article.xml revision 318870
1<?xml version="1.0" encoding="iso-8859-1"?> 2<!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook XML V5.0-Based Extension//EN" 3 "../../../share/xml/freebsd50.dtd" [ 4<!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN" "release.ent"> 5 %release; 6<!ENTITY % sponsor PUBLIC "-//FreeBSD//ENTITIES Sponsor Specification//EN" "sponsor.ent"> 7 %sponsor; 8<!ENTITY % vendor PUBLIC "-//FreeBSD//ENTITIES Vendor Specification//EN" "vendor.ent"> 9 %vendor; 10<!ENTITY security SYSTEM "../../share/xml/security.xml"> 11<!ENTITY errata SYSTEM "../../share/xml/errata.xml"> 12]> 13<article xmlns="http://docbook.org/ns/docbook" 14 xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0"> 15 16 <info> 17 <title>&os; &release.current; Release Notes</title> 18 19 <author> 20 <orgname>The &os; Project</orgname> 21 </author> 22 23 <pubdate>$FreeBSD: stable/11/release/doc/en_US.ISO8859-1/relnotes/article.xml 318870 2017-05-25 11:05:19Z gjb $</pubdate> 24 25 <!-- Last rev: 288943 --> 26 27 <copyright> 28 <year>2017</year> 29 <holder role="mailto:doc@FreeBSD.org">The &os; Documentation 30 Project</holder> 31 </copyright> 32 33 <legalnotice xml:id="trademarks" role="trademarks"> 34 &tm-attrib.freebsd; 35 &tm-attrib.ibm; 36 &tm-attrib.ieee; 37 &tm-attrib.intel; 38 &tm-attrib.sparc; 39 &tm-attrib.general; 40 </legalnotice> 41 42 <abstract> 43 <para>The release notes for &os; &release.current; contain 44 a summary of the changes made to the &os; base system on the 45 &release.branch; development line. This document lists 46 applicable security advisories that were issued since the last 47 release, as well as significant changes to the &os; kernel and 48 userland. Some brief remarks on upgrading are also 49 presented.</para> 50 </abstract> 51 </info> 52 53 <sect1 xml:id="intro"> 54 <title>Introduction</title> 55 56 <para>This document contains the release notes for &os; 57 &release.current;. It describes recently added, changed, or 58 deleted features of &os;. It also provides some notes on 59 upgrading from previous versions of &os;.</para> 60 61 <para releasetype="current">The &release.type; distribution to 62 which these release notes apply represents the latest point 63 along the &release.branch; development branch since 64 &release.branch; was created. Information regarding pre-built, 65 binary &release.type; distributions along this branch can be 66 found at <uri 67 xlink:href="&release.url;">&release.url;</uri>.</para> 68 69 <para releasetype="snapshot">The &release.type; distribution to 70 which these release notes apply represents a point along the 71 &release.branch; development branch between &release.prev; and 72 the future &release.next;. Information regarding pre-built, 73 binary &release.type; distributions along this branch can be 74 found at <uri 75 xlink:href="&release.url;">&release.url;</uri>.</para> 76 77 <para releasetype="release">This distribution of &os; 78 &release.current; is a &release.type; distribution. It can be 79 found at <uri xlink:href="&release.url;">&release.url;</uri> or 80 any of its mirrors. More information on obtaining this (or 81 other) &release.type; distributions of &os; can be found in the 82 <link 83 xlink:href="&url.books.handbook;/mirrors.html"><quote>Obtaining 84 &os;</quote> appendix</link> to the <link 85 xlink:href="&url.books.handbook;/">&os; 86 Handbook</link>.</para> 87 88 <para>All users are encouraged to consult the release errata 89 before installing &os;. The errata document is updated with 90 <quote>late-breaking</quote> information discovered late in the 91 release cycle or after the release. Typically, it contains 92 information on known bugs, security advisories, and corrections 93 to documentation. An up-to-date copy of the errata for &os; 94 &release.current; can be found on the &os; Web site.</para> 95 96 <para>This document describes the most user-visible new or changed 97 features in &os; since &release.prev;. In general, changes 98 described here are unique to the &release.branch; branch unless 99 specifically marked as &merged; features.