1 Updating Information for FreeBSD STABLE users
3 This file is maintained and copyrighted by M. Warner Losh
4 <imp@village.org>. See end of file for further details. For commonly
5 done items, please see the COMMON ITEMS: section later in the file.
7 Items affecting the ports and packages system can be found in
8 /usr/ports/UPDATING. Please read that file before running
11 20100106: p6 FreeBSD-SA-10:01.bind, FreeBSD-SA-10:02.ntpd,
13 Fix BIND named(8) cache poisoning with DNSSEC validation.
16 Fix ntpd mode 7 denial of service. [SA-10:02]
18 Fix ZFS ZIL playback with insecure permissions. [SA-10:03]
20 20091203: p5 FreeBSD-SA-09:15.ssl, FreeBSD-SA-09:16.rtld,
21 FreeBSD-SA-09:17.freebsd-update
22 Disable SSL renegotiation in order to protect against a serious
23 protocol flaw. [09:15]
25 Correctly handle failures from unsetenv resulting from a corrupt
26 environment in rtld-elf. [09:16]
28 Fix permissions in freebsd-update in order to prevent leakage of
29 sensitive files. [09:17]
31 20091002: p4 FreeBSD-SA-09:14.devfs FreeBSD-EN-09:05.null
32 Fix devfs / VFS NULL pointer race condition. [SA-09:14]
34 Add no zero mapping feature. [EN-09:05]
36 20090729: p3 FreeBSD-SA-09:12.bind
37 Fix BIND named(8) dynamic update message remote DoS.
39 20090624: p2 FreeBSD-EN-09:02.bce, FreeBSD-EN-09:03.fxp,
41 Fix packet length calculation in bce(4). [EN-09:02]
43 Correctly set IP packet length for TSO in fxp(4). [EN-09:03]
45 Fix a lock order reversal bug that could cause deadlock during
48 20090610: p1 FreeBSD-SA-09:09.pipe, FreeBSD-SA-09:10.ipv6,
50 Prevent integer overflow in direct pipe write code from circumventing
51 virtual-to-physical page lookups. [09:09]
53 Add missing permissions check for SIOCSIFINFO_IN6 ioctl. [09:10]
55 Fix buffer overflow in "autokey" negotiation in ntpd(8). [09:11]
60 20090422: FreeBSD-SA-09:07.libc, FreeBSD-SA-09:08.openssl
61 Don't leak information via uninitialized space in db(3) records.
64 Sanity-check string lengths in order to stop OpenSSL crashing
65 when printing corrupt BMPString or UniversalString objects. [09:08]
68 Following bug-fixes to TCP connection state flags, netstat, systat,
69 and sockstat will need to be rebuilt in order to properly print
70 connections in the TIMEWAIT state.
73 Change IPv6 ephemeral port allocation from sequential to
74 random allocation, like IPv4 has done for more than four years.
75 The implementation shares infrastructure with IPv4. This
76 means that there is only one set of sysctls to control both
77 IPv4 and IPv6. See ip(4) man page for details.
80 A workaround is committed to allow the creation of System V shared
81 memory segment of size > 2 GB on the 64-bit architectures.
82 Due to a limitation of the existing ABI, the shm_segsz member
83 of the struct shmid_ds, returned by shmctl(IPC_STAT) call is
84 wrong for large segments. Note that limits must be explicitely
85 raised to allow such segments to be created.
87 The management interface that is used by ipcs(1) has to be changed
88 in incompatible way. Rebuild the ipcs(1) utility with the new
89 headers after the update. Buildworld/installworld takes care
90 of this issue automatically.
93 The open-source Atheros HAL has been merged from HEAD
95 The kernel compile-time option AH_SUPPORT_AR5416 has been
96 added to support certain newer Atheros parts, particularly
98 The following modules are no longer available, and should be
99 removed from MODULES_OVERRIDE and/or loader.conf:-
100 ath_hal ath_rate_amrr ath_rate_onoe ath_rate_sample
103 ZFS users on amd64 machines with 4GB or more of RAM should
104 reevaluate their need for setting vm.kmem_size_max and
105 vm.kmem_size manually. In fact, after recent changes to the
106 kernel, the default value of vm.kmem_size is larger than the
107 suggested manual setting in most ZFS/FreeBSD tuning guides.
110 Multi-IPv4/v6/no-IP jail support was merged to STABLE.
111 You need to rebuild jls(8) and to use the new features
112 jail(8), jexec(8) and cpuset(1) with a new kernel.
113 __FreeBSD_version was bumped to 701103.
116 NTFS has been removed from GENERIC kernel on amd64 to match
117 GENERIC on i386. Should not cause any issues since mount_ntfs(8)
118 will load ntfs.ko module automatically when NTFS support is
119 actually needed, unless ntfs.ko is not installed or security
120 level prohibits loading kernel modules. If either is the case,
121 "options NTFS" has to be added into kernel config.
124 powerd(8) was updated to get better SMP support.
125 Meanings of the -i and -r command line options were changed.
128 snd_hda(4) driver was updated to version 20081226_0122.
130 Due to added HDMI audio and logical audio devices support, updated
131 driver often provides several PCM devices. In some cases it can make
132 system default audio device no longer correspond to the users's
133 habbitual audio connectors. In such cases wanted device can be
134 specified in audio application setup or defined globally via
135 hw.snd.default_unit sysctl according to sound(4) and snd_hda(4)
142 ntpd has been upgraded to 4.2.4p5.
