1<?xml version="1.0" encoding="iso-8859-1"?> 2<!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook XML V5.0-Based Extension//EN" 3 "/share/xml/freebsd50.dtd" [ 4<!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN" "release.ent"> 5 %release; 6<!ENTITY % sponsor PUBLIC "-//FreeBSD//ENTITIES Sponsor Specification//EN" "sponsor.ent"> 7 %sponsor; 8<!ENTITY % vendor PUBLIC "-//FreeBSD//ENTITIES Vendor Specification//EN" "vendor.ent"> 9 %vendor; 10]> 11<article xmlns="http://docbook.org/ns/docbook" 12 xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0"> 13 14 <info> 15 <title>&os; &release.current; Release Notes</title> 16 17 <author> 18 <orgname>The &os; Project</orgname> 19 </author> 20 21 <pubdate>$FreeBSD$</pubdate> 22 23 <copyright> 24 <year>2000</year> 25 <year>2001</year> 26 <year>2002</year> 27 <year>2003</year> 28 <year>2004</year> 29 <year>2005</year> 30 <year>2006</year> 31 <year>2007</year> 32 <year>2008</year> 33 <year>2009</year> 34 <year>2010</year> 35 <year>2011</year> 36 <year>2012</year> 37 <year>2013</year> 38 <year>2014</year> 39 <holder role="mailto:doc@FreeBSD.org">The &os; Documentation 40 Project</holder> 41 </copyright> 42 43 <legalnotice xml:id="trademarks" role="trademarks"> 44 &tm-attrib.freebsd; 45 &tm-attrib.ibm; 46 &tm-attrib.ieee; 47 &tm-attrib.intel; 48 &tm-attrib.sparc; 49 &tm-attrib.general; 50 </legalnotice> 51 52 <abstract> 53 <para>The release notes for &os; &release.current; contain 54 a summary of the changes made to the &os; base system on the 55 &release.branch; development line. This document lists 56 applicable security advisories that were issued since the last 57 release, as well as significant changes to the &os; kernel and 58 userland. Some brief remarks on upgrading are also 59 presented.</para> 60 </abstract> 61 </info> 62 63 <sect1 xml:id="intro"> 64 <title>Introduction</title> 65 66 <para>This document contains the release notes for &os; 67 &release.current;. It describes recently added, changed, or 68 deleted features of &os;. It also provides some notes on 69 upgrading from previous versions of &os;.</para> 70 71 <para releasetype="current">The &release.type; distribution to 72 which these release notes apply represents the latest point 73 along the &release.branch; development branch since 74 &release.branch; was created. Information regarding pre-built, 75 binary &release.type; distributions along this branch can be 76 found at <uri 77 xlink:href="&release.url;">&release.url;</uri>.</para> 78 79 <para releasetype="snapshot">The &release.type; distribution to 80 which these release notes apply represents a point along the 81 &release.branch; development branch between &release.prev; and 82 the future &release.next;. Information regarding pre-built, 83 binary &release.type; distributions along this branch can be 84 found at <uri 85 xlink:href="&release.url;">&release.url;</uri>.</para> 86 87 <para releasetype="release">This distribution of &os; 88 &release.current; is a &release.type; distribution. It can be 89 found at <uri xlink:href="&release.url;">&release.url;</uri> or 90 any of its mirrors. More information on obtaining this (or 91 other) &release.type; distributions of &os; can be found in the 92 <link 93 xlink:href="&url.books.handbook;/mirrors.html"><quote>Obtaining 94 &os;</quote> appendix</link> to the <link 95 xlink:href="&url.books.handbook;/">&os; 96 Handbook</link>.</para> 97 98 <para>All users are encouraged to consult the release errata 99 before installing &os;. The errata document is updated with 100 <quote>late-breaking</quote> information discovered late in the 101 release cycle or after the release. Typically, it contains 102 information on known bugs, security advisories, and corrections 103 to documentation. An up-to-date copy of the errata for &os; 104 &release.current; can be found on the &os; Web site.</para> 105 </sect1> 106 107 <sect1 xml:id="new"> 108 <title>What's New</title> 109 110 <para>This section describes the most user-visible new or changed 111 features in &os; since &release.prev;.</para> 112 113 <para>Typical release note items document recent security 114 advisories issued after &release.prev;, new drivers or hardware 115 support, new commands or options, major bug fixes, or 116 contributed software upgrades. They may also list changes to 117 major ports/packages or release engineering practices. Clearly 118 the release notes cannot list every single change made to &os; 119 between releases; this document focuses primarily on security 120 advisories, user-visible changes, and major architectural 121 improvements.</para> 122 123 <sect2 xml:id="security"> 124 <title>Security Advisories</title> 125 126 <para>The following security advisories have been issued since 127 &os; &release.prev;:</para> 128 129 <informaltable frame="none" pgwide="0"> 130 <tgroup cols="3"> 131 <colspec colwidth="1*" /> 132 <colspec colwidth="1*" /> 133 <colspec colwidth="3*" /> 134 <thead> 135 <row> 136 <entry>Advisory</entry> 137 <entry>Date</entry> 138 <entry>Topic</entry> 139 </row> 140 </thead> 141 142 <tbody> 143 <row> 144 <entry><link 145 xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-13:14.openssh.asc">SA-13:14.openssh</link></entry> 146 <entry>19 November 2013</entry> 147 <entry><para>OpenSSH AES-GCM memory corruption 148 vulnerability</para></entry> 149 </row> 150 151 <row> 152 <entry><link 153 xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:01.bsnmpd.asc">SA-14:01.bsnmpd</link></entry> 154 <entry>14 January 2014</entry> 155 <entry><para>bsnmpd remote denial of service 156 vulnerability</para></entry> 157 </row> 158 159 <row> 160 <entry><link 161 xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:02.ntpd.asc">SA-14:02.ntpd</link></entry> 162 <entry>14 January 2014</entry> 163 <entry><para>ntpd distributed reflection Denial of 164 Service vulnerability</para></entry> 165 </row> 166 167 <row> 168 <entry><link 169 xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:03.openssl.asc">SA-14:03.openssl</link></entry> 170 <entry>14 January 2014</entry> 171 <entry><para>OpenSSL multiple 172 vulnerabilities</para></entry> 173 </row> 174 175 <row> 176 <entry><link 177 xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:04.bind.asc">SA-14:04.bind</link></entry> 178 <entry>14 January 2014</entry> 179 <entry><para>BIND remote denial of service 180 vulnerability</para></entry> 181 </row> 182 183 <row> 184 <entry><link 185 xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:05.nfsserver.asc">SA-14:05.nfsserver</link></entry> 186 <entry>8 April 2014</entry> 187 <entry><para>Deadlock in the NFS server</para></entry> 188 </row> 189 190 <row> 191 <entry><link 192 xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:06.openssl.asc">SA-14:06.openssl</link></entry> 193 <entry>8 April 2014</entry> 194 <entry><para>OpenSSL multiple 195 vulnerabilities</para></entry> 196 </row> 197 198 <row> 199 <entry><link 200 xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:07.devfs.asc">SA-14:07.devfs</link></entry> 201 <entry>30 April 2014</entry> 202 <entry><para>Fix devfs rules not applied by default for 203 jails</para></entry> 204 </row> 205 206 <row> 207 <entry><link 208 xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:08.tcp.asc">SA-14:08.tcp</link></entry> 209 <entry>30 April 2014</entry> 210 <entry><para>Fix TCP reassembly 211 vulnerability</para></entry> 212 </row> 213 214 <row> 215 <entry><link 216 xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:09.openssl.asc">SA-14:09.openssl</link></entry> 217 <entry>30 April 2014</entry> 218 <entry><para>Fix OpenSSL use-after-free 219 vulnerability</para></entry> 220 </row> 221 222 <row> 223 <entry><link 224 xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:10.openssl.asc">SA-14:10.openssl</link></entry> 225 <entry>15 May 2014</entry> 226 <entry><para>Fix OpenSSL NULL pointer deference 227 vulnerability</para></entry> 228 </row> 229 230 <row> 231 <entry><link 232 xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:11.sendmail.asc">SA-14:11.sendmail</link></entry> 233 <entry>3 June 2014</entry> 234 <entry><para>Fix sendmail improper close-on-exec flag 235 handling</para></entry> 236 </row> 237 238 <row> 239 <entry><link 240 xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:13.pam.asc">SA-14:13.pam</link></entry> 241 <entry>3 June 2014</entry> 242 <entry><para>Fix incorrect error handling in PAM policy 243 parser</para></entry> 244 </row> 245 246 <row> 247 <entry><link 248 xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:14.openssl.asc">SA-14:14.openssl</link></entry> 249 <entry>5 June 2014</entry> 250 <entry><para>Multiple vulnerabilities</para></entry> 251 </row> 252 253 <row> 254 <entry><link 255 xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:15.iconv.asc">SA-14:15.iconv</link></entry> 256 <entry>24 June 2014</entry> 257 <entry><para>NULL pointer dereference and out-of-bounds 258 array access</para></entry> 259 </row> 260 261 <row> 262 <entry><link 263 xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:16.file.asc">SA-14:16.file</link></entry> 264 <entry>24 June 2014</entry> 265 <entry><para>Multiple vulnerabilities</para></entry> 266 </row> 267 268 <row> 269 <entry><link 270 xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:17.kmem.asc">SA-14:17.kmem</link></entry> 271 <entry>8 July 2014</entry> 272 <entry><para>Kernel memory disclosure in control 273 messages and SCTP notifications</para></entry> 274 </row> 275 276 <row> 277 <entry><link 278 xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:18.openssl.asc">SA-14:18.openssl</link></entry> 279 <entry>9 September 2014</entry> 280 <entry><para>Multiple vulnerabilities</para></entry> 281 </row> 282 283 <row> 284 <entry><link 285 xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:19.tcp.asc">SA-14:19.tcp</link></entry> 286 <entry>16 September 2014</entry> 287 <entry><para>Denial of Service in TCP packet 288 processing.</para></entry> 289 </row> 290 291 <row> 292 <entry><link xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:20.rtsold.asc">SA-14:20.rtsold</link></entry> 293 <entry>21 October 2014</entry> 294 <entry><para>Remote buffer overflow 295 vulnerability.</para></entry> 296 </row> 297 298 <row> 299 <entry><link xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:21.routed.asc">SA-14:21.routed</link></entry> 300 <entry>21 October 2014</entry> 301 <entry><para>Remote denial of service 302 vulnerability.</para></entry> 303 </row> 304 305 <row> 306 <entry><link xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:22.namei.asc">SA-14:22.namei</link></entry> 307 <entry>21 October 2014</entry> 308 <entry><para>Memory leak in sandboxed namei 309 lookup.</para></entry> 310 </row> 311 312 <row> 313 <entry><link xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:23.openssl.asc">SA-14:23.openssl</link></entry> 314 <entry>21 October 2014</entry> 315 <entry><para>Multiple vulerabilities.</para></entry> 316 </row> 317 318 <row> 319 <entry><link xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:25.setlogin.asc">SA-14:25.setlogin</link></entry> 320 <entry>04 November 2014</entry> 321 <entry><para>Kernel stack disclosure.</para></entry> 322 </row> 323 324 <row> 325 <entry><link xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:26.ftp.asc">SA-14:26.ftp</link></entry> 326 <entry>04 November 2014</entry> 327 <entry><para>Remote code execution.</para></entry> 328 </row> 329 </tbody> 330 </tgroup> 331 </informaltable> 332 333 </sect2> 334 335 <sect2 xml:id="kernel"> 336 <title>Kernel Changes</title> 337 338 <para revision="260431">A new &man.sysctl.8;, 339 <literal>kern.panic_reboot_wait_time</literal>, has been 340 added, which allows controlling how long the system will wait 341 after &man.panic.9; before rebooting.</para> 342 343 <para revision="262861">The &man.vt.4; driver has been merged 344 from &os;-CURRENT. To enable &man.vt.4;, enter 345 <literal>set kern.vty=vt</literal> at the &man.loader.8; 346 prompt during boot, or add <literal>kern.vty=vt</literal> to 347 &man.loader.conf.5; and reboot the system.</para> 348 349 <para revision="263122">Support for &man.hwpmc.4; has been added 350 for &powerpc; 970 class processors.</para> 351 352 <para revision="263197">Support for ADT7460 and ADT7467 fan 353 controllers found in newer PowerBooks™ and 354 iBooks™ has been added to the &man.iicbus.4; 355 driver.</para> 356 357 <para revision="263256">A panic triggered by removing 358 a &man.urtwn.4; device has been fixed.</para> 359 360 <para revision="263799">A potential deadlock in the &man.usb.4; 361 stack triggered by detaching USB devices that create character 362 devices has been fixed.</para> 363 364 <para revision="263869">Support for &amd; Family 16h sensor 365 devices has been added to &man.amdtemp.4;.</para> 366 367 <para revision="265610">The &man.uslcom.4; driver has been 368 updated to support 26 new devices.</para> 369 370 <para revision="266165">A kernel bug that inhibited proper 371 functionality of the <literal>dev.cpu.0.freq</literal> 372 &man.sysctl.8; on &intel; processors with Turbo 373 Boost™ enabled has been fixed.</para> 374 375 <para revision="266436">The &man.uart.4; driver has been 376 updated to include support for the &intel; Lynx Point 377 KT <acronym>AMT</acronym> serial port.</para> 378 379 <para revision="266594">The <literal>radeonkms(4)</literal> 380 driver has been updated to include 32-bit &man.ioctl.2; 381 support, allowing 32-bit applications to run on a 64-bit 382 system.</para> 383 384 <para revision="266718">A bug that would prevent 385 a &man.jail.8; from setting the correct IPv4 source address 386 with some operations that required 387 <literal>security.jail.allow_raw_sockets</literal> has been 388 fixed.</para> 389 390 <para revision="266911">The &man.hwpmc.4; driver has been 391 updated to support core events from the Atom™ 392 Silvermont architecture.</para> 393 394 <para revision="268046">The &man.oce.4; driver has been updated 395 with vendor-supplied fixes for big endian support, and 20GB/s 396 and 25GB/s link speeds.</para> 397 398 <para revision="270630">The &os; virtual memory subsystem 399 has been updated to implement <quote>fast path</quote> for 400 the page fault handler.</para> 401 402 <para revision="271069">The &man.asmc.4; driver has been updated 403 to support the &apple; Mac Mini 3,1.</para> 404 405 <para revision="271111">The &os;/&arch.powerpc64; default kernel 406 configuration, <filename>GENERIC64</filename>, has been 407 updated to enable the &man.vt.4; console driver for the 408 Sony® Playstation 3™ platform.</para> 409 410 <para revision="271116" contrib="sponsor" sponsor="&ff;">The 411 &os;/&arch.powerpc; <literal>ofwfb</literal> driver, used to 412 provide a graphics console when the &man.vt.4; console driver 413 is used, has been modified to work with the <filename 414 role="package">x11-drivers/xf86-video-scfb</filename> 415 port.</para> 416 417 <note> 418 <para>If using an <acronym>ATI</acronym> graphics card with 419 the &man.vt.4; driver, the <filename 420 role="package">x11-servers/xorg-server</filename> package 421 must be updated to version 1.12.4_8 or newer.</para> 422 </note> 423 424 <para revision="271128" contrib="sponsor" sponsor="&ff;">Several 425 performance enchancements to the &man.vt.4; driver have been 426 merged from &os;-CURRENT.</para> 427 428 <para revision="271153">The default stack size 429 (<literal>KSTACK_PAGES</literal>) has been increased from 430 <literal>4</literal> to <literal>8</literal> for the 431 &arch.powerpc64; architecture.</para> 432 433 <para revision="271205">The &os;/&arch.powerpc; ATI driver 434 has been updated to support enabling and disabling the 435 Radeon 9700 backlight, found in the 436 &apple; PowerBook™ G4.</para> 437 438 <para revision="271816">Hardware context support has been 439 added to the <literal>drm/i915</literal> driver, adding 440 support for <application>Mesa</application> 9.2 and 441 later.</para> 442 443 <sect3 xml:id="kernel-virtualization"> 444 <title>Virtualization Support</title> 445 446 <para revision="259450">Support for µsoft; Hyper-V 447 has been added to &os;/i386 as loadable modules, however 448 not available in the <filename>GENERIC</filename> kernel 449 configuration.</para> 450 451 <para revision="261090">The &man.bhyve.4; hypervisor now 452 supports soft power-off functionality via the ACPI S5 453 state.</para> 454 455 <para revision="267399">Support for &os;/i386 guests has been 456 added to &man.bhyve.4;.</para> 457 458 <para revision="267427">Support for virtualized 459 <literal>XSAVE</literal> has been added to &man.bhyve.4;, 460 allowing guest operating systems to use 461 <literal>XSAVE</literal> and 462 <literal>XSAVE</literal>-enabled features, such as 463 <acronym>AVX</acronym>.</para> 464 465 <para revision="268932">The &man.bhyve.4; hypervisor now 466 supports booting from a &man.zfs.8; filesystem.