</para> 100 101 <para>Typical release note items document recent security 102 advisories issued after &release.prev;, new drivers or hardware 103 support, new commands or options, major bug fixes, or 104 contributed software upgrades. They may also list changes to 105 major ports/packages or release engineering practices. Clearly 106 the release notes cannot list every single change made to &os; 107 between releases; this document focuses primarily on security 108 advisories, user-visible changes, and major architectural 109 improvements.</para> 110 </sect1> 111 112 <sect1 xml:id="upgrade"> 113 <title>Upgrading from Previous Releases of &os;</title> 114 115 <para arch="amd64,i386">Binary upgrades between RELEASE versions 116 (and snapshots of the various security branches) are supported 117 using the &man.freebsd-update.8; utility. The binary upgrade 118 procedure will update unmodified userland utilities, as well as 119 unmodified GENERIC kernels distributed as a part of an official 120 &os; release. The &man.freebsd-update.8; utility requires that 121 the host being upgraded have Internet connectivity.</para> 122 123 <para>Source-based upgrades (those based on recompiling the &os; 124 base system from source code) from previous versions are 125 supported, according to the instructions in 126 <filename>/usr/src/UPDATING</filename>.</para> 127 128 <important> 129 <para>Upgrading &os; should only be attempted after backing up 130 <emphasis>all</emphasis> data and configuration files.</para> 131 </important> 132 </sect1> 133 134 <sect1 xml:id="security-errata"> 135 <title>Security and Errata</title> 136 137 <para>This section lists the various Security Advisories and 138 Errata Notices since &release.prev;.</para> 139 140 <sect2 xml:id="security"> 141 <title>Security Advisories</title> 142 143 &security; 144 </sect2> 145 146 <sect2 xml:id="errata"> 147 <title>Errata Notices</title> 148 149 &errata; 150 </sect2> 151 </sect1> 152 153 <sect1 xml:id="userland"> 154 <title>Userland</title> 155 156 <para>This section covers changes and additions to userland 157 applications, contributed software, and system utilities.</para> 158 159 <sect2 xml:id="userland-config"> 160 <title>Userland Configuration Changes</title> 161 162 <para revision="313203">The &man.inetd.8; utility is now built 163 without <literal>libwrap</literal> support when 164 <literal>WITHOUT_TCP_WRAPPERS</literal> is set in 165 &man.src.conf.5;.</para> 166 167 <para revision="316045">The &man.libthr.3; library and related 168 files are now evaluated and removed by the 169 <literal>delete-old-libs</literal> target when upgrading the 170 system if <literal>WITHOUT_LIBTHR</literal> is 171 set in &man.src.conf.5;.</para> 172 173 <para revision="316423" contrib="sponsor" sponsor="&ff;">The 174 <literal>WITH_LLD_AS_LD</literal> build knob has been added, 175 which installs <application>LLD</application> as 176 <filename>/usr/bin/ld</filename> if set.</para> 177 178 <para revision="318472" contrib="sponsor" sponsor="&ff;"> 179 <application>LLD</application> has been enabled by default and 180 installed as <filename>/usr/bin/ld</filename> on 181 &os;/&arch.arm64;.</para> 182 </sect2> 183 184 <sect2 xml:id="userland-programs"> 185 <title>Userland Application Changes</title> 186 187 <para revision="305476" contrib="sponsor" 188 sponsor="&ff;">Support for &man.blacklistd.8; has been added 189 to <application>OpenSSH</application>.</para> 190 191 <para revision="308720" contrib="sponsor" sponsor="&gandi;">The 192 &man.cron.8; utility has been updated to add support for 193 including files within <filename 194 class="directory">/etc/cron.d</filename> and <filename 195 class="directory">/usr/local/etc/cron.d</filename> by 196 default.</para> 197 198 <para revision="308721" contrib="sponsor" sponsor="&gandi;">The 199 &man.syslogd.8; utility has been updated to add the 200 <literal>include</literal> keyword which allows specifying 201 a directory containing configuration files to be included in 202 addition to &man.syslog.conf.5;. The default 203 &man.syslog.conf.5; has been updated to include <filename 204 class="directory">/etc/syslog.d</filename> and <filename 205 class="directory">/usr/local/etc/syslog.d</filename> by 206 default.