article.xml revision 306040
1<?xml version="1.0" encoding="iso-8859-1"?> 2<!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook XML V5.0-Based Extension//EN" 3 "../../../share/xml/freebsd50.dtd" [ 4<!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN" "release.ent"> 5 %release; 6<!ENTITY % sponsor PUBLIC "-//FreeBSD//ENTITIES Sponsor Specification//EN" "sponsor.ent"> 7 %sponsor; 8<!ENTITY % vendor PUBLIC "-//FreeBSD//ENTITIES Vendor Specification//EN" "vendor.ent"> 9 %vendor; 10<!ENTITY security SYSTEM "../../share/xml/security.xml"> 11<!ENTITY errata SYSTEM "../../share/xml/errata.xml"> 12]> 13<article xmlns="http://docbook.org/ns/docbook" 14 xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0"> 15 16 <info> 17 <title>&os; &release.current; Release Notes</title> 18 19 <author> 20 <orgname>The &os; Project</orgname> 21 </author> 22 23 <pubdate>$FreeBSD: releng/11.0/release/doc/en_US.ISO8859-1/relnotes/article.xml 306040 2016-09-20 16:55:59Z gjb $</pubdate> 24 25 <!-- Last rev: 288943 --> 26 27 <copyright> 28 <year>2015</year> 29 <year>2016</year> 30 <holder role="mailto:doc@FreeBSD.org">The &os; Documentation 31 Project</holder> 32 </copyright> 33 34 <legalnotice xml:id="trademarks" role="trademarks"> 35 &tm-attrib.freebsd; 36 &tm-attrib.ibm; 37 &tm-attrib.ieee; 38 &tm-attrib.intel; 39 &tm-attrib.sparc; 40 &tm-attrib.general; 41 </legalnotice> 42 43 <abstract> 44 <para>The release notes for &os; &release.current; contain 45 a summary of the changes made to the &os; base system on the 46 &release.branch; development line. This document lists 47 applicable security advisories that were issued since the last 48 release, as well as significant changes to the &os; kernel and 49 userland. Some brief remarks on upgrading are also 50 presented.</para> 51 </abstract> 52 </info> 53 54 <sect1 xml:id="intro"> 55 <title>Introduction</title> 56 57 <para>This document contains the release notes for &os; 58 &release.current;. It describes recently added, changed, or 59 deleted features of &os;. It also provides some notes on 60 upgrading from previous versions of &os;.</para> 61 62 <para releasetype="current">The &release.type; distribution to 63 which these release notes apply represents the latest point 64 along the &release.branch; development branch since 65 &release.branch; was created. Information regarding pre-built, 66 binary &release.type; distributions along this branch can be 67 found at <uri 68 xlink:href="&release.url;">&release.url;</uri>.</para> 69 70 <para releasetype="snapshot">The &release.type; distribution to 71 which these release notes apply represents a point along the 72 &release.branch; development branch between &release.prev; and 73 the future &release.next;. Information regarding pre-built, 74 binary &release.type; distributions along this branch can be 75 found at <uri 76 xlink:href="&release.url;">&release.url;</uri>.</para> 77 78 <para releasetype="release">This distribution of &os; 79 &release.current; is a &release.type; distribution. It can be 80 found at <uri xlink:href="&release.url;">&release.url;</uri> or 81 any of its mirrors. More information on obtaining this (or 82 other) &release.type; distributions of &os; can be found in the 83 <link 84 xlink:href="&url.books.handbook;/mirrors.html"><quote>Obtaining 85 &os;</quote> appendix</link> to the <link 86 xlink:href="&url.books.handbook;/">&os; 87 Handbook</link>.</para> 88 89 <para>All users are encouraged to consult the release errata 90 before installing &os;. The errata document is updated with 91 <quote>late-breaking</quote> information discovered late in the 92 release cycle or after the release. Typically, it contains 93 information on known bugs, security advisories, and corrections 94 to documentation. An up-to-date copy of the errata for &os; 95 &release.current; can be found on the &os; Web site.</para> 96 97 <para>This document describes the most user-visible new or changed 98 features in &os; since &release.prev;. In general, changes 99 described here are unique to the &release.branch; branch unless 100 specifically marked as &merged; features.</para> 101 102 <para>Typical release note items document recent security 103 advisories issued after &release.prev;, new drivers or hardware 104 support, new commands or options, major bug fixes, or 105 contributed software upgrades. They may also list changes to 106 major ports/packages or release engineering practices. Clearly 107 the release notes cannot list every single change made to &os; 108 between releases; this document focuses primarily on security 109 advisories, user-visible changes, and major architectural 110 improvements.</para> 111 </sect1> 112 113 <sect1 xml:id="important"> 114 <title>Important Notes</title> 115 116 <para>This section lists important information for those upgrading 117 from prior &os; releases.</para> 118 119 <sect2 xml:id="important-notes"> 120 <title>User-facing Changes</title> 121 122 <para>As of <literal>r303719</literal>, 123 <application>OpenSSH</application> <literal>DSA</literal> key 124 generation has been disabled by default. It is important to 125 update <application>OpenSSH</application> keys prior to 126 upgrading. Additionally, <literal>Protocol 1</literal> 127 support has been removed.</para> 128 </sect2> 129 </sect1> 130 131 <sect1 xml:id="upgrade"> 132 <title>Upgrading from Previous Releases of &os;</title> 133 134 <para arch="amd64,i386">Binary upgrades between RELEASE versions 135 (and snapshots of the various security branches) are supported 136 using the &man.freebsd-update.8; utility. The binary upgrade 137 procedure will update unmodified userland utilities, as well as 138 unmodified GENERIC kernels distributed as a part of an official 139 &os; release. The &man.freebsd-update.8; utility requires that 140 the host being upgraded have Internet connectivity.</para> 141 142 <para>Source-based upgrades (those based on recompiling the &os; 143 base system from source code) from previous versions are 144 supported, according to the instructions in 145 <filename>/usr/src/UPDATING</filename>.</para> 146 147 <important> 148 <para>Upgrading &os; should only be attempted after backing up 149 <emphasis>all</emphasis> data and configuration files.</para> 150 </important> 151 </sect1> 152 153 <sect1 xml:id="userland"> 154 <title>Userland</title> 155 156 <para>This section covers changes and additions to userland 157 applications, contributed software, and system utilities.</para> 158 159 <sect2 xml:id="userland-config"> 160 <title>Userland Configuration Changes</title> 161 162 <para revision="266463">The default &man.newsyslog.conf.5; now 163 includes files in the 164 <filename>/etc/newsyslog.conf.d/</filename> and 165 <filename>/usr/local/etc/newsyslog.conf.d/</filename> 166 directories by default for &man.newsyslog.8;.</para> 167 168 <para revision="270675">The &man.mailwrapper.8; utility has been 169 updated to use &man.mailer.conf.5; from the 170 <literal>LOCALBASE</literal> environment variable, which 171 defaults to <filename class="directory">/usr/local</filename> 172 if unset.</para> 173 174 <para revision="272350">The <literal>MK_ARM_EABI</literal> 175 &man.src.conf.5; option has been removed.</para> 176 177 <para revision="301247">The <application>ntp</application> suite 178 has been updated to version 4.2.8p8.</para> 179 180 <para revision="301247">The 181 <filename>/etc/ntp/leap-seconds</filename> has been updated to 182 version 3676752000.</para> 183 184 <para revision="302177">The 185 <literal>WITH_SYSTEM_COMPILER</literal> &man.src.conf.5; 186 option is enabled by default.</para> 187 </sect2> 188 189 <sect2 xml:id="userland-programs"> 190 <title>Userland Application Changes</title> 191 192 <para revision="260594">When unable to load a kernel module with 193 &man.kldload.8;, a message informing to view output of 194 &man.dmesg.8; is now printed, opposed to the previous output 195 <quote>Exec format error.</quote>.</para> 196 197 <para revision="260910">Allow &man.pciconf.8; to identify PCI 198 devices that are attached to a driver to be identified by 199 their device name instead of just the selector. Additionally, 200 the <literal>-l</literal> flag now accepts an optional device 201 argument to list details about a single device.</para> 202 203 <para revision="260913">A new flag, <quote>onifconsole</quote> 204 has been added to <filename>/etc/ttys</filename>. This allows 205 the system to provide a login prompt via serial console if the 206 device is an active kernel console, otherwise it is equivalent 207 to <literal>off</literal>.</para> 208 209 <para revision="260926">Support for displaying VPD for PCI 210 devices via &man.pciconf.8; has been added.</para> 211 212 <para revision="261498">The &man.ping.8; utility has been 213 updated to use the Capsicum framework to drop priviliges, 214 protecting against malicious network packets.</para> 215 216 <para revision="265229">The &man.ps.1; utility has been 217 updated to include the <literal>-J</literal> flag, used to 218 filter output by matching &man.jail.8; IDs and names. 219 Additionally, argument <literal>0</literal> can be used to 220 <literal>-J</literal> to only list processes running on the 221 host system.</para> 222 223 <para revision="265249">The &man.top.1; utility has been updated 224 to filter by &man.jail.8; ID or name, in followup to the 225 &man.ps.1; change in <literal>r265229</literal>.</para> 226 227 <para revision="266209">The &man.pmcstat.8; utility has been 228 updated to include a new flag, <literal>-l</literal>, which 229 ends event collection after the specified number of 230 seconds.</para> 231 232 <para revision="270745">The &man.ps.1; utility has been updated 233 to include a new keyword, <quote>tracer</quote>, which 234 displays the <acronym>PID</acronym> of the tracing 235 process.</para> 236 237 <para revision="271482">Support for adding empty partitions has 238 been added to the &man.mkimg.1; utility.</para> 239 240 <para revision="272166">The &man.primes.6; utility has been 241 updated to correctly enumerate prime numbers between 242 <literal>4295098369</literal> and 243 <literal>3825123056546413050</literal>, which prior to this 244 change, it would be possible for returned values to be 245 incorrectly identified as prime numbers.