UPDATING revision 287146
1Updating Information for FreeBSD current users 2 3This file is maintained and copyrighted by M. Warner Losh <imp@freebsd.org>. 4See end of file for further details. For commonly done items, please see the 5COMMON ITEMS: section later in the file. These instructions assume that you 6basically know what you are doing. If not, then please consult the FreeBSD 7handbook: 8 9 http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/makeworld.html 10 11Items affecting the ports and packages system can be found in 12/usr/ports/UPDATING. Please read that file before running portupgrade. 13 14NOTE: FreeBSD has switched from gcc to clang. If you have trouble bootstrapping 15from older versions of FreeBSD, try WITHOUT_CLANG to bootstrap to the tip of 16stable/10, and then rebuild without this option. The bootstrap process from 17older version of current is a bit fragile. 18 1920150825: p19 FreeBSD-SA-15:21.amd64 20 FreeBSD-SA-15:22.openssh 21 FreeBSD-EN-15:14.ixgbe 22 FreeBSD-EN-15:15.pkg 23 24 Fix local privilege escalation in IRET handler. [SA-15:21] 25 26 Fix OpenSSH multiple vulnerabilities. [SA-15:22] 27 28 Disabled ixgbe(4) flow-director support. [EN-15:14] 29 30 Fix insufficient check of unsupported pkg(7) signature methods. 31 [EN-15:15] 32 3320150818: p18 FreeBSD-SA-15:20.expat 34 35 Fix multiple integer overflows in expat (libbsdxml) XML parser. 36 [SA-15:20] 37 3820150805: p17 FreeBSD-SA-15:18.bsdpatch 39 FreeBSD-SA-15:19.routed 40 41 Fix patch(1) shell injection vulnerability via ed(1). 42 [SA-15:18] 43 44 Fix routed remote denial of service vulnerability. [SA-15:19] 45 4620150728: p16 FreeBSD-SA-15:14.bsdpatch 47 FreeBSD-SA-15:15.tcp 48 FreeBSD-SA-15:16.openssh 49 50 Fix patch(1) shell injection vulnerability. [SA-15:14] 51 52 Fix resource exhaustion in TCP reassembly. [SA-15:15] 53 54 Fix OpenSSH multiple vulnerabilities. [SA-15:16] 55 5620150721: p15 FreeBSD-SA-15:13.tcp 57 58 Fix resource exhaustion due to sessions stuck in LAST_ACK state. 59 [SA-15:13] 60 6120150630: p14 FreeBSD-EN-15:08.sendmail [revised] 62 FreeBSD-EN-15:09.xlocale 63 FreeBSD-EN-15:10.iconv 64 65 Improvements to sendmail TLS/DH interoperability. [EN-15:08] 66 67 Fix inconsistency between locale and rune locale states. 68 [EN-15:09] 69 70 Improved iconv(3) UTF-7 support. [EN-15:10] 71 7220150618: p13 FreeBSD-EN-15:08.sendmail 73 Improvements to sendmail TLS/DH interoperability. [EN-15:08] 74 7520150612: p12 FreeBSD-SA-15:10.openssl 76 Fix multiple vulnerabilities in OpenSSL. [SA-15:10] 77 7820150609: p11 FreeBSD-EN-15:06.file 79 FreeBSD-EN-15:07.zfs 80 81 Updated base system file(1) to 5.22 to address multiple denial 82 of service issues. [EN-15:06] 83 84 Improved reliability of ZFS when TRIM/UNMAP and/or L2ARC is used. 85 [EN-15:07] 86 8720150513: p10 FreeBSD-EN-15:04.freebsd-update 88 FreeBSD-EN-15:05.ufs 89 90 Fix bug with freebsd-update(8) that does not ensure the previous 91 upgrade was completed. [EN-15:04] 92 93 Fix deadlock on reboot with UFS tuned with SU+J. [EN-15:05] 94 9520150407: p9 FreeBSD-SA-15:04.igmp [revised] 96 FreeBSD-SA-15:07.ntp 97 FreeBSD-SA-15:08.bsdinstall 98 FreeBSD-SA-15:09.ipv6 99 100 Improved patch for SA-15:04.igmp. 101 102 Fix multiple vulnerabilities of ntp. [SA-15:07] 103 104 Fix bsdinstall(8) insecure default GELI keyfile permissions. [SA-15:08] 105 106 Fix Denial of Service with IPv6 Router Advertisements. [SA-15:09] 107 10820150320: p8 109 Fix patch for SA-15:06.openssl. 110 11120150319: p7 FreeBSD-SA-15:06.openssl 112 Fix multiple vulnerabilities in OpenSSL. [SA-15:06] 113 11420150225: p6 FreeBSD-SA-15:04.igmp 115 FreeBSD-EN-15:01.vt 116 FreeBSD-EN-15:02.openssl 117 FreeBSD-EN-15:03.freebsd-update 118 119 Fix integer overflow in IGMP protocol. [SA-15:04] 120 121 Fix vt(4) crash with improper ioctl parameters. [EN-15:01] 122 123 Updated base system OpenSSL to 1.0.1l. [EN-15:02] 124 125 Fix freebsd-update libraries update ordering issue. [EN-15:03] 126 12720150127: p5 FreeBSD-SA-15:02.kmem 128 FreeBSD-SA-15:03.sctp 129 130 Fix SCTP SCTP_SS_VALUE kernel memory corruption and disclosure 131 vulnerability. [SA-15:02] 132 133 Fix SCTP stream reset vulnerability. [SA-15:03] 134 13520150114: p4 FreeBSD-SA-15:01.openssl 136 Fix multiple vulnerabilities in OpenSSL. [SA-15:01] 137 13820141223: p3 FreeBSD-SA-14:31.ntp 139 FreeBSD-EN-14:13.freebsd-update 140 141 Fix multiple vulnerabilities in NTP suite. [SA-14:31] 142 Fix directory deletion issue in freebsd-update. [EN-14:13] 143 14420141217: p2 FreeBSD-SA-14:30.unbound 145 Fix unbound remote denial of service vulnerability. 146 14720141210: p1 FreeBSD-SA-14:27.stdio 148 FreeBSD-SA-14:28.file 149 150 Fix buffer overflow in stdio. [SA-14:27] 151 152 Fix multiple vulnerabilities in file(1) and libmagic(3). 153 [SA-14:28] 154 15520140904: 156 The ofwfb driver, used to provide a graphics console on PowerPC when 157 using vt(4), no longer allows mmap() of all of physical memory. This 158 will prevent Xorg on PowerPC with some ATI graphics cards from 159 initializing properly unless x11-servers/xorg-server is updated to 160 1.12.4_8 or newer. 161 16220140831: 163 The libatf-c and libatf-c++ major versions were downgraded to 0 and 164 1 respectively to match the upstream numbers. They were out of 165 sync because, when they were originally added to FreeBSD, the 166 upstream versions were not respected. These libraries are private 167 and not yet built by default, so renumbering them should be a 168 non-issue. However, unclean source trees will yield broken test 169 programs once the operator executes "make delete-old-libs" after a 170 "make installworld". 171 172 Additionally, the atf-sh binary was made private by moving it into 173 /usr/libexec/. Already-built shell test programs will keep the 174 path to the old binary so they will break after "make delete-old" 175 is run. 176 177 If you are using WITH_TESTS=yes (not the default), wipe the object 178 tree and rebuild from scratch to prevent spurious test failures. 179 This is only needed once: the misnumbered libraries and misplaced 180 binaries have been added to OptionalObsoleteFiles.inc so they will 181 be removed during a clean upgrade. 182 18320140814: 184 The ixgbe tunables now match their sysctl counterparts, for example: 185 hw.ixgbe.enable_aim => hw.ix.enable_aim 186 Anyone using ixgbe tunables should ensure they update /boot/loader.conf. 187 18820140801: 189 The NFSv4.1 server committed by r269398 changes the internal 190 function call interfaces used between the NFS and krpc modules. 191 As such, __FreeBSD_version was bumped. 192 19320140729: 194 The default unbound configuration has been modified to address 195 issues with reverse lookups on networks that use private 196 address ranges. If you use the local_unbound service, run 197 "service local_unbound setup" as root to regenerate your 198 configuration, then "service local_unbound reload" to load the 199 new configuration. 200 20120140717: 202 It is no longer necessary to include the dwarf version in your DEBUG 203 options in your kernel config file. The bug that required it to be 204 placed in the config file has bene fixed. DEBUG should now just 205 contain -g. The build system will automatically update things 206 to do the right thing. 207 20820140715: 209 Several ABI breaking changes were merged to CTL and new iSCSI code. 210 All CTL and iSCSI-related tools, such as ctladm, ctld, iscsid and 211 iscsictl need to be rebuilt to work with a new kernel. 212 21320140708: 214 The WITHOUT_VT_SUPPORT kernel config knob has been renamed 215 WITHOUT_VT. (The other _SUPPORT knobs have a consistent meaning 216 which differs from the behaviour controlled by this knob.) 217 21820140608: 219 On i386 and amd64 systems, the onifconsole flag is now set by default 220 in /etc/ttys for ttyu0. This causes ttyu0 to be automatically enabled 221 as a login TTY if it is set in the bootloader as an active kernel 222 console. No changes in behavior should result otherwise. To revert to 223 the previous behavior, set ttyu0 to "off" in /etc/ttys. 224 22520140512: 226 Clang and llvm have been upgraded to 3.4.1 release. 227 22820140321: 229 Clang and llvm have been upgraded to 3.4 release. 230 23120140306: 232 If a Makefile in a tests/ directory was auto-generating a Kyuafile 233 instead of providing an explicit one, this would prevent such 234 Makefile from providing its own Kyuafile in the future during 235 NO_CLEAN builds. This has been fixed in the Makefiles but manual 236 intervention is needed to clean an objdir if you use NO_CLEAN: 237 # find /usr/obj -name Kyuafile | xargs rm -f 238 23920140303: 240 OpenSSH will now ignore errors caused by kernel lacking of Capsicum 241 capability mode support. Please note that enabling the feature in 242 kernel is still highly recommended. 243 24420140227: 245 OpenSSH is now built with sandbox support, and will use sandbox as 246 the default privilege separation method. This requires Capsicum 247 capability mode support in kernel. 248 24920140216: 250 The nve(4) driver for NVIDIA nForce MCP Ethernet adapters has 251 been deprecated and will not be part of FreeBSD 11.0 and later 252 releases. If you use this driver, please consider switching to 253 the nfe(4) driver instead. 254 25520140120: 256 10.0-RELEASE. 257 25820131216: 259 The behavior of gss_pseudo_random() for the krb5 mechanism 260 has changed, for applications requesting a longer random string 261 than produced by the underlying enctype's pseudo-random() function. 262 In particular, the random string produced from a session key of 263 enctype aes256-cts-hmac-sha1-96 or aes256-cts-hmac-sha1-96 will 264 be different at the 17th octet and later, after this change. 265 The counter used in the PRF+ construction is now encoded as a 266 big-endian integer in accordance with RFC 4402. 267 __FreeBSD_version is bumped to 1000701. 268 26920131108: 270 The WITHOUT_ATF build knob has been removed and its functionality 271 has been subsumed into the more generic WITHOUT_TESTS. If you were 272 using the former to disable the build of the ATF libraries, you 273 should change your settings to use the latter. 274 27520131031: 276 The default version of mtree is nmtree which is obtained from 277 NetBSD. The output is generally the same, but may vary 278 slightly. If you found you need identical output adding 279 "-F freebsd9" to the command line should do the trick. For the 280 time being, the old mtree is available as fmtree. 281 28220131014: 283 libbsdyml has been renamed to libyaml and moved to /usr/lib/private. 284 This will break ports-mgmt/pkg. Rebuild the port, or upgrade to pkg 285 1.1.4_8 and verify bsdyml not linked in, before running "make 286 delete-old-libs": 287 # make -C /usr/ports/ports-mgmt/pkg build deinstall install clean 288 or 289 # pkg install pkg; ldd /usr/local/sbin/pkg | grep bsdyml 290 29120131010: 292 The rc.d/jail script has been updated to support jail(8) 293 configuration file. The "jail_<jname>_*" rc.conf(5) variables 294 for per-jail configuration are automatically converted to 295 /var/run/jail.<jname>.conf before the jail(8) utility is invoked. 296 This is transparently backward compatible. See below about some 297 incompatibilities and rc.conf(5) manual page for more details. 298 299 These variables are now deprecated in favor of jail(8) configuration 300 file. One can use "rc.d/jail config <jname>" command to generate 301 a jail(8) configuration file in /var/run/jail.<jname>.conf without 302 running the jail(8) utility. The default pathname of the 303 configuration file is /etc/jail.conf and can be specified by 304 using $jail_conf or $jail_<jname>_conf variables. 305 306 Please note that jail_devfs_ruleset accepts an integer at 307 this moment. Please consider to rewrite the ruleset name 308 with an integer. 309 31020130930: 311 BIND has been removed from the base system. If all you need 312 is a local resolver, simply enable and start the local_unbound 313 service instead. Otherwise, several versions of BIND are 314 available in the ports tree. The dns/bind99 port is one example. 315 316 With this change, nslookup(1) and dig(1) are no longer in the base 317 system. Users should instead use host(1) and drill(1) which are 318 in the base system. Alternatively, nslookup and dig can 319 be obtained by installing the dns/bind-tools port. 320 32120130916: 322 With the addition of unbound(8), a new unbound user is now 323 required during installworld. "mergemaster -p" can be used to 324 add the user prior to installworld, as documented in the handbook. 