article.xml revision 273608
1<?xml version="1.0" encoding="iso-8859-1"?> 2<!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook XML V5.0-Based Extension//EN" 3 "../../../share/xml/freebsd50.dtd" [ 4<!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN" "release.ent"> 5 %release; 6<!ENTITY % sponsor PUBLIC "-//FreeBSD//ENTITIES Sponsor Specification//EN" "sponsor.ent"> 7 %sponsor; 8<!ENTITY % vendor PUBLIC "-//FreeBSD//ENTITIES Vendor Specification//EN" "vendor.ent"> 9 %vendor; 10]> 11<article xmlns="http://docbook.org/ns/docbook" 12 xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0"> 13 14 <info> 15 <title>&os; &release.current; Release Notes</title> 16 17 <author> 18 <orgname>The &os; Project</orgname> 19 </author> 20 21 <pubdate>$FreeBSD: releng/10.1/release/doc/en_US.ISO8859-1/relnotes/article.xml 273608 2014-10-24 21:40:44Z gjb $</pubdate> 22 23 <copyright> 24 <year>2000</year> 25 <year>2001</year> 26 <year>2002</year> 27 <year>2003</year> 28 <year>2004</year> 29 <year>2005</year> 30 <year>2006</year> 31 <year>2007</year> 32 <year>2008</year> 33 <year>2009</year> 34 <year>2010</year> 35 <year>2011</year> 36 <year>2012</year> 37 <year>2013</year> 38 <year>2014</year> 39 <holder role="mailto:doc@FreeBSD.org">The &os; Documentation 40 Project</holder> 41 </copyright> 42 43 <legalnotice xml:id="trademarks" role="trademarks"> 44 &tm-attrib.freebsd; 45 &tm-attrib.ibm; 46 &tm-attrib.ieee; 47 &tm-attrib.intel; 48 &tm-attrib.sparc; 49 &tm-attrib.general; 50 </legalnotice> 51 52 <abstract> 53 <para>The release notes for &os; &release.current; contain 54 a summary of the changes made to the &os; base system on the 55 &release.branch; development line. This document lists 56 applicable security advisories that were issued since the last 57 release, as well as significant changes to the &os; kernel and 58 userland. Some brief remarks on upgrading are also 59 presented.</para> 60 </abstract> 61 </info> 62 63 <sect1 xml:id="intro"> 64 <title>Introduction</title> 65 66 <para>This document contains the release notes for &os; 67 &release.current;. It describes recently added, changed, or 68 deleted features of &os;. It also provides some notes on 69 upgrading from previous versions of &os;.</para> 70 71 <para releasetype="current">The &release.type; distribution to 72 which these release notes apply represents the latest point 73 along the &release.branch; development branch since 74 &release.branch; was created. Information regarding pre-built, 75 binary &release.type; distributions along this branch can be 76 found at <uri 77 xlink:href="&release.url;">&release.url;</uri>.</para> 78 79 <para releasetype="snapshot">The &release.type; distribution to 80 which these release notes apply represents a point along the 81 &release.branch; development branch between &release.prev; and 82 the future &release.next;. Information regarding pre-built, 83 binary &release.type; distributions along this branch can be 84 found at <uri 85 xlink:href="&release.url;">&release.url;</uri>.</para> 86 87 <para releasetype="release">This distribution of &os; 88 &release.current; is a &release.type; distribution. It can be 89 found at <uri xlink:href="&release.url;">&release.url;</uri> or 90 any of its mirrors. More information on obtaining this (or 91 other) &release.type; distributions of &os; can be found in the 92 <link 93 xlink:href="&url.books.handbook;/mirrors.html"><quote>Obtaining 94 &os;</quote> appendix</link> to the <link 95 xlink:href="&url.books.handbook;/">&os; 96 Handbook</link>.</para> 97 98 <para>All users are encouraged to consult the release errata 99 before installing &os;. The errata document is updated with 100 <quote>late-breaking</quote> information discovered late in the 101 release cycle or after the release. Typically, it contains 102 information on known bugs, security advisories, and corrections 103 to documentation. An up-to-date copy of the errata for &os; 104 &release.current; can be found on the &os; Web site.</para> 105 </sect1> 106 107 <sect1 xml:id="new"> 108 <title>What's New</title> 109 110 <para>This section describes the most user-visible new or changed 111 features in &os; since &release.prev;.</para> 112 113 <para>Typical release note items document recent security 114 advisories issued after &release.prev;, new drivers or hardware 115 support, new commands or options, major bug fixes, or 116 contributed software upgrades. They may also list changes to 117 major ports/packages or release engineering practices. Clearly 118 the release notes cannot list every single change made to &os; 119 between releases; this document focuses primarily on security 120 advisories, user-visible changes, and major architectural 121 improvements.</para> 122 123 <sect2 xml:id="security"> 124 <title>Security Advisories</title> 125 126 <para>The following security advisories have been issued since 127 &os; &release.prev;:</para> 128 129 <informaltable frame="none" pgwide="0"> 130 <tgroup cols="3"> 131 <colspec colwidth="1*" /> 132 <colspec colwidth="1*" /> 133 <colspec colwidth="3*" /> 134 <thead> 135 <row> 136 <entry>Advisory</entry> 137 <entry>Date</entry> 138 <entry>Topic</entry> 139 </row> 140 </thead> 141 142 <tbody> 143 <row> 144 <entry><link 145 xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-13:14.openssh.asc">SA-13:14.openssh</link></entry> 146 <entry>19 November 2013</entry> 147 <entry><para>OpenSSH AES-GCM memory corruption 148 vulnerability</para></entry> 149 </row> 150 151 <row> 152 <entry><link 153 xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:01.bsnmpd.asc">SA-14:01.bsnmpd</link></entry> 154 <entry>14 January 2014</entry> 155 <entry><para>bsnmpd remote denial of service 156 vulnerability</para></entry> 157 </row> 158 159 <row> 160 <entry><link 161 xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:02.ntpd.asc">SA-14:02.ntpd</link></entry> 162 <entry>14 January 2014</entry> 163 <entry><para>ntpd distributed reflection Denial of 164 Service vulnerability</para></entry> 165 </row> 166 167 <row> 168 <entry><link 169 xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:03.openssl.asc">SA-14:03.openssl</link></entry> 170 <entry>14 January 2014</entry> 171 <entry><para>OpenSSL multiple 172 vulnerabilities</para></entry> 173 </row> 174 175 <row> 176 <entry><link 177 xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:04.bind.asc">SA-14:04.bind</link></entry> 178 <entry>14 January 2014</entry> 179 <entry><para>BIND remote denial of service 180 vulnerability</para></entry> 181 </row> 182 183 <row> 184 <entry><link 185 xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:05.nfsserver.asc">SA-14:05.nfsserver</link></entry> 186 <entry>8 April 2014</entry> 187 <entry><para>Deadlock in the NFS server</para></entry> 188 </row> 189 190 <row> 191 <entry><link 192 xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:06.openssl.asc">SA-14:06.openssl</link></entry> 193 <entry>8 April 2014</entry> 194 <entry><para>OpenSSL multiple 195 vulnerabilities</para></entry> 196 </row> 197 198 <row> 199 <entry><link 200 xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:07.devfs.asc">SA-14:07.devfs</link></entry> 201 <entry>30 April 2014</entry> 202 <entry><para>Fix devfs rules not applied by default for 203 jails</para></entry> 204 </row> 205 206 <row> 207 <entry><link 208 xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:08.tcp.asc">SA-14:08.tcp</link></entry> 209 <entry>30 April 2014</entry> 210 <entry><para>Fix TCP reassembly 211 vulnerability</para></entry> 212 </row> 213 214 <row> 215 <entry><link 216 xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:09.openssl.asc">SA-14:09.openssl</link></entry> 217 <entry>30 April 2014</entry> 218 <entry><para>Fix OpenSSL use-after-free 219 vulnerability</para></entry> 220 </row> 221 222 <row> 223 <entry><link 224 xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:10.openssl.asc">SA-14:10.openssl</link></entry> 225 <entry>15 May 2014</entry> 226 <entry><para>Fix OpenSSL NULL pointer deference 227 vulnerability</para></entry> 228 </row> 229 230 <row> 231 <entry><link 232 xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:11.sendmail.asc">SA-14:11.sendmail</link></entry> 233 <entry>3 June 2014</entry> 234 <entry><para>Fix sendmail improper close-on-exec flag 235 handling</para></entry> 236 </row> 237 238 <row> 239 <entry><link 240 xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:13.pam.asc">SA-14:13.pam</link></entry> 