145 OpenSSH has been upgraded to 5.1p1.
148 DTrace support was merged to STABLE today. In the best
149 tradition of "the dog ate my homework", subversion decided
150 that the commit message was too large and opted not to send
151 it. It was a stealth commit!
153 A 'make buildkernel' will now default to build the kernel
154 and modules with both DTrace kernel hooks and CTF data ready
157 After you have installed both world and the kernel, and
158 rebooted, you can 'kldload dtraceall' to load all the DTrace
159 kernel modules and then you're set to run the 'dtrace'
162 For DTrace documentation, refer to:
163 <http://wikis.sun.com/display/DTrace/Documentation>
165 We are limited to kernel tracing at the moment, so the pid
166 provider is not available.
168 For the syscall provider, note that the arguments to the
169 return probes are the same as for the entry probes.
172 Today STABLE got a reorganization of the Intel E1000
173 driver code. In order to better support our new adapters
174 there is a new driver, igb, that is now to be used for
175 either the 82575 or 82576 adapters. The source however,
176 is all now in sys/dev/e1000, both em and igb drivers are
177 built from that common directory if you configure them
178 in the kernel. Making loadable drivers still happens in
179 the same place: sys/modules/[em, igb].
181 The important thing to note is that the 82575 adapters
182 were supported in the em driver in 7.0, but now needed
183 to be moved into igb, so if you have the effected cards
184 be sure and make any script changes to follow the name
187 There are only 3 PCI ID's effected in this change:
188 0x10A7, 0x10A9, and 0x10D6
189 So you can know ahead of time if they will be effected,
190 these will now be supported in the igb driver. That
191 driver will also support the new 82576 followon.
193 The driver reorg in STABLE is inconvenient but it really
194 was necessary for Intel to do this, and I figured it was
195 better to have this small admin type issue than not to
196 have support for this new hardware for a whole release
200 I have MFC'd in code to support multiple routing tables.
201 see the man pages setfib(1) and setfib(2).
202 This is a backwards compatible version,
203 but to make use of it you need to compile your kernel
204 with options ROUTETABLES=2 (or more up to 16).
210 Note the addition of m_collapse for compacting mbuf chains.
213 The AT keyboard emulation of sunkbd(4) has been turned on
214 by default. In order to make the special symbols of the Sun
215 keyboards driven by sunkbd(4) work under X these now have
216 to be configured the same way as Sun USB keyboards driven
217 by ukbd(4) (which also does AT keyboard emulation), f.e.:
219 Option "XkbLayout" "us"
220 Option "XkbRules" "xorg"
221 Option "XkbSymbols" "pc(pc105)+sun_vndr/usb(sun_usb)+us"
224 It has been decided that it is desirable to provide ABI
225 backwards compatibility to the FreeBSD 4/5/6 versions of the
226 PCIOCGETCONF, PCIOCREAD and PCIOCWRITE IOCTLs, which was
227 broken with the introduction of PCI domain support (see the
228 20070930 entry). Unfortunately, this required the ABI of
229 PCIOCGETCONF to be broken again in order to be able to
230 provide backwards compatibility to the old version of that
231 IOCTL. Thus consumers of PCIOCGETCONF have to be recompiled
232 again. As for prominent ports this affects neither pciutils
233 nor xorg-server this time, the hal port needs to be rebuilt
240 Setting WITHOUT_LIBPTHREAD now means WITHOUT_LIBKSE and
241 WITHOUT_LIBTHR are set.
244 The PCI code has been made aware of PCI domains. This means that
245 the location strings as used by pciconf(8) etc are now in the
246 following format: pci<domain>:<bus>:<device>[:<function>]. It
247 also means that consumers of <sys/pciio.h> potentially need to
248 be recompiled; this includes the hal and xorg-server ports.
251 The caching daemon (cached) was renamed to nscd. nscd.conf
252 configuration file should be used instead of cached.conf and
253 nscd_enable, nscd_pidfile and nscd_flags options should be used
254 instead of cached_enable, cached_pidfile and cached_flags in
258 The new IPsec code is now compiled in using the IPSEC option. The
259 IPSEC option now requires "device crypto" be defined in your kernel
260 configuration. The FAST_IPSEC kernel option is now deprecated.
263 The packet filter (pf) code has been updated to OpenBSD 4.1 Please
264 note the changed syntax - keep state is now on by default. Also
265 note the fact that ftp-proxy(8) has been changed from bottom up and
266 has been moved from libexec to usr/sbin. Changes in the ALTQ
267 handling also affect users of IPFW's ALTQ capabilities.
270 Remove KAME IPsec in favor of FAST_IPSEC, which is now the
271 only IPsec supported by FreeBSD. The new IPsec stack
272 supports both IPv4 and IPv6. The kernel option will change
273 after the code changes have settled in. For now the kernel
274 option IPSEC is deprecated and FAST_IPSEC is the only option, that
275 will change after some settling time.
278 The wicontrol(8) utility has been removed from the base system. wi(4)
279 cards should be configured using ifconfig(8), see the man page for more
283 The i386/amd64 GENERIC kernel now defaults to the nfe(4) driver
284 instead of the nve(4) driver. Please update your configuration
288 By default, /etc/rc.d/sendmail no longer rebuilds the aliases
289 database if it is missing or older than the aliases file. If
290 desired, set the new rc.conf option sendmail_rebuild_aliases
291 to "YES" to restore that functionality.