</para> 246 247 <para revision="272198">The &man.mkimg.1; utility has been 248 updated to include three options used to print information 249 about &man.mkimg.1; itself:</para> 250 251 <informaltable frame="none" pgwide="0"> 252 <tgroup cols="2"> 253 <colspec colwidth="1*"/> 254 <colspec colwidth="1*"/> 255 <thead> 256 <row> 257 <entry>Option</entry> 258 <entry>Output</entry> 259 </row> 260 </thead> 261 262 <tbody> 263 <row> 264 <entry><literal>--version</literal></entry> 265 <entry>The current version of the &man.mkimg.1; 266 utility</entry> 267 </row> 268 269 <row> 270 <entry><literal>--formats</literal></entry> 271 <entry>The disk image file formats supported by 272 &man.mkimg.1;</entry> 273 </row> 274 275 <row> 276 <entry><literal>--schemes</literal></entry> 277 <entry>The partition schemes supported by 278 &man.mkimg.1;</entry> 279 </row> 280 </tbody> 281 </tgroup> 282 </informaltable> 283 284 <para revision="272488">Userland &man.ctf.5; support in 285 &man.dtrace.1; has been added. With this change, 286 &man.dtrace.1; is able to resolve type info for function and 287 <acronym>USDT</acronym> probe arguments, and function return 288 values.</para> 289 290 <para revision="274960">The &man.elfdump.1; utility has been 291 updated to support capability mode provided by 292 &man.capsicum.4;.</para> 293 294 <para revision="275680" contrib="sponsor" sponsor="&ff;">The 295 &man.fstyp.8; utility has been added, which is used to 296 determine the filesystem on a specified device.</para> 297 298 <para revision="276881">The <literal>libedit</literal> library 299 has been updated to support <acronym>UTF</acronym>-8, which 300 additionally provides unicode support to &man.sh.1;.</para> 301 302 <para revision="276893" contrib="sponsor" sponsor="&ff;">The 303 &man.mkimg.1; utility has been updated to support the 304 <acronym>MBR</acronym> <acronym>EFI</acronym> partition 305 type.</para> 306 307 <para revision="277166" arch="powerpc">The &man.ptrace.2; system 308 call has been updated include support for Altivec registers on 309 &os;/&arch.powerpc;.</para> 310 311 <para revision="278320">A new device control utility, 312 &man.devctl.8; has been added, which allows making 313 administrative changes to individual devices, such as 314 attaching and detaching drivers, and enabling and disabling 315 devices. The &man.devctl.8; utility uses the new 316 &man.devctl.3; library.</para> 317 318 <para revision="279122" contrib="sponsor" 319 sponsor="&juniper;">The &man.netstat.1; utility has been 320 updated to link against the &man.libxo.3; shared 321 library.</para> 322 323 <para revision="279139">A new flag, <literal>-c</literal>, has 324 been added to the &man.mkimg.1; utility, which allows 325 specifying the capacity of the target disk image.</para> 326 327 <para revision="279315" contrib="sponsor" sponsor="&ff;">The 328 &man.uefisign.8; utility has been added.</para> 329 330 <para revision="279571" contrib="sponsor" 331 sponsor="&scaleengine;">The &man.freebsd-update.8; utility has 332 been updated to prevent fetching updated binary patches when 333 a previous upgrade has not been thoroughly completed.</para> 334 335 <para revision="280870">A regression in the &man.libarchive.3; 336 library that would prevent a directory from being included in 337 the archive when <literal>--one-file-system</literal> is used 338 has been fixed.</para> 339 340 <para revision="281311" contrib="sponsor" sponsor="&ff;">The 341 &man.ar.1; utility has been updated to set 342 <literal>ARCHIVE_EXTRACT_SECURE_SYMLINKS</literal> and 343 <literal>ARCHIVE_EXTRACT_SECURE_NODOTDOT</literal> to disallow 344 directory traversal when extracting an archive, similar to 345 &man.tar.1;.</para> 346 347 <para revision="281617">A race condition in &man.wc.1; that 348 would cause final results to be sent to &man.stderr.4; when 349 receiving the <literal>SIGINFO</literal> signal has been 350 fixed.</para> 351 352 <para revision="282208" contrib="sponsor" 353 sponsor="&multiplay;">The &man.chflags.1;, &man.chgrp.1;, 354 &man.chmod.1;, and &man.chown.8; utilities now affect symbolic 355 links when the <literal>-R</literal> flag is specified, as 356 documented in &man.symlink.7;.</para> 357 358 <para revision="282608">The &man.date.1; utility has been 359 updated to print the modification time of the file passed as 360 an argument to the <literal>-r</literal> flag, improving 361 compatibility with the <acronym>GNU</acronym> &man.date.1; 362 utility behavior.</para> 363 364 <para revision="283961">The &man.pw.8; utility has been updated 365 with a new flag, <literal>-R</literal>, that sets the root 366 directory within which the utility will operate.</para> 367 368 <para revision="284297" contrib="sponsor" 369 sponsor="&clusterhq;">The &man.lockstat.1; utility has been 370 updated with several improvements:</para> 371 372 <itemizedlist> 373 <listitem> 374 <para>Spin locks are now reported as the amount of time 375 spinning, instead of loop iterations.</para> 376 </listitem> 377 378 <listitem> 379 <para>Reader locks are now recognized as adaptive that can 380 spin on &os;.</para> 381 </listitem> 382 383 <listitem> 384 <para>Lock aquisition events for successful reader try-lock 385 events are now reported.</para> 386 </listitem> 387 388 <listitem> 389 <para>Spin and block events are now reported before lock 390 acquisition events.</para> 391 </listitem> 392 </itemizedlist> 393 394 <para revision="284589" contrib="sponsor" 395 sponsor="&scaleengine;">The &man.fstyp.8; utility has been 396 updated to be able to detect &man.zfs.8; and &man.geli.8; 397 filesystems.</para> 398 399 <para revision="284883">The &man.mkimg.1; utility has been 400 updated to include support for <literal>NTFS</literal> 401 filesystems in both <acronym>MBR</acronym> and 402 <acronym>GPT</acronym> partitioning schemes.</para> 403 404 <para revision="285253">The &man.quota.1; utility has been 405 updated to include support for <acronym>IPv6</acronym>.</para> 406 407 <para revision="285420">The &man.jexec.8; utility has been 408 updated to include a new flag, <literal>-l</literal>, which 409 ensures a clean environment in the target jail when used. 410 Additionally, &man.jexec.8; will run a shell within the target 411 jail when run no commands are specified.</para> 412 413 <para revision="285550">The &man.w.1; utility has been updated 414 to display the full IPv6 remote address of the host from which 415 a user is connected.</para> 416 417 <para revision="285685">The &man.jail.8; framework has been 418 updated to allow mounting &man.linprocfs.5; and 419 &man.linsysfs.5; within a jail.</para> 420 421 <para revision="285772" contrib="sponsor" 422 sponsor="&emcisilon;">The &man.patch.1; utility has been 423 updated to include a new option to the <literal>-V</literal> 424 flag, <literal>none</literal>, which disables backup file 425 creation when applying a patch.</para> 426 427 <para revision="286010" contrib="sponsor" sponsor="&ff;">The 428 &man.ar.1; utility now enables deterministic mode 429 (<literal>-D</literal>) by default. This behavior can be 430 disabled by specifying the <literal>-U</literal> flag.</para> 431 432 <para revision="286289" contrib="sponsor" 433 sponsor="&scaleengine;">The &man.xargs.1; utility has been 434 updated to allow specifying <literal>0</literal> as an 435 argument to the <literal>-P</literal> (parallel mode) flag, 436 which allows creating as many concurrent processes as 437 possible.</para> 438 439 <para revision="286795">The &man.patch.1; utility has been 440 updated to remove the automatic checkout feature.</para> 441 442 <para revision="287473" contrib="sponsor" sponsor="&gandi;">A 443 new utility, &man.sesutil.8;, has been added, which is used 444 to manage &man.ses.4; devices.</para> 445 446 <para revision="287522">The &man.pciconf.8; utility has been 447 updated to use the PCI ID database from the <filename 448 role="package">misc/pciids</filename> package, if present, 449 falling back to the PCI ID database in the &os; base 450 system.</para> 451 452 <para revision="300738">By default the &man.ifconfig.8; utility 453 will set the default regulatory domain to 454 <literal>FCC</literal> on wireless interfaces. As a result, 455 newly created wireless interfaces with default settings will 456 have less chances to violate country-specific 457 regulations.</para> 458 </sect2> 459 460 <sect2 xml:id="userland-contrib"> 461 <title>Contributed Software</title> 462 463 <para revision="275718">The <application>binutils</application> 464 suite of utilities has been updated to include upstream 465 patches that add new relocations for &arch.powerpc; 466 support.</para> 467 468 <para revision="292120" contrib="sponsor" sponsor="&ff;">The 469 <application>ELF Tool Chain</application> has been updated to 470 upstream revision r3272.</para> 471 472 <para revision="276551">The <application>texinfo</application> 473 utility and <literal>info</literal> pages were removed from 474 the base system. The <filename 475 role="package">print/texinfo</filename> port should be 476 installed on systems where <literal>info</literal> pages are 477 needed.</para> 478 479 <para revision="276796" contrib="sponsor" sponsor="&ff;">The ELF 480 object manipulation tools 481 <application>addr2line</application>, 482 <application>elfcopy (strip)</application>, 483 <application>nm</application>, 484 <application>readelf</application>, 485 <application>size</application>, and 486 <application>strings</application> were switched to the 487 versions from the ELF Tool Chain project.</para> 488 489 <para revision="278433">The &man.xz.1; utility has been updated 490 to support multi-threaded compression.</para> 491 492 <para revision="280932" contrib="sponsor" sponsor="&ff;">The 493 <application>elftoolchain</application> utilities have been 494 updated to version 3179.</para> 495 496 <para revision="281373">The &man.nvi.1; utility has been updated 497 to version 2.1.3.</para> 498 499 <para revision="281806">The &man.wpa.supplicant.8; and 500 &man.hostapd.8; utilities have been updated to version 501 2.4.</para> 502 503 <para revision="284254"><application>bmake</application> has 504 been updated to version 20150606.