1 <?xml version="1.0" encoding="iso-8859-1"?>
2 <!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook XML V4.5-Based Extension//EN"
3 "../../../share/xml/freebsd45.dtd" [
4 <!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN" "release.ent">
10 <title>&os; &release.current; Release Notes</title>
12 <corpauthor>The &os; Project</corpauthor>
14 <pubdate>$FreeBSD$</pubdate>
18 <holder role="mailto:doc@FreeBSD.org">The &os; Documentation Project</holder>
21 <legalnotice id="trademarks" role="trademarks">
31 <para>The release notes for &os; &release.current; contain a summary
32 of the changes made to the &os; base system on the
33 &release.branch; development line.
34 This document lists applicable security advisories that were issued since
35 the last release, as well as significant changes to the &os;
37 Some brief remarks on upgrading are also presented.</para>
42 <title>Introduction</title>
44 <para>This document contains the release notes for &os;
45 &release.current;. It describes recently added, changed, or
46 deleted features of &os;. It also provides some notes on
47 upgrading from previous versions of &os;.</para>
49 <para>This distribution of &os; &release.current; is a
50 &release.type; distribution. It can be found at <ulink
51 url="&release.url;"></ulink> or any of its mirrors. More
52 information on obtaining this (or other) &release.type;
53 distributions of &os; can be found in the <ulink
54 url="&url.books.handbook;/mirrors.html"><quote>Obtaining
55 &os;</quote> appendix</ulink> to the <ulink
56 url="&url.books.handbook;/">&os; Handbook</ulink>.</para>
58 <para>All users are encouraged to consult the release errata before
59 installing &os;. The errata document is updated with
60 <quote>late-breaking</quote> information discovered late in the
61 release cycle or after the release. Typically, it contains
62 information on known bugs, security advisories, and corrections to
63 documentation. An up-to-date copy of the errata for &os;
64 &release.current; can be found on the &os; Web site.</para>
68 <title>What's New</title>
70 <para>This section describes the most user-visible new or changed
71 features in &os; since &release.prev;.</para>
73 <para>Typical release note items document recent security
74 advisories issued after &release.prev;, new drivers or hardware
75 support, new commands or options, major bug fixes, or
76 contributed software upgrades. They may also list changes to
77 major ports/packages or release engineering practices. Clearly
78 the release notes cannot list every single change made to &os;
79 between releases; this document focuses primarily on security
80 advisories, user-visible changes, and major architectural
84 <title>Security Advisories</title>
86 <para>Problems described in the following security advisories have
87 been fixed. For more information, consult the individual
88 advisories available from
89 <ulink url="http://security.FreeBSD.org/"></ulink>.</para>
91 <informaltable frame="none" pgwide="1">
93 <colspec colwidth="1*" />
94 <colspec colwidth="1*" />
95 <colspec colwidth="3*" />
98 <entry>Advisory</entry>
106 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-12:01.openssl.asc"
107 >SA-12:01.openssl</ulink></entry>
108 <entry>3 May 2012</entry>
109 <entry><para>OpenSSL multiple vulnerabilities</para></entry>
113 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-12:02.crypt.asc"
114 >SA-12:02.crypt</ulink></entry>
115 <entry>30 May 2012</entry>
116 <entry><para>Incorrect <function>crypt()</function> hashing</para></entry>
120 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-12:03.bind.asc"
121 >SA-12:03.bind</ulink></entry>
122 <entry>12 June 2012</entry>
123 <entry><para>Incorrect handling of zero-length RDATA fields in &man.named.8;</para></entry>
127 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-12:04.sysret.asc"
128 >SA-12:04.sysret</ulink></entry>
129 <entry>12 June 2012</entry>