241 <entry>3 June 2014</entry> 242 <entry><para>Fix incorrect error handling in PAM policy 243 parser</para></entry> 244 </row> 245 246 <row> 247 <entry><link 248 xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:14.openssl.asc">SA-14:14.openssl</link></entry> 249 <entry>5 June 2014</entry> 250 <entry><para>Multiple vulnerabilities</para></entry> 251 </row> 252 253 <row> 254 <entry><link 255 xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:15.iconv.asc">SA-14:15.iconv</link></entry> 256 <entry>24 June 2014</entry> 257 <entry><para>NULL pointer dereference and out-of-bounds 258 array access</para></entry> 259 </row> 260 261 <row> 262 <entry><link 263 xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:16.file.asc">SA-14:16.file</link></entry> 264 <entry>24 June 2014</entry> 265 <entry><para>Multiple vulnerabilities</para></entry> 266 </row> 267 268 <row> 269 <entry><link 270 xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:17.kmem.asc">SA-14:17.kmem</link></entry> 271 <entry>8 July 2014</entry> 272 <entry><para>Kernel memory disclosure in control 273 messages and SCTP notifications</para></entry> 274 </row> 275 276 <row> 277 <entry><link 278 xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:18.openssl.asc">SA-14:18.openssl</link></entry> 279 <entry>9 September 2014</entry> 280 <entry><para>Multiple vulnerabilities</para></entry> 281 </row> 282 283 <row> 284 <entry><link 285 xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:19.tcp.asc">SA-14:19.tcp</link></entry> 286 <entry>16 September 2014</entry> 287 <entry><para>Denial of Service in TCP packet 288 processing.</para></entry> 289 </row> 290 291 <row> 292 <entry><link xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:20.rtsold.asc">SA-14:20.rtsold</link></entry> 293 <entry>21 October 2014</entry> 294 <entry><para>Remote buffer overflow 295 vulnerability.</para></entry> 296 </row> 297 298 <row> 299 <entry><link xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:21.routed.asc">SA-14:21.routed</link></entry> 300 <entry>21 October 2014</entry> 301 <entry><para>Remote denial of service 302 vulnerability.</para></entry> 303 </row> 304 305 <row> 306 <entry><link xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:22.namei.asc">SA-14:22.namei</link></entry> 307 <entry>21 October 2014</entry> 308 <entry><para>Memory leak in sandboxed namei 309 lookup.</para></entry> 310 </row> 311 312 <row> 313 <entry><link xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:23.openssl.asc">SA-14:23.openssl</link></entry> 314 <entry>21 October 2014</entry> 315 <entry><para>Multiple vulerabilities.</para></entry> 316 </row> 317 </tbody> 318 </tgroup> 319 </informaltable> 320 321 </sect2> 322 323 <sect2 xml:id="kernel"> 324 <title>Kernel Changes</title> 325 326 <para revision="260431">A new &man.sysctl.8;, 327 <literal>kern.panic_reboot_wait_time</literal>, has been 328 added, which allows controlling how long the system will wait 329 after &man.panic.9; before rebooting.</para> 330 331 <para revision="262861">The &man.vt.4; driver has been merged 332 from &os;-CURRENT. To enable &man.vt.4;, enter 333 <literal>set kern.vty=vt</literal> at the &man.loader.8; 334 prompt during boot, or add <literal>kern.vty=vt</literal> to 335 &man.loader.conf.5; and reboot the system.</para> 336 337 <para revision="263122">Support for &man.hwpmc.4; has been added 338 for &powerpc; 970 class processors.</para> 339 340 <para revision="263197">Support for ADT7460 and ADT7467 fan 341 controllers found in newer PowerBooks™ and 342 iBooks™ has been added to the &man.iicbus.4; 343 driver.</para> 344 345 <para revision="263256">A panic triggered by removing 346 a &man.urtwn.4; device has been fixed.</para> 347 348 <para revision="263799">A potential deadlock in the &man.usb.4; 349 stack triggered by detaching USB devices that create character 350 devices has been fixed.</para> 351 352 <para revision="263869">Support for &amd; Family 16h sensor 353 devices has been added to &man.amdtemp.4;.</para> 354 355 <para revision="265610">The &man.uslcom.4; driver has been 356 updated to support 26 new devices.</para> 357 358 <para revision="266165">A kernel bug that inhibited proper 359 functionality of the <literal>dev.cpu.0.freq</literal> 360 &man.sysctl.8; on &intel; processors with Turbo 361 Boost™ enabled has been fixed.</para> 362 363 <para revision="266436">The &man.uart.4; driver has been 364 updated to include support for the &intel; Lynx Point 365 KT <acronym>AMT</acronym> serial port.</para> 366 367 <para revision="266594">The <literal>radeonkms(4)</literal> 368 driver has been updated to include 32-bit &man.ioctl.2; 369 support, allowing 32-bit applications to run on a 64-bit 370 system.</para> 371 372 <para revision="266718">A bug that would prevent 373 a &man.jail.8; from setting the correct IPv4 source address 374 with some operations that required 375 <literal>security.jail.allow_raw_sockets</literal> has been 376 fixed.</para> 377 378 <para revision="266911">The &man.hwpmc.4; driver has been 379 updated to support core events from the Atom™ 380 Silvermont architecture.</para> 381 382 <para revision="268046">The &man.oce.4; driver has been updated 383 with vendor-supplied fixes for big endian support, and 20GB/s 384 and 25GB/s link speeds.</para> 385 386 <para revision="270630">The &os; virtual memory subsystem 387 has been updated to implement <quote>fast path</quote> for 388 the page fault handler.</para> 389 390 <para revision="271069">The &man.asmc.4; driver has been updated 391 to support the &apple; Mac Mini 3,1.</para> 392 393 <para revision="271111">The &os;/&arch.powerpc64; default kernel 394 configuration, <filename>GENERIC64</filename>, has been 395 updated to enable the &man.vt.4; console driver for the 396 Sony® Playstation 3™ platform.</para> 397 398 <para revision="271116" contrib="sponsor" sponsor="&ff;">The 399 &os;/&arch.powerpc; <literal>ofwfb</literal> driver, used to 400 provide a graphics console when the &man.vt.4; console driver 401 is used, has been modified to work with the <filename 402 role="package">x11-drivers/xf86-video-scfb</filename> 403 port.</para> 404 405 <note> 406 <para>If using an <acronym>ATI</acronym> graphics card with 407 the &man.vt.4; driver, the <filename 408 role="package">x11-servers/xorg-server</filename> package 409 must be updated to version 1.12.4_8 or newer.</para> 410 </note> 411 412 <para revision="271128" contrib="sponsor" sponsor="&ff;">Several 413 performance enchancements to the &man.vt.4; driver have been 414 merged from &os;-CURRENT.</para> 415 416 <para revision="271153">The default stack size 417 (<literal>KSTACK_PAGES</literal>) has been increased from 418 <literal>4</literal> to <literal>8</literal> for the 419 &arch.powerpc64; architecture.</para> 420 421 <para revision="271205">The &os;/&arch.powerpc; ATI driver 422 has been updated to support enabling and disabling the 423 Radeon 9700 backlight, found in the 424 &apple; PowerBook™ G4.</para> 425 426 <para revision="271816">Hardware context support has been 427 added to the <literal>drm/i915</literal> driver, adding 428 support for <application>Mesa</application> 9.2 and 429 later.</para> 430 431 <sect3 xml:id="kernel-virtualization"> 432 <title>Virtualization Support</title> 433 434 <para revision="259450">Support for µsoft; Hyper-V 435 has been added to &os;/i386 as loadable modules, however 436 not available in the <filename>GENERIC</filename> kernel 437 configuration.</para> 438 439 <para revision="261090">The &man.bhyve.4; hypervisor now 440 supports soft power-off functionality via the ACPI S5 441 state.</para> 442 443 <para revision="267399">Support for &os;/i386 guests has been 444 added to &man.bhyve.4;.</para> 445 446 <para revision="267427">Support for virtualized 447 <literal>XSAVE</literal> has been added to &man.bhyve.4;, 448 allowing guest operating systems to use 449 <literal>XSAVE</literal> and 450 <literal>XSAVE</literal>-enabled features, such as 451 <acronym>AVX</acronym>.</para> 452 453 <para revision="268932">The &man.bhyve.4; hypervisor now 454 supports booting from a &man.zfs.8; filesystem.</para> 455 456 <para revision="268933">A new driver, &man.virtio_random.4;, 457 has been added, which allows &os; virtual machines to 458 harvest entropy from the hypervisor.</para> 459 460 <para revision="270159">The &man.bhyve.4; hypervisor has been 461 synced with the version in &os;-CURRENT.