</para> 505 506 <para revision="285229"><application>Sendmail</application> has 507 been updated to 8.15.2. Starting with &os; 11.0 and 508 sendmail 8.15, sendmail uses uncompressed IPv6 addresses by 509 default, i.e., they will not contain <quote>::</quote>. For 510 example, instead of <quote>::1</quote>, it will be 511 <quote>0:0:0:0:0:0:0:1</quote>. This permits a zero subnet to 512 have a more specific match, such as different map entries for 513 IPv6:0:0 versus IPv6:0. This change requires that 514 configuration data (including maps, files, classes, custom 515 ruleset, etc.) must use the same format, so make certain such 516 configuration data is upgrading. As a very simple check 517 search for patterns like 'IPv6:[0-9a-fA-F:]*::' and 'IPv6::'. 518 To return to the old behavior, set the m4 option 519 <literal>confUSE_COMPRESSED_IPV6_ADDRESSES</literal> or the cf 520 option <literal>UseCompressedIPv6Addresses</literal>.</para> 521 522 <para revision="285275">The &man.tcpdump.1; utility has been 523 updated to version 4.7.4.</para> 524 525 <para revision="285642" contrib="sponsor" sponsor="&dell;">The 526 &man.ssh.1; utility has been updated to re-implement hostname 527 canonicalization before locating the host in 528 <filename>known_hosts</filename>.</para> 529 530 <para revision="285972">The &man.libarchive.3; library has been 531 updated to properly skip a sparse file entry in a &man.tar.1; 532 file, which would previously produce errors.</para> 533 534 <para revision="286503">The <application>apr</application> 535 library used by &man.svnlite.1; has been updated to version 536 1.5.2.</para> 537 538 <para revision="286505">The <application>serf</application> 539 library used by &man.svnlite.1; has been updated to version 540 1.3.8.</para> 541 542 <para revision="287168">The &man.acpi.4; subsystem has been 543 updated to version 20150818.</para> 544 545 <para revision="287917">The &man.unbound.8; utility has been 546 updated to version 1.5.4.</para> 547 548 <para revision="288303">The &man.nc.1; utility has been updated 549 to the OpenBSD 5.8 version.</para> 550 551 <para revision="290697">Timezone data files have been updated to 552 version 2015g.</para> 553 554 <para revision="291125">The &man.xz.1; utility has been updated 555 to version 5.2.2.</para> 556 557 <para revision="292257">The &man.mandoc.1; utility has been 558 updated to version 20160116.</para> 559 560 <para revision="292432"><application>OpenBSM</application> has 561 been updated to version 1.2 alpha 4.</para> 562 563 <para revision="296417"><application>Clang</application> has 564 been updated to version 3.8.0.</para> 565 566 <para revision="296417"><application>LLVM</application> has 567 been updated to version 3.8.0.</para> 568 569 <para revision="296417"><application>LLDB</application> has 570 been updated to version 3.8.0.</para> 571 572 <para revision="296417"><application>libc++</application> has 573 been updated to version 3.8.0.</para> 574 575 <para revision="296417">The 576 <application>compiler_rt</application> utility has been 577 updated to version 3.8.0.</para> 578 579 <para revision="296190" contrib="sponsor" sponsor="&ff;">The 580 &man.resolvconf.8; utility has been updated to version 581 3.7.3.</para> 582 583 <para revision="296633"><application>OpenSSH</application> has 584 been updated to 7.2p2.</para> 585 586 <para revision="297276">The &man.byacc.1; utility has been 587 updated to version 20160324.</para> 588 589 <para revision="298161">The <application>sqlite3</application> 590 library used by &man.svnlite.1; and &man.kerberos.8; has been 591 updated to version 3.12.1.</para> 592 593 <para revision="298166"><application>libucl</application> has 594 been updated to version 0.8.0.</para> 595 596 <para revision="298845">The &man.svnlite.1; utility has been 597 updated to version 1.9.4.</para> 598 599 <para revision="298998"><application>OpenSSL</application> has 600 been updated to version 1.0.2h.</para> 601 602 <para revision="300879"><application>ACPICA</application> has 603 been updated to version 20160527.</para> 604 605 <para revision="301169" contrib="sponsor" sponsor="&ff;">The 606 &man.libblacklist.3; library and applications have been ported 607 from the NetBSD Project. Packet filtering support for the 608 &man.pf.4; packet filtering systems has been implemented. The 609 <application>blacklist</application> system provides the 610 <application>blacklistd</application> daemon, the helper 611 script <application>blacklistd-helper</application> to make 612 changes to the running packet filter system and the 613 <application>blacklistctl</application> control program. 614 A selection of system daemons, including: 615 <application>fingerd</application>, 616 <application>ftpd</application>, 617 <application>rlogind</application>, and 618 <application>rshd</application> have been modified to support 619 sending notifications to the 620 <application>blacklistd</application> daemon.</para> 621 622 <para revision="301718">The &man.jemalloc.3; library has been 623 updated to version 4.2.1.</para> 624 625 <para revision="301736" contrib="sponsor" sponsor="&ff;">Support 626 for the &man.ipfw.4; packet filter has been added to the 627 <application>blacklistd-helper</application> script.</para> 628 629 <para revision="301843" contrib="sponsor" sponsor="&ff;">Support 630 for the &man.ipfilter.4; packet filter has been added to the 631 <application>blacklistd-helper</application> script.</para> 632 633 <para revision="302221">The &man.file.1; utility has been 634 updated to version 5.28.</para> 635 636 <para revision="303716">SSHv1 support has been removed from 637 <application>OpenSSH</application>.</para> 638 639 <para revision="303719">Support for DSA is disabled by default 640 in <application>OpenSSH</application>.</para> 641 </sect2> 642 643 <sect2 xml:id="userland-installer"> 644 <title>Installation and Configuration Tools</title> 645 646 <para revision="271539">The &man.bsdinstall.8; partition editor 647 and &man.sade.8; utility have been updated to include native 648 <acronym>ZFS</acronym> support.</para> 649 650 <para revision="272274">The &os; installation utility, 651 &man.bsdinstall.8;, has been updated to set the 652 <literal>canmount</literal> &man.zfs.8; property to 653 <literal>off</literal> for the <filename 654 class="directory">/var</filename> dataset, preventing the 655 contents of directories within <filename 656 class="directory">/var</filename> from conflicting when 657 using multiple boot environments, such as that provided by 658 <filename role="package">sysutils/beadm</filename>.</para> 659 660 <para revision="274394">The &man.bsdconfig.8; utility has been 661 updated to skip the initial &man.tzsetup.8; 662 <acronym>UTC</acronym> versus wall-clock time prompt when run 663 in a virtual machine, determined when the 664 <literal>kern.vm_guest</literal> &man.sysctl.8; is set to 665 <literal>1</literal>.</para> 666 667 <para revision="275874">The &man.bsdinstall.8; utility has been 668 updated to use the new &man.dpv.3; library to display progress 669 when extracting the &os; distributions.</para> 670 671 <para revision="285557" contrib="sponsor" 672 sponsor="&scaleengine;">Support for detecting and implementing 673 aligning partitions on 1Mb boundaries has been added to 674 &man.bsdinstall.8;.</para> 675 676 <para revision="285679" contrib="sponsor" 677 sponsor="&scaleengine;">Support for detecting and implementing 678 a workaround for various laptops and motherboards that do not 679 boot properly from <acronym>GPT</acronym>-partitioned disks 680 has been added to &man.bsdinstall.8;. Additionally, the 681 <literal>active</literal> flag will be set on the partition 682 when needed.</para> 683 684 <para revision="285679" contrib="sponsor" 685 sponsor="&scaleengine;">Support for selecting the partitioning 686 scheme when installing on the <acronym>UFS</acronym> 687 filesystem has been added to &man.bsdinstall.8;.</para> 688 689 <para revision="303447">The &man.bsdinstall.8; utility has been 690 updated to include various system hardening options during 691 installation.</para> 692 </sect2> 693 694 <sect2 xml:id="userland-rc"> 695 <title><filename class="directory">/etc/rc.d</filename> 696 Scripts</title> 697 698 <para revision="270676">The &man.rc.8; subsystem has been 699 updated to allow configuring services in <filename 700 class="directory">${LOCALBASE}/etc/rc.conf.d/</filename>. 701 If <literal>LOCALBASE</literal> is unset, it defaults to 702 <filename class="directory">/usr/local</filename>.</para> 703 704 <para revision="273955">A new &man.rc.8; script, 705 <filename>growfs</filename>, has been added, which will resize 706 the root filesystem on boot if <filename>/firstboot</filename> 707 exists.</para> 708 709 <para revision="275299">The <filename>mrouted</filename> 710 &man.rc.8; script has been removed from the base system. An 711 equivalent script is available from the <filename 712 role="package">net/mrouted</filename> port.</para> 713 714 <para revision="287576" contrib="sponsor" 715 sponsor="&scaleengine;">The &man.service.8; utility has been 716 updated to honor entries within <filename 717 class="directory">/etc/rc.conf.d/</filename>.</para> 718 719 <para revision="298515">Two new subcommands have been added to 720 the &man.rc.8; subsystem. <command>describe</command> shows 721 an rc script's description, and 722 <command>extracommands</command> shows any non-standard 723 commands present in an rc script, like 724 <command>reload</command>, <command>configtest</command>, or 725 <command>keygen</command>.</para> 726 </sect2> 727 728 <sect2 xml:id="userland-periodic"> 729 <title><filename class="directory">/etc/periodic</filename> 730 Scripts</title> 731 732 <para revision="271321">The daily &man.periodic.8; script 733 <filename>110.clean-tmps</filename> has been updated to avoid 734 crossing filesystem mount boundaries when cleaning files in 735 <filename class="directory">/tmp</filename>.</para> 736 737 <para revision="277216" contrib="sponsor" sponsor="&ff;">A new 738 &man.periodic.8; script, 739 <filename>510.status-world-kernel</filename>, has been added, 740 which evaluates the running userland and kernel versions from 741 the &man.uname.1; <literal>-U</literal> and 742 <literal>-K</literal> arguments, and prints an error if the 743 system userland and kernel are not in sync.