294 The IPv4 multicast socket code has been considerably modified, and
295 moved to the file sys/netinet/in_mcast.c. Initial support for the
296 RFC 3678 Source-Specific Multicast Socket API has been added to
297 the IPv4 network stack.
299 Strict multicast and broadcast reception is now the default for
300 UDP/IPv4 sockets; the net.inet.udp.strict_mcast_mship sysctl variable
301 has now been removed.
303 The RFC 1724 hack for interface selection has been removed; the use
304 of the Linux-derived ip_mreqn structure with IP_MULTICAST_IF has
305 been added to replace it. Consumers such as routed will soon be
306 updated to reflect this.
308 These changes affect users who are running routed(8) or rdisc(8)
309 from the FreeBSD base system on point-to-point or unnumbered
313 The net80211 layer has changed significantly and all wireless
314 drivers that depend on it need to be recompiled. Further these
315 changes require that any program that interacts with the wireless
316 support in the kernel be recompiled; this includes: ifconfig,
317 wpa_supplicant, hostapd, and wlanstats. Users must also, for
318 the moment, kldload the wlan_scan_sta and/or wlan_scan_ap modules
319 if they use modules for wireless support. These modules implement
320 scanning support for station and ap modes, respectively. Failure
321 to load the appropriate module before marking a wireless interface
322 up will result in a message to the console and the device not
326 The pam_nologin(8) module ceases to provide an authentication
327 function and starts providing an account management function.
328 Consequent changes to /etc/pam.d should be brought in using
329 mergemaster(8). Third-party files in /usr/local/etc/pam.d may
330 need manual editing as follows. Locate this line (or similar):
332 auth required pam_nologin.so no_warn
334 and change it according to this example:
336 account required pam_nologin.so no_warn
338 That is, the first word needs to be changed from "auth" to
339 "account". The new line can be moved to the account section
340 within the file for clarity. Not updating pam.conf(5) files
341 will result in nologin(5) ignored by the respective services.
344 The ether_ioctl() function has been synchronized with ioctl(2)
345 and ifnet.if_ioctl. Due to that, the size of one of its arguments
346 has changed on 64-bit architectures. All kernel modules using
347 ether_ioctl() need to be rebuilt on such architectures.
350 Improved INCLUDE_CONFIG_FILE support has been introduced to the
351 config(8) utility. In order to take advantage of this new
352 functionality, you are expected to recompile and install
353 src/usr.sbin/config. If you don't rebuild config(8), and your
354 kernel configuration depends on INCLUDE_CONFIG_FILE, the kernel
355 build will be broken because of a missing "kernconfstring"
359 Symbol versioning is enabled by default. To disable it, use
360 option WITHOUT_SYMVER. It is not advisable to attempt to
361 disable symbol versioning once it is enabled; your installworld
362 will break because a symbol version-less libc will get installed
363 before the install tools. As a result, the old install tools,
364 which previously had symbol dependencies to FBSD_1.0, will fail
365 because the freshly installed libc will not have them.
367 The default threading library (providing "libpthread") has been
368 changed to libthr. If you wish to have libkse as your default,
369 use option DEFAULT_THREAD_LIB=libkse for the buildworld.
372 The ABI breakage in sendmail(8)'s libmilter has been repaired
373 so it is no longer necessary to recompile mail filters (aka,
374 milters). If you recompiled mail filters after the 20070408
375 note, it is not necessary to recompile them again.
378 The new trunk(4) driver has been renamed to lagg(4) as it better
379 reflects its purpose. ifconfig will need to be recompiled.
382 sendmail(8) has been updated to version 8.14.1. Mail filters
383 (aka, milters) compiled against the libmilter included in the
384 base operating system should be recompiled.
387 Firmwares for ipw(4) and iwi(4) are now included in the base tree.
388 In order to use them one must agree to the respective LICENSE in
389 share/doc/legal and define legal.intel_<name>.license_ack=1 via
390 loader.conf(5) or kenv(1). Make sure to deinstall the now
391 deprecated modules from the respective firmware ports.
394 The name resolution/mapping functions addr2ascii(3) and ascii2addr(3)
395 were removed from FreeBSD's libc. These originally came from INRIA
396 IPv6. Nothing in FreeBSD ever used them. They may be regarded as
397 deprecated in previous releases.
398 The AF_LINK support for getnameinfo(3) was merged from NetBSD to
399 replace it as a more portable (and re-entrant) API.
402 To support interrupt filtering a modification to the newbus API
403 has occurred, ABI was broken and __FreeBSD_version was bumped
404 to 700031. Please make sure that your kernel and modules are in
406 http://docs.freebsd.org/cgi/mid.cgi?20070221233124.GA13941
409 The IPv6 multicast forwarding code may now be loaded into GENERIC
410 kernels by loading the ip_mroute.ko module. This is built into the
411 module unless WITHOUT_INET6 or WITHOUT_INET6_SUPPORT options are
412 set; see src.conf(5) for more information.
415 The output of netstat -r has changed. Without -n, we now only
416 print a "network name" without the prefix length if the network
417 address and mask exactly match a Class A/B/C network, and an entry
418 exists in the nsswitch "networks" map.
419 With -n, we print the full unabbreviated CIDR network prefix in
420 the form "a.b.c.d/p". 0.0.0.0/0 is always printed as "default".