</para> 462 463 <para>A number of enhancements have been added, and several 464 bug fixes, including:</para> 465 466 <itemizedlist> 467 <listitem> 468 <para>Post-mortem debugging has been added when 469 a guest virtual machine exits with an 470 <quote><acronym>EPT</acronym> Misconfiguration</quote> 471 error.</para> 472 </listitem> 473 474 <listitem> 475 <para>The hypervisor &man.virtio.4; <acronym>API</acronym> 476 has been expanded from 32- to 64-bit.</para> 477 </listitem> 478 479 <listitem> 480 <para>Support for identifying capabilities of the virtual 481 <acronym>CPU</acronym> has been added.</para> 482 </listitem> 483 484 <listitem> 485 <para>Support for emulating legacy x86 task 486 switching has been added.</para> 487 </listitem> 488 489 <listitem> 490 <para>Support to list the VT-x features in base kernel 491 &man.dmesg.8; has been added.</para> 492 </listitem> 493 494 <listitem> 495 <para>Support for extended PCI configuration space 496 has been added.</para> 497 </listitem> 498 </itemizedlist> 499 </sect3> 500 501 <sect3 xml:id="kernel-arm"> 502 <title>ARM Support</title> 503 504 <para revision="259355">The <filename>WANDBOARD</filename> 505 kernel configuration file has been added.</para> 506 507 <para revision="265067">Boot devices may now be specified by 508 setting a u-boot environment variable. If a boot device is 509 not specified, the probe mechanism will be used. To specify 510 the boot device, set the 511 <literal>loaderdev=<replaceable>device</replaceable></literal> 512 u-boot environment variable.</para> 513 514 <para revision="266000">The <literal>nexus(4)</literal> driver 515 has been updated to include <quote>Flattened Device 516 Tree</quote> support, replacing the &man.fdtbus.4; driver 517 in most cases.</para> 518 519 <para revision="266105">The &man.gpioiic.4; and 520 &man.gpioled.4; have been merged from &os;-CURRENT.</para> 521 522 <para>Support for hardware floating point was added to the 523 kernel, and enabled by default in the configuration files 524 for all platforms that contain the required hardware.</para> 525 526 <para><application>C++</application> exception handling now 527 works with <application>GCC</application>.</para> 528 529 <para>Support for <acronym>SMP</acronym> was added to the 530 kernel, and enabled by default in the configuration files 531 for all platforms that contain multi-core CPUs.</para> 532 533 <para>Support was added for:</para> 534 535 <itemizedlist> 536 <listitem> 537 <para>CHROMEBOOK (Samsung Exynos 5250)</para> 538 </listitem> 539 540 <listitem> 541 <para>COLIBRI (Freescale Vybrid)</para> 542 </listitem> 543 544 <listitem> 545 <para>COSMIC (Freescale Vybrid)</para> 546 </listitem> 547 548 <listitem> 549 <para>IMX53-QSB (Freescale i.MX53)</para> 550 </listitem> 551 552 <listitem> 553 <para>QUARTZ (Freescale Vybrid)</para> 554 </listitem> 555 556 <listitem> 557 <para>RADXA (Rockchip rk30xx)</para> 558 </listitem> 559 560 <listitem> 561 <para>WANDBOARD (Freescale i.MX6)</para> 562 </listitem> 563 </itemizedlist> 564 565 <para>An <acronym>I2C</acronym> driver was added for 566 the RaspberryPi.</para> 567 568 <para>Drivers have been added to support <acronym>TI</acronym> 569 platforms, such as BEAGLEBONE and PANDABOARD:</para> 570 571 <itemizedlist> 572 <listitem> 573 <para>PRUSS (Programmable Realtime Unit Subsystem)</para> 574 </listitem> 575 576 <listitem> 577 <para>MBOX (Mailbox hardware)</para> 578 </listitem> 579 580 <listitem> 581 <para>SDHCI (new faster driver for 582 <acronym>MMC</acronym>/<acronym>SD</acronym> 583 storage)</para> 584 </listitem> 585 586 <listitem> 587 <para>PPS (Pulse Per Second input on a 588 <acronym>GPIO</acronym>/timer pin)</para> 589 </listitem> 590 591 <listitem> 592 <para>PWM (Pulse Width Modulation output)</para> 593 </listitem> 594 595 <listitem> 596 <para>ADC (Analog to Digital converter)</para> 597 </listitem> 598 </itemizedlist> 599 </sect3> 600 601 <sect3 xml:id="boot"> 602 <title>Boot Loader Changes</title> 603 604 <para revision="262701">A kernel selection menu has been added 605 to &man.loader.8;. If the <quote>beastie menu</quote> is 606 enabled, the kernel to boot may be selected from the kernel 607 selection menu. Additional kernels may be listed in 608 &man.loader.conf.5; as a comma- or space-separated list. By 609 default, <literal>kernel</literal> and 610 <literal>kernel.old</literal> are listed.</para> 611 612 <para revision="271130" contrib="sponsor" sponsor="&ff;">The 613 <filename class="directory">sys/boot/</filename> sources 614 have been rearranged, moving &man.libstand.3; to a directory 615 indicating the library is built as 32-bit.</para> 616 617 <para revision="271135" contrib="sponsor" sponsor="&ff;">The 618 &man.libstand.3; library has been updated to produce 619 a 64-bit shared library for the &os;/&arch.amd64; and 620 &os;/&arch.powerpc64; architectures.</para> 621 622 <para revision="271135" contrib="sponsor" 623 sponsor="&ff;">Initial support for <acronym>UEFI</acronym> 624 boot has been added.</para> 625 626 <para revision="271136" contrib="sponsor" sponsor="&ff;">Three 627 new files are installed to <filename 628 class="directory">/boot</filename>, supporting 629 <acronym>UEFI</acronym> boot:</para> 630 631 <itemizedlist> 632 <listitem> 633 <para><filename>boot1.efi</filename>: The 634 <acronym>UEFI</acronym> first stage bootstrap 635 file.</para> 636 </listitem> 637 638 <listitem> 639 <para><filename>boot1.efifat</filename>: 640 A <acronym>FAT</acronym> filesystem image containing 641 an <acronym>EFI</acronym> system partition.</para> 642 </listitem> 643 644 <listitem> 645 <para><filename>loader.efi</filename>: The third stage 646 bootstrap file.</para> 647 </listitem> 648 </itemizedlist> 649 650 <para revision="271880">Serial console and null console 651 support has been added to the <acronym>UEFI</acronym> boot 652 loader.</para> 653 654 <para revision="272006">Support has been added to cache 655 &man.geli.8; passphrases during system boot. When a system 656 is configured with multiple <literal>GEOM_ELI</literal> 657 providers all using the same passphrase, the passphrase that 658 is cached after the first entry is used for the subsequent 659 <literal>GEOM_ELI</literal> provider. If the passphrase in 660 the cache is incorrect, then a prompt for the passphrase for 661 the next provider is displayed.</para> 662 </sect3> 663 664 <sect3 xml:id="proc"> 665 <title>Hardware Support</title> 666 667 <sect4 xml:id="net-if"> 668 <title>Network Interface Support</title> 669 670 <para revision="259453">Support for Ralink RT5370 and 671 RT5372 chipsets has been added to the &man.run.4; 672 driver.</para> 673 674 <para revision="260120">Firmware for the &man.run.4; driver 675 has been updated to version 0.33.</para> 676 677 <para revision="261868">Support for the Ralink RT3593 678 chipset has been added to the &man.run.4; driver.</para> 679 680 <para revision="261972">The &man.nve.4; driver is now 681 deprecated, and the &man.nfe.4; driver should be used 682 instead.</para> 683 684 <para revision="262137">Support for the &man.axge.4; driver 685 has been added. This driver supports the ASIX AX88178A 686 and AX88179 USB ethernet adapters. The AX88178A supports 687 USB 2.0, and the AX88179 supports USB 2.0 and 3.0.</para> 688 689 <para revision="262363">The &man.urndis.4; driver has been 690 imported from OpenBSD.</para> 691 692 <para revision="264866">Support for multiple 693 transmitter/receiver queues has been added to the 694 &man.vmx.4; driver.</para> 695 696 <note> 697 <para>The &os; guest operating system must have 698 <acronym>MSIX</acronym> enabled as a prerequisite for 699 multiple queues.</para> 700 </note> 701 702 <para revision="265345">Support for the ASUS USB-N10 Nano 703 wireless card has been added to the &man.urtwn.4; 704 driver.</para> 705 706 <para revision="266212">Transmission checksum offloading has 707 been disabled for the RTL8168C and RTL8168CP chipsets in 708 the &man.re.4; driver for TCP and UDP frames. This is 709 due to a report of UDP datagrams with IP options 710 generating corrupt frames.</para> 711 712 <para revision="266578">Preliminary support has been added 713 to the &man.urtwn.4; driver for the Realtek RTL8188EUS and 714 RTL8188ETV chipsets.</para> 715 716 <para revision="267694">A bug in the fast receiver buffer 717 recycle path has been fixed in the &man.cxgbe.4; 718 driver.