</para> 744 </sect2> 745 746 <sect2 xml:id="userland-libraries"> 747 <title>Runtime Libraries and API</title> 748 749 <para revision="265995">The Blowfish &man.crypt.3; default 750 format has been changed to 751 <literal>$2b$</literal>.</para> 752 753 <para revision="268461">The &man.readline.3; library is now 754 statically linked in software within the base system, and the 755 shared library is no longer installed, allowing the Ports 756 Collection to use a modern version of the library.</para> 757 758 <para revision="272273">The &man.strptime.3; library has been 759 updated to add support for <acronym>POSIX</acronym>-2001 760 features <literal>%U</literal> and 761 <literal>%W</literal>.</para> 762 763 <para revision="272842,272848" contrib="sponsor" 764 sponsor="&ff;">The &man.dl.iterate.phdr.3; library has been 765 changed to always return the path name of the 766 <acronym>ELF</acronym> object in the 767 <literal>dlpi_name</literal> structure member.</para> 768 769 <para revision="273562" contrib="sponsor" 770 sponsor="&juniper;">The &man.libxo.3; library has been 771 imported to the base system.</para> 772 773 <para revision="273806" contrib="sponsor" sponsor="&chelsio;">A 774 userland library for Chelsio Terminator 5 based iWARP cards 775 has been added, allowing userland <acronym>RDMA</acronym> 776 applications to work over compatible 777 <acronym>NIC</acronym>s.</para> 778 779 <para revision="274987">The &man.gpio.3; library has been added, 780 providing a wrapper around the &man.gpio.4; kernel 781 interface.</para> 782 783 <para revision="275800" contrib="sponsor" sponsor="&ff;">The 784 &man.procctl.2; system call has been updated to include 785 a facility for non-&man.init.8; processes to be declared as 786 the reaper of child processes and their decendants.</para> 787 788 <para revision="277610">The <literal>futimens()</literal> and 789 <literal>utimensat()</literal> system calls have been 790 added. See &man.utimensat.2; for more information.</para> 791 792 <para revision="278934">The &man.elf.3; compile-time dependency 793 has been removed from <filename>dtri.o</filename>, which 794 allows adding <application>DTrace</application> probes to 795 userland applications and libraries without also linking 796 against &man.elf.3;.</para> 797 798 <para revision="279186">The &man.setmode.3; function has been 799 updated to consistently set <literal>errno</literal> on 800 failure.</para> 801 802 <para revision="279663">The &man.qsort.3; functions have been 803 updated to be able to handle 32-bit aligned data on 64-bit 804 platforms, also providing a significant improvement in 32-bit 805 workloads.</para> 806 807 <para revision="281130">Several standard include headers have 808 been updated to use of <application>gcc</application> 809 attributes, such as <literal>__result_use_check()</literal>, 810 <literal>__alloc_size()</literal>, and 811 <literal>__nonnull()</literal>.</para> 812 813 <para revision="281845">Support for file verification in 814 <acronym>MAC</acronym> has been added.</para> 815 816 <para revision="282973" contrib="sponsor" sponsor="&ff;">The 817 <literal>libgomp</literal> library is now only built when 818 building <acronym>GCC</acronym> from the base system. An 819 up-to-date version is available in the Ports Collection as 820 <filename 821 role="package">devel/libiomp5-devel</filename>.</para> 822 823 <para revision="282988">The <filename>stdlib.h</filename> and 824 <filename>malloc.h</filename> headers have been updated to 825 make use of the <application>gcc</application> 826 <literal>alloc_align()</literal> attribute.</para> 827 828 <para revision="284483" contrib="sponsor" 829 sponsor="&scaleengine;">The Blowfish &man.crypt.3; library 830 has been updated to support $2y$ hashes.</para> 831 832 <para revision="285277">The &man.execl.3; and &man.execlp.3; 833 library functions have been updated to use the 834 <literal>__sentinel</literal> <application>gcc</application> 835 attribute.</para> 836 </sect2> 837 838 <sect2 xml:id="userland-abi"> 839 <title>ABI Compatibility</title> 840 841 <para revision="271982">The &linux; compatibility version has 842 been updated to <literal>2.6.18</literal>. The 843 <literal>compat.linux.osrelease</literal> &man.sysctl.8; is 844 evaluated when building the <filename 845 role="package">emulators/linux-c6</filename> and related 846 ports.</para> 847 848 <para revision="288669">The stack protector has been upgraded to 849 the "strong" level, elevating the protection against buffer 850 overflows. While this significantly improves the security of 851 the system, extensive testing was done to ensure there are no 852 measurable side effects in performance or 853 functionality.</para> 854 </sect2> 855 </sect1> 856 857 <sect1 xml:id="kernel"> 858 <title>Kernel</title> 859 860 <para>This section covers changes to kernel configurations, system 861 tuning, and system control parameters that are not otherwise 862 categorized.</para> 863 864 <sect2 xml:id="kernel-bugfix"> 865 <title>Kernel Bug Fixes</title> 866 867 <para revision="265876">A kernel bug that inhibited proper 868 functionality of the <literal>dev.cpu.0.freq</literal> 869 &man.sysctl.8; on &intel; processors with Turbo 870 Boost ™ enabled has been fixed.</para> 871 872 <para revision="271697" arch="powerpc">Support for 873 &man.dtrace.1; stack tracing has been fixed for 874 &os;/&arch.powerpc;, using the <literal>trapexit()</literal> 875 and <literal>asttrapexit()</literal> functions instead of 876 checking within addressed kernel space.</para> 877 878 <para revision="271917">A kernel panic triggered when destroying 879 a &man.vnet.9; &man.jail.8; configured with &man.gif.4; has 880 been fixed.</para> 881 882 <para revision="271918">A kernel panic triggered when destroying 883 a &man.vnet.9; &man.jail.8; configured with &man.gre.4; has 884 been fixed.</para> 885 886 <para revision="272089">A bug in &man.ipfw.4; that could 887 potentially lead to a kernel panic when using &man.dummynet.4; 888 at layer 2 has been fixed.</para> 889 890 <para revision="280930" contrib="sponsor" sponsor="&mitail;">The 891 kernel <acronym>RPC</acronym> has been updated to include 892 several enhancements:</para> 893 894 <itemizedlist> 895 <listitem> 896 <para>The 45 MiB limit on requests queued for 897 &man.nfsd.8; threads has been removed.</para> 898 </listitem> 899 900 <listitem> 901 <para>Avoids unnecessary throttling by not deferring 902 accounting for completed requests.</para> 903 </listitem> 904 905 <listitem> 906 <para>Fixes an integer overflow and signedness bugs.</para> 907 </listitem> 908 </itemizedlist> 909 910 <para revision="281261" arch="powerpc">Support for 911 &man.dtrace.1; has been added for the 912 Book-E ™.</para> 913 914 <para revision="287886" contrib="sponsor" 915 sponsor="&multiplay;">The &man.kqueue.2; system call has been 916 updated to handle write events to files larger than 2 917 gigabytes.</para> 918 </sect2> 919 920 <sect2 xml:id="kernel-config"> 921 <title>Kernel Configuration</title> 922 923 <para revision="266531">The <literal>IMAGACT_BINMISC</literal> 924 kernel configuration option has been enabled by default, 925 which enables application execution through emulators, such 926 as <application>Qemu</application>.</para> 927 928 <para revision="268045">The <literal>VT</literal> kernel 929 configuration file has been removed, and the &man.vt.4; 930 driver is included in the <literal>GENERIC</literal> kernel. 931 To enable &man.vt.4;, enter <literal>set kern.vty=vt</literal> 932 at the &man.loader.8; prompt during boot, or add 933 <literal>kern.vty=vt</literal> to &man.loader.conf.5; and 934 reboot the system.</para> 935 936 <para revision="277904">The &man.config.8; utility has been 937 updated to allow using a non-standard <filename 938 class="directory">src/</filename> tree, specified as an 939 argument to the <literal>-s</literal> flag.</para> 940 941 <para revision="277990" arch="powerpc64">The 942 &os;/&arch.powerpc64; kernel now builds as 943 a position-independent executable, allowing the kernel to be 944 loaded into and run from any physical or virtual 945 address.</para> 946 947 <important> 948 <para>This change requires an update to &man.loader.8;. 949 The userland and kernel must be updated before rebooting the 950 system.</para> 951 </important> 952 953 <para revision="278338" arch="arm">A new module for creating 954 <filename>rpi.dtb</filename> has been added for the Raspberry 955 Pi.</para> 956 957 <para revision="278340" arch="arm">The 958 <filename>rpi.dtb</filename> module is now installed to 959 <filename class="directory">/boot/dtb/</filename> by 960 default for the Raspberry Pi system.</para> 961 962 <para revision="279189" contrib="sponsor" sponsor="&ff;" 963 arch="powerpc">Kernel support for Vector-Scalar eXtension 964 (<acronym>VSX</acronym>) found on POWER7 and POWER8 hardware 965 has been added.</para> 966 967 <para revision="279252" contrib="sponsor" sponsor="&ff;" 968 arch="powerpc">The &man.pmap.9; implementation for 64-bit 969 &powerpc; processors has been overhaulded to improve 970 concurrency.</para> 971 972 <para revision="279824" arch="arm">A new module for creating 973 the <filename>dtb</filename> module for AM335x systems has 974 been added.</para> 975 976 <para revision="281495" contrib="sponsor" sponsor="&ff;">The 977 <literal>PAE_TABLES</literal> kernel configuration option has 978 been added for &os;/&arch.i386;, which instructs &man.pmap.9; 979 to use <acronym>PAE</acronym> format for page tables while 980 maintaining a 32-bit physical address size elsewhere in the 981 kernel. The use of this option can enhance application-level 982 security by enabling the creation of <quote>no execute</quote> 983 mappings on modern &arch.i386; processors. Unlike the 984 <literal>PAE</literal> option, <literal>PAE_TABLES</literal> 985 preserves kernel binary interface (<acronym>KBI</acronym>) 986 compatibility with non-<literal>PAE</literal> kernels, 987 allowing non-<literal>PAE</literal> kernel modules and drivers 988 to work with a <literal>PAE_TABLES</literal>-enabled kernel. 989 Additionally, system limits are tuned for 4GB maximum 990 <acronym>RAM</acronym>, avoiding kernel virtual address space 991 (<acronym>KVA</acronym>) exhaustion.