</para> 467 468 <para revision="268933">A new driver, &man.virtio_random.4;, 469 has been added, which allows &os; virtual machines to 470 harvest entropy from the hypervisor.</para> 471 472 <para revision="270159">The &man.bhyve.4; hypervisor has been 473 synced with the version in &os;-CURRENT.</para> 474 475 <para>A number of enhancements have been added, and several 476 bug fixes, including:</para> 477 478 <itemizedlist> 479 <listitem> 480 <para>Post-mortem debugging has been added when 481 a guest virtual machine exits with an 482 <quote><acronym>EPT</acronym> Misconfiguration</quote> 483 error.</para> 484 </listitem> 485 486 <listitem> 487 <para>The hypervisor &man.virtio.4; <acronym>API</acronym> 488 has been expanded from 32- to 64-bit.</para> 489 </listitem> 490 491 <listitem> 492 <para>Support for identifying capabilities of the virtual 493 <acronym>CPU</acronym> has been added.</para> 494 </listitem> 495 496 <listitem> 497 <para>Support for emulating legacy x86 task 498 switching has been added.</para> 499 </listitem> 500 501 <listitem> 502 <para>Support to list the VT-x features in base kernel 503 &man.dmesg.8; has been added.</para> 504 </listitem> 505 506 <listitem> 507 <para>Support for extended PCI configuration space 508 has been added.</para> 509 </listitem> 510 </itemizedlist> 511 </sect3> 512 513 <sect3 xml:id="kernel-arm"> 514 <title>ARM Support</title> 515 516 <para revision="259355">The <filename>WANDBOARD</filename> 517 kernel configuration file has been added.</para> 518 519 <para revision="265067">Boot devices may now be specified by 520 setting a u-boot environment variable. If a boot device is 521 not specified, the probe mechanism will be used. To specify 522 the boot device, set the 523 <literal>loaderdev=<replaceable>device</replaceable></literal> 524 u-boot environment variable.</para> 525 526 <para revision="266000">The <literal>nexus(4)</literal> driver 527 has been updated to include <quote>Flattened Device 528 Tree</quote> support, replacing the &man.fdtbus.4; driver 529 in most cases.</para> 530 531 <para revision="266105">The &man.gpioiic.4; and 532 &man.gpioled.4; have been merged from &os;-CURRENT.</para> 533 534 <para>Support for hardware floating point was added to the 535 kernel, and enabled by default in the configuration files 536 for all platforms that contain the required hardware.</para> 537 538 <para><application>C++</application> exception handling now 539 works with <application>GCC</application>.</para> 540 541 <para>Support for <acronym>SMP</acronym> was added to the 542 kernel, and enabled by default in the configuration files 543 for all platforms that contain multi-core CPUs.</para> 544 545 <para>Support was added for:</para> 546 547 <itemizedlist> 548 <listitem> 549 <para>CHROMEBOOK (Samsung Exynos 5250)</para> 550 </listitem> 551 552 <listitem> 553 <para>COLIBRI (Freescale Vybrid)</para> 554 </listitem> 555 556 <listitem> 557 <para>COSMIC (Freescale Vybrid)</para> 558 </listitem> 559 560 <listitem> 561 <para>IMX53-QSB (Freescale i.MX53)</para> 562 </listitem> 563 564 <listitem> 565 <para>QUARTZ (Freescale Vybrid)</para> 566 </listitem> 567 568 <listitem> 569 <para>RADXA (Rockchip rk30xx)</para> 570 </listitem> 571 572 <listitem> 573 <para>WANDBOARD (Freescale i.MX6)</para> 574 </listitem> 575 </itemizedlist> 576 577 <para>An <acronym>I2C</acronym> driver was added for 578 the RaspberryPi.</para> 579 580 <para>Drivers have been added to support <acronym>TI</acronym> 581 platforms, such as BEAGLEBONE and PANDABOARD:</para> 582 583 <itemizedlist> 584 <listitem> 585 <para>PRUSS (Programmable Realtime Unit Subsystem)</para> 586 </listitem> 587 588 <listitem> 589 <para>MBOX (Mailbox hardware)</para> 590 </listitem> 591 592 <listitem> 593 <para>SDHCI (new faster driver for 594 <acronym>MMC</acronym>/<acronym>SD</acronym> 595 storage)</para> 596 </listitem> 597 598 <listitem> 599 <para>PPS (Pulse Per Second input on a 600 <acronym>GPIO</acronym>/timer pin)</para> 601 </listitem> 602 603 <listitem> 604 <para>PWM (Pulse Width Modulation output)</para> 605 </listitem> 606 607 <listitem> 608 <para>ADC (Analog to Digital converter)</para> 609 </listitem> 610 </itemizedlist> 611 </sect3> 612 613 <sect3 xml:id="boot"> 614 <title>Boot Loader Changes</title> 615 616 <para revision="262701">A kernel selection menu has been added 617 to &man.loader.8;. If the <quote>beastie menu</quote> is 618 enabled, the kernel to boot may be selected from the kernel 619 selection menu. Additional kernels may be listed in 620 &man.loader.conf.5; as a comma- or space-separated list. By 621 default, <literal>kernel</literal> and 622 <literal>kernel.old</literal> are listed.</para> 623 624 <para revision="271130" contrib="sponsor" sponsor="&ff;">The 625 <filename class="directory">sys/boot/</filename> sources 626 have been rearranged, moving &man.libstand.3; to a directory 627 indicating the library is built as 32-bit.</para> 628 629 <para revision="271135" contrib="sponsor" sponsor="&ff;">The 630 &man.libstand.3; library has been updated to produce 631 a 64-bit shared library for the &os;/&arch.amd64; and 632 &os;/&arch.powerpc64; architectures.</para> 633 634 <para revision="271135" contrib="sponsor" 635 sponsor="&ff;">Initial support for <acronym>UEFI</acronym> 636 boot has been added.</para> 637 638 <para revision="271136" contrib="sponsor" sponsor="&ff;">Three 639 new files are installed to <filename 640 class="directory">/boot</filename>, supporting 641 <acronym>UEFI</acronym> boot:</para> 642 643 <itemizedlist> 644 <listitem> 645 <para><filename>boot1.efi</filename>: The 646 <acronym>UEFI</acronym> first stage bootstrap 647 file.</para> 648 </listitem> 649 650 <listitem> 651 <para><filename>boot1.efifat</filename>: 652 A <acronym>FAT</acronym> filesystem image containing 653 an <acronym>EFI</acronym> system partition.</para> 654 </listitem> 655 656 <listitem> 657 <para><filename>loader.efi</filename>: The third stage 658 bootstrap file.</para> 659 </listitem> 660 </itemizedlist> 661 662 <para revision="271880">Serial console and null console 663 support has been added to the <acronym>UEFI</acronym> boot 664 loader.</para> 665 666 <para revision="272006">Support has been added to cache 667 &man.geli.8; passphrases during system boot. When a system 668 is configured with multiple <literal>GEOM_ELI</literal> 669 providers all using the same passphrase, the passphrase that 670 is cached after the first entry is used for the subsequent 671 <literal>GEOM_ELI</literal> provider. If the passphrase in 672 the cache is incorrect, then a prompt for the passphrase for 673 the next provider is displayed.</para> 674 </sect3> 675 676 <sect3 xml:id="proc"> 677 <title>Hardware Support</title> 678 679 <sect4 xml:id="net-if"> 680 <title>Network Interface Support</title> 681 682 <para revision="259453">Support for Ralink RT5370 and 683 RT5372 chipsets has been added to the &man.run.4; 684 driver.</para> 685 686 <para revision="260120">Firmware for the &man.run.4; driver 687 has been updated to version 0.33.</para> 688 689 <para revision="261868">Support for the Ralink RT3593 690 chipset has been added to the &man.run.4; driver.</para> 691 692 <para revision="261972">The &man.nve.4; driver is now 693 deprecated, and the &man.nfe.4; driver should be used 694 instead.</para> 695 696 <para revision="262137">Support for the &man.axge.4; driver 697 has been added. This driver supports the ASIX AX88178A 698 and AX88179 USB ethernet adapters. The AX88178A supports 699 USB 2.0, and the AX88179 supports USB 2.0 and 3.0.</para> 700 701 <para revision="262363">The &man.urndis.4; driver has been 702 imported from OpenBSD.</para> 703 704 <para revision="264866">Support for multiple 705 transmitter/receiver queues has been added to the 706 &man.vmx.4; driver.</para> 707 708 <note> 709 <para>The &os; guest operating system must have 710 <acronym>MSIX</acronym> enabled as a prerequisite for 711 multiple queues.</para> 712 </note> 713 714 <para revision="265345">Support for the ASUS USB-N10 Nano 715 wireless card has been added to the &man.urtwn.4; 716 driver.</para> 717 718 <para revision="266212">Transmission checksum offloading has 719 been disabled for the RTL8168C and RTL8168CP chipsets in 720 the &man.re.4; driver for TCP and UDP frames. This is 721 due to a report of UDP datagrams with IP options 722 generating corrupt frames.</para> 723 724 <para revision="266578">Preliminary support has been added 725 to the &man.urtwn.4; driver for the Realtek RTL8188EUS and 726 RTL8188ETV chipsets.