article.xml revision 151899
1<articleinfo> 2 <title>&os;/&arch; &release.current; Release Notes</title> 3 4 <corpauthor>The &os; Project</corpauthor> 5 6 <pubdate>$FreeBSD: head/release/doc/en_US.ISO8859-1/relnotes/article.sgml 151899 2005-10-31 16:52:11Z hrs $</pubdate> 7 8 <copyright> 9 <year>2000</year> 10 <year>2001</year> 11 <year>2002</year> 12 <year>2003</year> 13 <year>2004</year> 14 <year>2005</year> 15 <holder role="mailto:doc@FreeBSD.org">The &os; Documentation Project</holder> 16 </copyright> 17 18 <legalnotice id="trademarks" role="trademarks"> 19 &tm-attrib.freebsd; 20 &tm-attrib.ibm; 21 &tm-attrib.ieee; 22 &tm-attrib.intel; 23 &tm-attrib.sparc; 24 &tm-attrib.general; 25 </legalnotice> 26 27 <abstract> 28 <para>The release notes for &os; &release.current; contain a summary 29 of the changes made to the &os; base system on the 30 &release.branch; development line. 31 This document lists applicable security advisories that were issued since 32 the last release, as well as significant changes to the &os; 33 kernel and userland. 34 Some brief remarks on upgrading are also presented.</para> 35 </abstract> 36</articleinfo> 37 38<sect1 id="intro"> 39 <title>Introduction</title> 40 41 <para>This document contains the release notes for &os; 42 &release.current; on the &arch.print; hardware platform. It 43 describes recently added, changed, or deleted features of &os;. 44 It also provides some notes on upgrading 45 from previous versions of &os;.</para> 46 47<![ %release.type.current [ 48 49 <para>The &release.type; distribution to which these release notes 50 apply represents the latest point along the &release.branch; development 51 branch since &release.branch; was created. Information regarding pre-built, binary 52 &release.type; distributions along this branch 53 can be found at <ulink url="&release.url;"></ulink>.</para> 54 55]]> 56 57<![ %release.type.snapshot [ 58 59 <para>The &release.type; distribution to which these release notes 60 apply represents a point along the &release.branch; development 61 branch between &release.prev; and the future &release.next;. 62 Information regarding 63 pre-built, binary &release.type; distributions along this branch 64 can be found at <ulink url="&release.url;"></ulink>.</para> 65 66]]> 67 68<![ %release.type.release [ 69 70 <para>This distribution of &os; &release.current; is a 71 &release.type; distribution. It can be found at <ulink 72 url="&release.url;"></ulink> or any of its mirrors. More 73 information on obtaining this (or other) &release.type; 74 distributions of &os; can be found in the <ulink 75 url="&url.books.handbook;/mirrors.html"><quote>Obtaining 76 &os;</quote> appendix</ulink> to the <ulink 77 url="&url.books.handbook;/">&os; 78 Handbook</ulink>.</para> 79 80]]> 81 82 <para>All users are encouraged to consult the release errata before 83 installing &os;. The errata document is updated with 84 <quote>late-breaking</quote> information discovered late in the 85 release cycle or after the release. Typically, it contains 86 information on known bugs, security advisories, and corrections to 87 documentation. An up-to-date copy of the errata for &os; 88 &release.current; can be found on the &os; Web site.</para> 89 90</sect1> 91 92<sect1 id="new"> 93 <title>What's New</title> 94 95 <para>This section describes 96 the most user-visible new or changed features in &os; 97 since &release.prev;. 98 In general, changes described here are unique to the &release.branch; 99 branch unless specifically marked as &merged; features. 100 </para> 101 102 <para>Typical release note items 103 document recent security advisories issued after 104 &release.prev.historic;, 105 new drivers or hardware support, new commands or options, 106 major bug fixes, or contributed software upgrades. They may also 107 list changes to major ports/packages or release engineering 108 practices. Clearly the release notes cannot list every single 109 change made to &os; between releases; this document focuses 110 primarily on security advisories, user-visible changes, and major 111 architectural improvements.