421 This change is in preparation for changes such as equal-cost
422 multipath, and to more generally assist operational deployment
423 of FreeBSD as a modern IPv4 router.
426 PIM has been turned on by default in the IPv4 multicast
427 routing code. The kernel option 'PIM' has now been removed.
428 PIM is now built by default if option 'MROUTING' is specified.
429 It may now be loaded into GENERIC kernels by loading the
433 Support for IPIP tunnels (VIFF_TUNNEL) in IPv4 multicast routing
434 has been removed. Its functionality may be achieved by explicitly
435 configuring gif(4) interfaces and using the 'phyint' keyword in
437 XORP does not support source-routed IPv4 multicast tunnels nor the
438 integrated IPIP tunneling, therefore it is not affected by this
439 change. The __FreeBSD_version macro has been bumped to 700030.
442 Support for PCI Message Signalled Interrupts has been
443 re-enabled in the bge driver, only for those chips which are
444 believed to support it properly. If there are any problems,
445 MSI can be disabled completely by setting the
446 'hw.pci.enable_msi' and 'hw.pci.enable_msix' tunables to 0
450 Support for PCI Message Signalled Interrupts has been
451 disabled again in the bge driver. Many revisions of the
452 hardware fail to support it properly. Support can be
453 re-enabled by removing the #define of BGE_DISABLE_MSI in
454 "src/sys/dev/bge/if_bge.c".
457 Support for PCI Message Signalled Interrupts has been added
458 to the bge driver. If there are any problems, MSI can be
459 disabled completely by setting the 'hw.pci.enable_msi' and
460 'hw.pci.enable_msix' tunables to 0 in the loader.
463 The removal of several facets of the experimental Threading
464 system from the kernel means that the proc and thread structures
465 have changed quite a bit. I suggest all kernel modules that might
466 reference these structures be recompiled.. Especially the
470 Sound infrastructure has been updated with various fixes and
471 improvements. Most of the changes are pretty much transparent,
472 with exceptions of followings:
473 1) All sound driver specific sysctls (hw.snd.pcm%d.*) have been
474 moved to their own dev sysctl nodes, for example:
475 hw.snd.pcm0.vchans -> dev.pcm.0.vchans
476 2) /dev/dspr%d.%d has been deprecated. Each channel now has its
477 own chardev in the form of "dsp%d.<function>%d", where <function>
478 is p = playback, r = record and v = virtual, respectively. Users
479 are encouraged to use these devs instead of (old) "/dev/dsp%d.%d".
480 This does not affect those who are using "/dev/dsp".
483 geom(4)'s gmirror(8) class metadata structure has been
484 rev'd from v3 to v4. If you update across this point and
485 your metadata is converted for you, you will not be easily
486 able to downgrade since the /boot/kernel.old/geom_mirror.ko
487 kernel module will be unable to read the v4 metadata. You
488 can resolve this by doing from the loader(8) prompt:
490 set vfs.root.mountfrom="ufs:/dev/XXX"
492 where XXX is the root slice of one of the disks that composed
493 the mirror (i.e.: /dev/ad0s1a). You can then rebuild
494 the array the same way you built it originally.
497 The following binaries have been disconnected from the build:
498 mount_devfs, mount_ext2fs, mount_fdescfs, mount_procfs, mount_linprocfs,
499 and mount_std. The functionality of these programs has been
500 moved into the mount program. For example, to mount a devfs
501 filesystem, instead of using mount_devfs, use: "mount -t devfs".
502 This does not affect entries in /etc/fstab, since entries in
503 /etc/fstab are always processed with "mount -t fstype".
506 Support for PCI Message Signalled Interrupts on i386 and amd64
507 has been added to the kernel and various drivers will soon be
508 updated to use MSI when it is available. If there are any problems,
509 MSI can be disabled completely by setting the 'hw.pci.enable_msi'
510 and 'hw.pci.enable_msix' tunables to 0 in the loader.
513 The MUTEX_PROFILING option has been renamed to LOCK_PROFILING.
514 The lockmgr object layout has been changed as a result of having
515 a lock_object embedded in it. As a consequence all file system
516 kernel modules must be re-compiled. The mutex profiling man page
517 has not yet been updated to reflect this change.
520 KSE in the kernel has now been made optional and turned on by
521 default. Use 'nooption KSE' in your kernel config to turn it
522 off. All kernel modules *must* be recompiled after this change.
523 There-after, modules from a KSE kernel should be compatible with
524 modules from a NOKSE kernel due to the temporary padding fields
525 added to 'struct proc'.
528 mrouted and its utilities have been removed from the base system.
531 Some ioctl(2) command codes have changed. Full backward ABI
532 compatibility is provided if the "options COMPAT_FREEBSD6" is
533 present in the kernel configuration file. Make sure to add
534 this option to your kernel config file, or recompile X.Org
535 and the rest of ports; otherwise they may refuse to work.
538 tcpslice has been removed from the base system.
541 The sizes of struct tcpcb (and struct xtcpcb) have changed due to
542 the rewrite of TCP syncookies. Tools like netstat, sockstat, and
543 systat needs to be rebuilt.
546 libpcap updated to v0.9.4 and tcpdump to v3.9.4
549 The IPFIREWALL_FORWARD_EXTENDED option is gone and the behaviour
550 for IPFIREWALL_FORWARD is now as it was before when it was first
551 committed and for years after. The behaviour is now ON.