</para> 719 720 <para revision="267849" contrib="vendor" 721 vendor="&chelsio;">The bundled &man.cxgbe.4; firmware for 722 T4 and T5 cards has been updated to version 723 1.11.27.0.</para> 724 725 <para revision="269196">The &man.em.4; driver has been 726 updated to version 7.4.2.</para> 727 728 <para revision="269975">The &man.ixgbe.4; tunables have been 729 renamed to match their &man.sysctl.8; counterparts:</para> 730 731 <informaltable frame="none" pgwide="0"> 732 <tgroup cols="2"> 733 <colspec colwidth="1*"/> 734 <colspec colwidth="1*"/> 735 <thead> 736 <row> 737 <entry>Old Name</entry> 738 <entry>New Name</entry> 739 </row> 740 </thead> 741 742 <tbody> 743 <row> 744 <entry><literal>hw.ixgbe.enable_aim</literal></entry> 745 <entry><literal>hw.ix.enable_aim</literal></entry> 746 </row> 747 748 <row> 749 <entry><literal>hw.ixgbe.max_interrupt_rate</literal></entry> 750 <entry><literal>hw.ix.max_interrupt_rate</literal></entry> 751 </row> 752 753 <row> 754 <entry><literal>hw.ixgbe.rx_process_limit</literal></entry> 755 <entry><literal>hw.ix.rx_process_limit</literal></entry> 756 </row> 757 758 <row> 759 <entry><literal>hw.ixgbe.tx_process_limit</literal></entry> 760 <entry><literal>hw.ix.tx_process_limit</literal></entry> 761 </row> 762 763 <row> 764 <entry><literal>hw.ixgbe.enable_msix</literal></entry> 765 <entry><literal>hw.ix.enable_msix</literal></entry> 766 </row> 767 768 <row> 769 <entry><literal>hw.ixgbe.num_queues</literal></entry> 770 <entry><literal>hw.ix.num_queues</literal></entry> 771 </row> 772 773 <row> 774 <entry><literal>hw.ixgbe.txd</literal></entry> 775 <entry><literal>hw.ix.txd</literal></entry> 776 </row> 777 778 <row> 779 <entry><literal>hw.ixgbe.rxd</literal></entry> 780 <entry><literal>hw.ix.rxd</literal></entry> 781 </row> 782 783 <row> 784 <entry><literal>hw.ixgbe.unsupported_sfp</literal></entry> 785 <entry><literal>hw.ix.unsupported_sfp</literal></entry> 786 </row> 787 </tbody> 788 </tgroup> 789 </informaltable> 790 791 <para>Be sure to update &man.loader.conf.5; if using the 792 old tunables before upgrading to 793 &os; &release.current;.</para> 794 795 <para revision="270061">The &man.if.nf10bmac.4; driver has 796 been merged from &os;-CURRENT to support the NetFPGA-10G 797 Embedded CPU Ethernet Core.</para> 798 799 <para revision="270297">The &man.cxgbe.4; driver has been 800 updated to support &man.netmap.4; for the T5 10G/40G 801 cards.</para> 802 803 <para revision="270509">The &man.vtnet.4; driver has been 804 updated to support &man.netmap.4;.</para> 805 806 <para revision="270514">The &man.urtwn.4; driver has been 807 updated to support the ASUS USB-AC51 wireless card.</para> 808 809 <para revision="270631">The &intel; XL710 ethernet 810 controller driver, <literal>ixlv(4)</literal>, has been 811 merged from &os;-CURRENT.</para> 812 </sect4> 813 </sect3> 814 815 <sect3 xml:id="net-proto"> 816 <title>Network Protocols</title> 817 818 <para revision="265946">Support for the UDP-Lite protocol 819 (RFC 3828) has been added to the IPv4 and IPv6 820 stacks.</para> 821 822 <para revision="267771">A bug in &man.sctp.4; that would allow 823 two listening sockets bound to the same port has been 824 fixed.</para> 825 826 <para contrib="sponsor" sponsor="&ix;">Kernel RPC code, which 827 is a base of NFS server took multiple optimizations, that 828 significantly improved its performance and 829 <acronym>SMP</acronym> scalability.</para> 830 831 <para revision="269065" contrib="sponsor" sponsor="&ff;">The 832 <acronym>iSCSI</acronym> initiator has been updated to 833 support redirection handling when an 834 <acronym>iSCSI</acronym> device is configured with multiple 835 <acronym>IP</acronym> addresses across different network 836 interfaces. Previously, clients connecting to 837 such <acronym>iSCSI</acronym> devices could require 838 additional client-side configuration.</para> 839 840 <para revision="265523" contrib="sponsor" sponsor="&ff;">A new 841 &man.sysctl.8;, 842 <literal>kern.iscsi.fail_on_disconnection</literal>, has 843 been added, which allows <acronym>iSCSI</acronym> clients to 844 remove the attached disk device when the connection to the 845 target is dropped, where previously I/O would stop until the 846 connection is restored.</para> 847 848 <para revision="265524" contrib="sponsor" sponsor="&ff;">The 849 <acronym>iSCSI</acronym> transmit code has been optimized 850 to coalesce <acronym>PDUs</acronym> and avoid lock 851 contention.</para> 852 853 <para revision="265524" contrib="sponsor" 854 sponsor="&ix;">Several performance optimizations have been 855 made to the <acronym>iSCSI</acronym> subsystem, including 856 deferring wakeup until enough data has been received to 857 read or write a file, reducing <acronym>CPU</acronym> usage 858 and throughput performance with large I/O workloads.</para> 859 860 <para revision="263720" contrib="sponsor" 861 sponsor="&ff;">Support for hostname- and IP-based access 862 restriction has been added to the <acronym>iSCSI</acronym> 863 &man.ctld.8; daemon.</para> 864 865 <para revision="263725" contrib="sponsor" 866 sponsor="&ff;">The &man.ctld.8; daemon has been updated 867 to allow overriding the <quote>default</quote> 868 <literal>portal-group</literal> configuration.</para> 869 870 <para revision="263726" contrib="sponsor" 871 sponsor="&ff;">The &man.ctld.8; daemon now includes a new 872 <literal>auth-group</literal>, <quote>default</quote>, 873 defaulting to <literal>deny</literal>, which is possible 874 to override.</para> 875 </sect3> 876 877 <sect3 xml:id="disks"> 878 <title>Disks and Storage</title> 879 880 <para revision="260385" contrib="sponsor" sponsor="&ix;">The 881 &man.geom.4; subsystem has been updated to support I/O 882 direct dispatch. When safety requirements are met, it 883 enables avoiding passing I/O requests to GEOM 884 <literal>g_up</literal>/<literal>g_down</literal> thread, 885 executing them directly in the caller context, avoiding 886 CPU bottlenecks in 887 <literal>g_up</literal>/<literal>g_down</literal> threads, 888 plus avoid several context switches per I/O.</para> 889 890 <para revision="260385" contrib="sponsor" sponsor="&ix;">The 891 &man.geom.4; RAID driver has been 892 updated to support unmapped I/O.</para> 893 894 <para revision="260387" contrib="sponsor" sponsor="&ix;">The 895 &man.cam.4; subsystem has been updated to support 896 finer-grained locking, direct dispatch and multi-queue, 897 which combined with &man.geom.4; direct dispatch, reduces 898 lock congestion and improves <acronym>SMP</acronym> 899 scalability of the SCSI/ATA stack.</para> 900 901 <para revision="260478">The &man.geom.8; 902 <literal>GEOM_MULTIPATH</literal> class has been updated to 903 support automatic live partition resizing.</para> 904 905 <para revision="260857">The &man.virtio_blk.4; driver has been 906 updated to support unmapped I/O.</para> 907 908 <para revision="260858">The &man.virtio_scsi.4; driver has 909 been updated to support unmapped I/O.</para> 910 911 <para revision="264522">Support for LUN-based CD changers has 912 been removed from the &man.cd.4; driver.</para> 913 914 <para revision="264732">Support for 915 <literal>BIO_DELETE</literal> has been added to &man.zfs.8; 916 <literal>zvol</literal> volumes.</para> 917 918 <para revision="264734">Support for 9th generation HP host bus 919 adapter cards has been added to &man.ciss.4;.</para> 920 921 <para revision="265388" contrib="sponsor" sponsor="&lsi;">The 922 &man.mpr.4; device has been added, 923 providing support for LSI Fusion-MPT 3 12Gb SCSI/SATA 924 controllers.</para> 925 926 <para revision="265678">A new <literal>zvol</literal> property 927 <literal>volmode</literal> and &man.sysctl.8; 928 <literal>vfs.zfs.vol.mode</literal> has been added to allow 929 switching <literal>zvol</literal> between three different 930 ways of exposing it to a user: <literal>geom</literal>, 931 <literal>dev</literal> and <literal>none</literal>.</para> 932 933 <para revision="265922" contrib="sponsor" sponsor="&lsi;">The 934 &man.mrsas.4; driver has been added, providing support for 935 LSI MegaRAID SAS controllers. The &man.mfi.4; driver will 936 attach to the controller, by default. To enable 937 &man.mrsas.4; add <literal>hw.mfi.mrsas_enable=1</literal> 938 to <filename>/boot/loader.conf</filename>, which turns off 939 &man.mfi.4; device probing.</para> 940 941 <note> 942 <para>At this time, the &man.mfiutil.8; utility and the &os; 943 version of <application>MegaCLI</application> and 944 <application>StorCli</application> do not work with 945 &man.mrsas.4;.