article.xml revision 305976
1<?xml version="1.0" encoding="iso-8859-1"?> 2<!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook XML V5.0-Based Extension//EN" 3 "../../../share/xml/freebsd50.dtd" [ 4<!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN" "release.ent"> 5 %release; 6<!ENTITY % sponsor PUBLIC "-//FreeBSD//ENTITIES Sponsor Specification//EN" "sponsor.ent"> 7 %sponsor; 8<!ENTITY % vendor PUBLIC "-//FreeBSD//ENTITIES Vendor Specification//EN" "vendor.ent"> 9 %vendor; 10<!ENTITY security SYSTEM "../../share/xml/security.xml"> 11<!ENTITY errata SYSTEM "../../share/xml/errata.xml"> 12]> 13<article xmlns="http://docbook.org/ns/docbook" 14 xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0"> 15 16 <info> 17 <title>&os; &release.current; Release Notes</title> 18 19 <author> 20 <orgname>The &os; Project</orgname> 21 </author> 22 23 <pubdate>$FreeBSD: releng/11.0/release/doc/en_US.ISO8859-1/relnotes/article.xml 305976 2016-09-19 15:39:24Z gjb $</pubdate> 24 25 <!-- Last rev: 288943 --> 26 27 <copyright> 28 <year>2015</year> 29 <year>2016</year> 30 <holder role="mailto:doc@FreeBSD.org">The &os; Documentation 31 Project</holder> 32 </copyright> 33 34 <legalnotice xml:id="trademarks" role="trademarks"> 35 &tm-attrib.freebsd; 36 &tm-attrib.ibm; 37 &tm-attrib.ieee; 38 &tm-attrib.intel; 39 &tm-attrib.sparc; 40 &tm-attrib.general; 41 </legalnotice> 42 43 <abstract> 44 <para>The release notes for &os; &release.current; contain 45 a summary of the changes made to the &os; base system on the 46 &release.branch; development line. This document lists 47 applicable security advisories that were issued since the last 48 release, as well as significant changes to the &os; kernel and 49 userland. Some brief remarks on upgrading are also 50 presented.</para> 51 </abstract> 52 </info> 53 54 <sect1 xml:id="intro"> 55 <title>Introduction</title> 56 57 <para>This document contains the release notes for &os; 58 &release.current;. It describes recently added, changed, or 59 deleted features of &os;. It also provides some notes on 60 upgrading from previous versions of &os;.</para> 61 62 <para releasetype="current">The &release.type; distribution to 63 which these release notes apply represents the latest point 64 along the &release.branch; development branch since 65 &release.branch; was created. Information regarding pre-built, 66 binary &release.type; distributions along this branch can be 67 found at <uri 68 xlink:href="&release.url;">&release.url;</uri>.</para> 69 70 <para releasetype="snapshot">The &release.type; distribution to 71 which these release notes apply represents a point along the 72 &release.branch; development branch between &release.prev; and 73 the future &release.next;. Information regarding pre-built, 74 binary &release.type; distributions along this branch can be 75 found at <uri 76 xlink:href="&release.url;">&release.url;</uri>.</para> 77 78 <para releasetype="release">This distribution of &os; 79 &release.current; is a &release.type; distribution. It can be 80 found at <uri xlink:href="&release.url;">&release.url;</uri> or 81 any of its mirrors. More information on obtaining this (or 82 other) &release.type; distributions of &os; can be found in the 83 <link 84 xlink:href="&url.books.handbook;/mirrors.html"><quote>Obtaining 85 &os;</quote> appendix</link> to the <link 86 xlink:href="&url.books.handbook;/">&os; 87 Handbook</link>.</para> 88 89 <para>All users are encouraged to consult the release errata 90 before installing &os;. The errata document is updated with 91 <quote>late-breaking</quote> information discovered late in the 92 release cycle or after the release. Typically, it contains 93 information on known bugs, security advisories, and corrections 94 to documentation. An up-to-date copy of the errata for &os; 95 &release.current; can be found on the &os; Web site.</para> 96 97 <para>This document describes the most user-visible new or changed 98 features in &os; since &release.prev;. In general, changes 99 described here are unique to the &release.branch; branch unless 100 specifically marked as &merged; features.</para> 101 102 <para>Typical release note items document recent security 103 advisories issued after &release.prev;, new drivers or hardware 104 support, new commands or options, major bug fixes, or 105 contributed software upgrades. They may also list changes to 106 major ports/packages or release engineering practices. Clearly 107 the release notes cannot list every single change made to &os; 108 between releases; this document focuses primarily on security 109 advisories, user-visible changes, and major architectural 110 improvements.</para> 111 </sect1> 112 113 <sect1 xml:id="important"> 114 <title>Important Notes</title> 115 116 <para>This section lists important information for those upgrading 117 from prior &os; releases.</para> 118 119 <sect2 xml:id="important-notes"> 120 <title>User-facing Changes</title> 121 122 <para>As of <literal>r303719</literal>, 123 <application>OpenSSH</application> <literal>DSA</literal> key 124 generation has been disabled by default. It is important to 125 update <application>OpenSSH</application> keys prior to 126 upgrading. Additionally, <literal>Protocol 1</literal> 127 support has been removed.</para> 128 </sect2> 129 </sect1> 130 131 <sect1 xml:id="upgrade"> 132 <title>Upgrading from Previous Releases of &os;</title> 133 134 <para arch="amd64,i386">Binary upgrades between RELEASE versions 135 (and snapshots of the various security branches) are supported 136 using the &man.freebsd-update.8; utility. The binary upgrade 137 procedure will update unmodified userland utilities, as well as 138 unmodified GENERIC kernels distributed as a part of an official 139 &os; release. The &man.freebsd-update.8; utility requires that 140 the host being upgraded have Internet connectivity.</para> 141 142 <para>Source-based upgrades (those based on recompiling the &os; 143 base system from source code) from previous versions are 144 supported, according to the instructions in 145 <filename>/usr/src/UPDATING</filename>.</para> 146 147 <important> 148 <para>Upgrading &os; should only be attempted after backing up 149 <emphasis>all</emphasis> data and configuration files.</para> 150 </important> 151 </sect1> 152 153 <sect1 xml:id="security-errata"> 154 <title>Security and Errata</title> 155 156 <para>This section lists the various Security Advisories and 157 Errata Notices since &release.prev;.</para> 158 159 <sect2 xml:id="security"> 160 <title>Security Advisories</title> 161 162 &security; 163 </sect2> 164 165 <sect2 xml:id="errata"> 166 <title>Errata Notices</title> 167 168 &errata; 169 </sect2> 170 </sect1> 171 172 <sect1 xml:id="userland"> 173 <title>Userland</title> 174 175 <para>This section covers changes and additions to userland 176 applications, contributed software, and system utilities.</para> 177 178 <sect2 xml:id="userland-config"> 179 <title>Userland Configuration Changes</title> 180 181 <para revision="266463">The default &man.newsyslog.conf.5; now 182 includes files in the 183 <filename>/etc/newsyslog.conf.d/</filename> and 184 <filename>/usr/local/etc/newsyslog.conf.d/</filename> 185 directories by default for &man.newsyslog.8;.</para> 186 187 <para revision="270675">The &man.mailwrapper.8; utility has been 188 updated to use &man.mailer.conf.5; from the 189 <literal>LOCALBASE</literal> environment variable, which 190 defaults to <filename class="directory">/usr/local</filename> 191 if unset.</para> 192 193 <para revision="272350">The <literal>MK_ARM_EABI</literal> 194 &man.src.conf.5; option has been removed.</para> 195 196 <para revision="302177">The 197 <literal>WITH_SYSTEM_COMPILER</literal> &man.src.conf.5; 198 option is enabled by default.</para> 199 200 <para revision="301247">The <application>ntp</application> suite 201 has been updated to version 4.2.8p8.</para> 202 203 <para revision="301247">The 204 <filename>/etc/ntp/leap-seconds</filename> has been updated to 205 version 3676752000.</para> 206 </sect2> 207 208 <sect2 xml:id="userland-programs"> 209 <title>Userland Application Changes</title> 210 211 <para revision="260594">When unable to load a kernel module with 212 &man.kldload.8;, a message informing to view output of 213 &man.dmesg.8; is now printed, opposed to the previous output 214 <quote>Exec format error.</quote>.</para> 215 216 <para revision="260910">Allow &man.pciconf.8; to identify PCI 217 devices that are attached to a driver to be identified by 218 their device name instead of just the selector. Additionally, 219 the <literal>-l</literal> flag now accepts an optional device 220 argument to list details about a single device.</para> 221 222 <para revision="260913">A new flag, <quote>onifconsole</quote> 223 has been added to <filename>/etc/ttys</filename>. This allows 224 the system to provide a login prompt via serial console if the 225 device is an active kernel console, otherwise it is equivalent 226 to <literal>off</literal>.</para> 227 228 <para revision="260926">Support for displaying VPD for PCI 229 devices via &man.pciconf.8; has been added.</para> 230 231 <para revision="261498">&man.ping.8; protects against malicious 232 network packets using the Capsicum framework to drop 233 privileges.</para> 234 235 <para revision="265229">The &man.ps.1; utility has been 236 updated to include the <literal>-J</literal> flag, used to 237 filter output by matching &man.jail.8; IDs and names. 238 Additionally, argument <literal>0</literal> can be used to 239 <literal>-J</literal> to only list processes running on the 240 host system.</para> 241 242 <para revision="265249">The &man.top.1; utility has been updated 243 to filter by &man.jail.8; ID or name, in followup to the 244 &man.ps.1; change in <literal>r265229</literal>.</para> 245 246 <para revision="266209">The &man.pmcstat.8; utility has been 247 updated to include a new flag, <literal>-l</literal>, which 248 ends event collection after the specified number of 249 seconds.</para> 250 251 <para revision="270745">The &man.ps.1; utility has been updated 252 to include a new keyword, <quote>tracer</quote>, which 253 displays the <acronym>PID</acronym> of the tracing 254 process.