554 enigma(1)/crypt(1) utility has been changed on 64 bit architectures.
555 Now it can decrypt files created from different architectures.
556 Unfortunately, it is no longer able to decrypt a cipher text
557 generated with an older version on 64 bit architectures.
558 If you have such a file, you need old utility to decrypt it.
561 The interface version of the i4b kernel part has changed. So
562 after updating the kernel sources and compiling a new kernel,
563 the i4b user space tools in "/usr/src/usr.sbin/i4b" must also
564 be rebuilt, and vice versa.
567 The XBOX kernel now defaults to the nfe(4) driver instead of
568 the nve(4) driver. Please update your configuration
572 The i386-only lnc(4) driver for the AMD Am7900 LANCE and Am79C9xx
573 PCnet family of NICs has been removed. The new le(4) driver serves
574 as an equivalent but cross-platform replacement with the pcn(4)
575 driver still providing performance-optimized support for the subset
576 of AMD Am79C971 PCnet-FAST and greater chips as before.
579 The machdep.* sysctls and the adjkerntz utility have been
580 modified a bit. The new adjkerntz utility uses the new
581 sysctl names and sysctlbyname() calls, so it may be impossible
582 to run an old /sbin/adjkerntz utility in single-user mode
583 with a new kernel. Replace the `adjkerntz -i' step before
584 `make installworld' with:
586 /usr/obj/usr/src/sbin/adjkerntz/adjkerntz -i
588 and proceed as usual with the rest of the installworld-stage
589 steps. Otherwise, you risk installing binaries with their
590 timestamp set several hours in the future, especially if
591 you are running with local time set to GMT+X hours.
594 The ip6fw utility has been removed. The behavior provided by
595 ip6fw has been in ipfw2 for a good while and the rc.d scripts
596 have been updated to deal with it. There are some rules that
597 might not migrate cleanly. Use rc.firewall6 as a template to
601 The puc(4) driver has been overhauled. The ebus(4) and sbus(4)
602 attachments have been removed. Make sure to configure scc(4)
603 on sparc64. Note also that by default puc(4) will use uart(4)
604 and not sio(4) for serial ports because interrupt handling has
605 been optimized for multi-port serial cards and only uart(4)
606 implements the interface to support it.
609 The scc(4) driver replaces puc(4) for Serial Communications
610 Controllers (SCCs) like the Siemens SAB82532 and the Zilog
611 Z8530. On sparc64, it is advised to add scc(4) to the kernel
612 configuration to make sure that the serial ports remain
616 Most world/kernel related NO_* build options changed names.
617 New knobs have common prefixes WITHOUT_*/WITH_* (modelled
618 after FreeBSD ports) and should be set in /etc/src.conf
619 (the src.conf(5) manpage is provided). Full backwards
620 compatibility is maintained for the time being though it's
621 highly recommended to start moving old options out of the
622 system-wide /etc/make.conf file into the new /etc/src.conf
623 while also properly renaming them. More conversions will
624 likely follow. Posting to current@:
626 http://lists.freebsd.org/pipermail/freebsd-current/2006-March/061725.html
629 The NETSMBCRYPTO kernel option has been retired because its
630 functionality is always included in NETSMB and smbfs.ko now.
633 The TDFX_LINUX kernel option was retired and replaced by the
634 tdfx_linux device. The latter can be loaded as the 3dfx_linux.ko
635 kernel module. Loading it alone should suffice to get 3dfx support
636 for Linux apps because it will pull in 3dfx.ko and linux.ko through
640 The 'audit' group was added to support the new auditing functionality
641 in the base system. Be sure to follow the directions for updating,
642 including the requirement to run mergemaster -p.
645 The kernel ABI to file system modules was changed on i386.
646 Please make sure that your kernel and modules are in sync.
649 This actually occured some time ago, but installing the kernel
650 now also installs a bunch of symbol files for the kernel modules.
651 This increases the size of /boot/kernel to about 67Mbytes. You
652 will need twice this if you will eventually back this up to kernel.old
653 on your next install.
654 If you have a shortage of room in your root partition, you should add
655 -DINSTALL_NODEBUG to your make arguments or add INSTALL_NODEBUG="yes"
656 to your /etc/make.conf.
659 libc's malloc implementation has been replaced. This change has the
660 potential to uncover application bugs that previously went unnoticed.
661 See the malloc(3) manual page for more details.
664 The generic netgraph(4) cookie has been changed. If you upgrade
665 kernel passing this point, you also need to upgrade userland
666 and netgraph(4) utilities like ports/net/mpd or ports/net/mpd4.
669 si(4)'s device files now contain the unit number.
670 Uses of {cua,tty}A[0-9a-f] should be replaced by {cua,tty}A0[0-9a-f].
673 The kernel ABI was mostly destroyed due to a change in the size
674 of struct lock_object which is nested in other structures such
675 as mutexes which are nested in all sorts of other structures.
676 Make sure your kernel and modules are in sync.
679 The page coloring algorithm in the VM subsystem was converted
680 from tuning with kernel options to autotuning. Please remove
681 any PQ_* option except PQ_NOOPT from your kernel config.
684 The net80211-related tools in the tools/tools/ath directory
685 have been moved to tools/tools/net80211 and renamed with a
686 "wlan" prefix. Scripts that use them should be adjusted
690 Scripts in the local_startup directories (as defined in
691 /etc/defaults/rc.conf) that have the new rc.d semantics will
692 now be run as part of the base system rcorder. If there are
693 errors or problems with one of these local scripts, it could
694 cause boot problems. If you encounter such problems, boot in
695 single user mode, remove that script from the */rc.d directory.