130 <entry><para>Privilege escalation when returning from kernel</para></entry>
134 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-12:05.bind.asc"
135 >SA-12:05.bind</ulink></entry>
136 <entry>6 August 2012</entry>
137 <entry><para>&man.named.8; DNSSEC validation Denial of Service</para></entry>
141 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-12:06.bind.asc"
142 >SA-12:06.bind</ulink></entry>
143 <entry>22 November 2012</entry>
144 <entry><para>Multiple Denial of Service vulnerabilities with &man.named.8;</para></entry>
148 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-12:07.hostapd.asc"
149 >SA-12:07.hostapd</ulink></entry>
150 <entry>22 November 2012</entry>
151 <entry><para>Insufficient message length validation for EAP-TLS messages</para></entry>
155 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-12:08.linux.asc"
156 >SA-12:08.linux</ulink></entry>
157 <entry>22 November 2012</entry>
158 <entry><para>Linux compatibility layer input validation error</para></entry>
166 <title>Kernel Changes</title>
168 <para revision="232728">The &os; Jail subsystem now supports
169 mounting &man.devfs.5;, &man.nullfs.5;, and ZFS filesystem
170 inside a jail. New &man.jail.8; parameters
171 <varname>allow.mount.devfs</varname>,
172 <varname>allow.mount.nullfs</varname>, and
173 <varname>allow.mount.zfs</varname> to control the per-jail
174 capabilities have been added. All of them are disabled by
177 <para revision="234167">A new &man.loader.8; tunable
178 <varname>kern.eventtimer.activetick</varname> has been added.
179 This tunable specifies whether each hardclock tick should
180 be run on every active CPU or only one. By setting it to
181 <literal>0</literal>, the total number of interrupts can be reduced
182 on SMP machines. The default value is
183 <literal>1</literal>.</para>
185 <para revision="229723">The &man.posix.fadvise.2; system call
186 has been implemented. This is a function similar to
187 &man.madvise.2; except that it operates on a file descriptor
188 instead of a memory region.</para>
190 <para revision="237795">The &man.filemon.4; pseudo-device has
191 been added. This allows a process to collect file operations
192 data of its children.</para>
194 <para revision="235413">The &man.sysctl.8; variable
195 <varname>kern.stop_scheduler_on_panic</varname> is now set to
196 <literal>1</literal> by default.</para>
198 <para revision="231907" arch="powerpc">&os;/powerpc64 now
199 supports kernel profiling by using &man.kgmon.8;.</para>
201 <para revision="231145">The &os; Linux ABI compatibility layer
202 now supports the <function>linux_fadvise64()</function> and
203 <function>linux_fadvise64_64()</function> system calls.</para>
205 <para revision="230266">The default value of the &man.loader.8;
206 tunable <varname>hw.memtest.tests</varname> is now
207 automatically set to <literal>0</literal> when &os; is running
208 on a virtual machine.</para>
210 <para revision="234075">A new &man.loader.8; tunable
211 <varname>kern.msgbuf_show_timestamp</varname> has been added.
212 When it is enabled, a timestamp is added to each line of the
213 system message buffer. The default value is
214 <literal>0</literal> (disabled).</para>
216 <para revision="230320">The &man.null.4; and &man.zero.4; pseudo
217 device driver now supports non-blocking mode via the &man.fcntl.2;
220 <para revision="233599">The &os; &man.sched.ule.4; scheduler has
221 been improved for CPU load balancing on SMT (Simultaneous
222 MultiThreading) CPUs. It gives a 10-15% performance improvement
223 when the number of threads is lesser than the number of
226 <para revision="235992"
227 arch="sparc64">The <literal>PREEMPTION</literal> kernel option is
228 now enabled in the <filename>GENERIC</filename> kernel.</para>
230 <para revision="230039">A new &man.sysctl.8; variable
231 <varname>security.bsd.unprivileged_idprio</varname> has been
232 added. This variable controls whether non-root users can set