</para> 207 208 <para revision="308914">The &man.zfsbootcfg.8; utility has been 209 added, providing one-time &man.boot.config.5;-style options 210 for &man.zfsboot.8;.</para> 211 212 <para revision="315514" contrib="sponsor" sponsor="&yandex;">The 213 &man.setkey.8; utility has been modified to show the runtime 214 <acronym>NAT-T</acronym> configuration. The 215 <literal>-g</literal> and <literal>-t</literal> flags have 216 been added, which list only global and virtual policies, 217 respectively, when used with the <literal>-D</literal> and 218 <literal>-P</literal> flags.</para> 219 220 <para revision="316098" contrib="sponsor" 221 sponsor="&dellemc;">The &man.getaddrinfo.1; utility has been 222 added, ported from NetBSD.</para> 223 224 <para revision="316944" contrib="sponsor" 225 sponsor="&multiplay;">The &man.jail.8; utility has been 226 updated to allow explicitly-assigned <acronym>IPv4</acronym> 227 and <acronym>IPv6</acronym> addresses to be used within 228 a jail.</para> 229 230 <para revision="317855">The &man.daemon.8; utility has been 231 updated to allow redirecting &man.stdout.4; and &man.stderr.4; 232 output to &man.syslog.3; or to a file.</para> 233 234 <para revision="318576" contrib="sponsor" sponsor="&ff;">The 235 &man.efivar.8; utility has been added, providing an interface 236 to manage <acronym>UEFI</acronym> variables.</para> 237 </sect2> 238 239 <sect2 xml:id="userland-contrib"> 240 <title>Contributed Software</title> 241 242 <para revision="307729">&man.unbound.8; has been updated to 243 version 1.5.10.</para> 244 245 <para revision="309511"><application>Subversion</application> 246 has been updated to version 1.9.5.</para> 247 248 <para revision="309847">&man.file.1; has been updated to version 249 5.29.</para> 250 251 <para revision="310490">The &man.amd.8; utility has been updated 252 to version 6.2.</para> 253 254 <para revision="312336">The <acronym>CLDR</acronym> locales have 255 been updated to version 30.0.3. The unicode locales have been 256 updated to version 9.0.0.</para> 257 258 <para revision="312517">&man.xz.1; has been updated to version 259 5.2.3.</para> 260 261 <para revision="313537">&man.tcpdump.1; has been updated to 262 version 4.9.0.</para> 263 264 <para revision="313795">&man.zlib.3; has been updated to version 265 1.2.11.</para> 266 267 <para revision="313980"><application>openresolv</application> 268 has been updated to version 3.9.0.</para> 269 270 <para revision="313680">The NetBSD test suite has been updated 271 to the 01.11.2017_23.20 snapshot.</para> 272 273 <para revision="314278"><literal>libucl</literal> has been 274 updated to version 20170219.</para> 275 276 <para revision="315432">&man.libarchive.3; has been updated to 277 version 3.3.1.</para> 278 279 <para revision="315995">&man.dma.8; has been updated to the 280 2017-02-10 snapshot.</para> 281 282 <para revision="316068">&man.ntpd.8; has been updated to version 283 4.2.8p10.</para> 284 285 <para revision="316303"><application>ACPICA</application> has 286 been updated to version 20170303.</para> 287 288 <para revision="316349">Timezone data files have been updated to 289 version 2017b.</para> 290 291 <para revision="316420">&man.mandoc.1; has been updated to 292 version 1.14.</para> 293 294 <para revision="316423"><application>Clang</application> has 295 been updated to version 4.0.0.</para> 296 297 <para revision="316423"><application>LLVM</application> has 298 been updated to version 4.0.0.</para> 299 300 <para revision="316423"><application>LLD</application> has 301 been updated to version 4.0.0.</para> 302 303 <para revision="316423"><application>LLDB</application> has 304 been updated to version 4.0.0.</para> 305 306 <para revision="316423"><application>compiler-rt</application> 307 has been updated to version 4.0.0.