696 Please report the problem to the port's maintainer, and the
697 freebsd-ports@freebsd.org mailing list.
700 The nodev mount option was deprecated in RELENG_6 (where it
701 was a no-op), and is now unsupported. If you have nodev or dev listed
702 in /etc/fstab, remove it, otherwise it will result in a mount error.
705 ABI between ipfw(4) and ipfw(8) has been changed. You need
706 to rebuild ipfw(8) when rebuilding kernel.
709 rp(4)'s device files now contain the unit number.
710 Uses of {cua,tty}R[0-9a-f] should be replaced by {cua,tty}R0[0-9a-f].
713 /etc/rc.d/ppp-user has been renamed to /etc/rc.d/ppp.
714 Its /etc/rc.conf.d configuration file has been `ppp' from
715 the beginning, and hence there is no need to touch it.
718 Now most modules get their build-time options from the kernel
719 configuration file. A few modules still have fixed options
720 due to their non-conformant implementation, but they will be
721 corrected eventually. You may need to review the options of
722 the modules in use, explicitly specify the non-default options
723 in the kernel configuration file, and rebuild the kernel and
727 kern.polling.enable sysctl MIB is now deprecated. Use ifconfig(8)
728 to turn polling(4) on your interfaces.
731 The old bridge(4) implementation was retired. The new
732 if_bridge(4) serves as a full functional replacement.
735 The ai_addrlen of a struct addrinfo was changed to a socklen_t
736 to conform to POSIX-2001. This change broke an ABI
737 compatibility on 64 bit architecture. You have to recompile
738 userland programs that use getaddrinfo(3) on 64 bit
742 RELENG_6 branched here.
745 The pccard_ifconfig rc.conf variable has been removed and a new
746 variable, ifconfig_DEFAULT has been introduced. Unlike
747 pccard_ifconfig, ifconfig_DEFAULT applies to ALL interfaces that
748 do not have ifconfig_ifn entries rather than just those in
749 removable_interfaces.
752 Some previous versions of PAM have permitted the use of
753 non-absolute paths in /etc/pam.conf or /etc/pam.d/* when referring
754 to third party PAM modules in /usr/local/lib. A change has been
755 made to require the use of absolute paths in order to avoid
756 ambiguity and dependence on library path configuration, which may
757 affect existing configurations.
760 Major changes to network interface API. All drivers must be
761 recompiled. Drivers not in the base system will need to be
762 updated to the new APIs.
765 Changes were made to kinfo_proc in sys/user.h. Please recompile
766 userland, or commands like `fstat', `pkill', `ps', `top' and `w'
767 will not behave correctly.
769 The API and ABI for hwpmc(4) have changed with the addition
770 of sampling support. Please recompile lib/libpmc(3) and
771 usr.sbin/{pmcstat,pmccontrol}.
774 The OpenBSD dhclient was imported in place of the ISC dhclient
775 and the network interface configuration scripts were updated
776 accordingly. If you use DHCP to configure your interfaces, you
777 must now run devd. Also, DNS updating was lost so you will need
778 to find a workaround if you use this feature.
780 The '_dhcp' user was added to support the OpenBSD dhclient. Be
781 sure to run mergemaster -p (like you are supposed to do every time
785 if_bridge was added to the tree. This has changed struct ifnet.
786 Please recompile userland and all network related modules.
789 The n_net of a struct netent was changed to an uint32_t, and
790 1st argument of getnetbyaddr() was changed to an uint32_t, to
791 conform to POSIX-2001. These changes broke an ABI
792 compatibility on 64 bit architecture. With these changes,
793 shlib major of libpcap was bumped. You have to recompile
794 userland programs that use getnetbyaddr(3), getnetbyname(3),
795 getnetent(3) and/or libpcap on 64 bit architecture.
798 Kernel parsing of extra options on '#!' first lines of shell
799 scripts has changed. Lines with multiple options likely will
800 fail after this date. For full details, please see
801 http://people.freebsd.org/~gad/Updating-20050528.txt
804 The packet filter (pf) code has been updated to OpenBSD 3.7
805 Please note the changed anchor syntax and the fact that
806 authpf(8) now needs a mounted fdescfs(5) to function.
809 The NO_MIXED_MODE kernel option has been removed from the i386
810 amd64 platforms as its use has been superceded by the new local
811 APIC timer code. Any kernel config files containing this option
815 The on-disk format of LC_CTYPE files was changed to be machine
816 independent. Please make sure NOT to use NO_CLEAN buildworld
817 when crossing this point. Crossing this point also requires
818 recompile or reinstall of all locale depended packages.
821 The ifi_epoch member of struct if_data has been changed to
822 contain the uptime at which the interface was created or the
823 statistics zeroed rather then the wall clock time because
824 wallclock time may go backwards. This should have no impact
825 unless an snmp implementation is using this value (I know of
829 The acpi_perf and acpi_throttle drivers are now part of the
830 acpi(4) main module. They are no longer built separately.
833 The layout of struct image_params has changed. You have to
834 recompile all compatibility modules (linux, svr4, etc) for use
838 The p4tcc driver has been merged into cpufreq(4). This makes
839 "options CPU_ENABLE_TCC" obsolete. Please load cpufreq.ko or
840 compile in "device cpufreq" to restore this functionality.