</para> 946 </note> 947 948 <para revision="266608">Fixed accounting of 949 <literal>BIO_FLUSH</literal> operation in &man.geom.8; 950 <literal>GEOM_DISK</literal> class</para> 951 952 <para revision="266610">The &man.gstat.8; utility now has an 953 <literal>-o</literal> option, to display 954 <quote>other</quote> operations, such as 955 <literal>BIO_FLUSH</literal>.</para> 956 957 <para revision="267084">The &man.mfi.4; driver has been 958 updated to include support for unmapped I/O.</para> 959 960 <para revision="267457">The &man.hpt27xx.4; driver has been 961 updated with various vendor-supplied bug fixes.</para> 962 963 <para revision="270130" contrib="sponsor" 964 sponsor="&citrix.rd;">Support for unmapped I/O has been 965 added to the &man.xen.4; <literal>blkfront</literal> 966 driver.</para> 967 968 <para revision="259328" contrib="sponsor" sponsor="&ff;">The 969 &man.geom.8; <literal>label</literal> class is now aware of 970 resized partitions. This corrects an issue where 971 <command>geom resize</command> would resize the partition, 972 but the label provider in <filename 973 class="directory">/dev/gptid/</filename> would not be 974 resized.</para> 975 976 <para revision="260502">The &man.gmirror.8; 977 utility now has a <literal>resize</literal> command, making 978 it easier to resize the size of a mirror when all of its 979 components have been replaced.</para> 980 981 <para revision="262967">Support for MegaRAID Fury cards has 982 been added to the &man.mfi.4; driver.</para> 983 984 <para revision="263024">The &man.aacraid.4; driver has been 985 updated to version 3.2.5.</para> 986 987 <para revision="265536">The <literal>GEOM_VINUM</literal> 988 option is now able to be built both directly into the kernel 989 or as a &man.kldload.8; loadable module.</para> 990 991 <para revision="265912">The &man.geom.8; 992 <literal>GEOM_PART</literal> class has been updated to 993 support automatic partition resizing. Changes to the 994 partition size are not saved to disk until 995 <command>gpart commit</command> is run, and prior to saving, 996 can be reverted with <command>gpart undo</command>.</para> 997 998 <para revision="266220">The &man.geom.uncompress.4; module is 999 built by default which, similar to &man.geom.uzip.4;, 1000 provides support for compressed, read-only disk 1001 images.</para> 1002 1003 <para revision="268091">Support for the 1004 <literal>disklabel64</literal> partitioning scheme has been 1005 added to &man.gpart.8;.</para> 1006 1007 <para revision="270552">A new &man.sysctl.8; and 1008 &man.loader.8; tunable, 1009 <literal>kern.geom.part.mbr.enforce_chs</literal> has been 1010 added to the &man.geom.8; <literal>MBR</literal> partition 1011 class. When set to a non-zero value, 1012 <literal>GEOM_PART_MBR</literal> will automatically 1013 recalculate the user-specified offset and size for alignment 1014 with the disk geometry.</para> 1015 1016 <para contrib="sponsor" sponsor="&ix;">Many improvements to 1017 the CAM Target Layer (CTL):</para> 1018 <itemizedlist> 1019 <listitem> 1020 <para>Support for <literal>UNMAP</literal>, <literal>WRITE 1021 SAME</literal>, <literal>COMPARE AND WRITE</literal>, 1022 <literal>XCOPY</literal> and some other SCSI commands 1023 was added to support VMWare VAAI and Microsoft ODX 1024 storage acceleration.</para> 1025 </listitem> 1026 <listitem> 1027 <para revision="265642">The 1028 <literal>READ</literal>/<literal>WRITE</literal> size 1029 limitations were removed by supporting multiple 1030 data moves per command.</para> 1031 </listitem> 1032 <listitem> 1033 <para revision="268556">Finer-grained per-LUN locking and 1034 multiple worker threads for better 1035 <acronym>SMP</acronym> scapability.</para> 1036 </listitem> 1037 <listitem> 1038 <para revision="269297">Memory consumption reduced by 1039 several times by disabling some never used 1040 functionality.</para> 1041 </listitem> 1042 <listitem> 1043 <para revision="269298">The maximum number of 1044 <acronym>SCSI</acronym> ports increased from 32 to 1045 128.</para> 1046 </listitem> 1047 <listitem> 1048 <para revision="269429">Improved <literal>zvol</literal> 1049 integration for better performance.</para> 1050 </listitem> 1051 </itemizedlist> 1052 1053 <para revision="270810" contrib="vendor" 1054 vendor="&highpoint;">The &man.hptnr.4; driver has been 1055 updated to version 1.0.1.</para> 1056 1057 <para revision="271234">The &man.mrsas.4; driver has been 1058 added to the <filename>GENERIC</filename> kernel 1059 configuration on &arch.amd64; and &arch.i386; 1060 architectures.</para> 1061 </sect3> 1062 1063 <sect3 xml:id="fs"> 1064 <title>File Systems</title> 1065 1066 <para revision="260338">The 1067 <literal>vfs.zfs.zio.use_uma</literal> &man.sysctl.8; has 1068 been re-enabled. On multi-CPU machines with enough RAM, 1069 this can easily double &man.zfs.8; performance or reduce CPU 1070 usage in half. It was originally disabled due to memory and 1071 <acronym>KVA</acronym> exhaustion problem reports, which 1072 should be resolved due to several changes in the VM 1073 subsystem.</para> 1074 1075 <para revision="260178" contrib="vendor" 1076 vendor="&netflix;">A new flag, <literal>-R</literal>, 1077 has been added to the &man.fsck.ffs.8; utility. When used, 1078 &man.fsck.ffs.8; will restart itself when too many critical 1079 errors have been detected.</para> 1080 1081 <para revision="263407">The &man.zfs.8; filesystem has been 1082 updated to implement <quote>bookmarks</quote>. See 1083 &man.zfs.8; for further details.</para> 1084 1085 <para revision="266122">The &man.zfs.8; filesystem has been 1086 updated to allow tuning the minimum <quote>ashift</quote> 1087 value when creating new top-level virtual devices (vdevs). 1088 To set the minimum ashift value, for example when creating 1089 a &man.zpool.8; on <quote>Advanced Format</quote> drives, 1090 set the <literal>vfs.zfs.min_auto_ashift</literal> 1091 &man.sysctl.8; accordingly.</para> 1092 1093 <para revision="266612">The <literal>libzfs</literal> thread 1094 pool <acronym>API</acronym> has been imported from 1095 OpenSolaris, and adapted for &os;. This change allows 1096 parallel disk scanning, which can reduce &man.zpool.8; 1097 overall import time in some workloads.</para> 1098 1099 <para revision="269651">The &man.restore.8; utility has been 1100 updated to prevent assertion failures when restoring 1101 a <acronym>UFS</acronym> filesystem dump to 1102 a <acronym>ZFS</acronym> filesystem by writing restored 1103 files in block sizes that are a multiple of 1024.</para> 1104 1105 <para revision="269774">Two &man.sysctl.8;s have been added 1106 to the &man.zfs.8; filesystem:</para> 1107 1108 <itemizedlist> 1109 <listitem> 1110 <para> 1111 <literal>vfs.zfs.mg_fragmentation_threshold</literal>: The 1112 percentage of the metaslab group size that should be 1113 considered eligible for allocation, unless all metaslab 1114 groups within the metaslab class have also crossed this 1115 threshold.</para> 1116 </listitem> 1117 1118 <listitem> 1119 <para> 1120 <literal>vfs.zfs.metaslab.fragmentation_threshold</literal>: The 1121 maximum percentage of metaslab fragmentation level to 1122 keep their active state</para> 1123 </listitem> 1124 </itemizedlist> 1125 1126 <para revision="269846">The default &man.zfs.8; 1127 <acronym>ARC</acronym> hash table size has been increased, 1128 and a new &man.loader.8; tunable, 1129 <literal>vfs.zfs.arc_average_blocksize</literal>, has been 1130 added. Previously, the hash table could be too small, which 1131 would lead to long hash chains and limit performance for 1132 cached reads. The 1133 <literal>vfs.zfs.arc_average_blocksize</literal> tunable 1134 allows overriding the default block size. The previous 1135 default was 65536, and default of the new &man.loader.8; 1136 tunable is 8192.</para> 1137 1138 <para revision="270157">The Fast File System 1139 (<acronym>FFS</acronym>) has been updated to support 1140 multi-threaded soft updates. Previously, soft updates were 1141 handled by a single thread, and as of this change, now have 1142 one thread per <acronym>FFS</acronym> mountpoint.</para> 1143 1144 <para revision="270892" contrib="sponsor" sponsor="&ff;">The 1145 new filesystem automount facility, &man.autofs.5;, has been 1146 merged from &os;-CURRENT. The new &man.autofs.5; facility 1147 is similar to that found in other &unix;-like operating 1148 systems, such as OS X™ and Solaris™. The 1149 &man.autofs.5; facility uses a &sun;-compatible 1150 &man.auto.master.5; configuration file, and is administered 1151 with the &man.automount.8; userland utility, and the 1152 &man.automountd.8; and &man.autounmountd.8; daemons.