</para> 992 993 <para revision="282215">The <literal>SIFTR</literal> kernel 994 configuration has been added, allowing building &man.siftr.4; 995 statically into the kernel.</para> 996 997 <para revision="282731" arch="arm">The &arch.arm; boot loader, 998 <filename>ubldr</filename>, is now relocatable. In addition, 999 <filename>ubldr.bin</filename> is now created during build 1000 time, which is a stripped binary with an entry point of 1001 <literal>0</literal>, providing the ability to specify the 1002 load address by running <literal>go 1003 ${loadaddr}</literal> in 1004 <literal>u-boot</literal>.</para> 1005 1006 <para revision="282921" contrib="sponsor" sponsor="&intelcorp;" 1007 arch="amd64,i386">The &man.nvd.4; and &man.nvme.4; drivers are 1008 now included in the <filename>GENERIC</filename> kernel 1009 configuration by default.</para> 1010 1011 <para revision="283959" contrib="sponsor" 1012 sponsor="&limelight;">A new kernel configuration option, 1013 <literal>EM_MULTIQUEUE</literal>, has been added which enables 1014 multi-queue support in the &man.em.4; driver.</para> 1015 1016 <note> 1017 <para>Multi-queue support in the &man.em.4; driver is not 1018 officially supported by &intel;.</para> 1019 </note> 1020 1021 <para revision="285142" contrib="sponsor" 1022 sponsor="&netgate;">The <filename>GENERIC</filename> kernel 1023 configuration has been updated to include the 1024 <literal>IPSEC</literal> option by default.</para> 1025 1026 <para revision="285387" contrib="sponsor" 1027 sponsor="&norse;, &dell;">Initial <acronym>NUMA</acronym> 1028 affinity and policy configuration has been added. See 1029 &man.numactl.1;, and &man.numa.getaffinity.2;, for usage 1030 details.</para> 1031 1032 <note> 1033 <para>If the system BIOS generates an invalid ACPI SRAT table, 1034 the kernel will ignore it, effectively disabling 1035 <acronym>NUMA</acronym>. If dmesg shows "SRAT: 1036 Duplicate local APIC ID", try updating the BIOS to fix 1037 NUMA support.</para> 1038 </note> 1039 1040 <para revision="285307">Support for running CloudABI executables 1041 on amd64 and arm64 has been added. CloudABI is a runtime 1042 environment that uses capability-based security exclusively, 1043 similar to &man.capsicum.4; always being enabled. It allows 1044 designing, implementing and testing strongly sandboxed 1045 applications more easily.</para> 1046 1047 <para revision="286231">The &man.pms.4; driver has been added 1048 to the <filename>GENERIC</filename> kernel configuration for 1049 supported architectures.</para> 1050 1051 <para revision="287306" arch="arm">The 1052 <filename>CUBIEBOARD2</filename> kernel configuration has been 1053 renamed to <filename>A20</filename>.</para> 1054 1055 <para revision="288176" contrib="sponsor" sponsor="&ff;">Kernel 1056 debugging symbols are now installed to <filename 1057 class="directory">/usr/lib/debug/boot/kernel/</filename>. 1058 To retain the previous behavior, add 1059 <literal>KERN_DEBUGDIR=""</literal> to 1060 &man.src.conf.5;.</para> 1061 1062 <para revision="296277" contrib="sponsor" 1063 sponsor="&chelsio;">Support for POSIX asynchronous I/O is 1064 now included in the kernel by default. The 1065 <literal>VFS_AIO</literal> kernel option and 1066 <literal>aio.ko</literal> kernel module have been removed. 1067 Asynchronous I/O operations on sockets, local files, and 1068 disk devices are permitted by default. However, operations 1069 on other file types are disabled. See the &man.aio.4; 1070 manual page for more details.</para> 1071 1072 <para revision="301565" contrib="sponsor" sponsor="&ff;" 1073 arch="arm64">&arch.arm64; has been switched over to using 1074 <literal>INTRNG</literal> by default.</para> 1075 </sect2> 1076 1077 <sect2 xml:id="kernel-sysctl"> 1078 <title>System Tuning and Controls</title> 1079 1080 <para revision="275140" contrib="sponsor" sponsor="&ff;">The 1081 &man.hwpmc.4; default and maximum callchain depths have been 1082 increased. The default has been increased from 16 to 32, and 1083 the maximum increased from 32 to 128.</para> 1084 1085 <para revision="279361">The <literal>kern.osrelease</literal> 1086 and <literal>kern.osreldate</literal> are now configurable 1087 &man.jail.8; parameters.</para> 1088 1089 <para revision="280308,280949" contrib="sponsor" 1090 sponsor="&ix;, &ff;">The &man.devfs.5; device filesystem has 1091 been changed to update timestamps for read/write operations 1092 using seconds precision. A new &man.sysctl.8;, 1093 <literal>vfs.devfs.dotimes</literal> has been added, which 1094 when set to a non-zero value, enables default precision 1095 timestamps for these operations.</para> 1096 1097 <para revision="282213" contrib="sponsor" sponsor="&ff;">A new 1098 &man.sysctl.8;, <literal>kern.racct.enable</literal>, has been 1099 added, which when set to a non-zero value allows using 1100 &man.rctl.8; with the <literal>GENERIC</literal> kernel. 1101 A new kernel configuration option, 1102 <literal>RACCT_DISABLED</literal> has also been added.</para> 1103 1104 <para revision="282901" contrib="sponsor" sponsor="&ff;">The 1105 <literal>GENERIC</literal> kernel configuration now includes 1106 <literal>RACCT</literal> and <literal>RCTL</literal> by 1107 default.</para> 1108 1109 <note> 1110 <para>To enable <literal>RACCT</literal> and 1111 <literal>RCTL</literal> on a system using the 1112 <literal>GENERIC</literal> kernel configuration, add 1113 <literal>kern.racct.enable=1</literal> to 1114 &man.loader.conf.5;, and reboot the system.</para> 1115 </note> 1116 1117 <para revision="283136" contrib="sponsor" 1118 sponsor="&limelight;">A new &man.sysctl.8;, 1119 <literal>net.inet.tcp.hostcache.purgenow</literal>, has 1120 been added, which when set to <literal>1</literal> during 1121 runtime will flush all 1122 <literal>net.inet.tcp.hostcache</literal> entries.</para> 1123 1124 <para revision="285524">A new &man.sysctl.8;, 1125 <literal>hw.model</literal>, has been added, which displays 1126 <acronym>CPU</acronym> model information.</para> 1127 1128 <para revision="286591">The &man.uart.4; driver has been 1129 updated to allow tuning pulses per second captured in the 1130 CTS line during runtime, whereas previously only the DCD line 1131 could be used without rebuilding the kernel.</para> 1132 </sect2> 1133 </sect1> 1134 1135 <sect1 xml:id="drivers"> 1136 <title>Devices and Drivers</title> 1137 1138 <para>This section covers changes and additions to devices and 1139 device drivers since &release.prev;.</para> 1140 1141 <sect2 xml:id="drivers-device"> 1142 <title>Device Drivers</title> 1143 1144 <para revision="260903">Support for GPS ports has been added to 1145 &man.uhso.4;.</para> 1146 1147 <para revision="265132">The &man.full.4; device has been added, 1148 and the <literal>lindev(4)</literal> device has been removed. 1149 Prior to this change, <literal>lindev(4)</literal> provided 1150 only the <filename>/dev/full</filename> character device, 1151 returning <literal>ENOSPC</literal> on write attempts. As 1152 this device is not specific to &linux;, a native &os; version 1153 has been added.</para> 1154 1155 <para revision="271705">Hardware context support has been 1156 added to the <literal>drm/i915</literal> driver, adding 1157 support for <application>Mesa</application> 9.2 and 1158 later.</para> 1159 1160 <para revision="273178">The &man.vt.4; driver has been updated, 1161 replacing the bitmapped <literal>kern.vt.spclkeys</literal> 1162 &man.sysctl.8; with individual 1163 <literal>kern.vt.kbd_*</literal> variants.</para> 1164 1165 <para revision="273598">The &man.hpet.4; driver has been updated 1166 to create a 1167 <filename>/dev/hpet<replaceable>N</replaceable></filename> 1168 device, providing access to <acronym>HPET</acronym> from 1169 userspace.</para> 1170 1171 <para revision="280183">The <literal>drm</literal> code has 1172 been updated to match &linux; version 3.8.13.</para> 1173 1174 <para revision="281440">The &man.psm.4; driver has been updated 1175 to include improved support for newer Synaptics ® 1176 touchpads and the ClickPad ® mouse on newer 1177 Lenovo ™ laptops.</para> 1178 1179 <para revision="282783" arch="powerpc">Support for the Freescale 1180 <acronym>PCI</acronym> Root Complex device has been 1181 added.</para> 1182 1183 <para revision="285876">The &man.cyapa.4; driver has been added, 1184 supporting the Cypress APA I2C trackpad.</para> 1185 1186 <para revision="285883">The &man.isl.4; driver has been added, 1187 supporting the Intersil I2C ISL29018 digital ambient light 1188 sensor.</para> 1189 </sect2> 1190 1191 <sect2 xml:id="drivers-storage"> 1192 <title>Storage Drivers</title> 1193 1194 <para revision="265236" contrib="sponsor" 1195 sponsor="&lsi;, &spectralogic;" sponsorurl="">The &man.mpr.4; 1196 device has been added, providing support for LSI Fusion-MPT 1197 3 12Gb SCSI/SATA controllers.</para> 1198 1199 <para revision="265555" contrib="sponsor" 1200 sponsor="&lsi;">The &man.mrsas.4; driver has been added, 1201 providing support for LSI MegaRAID SAS controllers. The 1202 &man.mfi.4; driver will attach to the controller, by default. 1203 To enable &man.mrsas.4; add 1204 <literal>hw.mfi.mrsas_enable=1</literal> to 1205 <filename>/boot/loader.conf</filename>, which turns off 1206 &man.mfi.4; device probing.</para> 1207 1208 <note> 1209 <para>At this time, the &man.mfiutil.8; utility and the &os; 1210 version of <application>MegaCLI</application> and 1211 <application>StorCli</application> do not work with 1212 &man.mrsas.4;.</para> 1213 </note> 1214 1215 <para revision="275461" contrib="sponsor" sponsor="&ix;">The 1216 &man.ctl.4; subsystem has been updated, increasing the ports 1217 limit from <literal>128</literal> to <literal>256</literal>, 1218 and <acronym>LUN</acronym> limit from <literal>256</literal> 1219 to <literal>1024</literal>.</para> 1220 1221 <para revision="276526">The <literal>asr(4)</literal> driver has 1222 been removed, and is no longer supported.</para> 1223 1224 <para revision="281387">The &man.hptnr.4; driver has been 1225 updated to version 1.1.1.</para> 1226 1227 <para revision="285662">The &man.pms.4; driver has been added, 1228 providing support for the PMC Sierra line of 1229 <acronym>SAS</acronym>/<acronym>SATA</acronym> host bus 1230 adapters.