325 32620130911: 327 OpenSSH is now built with DNSSEC support, and will by default 328 silently trust signed SSHFP records. This can be controlled with 329 the VerifyHostKeyDNS client configuration setting. DNSSEC support 330 can be disabled entirely with the WITHOUT_LDNS option in src.conf. 331 33220130906: 333 The GNU Compiler Collection and C++ standard library (libstdc++) 334 are no longer built by default on platforms where clang is the system 335 compiler. You can enable them with the WITH_GCC and WITH_GNUCXX 336 options in src.conf. 337 33820130905: 339 The PROCDESC kernel option is now part of the GENERIC kernel 340 configuration and is required for the rwhod(8) to work. 341 If you are using custom kernel configuration, you should include 342 'options PROCDESC'. 343 34420130905: 345 The API and ABI related to the Capsicum framework was modified 346 in backward incompatible way. The userland libraries and programs 347 have to be recompiled to work with the new kernel. This includes the 348 following libraries and programs, but the whole buildworld is 349 advised: libc, libprocstat, dhclient, tcpdump, hastd, hastctl, 350 kdump, procstat, rwho, rwhod, uniq. 351 35220130903: 353 AES-NI intrinsic support has been added to gcc. The AES-NI module 354 has been updated to use this support. A new gcc is required to build 355 the aesni module on both i386 and amd64. 356 35720130821: 358 The PADLOCK_RNG and RDRAND_RNG kernel options are now devices. 359 Thus "device padlock_rng" and "device rdrand_rng" should be 360 used instead of "options PADLOCK_RNG" & "options RDRAND_RNG". 361 36220130813: 363 WITH_ICONV has been split into two feature sets. WITH_ICONV now 364 enables just the iconv* functionality and is now on by default. 365 WITH_LIBICONV_COMPAT enables the libiconv api and link time 366 compatability. Set WITHOUT_ICONV to build the old way. 367 If you have been using WITH_ICONV before, you will very likely 368 need to turn on WITH_LIBICONV_COMPAT. 369 37020130806: 371 INVARIANTS option now enables DEBUG for code with OpenSolaris and 372 Illumos origin, including ZFS. If you have INVARIANTS in your 373 kernel configuration, then there is no need to set DEBUG or ZFS_DEBUG 374 explicitly. 375 DEBUG used to enable witness(9) tracking of OpenSolaris (mostly ZFS) 376 locks if WITNESS option was set. Because that generated a lot of 377 witness(9) reports and all of them were believed to be false 378 positives, this is no longer done. New option OPENSOLARIS_WITNESS 379 can be used to achieve the previous behavior. 380 38120130806: 382 Timer values in IPv6 data structures now use time_uptime instead 383 of time_second. Although this is not a user-visible functional 384 change, userland utilities which directly use them---ndp(8), 385 rtadvd(8), and rtsold(8) in the base system---need to be updated 386 to r253970 or later. 387 38820130802: 389 find -delete can now delete the pathnames given as arguments, 390 instead of only files found below them or if the pathname did 391 not contain any slashes. Formerly, the following error message 392 would result: 393 394 find: -delete: <path>: relative path potentially not safe 395 396 Deleting the pathnames given as arguments can be prevented 397 without error messages using -mindepth 1 or by changing 398 directory and passing "." as argument to find. This works in the 399 old as well as the new version of find. 400 40120130726: 402 Behavior of devfs rules path matching has been changed. 403 Pattern is now always matched against fully qualified devfs 404 path and slash characters must be explicitly matched by 405 slashes in pattern (FNM_PATHNAME). Rulesets involving devfs 406 subdirectories must be reviewed. 407 40820130716: 409 The default ARM ABI has changed to the ARM EABI. The old ABI is 410 incompatible with the ARM EABI and all programs and modules will 411 need to be rebuilt to work with a new kernel. 412 413 To keep using the old ABI ensure the WITHOUT_ARM_EABI knob is set. 414 415 NOTE: Support for the old ABI will be removed in the future and 416 users are advised to upgrade. 417 41820130709: 419 pkg_install has been disconnected from the build if you really need it 420 you should add WITH_PKGTOOLS in your src.conf(5). 421 42220130709: 423 Most of network statistics structures were changed to be able 424 keep 64-bits counters. Thus all tools, that work with networking 425 statistics, must be rebuilt (netstat(1), bsnmpd(1), etc.) 426 42720130629: 428 Fix targets that run multiple make's to use && rather than ; 429 so that subsequent steps depend on success of previous. 430 431 NOTE: if building 'universe' with -j* on stable/8 or stable/9 432 it would be better to start the build using bmake, to avoid 433 overloading the machine. 434 43520130618: 436 Fix a bug that allowed a tracing process (e.g. gdb) to write 437 to a memory-mapped file in the traced process's address space 438 even if neither the traced process nor the tracing process had 439 write access to that file. 440 44120130615: 442 CVS has been removed from the base system. An exact copy 443 of the code is available from the devel/cvs port. 444 44520130613: 446 Some people report the following error after the switch to bmake: 447 448 make: illegal option -- J 449 usage: make [-BPSXeiknpqrstv] [-C directory] [-D variable] 450 ... 451 *** [buildworld] Error code 2 452 453 this likely due to an old instance of make in 454 ${MAKEPATH} (${MAKEOBJDIRPREFIX}${.CURDIR}/make.${MACHINE}) 455 which src/Makefile will use that blindly, if it exists, so if 456 you see the above error: 457 458 rm -rf `make -V MAKEPATH` 459 460 should resolve it. 461 46220130516: 463 Use bmake by default. 464 Whereas before one could choose to build with bmake via 465 -DWITH_BMAKE one must now use -DWITHOUT_BMAKE to use the old 466 make. The goal is to remove these knobs for 10-RELEASE. 467 468 It is worth noting that bmake (like gmake) treats the command 469 line as the unit of failure, rather than statements within the 470 command line. Thus '(cd some/where && dosomething)' is safer 471 than 'cd some/where; dosomething'. The '()' allows consistent 472 behavior in parallel build. 473 47420130429: 475 Fix a bug that allows NFS clients to issue READDIR on files. 476 47720130426: 478 The WITHOUT_IDEA option has been removed because 479 the IDEA patent expired. 480 48120130426: 482 The sysctl which controls TRIM support under ZFS has been renamed 483 from vfs.zfs.trim_disable -> vfs.zfs.trim.enabled and has been 484 enabled by default. 485 48620130425: 487 The mergemaster command now uses the default MAKEOBJDIRPREFIX 488 rather than creating it's own in the temporary directory in 489 order allow access to bootstrapped versions of tools such as 490 install and mtree. When upgrading from version of FreeBSD where 491 the install command does not support -l, you will need to 492 install a new mergemaster command if mergemaster -p is required. 493 This can be accomplished with the command (cd src/usr.sbin/mergemaster 494 && make install). 495 49620130404: 497 Legacy ATA stack, disabled and replaced by new CAM-based one since 498 FreeBSD 9.0, completely removed from the sources. Kernel modules 499 atadisk and atapi*, user-level tools atacontrol and burncd are 500 removed. Kernel option `options ATA_CAM` is now permanently enabled 501 and removed. 502 50320130319: 504 SOCK_CLOEXEC and SOCK_NONBLOCK flags have been added to socket(2) 505 and socketpair(2). Software, in particular Kerberos, may 506 automatically detect and use these during building. The resulting 507 binaries will not work on older kernels. 508 50920130308: 510 CTL_DISABLE has also been added to the sparc64 GENERIC (for further 511 information, see the respective 20130304 entry). 512 51320130304: 514 Recent commits to callout(9) changed the size of struct callout, 515 so the KBI is probably heavily disturbed. Also, some functions 516 in callout(9)/sleep(9)/sleepqueue(9)/condvar(9) KPIs were replaced 517 by macros. Every kernel module using it won't load, so rebuild 518 is requested. 519 520 The ctl device has been re-enabled in GENERIC for i386 and amd64, 521 but does not initialize by default (because of the new CTL_DISABLE 522 option) to save memory. To re-enable it, remove the CTL_DISABLE 523 option from the kernel config file or set kern.cam.ctl.disable=0 524 in /boot/loader.conf. 525 52620130301: 527 The ctl device has been disabled in GENERIC for i386 and amd64. 528 This was done due to the extra memory being allocated at system 529 initialisation time by the ctl driver which was only used if 530 a CAM target device was created. This makes a FreeBSD system 531 unusable on 128MB or less of RAM. 532 53320130208: 534 A new compression method (lz4) has been merged to -HEAD. Please 535 refer to zpool-features(7) for more information. 536 537 Please refer to the "ZFS notes" section of this file for information 538 on upgrading boot ZFS pools. 539 54020130129: 541 A BSD-licensed patch(1) variant has been added and is installed 542 as bsdpatch, being the GNU version the default patch. 543 To inverse the logic and use the BSD-licensed one as default, 544 while having the GNU version installed as gnupatch, rebuild 545 and install world with the WITH_BSD_PATCH knob set. 546 54720130121: 548 Due to the use of the new -l option to install(1) during build 549 and install, you must take care not to directly set the INSTALL 550 make variable in your /etc/make.conf, /etc/src.conf, or on the 551 command line. If you wish to use the -C flag for all installs 552 you may be able to add INSTALL+=-C to /etc/make.conf or 553 /etc/src.conf. 554 55520130118: 556 The install(1) option -M has changed meaning and now takes an 557 argument that is a file or path to append logs to. In the 558 unlikely event that -M was the last option on the command line 559 and the command line contained at least two files and a target 560 directory the first file will have logs appended to it. The -M 561 option served little practical purpose in the last decade so its 562 use is expected to be extremely rare. 563 56420121223: 565 After switching to Clang as the default compiler some users of ZFS 566 on i386 systems started to experience stack overflow kernel panics. 567 Please consider using 'options KSTACK_PAGES=4' in such configurations. 568 56920121222: 570 GEOM_LABEL now mangles label names read from file system metadata. 571 Mangling affect labels containing spaces, non-printable characters, 572 '%' or '"'. Device names in /etc/fstab and other places may need to 573 be updated. 574 57520121217: 576 By default, only the 10 most recent kernel dumps will be saved. To 577 restore the previous behaviour (no limit on the number of kernel dumps 578 stored in the dump directory) add the following line to /etc/rc.conf: 579 580 savecore_flags="" 581 58220121201: 583 With the addition of auditdistd(8), a new auditdistd user is now 584 required during installworld. "mergemaster -p" can be used to 585 add the user prior to installworld, as documented in the handbook. 586 58720121117: 588 The sin6_scope_id member variable in struct sockaddr_in6 is now 589 filled by the kernel before passing the structure to the userland via 590 sysctl or routing socket. This means the KAME-specific embedded scope 591 id in sin6_addr.s6_addr[2] is always cleared in userland application. 592 This behavior can be controlled by net.inet6.ip6.deembed_scopeid. 593 __FreeBSD_version is bumped to 1000025. 594 59520121105: 596 On i386 and amd64 systems WITH_CLANG_IS_CC is now the default. 597 This means that the world and kernel will be compiled with clang 598 and that clang will be installed as /usr/bin/cc, /usr/bin/c++, 599 and /usr/bin/cpp. To disable this behavior and revert to building 600 with gcc, compile with WITHOUT_CLANG_IS_CC. Really old versions 601 of current may need to bootstrap WITHOUT_CLANG first if the clang 602 build fails (its compatibility window doesn't extend to the 9 stable 603 branch point). 604 60520121102: 606 The IPFIREWALL_FORWARD kernel option has been removed. Its 607 functionality now turned on by default. 608 60920121023: 610 The ZERO_COPY_SOCKET kernel option has been removed and 611 split into SOCKET_SEND_COW and SOCKET_RECV_PFLIP. 612 NB: SOCKET_SEND_COW uses the VM page based copy-on-write 613 mechanism which is not safe and may result in kernel crashes. 614 NB: The SOCKET_RECV_PFLIP mechanism is useless as no current 615 driver supports disposeable external page sized mbuf storage. 