</para> 112 113 <sect2 id="security"> 114 <title>Security Advisories</title> 115 116 <para></para> 117 </sect2> 118 119 <sect2 id="kernel"> 120 <title>Kernel Changes</title> 121 122 <para>A new sysctl variable <varname>kern.malloc_stats</varname> 123 has been added. This allows to export kernel malloc 124 statistics via a binary structure stream.</para> 125 126 <para>A new sysctl variable <varname>vm.zone_stats</varname> 127 has been added. This allows to export &man.uma.9; allocator 128 statistics via a binary structure stream.</para> 129 130 <para>The sysctl variable <varname>hw.pci.do_powerstate</varname> 131 has been changed from a boolean to a range. 132 <literal>0</literal> means no power management, 133 <literal>1</literal> means conservative power management which 134 any device class that has caused problems is added to the watch list, 135 <literal>2</literal> means aggressive power management where 136 any device class that is not fundamental to the system is added to the list, 137 and <literal>3</literal> means power them all down unconditionally. 138 The default is <literal>1</literal>.</para> 139 140 <para arch="ia64">The <filename>GENERIC</filename> kernel now enables 141 SMP support by default.</para> 142 143 <para>Sample kernel configuration files 144 <filename>src/sys/<replaceable>arch</replaceable>/conf/MAC</filename> 145 for the Mandatory Access Control framework have been added.</para> 146 147 <sect3 id="boot"> 148 <title>Boot Loader Changes</title> 149 150 <para>A new option <option>-S</option>, 151 which allows setting the <filename>boot2</filename> 152 serial console speed in the <filename>/boot.config</filename> 153 file or on the <prompt>boot:</prompt> prompt line, 154 has been added.</para> 155 156 <para arch="i386,amd64">A new loader tunable 157 <varname>comconsole_speed</varname> to change 158 the serial console speed has been added. 159 If the previous stage boot loader requested a serial console 160 then the default speed is determined from the current serial port 161 speed, and otherwise it is set to 9600 or the value of 162 the kernel option <literal>BOOT_COMCONSOLE_SPEED</literal> 163 at compile time.</para> 164 165 <!-- Above this line, order boot loader changes by keyword--> 166 167 </sect3> 168 169 <sect3 id="proc"> 170 <title>Hardware Support</title> 171 172 <para>The &man.acpi.thermal.4; driver now supports 173 passive cooling.</para> 174 175 <para>Support for the PadLock Security Co-processor in VIA C3 176 processors has been added to the &man.crypto.9; subsystem. 177 &merged;</para> 178 179 <para>A bug which prevents the &man.ichsmb.4; kernel module 180 from unloading has been fixed.</para> 181 182 <para arch="ia64">The loader tunable <varname>debug.mpsafevfs</varname> 183 is set to <literal>1</literal> by default.</para> 184 185 <para arch="amd64">The smbios(4) driver support for amd64 has been 186 added.</para> 187 188 <para>The tnt4882(4) driver which supports National Instruments 189 PCI-GPIB card has been added.</para> 190 191 <para arch="i386">A new loader tunable 192 <varname>hw.apic.enable_extint</varname> has been added. 193 This tunable can be used not to mask the ExtINT pin on the first 194 I/O APIC. At least one chipset for Intel Pentium III seems 195 to need this even though all of the pins in the 8259A's are masked. 196 The default is still to mask the ExtINT pin.</para> 197 198 <sect4 id="mm"> 199 <title>Multimedia Support</title> 200 201 <para>The &man.agp.4; driver now supports ATI IGP chipsets.</para> 202 203 <para>The &man.sound.4; driver now supports 204 wider range sampling rate, multiple precisions choice, 205 and 24/32 bit PCM format conversion.</para> 206 207 <para>The &man.snd.als4000.4; driver is now MPSAFE.