</para> 255 256 <para revision="271482">Support for adding empty partitions has 257 been added to the &man.mkimg.1; utility.</para> 258 259 <para revision="272166">The &man.primes.6; utility has been 260 updated to correctly enumerate prime numbers between 261 <literal>4295098369</literal> and 262 <literal>3825123056546413050</literal>, which prior to this 263 change, it would be possible for returned values to be 264 incorrectly identified as prime numbers.</para> 265 266 <para revision="272198">The &man.mkimg.1; utility has been 267 updated to include three options used to print information 268 about &man.mkimg.1; itself:</para> 269 270 <informaltable frame="none" pgwide="0"> 271 <tgroup cols="2"> 272 <colspec colwidth="1*"/> 273 <colspec colwidth="1*"/> 274 <thead> 275 <row> 276 <entry>Option</entry> 277 <entry>Output</entry> 278 </row> 279 </thead> 280 281 <tbody> 282 <row> 283 <entry><literal>--version</literal></entry> 284 <entry>The current version of the &man.mkimg.1; 285 utility</entry> 286 </row> 287 288 <row> 289 <entry><literal>--formats</literal></entry> 290 <entry>The disk image file formats supported by 291 &man.mkimg.1;</entry> 292 </row> 293 294 <row> 295 <entry><literal>--schemes</literal></entry> 296 <entry>The partition schemes supported by 297 &man.mkimg.1;</entry> 298 </row> 299 </tbody> 300 </tgroup> 301 </informaltable> 302 303 <para revision="272488">Userland &man.ctf.5; support in 304 &man.dtrace.1; has been added. With this change, 305 &man.dtrace.1; is able to resolve type info for function and 306 <acronym>USDT</acronym> probe arguments, and function return 307 values.</para> 308 309 <para revision="274960">The &man.elfdump.1; utility has been 310 updated to support capability mode provided by 311 &man.capsicum.4;.</para> 312 313 <para revision="275680" contrib="sponsor" sponsor="&ff;">The 314 &man.fstyp.8; utility has been added, which is used to 315 determine the filesystem on a specified device.</para> 316 317 <para revision="276881">The <literal>libedit</literal> library 318 has been updated to support <acronym>UTF</acronym>-8, which 319 additionally provides unicode support to &man.sh.1;.</para> 320 321 <para revision="276893" contrib="sponsor" sponsor="&ff;">The 322 &man.mkimg.1; utility has been updated to support the 323 <acronym>MBR</acronym> <acronym>EFI</acronym> partition 324 type.</para> 325 326 <para revision="277166" arch="powerpc">The &man.ptrace.2; system 327 call has been updated include support for Altivec registers on 328 &os;/&arch.powerpc;.</para> 329 330 <para revision="278320">A new device control utility, 331 &man.devctl.8; has been added, which allows making 332 administrative changes to individual devices, such as 333 attaching and detaching drivers, and enabling and disabling 334 devices. The &man.devctl.8; utility uses the new 335 &man.devctl.3; library.</para> 336 337 <para revision="279122" contrib="sponsor" 338 sponsor="&juniper;">The &man.netstat.1; utility has been 339 updated to link against the &man.libxo.3; shared 340 library.</para> 341 342 <para revision="279139">A new flag, <literal>-c</literal>, has 343 been added to the &man.mkimg.1; utility, which allows 344 specifying the capacity of the target disk image.</para> 345 346 <para revision="279315" contrib="sponsor" sponsor="&ff;">The 347 &man.uefisign.8; utility has been added.</para> 348 349 <para revision="279571" contrib="sponsor" 350 sponsor="&scaleengine;">The &man.freebsd-update.8; utility has 351 been updated to prevent fetching updated binary patches when 352 a previous upgrade has not been thoroughly completed.</para> 353 354 <para revision="280870">A regression in the &man.libarchive.3; 355 library that would prevent a directory from being included in 356 the archive when <literal>--one-file-system</literal> is used 357 has been fixed.</para> 358 359 <para revision="281311" contrib="sponsor" sponsor="&ff;">The 360 &man.ar.1; utility has been updated to set 361 <literal>ARCHIVE_EXTRACT_SECURE_SYMLINKS</literal> and 362 <literal>ARCHIVE_EXTRACT_SECURE_NODOTDOT</literal> to disallow 363 directory traversal when extracting an archive, similar to 364 &man.tar.1;.</para> 365 366 <para revision="281617">A race condition in &man.wc.1; that 367 would cause final results to be sent to &man.stderr.4; when 368 receiving the <literal>SIGINFO</literal> signal has been 369 fixed.</para> 370 371 <para revision="282208" contrib="sponsor" 372 sponsor="&multiplay;">The &man.chflags.1;, &man.chgrp.1;, 373 &man.chmod.1;, and &man.chown.8; utilities now affect symbolic 374 links when the <literal>-R</literal> flag is specified, as 375 documented in &man.symlink.7;.</para> 376 377 <para revision="282608">The &man.date.1; utility has been 378 updated to print the modification time of the file passed as 379 an argument to the <literal>-r</literal> flag, improving 380 compatibility with the <acronym>GNU</acronym> &man.date.1; 381 utility behavior.</para> 382 383 <para revision="283961">The &man.pw.8; utility has been updated 384 with a new flag, <literal>-R</literal>, that sets the root 385 directory within which the utility will operate.</para> 386 387 <para revision="284297" contrib="sponsor" 388 sponsor="&clusterhq;">The &man.lockstat.1; utility has been 389 updated with several improvements:</para> 390 391 <itemizedlist> 392 <listitem> 393 <para>Spin locks are now reported as the amount of time 394 spinning, instead of loop iterations.</para> 395 </listitem> 396 397 <listitem> 398 <para>Reader locks are now recognized as adaptive that can 399 spin on &os;.</para> 400 </listitem> 401 402 <listitem> 403 <para>Lock aquisition events for successful reader try-lock 404 events are now reported.</para> 405 </listitem> 406 407 <listitem> 408 <para>Spin and block events are now reported before lock 409 acquisition events.</para> 410 </listitem> 411 </itemizedlist> 412 413 <para revision="284589" contrib="sponsor" 414 sponsor="&scaleengine;">The &man.fstyp.8; utility has been 415 updated to be able to detect &man.zfs.8; and &man.geli.8; 416 filesystems.</para> 417 418 <para revision="284883">The &man.mkimg.1; utility has been 419 updated to include support for <literal>NTFS</literal> 420 filesystems in both <acronym>MBR</acronym> and 421 <acronym>GPT</acronym> partitioning schemes.</para> 422 423 <para revision="285253">The &man.quota.1; utility has been 424 updated to include support for <acronym>IPv6</acronym>.</para> 425 426 <para revision="285420">The &man.jexec.8; utility has been 427 updated to include a new flag, <literal>-l</literal>, which 428 ensures a clean environment in the target jail when used. 429 Additionally, &man.jexec.8; will run a shell within the target 430 jail when run no commands are specified.</para> 431 432 <para revision="285550">The &man.w.1; utility has been updated 433 to display the full IPv6 remote address of the host from which 434 a user is connected.</para> 435 436 <para revision="285685">The &man.jail.8; framework has been 437 updated to allow mounting &man.linprocfs.5; and 438 &man.linsysfs.5; within a jail.</para> 439 440 <para revision="285772" contrib="sponsor" 441 sponsor="&emcisilon;">The &man.patch.1; utility has been 442 updated to include a new option to the <literal>-V</literal> 443 flag, <literal>none</literal>, which disables backup file 444 creation when applying a patch.</para> 445 446 <para revision="286010" contrib="sponsor" sponsor="&ff;">The 447 &man.ar.1; utility now enables deterministic mode 448 (<literal>-D</literal>) by default. This behavior can be 449 disabled by specifying the <literal>-U</literal> flag.</para> 450 451 <para revision="286289" contrib="sponsor" 452 sponsor="&scaleengine;">The &man.xargs.1; utility has been 453 updated to allow specifying <literal>0</literal> as an 454 argument to the <literal>-P</literal> (parallel mode) flag, 455 which allows creating as many concurrent processes as 456 possible.</para> 457 458 <para revision="286795">The &man.patch.1; utility has been 459 updated to remove the automatic checkout feature.</para> 460 461 <para revision="287473" contrib="sponsor" sponsor="&gandi;">A 462 new utility, &man.sesutil.8;, has been added, which is used 463 to manage &man.ses.4; devices.</para> 464 465 <para revision="287522">The &man.pciconf.8; utility has been 466 updated to use the PCI ID database from the <filename 467 role="package">misc/pciids</filename> package, if present, 468 falling back to the PCI ID database in the &os; base 469 system.</para> 470 471 <para revision="287842">By default the &man.ifconfig.8; utility 472 will set the default regulatory domain to 473 <literal>FCC</literal> on wireless interfaces. As a result, 474 newly created wireless interfaces with default settings will 475 have less chances to violate country-specific 476 regulations.</para> 477 </sect2> 478 479 <sect2 xml:id="userland-contrib"> 480 <title>Contributed Software</title> 481 482 <para revision="260445">&man.byacc.1; has been updated to 483 version 20140101.</para> 484 485 <para revision="296633"><application>OpenSSH</application> has 486 been updated to 7.2p2.</para> 487 488 <para revision="303716">SSHv1 support has been removed from 489 <application>OpenSSH</application>.</para> 490 491 <para revision="303719">Support for DSA is disabled by default 492 in <application>OpenSSH</application>.</para> 493 494 <para revision="261344"><application>mdocml</application> has 495 been updated to version 1.12.3.</para> 496 497 <para revision="275718">The <application>binutils</application> 498 suite of utilities has been updated to include upstream 499 patches that add new relocations for &arch.powerpc; 500 support.</para> 501 502 <para revision="292120" contrib="sponsor" sponsor="&ff;">The 503 <application>ELF Tool Chain</application> has been updated to 504 upstream revision r3272.</para> 505 506 <para revision="276551">The <application>texinfo</application> 507 utility and <literal>info</literal> pages were removed from 508 the base system. The <filename 509 role="package">print/texinfo</filename> port should be 510 installed on systems where <literal>info</literal> pages are 511 needed.