616 Proper replacements for both zero-copy mechanisms are under 617 consideration and will eventually lead to complete removal 618 of the two kernel options. 619 62020121023: 621 The IPv4 network stack has been converted to network byte 622 order. The following modules need to be recompiled together 623 with kernel: carp(4), divert(4), gif(4), siftr(4), gre(4), 624 pf(4), ipfw(4), ng_ipfw(4), stf(4). 625 62620121022: 627 Support for non-MPSAFE filesystems was removed from VFS. The 628 VFS_VERSION was bumped, all filesystem modules shall be 629 recompiled. 630 63120121018: 632 All the non-MPSAFE filesystems have been disconnected from 633 the build. The full list includes: codafs, hpfs, ntfs, nwfs, 634 portalfs, smbfs, xfs. 635 63620121016: 637 The interface cloning API and ABI has changed. The following 638 modules need to be recompiled together with kernel: 639 ipfw(4), pfsync(4), pflog(4), usb(4), wlan(4), stf(4), 640 vlan(4), disc(4), edsc(4), if_bridge(4), gif(4), tap(4), 641 faith(4), epair(4), enc(4), tun(4), if_lagg(4), gre(4). 642 64320121015: 644 The sdhci driver was split in two parts: sdhci (generic SD Host 645 Controller logic) and sdhci_pci (actual hardware driver). 646 No kernel config modifications are required, but if you 647 load sdhc as a module you must switch to sdhci_pci instead. 648 64920121014: 650 Import the FUSE kernel and userland support into base system. 651 65220121013: 653 The GNU sort(1) program has been removed since the BSD-licensed 654 sort(1) has been the default for quite some time and no serious 655 problems have been reported. The corresponding WITH_GNU_SORT 656 knob has also gone. 657 65820121006: 659 The pfil(9) API/ABI for AF_INET family has been changed. Packet 660 filtering modules: pf(4), ipfw(4), ipfilter(4) need to be recompiled 661 with new kernel. 662 66320121001: 664 The net80211(4) ABI has been changed to allow for improved driver 665 PS-POLL and power-save support. All wireless drivers need to be 666 recompiled to work with the new kernel. 667 66820120913: 669 The random(4) support for the VIA hardware random number 670 generator (`PADLOCK') is no longer enabled unconditionally. 671 Add the padlock_rng device in the custom kernel config if 672 needed. The GENERIC kernels on i386 and amd64 do include the 673 device, so the change only affects the custom kernel 674 configurations. 675 67620120908: 677 The pf(4) packet filter ABI has been changed. pfctl(8) and 678 snmp_pf module need to be recompiled to work with new kernel. 679 68020120828: 681 A new ZFS feature flag "com.delphix:empty_bpobj" has been merged 682 to -HEAD. Pools that have empty_bpobj in active state can not be 683 imported read-write with ZFS implementations that do not support 684 this feature. For more information read the zpool-features(5) 685 manual page. 686 68720120727: 688 The sparc64 ZFS loader has been changed to no longer try to auto- 689 detect ZFS providers based on diskN aliases but now requires these 690 to be explicitly listed in the OFW boot-device environment variable. 691 69220120712: 693 The OpenSSL has been upgraded to 1.0.1c. Any binaries requiring 694 libcrypto.so.6 or libssl.so.6 must be recompiled. Also, there are 695 configuration changes. Make sure to merge /etc/ssl/openssl.cnf. 696 69720120712: 698 The following sysctls and tunables have been renamed for consistency 699 with other variables: 700 kern.cam.da.da_send_ordered -> kern.cam.da.send_ordered 701 kern.cam.ada.ada_send_ordered -> kern.cam.ada.send_ordered 702 70320120628: 704 The sort utility has been replaced with BSD sort. For now, GNU sort 705 is also available as "gnusort" or the default can be set back to 706 GNU sort by setting WITH_GNU_SORT. In this case, BSD sort will be 707 installed as "bsdsort". 708 70920120611: 710 A new version of ZFS (pool version 5000) has been merged to -HEAD. 711 Starting with this version the old system of ZFS pool versioning 712 is superseded by "feature flags". This concept enables forward 713 compatibility against certain future changes in functionality of ZFS 714 pools. The first read-only compatible "feature flag" for ZFS pools 715 is named "com.delphix:async_destroy". For more information 716 read the new zpool-features(5) manual page. 717 Please refer to the "ZFS notes" section of this file for information 718 on upgrading boot ZFS pools. 719 72020120417: 721 The malloc(3) implementation embedded in libc now uses sources imported 722 as contrib/jemalloc. The most disruptive API change is to 723 /etc/malloc.conf. If your system has an old-style /etc/malloc.conf, 724 delete it prior to installworld, and optionally re-create it using the 725 new format after rebooting. See malloc.conf(5) for details 726 (specifically the TUNING section and the "opt.*" entries in the MALLCTL 727 NAMESPACE section). 728 72920120328: 730 Big-endian MIPS TARGET_ARCH values no longer end in "eb". mips64eb 731 is now spelled mips64. mipsn32eb is now spelled mipsn32. mipseb is 732 now spelled mips. This is to aid compatibility with third-party 733 software that expects this naming scheme in uname(3). Little-endian 734 settings are unchanged. If you are updating a big-endian mips64 machine 735 from before this change, you may need to set MACHINE_ARCH=mips64 in 736 your environment before the new build system will recognize your machine. 737 73820120306: 739 Disable by default the option VFS_ALLOW_NONMPSAFE for all supported 740 platforms. 741 74220120229: 743 Now unix domain sockets behave "as expected" on nullfs(5). Previously 744 nullfs(5) did not pass through all behaviours to the underlying layer, 745 as a result if we bound to a socket on the lower layer we could connect 746 only to the lower path; if we bound to the upper layer we could connect 747 only to the upper path. The new behavior is one can connect to both the 748 lower and the upper paths regardless what layer path one binds to. 749 75020120211: 751 The getifaddrs upgrade path broken with 20111215 has been restored. 752 If you have upgraded in between 20111215 and 20120209 you need to 753 recompile libc again with your kernel. You still need to recompile 754 world to be able to configure CARP but this restriction already 755 comes from 20111215. 756 75720120114: 758 The set_rcvar() function has been removed from /etc/rc.subr. All 759 base and ports rc.d scripts have been updated, so if you have a 760 port installed with a script in /usr/local/etc/rc.d you can either 761 hand-edit the rcvar= line, or reinstall the port. 762 763 An easy way to handle the mass-update of /etc/rc.d: 764 rm /etc/rc.d/* && mergemaster -i 765 76620120109: 767 panic(9) now stops other CPUs in the SMP systems, disables interrupts 768 on the current CPU and prevents other threads from running. 769 This behavior can be reverted using the kern.stop_scheduler_on_panic 770 tunable/sysctl. 771 The new behavior can be incompatible with kern.sync_on_panic. 772 77320111215: 774 The carp(4) facility has been changed significantly. Configuration 775 of the CARP protocol via ifconfig(8) has changed, as well as format 776 of CARP events submitted to devd(8) has changed. See manual pages 777 for more information. The arpbalance feature of carp(4) is currently 778 not supported anymore. 779 780 Size of struct in_aliasreq, struct in6_aliasreq has changed. User 781 utilities using SIOCAIFADDR, SIOCAIFADDR_IN6, e.g. ifconfig(8), 782 need to be recompiled. 783 78420111122: 785 The acpi_wmi(4) status device /dev/wmistat has been renamed to 786 /dev/wmistat0. 787 78820111108: 789 The option VFS_ALLOW_NONMPSAFE option has been added in order to 790 explicitely support non-MPSAFE filesystems. 791 It is on by default for all supported platform at this present 792 time. 793 79420111101: 795 The broken amd(4) driver has been replaced with esp(4) in the amd64, 796 i386 and pc98 GENERIC kernel configuration files. 797 79820110930: 799 sysinstall has been removed 800 80120110923: 802 The stable/9 branch created in subversion. This corresponds to the 803 RELENG_9 branch in CVS. 804 80520110913: 806 This commit modifies vfs_register() so that it uses a hash 807 calculation to set vfc_typenum, which is enabled by default. 808 The first time a system is booted after this change, the 809 vfc_typenum values will change for all file systems. The 810 main effect of this is a change to the NFS server file handles 811 for file systems that use vfc_typenum in their fsid, such as ZFS. 812 It will, however, prevent vfc_typenum from changing when file 813 systems are loaded in a different order for subsequent reboots. 814 To disable this, you can set vfs.typenumhash=0 in /boot/loader.conf 815 until you are ready to remount all NFS clients after a reboot. 816 81720110828: 818 Bump the shared library version numbers for libraries that 819 do not use symbol versioning, have changed the ABI compared 820 to stable/8 and which shared library version was not bumped. 821 Done as part of 9.0-RELEASE cycle. 822 82320110815: 824 During the merge of Capsicum features, the fget(9) KPI was modified. 825 This may require the rebuilding of out-of-tree device drivers -- 826 issues have been reported specifically with the nVidia device driver. 827 __FreeBSD_version is bumped to 900041. 828 829 Also, there is a period between 20110811 and 20110814 where the 830 special devices /dev/{stdin,stdout,stderr} did not work correctly. 831 Building world from a kernel during that window may not work. 832 83320110628: 834 The packet filter (pf) code has been updated to OpenBSD 4.5. 835 You need to update userland tools to be in sync with kernel. 836 This update breaks backward compatibility with earlier pfsync(4) 837 versions. Care must be taken when updating redundant firewall setups. 838 83920110608: 840 The following sysctls and tunables are retired on x86 platforms: 841 machdep.hlt_cpus 842 machdep.hlt_logical_cpus 843 The following sysctl is retired: 844 machdep.hyperthreading_allowed 845 The sysctls were supposed to provide a way to dynamically offline and 846 online selected CPUs on x86 platforms, but the implementation has not 847 been reliable especially with SCHED_ULE scheduler. 848 machdep.hyperthreading_allowed tunable is still available to ignore 849 hyperthreading CPUs at OS level. 850 Individual CPUs can be disabled using hint.lapic.X.disabled tunable, 851 where X is an APIC ID of a CPU. Be advised, though, that disabling 852 CPUs in non-uniform fashion will result in non-uniform topology and 853 may lead to sub-optimal system performance with SCHED_ULE, which is 854 a default scheduler. 855 85620110607: 857 cpumask_t type is retired and cpuset_t is used in order to describe 858 a mask of CPUs. 859 86020110531: 861 Changes to ifconfig(8) for dynamic address family detection mandate 862 that you are running a kernel of 20110525 or later. Make sure to 863 follow the update procedure to boot a new kernel before installing 864 world. 865 86620110513: 867 Support for sun4v architecture is officially dropped 868 86920110503: 870 Several KPI breaking changes have been committed to the mii(4) layer, 871 the PHY drivers and consequently some Ethernet drivers using mii(4). 872 This means that miibus.ko and the modules of the affected Ethernet 873 drivers need to be recompiled. 874 875 Note to kernel developers: Given that the OUI bit reversion problem 876 was fixed as part of these changes all mii(4) commits related to OUIs, 877 i.e. to sys/dev/mii/miidevs, PHY driver probing and vendor specific 878 handling, no longer can be merged verbatim to stable/8 and previous 879 branches. 880 88120110430: 882 Users of the Atheros AR71xx SoC code now need to add 'device ar71xx_pci' 883 into their kernel configurations along with 'device pci'. 884 88520110427: 886 The default NFS client is now the new NFS client, so fstype "newnfs" 887 is now "nfs" and the regular/old NFS client is now fstype "oldnfs". 888 Although mounts via fstype "nfs" will usually work without userland 889 changes, it is recommended that the mount(8) and mount_nfs(8) 890 commands be rebuilt from sources and that a link to mount_nfs called 891 mount_oldnfs be created. The new client is compiled into the 892 kernel with "options NFSCL" and this is needed for diskless root 893 file systems. The GENERIC kernel configs have been changed to use 894 NFSCL and NFSD (the new server) instead of NFSCLIENT and NFSSERVER. 