</para> 727 728 <para revision="267694">A bug in the fast receiver buffer 729 recycle path has been fixed in the &man.cxgbe.4; 730 driver.</para> 731 732 <para revision="267849" contrib="vendor" 733 vendor="&chelsio;">The bundled &man.cxgbe.4; firmware for 734 T4 and T5 cards has been updated to version 735 1.11.27.0.</para> 736 737 <para revision="269196">The &man.em.4; driver has been 738 updated to version 7.4.2.</para> 739 740 <para revision="269975">The &man.ixgbe.4; tunables have been 741 renamed to match their &man.sysctl.8; counterparts:</para> 742 743 <informaltable frame="none" pgwide="0"> 744 <tgroup cols="2"> 745 <colspec colwidth="1*"/> 746 <colspec colwidth="1*"/> 747 <thead> 748 <row> 749 <entry>Old Name</entry> 750 <entry>New Name</entry> 751 </row> 752 </thead> 753 754 <tbody> 755 <row> 756 <entry><literal>hw.ixgbe.enable_aim</literal></entry> 757 <entry><literal>hw.ix.enable_aim</literal></entry> 758 </row> 759 760 <row> 761 <entry><literal>hw.ixgbe.max_interrupt_rate</literal></entry> 762 <entry><literal>hw.ix.max_interrupt_rate</literal></entry> 763 </row> 764 765 <row> 766 <entry><literal>hw.ixgbe.rx_process_limit</literal></entry> 767 <entry><literal>hw.ix.rx_process_limit</literal></entry> 768 </row> 769 770 <row> 771 <entry><literal>hw.ixgbe.tx_process_limit</literal></entry> 772 <entry><literal>hw.ix.tx_process_limit</literal></entry> 773 </row> 774 775 <row> 776 <entry><literal>hw.ixgbe.enable_msix</literal></entry> 777 <entry><literal>hw.ix.enable_msix</literal></entry> 778 </row> 779 780 <row> 781 <entry><literal>hw.ixgbe.num_queues</literal></entry> 782 <entry><literal>hw.ix.num_queues</literal></entry> 783 </row> 784 785 <row> 786 <entry><literal>hw.ixgbe.txd</literal></entry> 787 <entry><literal>hw.ix.txd</literal></entry> 788 </row> 789 790 <row> 791 <entry><literal>hw.ixgbe.rxd</literal></entry> 792 <entry><literal>hw.ix.rxd</literal></entry> 793 </row> 794 795 <row> 796 <entry><literal>hw.ixgbe.unsupported_sfp</literal></entry> 797 <entry><literal>hw.ix.unsupported_sfp</literal></entry> 798 </row> 799 </tbody> 800 </tgroup> 801 </informaltable> 802 803 <para>Be sure to update &man.loader.conf.5; if using the 804 old tunables before upgrading to 805 &os; &release.current;.</para> 806 807 <para revision="270061">The &man.if.nf10bmac.4; driver has 808 been merged from &os;-CURRENT to support the NetFPGA-10G 809 Embedded CPU Ethernet Core.</para> 810 811 <para revision="270297">The &man.cxgbe.4; driver has been 812 updated to support &man.netmap.4; for the T5 10G/40G 813 cards.</para> 814 815 <para revision="270509">The &man.vtnet.4; driver has been 816 updated to support &man.netmap.4;.</para> 817 818 <para revision="270514">The &man.urtwn.4; driver has been 819 updated to support the ASUS USB-AC51 wireless card.</para> 820 821 <para revision="270631">The &intel; XL710 ethernet 822 controller driver, <literal>ixlv(4)</literal>, has been 823 merged from &os;-CURRENT.</para> 824 </sect4> 825 </sect3> 826 827 <sect3 xml:id="net-proto"> 828 <title>Network Protocols</title> 829 830 <para revision="265946">Support for the UDP-Lite protocol 831 (RFC 3828) has been added to the IPv4 and IPv6 832 stacks.</para> 833 834 <para revision="267771">A bug in &man.sctp.4; that would allow 835 two listening sockets bound to the same port has been 836 fixed.</para> 837 838 <para contrib="sponsor" sponsor="&ix;">Kernel RPC code, which 839 is a base of NFS server took multiple optimizations, that 840 significantly improved its performance and 841 <acronym>SMP</acronym> scalability.</para> 842 843 <para revision="269065" contrib="sponsor" sponsor="&ff;">The 844 <acronym>iSCSI</acronym> initiator has been updated to 845 support redirection handling when an 846 <acronym>iSCSI</acronym> device is configured with multiple 847 <acronym>IP</acronym> addresses across different network 848 interfaces. Previously, clients connecting to 849 such <acronym>iSCSI</acronym> devices could require 850 additional client-side configuration.</para> 851 852 <para revision="265523" contrib="sponsor" sponsor="&ff;">A new 853 &man.sysctl.8;, 854 <literal>kern.iscsi.fail_on_disconnection</literal>, has 855 been added, which allows <acronym>iSCSI</acronym> clients to 856 remove the attached disk device when the connection to the 857 target is dropped, where previously I/O would stop until the 858 connection is restored.</para> 859 860 <para revision="265524" contrib="sponsor" sponsor="&ff;">The 861 <acronym>iSCSI</acronym> transmit code has been optimized 862 to coalesce <acronym>PDUs</acronym> and avoid lock 863 contention.</para> 864 865 <para revision="265524" contrib="sponsor" 866 sponsor="&ix;">Several performance optimizations have been 867 made to the <acronym>iSCSI</acronym> subsystem, including 868 deferring wakeup until enough data has been received to 869 read or write a file, reducing <acronym>CPU</acronym> usage 870 and throughput performance with large I/O workloads.</para> 871 872 <para revision="263720" contrib="sponsor" 873 sponsor="&ff;">Support for hostname- and IP-based access 874 restriction has been added to the <acronym>iSCSI</acronym> 875 &man.ctld.8; daemon.</para> 876 877 <para revision="263725" contrib="sponsor" 878 sponsor="&ff;">The &man.ctld.8; daemon has been updated 879 to allow overriding the <quote>default</quote> 880 <literal>portal-group</literal> configuration.</para> 881 882 <para revision="263726" contrib="sponsor" 883 sponsor="&ff;">The &man.ctld.8; daemon now includes a new 884 <literal>auth-group</literal>, <quote>default</quote>, 885 defaulting to <literal>deny</literal>, which is possible 886 to override.</para> 887 </sect3> 888 889 <sect3 xml:id="disks"> 890 <title>Disks and Storage</title> 891 892 <para revision="260385" contrib="sponsor" sponsor="&ix;">The 893 &man.geom.4; subsystem has been updated to support I/O 894 direct dispatch. When safety requirements are met, it 895 enables avoiding passing I/O requests to GEOM 896 <literal>g_up</literal>/<literal>g_down</literal> thread, 897 executing them directly in the caller context, avoiding 898 CPU bottlenecks in 899 <literal>g_up</literal>/<literal>g_down</literal> threads, 900 plus avoid several context switches per I/O.</para> 901 902 <para revision="260385" contrib="sponsor" sponsor="&ix;">The 903 &man.geom.4; RAID driver has been 904 updated to support unmapped I/O.</para> 905 906 <para revision="260387" contrib="sponsor" sponsor="&ix;">The 907 &man.cam.4; subsystem has been updated to support 908 finer-grained locking, direct dispatch and multi-queue, 909 which combined with &man.geom.4; direct dispatch, reduces 910 lock congestion and improves <acronym>SMP</acronym> 911 scalability of the SCSI/ATA stack.</para> 912 913 <para revision="260478">The &man.geom.8; 914 <literal>GEOM_MULTIPATH</literal> class has been updated to 915 support automatic live partition resizing.</para> 916 917 <para revision="260857">The &man.virtio_blk.4; driver has been 918 updated to support unmapped I/O.</para> 919 920 <para revision="260858">The &man.virtio_scsi.4; driver has 921 been updated to support unmapped I/O.</para> 922 923 <para revision="264522">Support for LUN-based CD changers has 924 been removed from the &man.cd.4; driver.</para> 925 926 <para revision="264732">Support for 927 <literal>BIO_DELETE</literal> has been added to &man.zfs.8; 928 <literal>zvol</literal> volumes.</para> 929 930 <para revision="264734">Support for 9th generation HP host bus 931 adapter cards has been added to &man.ciss.4;.</para> 932 933 <para revision="265388" contrib="sponsor" sponsor="&lsi;">The 934 &man.mpr.4; device has been added, 935 providing support for LSI Fusion-MPT 3 12Gb SCSI/SATA 936 controllers.</para> 937 938 <para revision="265678">A new <literal>zvol</literal> property 939 <literal>volmode</literal> and &man.sysctl.8; 940 <literal>vfs.zfs.vol.mode</literal> has been added to allow 941 switching <literal>zvol</literal> between three different 942 ways of exposing it to a user: <literal>geom</literal>, 943 <literal>dev</literal> and <literal>none</literal>.</para> 944 945 <para revision="265922" contrib="sponsor" sponsor="&lsi;">The 946 &man.mrsas.4; driver has been added, providing support for 947 LSI MegaRAID SAS controllers. The &man.mfi.4; driver will 948 attach to the controller, by default. To enable 949 &man.mrsas.4; add <literal>hw.mfi.mrsas_enable=1</literal> 950 to <filename>/boot/loader.conf</filename>, which turns off 951 &man.mfi.4; device probing.