</para> 512 513 <para revision="276796" contrib="sponsor" sponsor="&ff;">The ELF 514 object manipulation tools 515 <application>addr2line</application>, 516 <application>elfcopy (strip)</application>, 517 <application>nm</application>, 518 <application>readelf</application>, 519 <application>size</application>, and 520 <application>strings</application> were switched to the 521 versions from the ELF Tool Chain project.</para> 522 523 <para revision="276881">The <literal>libedit</literal> library 524 has been updated to include <acronym>UTF-8</acronym> support, 525 adding <acronym>UTF-8</acronym> support to the &man.sh.1; 526 shell.</para> 527 528 <para revision="278433">The &man.xz.1; utility has been updated 529 to support multi-threaded compression.</para> 530 531 <para revision="280932" contrib="sponsor" sponsor="&ff;">The 532 <application>elftoolchain</application> utilities have been 533 updated to version 3179.</para> 534 535 <para revision="291125">The &man.xz.1; utility has been updated 536 to version 5.2.2.</para> 537 538 <para revision="281373">The &man.nvi.1; utility has been updated 539 to version 2.1.3.</para> 540 541 <para revision="281806">The &man.wpa.supplicant.8; and 542 &man.hostapd.8; utilities have been updated to version 543 2.4.</para> 544 545 <para revision="296190" contrib="sponsor" sponsor="&ff;">The 546 &man.resolvconf.8; utility has been updated to version 547 3.7.3.</para> 548 549 <para revision="284254"><application>bmake</application> has 550 been updated to version 20150606.</para> 551 552 <para revision="285229"><application>sendmail</application> has 553 been updated to 8.15.2. Starting with &os; 11.0 and 554 sendmail 8.15, sendmail uses uncompressed IPv6 addresses by 555 default, i.e., they will not contain <quote>::</quote>. For 556 example, instead of <quote>::1</quote>, it will be 557 <quote>0:0:0:0:0:0:0:1</quote>. This permits a zero subnet to 558 have a more specific match, such as different map entries for 559 IPv6:0:0 versus IPv6:0. This change requires that 560 configuration data (including maps, files, classes, custom 561 ruleset, etc.) must use the same format, so make certain such 562 configuration data is upgrading. As a very simple check 563 search for patterns like 'IPv6:[0-9a-fA-F:]*::' and 'IPv6::'. 564 To return to the old behavior, set the m4 option 565 <literal>confUSE_COMPRESSED_IPV6_ADDRESSES</literal> or the cf 566 option <literal>UseCompressedIPv6Addresses</literal>.</para> 567 568 <para revision="285275">The &man.tcpdump.1; utility has been 569 updated to version 4.7.4.</para> 570 571 <para revision="298998"><application>OpenSSL</application> has 572 been updated to version 1.0.2h.</para> 573 574 <para revision="285642" contrib="sponsor" sponsor="&dell;">The 575 &man.ssh.1; utility has been updated to re-implement hostname 576 canonicalization before locating the host in 577 <filename>known_hosts</filename>.</para> 578 579 <para revision="285972">The &man.libarchive.3; library has been 580 updated to properly skip a sparse file entry in a &man.tar.1; 581 file, which would previously produce errors.</para> 582 583 <para revision="286503">The <application>apr</application> 584 library used by &man.svnlite.1; has been updated to version 585 1.5.2.</para> 586 587 <para revision="286505">The <application>serf</application> 588 library used by &man.svnlite.1; has been updated to version 589 1.3.8.</para> 590 591 <para revision="286505">The &man.svnlite.1; utility has been 592 updated to version 1.8.14.</para> 593 594 <para revision="298161">The <application>sqlite3</application> 595 library used by &man.svnlite.1; and &man.kerberos.8; has been 596 updated to version 3.12.1.</para> 597 598 <para revision="286750">Timezone data files have been updated to 599 version 2015f.</para> 600 601 <para revision="287168">The &man.acpi.4; subsystem has been 602 updated to version 20150818.</para> 603 604 <para revision="287917">The &man.unbound.8; utility has been 605 updated to version 1.5.4.</para> 606 607 <para revision="288090">&man.jemalloc.3; has been updated to 608 version 4.0.2.</para> 609 610 <para revision="302221">The &man.file.1; utility has been 611 updated to version 5.28.</para> 612 613 <para revision="288303">The &man.nc.1; utility has been updated 614 to the OpenBSD 5.8 version.</para> 615 616 <para revision="296417"><application>Clang</application> has 617 been updated to version 3.8.0.</para> 618 619 <para revision="296417"><application>LLVM</application> has 620 been updated to version 3.8.0.</para> 621 622 <para revision="296417"><application>LLDB</application> has 623 been updated to version 3.8.0.</para> 624 625 <para revision="296417"><application>libc++</application> has 626 been updated to version 3.8.0.</para> 627 628 <para revision="296417">The 629 <application>compiler_rt</application> utility has been 630 updated to version 3.8.0.</para> 631 632 <para revision="300879"><application>ACPICA</application> has 633 been updated to version 20160527.</para> 634 635 <para revision="292432"><application>OpenBSM</application> has 636 been updated to version 1.2 alpha 4.</para> 637 638 <para revision="298166"><application>libucl</application> has 639 been updated to version 0.8.0.</para> 640 641 <para revision="301169" contrib="sponsor" sponsor="&ff;">The 642 NetBSD Project's &man.libblacklist.3; library and applications 643 have been ported and integrated into the system. Packet 644 filtering support for the &man.pf.4; packet filtering systems 645 has been implemented. The 646 <application>blacklist</application> system provides the 647 <application>blacklistd</application> daemon, the helper 648 script <application>blacklistd-helper</application> to make 649 changes to the running packet filter system and the 650 <application>blacklistctl</application> control program. 651 A selection of system daemons, including: 652 <application>fingerd</application>, 653 <application>ftpd</application>, 654 <application>rlogind</application>, and 655 <application>rshd</application> have been modified to support 656 sending notifications to the 657 <application>blacklistd</application> daemon.</para> 658 659 <para revision="301736" contrib="sponsor" sponsor="&ff;">Support 660 for the &man.ipfw.4; packet filter has been added to the 661 <application>blacklistd-helper</application> script.</para> 662 663 <para revision="301843" contrib="sponsor" sponsor="&ff;">Support 664 for the &man.ipfilter.4; packet filter has been added to the 665 <application>blacklistd-helper</application> script.</para> 666 </sect2> 667 668 <sect2 xml:id="userland-installer"> 669 <title>Installation and Configuration Tools</title> 670 671 <para revision="271539">The &man.bsdinstall.8; partition editor 672 and &man.sade.8; utility have been updated to include native 673 <acronym>ZFS</acronym> support.</para> 674 675 <para revision="272274">The &os; installation utility, 676 &man.bsdinstall.8;, has been updated to set the 677 <literal>canmount</literal> &man.zfs.8; property to 678 <literal>off</literal> for the <filename 679 class="directory">/var</filename> dataset, preventing the 680 contents of directories within <filename 681 class="directory">/var</filename> from conflicting when 682 using multiple boot environments, such as that provided by 683 <filename role="package">sysutils/beadm</filename>.</para> 684 685 <para revision="274394">The &man.bsdconfig.8; utility has been 686 updated to skip the initial &man.tzsetup.8; 687 <acronym>UTC</acronym> versus wall-clock time prompt when run 688 in a virtual machine, determined when the 689 <literal>kern.vm_guest</literal> &man.sysctl.8; is set to 690 <literal>1</literal>.</para> 691 692 <para revision="275874">The &man.bsdinstall.8; utility has been 693 updated to use the new &man.dpv.3; library to display progress 694 when extracting the &os; distributions.</para> 695 696 <para revision="285557" contrib="sponsor" 697 sponsor="&scaleengine;">Support for detecting and implementing 698 aligning partitions on 1Mb boundaries has been added to 699 &man.bsdinstall.8;.</para> 700 701 <para revision="285679" contrib="sponsor" 702 sponsor="&scaleengine;">Support for detecting and implementing 703 a workaround for various laptops and motherboards that do not 704 boot properly from <acronym>GPT</acronym>-partitioned disks 705 has been added to &man.bsdinstall.8;. Additionally, the 706 <literal>active</literal> flag will be set on the partition 707 when needed.</para> 708 709 <para revision="285679" contrib="sponsor" 710 sponsor="&scaleengine;">Support for selecting the partitioning 711 scheme when installing on the <acronym>UFS</acronym> 712 filesystem has been added to &man.bsdinstall.8;.</para> 713 </sect2> 714 715 <sect2 xml:id="userland-rc"> 716 <title><filename class="directory">/etc/rc.d</filename> 717 Scripts</title> 718 719 <para revision="270676">The &man.rc.8; subsystem has been 720 updated to allow configuring services in <filename 721 class="directory">${LOCALBASE}/etc/rc.conf.d/</filename>. 722 If <literal>LOCALBASE</literal> is unset, it defaults to 723 <filename class="directory">/usr/local</filename>.</para> 724 725 <para revision="273955">A new &man.rc.8; script, 726 <filename>growfs</filename>, has been added, which will resize 727 the root filesystem on boot if <filename>/firstboot</filename> 728 exists.</para> 729 730 <para revision="275299">The <filename>mrouted</filename> 731 &man.rc.8; script has been removed from the base system. An 732 equivalent script is available from the <filename 733 role="package">net/mrouted</filename> port.</para> 734 735 <para revision="279463" contrib="sponsor" 736 sponsor="&sandvine;">A new &man.rc.8; script, 737 <filename>iovctl</filename>, has been added, which allows 738 automatically starting the &man.iovctl.8; utility at 739 boot.</para> 740 741 <para revision="287576" contrib="sponsor" 742 sponsor="&scaleengine;">The &man.service.8; utility has been 743 updated to honor entries within <filename 744 class="directory">/etc/rc.conf.d/</filename>.</para> 745 746 <para revision="298515">Two new subcommands have been added to 747 the &man.rc.8; subsystem. <command>describe</command> shows 748 an rc script's description, and 749 <command>extracommands</command> shows any non-standard 750 commands present in an rc script, like 751 <command>reload</command>, <command>configtest</command>, or 752 <command>keygen</command>.