895 To use the regular/old client, you can "mount -t oldnfs ...". For 896 a diskless root file system, you must also include a line like: 897 898 vfs.root.mountfrom="oldnfs:" 899 900 in the boot/loader.conf on the root fs on the NFS server to make 901 a diskless root fs use the old client. 902 90320110424: 904 The GENERIC kernels for all architectures now default to the new 905 CAM-based ATA stack. It means that all legacy ATA drivers were 906 removed and replaced by respective CAM drivers. If you are using 907 ATA device names in /etc/fstab or other places, make sure to update 908 them respectively (adX -> adaY, acdX -> cdY, afdX -> daY, astX -> saY, 909 where 'Y's are the sequential numbers starting from zero for each type 910 in order of detection, unless configured otherwise with tunables, 911 see cam(4)). There will be symbolic links created in /dev/ to map 912 old adX devices to the respective adaY. They should provide basic 913 compatibility for file systems mounting in most cases, but they do 914 not support old user-level APIs and do not have respective providers 915 in GEOM. Consider using updated management tools with new device names. 916 917 It is possible to load devices ahci, ata, siis and mvs as modules, 918 but option ATA_CAM should remain in kernel configuration to make ata 919 module work as CAM driver supporting legacy ATA controllers. Device ata 920 still can be used in modular fashion (atacore + ...). Modules atadisk 921 and atapi* are not used and won't affect operation in ATA_CAM mode. 922 Note that to use CAM-based ATA kernel should include CAM devices 923 scbus, pass, da (or explicitly ada), cd and optionally others. All of 924 them are parts of the cam module. 925 926 ataraid(4) functionality is now supported by the RAID GEOM class. 927 To use it you can load geom_raid kernel module and use graid(8) tool 928 for management. Instead of /dev/arX device names, use /dev/raid/rX. 929 930 No kernel config options or code have been removed, so if a problem 931 arises, please report it and optionally revert to the old ATA stack. 932 In order to do it you can remove from the kernel config: 933 options ATA_CAM 934 device ahci 935 device mvs 936 device siis 937 , and instead add back: 938 device atadisk # ATA disk drives 939 device ataraid # ATA RAID drives 940 device atapicd # ATAPI CDROM drives 941 device atapifd # ATAPI floppy drives 942 device atapist # ATAPI tape drives 943 94420110423: 945 The default NFS server has been changed to the new server, which 946 was referred to as the experimental server. If you need to switch 947 back to the old NFS server, you must now put the "-o" option on 948 both the mountd and nfsd commands. This can be done using the 949 mountd_flags and nfs_server_flags rc.conf variables until an 950 update to the rc scripts is committed, which is coming soon. 951 95220110418: 953 The GNU Objective-C runtime library (libobjc), and other Objective-C 954 related components have been removed from the base system. If you 955 require an Objective-C library, please use one of the available ports. 956 95720110331: 958 ath(4) has been split into bus- and device- modules. if_ath contains 959 the HAL, the TX rate control and the network device code. if_ath_pci 960 contains the PCI bus glue. For Atheros MIPS embedded systems, if_ath_ahb 961 contains the AHB glue. Users need to load both if_ath_pci and if_ath 962 in order to use ath on everything else. 963 964 TO REPEAT: if_ath_ahb is not needed for normal users. Normal users only 965 need to load if_ath and if_ath_pci for ath(4) operation. 966 96720110314: 968 As part of the replacement of sysinstall, the process of building 969 release media has changed significantly. For details, please re-read 970 release(7), which has been updated to reflect the new build process. 971 97220110218: 973 GNU binutils 2.17.50 (as of 2007-07-03) has been merged to -HEAD. This 974 is the last available version under GPLv2. It brings a number of new 975 features, such as support for newer x86 CPU's (with SSE-3, SSSE-3, SSE 976 4.1 and SSE 4.2), better support for powerpc64, a number of new 977 directives, and lots of other small improvements. See the ChangeLog 978 file in contrib/binutils for the full details. 979 98020110218: 981 IPsec's HMAC_SHA256-512 support has been fixed to be RFC4868 982 compliant, and will now use half of hash for authentication. 983 This will break interoperability with all stacks (including all 984 actual FreeBSD versions) who implement 985 draft-ietf-ipsec-ciph-sha-256-00 (they use 96 bits of hash for 986 authentication). 987 The only workaround with such peers is to use another HMAC 988 algorithm for IPsec ("phase 2") authentication. 989 99020110207: 991 Remove the uio_yield prototype and symbol. This function has 992 been misnamed since it was introduced and should not be 993 globally exposed with this name. The equivalent functionality 994 is now available using kern_yield(curthread->td_user_pri). 995 The function remains undocumented. 996 99720110112: 998 A SYSCTL_[ADD_]UQUAD was added for unsigned uint64_t pointers, 999 symmetric with the existing SYSCTL_[ADD_]QUAD. Type checking 1000 for scalar sysctls is defined but disabled. Code that needs 1001 UQUAD to pass the type checking that must compile on older 1002 systems where the define is not present can check against 1003 __FreeBSD_version >= 900030. 1004 1005 The system dialog(1) has been replaced with a new version previously 1006 in ports as devel/cdialog. dialog(1) is mostly command-line compatible 1007 with the previous version, but the libdialog associated with it has 1008 a largely incompatible API. As such, the original version of libdialog 1009 will be kept temporarily as libodialog, until its base system consumers 1010 are replaced or updated. Bump __FreeBSD_version to 900030. 1011 101220110103: 1013 If you are trying to run make universe on a -stable system, and you get 1014 the following warning: 1015 "Makefile", line 356: "Target architecture for i386/conf/GENERIC 1016 unknown. config(8) likely too old." 1017 or something similar to it, then you must upgrade your -stable system 1018 to 8.2-Release or newer (really, any time after r210146 7/15/2010 in 1019 stable/8) or build the config from the latest stable/8 branch and 1020 install it on your system. 1021 1022 Prior to this date, building a current universe on 8-stable system from 1023 between 7/15/2010 and 1/2/2011 would result in a weird shell parsing 1024 error in the first kernel build phase. A new config on those old 1025 systems will fix that problem for older versions of -current. 1026 102720101228: 1028 The TCP stack has been modified to allow Khelp modules to interact with 1029 it via helper hook points and store per-connection data in the TCP 1030 control block. Bump __FreeBSD_version to 900029. User space tools that 1031 rely on the size of struct tcpcb in tcp_var.h (e.g. sockstat) need to 1032 be recompiled. 1033 103420101114: 1035 Generic IEEE 802.3 annex 31B full duplex flow control support has been 1036 added to mii(4) and bge(4), bce(4), msk(4), nfe(4) and stge(4) along 1037 with brgphy(4), e1000phy(4) as well as ip1000phy() have been converted 1038 to take advantage of it instead of using custom implementations. This 1039 means that these drivers now no longer unconditionally advertise 1040 support for flow control but only do so if flow control is a selected 1041 media option. This was implemented in the generic support that way in 1042 order to allow flow control to be switched on and off via ifconfig(8) 1043 with the PHY specific default to typically off in order to protect 1044 from unwanted effects. Consequently, if you used flow control with 1045 one of the above mentioned drivers you now need to explicitly enable 1046 it, for example via: 1047 ifconfig bge0 media auto mediaopt flowcontrol 1048 1049 Along with the above mentioned changes generic support for setting 1050 1000baseT master mode also has been added and brgphy(4), ciphy(4), 1051 e1000phy(4) as well as ip1000phy(4) have been converted to take 1052 advantage of it. This means that these drivers now no longer take the 1053 link0 parameter for selecting master mode but the master media option 1054 has to be used instead, for example like in the following: 1055 ifconfig bge0 media 1000baseT mediaopt full-duplex,master 1056 1057 Selection of master mode now is also available with all other PHY 1058 drivers supporting 1000baseT. 1059 106020101111: 1061 The TCP stack has received a significant update to add support for 1062 modularised congestion control and generally improve the clarity of 1063 congestion control decisions. Bump __FreeBSD_version to 900025. User 1064 space tools that rely on the size of struct tcpcb in tcp_var.h (e.g. 1065 sockstat) need to be recompiled. 1066 106720101002: 1068 The man(1) utility has been replaced by a new version that no longer 1069 uses /etc/manpath.config. Please consult man.conf(5) for how to 1070 migrate local entries to the new format. 1071 107220100928: 1073 The copyright strings printed by login(1) and sshd(8) at the time of a 1074 new connection have been removed to follow other operating systems and 1075 upstream sshd. 1076 107720100915: 1078 A workaround for a fixed ld bug has been removed in kernel code, 1079 so make sure that your system ld is built from sources after 1080 revision 210245 from 2010-07-19 (r211583 if building head kernel 1081 on stable/8, r211584 for stable/7; both from 2010-08-21). 1082 A symptom of incorrect ld version is different addresses for 1083 set_pcpu section and __start_set_pcpu symbol in kernel and/or modules. 1084 108520100913: 1086 The $ipv6_prefer variable in rc.conf(5) has been split into 1087 $ip6addrctl_policy and $ipv6_activate_all_interfaces. 1088 1089 The $ip6addrctl_policy is a variable to choose a pre-defined 1090 address selection policy set by ip6addrctl(8). A value 1091 "ipv4_prefer", "ipv6_prefer" or "AUTO" can be specified. The 1092 default is "AUTO". 1093 1094 The $ipv6_activate_all_interfaces specifies whether IFDISABLED 1095 flag (see an entry of 20090926) is set on an interface with no 1096 corresponding $ifconfig_IF_ipv6 line. The default is "NO" for 1097 security reason. If you want IPv6 link-local address on all 1098 interfaces by default, set this to "YES". 1099 1100 The old ipv6_prefer="YES" is equivalent to 1101 ipv6_activate_all_interfaces="YES" and 1102 ip6addrctl_policy="ipv6_prefer". 1103 110420100913: 1105 DTrace has grown support for userland tracing. Due to this, DTrace is 1106 now i386 and amd64 only. 1107 dtruss(1) is now installed by default on those systems and a new 1108 kernel module is needed for userland tracing: fasttrap. 1109 No changes to your kernel config file are necessary to enable 1110 userland tracing, but you might consider adding 'STRIP=' and 1111 'CFLAGS+=-fno-omit-frame-pointer' to your make.conf if you want 1112 to have informative userland stack traces in DTrace (ustack). 1113 111420100725: 1115 The acpi_aiboost(4) driver has been removed in favor of the new 1116 aibs(4) driver. You should update your kernel configuration file. 1117 111820100722: 1119 BSD grep has been imported to the base system and it is built by 1120 default. It is completely BSD licensed, highly GNU-compatible, uses 1121 less memory than its GNU counterpart and has a small codebase. 1122 However, it is slower than its GNU counterpart, which is mostly 1123 noticeable for larger searches, for smaller ones it is measurable 1124 but not significant. The reason is complex, the most important factor 1125 is that we lack a modern and efficient regex library and GNU 1126 overcomes this by optimizing the searches internally. Future work 1127 on improving the regex performance is planned, for the meantime, 1128 users that need better performance, can build GNU grep instead by 1129 setting the WITH_GNU_GREP knob. 1130 113120100713: 1132 Due to the import of powerpc64 support, all existing powerpc kernel 1133 configuration files must be updated with a machine directive like this: 1134 machine powerpc powerpc 1135 1136 In addition, an updated config(8) is required to build powerpc kernels 1137 after this change. 1138 113920100713: 1140 A new version of ZFS (version 15) has been merged to -HEAD. 1141 This version uses a python library for the following subcommands: 1142 zfs allow, zfs unallow, zfs groupspace, zfs userspace. 1143 For full functionality of these commands the following port must 1144 be installed: sysutils/py-zfs 1145 114620100429: 1147 'vm_page's are now hashed by physical address to an array of mutexes. 