</para> 308 309 <para revision="316423"><application>libc++</application> has 310 been updated to version 4.0.0.</para> 311 312 <para revision="316957">&man.tcsh.1; has been updated to version 313 6.20.00.</para> 314 315 <para revision="318239" contrib="sponsor" 316 sponsor="&ff;">&man.blacklistd.8; has been updated to the 317 20170503 snapshot.</para> 318 319 <para revision="318402" contrib="sponsor" 320 sponsor="&ff;">&man.blacklistd.8; support for 321 <application>OpenSSH</application> has been refined to adjust 322 notification points to catch all authentication failures 323 rather than only those caused by invalid login 324 usernames.</para> 325 </sect2> 326 327 <sect2 xml:id="userland-installer"> 328 <title>Installation and Configuration Tools</title> 329 330 <para revision="311686">The &man.bsdinstall.8; installer has 331 been updated to include support for hidden wireless networks 332 when configuring the &man.wlan.4; interface.</para> 333 </sect2> 334 335 <sect2 xml:id="userland-rc"> 336 <title><filename class="directory">/etc/rc.d</filename> 337 Scripts</title> 338 339 <para revision="310009" contrib="sponsor" 340 sponsor="&fisglobal;">The <literal>jail_confwarn</literal> 341 &man.rc.conf.5; entry has been added, which suppresses warning 342 about obsolete per-&man.jail.8; configurations.</para> 343 </sect2> 344 345 <sect2 xml:id="userland-periodic"> 346 <title><filename class="directory">/etc/periodic</filename> 347 Scripts</title> 348 349 <para revision="317373">The default &man.periodic.conf.5; has 350 been updated to include the 351 <literal>anticongestion_sleeptime</literal> option, 352 consolidating random sleeps in &man.periodic.8; scripts and 353 replacing the <literal>daily_ntpd_avoid_congestion</literal> 354 option. The default value is 3600 seconds.</para> 355 356 <para revision="317857">The <filename>410.status-mfi</filename> 357 &man.periodic.8; script has been added to monitor the status 358 of &man.mfi.4; volumes.</para> 359 </sect2> 360 361 <sect2 xml:id="userland-libraries"> 362 <title>Runtime Libraries and API</title> 363 364 <para revision="316039">The &man.kvm.close.3; function has been 365 updated to return the accumulated error from previous 366 &man.close.2; calls.</para> 367 368 <para revision="316613">The C standard library has been updated 369 to make use of &man.reallocarray.3; for bounds 370 checking.</para> 371 372 <para revision="317618" contrib="sponsor" 373 sponsor="&dellemc;">The <function>clock_nanosleep()</function> 374 system call has been added. The 375 <function>nanosleep()</function> system call is now a wrapper 376 around <function>clock_nanosleep()</function>.</para> 377 378 <para revision="318121">The system libraries have been updated 379 to make use of &man.reallocarray.3; for bounds 380 checking.</para> 381 </sect2> 382 383 <sect2 xml:id="userland-abi"> 384 <title>ABI Compatibility</title> 385 386 <para revision="309258">The type <literal>max_align_t</literal> 387 is now defined for C11 compliance.</para> 388 389 <para revision="315274" contrib="sponsor" 390 sponsor="&dellemc;">The 391 <function>sem_clockwait_np()</function> library function has 392 been added, which allows the caller to specify the reference 393 clock and choose between absolute and relative mode.</para> 394 395 <para revision="315282">The <application>clang</application> 396 <literal>nullability</literal> qualifiers have been added to 397 the <literal>C</literal> library headers.</para> 398 399 <para revision="315282">Uses of the <acronym>GNU</acronym> 400 <literal>__nonnull__</literal> attribute have been replaced 401 with the more benign <application>Clang</application> 402 nullability attributes.</para> 403 </sect2> 404 405 <sect2 xml:id="userland-debug"> 406 <title>Userland Debugging</title> 407 408 <para revision="304499">&man.ptrace.2; now supports events for 409 &man.vfork.2;, permitting reliable debugging across 410 &man.vfork.2; invocations.</para> 411 412 <para revision="306786">Process core dumps now include the 413 process ID (<acronym>PID</acronym>) and command line 414 arguments.