843 The responsibility of recomputing the file system summary of
844 a SoftUpdates-enabled dirty volume has been transferred to the
845 background fsck. A rebuild of fsck(8) utility is recommended
846 if you have updated the kernel.
848 To get the old behavior (recompute file system summary at mount
849 time), you can set vfs.ffs.compute_summary_at_mount=1 before
850 mounting the new volume.
853 The cpufreq import is complete. As part of this, the sysctls for
854 acpi(4) throttling have been removed. The power_profile script
855 has been updated, so you can use performance/economy_cpu_freq in
856 rc.conf(5) to set AC on/offline cpu frequencies.
859 NG_VERSION has been increased. Recompiling kernel (or ng_socket.ko)
860 requires recompiling libnetgraph and userland netgraph utilities.
863 Support for abbreviated forms of a number of ipfw options is
864 now deprecated. Warnings are printed to stderr indicating the
865 correct full form when a match occurs. Some abbreviations may
866 be supported at a later date based on user feedback. To be
867 considered for support, abbreviations must be in use prior to
868 this commit and unlikely to be confused with current key words.
871 By a popular demand, a lot of NOFOO options were renamed
872 to NO_FOO (see bsd.compat.mk for a full list). The old
873 spellings are still supported, but will cause annoying
874 warnings on stderr. Make sure you upgrade properly (see
875 the COMMON ITEMS: section later in this file).
878 Auto-loading of ancillary wlan modules such as wlan_wep has
879 been temporarily disabled; you need to statically configure
880 the modules you need into your kernel or explicitly load them
881 prior to use. Specifically, if you intend to use WEP encryption
882 with an 802.11 device load/configure wlan_wep; if you want to
883 use WPA with the ath driver load/configure wlan_tkip, wlan_ccmp,
884 and wlan_xauth as required.
887 The behaviour of ppp(8) has changed slightly. If lqr is enabled
888 (``enable lqr''), older versions would revert to LCP ECHO mode on
889 negotiation failure. Now, ``enable echo'' is required for this
890 behaviour. The ppp version number has been bumped to 3.4.2 to
894 The wlan support has been updated to split the crypto support
895 into separate modules. For static WEP you must configure the
896 wlan_wep module in your system or build and install the module
897 in place where it can be loaded (the kernel will auto-load
898 the module when a wep key is configured).
901 The ath driver has been updated to split the tx rate control
902 algorithm into a separate module. You need to include either
903 ath_rate_onoe or ath_rate_amrr when configuring the kernel.
906 Support for systems with an 80386 CPU has been removed. Please
907 use FreeBSD 5.x or earlier on systems with an 80386.
910 We have had a hack which would mount the root filesystem
911 R/W if the device were named 'md*'. As part of the vnode
912 work I'm doing I have had to remove this hack. People
913 building systems which use preloaded MD root filesystems
914 may need to insert a "/sbin/mount -u -o rw /dev/md0 /" in
915 their /etc/rc scripts.
918 FreeBSD 5.3 shipped here.
921 The size of struct tcpcb has changed again due to the removal
922 of RFC1644 T/TCP. You have to recompile userland programs that
923 read kmem for tcp sockets directly (netstat, sockstat, etc.)
926 The size of struct tcpcb has changed. You have to recompile
927 userland programs that read kmem for tcp sockets directly
928 (netstat, sockstat, etc.)
931 RELENG_5 branched here. For older entries, please see updating
932 in the RELENG_5 branch.
938 Avoid using make -j when upgrading. From time to time in the
939 past there have been problems using -j with buildworld and/or
940 installworld. This is especially true when upgrading between
941 "distant" versions (eg one that cross a major release boundary
942 or several minor releases, or when several months have passed
943 on the -current branch).
945 Sometimes, obscure build problems are the result of environment
946 poisoning. This can happen because the make utility reads its
947 environment when searching for values for global variables.
948 To run your build attempts in an "environmental clean room",
949 prefix all make commands with 'env -i '. See the env(1) manual
950 page for more details.
952 When upgrading from one major version to another it is generally
953 best to upgrade to the latest code in the currently installed branch
954 first, then do an upgrade to the new branch. This is the best-tested
955 upgrade path, and has the highest probability of being successful.
956 Please try this approach before reporting problems with a major
961 If you are updating from a prior version of FreeBSD (even one just
962 a few days old), you should follow this procedure. It is the most
963 failsafe as it uses a /usr/obj tree with a fresh mini-buildworld,
965 make kernel-toolchain
966 make -DALWAYS_CHECK_MAKE buildkernel KERNCONF=YOUR_KERNEL_HERE
967 make -DALWAYS_CHECK_MAKE installkernel KERNCONF=YOUR_KERNEL_HERE
969 To test a kernel once
970 ---------------------
971 If you just want to boot a kernel once (because you are not sure
972 if it works, or if you want to boot a known bad kernel to provide
973 debugging information) run
974 make installkernel KERNCONF=YOUR_KERNEL_HERE KODIR=/boot/testkernel
975 nextboot -k testkernel
977 To just build a kernel when you know that it won't mess you up
978 --------------------------------------------------------------
979 This assumes you are already running a 5.X system. Replace
980 ${arch} with the architecture of your machine (e.g. "i386",
981 "alpha", "amd64", "ia64", "pc98", "sparc64", etc).