1148 Currently this is only used to serialize access to hold_count. Over 1149 time the page queue mutex will be peeled away. This changes the size 1150 of pmap on every architecture. And requires all callers of vm_page_hold 1151 and vm_page_unhold to be updated. 1152 115320100402: 1154 WITH_CTF can now be specified in src.conf (not recommended, there 1155 are some problems with static executables), make.conf (would also 1156 affect ports which do not use GNU make and do not override the 1157 compile targets) or in the kernel config (via "makeoptions 1158 WITH_CTF=yes"). 1159 When WITH_CTF was specified there before this was silently ignored, 1160 so make sure that WITH_CTF is not used in places which could lead 1161 to unwanted behavior. 1162 116320100311: 1164 The kernel option COMPAT_IA32 has been replaced with COMPAT_FREEBSD32 1165 to allow 32-bit compatibility on non-x86 platforms. All kernel 1166 configurations on amd64 and ia64 platforms using these options must 1167 be modified accordingly. 1168 116920100113: 1170 The utmp user accounting database has been replaced with utmpx, 1171 the user accounting interface standardized by POSIX. 1172 Unfortunately the semantics of utmp and utmpx don't match, 1173 making it practically impossible to support both interfaces. 1174 The user accounting database is used by tools like finger(1), 1175 last(1), talk(1), w(1) and ac(8). 1176 1177 All applications in the base system use utmpx. This means only 1178 local binaries (e.g. from the ports tree) may still use these 1179 utmp database files. These applications must be rebuilt to make 1180 use of utmpx. 1181 1182 After the system has been upgraded, it is safe to remove the old 1183 log files (/var/run/utmp, /var/log/lastlog and /var/log/wtmp*), 1184 assuming their contents is of no importance anymore. Old wtmp 1185 databases can only be used by last(1) and ac(8) after they have 1186 been converted to the new format using wtmpcvt(1). 1187 118820100108: 1189 Introduce the kernel thread "deadlock resolver" (which can be enabled 1190 via the DEADLKRES option, see NOTES for more details) and the 1191 sleepq_type() function for sleepqueues. 1192 119320091202: 1194 The rc.firewall and rc.firewall6 were unified, and 1195 rc.firewall6 and rc.d/ip6fw were removed. 1196 According to the removal of rc.d/ip6fw, ipv6_firewall_* rc 1197 variables are obsoleted. Instead, the following new rc 1198 variables are added to rc.d/ipfw: 1199 1200 firewall_client_net_ipv6, firewall_simple_iif_ipv6, 1201 firewall_simple_inet_ipv6, firewall_simple_oif_ipv6, 1202 firewall_simple_onet_ipv6, firewall_trusted_ipv6 1203 1204 The meanings correspond to the relevant IPv4 variables. 1205 120620091125: 1207 8.0-RELEASE. 1208 120920091113: 1210 The default terminal emulation for syscons(4) has been changed 1211 from cons25 to xterm on all platforms except pc98. This means 1212 that the /etc/ttys file needs to be updated to ensure correct 1213 operation of applications on the console. 1214 1215 The terminal emulation style can be toggled per window by using 1216 vidcontrol(1)'s -T flag. The TEKEN_CONS25 kernel configuration 1217 options can be used to change the compile-time default back to 1218 cons25. 1219 1220 To prevent graphical artifacts, make sure the TERM environment 1221 variable is set to match the terminal emulation that is being 1222 performed by syscons(4). 1223 122420091109: 1225 The layout of the structure ieee80211req_scan_result has changed. 1226 Applications that require wireless scan results (e.g. ifconfig(8)) 1227 from net80211 need to be recompiled. 1228 1229 Applications such as wpa_supplicant(8) may require a full world 1230 build without using NO_CLEAN in order to get synchronized with the 1231 new structure. 1232 123320091025: 1234 The iwn(4) driver has been updated to support the 5000 and 5150 series. 1235 There's one kernel module for each firmware. Adding "device iwnfw" 1236 to the kernel configuration file means including all three firmware 1237 images inside the kernel. If you want to include just the one for 1238 your wireless card, use the devices iwn4965fw, iwn5000fw or 1239 iwn5150fw. 1240 124120090926: 1242 The rc.d/network_ipv6, IPv6 configuration script has been integrated 1243 into rc.d/netif. The changes are the following: 1244 1245 1. To use IPv6, simply define $ifconfig_IF_ipv6 like $ifconfig_IF 1246 for IPv4. For aliases, $ifconfig_IF_aliasN should be used. 1247 Note that both variables need the "inet6" keyword at the head. 1248 1249 Do not set $ipv6_network_interfaces manually if you do not 1250 understand what you are doing. It is not needed in most cases. 1251 1252 $ipv6_ifconfig_IF and $ipv6_ifconfig_IF_aliasN still work, but 1253 they are obsolete. 1254 1255 2. $ipv6_enable is obsolete. Use $ipv6_prefer and 1256 "inet6 accept_rtadv" keyword in ifconfig(8) instead. 1257 1258 If you define $ipv6_enable=YES, it means $ipv6_prefer=YES and 1259 all configured interfaces have "inet6 accept_rtadv" in the 1260 $ifconfig_IF_ipv6. These are for backward compatibility. 1261 1262 3. A new variable $ipv6_prefer has been added. If NO, IPv6 1263 functionality of interfaces with no corresponding 1264 $ifconfig_IF_ipv6 is disabled by using "inet6 ifdisabled" flag, 1265 and the default address selection policy of ip6addrctl(8) 1266 is the IPv4-preferred one (see rc.d/ip6addrctl for more details). 1267 Note that if you want to configure IPv6 functionality on the 1268 disabled interfaces after boot, first you need to clear the flag by 1269 using ifconfig(8) like: 1270 1271 ifconfig em0 inet6 -ifdisabled 1272 1273 If YES, the default address selection policy is set as 1274 IPv6-preferred. 1275 1276 The default value of $ipv6_prefer is NO. 1277 1278 4. If your system need to receive Router Advertisement messages, 1279 define "inet6 accept_rtadv" in $ifconfig_IF_ipv6. The rc(8) 1280 scripts automatically invoke rtsol(8) when the interface becomes 1281 UP. The Router Advertisement messages are used for SLAAC 1282 (State-Less Address AutoConfiguration). 1283 128420090922: 1285 802.11s D3.03 support was committed. This is incompatible with the 1286 previous code, which was based on D3.0. 1287 128820090912: 1289 A sysctl variable net.inet6.ip6.accept_rtadv now sets the default value 1290 of a per-interface flag ND6_IFF_ACCEPT_RTADV, not a global knob to 1291 control whether accepting Router Advertisement messages or not. 1292 Also, a per-interface flag ND6_IFF_AUTO_LINKLOCAL has been added and 1293 a sysctl variable net.inet6.ip6.auto_linklocal is its default value. 1294 The ifconfig(8) utility now supports these flags. 1295 129620090910: 1297 ZFS snapshots are now mounted with MNT_IGNORE flag. Use -v option for 1298 mount(8) and -a option for df(1) to see them. 1299 130020090825: 1301 The old tunable hw.bus.devctl_disable has been superseded by 1302 hw.bus.devctl_queue. hw.bus.devctl_disable=1 in loader.conf should be 1303 replaced by hw.bus.devctl_queue=0. The default for this new tunable 1304 is 1000. 1305 130620090813: 1307 Remove the option STOP_NMI. The default action is now to use NMI only 1308 for KDB via the newly introduced function stop_cpus_hard() and 1309 maintain stop_cpus() to just use a normal IPI_STOP on ia32 and amd64. 1310 131120090803: 1312 The stable/8 branch created in subversion. This corresponds to the 1313 RELENG_8 branch in CVS. 1314 131520090719: 1316 Bump the shared library version numbers for all libraries that do not 1317 use symbol versioning as part of the 8.0-RELEASE cycle. Bump 1318 __FreeBSD_version to 800105. 1319 132020090714: 1321 Due to changes in the implementation of virtual network stack support, 1322 all network-related kernel modules must be recompiled. As this change 1323 breaks the ABI, bump __FreeBSD_version to 800104. 1324 132520090713: 1326 The TOE interface to the TCP syncache has been modified to remove 1327 struct tcpopt (<netinet/tcp_var.h>) from the ABI of the network stack. 1328 The cxgb driver is the only TOE consumer affected by this change, and 1329 needs to be recompiled along with the kernel. As this change breaks 1330 the ABI, bump __FreeBSD_version to 800103. 1331 133220090712: 1333 Padding has been added to struct tcpcb, sackhint and tcpstat in 1334 <netinet/tcp_var.h> to facilitate future MFCs and bug fixes whilst 1335 maintaining the ABI. However, this change breaks the ABI, so bump 1336 __FreeBSD_version to 800102. User space tools that rely on the size of 1337 any of these structs (e.g. sockstat) need to be recompiled. 1338 133920090630: 1340 The NFS_LEGACYRPC option has been removed along with the old kernel 1341 RPC implementation that this option selected. Kernel configurations 1342 may need to be adjusted. 1343 134420090629: 1345 The network interface device nodes at /dev/net/<interface> have been 1346 removed. All ioctl operations can be performed the normal way using 1347 routing sockets. The kqueue functionality can generally be replaced 1348 with routing sockets. 1349 135020090628: 1351 The documentation from the FreeBSD Documentation Project (Handbook, 1352 FAQ, etc.) is now installed via packages by sysinstall(8) and under 1353 the /usr/local/share/doc/freebsd directory instead of /usr/share/doc. 1354 135520090624: 1356 The ABI of various structures related to the SYSV IPC API have been 1357 changed. As a result, the COMPAT_FREEBSD[456] and COMPAT_43 kernel 1358 options now all require COMPAT_FREEBSD7. Bump __FreeBSD_version to 1359 800100. 1360 136120090622: 1362 Layout of struct vnet has changed as routing related variables were 1363 moved to their own Vimage module. Modules need to be recompiled. Bump 1364 __FreeBSD_version to 800099. 1365 136620090619: 1367 NGROUPS_MAX and NGROUPS have been increased from 16 to 1023 and 1024 1368 respectively. As long as no more than 16 groups per process are used, 1369 no changes should be visible. When more than 16 groups are used, old 1370 binaries may fail if they call getgroups() or getgrouplist() with 1371 statically sized storage. Recompiling will work around this, but 1372 applications should be modified to use dynamically allocated storage 1373 for group arrays as POSIX.1-2008 does not cap an implementation's 1374 number of supported groups at NGROUPS_MAX+1 as previous versions did. 1375 1376 NFS and portalfs mounts may also be affected as the list of groups is 1377 truncated to 16. Users of NFS who use more than 16 groups, should 1378 take care that negative group permissions are not used on the exported 1379 file systems as they will not be reliable unless a GSSAPI based 1380 authentication method is used. 1381 138220090616: 1383 The compiling option ADAPTIVE_LOCKMGRS has been introduced. This 1384 option compiles in the support for adaptive spinning for lockmgrs 1385 which want to enable it. The lockinit() function now accepts the flag 1386 LK_ADAPTIVE in order to make the lock object subject to adaptive 1387 spinning when both held in write and read mode. 1388 138920090613: 1390 The layout of the structure returned by IEEE80211_IOC_STA_INFO has 1391 changed. User applications that use this ioctl need to be rebuilt. 1392 139320090611: 1394 The layout of struct thread has changed. Kernel and modules need to 1395 be rebuilt. 1396 139720090608: 1398 The layout of structs ifnet, domain, protosw and vnet_net has changed. 1399 Kernel modules need to be rebuilt. Bump __FreeBSD_version to 800097. 1400 140120090602: 1402 window(1) has been removed from the base system. It can now be 1403 installed from ports. The port is called misc/window. 1404 140520090601: 1406 The way we are storing and accessing `routing table' entries has 1407 changed. Programs reading the FIB, like netstat, need to be 1408 re-compiled. 1409 141020090601: 1411 A new netisr implementation has been added for FreeBSD 8. Network 1412 file system modules, such as igmp, ipdivert, and others, should be 1413 rebuilt. 1414 Bump __FreeBSD_version to 800096. 1415 141620090530: 1417 Remove the tunable/sysctl debug.mpsafevfs as its initial purpose is no 1418 more valid. 1419 142020090530: 1421 Add VOP_ACCESSX(9). File system modules need to be rebuilt. 1422 Bump __FreeBSD_version to 800094. 1423 142420090529: 1425 Add mnt_xflag field to 'struct mount'. File system modules need to be 1426 rebuilt. 1427 Bump __FreeBSD_version to 800093. 1428 142920090528: 1430 The compiling option ADAPTIVE_SX has been retired while it has been 1431 introduced the option NO_ADAPTIVE_SX which handles the reversed logic. 