</para> 208 209 <para>The &man.snd.cmi.4; driver is now MPSAFE.</para> 210 211 <para>The &man.snd.via8233.4; driver is now MPSAFE.</para> 212 213 <para>The &man.snd.via82c686.4; driver is now MPSAFE.</para> 214 </sect4> 215 216 <sect4 id="net-if"> 217 <title>Network Interface Support</title> 218 219 <para>The &man.dc.4; driver is now MPSAFE. &merged;</para> 220 221 <para>The &man.de.4; driver has been converted to the &man.bus.dma.9; 222 API and is now MPSAFE.</para> 223 224 <para>The &man.ed.4; driver is now MPSAFE.</para> 225 226 <para>The &man.el.4; driver has been removed.</para> 227 228 <para>The &man.my.4; driver is now MPSAFE. &merged;</para> 229 230 <para>The &man.pcn.4; driver is now MPSAFE. &merged;</para> 231 232 <para>The &man.re.4; driver now supports D-Link DGE-528(T) 233 Gigabit Ethernet card.</para> 234 235 <para>The &man.sf.4; driver is now MPSAFE. &merged;</para> 236 237 <para>The &man.ste.4; driver is now MPSAFE.</para> 238 </sect4> 239 </sect3> 240 241 <sect3 id="net-proto"> 242 <title>Network Protocols</title> 243 244 <para>The &man.gre.4; driver, which is for GRE encapsulation 245 found in RFC 1701 and RFC 1702 now supports IPv6 over GRE.</para> 246 247 <para>The path MTU discovery for multicast packets in the &os; 248 &man.ip6.4; stack has been disabled by default because 249 notifying path MTU by a lot of routers in multicast 250 can be a kind of distributed Denial-of-Service attack to a router. 251 This feature can be enabled by using a new sysctl variable 252 <varname>net.inet6.ip6.mcast_pmtu</varname>.</para> 253 254 <para>The &man.ipfw.4;, IP packet filter now supports IPv6. 255 The &man.ip6fw.8; is deprecated and will be removed 256 in the future releases.</para> 257 258 <para>The &man.natm.4;, Native Mode ATM protocol layer is now MPSAFE.</para> 259 260 <para>A new sysctl variable <varname>net.inet.icmp.reply_from_interface</varname> 261 has been added. This allows the &man.icmp.4; 262 reply to non-local packets generated with 263 the IP address the packet came through in. 264 This is useful for routers to show in &man.traceroute.8; 265 the actual path a packet has taken instead of 266 the possibly different return path.</para> 267 268 <para>A new sysctl variable <varname>net.inet.icmp.quotelen</varname> 269 has been added. This allows to change length of 270 the quotation of the original packet in an ICMP reply. 271 The minimum of 8 bytes is internally enforced. 272 The maximum quotation is the remaining space in the 273 reply mbuf. This option is added in response to the 274 issues raised in I-D 275 <filename>draft-gont-icmp-payload-00.txt</filename>.</para> 276 277 <para>The &man.icmp.4; now always quotes the entire TCP header 278 when responding and allocate an mbuf cluster if needed. 279 This change fixes the TCP issues raised in I-D 280 <filename>draft-gont-icmp-payload-00.txt</filename>.</para> 281 282 <para>A new socket option <literal>IP_MINTTL</literal> has been added. 283 This may be used to set the minimum acceptable 284 TTL a packet must have when received on a socket. 285 All packets with a lower TTL are silently dropped, 286 and this works on already connected/connecting and 287 listening sockets for RAW, UDP, and TCP. This option 288 is only really useful when set to 255 preventing packets 289 from outside the directly connected networks reaching 290 local listeners on sockets. Also, this option allows 291 userland implementation of <quote>The Generalized TTL 292 Security Mechanism (GTSM)</quote> found in RFC 3682.</para> 293 294 <para>The stealth forwarding now supports IPv6 as well as IPv4. 295 This behavior can be controlled by using a new sysctl variable 296 <varname>net.inet6.ip6.stealth</varname>.</para> 297 </sect3> 298 299 <sect3 id="disks"> 300 <title>Disks and Storage</title> 301 302 <para>The &man.aac.4; driver now supports the Adaptec 2610SA SATA-RAID 303 controller in some Hewlett-Packard machines.