) from previous versions are
|
|
supported, according to the instructions in
|
|
<filename>/usr/src/UPDATING</filename>.</para>
|
|
|
|
<important>
|
|
<para>Upgrading &os; should, of course, only be attempted after
|
|
backing up <emphasis>all</emphasis> data and configuration
|
|
files.</para>
|
|
</important>
|
|
</sect1>
|
|
</article>
|