</para> 753 </sect2> 754 755 <sect2 xml:id="userland-periodic"> 756 <title><filename class="directory">/etc/periodic</filename> 757 Scripts</title> 758 759 <para revision="271321">The daily &man.periodic.8; script 760 <filename>110.clean-tmps</filename> has been updated to avoid 761 crossing filesystem mount boundaries when cleaning files in 762 <filename class="directory">/tmp</filename>.</para> 763 764 <para revision="277216" contrib="sponsor" sponsor="&ff;">A new 765 &man.periodic.8; script, 766 <filename>510.status-world-kernel</filename>, has been added, 767 which evaluates the running userland and kernel versions from 768 the &man.uname.1; <literal>-U</literal> and 769 <literal>-K</literal> arguments, and prints an error if the 770 system userland and kernel are not in sync.</para> 771 </sect2> 772 773 <sect2 xml:id="userland-libraries"> 774 <title>Runtime Libraries and API</title> 775 776 <para revision="265995">The Blowfish &man.crypt.3; default 777 format has been changed to 778 <literal>$2b$</literal>.</para> 779 780 <para revision="268461">The &man.readline.3; library is now 781 statically linked in software within the base system, and the 782 shared library is no longer installed, allowing the Ports 783 Collection to use a modern version of the library.</para> 784 785 <para revision="272273">The &man.strptime.3; library has been 786 updated to add support for <acronym>POSIX</acronym>-2001 787 features <literal>%U</literal> and 788 <literal>%W</literal>.</para> 789 790 <para revision="272842,272848" contrib="sponsor" 791 sponsor="&ff;">The &man.dl.iterate.phdr.3; library has been 792 changed to always return the path name of the 793 <acronym>ELF</acronym> object in the 794 <literal>dlpi_name</literal> structure member.</para> 795 796 <para revision="273562" contrib="sponsor" 797 sponsor="&juniper;">The &man.libxo.3; library has been 798 imported to the base system.</para> 799 800 <para revision="273806" contrib="sponsor" sponsor="&chelsio;">A 801 userland library for Chelsio Terminator 5 based iWARP cards 802 has been added, allowing userland <acronym>RDMA</acronym> 803 applications to work over compatible 804 <acronym>NIC</acronym>s.</para> 805 806 <para revision="274987">The &man.gpio.3; library has been added, 807 providing a wrapper around the &man.gpio.4; kernel 808 interface.</para> 809 810 <para revision="275800" contrib="sponsor" sponsor="&ff;">The 811 &man.procctl.2; system call has been updated to include 812 a facility for non-&man.init.8; processes to be declared as 813 the reaper of child processes and their decendants.</para> 814 815 <para revision="277610">The <literal>futimens()</literal> and 816 <literal>utimensat()</literal> system calls have been 817 added. See &man.utimensat.2; for more information.</para> 818 819 <para revision="278934">The &man.elf.3; compile-time dependency 820 has been removed from <filename>dtri.o</filename>, which 821 allows adding <application>DTrace</application> probes to 822 userland applications and libraries without also linking 823 against &man.elf.3;.</para> 824 825 <para revision="279186">The &man.setmode.3; function has been 826 updated to consistently set <literal>errno</literal> on 827 failure.</para> 828 829 <para revision="279663">The &man.qsort.3; functions have been 830 updated to be able to handle 32-bit aligned data on 64-bit 831 platforms, also providing a significant improvement in 32-bit 832 workloads.</para> 833 834 <para revision="281130">Several standard include headers have 835 been updated to use of <application>gcc</application> 836 attributes, such as <literal>__result_use_check()</literal>, 837 <literal>__alloc_size()</literal>, and 838 <literal>__nonnull()</literal>.</para> 839 840 <para revision="281845">Support for file verification in 841 <acronym>MAC</acronym> has been added.</para> 842 843 <para revision="282973" contrib="sponsor" sponsor="&ff;">The 844 <literal>libgomp</literal> library is now only built when 845 building <acronym>GCC</acronym> from the base system. An 846 up-to-date version is available in the Ports Collection as 847 <filename 848 role="package">devel/libiomp5-devel</filename>.</para> 849 850 <para revision="282988">The <filename>stdlib.h</filename> and 851 <filename>malloc.h</filename> headers have been updated to 852 make use of the <application>gcc</application> 853 <literal>alloc_align()</literal> attribute.</para> 854 855 <para revision="284483" contrib="sponsor" 856 sponsor="&scaleengine;">The Blowfish &man.crypt.3; library 857 has been updated to support $2y$ hashes.</para> 858 859 <para revision="285277">The &man.execl.3; and &man.execlp.3; 860 library functions have been updated to use the 861 <literal>__sentinel</literal> <application>gcc</application> 862 attribute.</para> 863 </sect2> 864 865 <sect2 xml:id="userland-abi"> 866 <title>ABI Compatibility</title> 867 868 <para revision="271982">The &linux; compatibility version has 869 been updated to <literal>2.6.18</literal>. The 870 <literal>compat.linux.osrelease</literal> &man.sysctl.8; is 871 evaluated when building the <filename 872 role="package">emulators/linux-c6</filename> and related 873 ports.</para> 874 875 <para revision="288669">The stack protector has been upgraded to 876 the "strong" level, elevating the protection against buffer 877 overflows. While this significantly improves the security of 878 the system, extensive testing was done to ensure there are no 879 measurable side effects in performance or 880 functionality.</para> 881 </sect2> 882 </sect1> 883 884 <sect1 xml:id="kernel"> 885 <title>Kernel</title> 886 887 <para>This section covers changes to kernel configurations, system 888 tuning, and system control parameters that are not otherwise 889 categorized.</para> 890 891 <sect2 xml:id="kernel-bugfix"> 892 <title>Kernel Bug Fixes</title> 893 894 <para revision="265876">A kernel bug that inhibited proper 895 functionality of the <literal>dev.cpu.0.freq</literal> 896 &man.sysctl.8; on &intel; processors with Turbo 897 Boost ™ enabled has been fixed.</para> 898 899 <para revision="271697" arch="powerpc">Support for 900 &man.dtrace.1; stack tracing has been fixed for 901 &os;/&arch.powerpc;, using the <literal>trapexit()</literal> 902 and <literal>asttrapexit()</literal> functions instead of 903 checking within addressed kernel space.</para> 904 905 <para revision="271917">A kernel panic triggered when destroying 906 a &man.vnet.9; &man.jail.8; configured with &man.gif.4; has 907 been fixed.</para> 908 909 <para revision="271918">A kernel panic triggered when destroying 910 a &man.vnet.9; &man.jail.8; configured with &man.gre.4; has 911 been fixed.</para> 912 913 <para revision="272089">A bug in &man.ipfw.4; that could 914 potentially lead to a kernel panic when using &man.dummynet.4; 915 at layer 2 has been fixed.</para> 916 917 <para revision="280930" contrib="sponsor" sponsor="&mitail;">The 918 kernel <acronym>RPC</acronym> has been updated to include 919 several enhancements:</para> 920 921 <itemizedlist> 922 <listitem> 923 <para>The 45 MiB limit on requests queued for 924 &man.nfsd.8; threads has been removed.</para> 925 </listitem> 926 927 <listitem> 928 <para>Avoids unnecessary throttling by not deferring 929 accounting for completed requests.</para> 930 </listitem> 931 932 <listitem> 933 <para>Fixes an integer overflow and signedness bugs.</para> 934 </listitem> 935 </itemizedlist> 936 937 <para revision="281261" arch="powerpc">Support for 938 &man.dtrace.1; has been added for the 939 Book-E ™.</para> 940 941 <para revision="287886" contrib="sponsor" 942 sponsor="&multiplay;">The &man.kqueue.2; system call has been 943 updated to handle write events to files larger than 2 944 gigabytes.</para> 945 </sect2> 946 947 <sect2 xml:id="kernel-config"> 948 <title>Kernel Configuration</title> 949 950 <para revision="266531">The <literal>IMAGACT_BINMISC</literal> 951 kernel configuration option has been enabled by default, 952 which enables application execution through emulators, such 953 as <application>Qemu</application>.</para> 954 955 <para revision="268045">The <literal>VT</literal> kernel 956 configuration file has been removed, and the &man.vt.4; 957 driver is included in the <literal>GENERIC</literal> kernel. 958 To enable &man.vt.4;, enter <literal>set kern.vty=vt</literal> 959 at the &man.loader.8; prompt during boot, or add 960 <literal>kern.vty=vt</literal> to &man.loader.conf.5; and 961 reboot the system.</para> 962 963 <para revision="277904">The &man.config.8; utility has been 964 updated to allow using a non-standard <filename 965 class="directory">src/</filename> tree, specified as an 966 argument to the <literal>-s</literal> flag.</para> 967 968 <para revision="277990" arch="powerpc64">The 969 &os;/&arch.powerpc64; kernel now builds as 970 a position-independent executable, allowing the kernel to be 971 loaded into and run from any physical or virtual 972 address.</para> 973 974 <important> 975 <para>This change requires an update to &man.loader.8;. 976 The userland and kernel must be updated before rebooting the 977 system.</para> 978 </important> 979 980 <para revision="278338" arch="arm">A new module for creating 981 <filename>rpi.dtb</filename> has been added for the Raspberry 982 Pi.</para> 983 984 <para revision="278340" arch="arm">The 985 <filename>rpi.dtb</filename> module is now installed to 986 <filename class="directory">/boot/dtb/</filename> by 987 default for the Raspberry Pi system.</para> 988 989 <para revision="279189" contrib="sponsor" sponsor="&ff;" 990 arch="powerpc">Kernel support for Vector-Scalar eXtension 991 (<acronym>VSX</acronym>) found on POWER7 and POWER8 hardware 992 has been added.</para> 993 994 <para revision="279252" contrib="sponsor" sponsor="&ff;" 995 arch="powerpc">The &man.pmap.9; implementation for 64-bit 996 &powerpc; processors has been overhaulded to improve 997 concurrency.</para> 998 999 <para revision="279824" arch="arm">A new module for creating 1000 the <filename>dtb</filename> module for AM335x systems has 1001 been added.