</para> 1231 1232 <para revision="287117" contrib="sponsor" 1233 sponsor="&emcisilon;">The &man.ioat.4; driver has been added, 1234 providing support for the <acronym>PSE</acronym> (Platform 1235 Storage Extension).</para> 1236 1237 <para revision="287621" contrib="sponsor" sponsor="&ix;">The 1238 <acronym>CTL</acronym> High Availability implementation has 1239 been rewritten.</para> 1240 1241 <para revision="288310">The &man.ctl.4; driver has been updated 1242 to support CD-ROM and removable devices.</para> 1243 1244 <para contrib="sponsor" sponsor="&ix;">The &man.isp.4; driver 1245 has been updated and improved: added support for 16Gbps FC 1246 cards, improved target mode support, completed Multi-ID (NPIV) 1247 functionality.</para> 1248 </sect2> 1249 1250 <sect2 xml:id="drivers-network"> 1251 <title>Network Drivers</title> 1252 1253 <para revision="258830">Support for Broadcom chipsets BCM57764, 1254 BCM57767, BCM57782, BCM57786 and BCM57787 has been added to 1255 &man.bge.4;.</para> 1256 1257 <para revision="260448">Support for the &intel; Centrino™ 1258 Wireless-N 135 chipset has been added.</para> 1259 1260 <para revision="260552">Firmware for &intel; Centrino™ 1261 Wireless-N 105 devices has been added to the base 1262 system.</para> 1263 1264 <para revision="261975">The deprecated nve(4) driver has been 1265 removed. Users of NVIDIA nForce MCP network adapters are 1266 advised to use the &man.nfe.4; driver instead, which has been 1267 the default driver for this hardware since 1268 &os; 7.0.</para> 1269 1270 <para revision="264601" contrib="sponsor" 1271 sponsor="&darpa_afrl;">The <literal>if_nf10bmac(4)</literal> 1272 device has been added, providing support for NetFPGA-10G 1273 Embedded CPU Ethernet Core.</para> 1274 1275 <note> 1276 <para>The <literal>if_nf10bmac(4)</literal> driver operates on 1277 the FPGA, and is not suited for the PCI host 1278 interface.</para> 1279 </note> 1280 1281 <para revision="265348" contrib="sponsor" 1282 sponsor="&netgate;">The &man.ath.hal.4; driver has been 1283 updated to support the Atheros AR1111 chipset.</para> 1284 1285 <para revision="266770">Support for the &intel; Centrino™ 1286 Wireless-N 105 chipset has been added.</para> 1287 1288 <para revision="266757" contrib="sponsor" 1289 sponsor="&chelsio;">Support for the &man.cxgbe.4; Terminator 1290 5 (T5) 10G/40G cards has been added to &man.netmap.4;.</para> 1291 1292 <para revision="272730">The &man.alc.4; driver has been updated 1293 to support AR816x and AR817x ethernet controllers.</para> 1294 1295 <para revision="272906">The &man.pf.4; packet filter default 1296 hash has been changed from <literal>Jenkins</literal> to 1297 <literal>Murmur3</literal>, providing a 3-percent performance 1298 increase in packets-per-second.</para> 1299 1300 <para revision="273331">The &man.vxlan.4; driver has been added, 1301 which creates a virtual Layer 2 (Ethernet) network overlaid in 1302 a Layer 3 (IP/UDP) network. The &man.vxlan.4; driver is 1303 analogous to &man.vlan.4;, but is designed to be better suited 1304 for large, multiple-tenant datacenter environments.</para> 1305 1306 <para revision="274246" contrib="sponsor" sponsor="&yandex;">The 1307 &man.gre.4; driver has been significantly overhauled, and has 1308 been split into two separate modules, &man.gre.4; and 1309 &man.me.4;.</para> 1310 1311 <para revision="278551">The &man.ral.4; driver has been updated 1312 to support the RT5390 and RT5392 chipsets.</para> 1313 1314 <para revision="283514" contrib="sponsor" 1315 sponsor="&solarflare;">The &man.sfxge.4; driver has been 1316 updated to support Solarflare Flareon Ultra 7000-series 1317 chipsets.</para> 1318 1319 <para revision="283766" contrib="sponsor" 1320 sponsor="&limelight;">The &man.em.4; driver has been updated 1321 with improved transmission queue hang detection.</para> 1322 1323 <para revision="284125">The &man.cdce.4; driver has been updated 1324 to include support for the RTL8153 chipset.</para> 1325 1326 <para revision="286441">The &man.iwm.4; driver has been imported 1327 from OpenBSD, providing support for &intel; 3160/7260/7265 1328 wireless chipsets.</para> 1329 1330 <para revision="286829" contrib="sponsor" 1331 sponsor="&limelight;">The &man.em.4; driver has been updated 1332 to allow disabling <acronym>CRC</acronym> stripping.</para> 1333 1334 <para revision="287222">The &man.pf.4; implementation has been 1335 updated to remove support for the <literal>scrub fragment 1336 crop|drop-ovl</literal> filtering rule. Systems with this 1337 rule in &man.pf.conf.5; will implicitly be converted to the 1338 <literal>scrub fragment reassemble</literal> filtering rule, 1339 without necessary intervention.</para> 1340 1341 <para revision="288654">The &man.lagg.4; driver has been updated 1342 to remove support for the <literal>fec</literal> 1343 protocol.</para> 1344 </sect2> 1345 </sect1> 1346 1347 <sect1 xml:id="hardware"> 1348 <title>Hardware Support</title> 1349 1350 <para>This section covers general hardware support for physical 1351 machines, hypervisors, and virtualization environments, as well 1352 as hardware changes and updates that do not otherwise fit in 1353 other sections of this document.</para> 1354 1355 <sect2 xml:id="hardware-support"> 1356 <title>Hardware Support</title> 1357 1358 <para revision="268303">The &man.asmc.4; driver has been 1359 updated to support the &apple; MacMini 3,1.</para> 1360 1361 <para revision="268351">Support for &os;/ia64 has been dropped 1362 as of &os; 11.</para> 1363 1364 <para revision="274386">An issue that could cause a system to 1365 hang when entering <acronym>ACPI</acronym> 1366 <literal>S3</literal> state (suspend to 1367 <acronym>RAM</acronym>) has been corrected in the &man.acpi.4; 1368 and &man.pci.4; drivers.</para> 1369 1370 <para revision="274733" arch="powerpc">The power management unit 1371 subsystem has been updated to support power button events on 1372 certain &arch.powerpc; hardware, such as aluminum 1373 PowerBook ®.</para> 1374 1375 <para revision="275171,275190" arch="powerpc">The &man.hwpmc.4; 1376 driver has been updated to correct performance counter 1377 sampling on G4 (MPC74xxx) and G5 class processors.</para> 1378 1379 <para revision="275732" contrib="sponsor" 1380 sponsor="&ff;,&netgate;">The 1381 <application>OpenCrypto</application> framework has been 1382 updated to include <literal>AES-ICM</literal> and 1383 <literal>AES-GCM</literal> modes, both of which have also been 1384 added to the &man.aesni.4; driver.</para> 1385 1386 <para revision="281713" arch="powerpc">The &man.hwpmc.4; 1387 driver has been updated to support the Freescale e500 1388 core.</para> 1389 1390 <para revision="283766">The &man.ig4.4; driver has been added, 1391 providing support for the fourth generation &intel; 1392 <acronym>I2C</acronym> SMBus.</para> 1393 1394 <para>The &man.uart.4; driver has been updated to support 1395 <acronym>AMT</acronym> devices on newer systems.</para> 1396 1397 <para revision="285316" contrib="sponsor" sponsor="&ff;" 1398 arch="arm64">Initial <acronym>SMP</acronym> support has been 1399 added to the &os;/&arch.arm64; port.</para> 1400 1401 <para revision="299142">Native PCI-express HotPlug support is 1402 enabled by default on &arch.amd64;, &arch.arm64;, and 1403 &arch.powerpc;. This feature has exposed compatibility issues 1404 on some hardware that result in missing devices or a hang 1405 during boot. To work around such issues, run <literal>set 1406 hw.pci.enable_pcie_hp=0</literal> in the boot loader, and 1407 add <literal>hw.pci.enable_pcie_hp=0</literal> to 1408 <filename>/boot/loader.conf</filename>.</para> 1409 </sect2> 1410 1411 <sect2 xml:id="hardware-virtualization"> 1412 <title>Virtualization Support</title> 1413 1414 <para revision="260410">Support for the <quote>Virtual Interrupt 1415 Delivery</quote> feature of &intel; VT-x is enabled if 1416 supported by the CPU. This feature can be disabled by running 1417 <literal>sysctl hw.vmm.vmx.use_apic_vid=0</literal>. 1418 Additionally, to persist this setting across reboots, add 1419 <literal>hw.vmm.vmx.use_apic_vid=0</literal> to 1420 <filename>/etc/sysctl.conf</filename>.</para> 1421 1422 <para revision="260532">Support for <quote>Posted Interrupt 1423 Processing</quote> is enabled if supported by the CPU. This 1424 feature can be disabled by running <literal>sysctl 1425 hw.vmm.vmx.use_apic_pir=0</literal>. Additionally, to 1426 persist this setting across reboots, add 1427 <literal>hw.vmm.vmx.use_apic_pir=0</literal> to 1428 <filename>/etc/sysctl.conf</filename>.</para> 1429 1430 <para revision="260582">Unmapped IO support has been added to 1431 &man.virtio_blk.4;.</para> 1432 1433 <para revision="260583">Unmapped IO support has been added to 1434 &man.virtio_scsi.4;.</para> 1435 1436 <para revision="260847">The &man.virtio_random.4; driver has 1437 been added to harvest entropy from the host system.</para> 1438 1439 <para revision="261504">&os;/&arch.i386; guests can be run under 1440 bhyve.</para> 1441 1442 <para revision="267536" contrib="sponsor" 1443 sponsor="&citrix.rd;">Support for running a &os;/&arch.amd64; 1444 <application>Xen</application> guest instance as 1445 <acronym>PVH</acronym> guest has been added. 1446 <acronym>PVH</acronym> mode, short for <quote>Para-Virtualized 1447 Hardware</quote>, uses para-virtualized drivers for boot and 1448 I/O, and uses hardware virtualization extensions for all other 1449 tasks, without the need for emulation.</para> 1450 1451 <para revision="273375">The &man.bhyve.8; hypervisor has been 1452 updated to support &amd; processors with 1453 <acronym>SVM</acronym> and <acronym>AMD-V</acronym> hardware 1454 extensions.</para> 1455 1456 <para revision="273515">The &man.virtio.console.4; driver has 1457 been added, which provides an interface to VirtIO console 1458 devices through a &man.tty.4; device.</para> 1459 1460 <para revision="279463" contrib="sponsor" 1461 sponsor="&sandvine;">Support for PCI Single Root I/O 1462 Virtualization (SR-IOV) has been introduced, allowing the 1463 creation of PCI Virtual Functions (VFs) for device drivers 1464 that support SR-IOV. See &man.iovctl.8; for details on 1465 creating and configuring VFs.