983 cd src/sys/${arch}/conf
984 config KERNEL_NAME_HERE
985 cd ../compile/KERNEL_NAME_HERE
990 If this fails, go to the "To build a kernel" section.
992 To rebuild everything and install it on the current system.
993 -----------------------------------------------------------
994 # Note: sometimes if you are running current you gotta do more than
995 # is listed here if you are upgrading from a really old current.
997 <make sure you have good level 0 dumps>
999 make kernel KERNCONF=YOUR_KERNEL_HERE
1001 <reboot in single user> [3]
1009 To cross-install current onto a separate partition
1010 --------------------------------------------------
1011 # In this approach we use a separate partition to hold
1012 # current's root, 'usr', and 'var' directories. A partition
1013 # holding "/", "/usr" and "/var" should be about 2GB in
1016 <make sure you have good level 0 dumps>
1019 make buildkernel KERNCONF=YOUR_KERNEL_HERE
1020 <maybe newfs current's root partition>
1021 <mount current's root partition on directory ${CURRENT_ROOT}>
1022 make installworld DESTDIR=${CURRENT_ROOT}
1023 make distribution DESTDIR=${CURRENT_ROOT} # if newfs'd
1024 make installkernel KERNCONF=YOUR_KERNEL_HERE DESTDIR=${CURRENT_ROOT}
1025 cp /etc/fstab ${CURRENT_ROOT}/etc/fstab # if newfs'd
1026 <edit ${CURRENT_ROOT}/etc/fstab to mount "/" from the correct partition>
1027 <reboot into current>
1028 <do a "native" rebuild/install as described in the previous section>
1029 <maybe install compatibility libraries from src/lib/compat>
1033 To upgrade in-place from 5.x-stable to current
1034 ----------------------------------------------
1035 <make sure you have good level 0 dumps>
1037 make kernel KERNCONF=YOUR_KERNEL_HERE [8]
1039 <reboot in single user> [3]
1046 Make sure that you've read the UPDATING file to understand the
1047 tweaks to various things you need. At this point in the life
1048 cycle of current, things change often and you are on your own
1049 to cope. The defaults can also change, so please read ALL of
1050 the UPDATING entries.
1052 Also, if you are tracking -current, you must be subscribed to
1053 freebsd-current@freebsd.org. Make sure that before you update
1054 your sources that you have read and understood all the recent
1055 messages there. If in doubt, please track -stable which has
1056 much fewer pitfalls.
1058 [1] If you have third party modules, such as vmware, you
1059 should disable them at this point so they don't crash your
1062 [3] From the bootblocks, boot -s, and then do
1067 adjkerntz -i # if CMOS is wall time
1068 Also, when doing a major release upgrade, it is required that
1069 you boot into single user mode to do the installworld.
1071 [4] Note: This step is non-optional. Failure to do this step
1072 can result in a significant reduction in the functionality of the
1073 system. Attempting to do it by hand is not recommended and those
1074 that pursue this avenue should read this file carefully, as well
1075 as the archives of freebsd-current and freebsd-hackers mailing lists
1076 for potential gotchas.
1078 [5] Usually this step is a noop. However, from time to time
1079 you may need to do this if you get unknown user in the following
1080 step. It never hurts to do it all the time. You may need to
1081 install a new mergemaster (cd src/usr.sbin/mergemaster && make
1082 install) after the buildworld before this step if you last updated
1083 from current before 20020224 or from -stable before 20020408.
1085 [8] In order to have a kernel that can run the 4.x binaries
1086 needed to do an installworld, you must include the COMPAT_FREEBSD4
1087 option in your kernel. Failure to do so may leave you with a system
1088 that is hard to boot to recover. A similar kernel option COMPAT_FREEBSD5
1089 is required to run the 5.x binaries on more recent kernels.
1091 Make sure that you merge any new devices from GENERIC since the
1092 last time you updated your kernel config file.
1094 [9] When checking out sources, you must include the -P flag to have
1095 cvs prune empty directories.
1097 If CPUTYPE is defined in your /etc/make.conf, make sure to use the
1098 "?=" instead of the "=" assignment operator, so that buildworld can
1099 override the CPUTYPE if it needs to.
1101 MAKEOBJDIRPREFIX must be defined in an environment variable, and
1102 not on the command line, or in /etc/make.conf. buildworld will
1103 warn if it is improperly defined.
1106 This file contains a list, in reverse chronological order, of major
1107 breakages in tracking -current. Not all things will be listed here,
1108 and it only starts on October 16, 2004. Updating files can found in
1109 previous releases if your system is older than this.
1111 Copyright information:
1113 Copyright 1998-2005 M. Warner Losh. All Rights Reserved.
1115 Redistribution, publication, translation and use, with or without
1116 modification, in full or in part, in any form or format of this
1117 document are permitted without further permission from the author.
1119 THIS DOCUMENT IS PROVIDED BY WARNER LOSH ``AS IS'' AND ANY EXPRESS OR
1120 IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
1121 WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
1122 DISCLAIMED. IN NO EVENT SHALL WARNER LOSH BE LIABLE FOR ANY DIRECT,
1123 INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
1124 (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
1125 SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
1126 HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
1127 STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
1128 IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
1129 POSSIBILITY OF SUCH DAMAGE.
1131 If you find this document useful, and you want to, you may buy the
1134 Contact Warner Losh if you have any questions about your use of