</para> 1002 1003 <para revision="281495" contrib="sponsor" sponsor="&ff;">The 1004 <literal>PAE_TABLES</literal> kernel configuration option has 1005 been added for &os;/&arch.i386;, which instructs &man.pmap.9; 1006 to use <acronym>PAE</acronym> format for page tables while 1007 maintaining a 32-bit physical address size elsewhere in the 1008 kernel. The use of this option can enhance application-level 1009 security by enabling the creation of <quote>no execute</quote> 1010 mappings on modern &arch.i386; processors. Unlike the 1011 <literal>PAE</literal> option, <literal>PAE_TABLES</literal> 1012 preserves kernel binary interface (<acronym>KBI</acronym>) 1013 compatibility with non-<literal>PAE</literal> kernels, 1014 allowing non-<literal>PAE</literal> kernel modules and drivers 1015 to work with a <literal>PAE_TABLES</literal>-enabled kernel. 1016 Additionally, system limits are tuned for 4GB maximum 1017 <acronym>RAM</acronym>, avoiding kernel virtual address space 1018 (<acronym>KVA</acronym>) exhaustion.</para> 1019 1020 <para revision="282215">The <literal>SIFTR</literal> kernel 1021 configuration has been added, allowing building &man.siftr.4; 1022 statically into the kernel.</para> 1023 1024 <para revision="282731" arch="arm">The &arch.arm; boot loader, 1025 <filename>ubldr</filename>, is now relocatable. In addition, 1026 <filename>ubldr.bin</filename> is now created during build 1027 time, which is a stripped binary with an entry point of 1028 <literal>0</literal>, providing the ability to specify the 1029 load address by running <literal>go 1030 ${loadaddr}</literal> in 1031 <literal>u-boot</literal>.</para> 1032 1033 <para revision="282921" contrib="sponsor" sponsor="&intelcorp;" 1034 arch="amd64,i386">The &man.nvd.4; and &man.nvme.4; drivers are 1035 now included in the <filename>GENERIC</filename> kernel 1036 configuration by default.</para> 1037 1038 <para revision="283959" contrib="sponsor" 1039 sponsor="&limelight;">A new kernel configuration option, 1040 <literal>EM_MULTIQUEUE</literal>, has been added which enables 1041 multi-queue support in the &man.em.4; driver.</para> 1042 1043 <note> 1044 <para>Multi-queue support in the &man.em.4; driver is not 1045 officially supported by &intel;.</para> 1046 </note> 1047 1048 <para revision="285142" contrib="sponsor" 1049 sponsor="&netgate;">The <filename>GENERIC</filename> kernel 1050 configuration has been updated to include the 1051 <literal>IPSEC</literal> option by default.</para> 1052 1053 <para revision="285387" contrib="sponsor" 1054 sponsor="&norse;, &dell;">Initial <acronym>NUMA</acronym> 1055 affinity and policy configuration has been added. See 1056 &man.numactl.1;, and &man.numa.getaffinity.2;, for usage 1057 details.</para> 1058 1059 <para revision="286231">The &man.pms.4; driver has been added 1060 to the <filename>GENERIC</filename> kernel configuration for 1061 supported architectures.</para> 1062 1063 <para revision="287306" arch="arm">The 1064 <filename>CUBIEBOARD2</filename> kernel configuration has been 1065 renamed to <filename>A20</filename>.</para> 1066 1067 <para revision="288176" contrib="sponsor" sponsor="&ff;">Kernel 1068 debugging symbols are now installed to <filename 1069 class="directory">/usr/lib/debug/boot/kernel/</filename>. 1070 To retain the previous behavior, add 1071 <literal>KERN_DEBUGDIR=""</literal> to 1072 &man.src.conf.5;.</para> 1073 1074 <para revision="296277" contrib="sponsor" 1075 sponsor="&chelsio;">Support for POSIX asynchronous I/O is 1076 now included in the kernel by default. The 1077 <literal>VFS_AIO</literal>kernel option and 1078 <literal>aio.ko</literal> kernel module have been removed. 1079 Asynchronous I/O operations on sockets, local files, and 1080 disk devices are permitted by default. However, operations 1081 on other file types are disabled. See the &man.aio.4; 1082 manual page for more details.</para> 1083 1084 <para revision="301565" contrib="sponsor" sponsor="&ff;" 1085 arch="arm64">&arch.arm64; has been switched over to using 1086 <literal>INTRNG</literal> by default.</para> 1087 </sect2> 1088 1089 <sect2 xml:id="kernel-sysctl"> 1090 <title>System Tuning and Controls</title> 1091 1092 <para revision="275140" contrib="sponsor" sponsor="&ff;">The 1093 &man.hwpmc.4; default and maximum callchain depths have been 1094 increased. The default has been increased from 16 to 32, and 1095 the maximum increased from 32 to 128.</para> 1096 1097 <para revision="279361">The <literal>kern.osrelease</literal> 1098 and <literal>kern.osreldate</literal> are now configurable 1099 &man.jail.8; parameters.</para> 1100 1101 <para revision="280308,280949" contrib="sponsor" 1102 sponsor="&ix;, &ff;">The &man.devfs.5; device filesystem has 1103 been changed to update timestamps for read/write operations 1104 using seconds precision. A new &man.sysctl.8;, 1105 <literal>vfs.devfs.dotimes</literal> has been added, which 1106 when set to a non-zero value, enables default precision 1107 timestamps for these operations.</para> 1108 1109 <para revision="282213" contrib="sponsor" sponsor="&ff;">A new 1110 &man.sysctl.8;, <literal>kern.racct.enable</literal>, has been 1111 added, which when set to a non-zero value allows using 1112 &man.rctl.8; with the <literal>GENERIC</literal> kernel. 1113 A new kernel configuration option, 1114 <literal>RACCT_DISABLED</literal> has also been added.</para> 1115 1116 <para revision="282901" contrib="sponsor" sponsor="&ff;">The 1117 <literal>GENERIC</literal> kernel configuration now includes 1118 <literal>RACCT</literal> and <literal>RCTL</literal> by 1119 default.</para> 1120 1121 <note> 1122 <para>To enable <literal>RACCT</literal> and 1123 <literal>RCTL</literal> on a system using the 1124 <literal>GENERIC</literal> kernel configuration, add 1125 <literal>kern.racct.enable=1</literal> to 1126 &man.loader.conf.5;, and reboot the system.</para> 1127 </note> 1128 1129 <para revision="283136" contrib="sponsor" 1130 sponsor="&limelight;">A new &man.sysctl.8;, 1131 <literal>net.inet.tcp.hostcache.purgenow</literal>, has 1132 been added, which when set to <literal>1</literal> during 1133 runtime will flush all 1134 <literal>net.inet.tcp.hostcache</literal> entries.</para> 1135 1136 <para revision="285524">A new &man.sysctl.8;, 1137 <literal>hw.model</literal>, has been added, which displays 1138 <acronym>CPU</acronym> model information.</para> 1139 1140 <para revision="286591">The &man.uart.4; driver has been 1141 updated to allow tuning pulses per second captured in the 1142 CTS line during runtime, whereas previously only the DCD line 1143 could be used without rebuilding the kernel.</para> 1144 </sect2> 1145 </sect1> 1146 1147 <sect1 xml:id="drivers"> 1148 <title>Devices and Drivers</title> 1149 1150 <para>This section covers changes and additions to devices and 1151 device drivers since &release.prev;.</para> 1152 1153 <sect2 xml:id="drivers-device"> 1154 <title>Device Drivers</title> 1155 1156 <para revision="260903">Support for GPS ports has been added to 1157 &man.uhso.4;.</para> 1158 1159 <para revision="265132">The &man.full.4; device has been added, 1160 and the <literal>lindev(4)</literal> device has been removed. 1161 Prior to this change, <literal>lindev(4)</literal> provided 1162 only the <filename>/dev/full</filename> character device, 1163 returning <literal>ENOSPC</literal> on write attempts. As 1164 this device is not specific to &linux;, a native &os; version 1165 has been added.</para> 1166 1167 <para revision="271705">Hardware context support has been 1168 added to the <literal>drm/i915</literal> driver, adding 1169 support for <application>Mesa</application> 9.2 and 1170 later.</para> 1171 1172 <para revision="273178">The &man.vt.4; driver has been updated, 1173 replacing the bitmapped <literal>kern.vt.spclkeys</literal> 1174 &man.sysctl.8; with individual 1175 <literal>kern.vt.kbd_*</literal> variants.</para> 1176 1177 <para revision="273598">The &man.hpet.4; driver has been updated 1178 to create a 1179 <filename>/dev/hpet<replaceable>N</replaceable></filename> 1180 device, providing access to <acronym>HPET</acronym> from 1181 userspace.</para> 1182 1183 <para revision="280183">The <literal>drm</literal> code has 1184 been updated to match &linux; version 3.8.13.</para> 1185 1186 <para revision="281440">The &man.psm.4; driver has been updated 1187 to include improved support for newer Synaptics ® 1188 touchpads and the ClickPad ® mouse on newer 1189 Lenovo ™ laptops.</para> 1190 1191 <para revision="282783" arch="powerpc">Support for the Freescale 1192 <acronym>PCI</acronym> Root Complex device has been 1193 added.</para> 1194 1195 <para revision="285876">The &man.cyapa.4; driver has been added, 1196 supporting the Cypress APA I2C trackpad.</para> 1197 1198 <para revision="285883">The &man.isl.4; driver has been added, 1199 supporting the Intersil I2C ISL29018 digital ambient light 1200 sensor.</para> 1201 </sect2> 1202 1203 <sect2 xml:id="drivers-storage"> 1204 <title>Storage Drivers</title> 1205 1206 <para revision="265236" contrib="sponsor" 1207 sponsor="&lsi;, &spectralogic;" sponsorurl="">The &man.mpr.4; 1208 device has been added, providing support for LSI Fusion-MPT 1209 3 12Gb SCSI/SATA controllers.</para> 1210 1211 <para revision="265555" contrib="sponsor" 1212 sponsor="&lsi;">The &man.mrsas.4; driver has been added, 1213 providing support for LSI MegaRAID SAS controllers. The 1214 &man.mfi.4; driver will attach to the controller, by default. 1215 To enable &man.mrsas.4; add 1216 <literal>hw.mfi.mrsas_enable=1</literal> to 1217 <filename>/boot/loader.conf</filename>, which turns off 1218 &man.mfi.4; device probing.</para> 1219 1220 <note> 1221 <para>At this time, the &man.mfiutil.8; utility and the &os; 1222 version of <application>MegaCLI</application> and 1223 <application>StorCli</application> do not work with 1224 &man.mrsas.4;.</para> 1225 </note> 1226 1227 <para revision="275461" contrib="sponsor" sponsor="&ix;">The 1228 &man.ctl.4; subsystem has been updated, increasing the ports 1229 limit from <literal>128</literal> to <literal>256</literal>, 1230 and <acronym>LUN</acronym> limit from <literal>256</literal> 1231 to <literal>1024</literal>.</para> 1232 1233 <para revision="276526">The <literal>asr(4)</literal> driver has 1234 been removed, and is no longer supported.