</para> 1466 1467 <para revision="279957">The &man.bhyve.8; hypervisor has been 1468 updated to support <literal>DSM TRIM</literal> commands for 1469 virtual <acronym>AHCI</acronym> disks.</para> 1470 1471 <para revision="281439" arch="arm">Support for the 1472 <application>QEMU</application> <literal>virt</literal> system 1473 has been added.</para> 1474 1475 <para revision="282212" contrib="sponsor" sponsor="&msostc;">The 1476 Hyper-V™ drivers have been updated with several 1477 enhancements:</para> 1478 1479 <itemizedlist> 1480 <listitem> 1481 <para>The &man.hv.vmbus.4; driver now has multi-channel 1482 support.</para> 1483 </listitem> 1484 1485 <listitem> 1486 <para>The &man.hv.storvsc.4; driver now has scatter/gather 1487 support, in addition to performance improvements.</para> 1488 </listitem> 1489 1490 <listitem> 1491 <para>The &man.hv.kvp.4; driver has received several bug 1492 fixes.</para> 1493 </listitem> 1494 </itemizedlist> 1495 1496 <para revision="282274">Support for &man.xen.4; para-virtualized 1497 <literal>domU</literal> kernels has been removed.</para> 1498 1499 <para revision="284746" contrib="sponsor" sponsor="&msostc;">The 1500 &man.hv.netvsc.4; driver has been updated to support checksum 1501 offloading and <acronym>TSO</acronym>.</para> 1502 1503 <para revision="286062">The &man.xen.4; driver has been updated 1504 to include support for <literal>blkif</literal> indirect 1505 segment I/O.</para> 1506 1507 <para revision="302288">Indirect segment I/O is enabled by 1508 default in the Xen blkfront driver when running on AWS 1509 EC2.</para> 1510 1511 <para revision="302332">Native graphics support has been added 1512 to the &man.bhyve.8; hypervisor.</para> 1513 </sect2> 1514 1515 <sect2 xml:id="hardware-arm"> 1516 <title>ARM Support</title> 1517 1518 <para revision="260921">The &man.nand.4; device is enabled for 1519 ARM devices by default.</para> 1520 1521 <para revision="266943" arch="arm">Support for the Exynos 5420 1522 Octa system has been added.</para> 1523 1524 <para revision="267390" arch="arm">The <acronym>SMP</acronym> 1525 option has been enabled for all Exynos 5 systems supported by 1526 &os;.</para> 1527 1528 <para revision="268838" arch="arm">Support for the Toradex 1529 Apalis i.MX6 development board has been added.</para> 1530 1531 <para revision="273264" arch="armv6">An issue that could cause 1532 instability when detecting <acronym>SD</acronym> cards on the 1533 Raspberry Pi <acronym>SOC</acronym> has been fixed.</para> 1534 1535 <para revision="275963">The <literal>bcm2835_cpufreq</literal> 1536 driver has been added, which supports <acronym>CPU</acronym> 1537 frequency and voltage control on the Raspberry Pi 1538 <acronym>SOC</acronym>.</para> 1539 1540 <para revision="277042" arch="arm">Support to turn off the 1541 BeagleBone Black system with the &man.shutdown.8; 1542 <literal>-p</literal> flag or by invoking &man.poweroff.8; has 1543 been added.</para> 1544 1545 <para revision="277644" arch="arm">Audio transmission drivers 1546 have been added for Digital Audio Multiplexer 1547 (<acronym>AUDMUXM</acronym>), Smart Direct Memory Access 1548 Controller (<acronym>SDMA</acronym>), and Syncronous Serial 1549 Interface (<acronym>SSI</acronym>).</para> 1550 1551 <para revision="280259" contrib="sponsor" sponsor="&ff;">Initial 1552 support for the ARM AArch64 architecture has been 1553 added.</para> 1554 1555 <para revision="282779" arch="arm">Kernel support for Thumb-2 1556 userland has been added.</para> 1557 1558 <para revision="282827">Support for the hardware power button 1559 on the BeagleBone Black system has been added.</para> 1560 1561 <para revision="284273" contrib="sponsor" 1562 sponsor="&ff;">Initial 1563 <acronym>ACPI</acronym> support has been added for 1564 &os;/&arch.arm64;.</para> 1565 1566 <para revision="287225">Support for 1-Wire devices has been 1567 added, providing support for 1-Wire hardware through 1568 &man.gpio.4;. See &man.ow.4;, &man.owc.4;, and 1569 &man.ow.temp.4; for more information.</para> 1570 1571 <para revision="287371" arch="arm64" contrib="sponsor" 1572 sponsor="&abt;">Support for the HiSilicon HI6220 SoC has 1573 been added.</para> 1574 1575 <para revision="263698" arch="arm">The second CPU core on 1576 Allwinner A20 SoC have been enabled.</para> 1577 1578 <para revision="299688" arch="arm">Support for the Allwinner H3 1579 SoC has been added.</para> 1580 1581 <para revision="299786" arch="arm">Support for X-Powers AXP813 1582 and AXP818 power management integrated circuits have been 1583 added.</para> 1584 1585 <para revision="299781" arch="arm">Support for the Allwinner 1586 Reduced Serial Bus (RSB) has been added.</para> 1587 1588 <para revision="296064" arch="arm">Support for Allwinner A20 1589 HDMI has been added.</para> 1590 1591 <para revision="300777" arch="arm">Support for GPIO, Sensors and 1592 interrupts on AXP209 power management integrated circuits have 1593 been added.</para> 1594 </sect2> 1595 </sect1> 1596 1597 <sect1 xml:id="storage"> 1598 <title>Storage</title> 1599 1600 <para>This section covers changes and additions to file systems 1601 and other storage subsystems, both local and networked.</para> 1602 1603 <sect2 xml:id="storage-general"> 1604 <title>General Storage</title> 1605 1606 <para revision="278037" contrib="sponsor" sponsor="&ix;">The 1607 &man.ctl.4; <acronym>LUN</acronym> mapping has been rewritten, 1608 replacing <acronym>iSCSI</acronym>-specific mapping mechanisms 1609 with a new mechanism that works for any port.</para> 1610 1611 <para revision="278354" contrib="sponsor" sponsor="&ix;">The 1612 &man.ctld.8; utility has been updated to allow controlling 1613 non-<acronym>iSCSI</acronym> &man.ctl.4; ports.</para> 1614 1615 <para revision="275681" contrib="sponsor" sponsor="&ff;">The 1616 &man.autofs.5; subsystem has been updated to include a new 1617 &man.auto.master.5; map, <literal>-media</literal>, which 1618 allows automatically mounting removable media, such as 1619 <acronym>CD</acronym> drives or <acronym>USB</acronym> flash 1620 drives.</para> 1621 1622 <para revision="279955" contrib="sponsor" sponsor="&ff;">The 1623 &man.autofs.5; subsystem has been updated to include a new 1624 &man.auto.master.5; map, <literal>-noauto</literal>, which 1625 handles &man.fstab.5; entries set to 1626 <literal>noauto</literal>.</para> 1627 1628 <para revision="286444">The <acronym>GELI</acronym> class has 1629 been updated to support the <literal>BIO_DELETE</literal> 1630 &man.g.bio.9; <literal>bio_cmd</literal> field, providing 1631 <acronym>TRIM</acronym>/<acronym>UNMAP</acronym> support on 1632 <acronym>GELI</acronym>-backed <acronym>SSD</acronym> storage 1633 providers.</para> 1634 1635 <para revision="295212" contrib="sponsor" sponsor="&ix;">Support 1636 for parsing libucl-based configuration files has been added to 1637 &man.ctld.8;.</para> 1638 1639 <para revision="298002" contrib="sponsor" 1640 sponsor="&netflix;">The &man.ahci.4; driver has been updated 1641 to add <acronym>NCQ</acronym> <acronym>TRIM</acronym> support 1642 for drives that support it.</para> 1643 1644 <note> 1645 <para>Drives that advertise this feature but do not properly 1646 support it have been blacklisted. Systems experiencing 1647 traffic problems with <acronym>NCQ</acronym> 1648 <acronym>TRIM</acronym> enabled can set the 1649 <literal>kern.cam.ada.%d.quirks</literal> tunable to 1650 <literal>2</literal> for 512k sectors or 1651 <literal>3</literal> for 4096k sectors, replacing 1652 <literal>%d</literal> with the drive number.</para> 1653 </note> 1654 1655 <para revision="298002" contrib="sponsor" 1656 sponsor="&netflix;">The &man.cam.4; driver has been updated to 1657 allow I/O scheduling tuning to fit workload and drive 1658 characteristics. This option is off by default, and can be 1659 enabled by adding <literal>option 1660 CAM_IOSCHED_ADAPTIVE</literal> option to the kernel 1661 configuration and recompiling the kernel.</para> 1662 1663 <para revision="299371" contrib="sponsor" sponsor="&ff;">The 1664 &man.camcontrol.8; command can manually force updating 1665 capacity data after a disk gets resized using the reprobe 1666 subcommand.</para> 1667 1668 <para revision="300880" contrib="sponsor" 1669 sponsor="&spectralogic;"> Leading spaces are now stripped off 1670 <acronym>SCSI</acronym> disk serial numbers when populating 1671 the CAM serial number. This affects the output of 1672 &man.diskinfo.8; and the names of 1673 <filename>/dev/diskid/DISK-*</filename> device nodes, among 1674 other things.</para> 1675 1676 <para revision="300207" contrib="sponsor" 1677 sponsor="&spectralogic;"> Support for managing Shingled 1678 Magnetic Recording (SMR) drives has been added.</para> 1679 </sect2> 1680 1681 <sect2 xml:id="storage-net"> 1682 <title>Networked Storage</title> 1683 1684 <para revision="270096" contrib="sponsor" sponsor="&ff;">The new 1685 filesystem automount facility, &man.autofs.5;, has been added. 1686 The new &man.autofs.5; facility is similar to that found in 1687 other &unix;-like operating systems, such as OS X™ 1688 and Solaris™. The &man.autofs.5; facility uses 1689 a &sun;-compatible &man.auto.master.5; configuration file, and 1690 is administered with the &man.automount.8; userland utility, 1691 and the &man.automountd.8; and &man.autounmountd.8; 1692 daemons.</para> 1693 1694 <para revision="273849" contrib="sponsor" sponsor="&ff;">Support 1695 for the <literal>timeo</literal>, <literal>actimeo</literal>, 1696 <literal>noac</literal>, and <literal>proto</literal> options 1697 have been added to &man.mount.nfs.8;.</para> 1698 1699 <para revision="300723">The Mellanox implementation of iSER 1700 (iSCSI Extensions for RDMA) has been imported.</para> 1701 1702 <para revision="301033">The ability to discover iSCSI targets 1703 without having to attach to a target has been added to the 1704 &man.iscsictl.8; command.</para> 1705 </sect2> 1706 1707 <sect2 xml:id="storage-zfs"> 1708 <title>ZFS</title> 1709 1710 <para revision="275748">The <literal>arc_meta_limit</literal> 1711 statistics are now visible through the 1712 <literal>kstat</literal> &man.sysctl.8;. As a result of this 1713 change, the <literal>vfs.zfs.arc_meta_used</literal> 1714 &man.sysctl.8; has been removed, and replaced with the 1715 <literal>kstat.zfs.misc.arcstats.arc_meta_used</literal> 1716 &man.sysctl.8;.