</para> 415 </sect2> 416 </sect1> 417 418 <sect1 xml:id="kernel"> 419 <title>Kernel</title> 420 421 <para>This section covers changes to kernel configurations, system 422 tuning, and system control parameters that are not otherwise 423 categorized.</para> 424 425 <sect2 xml:id="kernel-bugfix"> 426 <title>Kernel Bug Fixes</title> 427 428 <para revision="317434">The &man.ipf.4; packet filter has been 429 updated to prevent <literal>keep state</literal> from 430 incorrectly implying <literal>keep frags</literal>, matching 431 the behavior documented in &man.ipf.5;.</para> 432 </sect2> 433 434 <sect2 xml:id="kernel-config"> 435 <title>Kernel Configuration</title> 436 437 <para revision="315514" contrib="sponsor" sponsor="&yandex;">The 438 <literal>IPSEC_NAT_T</literal> kernel configuration option has 439 been removed. Support for <acronym>NAT-T</acronym> is now 440 enabled by default.</para> 441 442 <para revision="315514" contrib="sponsor" sponsor="&yandex;">The 443 <literal>IPSEC_FILTERTUNNEL</literal> kernel option has been 444 removed, which was deprecated by the 445 <literal>net.inet.ipsec.filtertunnel</literal> sysctl.</para> 446 447 <para revision="318763">The <literal>EARLY_AP_STARTUP</literal> 448 option has been enabled by default on &arch.amd64; and 449 &arch.i386; architectures, which when enabled releases 450 Application Processors (<acronym>AP</acronym>s) earlier in the 451 kernel startup process.</para> 452 </sect2> 453 454 <sect2 xml:id="kernel-modules"> 455 <title>Kernel Modules</title> 456 457 <para revision="307144">&man.cloudabi.4; has been updated to 458 allow running 32-bit binaries within 64-bit userland 459 environments when the kernel configuration file has the 460 <literal>COMPAT_CLOUDABI32</literal> option present.</para> 461 462 <para revision="315514" contrib="sponsor" sponsor="&yandex;">The 463 <literal>ipsec</literal> and <literal>tcpmd5</literal> kernel 464 modules have been added.</para> 465 466 <note> 467 <para>Following the addition of the <literal>tcpmd5</literal> 468 module, it is now necessary to have a security association 469 (<acronym>SA</acronym>) entry for both inbound and outbound 470 directions.</para> 471 </note> 472 473 <para revision="316274" contrib="sponsor" sponsor="&yandex;">The 474 &man.ipfw.4; packet filter has been updated to add support for 475 named dynamic states.</para> 476 477 <para revision="316444" contrib="sponsor" sponsor="&yandex;">The 478 <literal>ipfw_nptv6</literal> kernel module has been added, 479 implementing Network Prefix Translation for 480 <acronym>IPv6</acronym> as defined in <acronym>RFC</acronym> 481 6296.</para> 482 483 <para revision="316446" contrib="sponsor" sponsor="&yandex;">The 484 <literal>ipfw_nat64</literal> kernel module has been added, 485 implementing stateless and stateful 486 <acronym>NAT64</acronym>.</para> 487 488 <para revision="316660" contrib="sponsor" sponsor="&ff;">The 489 &man.cfumass.4; device has been added, providing a storage 490 frontend to <acronym>USB</acronym> 491 <acronym>OTG</acronym>-capable hardware.</para> 492 493 <para revision="317045" contrib="sponsor" sponsor="&yandex;">The 494 <literal>ipfw_pmod</literal> kernel module has been added, 495 designed for modifying packets of any protocol.</para> 496 497 <note> 498 <para>At present, only <acronym>TCP</acronym> 499 <acronym>MSS</acronym> modification is implemented.</para> 500 </note> 501 </sect2> 502 503 <sect2 xml:id="kernel-sysctl"> 504 <title>System Tuning and Controls</title> 505 506 <para revision="315539">The 507 <literal>vfs.root_mount_always_wait</literal> tunable has been 508 added, which forces the kernel to wait for root mount holds 509 even if the root device is already present.</para> 510 511 <para revision="316120" contrib="sponsor" 512 sponsor="&dellemc;">When the system real time clock 513 (<acronym>RTC</acronym>) is adjusted, such as by 514 <function>clock_settime()</function>, sleeping threads are now 515 awakened and absolute sleep times are reevaluated based on the 516 new value of the RTC.