</para> 1153 </sect3> 1154 </sect2> 1155 1156 <sect2 xml:id="userland"> 1157 <title>Userland Changes</title> 1158 1159 <para revision="260177" contrib="sponsor" 1160 sponsor="&netflix;">A new flag is added to &man.camcontrol.8;, 1161 <literal>-b</literal>, which outputs the existing buses and 1162 their parents.</para> 1163 1164 <para revision="262075">The &man.newsyslog.8; utility has been 1165 updated to rotate files based on the actual file size instead 1166 of the blocks on disk. This matches the behavior documented 1167 in &man.newsyslog.conf.5;.</para> 1168 1169 <para revision="262384">The location of the &man.rctl.8; 1170 configuration file can now be overridden in &man.rc.conf.5;. 1171 To use a non-default location, set 1172 <literal>rctl_rules</literal> in &man.rc.conf.5; to the 1173 location of the file.</para> 1174 1175 <para revision="262855">The <application>ATF</application> test 1176 suite has been updated to version 0.20. The test suite is 1177 disabled by default in &os; 10.1, and can be enabled by 1178 adding <literal>WITH_TESTS=yes</literal> to 1179 &man.src.conf.5;.</para> 1180 1181 <para revision="263019">The <literal>libucl</literal> library 1182 (Unified Configuration Library) has been merged from 1183 &os;-CURRENT.</para> 1184 1185 <para revision="263020">The &man.pkg.7; bootstrapping utility 1186 has been synced with the version in &os;-CURRENT.</para> 1187 1188 <para revision="263403">The &man.zfs.8; userland utility has 1189 been updated to include aliases for 1190 <command>snapshot</command>, which allows use of <command>zfs 1191 list -t snap</command> and <command>zfs 1192 snap</command>.</para> 1193 1194 <para revision="263405">The &man.zfs.8; userland utility has 1195 been updated to include a new flag to <command>zfs 1196 list</command>, <literal>-p</literal>, which when specified, 1197 prints the output in a parsable format.</para> 1198 1199 <para revision="263783">The Blowfish password format 1200 implementation has been updated. Support for 1201 $2b$ has been added, allowing use of passwords 1202 greater than 256 characters long.</para> 1203 1204 <para revision="264497">The &man.iconv.3; library has been 1205 updated to match NetBSD, providing several bug fixes.</para> 1206 1207 <para revision="265265">The &man.date.1; utility has been 1208 updated to include a new flag, <literal>-R</literal>, which 1209 prints the date and time output as specified in RFC 1210 2822.</para> 1211 1212 <para revision="265533">The &man.bc.1; utility has been updated 1213 to version 1.1, in sync with the version in OpenBSD.</para> 1214 1215 <para revision="265604" contrib="vendor" 1216 vendor="&netflix;">The &man.pmcstat.8; utility has been 1217 updated to include a new flag, <literal>-a</literal>, which 1218 when specified, produces a full stack track on the sampled 1219 points.</para> 1220 1221 <para revision="265701">The &man.netstat.8; and &man.route.8; 1222 utilities have been updated to include a shorthand equivalent 1223 to the <literal>-f inet</literal> and <literal>-f 1224 inet6</literal> address specifiers, <literal>-4</literal> 1225 and <literal>-6</literal>, respectively.</para> 1226 1227 <para revision="265879">The &man.crypt.3; library now defaults 1228 to SHA512 for password hashing.</para> 1229 1230 <para revision="266014">The &man.gvinum.8; utility has been 1231 updated to allow forceful configuration reset with the 1232 <literal>-f</literal> flag. Additionally, a bug that would 1233 prevent <literal>-f</literal> from properly creating 1234 a &man.gvinum.8; configuration has been fixed.</para> 1235 1236 <para revision="266029">The &man.login.conf.5; file now takes 1237 precedence over the shell-specific environment files. In 1238 particular, the <literal>PATH</literal>, 1239 <literal>BLOCKSIZE</literal> variables are commented from 1240 <filename>/usr/share/skel/dot.profile</filename>, and the 1241 <literal>path</literal>, <literal>BLOCKSIZE</literal>, and 1242 <literal>umask</literal> variables have been commented from 1243 <filename>/usr/share/skel/dot.cshrc</filename>.</para> 1244 1245 <para revision="266272">The &man.binmiscctl.8; userland utility 1246 and related image activator features have been merged from 1247 &os;-CURRENT.</para> 1248 1249 <para revision="266279">The &man.ps.1; utility has been 1250 updated to include the <literal>-J</literal> flag, used to 1251 filter output by matching &man.jail.8; IDs and names. 1252 Additionally, argument <literal>0</literal> can be used to 1253 <literal>-J</literal> to only list processes running on the 1254 host system.</para> 1255 1256 <para revision="266280">The &man.top.1; utility has been updated 1257 to filter by &man.jail.8; ID or name, in followup to the 1258 &man.ps.1; change in <literal>r265229</literal>.</para> 1259 1260 <para revision="266610">The &man.gstat.8; utility has been 1261 updated to include a new flag, <literal>-o</literal>. When 1262 set, &man.gstat.8; will display statistics for operations 1263 such as <literal>BIO_FLUSH</literal>.</para> 1264 1265 <para revision="266632">The &man.fetch.3; library has been 1266 updated to look for root <acronym>SSL</acronym> certificates 1267 in <filename class="directory">/usr/local/etc/ssl/</filename> 1268 before <filename 1269 class="directory">/etc/ssl/</filename>.</para> 1270 1271 <para revision="266715">The &man.clang.1;/llvm suite has been 1272 updated to version 3.4.1.</para> 1273 1274 <para revision="266816">The Blowfish password format 1275 has been changed to $2b$ by default.</para> 1276 1277 <para revision="266888">The amount of data collected for 1278 &man.hwpmc.4; has been updated to work with modern processors 1279 and larger amounts of available memory.</para> 1280 1281 <para revision="266890">The &man.pmcstat.8; utility has been 1282 updated to include a new flag, <literal>-l</literal>, which 1283 ends event collection after the specified number of 1284 seconds.</para> 1285 1286 <para revision="266953">The &man.mergemaster.8; utility has 1287 been updated to avoid printing 1288 <quote><filename>/var/tmp/temproot</filename> 1289 disappeared</quote> if there is nothing to compare.</para> 1290 1291 <para revision="267056">The &os; installer, &man.bsdinstall.8;, 1292 has been updated to include optional 1293 &man.geli.8;-encrypted or &man.gmirror.8;-mirrored swap 1294 devices when installing onto a full &man.zfs.8; filesystem. 1295 Additionally, the parent &man.zfs.8; dataset is now configured 1296 with <literal>lz4</literal> compression enabled.</para> 1297 1298 <para revision="267113">The default &man.newsyslog.conf.5; now 1299 includes files in the 1300 <filename>/etc/newsyslog.conf.d/</filename> and 1301 <filename>/usr/local/etc/newsyslog.conf.d/</filename> 1302 directories by default for &man.newsyslog.8;.</para> 1303 1304 <para revision="267161">The &man.realpath.1; utility has been 1305 updated to return <literal>ENOTDIR</literal> on paths 1306 components <quote>.</quote> and <quote>..</quote> that are 1307 not directories, such as <filename 1308 class="directory">/dev/null/.</filename> or <filename 1309 class="directory">/dev/null/..</filename>.</para> 1310 1311 <para revision="267236">A new flag, <quote>onifconsole</quote> 1312 has been added to <filename>/etc/ttys</filename>. This allows 1313 the system to provide a login prompt via serial console if the 1314 device is an active kernel console, otherwise it is equivalent 1315 to <literal>off</literal>.</para> 1316 1317 <para revision="267341">Support for legacy 1318 <acronym>PCI</acronym> devices has been removed from 1319 &man.bhyve.8;.</para> 1320 1321 <para revision="267450">The &man.bhyve.8; userland utility 1322 has been updated to include SMBIOS support. A new flag has 1323 been added, <literal>-U</literal>, which allows specifying the 1324 UUID of the guest in the System Information structure.</para> 1325 1326 <para revision="267734">The &os; Project has migrated 1327 from the <application>GNATS</application> bug tracking system 1328 to <application>Bugzilla</application>. The &man.send-pr.1; 1329 utility used for submitting problem reports has been replaced 1330 with a stub shell script that instructs to use the Bugzilla 1331 web interface.