</para> 304 305 <para>The &man.ata.4; driver now supports a workaround 306 for some controllers whose DMA does not work properly 307 in 48bit mode. For the suspicious controllers 308 the PIO mode will be used for access to over 137GB areas.</para> 309 310 <para>The &man.ata.4; driver now supports the ITE IT8211F IDE controller, 311 and Promise PDC40718 and PDC40719 chip found in Promise 312 Fasttrak TX4300.</para> 313 314 <para>A new GEOM class <literal>GEOM_ZERO</literal> has been added. 315 It creates very huge provider (41PB) <filename>/dev/gzero</filename> 316 and mainly for performance testing. 317 On <literal>BIO_READ</literal> request it zero-fills 318 <varname>bio_data</varname> and on <literal>BIO_WRITE</literal> 319 it does nothing.</para> 320 321 <para>The <literal>GEOM_LABEL</literal> class now supports 322 Ext2FS and ReiserFS.</para> 323 324 <para>The &man.hptmv.4; driver has been updated and now supports 325 amd64 as well as PAE.</para> 326 327 <para>The &man.mpt.4; driver has been updated to support 328 various new features such as RAID volume and RAID member 329 state/settings reporting, periodic volume re-synchronization 330 status reporting, and sysctl variables for volume 331 re-synchronization rate, volume member write cache status, 332 and volume transaction queue depth.</para> 333 334 <para>A new GEOM-based disk encryption facility, GEOM_ELI, has been 335 added. It uses the &man.crypto.9; framework for hardware acceleration 336 and supports different cryptographic algorithms. See &man.geli.8; for 337 more information. &merged;</para> 338 339 <para>The &man.umass.4; driver now supports 340 <literal>PLAY_MSF</literal>, 341 <literal>PLAY_TRACK</literal>, 342 <literal>PLAY_TRACK_REL</literal>, 343 <literal>PAUSE</literal>, 344 <literal>PLAY_12</literal> commands so that 345 the &man.cdcontrol.1; utility can handle USB CD drive.</para> 346 </sect3> 347 348 <sect3 id="fs"> 349 <title>File Systems</title> 350 351 <para>A part of the FreeBSD NFS subsystem (the interface with 352 the protocol stack and callouts) is now MPSAFE.</para> 353 </sect3> 354 355 <sect3> 356 <title>Contributed Software</title> 357 358 <para></para> 359 </sect3> 360 </sect2> 361 362 <sect2 id="userland"> 363 <title>Userland Changes</title> 364 365 <para>Padding of <varname>ai_addrlen</varname> 366 in <varname>struct addrinfo</varname> has been removed, 367 which was originally for the ABI compatibility. 368 For example, this change break the ABI compatibility of 369 &man.getaddrinfo.3; function on 64-bit architecture including 370 &os;/alpha, &os;/amd64, &os;/ia64, and &os;/sparc64.</para> 371 372 <para>The &man.bsdiff.1; and &man.bspatch.1; utilities 373 have been added. These are tools for constructing and 374 applying binary patches.</para> 375 376 <para>The &man.cmp.1; utility now supports an <option>-h</option> 377 flag to compare the symbolic link itself rather than the 378 file that the link points to.</para> 379 380 <para>The &man.gpt.8; utility now supports setting GPT partition labels.</para> 381 382 <para>The &man.ifconfig.8; utility now supports 383 a <option>-k</option> flag to allow printing 384 potentially sensitive keying material to standard output. 385 This sensitive information will not be printed by default.</para> 386 387 <para>The &man.ifconfig.8; utility now supports a <option>-tunnel</option> 388 parameter, which is just an alias for <option>deletetunnel</option>, 389 yet is more convenient and easier to type.</para> 390 391 <para>The <option>-vlandev</option> parameter to &man.ifconfig.8; 392 no longer requires a network interface as its argument. The 393 argument still is supported for backward compatibility, but now 394 it is deprecated and its use is discouraged.</para> 395 396 <para>The &man.kenv.1; utility now supports a <option>-q</option> 397 flag to suppress warnings.</para> 398 399 <para>The <application>libedit</application> library has been 400 updated from the NetBSD source tree as of August 2005.