</para> 952 953 <note> 954 <para>At this time, the &man.mfiutil.8; utility and the &os; 955 version of <application>MegaCLI</application> and 956 <application>StorCli</application> do not work with 957 &man.mrsas.4;.</para> 958 </note> 959 960 <para revision="266608">Fixed accounting of 961 <literal>BIO_FLUSH</literal> operation in &man.geom.8; 962 <literal>GEOM_DISK</literal> class</para> 963 964 <para revision="266610">The &man.gstat.8; utility now has an 965 <literal>-o</literal> option, to display 966 <quote>other</quote> operations, such as 967 <literal>BIO_FLUSH</literal>.</para> 968 969 <para revision="267084">The &man.mfi.4; driver has been 970 updated to include support for unmapped I/O.</para> 971 972 <para revision="267457">The &man.hpt27xx.4; driver has been 973 updated with various vendor-supplied bug fixes.</para> 974 975 <para revision="270130" contrib="sponsor" 976 sponsor="&citrix.rd;">Support for unmapped I/O has been 977 added to the &man.xen.4; <literal>blkfront</literal> 978 driver.</para> 979 980 <para revision="259328" contrib="sponsor" sponsor="&ff;">The 981 &man.geom.8; <literal>label</literal> class is now aware of 982 resized partitions. This corrects an issue where 983 <command>geom resize</command> would resize the partition, 984 but the label provider in <filename 985 class="directory">/dev/gptid/</filename> would not be 986 resized.</para> 987 988 <para revision="260502">The &man.gmirror.8; 989 utility now has a <literal>resize</literal> command, making 990 it easier to resize the size of a mirror when all of its 991 components have been replaced.</para> 992 993 <para revision="262967">Support for MegaRAID Fury cards has 994 been added to the &man.mfi.4; driver.</para> 995 996 <para revision="263024">The &man.aacraid.4; driver has been 997 updated to version 3.2.5.</para> 998 999 <para revision="265536">The <literal>GEOM_VINUM</literal> 1000 option is now able to be built both directly into the kernel 1001 or as a &man.kldload.8; loadable module.</para> 1002 1003 <para revision="265912">The &man.geom.8; 1004 <literal>GEOM_PART</literal> class has been updated to 1005 support automatic partition resizing. Changes to the 1006 partition size are not saved to disk until 1007 <command>gpart commit</command> is run, and prior to saving, 1008 can be reverted with <command>gpart undo</command>.</para> 1009 1010 <para revision="266220">The &man.geom.uncompress.4; module is 1011 built by default which, similar to &man.geom.uzip.4;, 1012 provides support for compressed, read-only disk 1013 images.</para> 1014 1015 <para revision="268091">Support for the 1016 <literal>disklabel64</literal> partitioning scheme has been 1017 added to &man.gpart.8;.</para> 1018 1019 <para revision="270552">A new &man.sysctl.8; and 1020 &man.loader.8; tunable, 1021 <literal>kern.geom.part.mbr.enforce_chs</literal> has been 1022 added to the &man.geom.8; <literal>MBR</literal> partition 1023 class. When set to a non-zero value, 1024 <literal>GEOM_PART_MBR</literal> will automatically 1025 recalculate the user-specified offset and size for alignment 1026 with the disk geometry.</para> 1027 1028 <para contrib="sponsor" sponsor="&ix;">Many improvements to 1029 the CAM Target Layer (CTL):</para> 1030 <itemizedlist> 1031 <listitem> 1032 <para>Support for <literal>UNMAP</literal>, <literal>WRITE 1033 SAME</literal>, <literal>COMPARE AND WRITE</literal>, 1034 <literal>XCOPY</literal> and some other SCSI commands 1035 was added to support VMWare VAAI and Microsoft ODX 1036 storage acceleration.</para> 1037 </listitem> 1038 <listitem> 1039 <para revision="265642">The 1040 <literal>READ</literal>/<literal>WRITE</literal> size 1041 limitations were removed by supporting multiple 1042 data moves per command.</para> 1043 </listitem> 1044 <listitem> 1045 <para revision="268556">Finer-grained per-LUN locking and 1046 multiple worker threads for better 1047 <acronym>SMP</acronym> scapability.</para> 1048 </listitem> 1049 <listitem> 1050 <para revision="269297">Memory consumption reduced by 1051 several times by disabling some never used 1052 functionality.</para> 1053 </listitem> 1054 <listitem> 1055 <para revision="269298">The maximum number of 1056 <acronym>SCSI</acronym> ports increased from 32 to 1057 128.</para> 1058 </listitem> 1059 <listitem> 1060 <para revision="269429">Improved <literal>zvol</literal> 1061 integration for better performance.</para> 1062 </listitem> 1063 </itemizedlist> 1064 1065 <para revision="270810" contrib="vendor" 1066 vendor="&highpoint;">The &man.hptnr.4; driver has been 1067 updated to version 1.0.1.</para> 1068 1069 <para revision="271234">The &man.mrsas.4; driver has been 1070 added to the <filename>GENERIC</filename> kernel 1071 configuration on &arch.amd64; and &arch.i386; 1072 architectures.</para> 1073 </sect3> 1074 1075 <sect3 xml:id="fs"> 1076 <title>File Systems</title> 1077 1078 <para revision="260338">The 1079 <literal>vfs.zfs.zio.use_uma</literal> &man.sysctl.8; has 1080 been re-enabled. On multi-CPU machines with enough RAM, 1081 this can easily double &man.zfs.8; performance or reduce CPU 1082 usage in half. It was originally disabled due to memory and 1083 <acronym>KVA</acronym> exhaustion problem reports, which 1084 should be resolved due to several changes in the VM 1085 subsystem.</para> 1086 1087 <para revision="260178" contrib="vendor" 1088 vendor="&netflix;">A new flag, <literal>-R</literal>, 1089 has been added to the &man.fsck.ffs.8; utility. When used, 1090 &man.fsck.ffs.8; will restart itself when too many critical 1091 errors have been detected.</para> 1092 1093 <para revision="263407">The &man.zfs.8; filesystem has been 1094 updated to implement <quote>bookmarks</quote>. See 1095 &man.zfs.8; for further details.</para> 1096 1097 <para revision="266122">The &man.zfs.8; filesystem has been 1098 updated to allow tuning the minimum <quote>ashift</quote> 1099 value when creating new top-level virtual devices (vdevs). 1100 To set the minimum ashift value, for example when creating 1101 a &man.zpool.8; on <quote>Advanced Format</quote> drives, 1102 set the <literal>vfs.zfs.min_auto_ashift</literal> 1103 &man.sysctl.8; accordingly.</para> 1104 1105 <para revision="266612">The <literal>libzfs</literal> thread 1106 pool <acronym>API</acronym> has been imported from 1107 OpenSolaris, and adapted for &os;. This change allows 1108 parallel disk scanning, which can reduce &man.zpool.8; 1109 overall import time in some workloads.</para> 1110 1111 <para revision="269651">The &man.restore.8; utility has been 1112 updated to prevent assertion failures when restoring 1113 a <acronym>UFS</acronym> filesystem dump to 1114 a <acronym>ZFS</acronym> filesystem by writing restored 1115 files in block sizes that are a multiple of 1024.</para> 1116 1117 <para revision="269774">Two &man.sysctl.8;s have been added 1118 to the &man.zfs.8; filesystem:</para> 1119 1120 <itemizedlist> 1121 <listitem> 1122 <para> 1123 <literal>vfs.zfs.mg_fragmentation_threshold</literal>: The 1124 percentage of the metaslab group size that should be 1125 considered eligible for allocation, unless all metaslab 1126 groups within the metaslab class have also crossed this 1127 threshold.</para> 1128 </listitem> 1129 1130 <listitem> 1131 <para> 1132 <literal>vfs.zfs.metaslab.fragmentation_threshold</literal>: The 1133 maximum percentage of metaslab fragmentation level to 1134 keep their active state</para> 1135 </listitem> 1136 </itemizedlist> 1137 1138 <para revision="269846">The default &man.zfs.8; 1139 <acronym>ARC</acronym> hash table size has been increased, 1140 and a new &man.loader.8; tunable, 1141 <literal>vfs.zfs.arc_average_blocksize</literal>, has been 1142 added. Previously, the hash table could be too small, which 1143 would lead to long hash chains and limit performance for 1144 cached reads. The 1145 <literal>vfs.zfs.arc_average_blocksize</literal> tunable 1146 allows overriding the default block size. The previous 1147 default was 65536, and default of the new &man.loader.8; 1148 tunable is 8192.</para> 1149 1150 <para revision="270157">The Fast File System 1151 (<acronym>FFS</acronym>) has been updated to support 1152 multi-threaded soft updates. Previously, soft updates were 1153 handled by a single thread, and as of this change, now have 1154 one thread per <acronym>FFS</acronym> mountpoint.