</para> 1235 1236 <para revision="281387">The &man.hptnr.4; driver has been 1237 updated to version 1.1.1.</para> 1238 1239 <para revision="285662">The &man.pms.4; driver has been added, 1240 providing support for the PMC Sierra line of 1241 <acronym>SAS</acronym>/<acronym>SATA</acronym> host bus 1242 adapters.</para> 1243 1244 <para revision="287117" contrib="sponsor" 1245 sponsor="&emcisilon;">The &man.ioat.4; driver has been added, 1246 providing support for the <acronym>PSE</acronym> (Platform 1247 Storage Extension).</para> 1248 1249 <para revision="287621" contrib="sponsor" sponsor="&ix;">The 1250 <acronym>CTL</acronym> High Availability implementation has 1251 been rewritten.</para> 1252 1253 <para revision="288310">The &man.ctl.4; driver has been updated 1254 to support CD-ROM and removable devices.</para> 1255 1256 <para contrib="sponsor" sponsor="&ix;">The &man.isp.4; driver 1257 has been updated and improved: added support for 16Gbps FC 1258 cards, improved target mode support, completed Multi-ID (NPIV) 1259 functionality.</para> 1260 </sect2> 1261 1262 <sect2 xml:id="drivers-network"> 1263 <title>Network Drivers</title> 1264 1265 <para revision="258830">Support for Broadcom chipsets BCM57764, 1266 BCM57767, BCM57782, BCM57786 and BCM57787 has been added to 1267 &man.bge.4;.</para> 1268 1269 <para revision="260448">Support for the &intel; Centrino™ 1270 Wireless-N 135 chipset has been added.</para> 1271 1272 <para revision="260552">Firmware for &intel; Centrino™ 1273 Wireless-N 105 devices has been added to the base 1274 system.</para> 1275 1276 <para revision="261975">The deprecated nve(4) driver has been 1277 removed. Users of NVIDIA nForce MCP network adapters are 1278 advised to use the &man.nfe.4; driver instead, which has been 1279 the default driver for this hardware since 1280 &os; 7.0.</para> 1281 1282 <para revision="264601" contrib="sponsor" 1283 sponsor="&darpa_afrl;">The <literal>if_nf10bmac(4)</literal> 1284 device has been added, providing support for NetFPGA-10G 1285 Embedded CPU Ethernet Core.</para> 1286 1287 <note> 1288 <para>The <literal>if_nf10bmac(4)</literal> driver operates on 1289 the FPGA, and is not suited for the PCI host 1290 interface.</para> 1291 </note> 1292 1293 <para revision="265348" contrib="sponsor" 1294 sponsor="&netgate;">The &man.ath.hal.4; driver has been 1295 updated to support the Atheros AR1111 chipset.</para> 1296 1297 <para revision="266770">Support for the &intel; Centrino™ 1298 Wireless-N 105 chipset has been added.</para> 1299 1300 <para revision="266757" contrib="sponsor" 1301 sponsor="&chelsio;">Support for the &man.cxgbe.4; Terminator 1302 5 (T5) 10G/40G cards has been added to &man.netmap.4;.</para> 1303 1304 <para revision="272730">The &man.alc.4; driver has been updated 1305 to support AR816x and AR817x ethernet controllers.</para> 1306 1307 <para revision="272906">The &man.pf.4; packet filter default 1308 hash has been changed from <literal>Jenkins</literal> to 1309 <literal>Murmur3</literal>, providing a 3-percent performance 1310 increase in packets-per-second.</para> 1311 1312 <para revision="273331">The &man.vxlan.4; driver has been added, 1313 which creates a virtual Layer 2 (Ethernet) network overlaid in 1314 a Layer 3 (IP/UDP) network. The &man.vxlan.4; driver is 1315 analogous to &man.vlan.4;, but is designed to be better suited 1316 for large, multiple-tenant datacenter environments.</para> 1317 1318 <para revision="274246" contrib="sponsor" sponsor="&yandex;">The 1319 &man.gre.4; driver has been significantly overhauled, and has 1320 been split into two separate modules, &man.gre.4; and 1321 &man.me.4;.</para> 1322 1323 <para revision="278551">The &man.ral.4; driver has been updated 1324 to support the RT5390 and RT5392 chipsets.</para> 1325 1326 <para revision="283514" contrib="sponsor" 1327 sponsor="&solarflare;">The &man.sfxge.4; driver has been 1328 updated to support Solarflare Flareon Ultra 7000-series 1329 chipsets.</para> 1330 1331 <para revision="283766" contrib="sponsor" 1332 sponsor="&limelight;">The &man.em.4; driver has been updated 1333 with improved transmission queue hang detection.</para> 1334 1335 <para revision="284125">The &man.cdce.4; driver has been updated 1336 to include support for the RTL8153 chipset.</para> 1337 1338 <para revision="286441">The &man.iwm.4; driver has been imported 1339 from OpenBSD, providing support for &intel; 3160/7260/7265 1340 wireless chipsets.</para> 1341 1342 <para revision="286829" contrib="sponsor" 1343 sponsor="&limelight;">The &man.em.4; driver has been updated 1344 to allow disabling <acronym>CRC</acronym> stripping.</para> 1345 1346 <para revision="287222">The &man.pf.4; implementation has been 1347 updated to remove support for the <literal>scrub fragment 1348 crop|drop-ovl</literal> filtering rule. Systems with this 1349 rule in &man.pf.conf.5; will implicitly be converted to the 1350 <literal>scrub fragment reassemble</literal> filtering rule, 1351 without necessary intervention.</para> 1352 1353 <para revision="288654">The &man.lagg.4; driver has been updated 1354 to remove support for the <literal>fec</literal> 1355 protocol.</para> 1356 </sect2> 1357 </sect1> 1358 1359 <sect1 xml:id="hardware"> 1360 <title>Hardware Support</title> 1361 1362 <para>This section covers general hardware support for physical 1363 machines, hypervisors, and virtualization environments, as well 1364 as hardware changes and updates that do not otherwise fit in 1365 other sections of this document.</para> 1366 1367 <sect2 xml:id="hardware-support"> 1368 <title>Hardware Support</title> 1369 1370 <para revision="299142">Native PCI-express HotPlug support is 1371 enabled by default on &arch.amd64;, &arch.arm64;, and 1372 &arch.powerpc;. This feature has exposed compatibility issues 1373 on some hardware that result in missing devices or a hang 1374 during boot. To work around such issues, run <literal>set 1375 hw.pci.enable_pcie_hp=0</literal> in the boot loader, and 1376 add <literal>hw.pci.enable_pcie_hp=0</literal> to 1377 <filename>/boot/loader.conf</filename>.</para> 1378 1379 <para revision="268303">The &man.asmc.4; driver has been 1380 updated to support the &apple; MacMini 3,1.</para> 1381 1382 <para revision="268351">Support for &os;/ia64 has been dropped 1383 as of &os; 11.</para> 1384 1385 <para revision="274386">An issue that could cause a system to 1386 hang when entering <acronym>ACPI</acronym> 1387 <literal>S3</literal> state (suspend to 1388 <acronym>RAM</acronym>) has been corrected in the &man.acpi.4; 1389 and &man.pci.4; drivers.</para> 1390 1391 <para revision="274733" arch="powerpc">The power management unit 1392 subsystem has been updated to support power button events on 1393 certain &arch.powerpc; hardware, such as aluminum 1394 PowerBook ®.</para> 1395 1396 <para revision="275171,275190" arch="powerpc">The &man.hwpmc.4; 1397 driver has been updated to correct performance counter 1398 sampling on G4 (MPC74xxx) and G5 class processors.</para> 1399 1400 <para revision="275732" contrib="sponsor" 1401 sponsor="&ff;,&netgate;">The 1402 <application>OpenCrypto</application> framework has been 1403 updated to include <literal>AES-ICM</literal> and 1404 <literal>AES-GCM</literal> modes, both of which have also been 1405 added to the &man.aesni.4; driver.</para> 1406 1407 <para revision="281713" arch="powerpc">The &man.hwpmc.4; 1408 driver has been updated to support the Freescale e500 1409 core.</para> 1410 1411 <para revision="283766">The &man.ig4.4; driver has been added, 1412 providing support for the fourth generation &intel; 1413 <acronym>I2C</acronym> SMBus.</para> 1414 1415 <para>The &man.uart.4; driver has been updated to support 1416 <acronym>AMT</acronym> devices on newer systems.</para> 1417 1418 <para revision="285316" contrib="sponsor" sponsor="&ff;" 1419 arch="arm64">Initial <acronym>SMP</acronym> support has been 1420 added to the &os;/&arch.arm64; port.</para> 1421 </sect2> 1422 1423 <sect2 xml:id="hardware-virtualization"> 1424 <title>Virtualization Support</title> 1425 1426 <para revision="260410">Support for the <quote>Virtual Interrupt 1427 Delivery</quote> feature of &intel; VT-x is enabled if 1428 supported by the CPU. This feature can be disabled by running 1429 <literal>sysctl hw.vmm.vmx.use_apic_vid=0</literal>. 1430 Additionally, to persist this setting across reboots, add 1431 <literal>hw.vmm.vmx.use_apic_vid=0</literal> to 1432 <filename>/etc/sysctl.conf</filename>.</para> 1433 1434 <para revision="260532">Support for <quote>Posted Interrupt 1435 Processing</quote> is enabled if supported by the CPU. This 1436 feature can be disabled by running <literal>sysctl 1437 hw.vmm.vmx.use_apic_pir=0</literal>. Additionally, to 1438 persist this setting across reboots, add 1439 <literal>hw.vmm.vmx.use_apic_pir=0</literal> to 1440 <filename>/etc/sysctl.conf</filename>.</para> 1441 1442 <para revision="260582">Unmapped IO support has been added to 1443 &man.virtio_blk.4;.</para> 1444 1445 <para revision="260583">Unmapped IO support has been added to 1446 &man.virtio_scsi.4;.</para> 1447 1448 <para revision="260847">The &man.virtio_random.4; driver has 1449 been added to harvest entropy from the host system.</para> 1450 1451 <para revision="261504">&os;/&arch.i386; guests can be run under 1452 bhyve.</para> 1453 1454 <para revision="267536" contrib="sponsor" 1455 sponsor="&citrix.rd;">Support for running a &os;/&arch.amd64; 1456 <application>Xen</application> guest instance as 1457 <acronym>PVH</acronym> guest has been added. 1458 <acronym>PVH</acronym> mode, short for <quote>Para-Virtualized 1459 Hardware</quote>, uses para-virtualized drivers for boot and 1460 I/O, and uses hardware virtualization extensions for all other 1461 tasks, without the need for emulation.</para> 1462 1463 <para revision="273375">The &man.bhyve.8; hypervisor has been 1464 updated to support &amd; processors with 1465 <acronym>SVM</acronym> and <acronym>AMD-V</acronym> hardware 1466 extensions.</para> 1467 1468 <para revision="273515">The &man.virtio.console.4; driver has 1469 been added, which provides an interface to VirtIO console 1470 devices through a &man.tty.4; device.