233 an idle priority or not. This is disabled by default.</para>
235 <para revision="228445">The &man.splash.4; screen interface now
236 supports ASCII art in <application>TheDraw</application>
240 <title>Boot Loader Changes</title>
242 <para revision="230065">The &man.boot0cfg.8; utility now
243 supports configuration of PXE boot via the
244 <filename>boot0</filename> boot block temporarily on the
245 next boot. The slice number <literal>6</literal> or a
246 keyword <literal>PXE</literal> can be specified to enable
247 PXE boot using the <option>-s</option> option.</para>
249 <para revision="231287">The &os; &man.boot.8; block now
250 supports <filename>/boot/config</filename> in addition to
251 <filename>/boot.config</filename> as the boot block
252 parameter file. When both of them exist, the former will be
255 <para revision="234693">The <filename>gptboot</filename> boot
256 block now reads the backup GPT header from the last LBA only
257 when the primary GPT header and tables are invalid. This
258 mitigates interoperability issues with some &man.geom.4;
259 providers like <literal>MIRROR</literal> which use the last
260 LBA for the metadata.</para>
262 <para revision="237766">The <filename>zfsboot</filename> boot
263 block and <filename>zfsloader</filename> support
264 filesystems within a ZFS storage pool. In
265 <filename>zfsloader</filename>, the ZFS device name format is now
266 <literal>zfs:<replaceable>pool</replaceable>/<replaceable>fs</replaceable></literal>
267 and the fully qualified file path format is
268 <literal>zfs:<replaceable>pool</replaceable>/<replaceable>fs</replaceable>:/<replaceable>path/to/file</replaceable></literal>.
269 The <filename>zfsboot</filename> boot block accepts the
270 kernel/loader name in the format
271 <literal><replaceable>pool</replaceable>:<replaceable>fs</replaceable>:<replaceable>path/to/file</replaceable></literal>
273 <literal><replaceable>pool</replaceable>:<replaceable>path/to/file</replaceable></literal>.
274 In the latter case a default filesystem is used (the pool
275 root or a filesystem with the <literal>bootfs</literal> property). The
276 <filename>zfsboot</filename> boot block passes
277 the GUIDs of the selected
278 storage pool and dataset to <filename>zfsloader</filename>
279 to be used as its defaults.</para>
281 <para revision="236076" arch="sparc64">&os;/sparc64 now
282 supports booting from ZFS via the <filename>zfsboot</filename> boot block and
283 <filename>zfsloader</filename>. For example, the following commands create a
284 mirrored storage pool <literal>rpool</literal> consisting of
285 <literal>da0a</literal> and <literal>da0b</literal> and
286 configure the storage pool as the root filesystem:</para>
288 <screen>&prompt.root; gpart create -s vtoc8 da0
289 &prompt.root; gpart add -t freebsd-zfs -s 10g da0
290 &prompt.root; gpart add -t freebsd-swap -s 10g da0
291 &prompt.root; gpart add -t freebsd-zfs -s 10g da0
292 &prompt.root; zpool create rpool mirror da0a da0b
293 &prompt.root; zpool set bootfs=rpool rpool
294 &prompt.root; zpool export rpool
295 &prompt.root; gpart bootcode -p /boot/zfsboot da0
296 &prompt.root; sysctl kern.geom.debugflags=0x10
297 &prompt.root; dd if=/boot/zfsloader of=/dev/da0a bs=512 oseek=1024 conv=notrunc
298 &prompt.root; dd if=/boot/zfsloader of=/dev/da0b bs=512 oseek=1024 conv=notrunc
299 &prompt.root; zpool import rpool
300 &prompt.root; cp -p /boot/zfs/zpool.cache /rpool/boot/zfs/zpool.cache
301 &prompt.root; zfs set mountpoint=/ rpool</screen>
305 <title>Hardware Support</title>
307 <para revision="230751" arch="powerpc">The &man.abtn.4;
308 driver, which supports ADB keyboards found on Apple laptops,
309 has been added.</para>
311 <para revision="233798" arch="amd64">A workaround for Erratum
312 721 for AMD Processor Family 10h and 12h has been
313 implemented. Under a highly specific and detailed set of
314 internal timing conditions, the processor may incorrectly