</para> 1155 1156 <para revision="270892" contrib="sponsor" sponsor="&ff;">The 1157 new filesystem automount facility, &man.autofs.5;, has been 1158 merged from &os;-CURRENT. The new &man.autofs.5; facility 1159 is similar to that found in other &unix;-like operating 1160 systems, such as OS X™ and Solaris™. The 1161 &man.autofs.5; facility uses a &sun;-compatible 1162 &man.auto.master.5; configuration file, and is administered 1163 with the &man.automount.8; userland utility, and the 1164 &man.automountd.8; and &man.autounmountd.8; daemons.</para> 1165 </sect3> 1166 </sect2> 1167 1168 <sect2 xml:id="userland"> 1169 <title>Userland Changes</title> 1170 1171 <para revision="260177" contrib="sponsor" 1172 sponsor="&netflix;">A new flag is added to &man.camcontrol.8;, 1173 <literal>-b</literal>, which outputs the existing buses and 1174 their parents.</para> 1175 1176 <para revision="262075">The &man.newsyslog.8; utility has been 1177 updated to rotate files based on the actual file size instead 1178 of the blocks on disk. This matches the behavior documented 1179 in &man.newsyslog.conf.5;.</para> 1180 1181 <para revision="262384">The location of the &man.rctl.8; 1182 configuration file can now be overridden in &man.rc.conf.5;. 1183 To use a non-default location, set 1184 <literal>rctl_rules</literal> in &man.rc.conf.5; to the 1185 location of the file.</para> 1186 1187 <para revision="262855">The <application>ATF</application> test 1188 suite has been updated to version 0.20. The test suite is 1189 disabled by default in &os; 10.1, and can be enabled by 1190 adding <literal>WITH_TESTS=yes</literal> to 1191 &man.src.conf.5;.</para> 1192 1193 <para revision="263019">The <literal>libucl</literal> library 1194 (Unified Configuration Library) has been merged from 1195 &os;-CURRENT.</para> 1196 1197 <para revision="263020">The &man.pkg.7; bootstrapping utility 1198 has been synced with the version in &os;-CURRENT.</para> 1199 1200 <para revision="263403">The &man.zfs.8; userland utility has 1201 been updated to include aliases for 1202 <command>snapshot</command>, which allows use of <command>zfs 1203 list -t snap</command> and <command>zfs 1204 snap</command>.</para> 1205 1206 <para revision="263405">The &man.zfs.8; userland utility has 1207 been updated to include a new flag to <command>zfs 1208 list</command>, <literal>-p</literal>, which when specified, 1209 prints the output in a parsable format.</para> 1210 1211 <para revision="263783">The Blowfish password format 1212 implementation has been updated. Support for 1213 $2b$ has been added, allowing use of passwords 1214 greater than 256 characters long.</para> 1215 1216 <para revision="264497">The &man.iconv.3; library has been 1217 updated to match NetBSD, providing several bug fixes.</para> 1218 1219 <para revision="265265">The &man.date.1; utility has been 1220 updated to include a new flag, <literal>-R</literal>, which 1221 prints the date and time output as specified in RFC 1222 2822.</para> 1223 1224 <para revision="265533">The &man.bc.1; utility has been updated 1225 to version 1.1, in sync with the version in OpenBSD.</para> 1226 1227 <para revision="265604" contrib="vendor" 1228 vendor="&netflix;">The &man.pmcstat.8; utility has been 1229 updated to include a new flag, <literal>-a</literal>, which 1230 when specified, produces a full stack track on the sampled 1231 points.</para> 1232 1233 <para revision="265701">The &man.netstat.8; and &man.route.8; 1234 utilities have been updated to include a shorthand equivalent 1235 to the <literal>-f inet</literal> and <literal>-f 1236 inet6</literal> address specifiers, <literal>-4</literal> 1237 and <literal>-6</literal>, respectively.</para> 1238 1239 <para revision="265879">The &man.crypt.3; library now defaults 1240 to SHA512 for password hashing.</para> 1241 1242 <para revision="266014">The &man.gvinum.8; utility has been 1243 updated to allow forceful configuration reset with the 1244 <literal>-f</literal> flag. Additionally, a bug that would 1245 prevent <literal>-f</literal> from properly creating 1246 a &man.gvinum.8; configuration has been fixed.</para> 1247 1248 <para revision="266029">The &man.login.conf.5; file now takes 1249 precedence over the shell-specific environment files. In 1250 particular, the <literal>PATH</literal>, 1251 <literal>BLOCKSIZE</literal> variables are commented from 1252 <filename>/usr/share/skel/dot.profile</filename>, and the 1253 <literal>path</literal>, <literal>BLOCKSIZE</literal>, and 1254 <literal>umask</literal> variables have been commented from 1255 <filename>/usr/share/skel/dot.cshrc</filename>.</para> 1256 1257 <para revision="266272">The &man.binmiscctl.8; userland utility 1258 and related image activator features have been merged from 1259 &os;-CURRENT.</para> 1260 1261 <para revision="266279">The &man.ps.1; utility has been 1262 updated to include the <literal>-J</literal> flag, used to 1263 filter output by matching &man.jail.8; IDs and names. 1264 Additionally, argument <literal>0</literal> can be used to 1265 <literal>-J</literal> to only list processes running on the 1266 host system.</para> 1267 1268 <para revision="266280">The &man.top.1; utility has been updated 1269 to filter by &man.jail.8; ID or name, in followup to the 1270 &man.ps.1; change in <literal>r265229</literal>.</para> 1271 1272 <para revision="266610">The &man.gstat.8; utility has been 1273 updated to include a new flag, <literal>-o</literal>. When 1274 set, &man.gstat.8; will display statistics for operations 1275 such as <literal>BIO_FLUSH</literal>.</para> 1276 1277 <para revision="266632">The &man.fetch.3; library has been 1278 updated to look for root <acronym>SSL</acronym> certificates 1279 in <filename class="directory">/usr/local/etc/ssl/</filename> 1280 before <filename 1281 class="directory">/etc/ssl/</filename>.</para> 1282 1283 <para revision="266715">The &man.clang.1;/llvm suite has been 1284 updated to version 3.4.1.</para> 1285 1286 <para revision="266816">The Blowfish password format 1287 has been changed to $2b$ by default.</para> 1288 1289 <para revision="266888">The amount of data collected for 1290 &man.hwpmc.4; has been updated to work with modern processors 1291 and larger amounts of available memory.</para> 1292 1293 <para revision="266890">The &man.pmcstat.8; utility has been 1294 updated to include a new flag, <literal>-l</literal>, which 1295 ends event collection after the specified number of 1296 seconds.</para> 1297 1298 <para revision="266953">The &man.mergemaster.8; utility has 1299 been updated to avoid printing 1300 <quote><filename>/var/tmp/temproot</filename> 1301 disappeared</quote> if there is nothing to compare.</para> 1302 1303 <para revision="267056">The &os; installer, &man.bsdinstall.8;, 1304 has been updated to include optional 1305 &man.geli.8;-encrypted or &man.gmirror.8;-mirrored swap 1306 devices when installing onto a full &man.zfs.8; filesystem. 1307 Additionally, the parent &man.zfs.8; dataset is now configured 1308 with <literal>lz4</literal> compression enabled.</para> 1309 1310 <para revision="267113">The default &man.newsyslog.conf.5; now 1311 includes files in the 1312 <filename>/etc/newsyslog.conf.d/</filename> and 1313 <filename>/usr/local/etc/newsyslog.conf.d/</filename> 1314 directories by default for &man.newsyslog.8;.</para> 1315 1316 <para revision="267161">The &man.realpath.1; utility has been 1317 updated to return <literal>ENOTDIR</literal> on paths 1318 components <quote>.</quote> and <quote>..</quote> that are 1319 not directories, such as <filename 1320 class="directory">/dev/null/.</filename> or <filename 1321 class="directory">/dev/null/..</filename>.</para> 1322 1323 <para revision="267236">A new flag, <quote>onifconsole</quote> 1324 has been added to <filename>/etc/ttys</filename>. This allows 1325 the system to provide a login prompt via serial console if the 1326 device is an active kernel console, otherwise it is equivalent 1327 to <literal>off</literal>.</para> 1328 1329 <para revision="267341">Support for legacy 1330 <acronym>PCI</acronym> devices has been removed from 1331 &man.bhyve.8;.</para> 1332 1333 <para revision="267450">The &man.bhyve.8; userland utility 1334 has been updated to include SMBIOS support. A new flag has 1335 been added, <literal>-U</literal>, which allows specifying the 1336 UUID of the guest in the System Information structure.</para> 1337 1338 <para revision="267734">The &os; Project has migrated 1339 from the <application>GNATS</application> bug tracking system 1340 to <application>Bugzilla</application>. The &man.send-pr.1; 1341 utility used for submitting problem reports has been replaced 1342 with a stub shell script that instructs to use the Bugzilla 1343 web interface.