</para> 1332 1333 <para revision="267747">The &man.patch.1; utility has been 1334 updated to include a <literal>--dry-run</literal> flag, which 1335 is equivalent to <literal>--check</literal> and 1336 <literal>-C</literal>.</para> 1337 1338 <para revision="267878">A bug in &man.bsdgrep.1; that would 1339 prevent patterns from being matched under certain conditions 1340 has been fixed.</para> 1341 1342 <para revision="267979">The &man.procstat.1; utility has been 1343 updated to include two new flags, <literal>-r</literal> and 1344 <literal>-H</literal>. When <literal>-r</literal> is 1345 specified, &man.procstat.1; will print current resource usage 1346 about the process(es). When <literal>-H</literal> is 1347 specified, &man.procstat.1; will print information about 1348 threads rather than the process(es).</para> 1349 1350 <note> 1351 <para>The <literal>-H</literal> flag is currently only used 1352 with <literal>-r</literal> to display resource usage for 1353 individual threads, rather than the entire process.</para> 1354 </note> 1355 1356 <para revision="268019">The &man.sed.1; utility has been 1357 updated to include a new flag, <literal>-u</literal>, which 1358 enables unbuffered output when specified.</para> 1359 1360 <para revision="268161">The &man.mkimg.1; utility has been 1361 merged from &os;-CURRENT.</para> 1362 1363 <para revision="268700" contrib="sponsor" 1364 sponsor="&spectralogic;">The &man.camcontrol.8; has been 1365 updated to include a new <literal>persist</literal> command, 1366 which allows issuing <command>SCSI PERSISTENT RESERVE 1367 IN</command> and <command>SCSI PERSISTENT RESERVE 1368 OUT</command>.</para> 1369 1370 <para revision="268791">The &man.gstat.8; utility has been 1371 updated to include a new flag, <literal>-p</literal>, which 1372 displays only physical providers when specified.</para> 1373 1374 <para revision="268903">The &man.kldstat.8; utility has been 1375 updated to allow <literal>-q</literal> to be specified when 1376 also specifying <literal>-n 1377 <replaceable>module.ko</replaceable></literal>.</para> 1378 1379 <para revision="269177">The &man.mkimg.1; utility has been 1380 updated to include support for both fixed- and 1381 dynamically-allocated images for the <acronym>VHD</acronym> 1382 and <acronym>VMDK</acronym> formats.</para> 1383 1384 <para revision="269220">The &man.random.4; entropy collection 1385 script, <filename>/usr/libexec/save-entropy</filename>, no 1386 longer runs within &man.jail.8; environments.</para> 1387 1388 <para revision="269397">The &man.bhyve.8; wrapper script, 1389 <filename>/usr/share/examples/bhyve/vmrun.sh</filename>, 1390 has been synced with &os;-CURRENT.</para> 1391 1392 <para>This update includes:</para> 1393 1394 <itemizedlist> 1395 <listitem> 1396 <para>A new flag, <literal>-e</literal>, has been added, 1397 which is used to set &man.loader.8; environment 1398 variables.</para> 1399 </listitem> 1400 1401 <listitem> 1402 <para>A new flag, <literal>-C</literal>, has been added, 1403 which is used to specify the guest console device.</para> 1404 </listitem> 1405 1406 <listitem> 1407 <para>A new flag, <literal>-H</literal>, has been added, 1408 which is used to pass the host path to 1409 &man.bhyveload.8;.</para> 1410 </listitem> 1411 1412 <listitem> 1413 <para>Support for multiple disk and &man.tap.4; devices 1414 has been added.</para> 1415 </listitem> 1416 1417 <listitem> 1418 <para>The <literal>-I</literal> flag has been 1419 removed.</para> 1420 </listitem> 1421 </itemizedlist> 1422 1423 <para revision="269398">The &man.nfsd.8; server update to 4.1, 1424 adding support for RFC5661, has merged from 1425 &os;-CURRENT.</para> 1426 1427 <para revision="269432" arch="ia64">The serial terminals 1428 <filename>ttyu0</filename> and <filename>ttyu1</filename> have 1429 been updated to <literal>onifconsole</literal> by default in 1430 &man.ttys.5;, which either can be the serial console, 1431 depending on the platform.</para> 1432 1433 <para revision="269800">The &man.ping6.8; utility has been 1434 updated to reset <literal>itimer</literal> when the maximum 1435 number of packets to send have been reached. This prevents 1436 &man.ping6.8; from exiting when the interval in set to a small 1437 value and a low number of packets to send has been 1438 specified.</para> 1439 1440 <para revision="269805">The &man.jail.8; utility has been 1441 updated to support extra &man.ifconfig.8; arguments for the 1442 <literal>ip4.addr</literal> and <literal>ip6.addr</literal> 1443 parameters. This change allows &man.carp.4; interfaces to 1444 be used within the &man.jail.8;.</para> 1445 1446 <para revision="269946">Support for generating and compiling 1447 <acronym>USDT</acronym> <application>DTrace</application> 1448 probes has been improved. <application>DTrace</application> 1449 <acronym>USDT</acronym> files are now handled similar to 1450 &man.lex.1; and &man.yacc.1; files, meaning support for 1451 handling <application>D</application> files as part of the 1452 build process is built into the <literal>SRCS</literal> 1453 &man.make.1; environment variable.</para> 1454 1455 <para revision="269968">The &man.iscsictl.8; utility has been 1456 updated to include a new flag, <literal>-M</literal>, which 1457 allows modifying the <acronym>iSCSI</acronym> session 1458 parameters without requiring the session to be removed and 1459 added back.</para> 1460 1461 <para revision="270043">The &man.mount.nfs.8; utility has been 1462 updated to support specifying the NFS version as 1463 a <literal>key=<replaceable>value</replaceable></literal> pair 1464 argument to the <literal>-o</literal> flag. For example, to 1465 specify NFS version 4, the syntax to use is 1466 <literal>-o vers=4</literal>.</para> 1467 1468 <para revision="270242" contrib="sponsor" 1469 sponsor="&spectralogic;">The &man.devd.8; client socket type 1470 has been changed to <literal>SOCK_SEQPACKET</literal>, 1471 providing sequential packet support.</para> 1472 1473 <para revision="270401">Support for the <quote>account</quote> 1474 facility has been added to the &man.pam.group.8; 1475 module.</para> 1476 1477 <para revision="270890">The &man.pathchk.1; utility has been 1478 updated to ensure bytes greater than or equal to 128 are 1479 considered non-portable.</para> 1480 1481 <para revision="270997" contrib="vendor" vendor="&freenas;">The 1482 &man.zdb.8; utility is now included in the set of applications 1483 installed in the <filename 1484 class="directory">/rescue</filename> environment, making it 1485 possible to examine &man.zfs.8; filesystems when <filename 1486 class="directory">/usr</filename> is unavailable.</para> 1487 1488 <para>Several <literal>libc</literal> improvements have been 1489 merged from illumos™ and &apple;, providing better 1490 internationalization support and &posix; compliance.</para> 1491 1492 <para revision="271967">Support for adding empty partitions has 1493 been added to the &man.mkimg.1; utility.</para> 1494 1495 <para revision="272819">Support for QCOW and QCOW2 disk image 1496 formats has been added to the &man.mkimg.1; utility.</para> 1497 1498 <para revision="273098">The &man.mkimg.1; utility has been 1499 updated to include three options used to print information 1500 about &man.mkimg.1; itself:</para> 1501 1502 <informaltable frame="none" pgwide="0"> 1503 <tgroup cols="2"> 1504 <colspec colwidth="1*"/> 1505 <colspec colwidth="1*"/> 1506 <thead> 1507 <row> 1508 <entry>Option</entry> 1509 <entry>Output</entry> 1510 </row> 1511 </thead> 1512 1513 <tbody> 1514 <row> 1515 <entry><literal>--version</literal></entry> 1516 <entry>The current version of the &man.mkimg.1; 1517 utility</entry> 1518 </row> 1519 1520 <row> 1521 <entry><literal>--formats</literal></entry> 1522 <entry>The disk image file formats supported by 1523 &man.mkimg.1;</entry> 1524 </row> 1525 1526 <row> 1527 <entry><literal>--schemes</literal></entry> 1528 <entry>The partition schemes supported by 1529 &man.mkimg.1;</entry> 1530 </row> 1531 </tbody> 1532 </tgroup> 1533 </informaltable> 1534 1535 <sect3 xml:id="rc-scripts"> 1536 <title><filename>/etc/rc.d</filename> Scripts</title> 1537 1538 <para revision="264438">The <filename>network.subr</filename> 1539 &man.rc.8; script has been updated to loosen the requirement 1540 of listing network aliases in numeric order. Previously, 1541 a network alias of 1542 <literal>_alias<replaceable>2</replaceable></literal> 1543 would not be created if 1544 <literal>_alias<replaceable>1</replaceable></literal> was 1545 not defined.