</para> 517 </sect2> 518 </sect1> 519 520 <sect1 xml:id="drivers"> 521 <title>Devices and Drivers</title> 522 523 <para>This section covers changes and additions to devices and 524 device drivers since &release.prev;.</para> 525 526 <sect2 xml:id="drivers-device"> 527 <title>Device Drivers</title> 528 529 <para revision="307768">The &man.jedec.ts.4; driver has been 530 added, providing support for thermal sensors on memory 531 modules. The driver currently supports chips that are fully 532 compliant with the <acronym>JEDEC</acronym> 533 <acronym>JC</acronym> 42.4 specification.</para> 534 535 <para revision="308104">The &man.chromebook.platform.4; driver 536 has been added, providing support for various Chromebook 537 models.</para> 538 539 <para revision="308942">The &man.bytgpio.4; driver has been 540 added, providing support for Intel® Bay Trail™ 541 SoC GPIO controllers.</para> 542 543 <para revision="312394"><filename>/dev/kmem</filename> no longer 544 supports access via <function>mmap()</function>. Consumers 545 wishing to use <filename>/dev/kmem</filename> must use 546 <function>read()</function> and 547 <function>write()</function>.</para> 548 549 <para revision="306533" contrib="sponsor" 550 sponsor="&chelsio;">&man.devctl.8; now supports a "clear 551 driver" command as a complement to "set 552 driver".</para> 553 </sect2> 554 555 <sect2 xml:id="drivers-storage"> 556 <title>Storage Drivers</title> 557 558 <para> </para> 559 </sect2> 560 561 <sect2 xml:id="drivers-network"> 562 <title>Network Drivers</title> 563 564 <para revision="306660" contrib="sponsor" 565 sponsor="&chelsio;">The &man.cxgbe.4; driver has been updated 566 to provide support for Virtual Function devices 567 (<acronym>VFs</acronym>) on Chelsio T4 and T5 adapters.</para> 568 569 <para revision="306661" contrib="sponsor" 570 sponsor="&chelsio;">TCP connections using the TCP Offload 571 Engine (<acronym>TOE</acronym>) on Chelsio T4+ adapters can 572 now perform zero-copy sends via 573 <function>aio_write()</function>.</para> 574 575 <para revision="306664" contrib="sponsor" 576 sponsor="&chelsio;">The &man.cxgbev.4; driver has been added, 577 providing support for Virtual Function devices 578 (<acronym>VFs</acronym>) on Chelsio T4 and T5 adapters.</para> 579 580 <para revision="309377" contrib="sponsor" 581 sponsor="&broadcom;">The &man.bnxt.4; driver has been added, 582 providing support for Broadcom® NetXtreme-C™ and 583 NetXtreme-E™ devices.</para> 584 585 <para revision="309560" contrib="sponsor" 586 sponsor="&chelsio;">The &man.cxgbe.4; driver now supports 587 devices using T6-based adapters which support 10, 25, 40, and 588 100 Gbps.</para> 589 590 <para revision="309560" contrib="sponsor" 591 sponsor="&chelsio;">The &man.cxgbe.4; driver has been updated 592 to provide support for Virtual Function devices 593 (<acronym>VFs</acronym>) on Chelsio T6 adapters.</para> 594 595 <para revision="309560" contrib="sponsor" 596 sponsor="&chelsio;">The &man.cxgbev.4; driver has been updated 597 to provide support for Virtual Function devices 598 (<acronym>VFs</acronym>) on Chelsio T6 adapters.</para> 599 600 <para revision="310852" contrib="sponsor" 601 sponsor="&netgate;">The &man.miibus.4; driver has been updated 602 to support Microchip/Micrel KSZ9031 Gigabit ethernet 603 cards.</para> 604 605 <para revision="311506" contrib="sponsor" 606 sponsor="&chelsio;">The &man.cxgbe.4; driver has been updated 607 to firmware version 1.16.26.0 for T4, T5, and T6 cards.</para> 608 609 <para revision="312358">The &man.alc.4; driver has been updated 610 to provide support for Atheros® Killer E2400™ 611 Gigabit ethernet cards.</para> 612 613 <para revision="314005" contrib="sponsor" sponsor="&ms;">The 614 &man.alc.4; driver has been updated to provide support for 615 Atheros® Killer E2500™ Gigabit ethernet 616 cards.</para> 617 618 <para revision="315330" contrib="sponsor" 619 sponsor="&netgate;">The &man.etherswitch.4; driver has been 620 updated to support RTL8366RB and RTL8366SR cards.