</para> 1344 1345 <para revision="267747">The &man.patch.1; utility has been 1346 updated to include a <literal>--dry-run</literal> flag, which 1347 is equivalent to <literal>--check</literal> and 1348 <literal>-C</literal>.</para> 1349 1350 <para revision="267878">A bug in &man.bsdgrep.1; that would 1351 prevent patterns from being matched under certain conditions 1352 has been fixed.</para> 1353 1354 <para revision="267979">The &man.procstat.1; utility has been 1355 updated to include two new flags, <literal>-r</literal> and 1356 <literal>-H</literal>. When <literal>-r</literal> is 1357 specified, &man.procstat.1; will print current resource usage 1358 about the process(es). When <literal>-H</literal> is 1359 specified, &man.procstat.1; will print information about 1360 threads rather than the process(es).</para> 1361 1362 <note> 1363 <para>The <literal>-H</literal> flag is currently only used 1364 with <literal>-r</literal> to display resource usage for 1365 individual threads, rather than the entire process.</para> 1366 </note> 1367 1368 <para revision="268019">The &man.sed.1; utility has been 1369 updated to include a new flag, <literal>-u</literal>, which 1370 enables unbuffered output when specified.</para> 1371 1372 <para revision="268161">The &man.mkimg.1; utility has been 1373 merged from &os;-CURRENT.</para> 1374 1375 <para revision="268700" contrib="sponsor" 1376 sponsor="&spectralogic;">The &man.camcontrol.8; has been 1377 updated to include a new <literal>persist</literal> command, 1378 which allows issuing <command>SCSI PERSISTENT RESERVE 1379 IN</command> and <command>SCSI PERSISTENT RESERVE 1380 OUT</command>.</para> 1381 1382 <para revision="268791">The &man.gstat.8; utility has been 1383 updated to include a new flag, <literal>-p</literal>, which 1384 displays only physical providers when specified.</para> 1385 1386 <para revision="268903">The &man.kldstat.8; utility has been 1387 updated to allow <literal>-q</literal> to be specified when 1388 also specifying <literal>-n 1389 <replaceable>module.ko</replaceable></literal>.</para> 1390 1391 <para revision="269177">The &man.mkimg.1; utility has been 1392 updated to include support for both fixed- and 1393 dynamically-allocated images for the <acronym>VHD</acronym> 1394 and <acronym>VMDK</acronym> formats.</para> 1395 1396 <para revision="269220">The &man.random.4; entropy collection 1397 script, <filename>/usr/libexec/save-entropy</filename>, no 1398 longer runs within &man.jail.8; environments.</para> 1399 1400 <para revision="269397">The &man.bhyve.8; wrapper script, 1401 <filename>/usr/share/examples/bhyve/vmrun.sh</filename>, 1402 has been synced with &os;-CURRENT.</para> 1403 1404 <para>This update includes:</para> 1405 1406 <itemizedlist> 1407 <listitem> 1408 <para>A new flag, <literal>-e</literal>, has been added, 1409 which is used to set &man.loader.8; environment 1410 variables.</para> 1411 </listitem> 1412 1413 <listitem> 1414 <para>A new flag, <literal>-C</literal>, has been added, 1415 which is used to specify the guest console device.</para> 1416 </listitem> 1417 1418 <listitem> 1419 <para>A new flag, <literal>-H</literal>, has been added, 1420 which is used to pass the host path to 1421 &man.bhyveload.8;.</para> 1422 </listitem> 1423 1424 <listitem> 1425 <para>Support for multiple disk and &man.tap.4; devices 1426 has been added.</para> 1427 </listitem> 1428 1429 <listitem> 1430 <para>The <literal>-I</literal> flag has been 1431 removed.</para> 1432 </listitem> 1433 </itemizedlist> 1434 1435 <para revision="269398">The &man.nfsd.8; server update to 4.1, 1436 adding support for RFC5661, has merged from 1437 &os;-CURRENT.</para> 1438 1439 <para revision="269432" arch="ia64">The serial terminals 1440 <filename>ttyu0</filename> and <filename>ttyu1</filename> have 1441 been updated to <literal>onifconsole</literal> by default in 1442 &man.ttys.5;, which either can be the serial console, 1443 depending on the platform.</para> 1444 1445 <para revision="269800">The &man.ping6.8; utility has been 1446 updated to reset <literal>itimer</literal> when the maximum 1447 number of packets to send have been reached. This prevents 1448 &man.ping6.8; from exiting when the interval in set to a small 1449 value and a low number of packets to send has been 1450 specified.</para> 1451 1452 <para revision="269805">The &man.jail.8; utility has been 1453 updated to support extra &man.ifconfig.8; arguments for the 1454 <literal>ip4.addr</literal> and <literal>ip6.addr</literal> 1455 parameters. This change allows &man.carp.4; interfaces to 1456 be used within the &man.jail.8;.</para> 1457 1458 <para revision="269946">Support for generating and compiling 1459 <acronym>USDT</acronym> <application>DTrace</application> 1460 probes has been improved. <application>DTrace</application> 1461 <acronym>USDT</acronym> files are now handled similar to 1462 &man.lex.1; and &man.yacc.1; files, meaning support for 1463 handling <application>D</application> files as part of the 1464 build process is built into the <literal>SRCS</literal> 1465 &man.make.1; environment variable.</para> 1466 1467 <para revision="269968">The &man.iscsictl.8; utility has been 1468 updated to include a new flag, <literal>-M</literal>, which 1469 allows modifying the <acronym>iSCSI</acronym> session 1470 parameters without requiring the session to be removed and 1471 added back.</para> 1472 1473 <para revision="270043">The &man.mount.nfs.8; utility has been 1474 updated to support specifying the NFS version as 1475 a <literal>key=<replaceable>value</replaceable></literal> pair 1476 argument to the <literal>-o</literal> flag. For example, to 1477 specify NFS version 4, the syntax to use is 1478 <literal>-o vers=4</literal>.</para> 1479 1480 <para revision="270242" contrib="sponsor" 1481 sponsor="&spectralogic;">The &man.devd.8; client socket type 1482 has been changed to <literal>SOCK_SEQPACKET</literal>, 1483 providing sequential packet support.</para> 1484 1485 <para revision="270401">Support for the <quote>account</quote> 1486 facility has been added to the &man.pam.group.8; 1487 module.</para> 1488 1489 <para revision="270890">The &man.pathchk.1; utility has been 1490 updated to ensure bytes greater than or equal to 128 are 1491 considered non-portable.</para> 1492 1493 <para revision="270997" contrib="vendor" vendor="&freenas;">The 1494 &man.zdb.8; utility is now included in the set of applications 1495 installed in the <filename 1496 class="directory">/rescue</filename> environment, making it 1497 possible to examine &man.zfs.8; filesystems when <filename 1498 class="directory">/usr</filename> is unavailable.</para> 1499 1500 <para>Several <literal>libc</literal> improvements have been 1501 merged from illumos™ and &apple;, providing better 1502 internationalization support and &posix; compliance.</para> 1503 1504 <para revision="271967">Support for adding empty partitions has 1505 been added to the &man.mkimg.1; utility.</para> 1506 1507 <para revision="272819">Support for QCOW and QCOW2 disk image 1508 formats has been added to the &man.mkimg.1; utility.</para> 1509 1510 <para revision="273098">The &man.mkimg.1; utility has been 1511 updated to include three options used to print information 1512 about &man.mkimg.1; itself:</para> 1513 1514 <informaltable frame="none" pgwide="0"> 1515 <tgroup cols="2"> 1516 <colspec colwidth="1*"/> 1517 <colspec colwidth="1*"/> 1518 <thead> 1519 <row> 1520 <entry>Option</entry> 1521 <entry>Output</entry> 1522 </row> 1523 </thead> 1524 1525 <tbody> 1526 <row> 1527 <entry><literal>--version</literal></entry> 1528 <entry>The current version of the &man.mkimg.1; 1529 utility</entry> 1530 </row> 1531 1532 <row> 1533 <entry><literal>--formats</literal></entry> 1534 <entry>The disk image file formats supported by 1535 &man.mkimg.1;</entry> 1536 </row> 1537 1538 <row> 1539 <entry><literal>--schemes</literal></entry> 1540 <entry>The partition schemes supported by 1541 &man.mkimg.1;</entry> 1542 </row> 1543 </tbody> 1544 </tgroup> 1545 </informaltable> 1546 1547 <sect3 xml:id="rc-scripts"> 1548 <title><filename>/etc/rc.d</filename> Scripts</title> 1549 1550 <para revision="264438">The <filename>network.subr</filename> 1551 &man.rc.8; script has been updated to loosen the requirement 1552 of listing network aliases in numeric order. Previously, 1553 a network alias of 1554 <literal>_alias<replaceable>2</replaceable></literal> 1555 would not be created if 1556 <literal>_alias<replaceable>1</replaceable></literal> was 1557 not defined.