</para> 1546 1547 <para revision="268098">The &man.service.8; utility has been 1548 updated to check that the &man.rc.d.8; directory exists 1549 before traversing the directory.</para> 1550 1551 <para revision="259141">A regression introduced in 1552 &os; 10.0-RELEASE that would prevent proper IPv6 1553 allocation via the &man.jail.8; &man.rc.8; startup script 1554 has been fixed.</para> 1555 1556 <para revision="264438">The &man.rc.8; restriction requiring 1557 &man.mdconfig.8; devices defined in &man.rc.conf.5; to be 1558 listed sequentially has been removed.</para> 1559 1560 <para revision="262566">The &man.sshd.8; &man.rc.d.8; startup 1561 script now generates <literal>ED25519</literal> &man.sshd.8; 1562 host keys if keys do not already exist when 1563 <literal>ssh_keygen_alg()</literal> is invoked.</para> 1564 1565 <para revision="271095">Support for &man.vt.4; keyboard maps 1566 has been added to the <filename>syscons</filename> 1567 &man.rc.d.8; startup script.</para> 1568 1569 <para revision="271260">Support for subdirectories within 1570 <filename 1571 class="directory">/etc/rc.conf.d/<replaceable>service</replaceable>/</filename> 1572 has been added the &man.rc.d.8;. This allows creating 1573 separate configuration files for services such as 1574 <filename>netif</filename>, for example, where each network 1575 interface can have a separate configuration file.</para> 1576 1577 <para revision="272078">The default &man.rc.conf.5;, 1578 <filename>/etc/defaults/rc.conf</filename>, has been updated 1579 to include <filename 1580 class="directory">/usr/lib32/compat</filename> in the 1581 default <filename>ld-elf32.so.1</filename> search 1582 path.</para> 1583 </sect3> 1584 1585 <sect3 xml:id="periodic-scripts"> 1586 <title><filename>/etc/periodic</filename> Scripts</title> 1587 1588 <para revision="272430">The daily &man.periodic.8; script 1589 <filename>110.clean-tmps</filename> has been updated to 1590 avoid crossing filesystem mount boundaries when cleaning 1591 files in <filename class="directory">/tmp</filename>.</para> 1592 </sect3> 1593 </sect2> 1594 1595 <sect2 xml:id="contrib"> 1596 <title>Contributed Software</title> 1597 1598 <para revision="263285">The &man.xz.1; utility has been updated 1599 to a post-5.0.5 snapshot.</para> 1600 1601 <para revision="264377"><application>OpenSSH</application> has 1602 been updated to version 6.6p1.</para> 1603 1604 <para revision="264911">The &man.nc.1; utility has been updated 1605 to match the version in OpenBSD 5.5.</para> 1606 1607 <para revision="266692"><application>Sendmail</application> 1608 has been updated to 8.14.9.</para> 1609 1610 <para revision="268515">The &man.file.1; utility and 1611 &man.libmagic.3; library have been updated to 5.19.</para> 1612 1613 <para revision="268899">The &man.byacc.1; parser has been 1614 updated to version 20140422.</para> 1615 1616 <para revision="269024" contrib="sponsor" 1617 sponsor="&darpa_afrl;">The &man.lldb.1; debugging library has 1618 been updated to the r202189 snapshot.</para> 1619 1620 <para revision="269257">The &man.unbound.8; caching resolver and 1621 <literal>ldns</literal> have been updated to version 1622 1.4.22.</para> 1623 1624 <para revision="269847">The <quote>lite</quote> version of 1625 <application>Subversion</application> included in the 1626 &os; base system and its dependencies have been 1627 updated:</para> 1628 1629 <itemizedlist> 1630 <listitem> 1631 <para><application>apr</application> has been 1632 updated to version 1.5.1.</para> 1633 </listitem> 1634 1635 <listitem> 1636 <para><application>apr-util</application> has been 1637 updated to version 1.5.3.</para> 1638 </listitem> 1639 1640 <listitem> 1641 <para><application>serf</application> has been 1642 updated to version 1.3.7.</para> 1643 </listitem> 1644 1645 <listitem> 1646 <para><application>svnlite</application> has been 1647 updated to version 1.8.10.</para> 1648 </listitem> 1649 </itemizedlist> 1650 1651 <para revision="270026">The &man.nvi.1; editor has been 1652 update to version 2.1.2-c80f493b038.</para> 1653 1654 <para revision="270031">The &man.fparseln.3; library has 1655 been updated to version 1.7.</para> 1656 1657 <para revision="270415">The <application>lukemftpd</application> 1658 <acronym>FTP</acronym> server has been removed from the 1659 &os; base system.</para> 1660 1661 <para revision="270817">The timezone database has been updated 1662 to version tzdata2014f.</para> 1663 1664 <para revision="271947"><application>OpenPAM</application> has 1665 been updated to Ourouparia (20140912).</para> 1666 1667 <para revision="273399"><application>OpenSSL</application> has 1668 been updated to version 1.0.1j.</para> 1669 </sect2> 1670 1671 <sect2 xml:id="ports"> 1672 <title>Ports/Packages Collection Infrastructure</title> 1673 1674 <para>The &man.pkg.8; package management utility has been 1675 updated to version 1.3.8.</para> 1676 </sect2> 1677 1678 <sect2 xml:id="releng"> 1679 <title>Release Engineering and Integration</title> 1680 1681 <para revision="263028">The &man.services.mkdb.8; utility has 1682 been updated to include endianness awareness, allowing the 1683 <filename>services.db</filename> database to be created as 1684 part of the release build, regardless of native- or 1685 cross-built releases.</para> 1686 1687 <para revision="271470" contrib="sponsor" sponsor="&ff;">The 1688 <filename class="directory">release/</filename> scripts have 1689 been updated to produce <acronym>UEFI</acronym>-capable and 1690 <acronym>BIOS</acronym>-capable CD-ROM ISOs as well as memory 1691 stick images for the &os;/&arch.amd64; architecture.</para> 1692 1693 <para revision="271943" contrib="sponsor" sponsor="&ff;">The 1694 <filename>release/scripts/pkg-stage.sh</filename> script has 1695 been updated to include a symlink to the on-disc version of 1696 &man.pkg.8; in the <filename 1697 class="directory">packages/</filename> structure on the 1698 DVD installer. This allows the &man.pkg.7; bootstrap utility 1699 to properly locate the <filename>Latest/pkg.txz</filename> 1700 package on the DVD when <literal>REPOS_DIR</literal> is set to 1701 <filename class="directory">/dist/packages/repos</filename>, 1702 eliminating the need for a network connection or explicitly 1703 providing the path to the version included on the DVD 1704 installation medium.</para> 1705 1706 <para revision="273101" contrib="sponsor" sponsor="&ff;">The 1707 &os; Release Engineering build tools have been updated to 1708 provide support for building virtual machine disk images as 1709 part of the release build process using &man.mkimg.1;. The 1710 disk image formats currently supported include QCOW2, VHD, 1711 VMDK, and raw formats. See &man.release.7; for additional 1712 information.</para> 1713 1714 <para revision="273199" contrib="sponsor" sponsor="&ff;">The 1715 &os; Release Engineering build tools have been updated to 1716 provide support for building &os; virtual machine disk images 1717 for the µsoft; Azure cloud hosting platform. This 1718 functionality is not connected directly to the default 1719 <literal>release</literal> &man.make.1; target, however can be 1720 invoked by specifying the <literal>vm-azure</literal> target 1721 directly.</para> 1722 </sect2> 1723 </sect1> 1724 1725 <sect1 xml:id="upgrade"> 1726 <title>Upgrading from Previous Releases of &os;</title> 1727 1728 <para arch="amd64,i386">Binary upgrades between RELEASE versions 1729 (and snapshots of the various security branches) are supported 1730 using the &man.freebsd-update.8; utility. The binary upgrade 1731 procedure will update unmodified userland utilities, as well as 1732 unmodified <filename>GENERIC</filename> kernel distributed as 1733 a part of an official &os; release. The &man.freebsd-update.8; 1734 utility requires that the host being upgraded have Internet 1735 connectivity.</para> 1736 1737 <para>Source-based upgrades (those based on recompiling the &os; 1738 base system from source code) from previous versions are 1739 supported, according to the instructions in 1740 <filename>/usr/src/UPDATING</filename>.</para> 1741 1742 <important> 1743 <para>Upgrading &os; should only be attempted after 1744 backing up <emphasis>all</emphasis> data and configuration 1745 files.</para> 1746 </important> 1747 </sect1> 1748</article> 1749