1432 The KPI for sx_init_flags() changes as accepting flags: 1433 SX_ADAPTIVESPIN flag has been retired while the SX_NOADAPTIVE flag has 1434 been introduced in order to handle the reversed logic. 1435 Bump __FreeBSD_version to 800092. 1436 143720090527: 1438 Add support for hierarchical jails. Remove global securelevel. 1439 Bump __FreeBSD_version to 800091. 1440 144120090523: 1442 The layout of struct vnet_net has changed, therefore modules 1443 need to be rebuilt. 1444 Bump __FreeBSD_version to 800090. 1445 144620090523: 1447 The newly imported zic(8) produces a new format in the output. Please 1448 run tzsetup(8) to install the newly created data to /etc/localtime. 1449 145020090520: 1451 The sysctl tree for the usb stack has renamed from hw.usb2.* to 1452 hw.usb.* and is now consistent again with previous releases. 1453 145420090520: 1455 802.11 monitor mode support was revised and driver api's were changed. 1456 Drivers dependent on net80211 now support DLT_IEEE802_11_RADIO instead 1457 of DLT_IEEE802_11. No user-visible data structures were changed but 1458 applications that use DLT_IEEE802_11 may require changes. 1459 Bump __FreeBSD_version to 800088. 1460 146120090430: 1462 The layout of the following structs has changed: sysctl_oid, 1463 socket, ifnet, inpcbinfo, tcpcb, syncache_head, vnet_inet, 1464 vnet_inet6 and vnet_ipfw. Most modules need to be rebuild or 1465 panics may be experienced. World rebuild is required for 1466 correctly checking networking state from userland. 1467 Bump __FreeBSD_version to 800085. 1468 146920090429: 1470 MLDv2 and Source-Specific Multicast (SSM) have been merged 1471 to the IPv6 stack. VIMAGE hooks are in but not yet used. 1472 The implementation of SSM within FreeBSD's IPv6 stack closely 1473 follows the IPv4 implementation. 1474 1475 For kernel developers: 1476 1477 * The most important changes are that the ip6_output() and 1478 ip6_input() paths no longer take the IN6_MULTI_LOCK, 1479 and this lock has been downgraded to a non-recursive mutex. 1480 1481 * As with the changes to the IPv4 stack to support SSM, filtering 1482 of inbound multicast traffic must now be performed by transport 1483 protocols within the IPv6 stack. This does not apply to TCP and 1484 SCTP, however, it does apply to UDP in IPv6 and raw IPv6. 1485 1486 * The KPIs used by IPv6 multicast are similar to those used by 1487 the IPv4 stack, with the following differences: 1488 * im6o_mc_filter() is analogous to imo_multicast_filter(). 1489 * The legacy KAME entry points in6_joingroup and in6_leavegroup() 1490 are shimmed to in6_mc_join() and in6_mc_leave() respectively. 1491 * IN6_LOOKUP_MULTI() has been deprecated and removed. 1492 * IPv6 relies on MLD for the DAD mechanism. KAME's internal KPIs 1493 for MLDv1 have an additional 'timer' argument which is used to 1494 jitter the initial membership report for the solicited-node 1495 multicast membership on-link. 1496 * This is not strictly needed for MLDv2, which already jitters 1497 its report transmissions. However, the 'timer' argument is 1498 preserved in case MLDv1 is active on the interface. 1499 1500 * The KAME linked-list based IPv6 membership implementation has 1501 been refactored to use a vector similar to that used by the IPv4 1502 stack. 1503 Code which maintains a list of its own multicast memberships 1504 internally, e.g. carp, has been updated to reflect the new 1505 semantics. 1506 1507 * There is a known Lock Order Reversal (LOR) due to in6_setscope() 1508 acquiring the IF_AFDATA_LOCK and being called within ip6_output(). 1509 Whilst MLDv2 tries to avoid this otherwise benign LOR, it is an 1510 implementation constraint which needs to be addressed in HEAD. 1511 1512 For application developers: 1513 1514 * The changes are broadly similar to those made for the IPv4 1515 stack. 1516 1517 * The use of IPv4 and IPv6 multicast socket options on the same 1518 socket, using mapped addresses, HAS NOT been tested or supported. 1519 1520 * There are a number of issues with the implementation of various 1521 IPv6 multicast APIs which need to be resolved in the API surface 1522 before the implementation is fully compatible with KAME userland 1523 use, and these are mostly to do with interface index treatment. 1524 1525 * The literature available discusses the use of either the delta / ASM 1526 API with setsockopt(2)/getsockopt(2), or the full-state / ASM API 1527 using setsourcefilter(3)/getsourcefilter(3). For more information 1528 please refer to RFC 3768, 'Socket Interface Extensions for 1529 Multicast Source Filters'. 1530 1531 * Applications which use the published RFC 3678 APIs should be fine. 1532 1533 For systems administrators: 1534 1535 * The mtest(8) utility has been refactored to support IPv6, in 1536 addition to IPv4. Interface addresses are no longer accepted 1537 as arguments, their names must be used instead. The utility 1538 will map the interface name to its first IPv4 address as 1539 returned by getifaddrs(3). 1540 1541 * The ifmcstat(8) utility has also been updated to print the MLDv2 1542 endpoint state and source filter lists via sysctl(3). 1543 1544 * The net.inet6.ip6.mcast.loop sysctl may be tuned to 0 to disable 1545 loopback of IPv6 multicast datagrams by default; it defaults to 1 1546 to preserve the existing behaviour. Disabling multicast loopback is 1547 recommended for optimal system performance. 1548 1549 * The IPv6 MROUTING code has been changed to examine this sysctl 1550 instead of attempting to perform a group lookup before looping 1551 back forwarded datagrams. 1552 1553 Bump __FreeBSD_version to 800084. 1554 155520090422: 1556 Implement low-level Bluetooth HCI API. 1557 Bump __FreeBSD_version to 800083. 1558 155920090419: 1560 The layout of struct malloc_type, used by modules to register new 1561 memory allocation types, has changed. Most modules will need to 1562 be rebuilt or panics may be experienced. 1563 Bump __FreeBSD_version to 800081. 1564 156520090415: 1566 Anticipate overflowing inp_flags - add inp_flags2. 1567 This changes most offsets in inpcb, so checking v4 connection 1568 state will require a world rebuild. 1569 Bump __FreeBSD_version to 800080. 1570 157120090415: 1572 Add an llentry to struct route and struct route_in6. Modules 1573 embedding a struct route will need to be recompiled. 1574 Bump __FreeBSD_version to 800079. 1575 157620090414: 1577 The size of rt_metrics_lite and by extension rtentry has changed. 1578 Networking administration apps will need to be recompiled. 1579 The route command now supports show as an alias for get, weighting 1580 of routes, sticky and nostick flags to alter the behavior of stateful 1581 load balancing. 1582 Bump __FreeBSD_version to 800078. 1583 158420090408: 1585 Do not use Giant for kbdmux(4) locking. This is wrong and 1586 apparently causing more problems than it solves. This will 1587 re-open the issue where interrupt handlers may race with 1588 kbdmux(4) in polling mode. Typical symptoms include (but 1589 not limited to) duplicated and/or missing characters when 1590 low level console functions (such as gets) are used while 1591 interrupts are enabled (for example geli password prompt, 1592 mountroot prompt etc.). Disabling kbdmux(4) may help. 1593 159420090407: 1595 The size of structs vnet_net, vnet_inet and vnet_ipfw has changed; 1596 kernel modules referencing any of the above need to be recompiled. 1597 Bump __FreeBSD_version to 800075. 1598 159920090320: 1600 GEOM_PART has become the default partition slicer for storage devices, 1601 replacing GEOM_MBR, GEOM_BSD, GEOM_PC98 and GEOM_GPT slicers. It 1602 introduces some changes: 1603 1604 MSDOS/EBR: the devices created from MSDOS extended partition entries 1605 (EBR) can be named differently than with GEOM_MBR and are now symlinks 1606 to devices with offset-based names. fstabs may need to be modified. 1607 1608 BSD: the "geometry does not match label" warning is harmless in most 1609 cases but it points to problems in file system misalignment with 1610 disk geometry. The "c" partition is now implicit, covers the whole 1611 top-level drive and cannot be (mis)used by users. 1612 1613 General: Kernel dumps are now not allowed to be written to devices 1614 whose partition types indicate they are meant to be used for file 1615 systems (or, in case of MSDOS partitions, as something else than 1616 the "386BSD" type). 1617 1618 Most of these changes date approximately from 200812. 1619 162020090319: 1621 The uscanner(4) driver has been removed from the kernel. This follows 1622 Linux removing theirs in 2.6 and making libusb the default interface 1623 (supported by sane). 1624 162520090319: 1626 The multicast forwarding code has been cleaned up. netstat(1) 1627 only relies on KVM now for printing bandwidth upcall meters. 1628 The IPv4 and IPv6 modules are split into ip_mroute_mod and 1629 ip6_mroute_mod respectively. The config(5) options for statically 1630 compiling this code remain the same, i.e. 'options MROUTING'. 1631 163220090315: 1633 Support for the IFF_NEEDSGIANT network interface flag has been 1634 removed, which means that non-MPSAFE network device drivers are no 1635 longer supported. In particular, if_ar, if_sr, and network device 1636 drivers from the old (legacy) USB stack can no longer be built or 1637 used. 1638 163920090313: 1640 POSIX.1 Native Language Support (NLS) has been enabled in libc and 1641 a bunch of new language catalog files have also been added. 1642 This means that some common libc messages are now localized and 1643 they depend on the LC_MESSAGES environmental variable. 1644 164520090313: 1646 The k8temp(4) driver has been renamed to amdtemp(4) since 1647 support for Family 10 and Family 11 CPU families was added. 1648 164920090309: 1650 IGMPv3 and Source-Specific Multicast (SSM) have been merged 1651 to the IPv4 stack. VIMAGE hooks are in but not yet used. 1652 1653 For kernel developers, the most important changes are that the 1654 ip_output() and ip_input() paths no longer take the IN_MULTI_LOCK(), 1655 and this lock has been downgraded to a non-recursive mutex. 1656 1657 Transport protocols (UDP, Raw IP) are now responsible for filtering 1658 inbound multicast traffic according to group membership and source 1659 filters. The imo_multicast_filter() KPI exists for this purpose. 1660 Transports which do not use multicast (SCTP, TCP) already reject 1661 multicast by default. Forwarding and receive performance may improve 1662 as a mutex acquisition is no longer needed in the ip_input() 1663 low-level input path. in_addmulti() and in_delmulti() are shimmed 1664 to new KPIs which exist to support SSM in-kernel. 1665 1666 For application developers, it is recommended that loopback of 1667 multicast datagrams be disabled for best performance, as this 1668 will still cause the lock to be taken for each looped-back 1669 datagram transmission. The net.inet.ip.mcast.loop sysctl may 1670 be tuned to 0 to disable loopback by default; it defaults to 1 1671 to preserve the existing behaviour. 1672 1673 For systems administrators, to obtain best performance with 1674 multicast reception and multiple groups, it is always recommended 1675 that a card with a suitably precise hash filter is used. Hash 1676 collisions will still result in the lock being taken within the 1677 transport protocol input path to check group membership. 1678 1679 If deploying FreeBSD in an environment with IGMP snooping switches, 1680 it is recommended that the net.inet.igmp.sendlocal sysctl remain 1681 enabled; this forces 224.0.0.0/24 group membership to be announced 1682 via IGMP. 1683 1684 The size of 'struct igmpstat' has changed; netstat needs to be 1685 recompiled to reflect this. 1686 Bump __FreeBSD_version to 800070. 1687 168820090309: 1689 libusb20.so.1 is now installed as libusb.so.1 and the ports system 1690 updated to use it. This requires a buildworld/installworld in order to 1691 update the library and dependencies (usbconfig, etc). Its advisable to 1692 rebuild all ports which uses libusb. More specific directions are given 1693 in the ports collection UPDATING file. Any /etc/libmap.conf entries for 1694 libusb are no longer required and can be removed. 1695 169620090302: 1697 A workaround is committed to allow the creation of System V shared 1698 memory segment of size > 2 GB on the 64-bit architectures. 