</para> 621 622 <para revision="315514" contrib="sponsor" sponsor="&yandex;">The 623 &man.if.ipsec.4; virtual tunneling interface has been added, 624 implementing route-based <acronym>VPN</acronym>s protected 625 with Encapsulating Security Payload 626 (<acronym>ESP</acronym>).</para> 627 628 <para revision="317116">The &man.qlnxe.4; driver has been added, 629 providing support for Cavium® Qlogic™ 45000 Series 630 adapters.</para> 631 632 <para revision="317182">The &man.qlxgbe.4; firmware has been 633 updated to version 5.4.64.</para> 634 635 <para revision="318357" contrib="sponsor" 636 sponsor="&intelcorp;">The &man.ixl.4; driver has been updated 637 to version 1.7.12-k.</para> 638 </sect2> 639 </sect1> 640 641 <sect1 xml:id="hardware"> 642 <title>Hardware Support</title> 643 644 <para>This section covers general hardware support for physical 645 machines, hypervisors, and virtualization environments, as well 646 as hardware changes and updates that do not otherwise fit in 647 other sections of this document.</para> 648 649 <sect2 xml:id="hardware-support"> 650 <title>Hardware Support</title> 651 652 <para revision="307576">The &man.atkbdc.4; driver has been 653 updated to provide support for Elantech® trackpads. To 654 enable hardware support, add 655 <literal>hw.psm.elantech_support=1</literal> to 656 &man.loader.conf.5;.</para> 657 </sect2> 658 659 <sect2 xml:id="hardware-virtualization"> 660 <title>Virtualization Support</title> 661 662 <para revision="306471" contrib="sponsor" 663 sponsor="&chelsio;"><acronym>PCI</acronym> passthrough with 664 &man.bhyve.4; supports more dynamic configurations permitting 665 devices to be marked for passthrough or host use at 666 runtime.</para> 667 668 <para revision="306520" contrib="sponsor" 669 sponsor="&chelsio;"><acronym>PCI</acronym> passthrough with 670 &man.bhyve.4; resets functions via <acronym>FLR</acronym> when 671 a virtual machine is started and stopped.</para> 672 673 <para revision="309312" contrib="sponsor" 674 sponsor="&ms;"><acronym>PCI</acronym> passthrough support has 675 been enabled on &os; virtual machines running on 676 Microsoft® Hyper-V™.</para> 677 678 <para revision="314091" contrib="sponsor" sponsor="&ms;">The 679 &man.hv.netvsc.4; driver <acronym>SR-IOV</acronym> 680 implementation has been updated to support Virtual Function 681 (<acronym>VF</acronym>) devices, such as the Mellanox® 682 Connect-X3™ network card.</para> 683 684 <para revision="316272" contrib="sponsor" sponsor="&ms;">Support 685 for Microsoft® Hyper-V™ Generation 2 virtual 686 machines has been added.</para> 687 688 <para revision="317119" contrib="sponsor" sponsor="&ms;">Support 689 for synthetic keyboards has been added for virtual machines 690 running on Microsoft® Hyper-V™.</para> 691 692 <para revision="312790">The &os; virtual machines provided on 693 Amazon® EC2™ now enable <acronym>IPv6</acronym> by 694 default.</para> 695 </sect2> 696 697 <sect2 xml:id="hardware-arm"> 698 <title>ARM Support</title> 699 700 <para revision="305436">Support for the Allwinner A13 board has 701 been added.</para> 702 </sect2> 703 </sect1> 704 705 <sect1 xml:id="storage"> 706 <title>Storage</title> 707 708 <para>This section covers changes and additions to file systems 709 and other storage subsystems, both local and networked.</para> 710 711 <sect2 xml:id="storage-general"> 712 <title>General Storage</title> 713 714 <para> </para> 715 </sect2> 716 717 <sect2 xml:id="storage-net"> 718 <title>Networked Storage</title> 719 720 <para revision="318660">The <acronym>NFS</acronym> client now 721 properly handles <literal>NFS4ERR_BAD_SESSION</literal> errors 722 received from an <acronym>NFS</acronym> server. Additionally, 723 the kernel <acronym>RPC</acronym> client has been updated to 724 prevent creating new <acronym>TCP</acronym> connections when 725 <literal>ERESTART</literal> is received from 726 &man.sosend.9;.</para> 727 728 <para revision="318660">The <acronym>NFS</acronym> client now 729 supports the Amazon® Elastic File System™ 730 (<acronym>EFS</acronym>).