</para> 1471 1472 <para revision="279957">The &man.bhyve.8; hypervisor has been 1473 updated to support <literal>DSM TRIM</literal> commands for 1474 virtual <acronym>AHCI</acronym> disks.</para> 1475 1476 <para revision="302332">Native graphics support has been added 1477 to the &man.bhyve.8; hypervisor.</para> 1478 1479 <para revision="281439" arch="arm">Support for the 1480 <application>QEMU</application> <literal>virt</literal> system 1481 has been added.</para> 1482 1483 <para revision="282212" contrib="sponsor" sponsor="&msostc;">The 1484 Hyper-V™ drivers have been updated with several 1485 enhancements:</para> 1486 1487 <itemizedlist> 1488 <listitem> 1489 <para>The &man.hv.vmbus.4; driver now has multi-channel 1490 support.</para> 1491 </listitem> 1492 1493 <listitem> 1494 <para>The &man.hv.storvsc.4; driver now has scatter/gather 1495 support, in addition to performance improvements.</para> 1496 </listitem> 1497 1498 <listitem> 1499 <para>The &man.hv.kvp.4; driver has received several bug 1500 fixes.</para> 1501 </listitem> 1502 </itemizedlist> 1503 1504 <para revision="282274">Support for &man.xen.4; para-virtualized 1505 <literal>domU</literal> kernels has been removed.</para> 1506 1507 <para revision="284746" contrib="sponsor" sponsor="&msostc;">The 1508 &man.hv.netvsc.4; driver has been updated to support checksum 1509 offloading and <acronym>TSO</acronym>.</para> 1510 1511 <para revision="286062">The &man.xen.4; driver has been updated 1512 to include support for <literal>blkif</literal> indirect 1513 segment I/O.</para> 1514 1515 <para revision="302288">Indirect segment I/O is enabled by 1516 default in the Xen blkfront driver when running on AWS 1517 EC2.</para> 1518 </sect2> 1519 1520 <sect2 xml:id="hardware-arm"> 1521 <title>ARM Support</title> 1522 1523 <para revision="260921">The &man.nand.4; device is enabled for 1524 ARM devices by default.</para> 1525 1526 <para revision="266943" arch="arm">Support for the Exynos 5420 1527 Octa system has been added.</para> 1528 1529 <para revision="267390" arch="arm">The <acronym>SMP</acronym> 1530 option has been enabled for all Exynos 5 systems supported by 1531 &os;.</para> 1532 1533 <para revision="268838" arch="arm">Support for the Toradex 1534 Apalis i.MX6 development board has been added.</para> 1535 1536 <para revision="273264" arch="armv6">An issue that could cause 1537 instability when detecting <acronym>SD</acronym> cards on the 1538 Raspberry Pi <acronym>SOC</acronym> has been fixed.</para> 1539 1540 <para revision="275963">The <literal>bcm2835_cpufreq</literal> 1541 driver has been added, which supports <acronym>CPU</acronym> 1542 frequency and voltage control on the Raspberry Pi 1543 <acronym>SOC</acronym>.</para> 1544 1545 <para revision="277042" arch="arm">Support to turn off the 1546 BeagleBone Black system with the &man.shutdown.8; 1547 <literal>-p</literal> flag or by invoking &man.poweroff.8; has 1548 been added.</para> 1549 1550 <para revision="277644" arch="arm">Audio transmission drivers 1551 have been added for Digital Audio Multiplexer 1552 (<acronym>AUDMUXM</acronym>), Smart Direct Memory Access 1553 Controller (<acronym>SDMA</acronym>), and Syncronous Serial 1554 Interface (<acronym>SSI</acronym>).</para> 1555 1556 <para revision="280259" contrib="sponsor" sponsor="&ff;">Initial 1557 support for the ARM AArch64 architecture has been 1558 added.</para> 1559 1560 <para revision="282779" arch="arm">Kernel support for Thumb-2 1561 userland has been added.</para> 1562 1563 <para revision="282827">Support for the hardware power button 1564 on the BeagleBone Black system has been added.</para> 1565 1566 <para revision="284273" contrib="sponsor" 1567 sponsor="&ff;">Initial 1568 <acronym>ACPI</acronym> support has been added for 1569 &os;/&arch.arm64;.</para> 1570 1571 <para revision="287225">Support for 1-Wire devices has been 1572 added, providing support for 1-Wire hardware through 1573 &man.gpio.4;. See &man.ow.4;, &man.owc.4;, and 1574 &man.ow.temp.4; for more information.</para> 1575 1576 <para revision="287371" arch="arm64" contrib="sponsor" 1577 sponsor="&abt;">Support for the HiSilicon HI6220 SoC has 1578 been added.</para> 1579 1580 <para revision="263698" arch="arm">The second CPU core on 1581 Allwinner A20 SoC have been enabled.</para> 1582 1583 <para revision="299688" arch="arm">Support for the Allwinner H3 1584 SoC has been added.</para> 1585 1586 <para revision="299786" arch="arm">Support for X-Powers AXP813 1587 and AXP818 power management integrated circuits have been 1588 added.</para> 1589 1590 <para revision="300777" arch="arm">Support for GPIO, Sensors and 1591 interrupts on AXP209 power management integrated circuits have 1592 been added.</para> 1593 1594 <para revision="299781" arch="arm">Support for the Allwinner 1595 Reduced Serial Bus (RSB) has been added.</para> 1596 1597 <para revision="296064" arch="arm">Support for Allwinner A20 1598 HDMI has been added.</para> 1599 </sect2> 1600 </sect1> 1601 1602 <sect1 xml:id="storage"> 1603 <title>Storage</title> 1604 1605 <para>This section covers changes and additions to file systems 1606 and other storage subsystems, both local and networked.</para> 1607 1608 <sect2 xml:id="storage-general"> 1609 <title>General Storage</title> 1610 1611 <para revision="278037" contrib="sponsor" sponsor="&ix;">The 1612 &man.ctl.4; <acronym>LUN</acronym> mapping has been rewritten, 1613 replacing <acronym>iSCSI</acronym>-specific mapping mechanisms 1614 with a new mechanism that works for any port.</para> 1615 1616 <para revision="278354" contrib="sponsor" sponsor="&ix;">The 1617 &man.ctld.8; utility has been updated to allow controlling 1618 non-<acronym>iSCSI</acronym> &man.ctl.4; ports.</para> 1619 1620 <para revision="295212" contrib="sponsor" sponsor="&ix;">Support 1621 for parsing libucl-based configuration files has been added to 1622 &man.ctld.8;.</para> 1623 1624 <para revision="275681" contrib="sponsor" sponsor="&ff;">The 1625 &man.autofs.5; subsystem has been updated to include a new 1626 &man.auto.master.5; map, <literal>-media</literal>, which 1627 allows automatically mounting removable media, such as 1628 <acronym>CD</acronym> drives or <acronym>USB</acronym> flash 1629 drives.</para> 1630 1631 <para revision="279955" contrib="sponsor" sponsor="&ff;">The 1632 &man.autofs.5; subsystem has been updated to include a new 1633 &man.auto.master.5; map, <literal>-noauto</literal>, which 1634 handles &man.fstab.5; entries set to 1635 <literal>noauto</literal>.</para> 1636 1637 <para revision="286444">The <acronym>GELI</acronym> class has 1638 been updated to support the <literal>BIO_DELETE</literal> 1639 &man.g.bio.9; <literal>bio_cmd</literal> field, providing 1640 <acronym>TRIM</acronym>/<acronym>UNMAP</acronym> support on 1641 <acronym>GELI</acronym>-backed <acronym>SSD</acronym> storage 1642 providers.</para> 1643 1644 <para revision="300880" contrib="sponsor" 1645 sponsor="&spectralogic;"> Leading spaces are now stripped off 1646 <acronym>SCSI</acronym> disk serial numbers when populating 1647 the CAM serial number. This affects the output of 1648 &man.diskinfo.8; and the names of 1649 <filename>/dev/diskid/DISK-*</filename> device nodes, among 1650 other things.</para> 1651 1652 <para revision="300207" contrib="sponsor" 1653 sponsor="&spectralogic;"> Support for managing Shingled 1654 Magnetic Recording (SMR) drives has been added.</para> 1655 1656 <para revision="299371" contrib="sponsor" sponsor="&ff;">The 1657 &man.camcontrol.8; command can manually force updating 1658 capacity data after a disk gets resized using the reprobe 1659 subcommand.</para> 1660 </sect2> 1661 1662 <sect2 xml:id="storage-net"> 1663 <title>Networked Storage</title> 1664 1665 <para revision="270096" contrib="sponsor" sponsor="&ff;">The new 1666 filesystem automount facility, &man.autofs.5;, has been added. 1667 The new &man.autofs.5; facility is similar to that found in 1668 other &unix;-like operating systems, such as OS X™ 1669 and Solaris™. The &man.autofs.5; facility uses 1670 a &sun;-compatible &man.auto.master.5; configuration file, and 1671 is administered with the &man.automount.8; userland utility, 1672 and the &man.automountd.8; and &man.autounmountd.8; 1673 daemons.</para> 1674 1675 <para revision="273849" contrib="sponsor" sponsor="&ff;">Support 1676 for the <literal>timeo</literal>, <literal>actimeo</literal>, 1677 <literal>noac</literal>, and <literal>proto</literal> options 1678 have been added to &man.mount.nfs.8;.</para> 1679 1680 <para revision="300723">The Mellanox implementation of iSER 1681 (iSCSI Extensions for RDMA) has been imported.</para> 1682 1683 <para revision="301033">The ability to discover iSCSI targets 1684 without having to attach to a target has been added to the 1685 &man.iscsictl.8; command.</para> 1686 </sect2> 1687 1688 <sect2 xml:id="storage-zfs"> 1689 <title>ZFS</title> 1690 1691 <para revision="275748">The <literal>arc_meta_limit</literal> 1692 statistics are now visible through the 1693 <literal>kstat</literal> &man.sysctl.8;. As a result of this 1694 change, the <literal>vfs.zfs.arc_meta_used</literal> 1695 &man.sysctl.8; has been removed, and replaced with the 1696 <literal>kstat.zfs.misc.arcstats.arc_meta_used</literal> 1697 &man.sysctl.8;.</para> 1698 1699 <para revision="287099" contrib="sponsor" 1700 sponsor="&clusterhq;">The &man.zfs.8; <literal>l2arc</literal> 1701 code has been updated to take <literal>ashift</literal> into 1702 account when gathering buffers to be written to the 1703 <literal>l2arc</literal> device.</para> 1704 1705 <para revision="300906" contrib="sponsor" sponsor="&ix;, 1706 &spectralogic;">The zfsd daemon has been added, which manages 1707 hotspares and replements in drive slots that publish physical 1708 paths.</para> 1709 1710 <para revision="302265" contrib="sponsor" 1711 sponsor="&multiplay;">The minimum and maximum values for the 1712 ZFS adaptive replacement cache can be modified at 1713 runtime.</para> 1714 1715 <para revision="297633" contrib="sponsor" sponsor="&ff;">Four 1716 new resources have been added to &man.rctl.8; to allow 1717 throttles to be set on filesystem IO.</para> 1718 </sect2> 1719 1720 <sect2 xml:id="storage-geom"> 1721 <title>&man.geom.4;</title> 1722 1723 <para revision="267359">Support for the 1724 <literal>disklabel64</literal> partitioning scheme has been 1725 added to &man.gpart.8;.