315 update the stack pointer after a long series of push and/or
316 near-call instructions, or a long series of pop and/or
317 near-return instructions.</para>
319 <para revision="232677" arch="powerpc">The atibl(4) driver,
320 which supports backlight control of ATI graphics chips on
321 PowerBooks and iBooks, has been added.</para>
323 <para revision="229858">The &man.acpi.wmi.4; driver now
324 supports attaching multiple instances.</para>
326 <para revision="230290" arch="powerpc">The adm1030(4) driver
327 for G4 MDD fans now shows its PWM parameter in the device's
328 &man.sysctl.8; variable.</para>
330 <para revision="234559" arch="arm">The cesa(4) driver for the
331 Marvell crypto engine and security accelerator has been
334 <para revision="230305" arch="powerpc">The &man.hwpmc.4;
335 driver now supports PowerPC G4+ (MPC745x/MPC744x).</para>
337 <para revision="234046" arch="amd64,i386">The &man.hwpmc.4;
338 driver now supports the Intel Sandy Bridge
339 microarchitecture.</para>
341 <para revision="236238">The &man.hwpmc.4; driver now supports
342 software events. Simultaneous usage of software PMC and
343 hardware PMC is allowed.</para>
345 <para revision="236078">The pcf8563(4) driver for the NXP
346 (Philips) PCF8563 RTC has been added.</para>
348 <para revision="233471" arch="powerpc">&os;/powerpc now
349 supports the PWM-controlled fans found on the PowerMac SMU (System
350 Management Unit).</para>
352 <para revision="236081" arch="arm">&os;/arm now supports the Atmel
353 SAM9XE family of microcontrollers.</para>
355 <para revision="230754,233950">The following &man.sysctl.8;
356 variables have been added: <varname>kern.proc.env</varname>
357 for environment strings, <varname>kern.proc.auxv</varname>
358 for ELF auxiliary vectors from a process's stack,
359 <varname>kern.proc.groups</varname> for process groups,
360 <varname>kern.proc.rlimit</varname> for process resource
361 limits, <varname>kern.proc.ps_strings</varname> for the
362 ps_strings location, and <varname>kern.proc.osrel</varname> for
363 the osreldate of the process's binary.</para>
365 <para revision="229100,229369">The &man.usb.4; driver now
366 handles suspend and resume correctly with no need to reload
367 the kernel module.</para>
369 <para revision="230302">A bug in the &man.xhci.4; (USB 3.0)
370 driver has been fixed. It did not work with USB 3.0
373 <para revision="229927">The &man.viawd.4; driver, which
374 supports the watchdog timer found in VIA south bridges (VT8251,
375 CX700, VX800, VX855, VX900), has been added.</para>
377 <para revision="235926">The &man.wbwd.4; driver, which
378 supports the watchdog timer found in Winbond Super I/O chips,
379 has been added.</para>
382 <title>Multimedia Support</title>
384 <para revision="236926,236927,239965">The drm2(4) Intel GPU driver,
385 which supports GEM and KMS and works with new generations of
386 GPUs such as IronLake, SandyBridge, and IvyBridge, has been
387 added. The &man.agp.4; driver now supports SandyBridge
388 and IvyBridge CPU northbridges.</para>
390 <para revision="232798">The &man.snd.hda.4; driver has been
391 updated. It now supports and provides HDMI, new volume control,
392 automatic recording source selection, runtime
393 reconfiguration, more then 4 PCM devices on a controller,
394 multichannel recording, additional playback/record
395 streams, higher bandwidth, and more informative device
398 <para revision="233165">The &man.snd.hdspe.4; driver has
399 been added. This supports RME HDSPe AIO and RayDAT sound
402 <para revision="230964,230985,231047,235769">GPL-licensed
403 headers in the &man.snd.emu10kx.4;, &man.snd.maestro3.4;,
404 and &man.snd.csa.4; drivers have been replaced with
405 BSD-licensed one. These drivers are now fully
406 BSD-licensed and included in the <filename>GENERIC</filename>
407 kernel on &os;/amd64 and &os;/i386.</para>
411 <title>Network Interface Support</title>
413 <para revision="229520">A bug in the &man.ae.4; driver which could