1699 Due to a limitation of the existing ABI, the shm_segsz member 1700 of the struct shmid_ds, returned by shmctl(IPC_STAT) call is 1701 wrong for large segments. Note that limits must be explicitly 1702 raised to allow such segments to be created. 1703 170420090301: 1705 The layout of struct ifnet has changed, requiring a rebuild of all 1706 network device driver modules. 1707 170820090227: 1709 The /dev handling for the new USB stack has changed, a 1710 buildworld/installworld is required for libusb20. 1711 171220090223: 1713 The new USB2 stack has now been permanently moved in and all kernel and 1714 module names reverted to their previous values (eg, usb, ehci, ohci, 1715 ums, ...). The old usb stack can be compiled in by prefixing the name 1716 with the letter 'o', the old usb modules have been removed. 1717 Updating entry 20090216 for xorg and 20090215 for libmap may still 1718 apply. 1719 172020090217: 1721 The rc.conf(5) option if_up_delay has been renamed to 1722 defaultroute_delay to better reflect its purpose. If you have 1723 customized this setting in /etc/rc.conf you need to update it to 1724 use the new name. 1725 172620090216: 1727 xorg 7.4 wants to configure its input devices via hald which does not 1728 yet work with USB2. If the keyboard/mouse does not work in xorg then 1729 add 1730 Option "AllowEmptyInput" "off" 1731 to your ServerLayout section. This will cause X to use the configured 1732 kbd and mouse sections from your xorg.conf. 1733 173420090215: 1735 The GENERIC kernels for all architectures now default to the new USB2 1736 stack. No kernel config options or code have been removed so if a 1737 problem arises please report it and optionally revert to the old USB 1738 stack. If you are loading USB kernel modules or have a custom kernel 1739 that includes GENERIC then ensure that usb names are also changed over, 1740 eg uftdi -> usb2_serial_ftdi. 1741 1742 Older programs linked against the ports libusb 0.1 need to be 1743 redirected to the new stack's libusb20. /etc/libmap.conf can 1744 be used for this: 1745 # Map old usb library to new one for usb2 stack 1746 libusb-0.1.so.8 libusb20.so.1 1747 174820090209: 1749 All USB ethernet devices now attach as interfaces under the name ueN 1750 (eg. ue0). This is to provide a predictable name as vendors often 1751 change usb chipsets in a product without notice. 1752 175320090203: 1754 The ichsmb(4) driver has been changed to require SMBus slave 1755 addresses be left-justified (xxxxxxx0b) rather than right-justified. 1756 All of the other SMBus controller drivers require left-justified 1757 slave addresses, so this change makes all the drivers provide the 1758 same interface. 1759 176020090201: 1761 INET6 statistics (struct ip6stat) was updated. 1762 netstat(1) needs to be recompiled. 1763 176420090119: 1765 NTFS has been removed from GENERIC kernel on amd64 to match 1766 GENERIC on i386. Should not cause any issues since mount_ntfs(8) 1767 will load ntfs.ko module automatically when NTFS support is 1768 actually needed, unless ntfs.ko is not installed or security 1769 level prohibits loading kernel modules. If either is the case, 1770 "options NTFS" has to be added into kernel config. 1771 177220090115: 1773 TCP Appropriate Byte Counting (RFC 3465) support added to kernel. 1774 New field in struct tcpcb breaks ABI, so bump __FreeBSD_version to 1775 800061. User space tools that rely on the size of struct tcpcb in 1776 tcp_var.h (e.g. sockstat) need to be recompiled. 1777 177820081225: 1779 ng_tty(4) module updated to match the new TTY subsystem. 1780 Due to API change, user-level applications must be updated. 1781 New API support added to mpd5 CVS and expected to be present 1782 in next mpd5.3 release. 1783 178420081219: 1785 With __FreeBSD_version 800060 the makefs tool is part of 1786 the base system (it was a port). 1787 178820081216: 1789 The afdata and ifnet locks have been changed from mutexes to 1790 rwlocks, network modules will need to be re-compiled. 1791 179220081214: 1793 __FreeBSD_version 800059 incorporates the new arp-v2 rewrite. 1794 RTF_CLONING, RTF_LLINFO and RTF_WASCLONED flags are eliminated. 1795 The new code reduced struct rtentry{} by 16 bytes on 32-bit 1796 architecture and 40 bytes on 64-bit architecture. The userland 1797 applications "arp" and "ndp" have been updated accordingly. 1798 The output from "netstat -r" shows only routing entries and 1799 none of the L2 information. 1800 180120081130: 1802 __FreeBSD_version 800057 marks the switchover from the 1803 binary ath hal to source code. Users must add the line: 1804 1805 options AH_SUPPORT_AR5416 1806 1807 to their kernel config files when specifying: 1808 1809 device ath_hal 1810 1811 The ath_hal module no longer exists; the code is now compiled 1812 together with the driver in the ath module. It is now 1813 possible to tailor chip support (i.e. reduce the set of chips 1814 and thereby the code size); consult ath_hal(4) for details. 1815 181620081121: 1817 __FreeBSD_version 800054 adds memory barriers to 1818 <machine/atomic.h>, new interfaces to ifnet to facilitate 1819 multiple hardware transmit queues for cards that support 1820 them, and a lock-less ring-buffer implementation to 1821 enable drivers to more efficiently manage queueing of 1822 packets. 1823 182420081117: 1825 A new version of ZFS (version 13) has been merged to -HEAD. 1826 This version has zpool attribute "listsnapshots" off by 1827 default, which means "zfs list" does not show snapshots, 1828 and is the same as Solaris behavior. 1829 183020081028: 1831 dummynet(4) ABI has changed. ipfw(8) needs to be recompiled. 1832 183320081009: 1834 The uhci, ohci, ehci and slhci USB Host controller drivers have 1835 been put into separate modules. If you load the usb module 1836 separately through loader.conf you will need to load the 1837 appropriate *hci module as well. E.g. for a UHCI-based USB 2.0 1838 controller add the following to loader.conf: 1839 1840 uhci_load="YES" 1841 ehci_load="YES" 1842 184320081009: 1844 The ABI used by the PMC toolset has changed. Please keep 1845 userland (libpmc(3)) and the kernel module (hwpmc(4)) in 1846 sync. 1847 184820081009: 1849 atapci kernel module now includes only generic PCI ATA 1850 driver. AHCI driver moved to ataahci kernel module. 1851 All vendor-specific code moved into separate kernel modules: 1852 ataacard, ataacerlabs, ataadaptec, ataamd, ataati, atacenatek, 1853 atacypress, atacyrix, atahighpoint, ataintel, ataite, atajmicron, 1854 atamarvell, atamicron, atanational, atanetcell, atanvidia, 1855 atapromise, ataserverworks, atasiliconimage, atasis, atavia 1856 185720080820: 1858 The TTY subsystem of the kernel has been replaced by a new 1859 implementation, which provides better scalability and an 1860 improved driver model. Most common drivers have been migrated to 1861 the new TTY subsystem, while others have not. The following 1862 drivers have not yet been ported to the new TTY layer: 1863 1864 PCI/ISA: 1865 cy, digi, rc, rp, sio 1866 1867 USB: 1868 ubser, ucycom 1869 1870 Line disciplines: 1871 ng_h4, ng_tty, ppp, sl, snp 1872 1873 Adding these drivers to your kernel configuration file shall 1874 cause compilation to fail. 1875 187620080818: 1877 ntpd has been upgraded to 4.2.4p5. 1878 187920080801: 1880 OpenSSH has been upgraded to 5.1p1. 1881 1882 For many years, FreeBSD's version of OpenSSH preferred DSA 1883 over RSA for host and user authentication keys. With this 1884 upgrade, we've switched to the vendor's default of RSA over 1885 DSA. This may cause upgraded clients to warn about unknown 1886 host keys even for previously known hosts. Users should 1887 follow the usual procedure for verifying host keys before 1888 accepting the RSA key. 1889 1890 This can be circumvented by setting the "HostKeyAlgorithms" 1891 option to "ssh-dss,ssh-rsa" in ~/.ssh/config or on the ssh 1892 command line. 1893 1894 Please note that the sequence of keys offered for 1895 authentication has been changed as well. You may want to 1896 specify IdentityFile in a different order to revert this 1897 behavior. 1898 189920080713: 1900 The sio(4) driver has been removed from the i386 and amd64 1901 kernel configuration files. This means uart(4) is now the 1902 default serial port driver on those platforms as well. 1903 1904 To prevent collisions with the sio(4) driver, the uart(4) driver 1905 uses different names for its device nodes. This means the 1906 onboard serial port will now most likely be called "ttyu0" 1907 instead of "ttyd0". You may need to reconfigure applications to 1908 use the new device names. 1909 1910 When using the serial port as a boot console, be sure to update 1911 /boot/device.hints and /etc/ttys before booting the new kernel. 1912 If you forget to do so, you can still manually specify the hints 1913 at the loader prompt: 1914 1915 set hint.uart.0.at="isa" 1916 set hint.uart.0.port="0x3F8" 1917 set hint.uart.0.flags="0x10" 1918 set hint.uart.0.irq="4" 1919 boot -s 1920 192120080609: 1922 The gpt(8) utility has been removed. Use gpart(8) to partition 1923 disks instead. 1924 192520080603: 1926 The version that Linuxulator emulates was changed from 2.4.2 1927 to 2.6.16. If you experience any problems with Linux binaries 1928 please try to set sysctl compat.linux.osrelease to 2.4.2 and 1929 if it fixes the problem contact emulation mailing list. 1930 193120080525: 1932 ISDN4BSD (I4B) was removed from the src tree. You may need to 1933 update a your kernel configuration and remove relevant entries. 1934 193520080509: 1936 I have checked in code to support multiple routing tables. 1937 See the man pages setfib(1) and setfib(2). 1938 This is a hopefully backwards compatible version, 1939 but to make use of it you need to compile your kernel 1940 with options ROUTETABLES=2 (or more up to 16). 1941 194220080420: 1943 The 802.11 wireless support was redone to enable multi-bss 1944 operation on devices that are capable. The underlying device 1945 is no longer used directly but instead wlanX devices are 1946 cloned with ifconfig. This requires changes to rc.conf files. 1947 For example, change: 1948 ifconfig_ath0="WPA DHCP" 1949 to 1950 wlans_ath0=wlan0 1951 ifconfig_wlan0="WPA DHCP" 1952 see rc.conf(5) for more details. In addition, mergemaster of 1953 /etc/rc.d is highly recommended. Simultaneous update of userland 1954 and kernel wouldn't hurt either. 1955 1956 As part of the multi-bss changes the wlan_scan_ap and wlan_scan_sta 1957 modules were merged into the base wlan module. All references 1958 to these modules (e.g. in kernel config files) must be removed. 1959 196020080408: 1961 psm(4) has gained write(2) support in native operation level. 1962 Arbitrary commands can be written to /dev/psm%d and status can 1963 be read back from it. Therefore, an application is responsible 1964 for status validation and error recovery. It is a no-op in 1965 other operation levels. 1966 196720080312: 1968 Support for KSE threading has been removed from the kernel. To 1969 run legacy applications linked against KSE libmap.conf may 1970 be used. The following libmap.conf may be used to ensure 1971 compatibility with any prior release: 1972 1973 libpthread.so.1 libthr.so.1 1974 libpthread.so.2 libthr.so.2 1975 libkse.so.3 libthr.so.3 1976 197720080301: 1978 The layout of struct vmspace has changed. This affects libkvm 1979 and any executables that link against libkvm and use the 1980 kvm_getprocs() function. In particular, but not exclusively, 1981 it affects ps(1), fstat(1), pkill(1), systat(1), top(1) and w(1). 1982 The effects are minimal, but it's advisable to upgrade world 1983 nonetheless. 1984 198520080229: 1986 The latest em driver no longer has support in it for the 1987 82575 adapter, this is now moved to the igb driver. The 1988 split was done to make new features that are incompatible 1989 with older hardware easier to do. 1990 199120080220: 1992 The new geom_lvm(4) geom class has been renamed to geom_linux_lvm(4), 1993 likewise the kernel option is now GEOM_LINUX_LVM. 1994 199520080211: 1996 The default NFS mount mode has changed from UDP to TCP for 1997 increased reliability. If you rely on (insecurely) NFS 1998 mounting across a firewall you may need to update your 1999 firewall rules. 2000 200120080208: 2002 Belatedly note the addition of m_collapse for compacting 2003 mbuf chains. 