</para> 1717 1718 <para revision="287099" contrib="sponsor" 1719 sponsor="&clusterhq;">The &man.zfs.8; <literal>l2arc</literal> 1720 code has been updated to take <literal>ashift</literal> into 1721 account when gathering buffers to be written to the 1722 <literal>l2arc</literal> device.</para> 1723 1724 <para revision="297633" contrib="sponsor" sponsor="&ff;">Four 1725 new resources have been added to &man.rctl.8; to allow 1726 throttles to be set on filesystem IO.</para> 1727 1728 <para revision="300906" contrib="sponsor" sponsor="&ix;, 1729 &spectralogic;">The zfsd daemon has been added, which manages 1730 hotspares and replements in drive slots that publish physical 1731 paths.</para> 1732 1733 <para revision="302265" contrib="sponsor" 1734 sponsor="&multiplay;">The minimum and maximum values for the 1735 ZFS adaptive replacement cache can be modified at 1736 runtime.</para> 1737 </sect2> 1738 1739 <sect2 xml:id="storage-geom"> 1740 <title>&man.geom.4;</title> 1741 1742 <para revision="267359">Support for the 1743 <literal>disklabel64</literal> partitioning scheme has been 1744 added to &man.gpart.8;.</para> 1745 1746 <para revision="282465">Support for the 1747 <literal>apple-boot</literal>, <literal>apple-hfs</literal>, 1748 and <literal>apple-ufs</literal> <acronym>MBR</acronym> 1749 partitioning schemes have been added to &man.gpart.8;.</para> 1750 1751 <para revision="285594" contrib="sponsor" 1752 sponsor="&scaleengine;">The &man.gpart.8; utility has been 1753 updated to include a new attribute for <acronym>GPT</acronym> 1754 partitions, <literal>lenovofix</literal>, which when set, 1755 which works around <acronym>BIOS</acronym> compatibility 1756 issues reported on several Lenovo ™ laptops.</para> 1757 </sect2> 1758 </sect1> 1759 1760 <sect1 xml:id="boot"> 1761 <title>Boot Loader Changes</title> 1762 1763 <para>This section covers the boot loader, boot menu, and other 1764 boot-related changes.</para> 1765 1766 <sect2 xml:id="boot-loader"> 1767 <title>Boot Loader Changes</title> 1768 1769 <para revision="258431" contrib="sponsor" sponsor="&ff;">The 1770 memory test run at boot time on &os;/&arch.amd64; platforms 1771 has been disabled by default.</para> 1772 1773 <para revision="262955">A new &man.ttys.5; class, 1774 <literal>3wire</literal>, has been added. This is similar to 1775 the existing terminal classes, but does not have a defined 1776 baudrate.</para> 1777 1778 <para revision="274085">The &man.vt.4; driver has been made the 1779 default system console driver. The &man.syscons.4; driver is 1780 still available, and can be enabled by adding 1781 <literal>kern.vty=sc</literal> in &man.loader.conf.5;. 1782 Alternatively, &man.syscons.4; can be enabled at boot time by 1783 entering <literal>set kern.vty=sc</literal> at the 1784 &man.loader.8; prompt.</para> 1785 1786 <para revision="279950">Support for <literal>bzipfs</literal> 1787 has been added to the <acronym>EFI</acronym> loader.</para> 1788 1789 <para revision="281616">The boot loader has been updated to 1790 support entering the <acronym>GELI</acronym> passphrase before 1791 loading the kernel. To enable this behavior, add 1792 <literal>geom_eli_passphrase_prompt="YES"</literal> to 1793 &man.loader.conf.5;.</para> 1794 1795 <para revision="284683" contrib="sponsor" sponsor="&ff;" 1796 arch="arm">The &man.ttys.5; file for &os;/&arch.arm; has been 1797 updated to enable <filename>ttyu1</filename>, 1798 <filename>ttyu2</filename>, and <filename>ttyu3</filename> by 1799 default, if the callin port is an active console port.</para> 1800 1801 <para revision="299393">The default installation directory for 1802 modules has been changed to 1803 <filename>/boot/modules</filename>.</para> 1804 </sect2> 1805 </sect1> 1806 1807 <sect1 xml:id="network"> 1808 <title>Networking</title> 1809 1810 <para>This section describes changes that affect networking in 1811 &os;.</para> 1812 1813 <sect2 xml:id="network-protocols"> 1814 <title>Network Protocols</title> 1815 1816 <para revision="263140">Support for the IPX network transport 1817 protocol has been removed, and will not be supported in 1818 &os; 11 and later releases.</para> 1819 1820 <para revision="272720" contrib="sponsor" 1821 sponsor="&limelight;">Support for <acronym>PLPMTUD</acronym> 1822 blackhole detection (<acronym>RFC</acronym> 4821) has been 1823 added to the &man.tcp.4; stack, disabled by default. New 1824 control tunables have been added:</para> 1825 1826 <informaltable frame="none" pgwide="0"> 1827 <tgroup cols="2"> 1828 <colspec colwidth="1*"/> 1829 <colspec colwidth="1*"/> 1830 <thead> 1831 <row> 1832 <entry>Tunable</entry> 1833 <entry>Description</entry> 1834 </row> 1835 </thead> 1836 1837 <tbody> 1838 <row> 1839 <entry><literal>net.inet.tcp.pmtud_blackhole_detection</literal></entry> 1840 <entry>Enables or disables <acronym>PLPMTUD</acronym> 1841 blackhole detection</entry> 1842 </row> 1843 1844 <row> 1845 <entry><literal>net.inet.tcp.pmtud_blackhole_mss</literal></entry> 1846 <entry><acronym>MSS</acronym> to try for IPv4</entry> 1847 </row> 1848 1849 <row> 1850 <entry><literal>net.inet.tcp.v6pmtud_blackhole_mss</literal></entry> 1851 <entry><acronym>MSS to try for IPv6</acronym></entry> 1852 </row> 1853 </tbody> 1854 </tgroup> 1855 </informaltable> 1856 1857 <para>New monitoring &man.sysctl.8;s haven been added:</para> 1858 1859 <informaltable frame="none" pgwide="0"> 1860 <tgroup cols="2"> 1861 <colspec colwidth="1*"/> 1862 <colspec colwidth="1*"/> 1863 <thead> 1864 <row> 1865 <entry>Tunable</entry> 1866 <entry>Description</entry> 1867 </row> 1868 </thead> 1869 1870 <tbody> 1871 <row> 1872 <entry><literal>net.inet.tcp.pmtud_blackhole_activated</literal></entry> 1873 <entry>Number of times the code was activated to attempt 1874 downshifting the <acronym>MSS</acronym></entry> 1875 </row> 1876 1877 <row> 1878 <entry><literal>net.inet.tcp.pmtud_blackhole_min_activated</literal></entry> 1879 <entry>Number of times the blackhole 1880 <acronym>MSS</acronym> was used in an attempt to 1881 downshift</entry> 1882 </row> 1883 1884 <row> 1885 <entry><literal>net.inet.tcp.pmtud_blackhole_failed</literal></entry> 1886 <entry>Number of times that the blackhole failed to 1887 connect after downshifting the 1888 <acronym>MSS</acronym></entry> 1889 </row> 1890 </tbody> 1891 </tgroup> 1892 </informaltable> 1893 1894 <para revision="280971" contrib="sponsor" 1895 sponsor="&netflix;, &nginx;">Support for <acronym>IP</acronym> 1896 identification for atomic datagrams (<acronym>RFC</acronym> 1897 6864) has been added. Support for this feature can be toggled 1898 with the <literal>net.inet.ip.rfc6864</literal> 1899 &man.sysctl.8;, which is enabled by default.</para> 1900 1901 <para revision="285336" contrib="sponsor" 1902 sponsor="&netgate;">The <acronym>IPSEC</acronym> has been 1903 updated to include support for <acronym>AES</acronym> modes on 1904 both software-only and hardware-backed (&man.aesni.4;) 1905 systems.</para> 1906 1907 <para revision="287798" contrib="sponsor" sponsor="&dell;">The 1908 network stack has been updated to fix handling of 1909 <acronym>IPv6</acronym> On-Link redirects.</para> 1910 1911 <para revision="299848" contrib="sponsor" sponsor="&ff;">Support 1912 to be able to reroot into a NFSv4 volume has been 1913 added.</para> 1914 1915 <para revision="300240">The net.inet.tcp.ecn.enable sysctl mib 1916 has been changed from a binary off/on control to a three way 1917 setting.</para> 1918 1919 <informaltable frame="none" pgwide="0"> 1920 <tgroup cols="2"> 1921 <colspec colwidth="1*"/> 1922 <colspec colwidth="1*"/> 1923 <thead> 1924 <row> 1925 <entry>Value</entry> 1926 <entry>Description</entry> 1927 </row> 1928 </thead> 1929 <tbody> 1930 <row> 1931 <entry><literal>0</literal></entry> 1932 <entry>Totally disable ECN.</entry> 1933 </row> 1934 1935 <row> 1936 <entry><literal>1</literal></entry> 1937 <entry>Enable ECN if incoming connections request it. 1938 Outgoing connections will request ECN.</entry> 1939 </row> 1940 1941 <row> 1942 <entry><literal>2</literal></entry> 1943 <entry>Enable ECN if incoming connections request it. 1944 Outgoing conections will not request ECN.</entry> 1945 </row> 1946 </tbody> 1947 </tgroup> 1948 </informaltable> 1949 1950 <para revision="300779">Dummynet AQM, an independent 1951 implementation of CoDel and FQ-CoDel for ipfw/dummynet has 1952 been imported to the base system.</para> 1953 1954 <para revision="301875">The unused 1955 <literal>SIOCSIFALIFETIME_IN6</literal> ioctl has been 1956 removed.</para> 1957 </sect2> 1958 </sect1> 1959 1960 <sect1 xml:id="releng"> 1961 <title>Release Engineering and Integration</title> 1962 1963 <para>This section convers changes that are specific to the 1964 &os; Release Engineering processes.</para> 1965 1966 <sect2 xml:id="releng-changes"> 1967 <title>Integration Changes</title> 1968 1969 <para revision="277458" contrib="sponsor" sponsor="&ff;">The 1970 Release Engineering build tools have been updated to include 1971 support for producing virtual machine disk images for various 1972 cloud hosting providers.</para> 1973 1974 <para revision="278926">The Release Engineering build tools have 1975 been updated to use multi-threaded &man.xz.1;. By default, 1976 the number of &man.xz.1; threads is set to the number of cores 1977 available.</para> 1978 1979 <para revision="281802" contrib="sponsor" sponsor="&ff;">The 1980 Release Engineering build tools have been updated to include 1981 support for building &os;/&arch.arm64; virtual machine and 1982 memory stick installation images.</para> 1983 1984 <para revision="282693" contrib="sponsor" sponsor="&ff;">The 1985 Release Engineering build tools have been updated to support 1986 building &os;/&arch.arm; images without external utilities for 1987 supported boards where a corresponding 1988 <literal>u-boot</literal> port exists in the Ports 1989 Collection.</para> 1990 1991 <para revision="283307" contrib="sponsor" sponsor="&ff;">The 1992 &os;/&arch.i386; memory stick installation images are now 1993 created using the &man.mkimg.1; utility, matching the way 1994 the &os;/&arch.amd64; images are created.</para> 1995 </sect2> 1996 </sect1> 1997</article> 1998