</para> 1726 1727 <para revision="282465">Support for the 1728 <literal>apple-boot</literal>, <literal>apple-hfs</literal>, 1729 and <literal>apple-ufs</literal> <acronym>MBR</acronym> 1730 partitioning schemes have been added to &man.gpart.8;.</para> 1731 1732 <para revision="285594" contrib="sponsor" 1733 sponsor="&scaleengine;">The &man.gpart.8; utility has been 1734 updated to include a new attribute for <acronym>GPT</acronym> 1735 partitions, <literal>lenovofix</literal>, which when set, 1736 which works around <acronym>BIOS</acronym> compatibility 1737 issues reported on several Lenovo ™ laptops.</para> 1738 </sect2> 1739 </sect1> 1740 1741 <sect1 xml:id="boot"> 1742 <title>Boot Loader Changes</title> 1743 1744 <para>This section covers the boot loader, boot menu, and other 1745 boot-related changes.</para> 1746 1747 <sect2 xml:id="boot-loader"> 1748 <title>Boot Loader Changes</title> 1749 1750 <para revision="258431" contrib="sponsor" sponsor="&ff;">The 1751 memory test run at boot time on &os;/&arch.amd64; platforms 1752 has been disabled by default.</para> 1753 1754 <para revision="262955">A new &man.ttys.5; class, 1755 <literal>3wire</literal>, has been added. This is similar to 1756 the existing terminal classes, but does not have a defined 1757 baudrate.</para> 1758 1759 <para revision="274085">The &man.vt.4; driver has been made the 1760 default system console driver. The &man.syscons.4; driver is 1761 still available, and can be enabled by adding 1762 <literal>kern.vty=sc</literal> in &man.loader.conf.5;. 1763 Alternatively, &man.syscons.4; can be enabled at boot time by 1764 entering <literal>set kern.vty=sc</literal> at the 1765 &man.loader.8; prompt.</para> 1766 1767 <para revision="279950">Support for <literal>bzipfs</literal> 1768 has been added to the <acronym>EFI</acronym> loader.</para> 1769 1770 <para revision="281616">The boot loader has been updated to 1771 support entering the <acronym>GELI</acronym> passphrase before 1772 loading the kernel. To enable this behavior, add 1773 <literal>geom_eli_passphrase_prompt="YES"</literal> to 1774 &man.loader.conf.5;.</para> 1775 1776 <para revision="284683" contrib="sponsor" sponsor="&ff;" 1777 arch="arm">The &man.ttys.5; file for &os;/&arch.arm; has been 1778 updated to enable <filename>ttyu1</filename>, 1779 <filename>ttyu2</filename>, and <filename>ttyu3</filename> by 1780 default, if the callin port is an active console port.</para> 1781 1782 <para revision="299393">The default installation directory for 1783 modules has been changed to 1784 <filename>/boot/modules</filename>.</para> 1785 </sect2> 1786 1787 <sect2 xml:id="boot-menu"> 1788 <title>Boot Menu Changes</title> 1789 1790 <para> </para> 1791 </sect2> 1792 </sect1> 1793 1794 <sect1 xml:id="network"> 1795 <title>Networking</title> 1796 1797 <para>This section describes changes that affect networking in 1798 &os;.</para> 1799 1800 <para revision="301875">The unused 1801 <literal>SIOCSIFALIFETIME_IN6</literal> ioctl has been 1802 removed.</para> 1803 1804 <para revision="299848" contrib="sponsor" sponsor="&ff;">Support 1805 to be able to reroot into a NFSv4 volume has been added.</para> 1806 1807 <sect2 xml:id="network-protocols"> 1808 <title>Network Protocols</title> 1809 1810 <para revision="263140">Support for the IPX network transport 1811 protocol has been removed, and will not be supported in 1812 &os; 11 and later releases.</para> 1813 1814 <para revision="272720" contrib="sponsor" 1815 sponsor="&limelight;">Support for <acronym>PLPMTUD</acronym> 1816 blackhole detection (<acronym>RFC</acronym> 4821) has been 1817 added to the &man.tcp.4; stack, disabled by default. New 1818 control tunables have been added:</para> 1819 1820 <informaltable frame="none" pgwide="0"> 1821 <tgroup cols="2"> 1822 <colspec colwidth="1*"/> 1823 <colspec colwidth="1*"/> 1824 <thead> 1825 <row> 1826 <entry>Tunable</entry> 1827 <entry>Description</entry> 1828 </row> 1829 </thead> 1830 1831 <tbody> 1832 <row> 1833 <entry><literal>net.inet.tcp.pmtud_blackhole_detection</literal></entry> 1834 <entry>Enables or disables <acronym>PLPMTUD</acronym> 1835 blackhole detection</entry> 1836 </row> 1837 1838 <row> 1839 <entry><literal>net.inet.tcp.pmtud_blackhole_mss</literal></entry> 1840 <entry><acronym>MSS</acronym> to try for IPv4</entry> 1841 </row> 1842 1843 <row> 1844 <entry><literal>net.inet.tcp.v6pmtud_blackhole_mss</literal></entry> 1845 <entry><acronym>MSS to try for IPv6</acronym></entry> 1846 </row> 1847 </tbody> 1848 </tgroup> 1849 </informaltable> 1850 1851 <para>New monitoring &man.sysctl.8;s haven been added:</para> 1852 1853 <informaltable frame="none" pgwide="0"> 1854 <tgroup cols="2"> 1855 <colspec colwidth="1*"/> 1856 <colspec colwidth="1*"/> 1857 <thead> 1858 <row> 1859 <entry>Tunable</entry> 1860 <entry>Description</entry> 1861 </row> 1862 </thead> 1863 1864 <tbody> 1865 <row> 1866 <entry><literal>net.inet.tcp.pmtud_blackhole_activated</literal></entry> 1867 <entry>Number of times the code was activated to attempt 1868 downshifting the <acronym>MSS</acronym></entry> 1869 </row> 1870 1871 <row> 1872 <entry><literal>net.inet.tcp.pmtud_blackhole_min_activated</literal></entry> 1873 <entry>Number of times the blackhole 1874 <acronym>MSS</acronym> was used in an attempt to 1875 downshift</entry> 1876 </row> 1877 1878 <row> 1879 <entry><literal>net.inet.tcp.pmtud_blackhole_failed</literal></entry> 1880 <entry>Number of times that the blackhole failed to 1881 connect after downshifting the 1882 <acronym>MSS</acronym></entry> 1883 </row> 1884 </tbody> 1885 </tgroup> 1886 </informaltable> 1887 1888 <para revision="280971" contrib="sponsor" 1889 sponsor="&netflix;, &nginx;">Support for <acronym>IP</acronym> 1890 identification for atomic datagrams (<acronym>RFC</acronym> 1891 6864) has been added. Support for this feature can be toggled 1892 with the <literal>net.inet.ip.rfc6864</literal> 1893 &man.sysctl.8;, which is enabled by default.</para> 1894 1895 <para revision="285336" contrib="sponsor" 1896 sponsor="&netgate;">The <acronym>IPSEC</acronym> has been 1897 updated to include support for <acronym>AES</acronym> modes on 1898 both software-only and hardware-backed (&man.aesni.4;) 1899 systems.</para> 1900 1901 <para revision="287798" contrib="sponsor" sponsor="&dell;">The 1902 network stack has been updated to fix handling of 1903 <acronym>IPv6</acronym> On-Link redirects.</para> 1904 1905 <para revision="300240">The net.inet.tcp.ecn.enable sysctl mib 1906 has been changed from a binary off/on control to a three way 1907 setting.</para> 1908 1909 <informaltable frame="none" pgwide="0"> 1910 <tgroup cols="2"> 1911 <colspec colwidth="1*"/> 1912 <colspec colwidth="1*"/> 1913 <thead> 1914 <row> 1915 <entry>Value</entry> 1916 <entry>Description</entry> 1917 </row> 1918 </thead> 1919 <tbody> 1920 <row> 1921 <entry><literal>0</literal></entry> 1922 <entry>Totally disable ECN.</entry> 1923 </row> 1924 1925 <row> 1926 <entry><literal>1</literal></entry> 1927 <entry>Enable ECN if incoming connections request it. 1928 Outgoing connections will request ECN.</entry> 1929 </row> 1930 1931 <row> 1932 <entry><literal>2</literal></entry> 1933 <entry>Enable ECN if incoming connections request it. 1934 Outgoing conections will not request ECN.</entry> 1935 </row> 1936 </tbody> 1937 </tgroup> 1938 </informaltable> 1939 1940 <para revision="300779">Dummynet AQM, an independent 1941 implementation of CoDel and FQ-CoDel for ipfw/dummynet has 1942 been imported to the base system.</para> 1943 1944 </sect2> 1945 </sect1> 1946 1947 <sect1 xml:id="ports"> 1948 <title>Ports Collection and Package Infrastructure</title> 1949 1950 <para>This section covers changes to the &os; Ports 1951 Collection, package infrastructure, and package maintenance and 1952 installation tools.</para> 1953 1954 <sect2 xml:id="ports-infrastructure"> 1955 <title>Infrastructure Changes</title> 1956 1957 <para> </para> 1958 </sect2> 1959 1960 <sect2 xml:id="ports-packages "> 1961 <title>Packaging Changes</title> 1962 1963 <para> </para> 1964 </sect2> 1965 </sect1> 1966 1967 <sect1 xml:id="doc"> 1968 <title>Documentation</title> 1969 1970 <para>This section covers changes to the &os; Documentation 1971 Project sources and toolchain.</para> 1972 1973 <sect2 xml:id="doc-sources"> 1974 <title>Documentation Source Changes</title> 1975 1976 <para> </para> 1977 </sect2> 1978 1979 <sect2 xml:id="doc-toolchain"> 1980 <title>Documentation Toolchain Changes</title> 1981 1982 <para> </para> 1983 </sect2> 1984 </sect1> 1985 1986 <sect1 xml:id="releng"> 1987 <title>Release Engineering and Integration</title> 1988 1989 <para>This section convers changes that are specific to the 1990 &os; Release Engineering processes.</para> 1991 1992 <sect2 xml:id="releng-changes"> 1993 <title>Integration Changes</title> 1994 1995 <para revision="277458" contrib="sponsor" sponsor="&ff;">The 1996 Release Engineering build tools have been updated to include 1997 support for producing virtual machine disk images for various 1998 cloud hosting providers.</para> 1999 2000 <para revision="278926">The Release Engineering build tools have 2001 been updated to use multi-threaded &man.xz.1;. By default, 2002 the number of &man.xz.1; threads is set to the number of cores 2003 available.</para> 2004 2005 <para revision="281802" contrib="sponsor" sponsor="&ff;">The 2006 Release Engineering build tools have been updated to include 2007 support for building &os;/&arch.arm64; virtual machine and 2008 memory stick installation images.</para> 2009 2010 <para revision="282693" contrib="sponsor" sponsor="&ff;">The 2011 Release Engineering build tools have been updated to support 2012 building &os;/&arch.arm; images without external utilities for 2013 supported boards where a corresponding 2014 <literal>u-boot</literal> port exists in the Ports 2015 Collection.</para> 2016 2017 <para revision="283307" contrib="sponsor" sponsor="&ff;">The 2018 &os;/&arch.i386; memory stick installation images are now 2019 created using the &man.mkimg.1; utility, matching the way 2020 the &os;/&arch.amd64; images are created.</para> 2021 </sect2> 2022 </sect1> 2023</article> 2024