2004 200520080126: 2006 The fts(3) structures have been changed to use adequate 2007 integer types for their members and so to be able to cope 2008 with huge file trees. The old fts(3) ABI is preserved 2009 through symbol versioning in libc, so third-party binaries 2010 using fts(3) should still work, although they will not take 2011 advantage of the extended types. At the same time, some 2012 third-party software might fail to build after this change 2013 due to unportable assumptions made in its source code about 2014 fts(3) structure members. Such software should be fixed 2015 by its vendor or, in the worst case, in the ports tree. 2016 FreeBSD_version 800015 marks this change for the unlikely 2017 case that a portable fix is impossible. 2018 201920080123: 2020 To upgrade to -current after this date, you must be running 2021 FreeBSD not older than 6.0-RELEASE. Upgrading to -current 2022 from 5.x now requires a stop over at RELENG_6 or RELENG_7 systems. 2023 202420071128: 2025 The ADAPTIVE_GIANT kernel option has been retired because its 2026 functionality is the default now. 2027 202820071118: 2029 The AT keyboard emulation of sunkbd(4) has been turned on 2030 by default. In order to make the special symbols of the Sun 2031 keyboards driven by sunkbd(4) work under X these now have 2032 to be configured the same way as Sun USB keyboards driven 2033 by ukbd(4) (which also does AT keyboard emulation), f.e.: 2034 2035 Option "XkbLayout" "us" 2036 Option "XkbRules" "xorg" 2037 Option "XkbSymbols" "pc(pc105)+sun_vndr/usb(sun_usb)+us" 2038 203920071024: 2040 It has been decided that it is desirable to provide ABI 2041 backwards compatibility to the FreeBSD 4/5/6 versions of the 2042 PCIOCGETCONF, PCIOCREAD and PCIOCWRITE IOCTLs, which was 2043 broken with the introduction of PCI domain support (see the 2044 20070930 entry). Unfortunately, this required the ABI of 2045 PCIOCGETCONF to be broken again in order to be able to 2046 provide backwards compatibility to the old version of that 2047 IOCTL. Thus consumers of PCIOCGETCONF have to be recompiled 2048 again. As for prominent ports this affects neither pciutils 2049 nor xorg-server this time, the hal port needs to be rebuilt 2050 however. 2051 205220071020: 2053 The misnamed kthread_create() and friends have been renamed 2054 to kproc_create() etc. Many of the callers already 2055 used kproc_start().. 2056 I will return kthread_create() and friends in a while 2057 with implementations that actually create threads, not procs. 2058 Renaming corresponds with version 800002. 2059 206020071010: 2061 RELENG_7 branched. 2062 2063COMMON ITEMS: 2064 2065 General Notes 2066 ------------- 2067 Avoid using make -j when upgrading. While generally safe, there are 2068 sometimes problems using -j to upgrade. If your upgrade fails with 2069 -j, please try again without -j. From time to time in the past there 2070 have been problems using -j with buildworld and/or installworld. This 2071 is especially true when upgrading between "distant" versions (eg one 2072 that cross a major release boundary or several minor releases, or when 2073 several months have passed on the -current branch). 2074 2075 Sometimes, obscure build problems are the result of environment 2076 poisoning. This can happen because the make utility reads its 2077 environment when searching for values for global variables. To run 2078 your build attempts in an "environmental clean room", prefix all make 2079 commands with 'env -i '. See the env(1) manual page for more details. 2080 2081 When upgrading from one major version to another it is generally best 2082 to upgrade to the latest code in the currently installed branch first, 2083 then do an upgrade to the new branch. This is the best-tested upgrade 2084 path, and has the highest probability of being successful. Please try 2085 this approach before reporting problems with a major version upgrade. 2086 2087 When upgrading a live system, having a root shell around before 2088 installing anything can help undo problems. Not having a root shell 2089 around can lead to problems if pam has changed too much from your 2090 starting point to allow continued authentication after the upgrade. 2091 2092 ZFS notes 2093 --------- 2094 When upgrading the boot ZFS pool to a new version, always follow 2095 these two steps: 2096 2097 1.) recompile and reinstall the ZFS boot loader and boot block 2098 (this is part of "make buildworld" and "make installworld") 2099 2100 2.) update the ZFS boot block on your boot drive 2101 2102 The following example updates the ZFS boot block on the first 2103 partition (freebsd-boot) of a GPT partitioned drive ad0: 2104 "gpart bootcode -p /boot/gptzfsboot -i 1 ad0" 2105 2106 Non-boot pools do not need these updates. 2107 2108 To build a kernel 2109 ----------------- 2110 If you are updating from a prior version of FreeBSD (even one just 2111 a few days old), you should follow this procedure. It is the most 2112 failsafe as it uses a /usr/obj tree with a fresh mini-buildworld, 2113 2114 make kernel-toolchain 2115 make -DALWAYS_CHECK_MAKE buildkernel KERNCONF=YOUR_KERNEL_HERE 2116 make -DALWAYS_CHECK_MAKE installkernel KERNCONF=YOUR_KERNEL_HERE 2117 2118 To test a kernel once 2119 --------------------- 2120 If you just want to boot a kernel once (because you are not sure 2121 if it works, or if you want to boot a known bad kernel to provide 2122 debugging information) run 2123 make installkernel KERNCONF=YOUR_KERNEL_HERE KODIR=/boot/testkernel 2124 nextboot -k testkernel 2125 2126 To just build a kernel when you know that it won't mess you up 2127 -------------------------------------------------------------- 2128 This assumes you are already running a CURRENT system. Replace 2129 ${arch} with the architecture of your machine (e.g. "i386", 2130 "arm", "amd64", "ia64", "pc98", "sparc64", "powerpc", "mips", etc). 2131 2132 cd src/sys/${arch}/conf 2133 config KERNEL_NAME_HERE 2134 cd ../compile/KERNEL_NAME_HERE 2135 make depend 2136 make 2137 make install 2138 2139 If this fails, go to the "To build a kernel" section. 2140 2141 To rebuild everything and install it on the current system. 2142 ----------------------------------------------------------- 2143 # Note: sometimes if you are running current you gotta do more than 2144 # is listed here if you are upgrading from a really old current. 2145 2146 <make sure you have good level 0 dumps> 2147 make buildworld 2148 make kernel KERNCONF=YOUR_KERNEL_HERE 2149 [1] 2150 <reboot in single user> [3] 2151 mergemaster -p [5] 2152 make installworld 2153 mergemaster -i [4] 2154 make delete-old [6] 2155 <reboot> 2156 2157 To cross-install current onto a separate partition 2158 -------------------------------------------------- 2159 # In this approach we use a separate partition to hold 2160 # current's root, 'usr', and 'var' directories. A partition 2161 # holding "/", "/usr" and "/var" should be about 2GB in 2162 # size. 2163 2164 <make sure you have good level 0 dumps> 2165 <boot into -stable> 2166 make buildworld 2167 make buildkernel KERNCONF=YOUR_KERNEL_HERE 2168 <maybe newfs current's root partition> 2169 <mount current's root partition on directory ${CURRENT_ROOT}> 2170 make installworld DESTDIR=${CURRENT_ROOT} 2171 make distribution DESTDIR=${CURRENT_ROOT} # if newfs'd 2172 make installkernel KERNCONF=YOUR_KERNEL_HERE DESTDIR=${CURRENT_ROOT} 2173 cp /etc/fstab ${CURRENT_ROOT}/etc/fstab # if newfs'd 2174 <edit ${CURRENT_ROOT}/etc/fstab to mount "/" from the correct partition> 2175 <reboot into current> 2176 <do a "native" rebuild/install as described in the previous section> 2177 <maybe install compatibility libraries from ports/misc/compat*> 2178 <reboot> 2179 2180 2181 To upgrade in-place from stable to current 2182 ---------------------------------------------- 2183 <make sure you have good level 0 dumps> 2184 make buildworld [9] 2185 make kernel KERNCONF=YOUR_KERNEL_HERE [8] 2186 [1] 2187 <reboot in single user> [3] 2188 mergemaster -p [5] 2189 make installworld 2190 mergemaster -i [4] 2191 make delete-old [6] 2192 <reboot> 2193 2194 Make sure that you've read the UPDATING file to understand the 2195 tweaks to various things you need. At this point in the life 2196 cycle of current, things change often and you are on your own 2197 to cope. The defaults can also change, so please read ALL of 2198 the UPDATING entries. 2199 2200 Also, if you are tracking -current, you must be subscribed to 2201 freebsd-current@freebsd.org. Make sure that before you update 2202 your sources that you have read and understood all the recent 2203 messages there. If in doubt, please track -stable which has 2204 much fewer pitfalls. 2205 2206 [1] If you have third party modules, such as vmware, you 2207 should disable them at this point so they don't crash your 2208 system on reboot. 2209 2210 [3] From the bootblocks, boot -s, and then do 2211 fsck -p 2212 mount -u / 2213 mount -a 2214 cd src 2215 adjkerntz -i # if CMOS is wall time 2216 Also, when doing a major release upgrade, it is required that 2217 you boot into single user mode to do the installworld. 2218 2219 [4] Note: This step is non-optional. Failure to do this step 2220 can result in a significant reduction in the functionality of the 2221 system. Attempting to do it by hand is not recommended and those 2222 that pursue this avenue should read this file carefully, as well 2223 as the archives of freebsd-current and freebsd-hackers mailing lists 2224 for potential gotchas. The -U option is also useful to consider. 2225 See mergemaster(8) for more information. 2226 2227 [5] Usually this step is a noop. However, from time to time 2228 you may need to do this if you get unknown user in the following 2229 step. It never hurts to do it all the time. You may need to 2230 install a new mergemaster (cd src/usr.sbin/mergemaster && make 2231 install) after the buildworld before this step if you last updated 2232 from current before 20130425 or from -stable before 20130430. 2233 2234 [6] This only deletes old files and directories. Old libraries 2235 can be deleted by "make delete-old-libs", but you have to make 2236 sure that no program is using those libraries anymore. 2237 2238 [8] In order to have a kernel that can run the 4.x binaries needed to 2239 do an installworld, you must include the COMPAT_FREEBSD4 option in 2240 your kernel. Failure to do so may leave you with a system that is 2241 hard to boot to recover. A similar kernel option COMPAT_FREEBSD5 is 2242 required to run the 5.x binaries on more recent kernels. And so on 2243 for COMPAT_FREEBSD6 and COMPAT_FREEBSD7. 2244 2245 Make sure that you merge any new devices from GENERIC since the 2246 last time you updated your kernel config file. 2247 2248 [9] When checking out sources, you must include the -P flag to have 2249 cvs prune empty directories. 2250 2251 If CPUTYPE is defined in your /etc/make.conf, make sure to use the 2252 "?=" instead of the "=" assignment operator, so that buildworld can 2253 override the CPUTYPE if it needs to. 2254 2255 MAKEOBJDIRPREFIX must be defined in an environment variable, and 2256 not on the command line, or in /etc/make.conf. buildworld will 2257 warn if it is improperly defined. 2258FORMAT: 2259 2260This file contains a list, in reverse chronological order, of major 2261breakages in tracking -current. It is not guaranteed to be a complete 2262list of such breakages, and only contains entries since October 10, 2007. 2263If you need to see UPDATING entries from before that date, you will need 2264to fetch an UPDATING file from an older FreeBSD release. 2265 2266Copyright information: 2267 2268Copyright 1998-2009 M. Warner Losh. All Rights Reserved. 2269 2270Redistribution, publication, translation and use, with or without 2271modification, in full or in part, in any form or format of this 2272document are permitted without further permission from the author. 2273 2274THIS DOCUMENT IS PROVIDED BY WARNER LOSH ``AS IS'' AND ANY EXPRESS OR 2275IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 2276WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 2277DISCLAIMED. IN NO EVENT SHALL WARNER LOSH BE LIABLE FOR ANY DIRECT, 2278INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 2279(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 2280SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 2281HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 2282STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING 2283IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 2284POSSIBILITY OF SUCH DAMAGE. 2285 2286Contact Warner Losh if you have any questions about your use of 2287this document. 2288 2289$FreeBSD: releng/10.1/UPDATING 287146 2015-08-25 20:48:58Z delphij $ 2290