</para> 401 402 <para>The &man.libmemstat.3; library has been added. 403 This is for use by debugging and monitoring applications 404 in tracking kernel memory statistics. It provides an 405 abstracted interface to &man.uma.9; and &man.malloc.9; 406 statistics, wrapped around the binary stream sysctl variables 407 for the allocators. &merged;</para> 408 409 <para>A new function &man.memmem.3; has been implemented in 410 <filename>libc</filename>. This is the binary equivalent to 411 &man.strstr.3; and found in <filename>glibc</filename>.</para> 412 413 <para>The &man.moused.8; now supports an <option>-H</option> flag 414 to enable horizontal virtual scrolling similar to a 415 <option>-V</option> flag for vertical virtual scrolling.</para> 416 417 <para>The &man.netstat.1; utility now supports an 418 <option>-h</option> flag for interface stats mode, 419 which prints all interface statistics in human readable form.</para> 420 421 <para>A new functions, &man.pidfile.3;, which allow reliable 422 pidfiles handling have been implemented in 423 <filename>libutil</filename>.</para> 424 425 <para>The &man.ping.8; utility now supports <quote>a sweeping 426 ping</quote> in which &man.icmp.4; payload of 427 packets being sent is increased with given step. 428 This is useful for testing problematic channels, MTU issues 429 or traffic policing functions in networks.</para> 430 431 <para>The &man.pkill.1; utility now supports a 432 <option>-F</option> option which allows to 433 restrict matches to a process whose PID is stored in the 434 pidfile file. When another new option <option>-L</option> 435 is also specified, the pidfile file must be locked with the 436 &man.flock.2; syscall or created with &man.pidfile.3;.</para> 437 438 <para>The &man.powerd.8; program now supports a 439 <option>-P</option> option which allows to specify pidfile.</para> 440 441 <para>The &man.rpcgen.1; utility now generates headers and stub files 442 which can be used with ANSI C compilers by default.</para> 443 444 <para>The &man.sysctl.8; utility now supports a <option>-q</option> 445 flag to suppress a limited set of warnings and errors.</para> 446 447 <para>The shared library version number of all libraries have 448 been updated due to some possible ABI changes. The libraries 449 include: snmp_*, libdialog, libg2c, libobjc, 450 libreadline, libregex, libstdc++, libkrb5, libalias, libarchive, 451 libbegemot, libbluetooth, libbsnmp, libbz2, libc_r, libcrypt, 452 libdevstat, libedit, libexpat, libfetch, libftpio, libgpib, 453 libipsec, libkiconv, libmagic, libmp, libncp, libncurses, 454 libnetgraph, libngatm, libopie, libpam, libpthread, libradius, 455 libsdp, libsmb, libtacplus, libthr, libthread_db, libugidfw, 456 libusbhid, libutil, libvgl, libwrap, libypclnt, libm, libcrypto, 457 libssh, and libssl.</para> 458 459 <para>The <function>wcsdup()</function> function has been 460 implemented. This function is popular in Microsoft and GNU 461 systems.</para> 462 463 <sect3 id="rc-scripts"> 464 <title><filename>/etc/rc.d</filename> Scripts</title> 465 466 <para>The <filename>gbde_swap</filename> script has 467 been removed in favor a new <filename>encswap</filename> 468 script which also supports &man.geli.8; for swap 469 encryption.</para> 470 471 <para>The <filename>geli</filename> and <filename>geli2</filename> 472 scripts has been added for &man.geli.8; device 473 configuration on boot.</para> 474 475 <para>The <varname>removable_interfaces</varname> variable 476 has been removed.</para> 477 478 <para>A new keyword <literal>NOAUTO</literal> in 479 <varname>ifconfig_<replaceable>ifn</replaceable></varname> 480 has been added. This prevents configuration of an interface 481 at boot time or via <filename>/etc/pccard_ether</filename>, 482 and allows <filename>/etc/rc.d/netif</filename> 483 to be used to start and stop an interface 484 on a purely manual basis.