</para> 731 </sect2> 732 733 <sect2 xml:id="storage-zfs"> 734 <title>ZFS</title> 735 736 <para revision="318785">The 737 <literal>vfs.zfs.debug_flags</literal> &man.sysctl.8; has been 738 deprecated in favor of 739 <literal>vfs.zfs.debugflags</literal>.</para> 740 </sect2> 741 742 <sect2 xml:id="storage-geom"> 743 <title><literal>geom(4)</literal></title> 744 745 <para> </para> 746 </sect2> 747 </sect1> 748 749 <sect1 xml:id="boot"> 750 <title>Boot Loader Changes</title> 751 752 <para>This section covers the boot loader, boot menu, and other 753 boot-related changes.</para> 754 755 <sect2 xml:id="boot-loader"> 756 <title>Boot Loader Changes</title> 757 758 <para revision="307632" contrib="sponsor" sponsor="&gandi;">The 759 <acronym>EFI</acronym> loader has been updated to support 760 <acronym>TFTPFS</acronym>, providing netboot support without 761 requiring an <acronym>NFS</acronym> server.</para> 762 </sect2> 763 764 <sect2 xml:id="boot-menu"> 765 <title>Boot Menu Changes</title> 766 767 <para> </para> 768 </sect2> 769 </sect1> 770 771 <sect1 xml:id="network"> 772 <title>Networking</title> 773 774 <para>This section describes changes that affect networking in 775 &os;.</para> 776 777 <sect2 xml:id="network-general"> 778 <title>General Network Changes</title> 779 780 <para revision="311681" contrib="sponsor" sponsor="&yandex;">The 781 network stack has been updated to include 782 <function>ip6_tryforward()</function>, providing performance 783 benefits as result of a reduced number of checks.</para> 784 785 <para revision="313523" contrib="sponsor" 786 sponsor="&dellemc;">The network stack has been modified to fix 787 incorrect or invalid <acronym>IP</acronym> addresses if 788 multiple threads emit a <acronym>UDP</acronym> 789 <literal>log_in_vain</literal> message concurrently.</para> 790 791 <para revision="317386" contrib="sponsor" 792 sponsor="&multiplay;">The <acronym>TCP</acronym> stack has 793 been changed to use the estimated <acronym>RTT</acronym> 794 instead of timestamps for receive buffer auto resizing.</para> 795 </sect2> 796 797 <sect2 xml:id="network-protocols"> 798 <title>Network Protocols</title> 799 800 <para revision="309337" contrib="sponsor" 801 sponsor="&dellemc;">Support for <acronym>GARP</acronym> 802 (gratuitous <acronym>ARP</acronym>) retransmit has been added. 803 A new &man.sysctl.8;, 804 <literal>net.link.ether.inet.garp_rexmit_count</literal>, has 805 been added, which sets the maximum number of retransmissions 806 when set to a non-zero value.</para> 807 808 <para revision="315514" contrib="sponsor" 809 sponsor="&yandex;">Support for the 810 <literal>UDP_ENCAP_ESPINUDP_NON_IKE</literal> encapsulation 811 type has been removed.</para> 812 </sect2> 813 </sect1> 814 815 <sect1 xml:id="ports"> 816 <title>Ports Collection and Package Infrastructure</title> 817 818 <para>This section covers changes to the &os; Ports 819 Collection, package infrastructure, and package maintenance and 820 installation tools.</para> 821 822 <sect2 xml:id="ports-infrastructure"> 823 <title>Infrastructure Changes</title> 824 825 <para> </para> 826 </sect2> 827 828 <sect2 xml:id="ports-packages "> 829 <title>Packaging Changes</title> 830 831 <para> </para> 832 </sect2> 833 </sect1> 834 835 <sect1 xml:id="doc"> 836 <title>Documentation</title> 837 838 <para>This section covers changes to the &os; Documentation 839 Project sources and toolchain.</para> 840 841 <sect2 xml:id="doc-sources"> 842 <title>Documentation Source Changes</title> 843 844 <para> </para> 845 </sect2> 846 847 <sect2 xml:id="doc-toolchain"> 848 <title>Documentation Toolchain Changes</title> 849 850 <para> </para> 851 </sect2> 852 </sect1> 853 854 <sect1 xml:id="releng"> 855 <title>Release Engineering and Integration</title> 856 857 <para>This section convers changes that are specific to the 858 &os; Release Engineering processes.</para> 859 860 <sect2 xml:id="releng-changes"> 861 <title>Integration Changes</title> 862 863 <para> </para> 864 </sect2> 865 </sect1> 866</article> 867