414 prevent it from working under certain conditions has been
417 <para revision="229106">The &man.axe.4; driver now supports
418 TX/RX checksum offloading support for the ASIX AX88772B
421 <para>The &man.bce.4; driver has been improved:</para>
425 <para revision="229864">Unnecessary link up/down has
426 been eliminated.</para>
430 <para revision="236216">A bug has been fixed which could
431 prevent IPMI from working when the interface was
432 marked as down.</para>
436 <para revision="235818">It now supports remote PHYs,
437 which allow the controller to perform MDIO type accesses
438 to a remote transceiver by using message pages defined
439 through MRBE (MultiRate Backplane Ethernet). This is
440 found on machines such as the Dell PowerEdge M610
445 <para>The &man.bge.4; and brgphy(4) drivers have been
450 <para revision="229350">A bug which could prevent
451 DMA functionality from working correctly has been
456 <para revision="233495">It now works with a PCI-X BCM 5704
457 controller that is connected to AMD-8131 PCI-X bridge.</para>
461 <para revision="229357,229867,232134">It now supports
462 the BCM 5720 and BCM 5720C PHY, and the BCM 57780 1000BASE-T
463 media interface.</para>
467 <para revision="231734">It now supports a &man.loader.8;
469 <varname>dev.bge.<replaceable>N</replaceable>.msi</varname>
470 to control the use of MSI. The default value is
471 <literal>1</literal> (enabled).</para>
475 <para revision="231093,237925">The &man.cxgbe.4; and
476 &man.cxgb.4; drivers have been updated to firmware version
477 1.5.2.0. They now support device configuration via a
478 plain text configuration file, IPv6 hardware checksumming,
479 IPv6 TSO and LRO, a <literal>loadfw</literal> command in the
480 cxgbetool(8) utility which allows installing a firmware to
481 the card, and &man.sysctl.8; variables under
482 <varname>dev.t4nex.<replaceable>N</replaceable>.misc</varname>
483 for various information.</para>
485 <para revision="229334">The &man.dc.4; driver now supports
486 NVIDIA (ULi) M5261/M5263 PCI FastEthernet controllers, which
487 are found on the ULi M1563 South Bridge and M1689 Bridge.</para>
489 <para revision="229711,229717,229720">The &man.et.4; driver
490 now works on all platforms. A bug which could prevent
491 &man.altq.4; support from working has been fixed. A new
492 &man.sysctl.8; variable under
493 <varname>dev.et.<replaceable>N</replaceable>.stats</varname>
494 has been added for hardware MAC statistics.</para>
496 <para revision="238262">The &man.igb.4; driver has been
497 updated to version 2.3.4. It now supports newer i210/i211
500 <para revision="233838,235843">The &man.iwn.4; driver now
501 supports Intel Centrino Wireless-N + WiMAX 6150 and
502 Wireless-N 100/130 series.</para>
504 <para revision="230709">The &man.miibus.4; bus driver now
505 supports device hints
506 <varname>hint.miibus.<replaceable>N</replaceable>.phymask</varname>
507 for PHY addresses being probed. This is useful to manually
508 probe PHYs which do not implement basic the register set of
509 IEEE 802.3. Also, the &man.miibus.4; driver has been
510 changed to a hinted bus, allowing to add child devices via
511 hints and to set their attach arguments in addition to
512 automatically-probed PHYs.</para>
514 <para revision="229524">The &man.msk.4; driver now uses 64-bit
515 DMA addressing on 64-bit platforms.</para>
517 <para revision="236413">The &man.mxge.4; driver has been
518 updated to firmware version 1.4.55 from Myricom.</para>
520 <para revision="232137">The nsphyter(4) driver now supports
521 National DP83849.</para>
523 <para revision="231663">The &man.oce.4; driver, which
524 supports Emulex OneConnect 10Gbit Ethernet cards, has been
527 <para revision="236004">The &man.ral.4; driver now supports
528 Ralink RT2800 and RT3000 chipsets.</para>
530 <para revision="229529,231731">The &man.re.4; driver now
531 supports the RTL8411 PCIe Gigabit Ethernet controller. A bug