</para> 1558 1559 <para revision="268098">The &man.service.8; utility has been 1560 updated to check that the &man.rc.d.8; directory exists 1561 before traversing the directory.</para> 1562 1563 <para revision="259141">A regression introduced in 1564 &os; 10.0-RELEASE that would prevent proper IPv6 1565 allocation via the &man.jail.8; &man.rc.8; startup script 1566 has been fixed.</para> 1567 1568 <para revision="264438">The &man.rc.8; restriction requiring 1569 &man.mdconfig.8; devices defined in &man.rc.conf.5; to be 1570 listed sequentially has been removed.</para> 1571 1572 <para revision="262566">The &man.sshd.8; &man.rc.d.8; startup 1573 script now generates <literal>ED25519</literal> &man.sshd.8; 1574 host keys if keys do not already exist when 1575 <literal>ssh_keygen_alg()</literal> is invoked.</para> 1576 1577 <para revision="271095">Support for &man.vt.4; keyboard maps 1578 has been added to the <filename>syscons</filename> 1579 &man.rc.d.8; startup script.</para> 1580 1581 <para revision="271260">Support for subdirectories within 1582 <filename 1583 class="directory">/etc/rc.conf.d/<replaceable>service</replaceable>/</filename> 1584 has been added the &man.rc.d.8;. This allows creating 1585 separate configuration files for services such as 1586 <filename>netif</filename>, for example, where each network 1587 interface can have a separate configuration file.</para> 1588 1589 <para revision="272078">The default &man.rc.conf.5;, 1590 <filename>/etc/defaults/rc.conf</filename>, has been updated 1591 to include <filename 1592 class="directory">/usr/lib32/compat</filename> in the 1593 default <filename>ld-elf32.so.1</filename> search 1594 path.</para> 1595 </sect3> 1596 1597 <sect3 xml:id="periodic-scripts"> 1598 <title><filename>/etc/periodic</filename> Scripts</title> 1599 1600 <para revision="272430">The daily &man.periodic.8; script 1601 <filename>110.clean-tmps</filename> has been updated to 1602 avoid crossing filesystem mount boundaries when cleaning 1603 files in <filename class="directory">/tmp</filename>.</para> 1604 </sect3> 1605 </sect2> 1606 1607 <sect2 xml:id="contrib"> 1608 <title>Contributed Software</title> 1609 1610 <para revision="263285">The &man.xz.1; utility has been updated 1611 to a post-5.0.5 snapshot.</para> 1612 1613 <para revision="264377"><application>OpenSSH</application> has 1614 been updated to version 6.6p1.</para> 1615 1616 <para revision="264911">The &man.nc.1; utility has been updated 1617 to match the version in OpenBSD 5.5.</para> 1618 1619 <para revision="266692"><application>Sendmail</application> 1620 has been updated to 8.14.9.</para> 1621 1622 <para revision="268515">The &man.file.1; utility and 1623 &man.libmagic.3; library have been updated to 5.19.</para> 1624 1625 <para revision="268899">The &man.byacc.1; parser has been 1626 updated to version 20140422.</para> 1627 1628 <para revision="269024" contrib="sponsor" 1629 sponsor="&darpa_afrl;">The &man.lldb.1; debugging library has 1630 been updated to the r202189 snapshot.</para> 1631 1632 <para revision="269257">The &man.unbound.8; caching resolver and 1633 <literal>ldns</literal> have been updated to version 1634 1.4.22.</para> 1635 1636 <para revision="269847">The <quote>lite</quote> version of 1637 <application>Subversion</application> included in the 1638 &os; base system and its dependencies have been 1639 updated:</para> 1640 1641 <itemizedlist> 1642 <listitem> 1643 <para><application>apr</application> has been 1644 updated to version 1.5.1.</para> 1645 </listitem> 1646 1647 <listitem> 1648 <para><application>apr-util</application> has been 1649 updated to version 1.5.3.</para> 1650 </listitem> 1651 1652 <listitem> 1653 <para><application>serf</application> has been 1654 updated to version 1.3.7.</para> 1655 </listitem> 1656 1657 <listitem> 1658 <para><application>svnlite</application> has been 1659 updated to version 1.8.10.</para> 1660 </listitem> 1661 </itemizedlist> 1662 1663 <para revision="270026">The &man.nvi.1; editor has been 1664 update to version 2.1.2-c80f493b038.</para> 1665 1666 <para revision="270031">The &man.fparseln.3; library has 1667 been updated to version 1.7.</para> 1668 1669 <para revision="270415">The <application>lukemftpd</application> 1670 <acronym>FTP</acronym> server has been removed from the 1671 &os; base system.</para> 1672 1673 <para revision="270817">The timezone database has been updated 1674 to version tzdata2014f.</para> 1675 1676 <para revision="271947"><application>OpenPAM</application> has 1677 been updated to Ourouparia (20140912).</para> 1678 1679 <para revision="273399"><application>OpenSSL</application> has 1680 been updated to version 1.0.1j.</para> 1681 </sect2> 1682 1683 <sect2 xml:id="ports"> 1684 <title>Ports/Packages Collection Infrastructure</title> 1685 1686 <para>The &man.pkg.8; package management utility has been 1687 updated to version 1.3.8.</para> 1688 </sect2> 1689 1690 <sect2 xml:id="releng"> 1691 <title>Release Engineering and Integration</title> 1692 1693 <para revision="263028">The &man.services.mkdb.8; utility has 1694 been updated to include endianness awareness, allowing the 1695 <filename>services.db</filename> database to be created as 1696 part of the release build, regardless of native- or 1697 cross-built releases.</para> 1698 1699 <para revision="271470" contrib="sponsor" sponsor="&ff;">The 1700 <filename class="directory">release/</filename> scripts have 1701 been updated to produce <acronym>UEFI</acronym>-capable and 1702 <acronym>BIOS</acronym>-capable CD-ROM ISOs as well as memory 1703 stick images for the &os;/&arch.amd64; architecture.</para> 1704 1705 <para revision="271943" contrib="sponsor" sponsor="&ff;">The 1706 <filename>release/scripts/pkg-stage.sh</filename> script has 1707 been updated to include a symlink to the on-disc version of 1708 &man.pkg.8; in the <filename 1709 class="directory">packages/</filename> structure on the 1710 DVD installer. This allows the &man.pkg.7; bootstrap utility 1711 to properly locate the <filename>Latest/pkg.txz</filename> 1712 package on the DVD when <literal>REPOS_DIR</literal> is set to 1713 <filename class="directory">/dist/packages/repos</filename>, 1714 eliminating the need for a network connection or explicitly 1715 providing the path to the version included on the DVD 1716 installation medium.</para> 1717 1718 <para revision="273101" contrib="sponsor" sponsor="&ff;">The 1719 &os; Release Engineering build tools have been updated to 1720 provide support for building virtual machine disk images as 1721 part of the release build process using &man.mkimg.1;. The 1722 disk image formats currently supported include QCOW2, VHD, 1723 VMDK, and raw formats. See &man.release.7; for additional 1724 information.</para> 1725 1726 <para revision="273199" contrib="sponsor" sponsor="&ff;">The 1727 &os; Release Engineering build tools have been updated to 1728 provide support for building &os; virtual machine disk images 1729 for the µsoft; Azure cloud hosting platform. This 1730 functionality is not connected directly to the default 1731 <literal>release</literal> &man.make.1; target, however can be 1732 invoked by specifying the <literal>vm-azure</literal> target 1733 directly.</para> 1734 </sect2> 1735 </sect1> 1736 1737 <sect1 xml:id="upgrade"> 1738 <title>Upgrading from Previous Releases of &os;</title> 1739 1740 <para arch="amd64,i386">Binary upgrades between RELEASE versions 1741 (and snapshots of the various security branches) are supported 1742 using the &man.freebsd-update.8; utility. The binary upgrade 1743 procedure will update unmodified userland utilities, as well as 1744 unmodified <filename>GENERIC</filename> kernel distributed as 1745 a part of an official &os; release. The &man.freebsd-update.8; 1746 utility requires that the host being upgraded have Internet 1747 connectivity.</para> 1748 1749 <para>Source-based upgrades (those based on recompiling the &os; 1750 base system from source code) from previous versions are 1751 supported, according to the instructions in 1752 <filename>/usr/src/UPDATING</filename>.</para> 1753 1754 <important> 1755 <para>Upgrading &os; should only be attempted after 1756 backing up <emphasis>all</emphasis> data and configuration 1757 files.</para> 1758 </important> 1759 </sect1> 1760</article> 1761