</para> 485 </sect3> 486 </sect2> 487 488 <sect2 id="contrib"> 489 <title>Contributed Software</title> 490 491 <para><application>libpcap</application> has been updated 492 to v0.9.1 (release).</para> 493 494 <para><application>OpenSSH</application> has been updated from 495 version 4.0p1 to version 4.2p1.</para> 496 497 <para><application>sendmail</application> has been updated from 498 version 8.13.3 to version 8.13.4.</para> 499 500 <para><application>tcpdump</application> has been updated 501 to v3.9.1 (release).</para> 502 </sect2> 503 504 <sect2 id="ports"> 505 <title>Ports/Packages Collection Infrastructure</title> 506 507 <para>The &man.pkg.version.1; now supports an <option>-o</option> 508 flag to show the origin recorded on package generation 509 instead of the package name, and an <option>-O</option> flag 510 to list packages whose registered origin is origin only.</para> 511 512 <para>The &man.portsnap.8; utility (<filename>sysutils/portsnap</filename>) 513 has been added into the &os; base system. This is a secure, 514 easy to use, fast, lightweight, and generally good way for 515 users to keep their ports trees up to date.</para> 516 </sect2> 517 518 <sect2 id="releng"> 519 <title>Release Engineering and Integration</title> 520 521 <para>The default partition sizing algorithm of the 522 &man.sysinstall.8; utility has been changed.</para> 523 524 <itemizedlist> 525 <listitem> 526 <para>On systems where the disk capacity is larger than (3 * RAMsize + 10GB), 527 the default sizes will now be as follows:</para> 528 529 <informaltable frame="none" pgwide="0"> 530 <tgroup cols="2"> 531 <colspec colwidth="1*"> 532 <colspec colwidth="2*"> 533 <thead> 534 <row> 535 <entry>Partition</entry> 536 <entry>Size</entry> 537 </row> 538 </thead> 539 540 <tbody> 541 <row><entry>swap</entry><entry>RAMsize * 2</entry></row> 542 <row><entry><filename>/</filename></entry><entry>512 MB</entry></row> 543 <row><entry><filename>/tmp</filename></entry><entry>512 MB</entry></row> 544 <row><entry><filename>/var</filename></entry><entry>1024 MB + RAMsize</entry></row> 545 <row><entry><filename>/usr</filename></entry><entry>the rest (8GB or more)</entry></row> 546 </tbody> 547 </tgroup> 548 </informaltable> 549 </listitem> 550 551 <listitem> 552 <para>On systems where the disk capacity is larger than 553 (RAMsize / 8 + 2 GB), the default sizes will be 554 in the following ranges, with space allocated 555 proportionally:</para> 556 557 <informaltable frame="none" pgwide="0"> 558 <tgroup cols="2"> 559 <colspec colwidth="1*"> 560 <colspec colwidth="2*"> 561 <thead> 562 <row> 563 <entry>Partition</entry> 564 <entry>Size</entry> 565 </row> 566 </thead> 567 568 <tbody> 569 <row><entry>swap</entry><entry>from RAMsize / 8 to RAMsize * 2</entry></row> 570 <row><entry><filename>/</filename></entry><entry>from 256MB to 512MB</entry></row> 571 <row><entry><filename>/tmp</filename></entry><entry>from 128MB to 512MB</entry></row> 572 <row><entry><filename>/var</filename></entry><entry>from 128MB to 1024MB</entry></row> 573 <row><entry><filename>/usr</filename></entry><entry>from 1536MB to 8192MB</entry></row> 574 </tbody> 575 </tgroup> 576 </informaltable> 577 </listitem> 578 579 <listitem> 580 <para>On systems with even less disk space, the existing behavior is not 581 changed.</para> 582 </listitem> 583 </itemizedlist> 584 </sect2> 585 586 <sect2 id="doc"> 587 <title>Documentation</title> 588 589 <para>Documentation of existing functionality has been improved by 590 the addition of the following manual pages: 591 &man.acpi.sony.4;, &man.snd.mss.4;, &man.snd.t4dwave.4;.</para> 592 </sect2> 593</sect1> 594 595<sect1 id="upgrade"> 596 <title>Upgrading from previous releases of &os;</title> 597 598 <para></para> 599 600 <important> 601 <para>Upgrading &os; should, of course, only be attempted after 602 backing up <emphasis>all</emphasis> data and configuration 603 files.</para> 604 </important> 605</sect1> 606