532 which could prevent WoL (Wake-on-LAN) from working on
533 RTL8168E has been fixed.</para>
535 <para revision="234028">The &man.runfw.4; firmware has been
536 updated to version 0.236.</para>
538 <para revision="228100">The &man.sfxge.4; driver, which
539 supports 10Gb Ethernet adapters based on Solarflare SFC9000
540 family controllers, has been added.</para>
542 <para revision="233485">The smcphy(4) driver now supports the
543 Seeq Technology 80220 PHY. This is found on Adaptec
544 AIC-6915 Starfire Ethernet controllers supported by the
545 &man.sf.4; driver.</para>
547 <para revision="229417,229438">The &man.ti.4; driver now
548 supports the &man.altq.4; framework, reporting link-state
549 changes, and &man.sysctl.8; variables under
550 <varname>dev.ti.<replaceable>N</replaceable></varname> for
551 interrupt moderation parameters.</para>
553 <para revision="229441">A bug in the &man.ti.4; driver which could
554 prevent it from working correctly with the <literal>PAE</literal>
555 kernel option has been fixed.</para>
557 <para revision="229540">The &man.vge.4; driver has been
558 updated to improve its link establishment and link-state
561 <para revision="229641">The &man.vr.4; driver now enables
562 flow control capability in the PHY drivers.</para>
564 <para revision="231697">The &man.xnb.4; Xen Paravirtualized
565 Backend Ethernet Driver (netback) has been updated. This is
566 attached via the newbus framework and works properly in both
567 HVM and PVM mode.</para>
571 <sect3 id="net-proto">
572 <title>Network Protocols</title>
574 <para revision="236051">The &man.if.bridge.4; pseudo-interface
575 now supports reporting link-state changes depending on the status
576 of the member interfaces.</para>
578 <para revision="234597">The <literal>table</literal> argument
579 in the &man.ipfw.4; packet filter rule syntax now supports
580 IP address, interface name, port number, and jail ID. The
581 following syntax is valid:</para>
583 <programlisting>skipto tablearg ip from any to any via table(42) in</programlisting>
585 <para>The &os; &man.ip6.4; protocol stack has been improved in terms
586 of its performance. Benchmarking can be found at <ulink
587 url="http://people.freebsd.org/~bz/bench/"></ulink>.</para>
589 <para revision="232292">The &os; &man.ip6.4; protocol stack now
590 supports multiple FIBs.</para>
592 <para revision="230604">An IPv6 default route configured via
593 Router Advertisement messages is now reinstalled correctly
594 when the default route is manually removed and then another
595 RA message is received for the same route.</para>
597 <para revision="227885">A bug which could return an incorrect
598 value for the <literal>IPV6_MULTICASE_HOPS</literal> socket option
599 has been fixed.</para>
601 <para revision="231768">A new &man.sysctl.3; name
602 <literal>NET_RT_IFLISTL</literal> has been added. This
603 queries the address list and works on extended and
604 extensible structures <varname>if_msghdrl</varname> and
605 <varname>ifa_msghdrl</varname> without breaking the
608 <para revision="231650,235527">The &man.netmap.4; fast packet
609 I/O framework has been added. The &man.em.4;, lem(4),
610 &man.igb.4;, and &man.re.4; drivers now support this
611 framework. The technical details can be found at <ulink
612 url="http://info.iet.unipi.it/~luigi/netmap/"></ulink>.</para>
614 <para revision="231045">The &os; &man.sctp.4; protocol stack now
615 supports a new &man.sysctl.8; variable
616 <varname>net.inet.sctp.blackhole</varname>. If this is set
617 to <literal>1</literal>, no <literal>ABORT</literal> is sent
618 back in response to an incoming <literal>INIT</literal>. If
619 this is set to <literal>2</literal>, no
620 <literal>ABORT</literal> is sent back in response to an
621 out-of-the-blue packet. If set to <literal>0</literal>
622 (the default), <literal>ABORT</literal>s are sent.</para>
624 <para revision="231049">A bug which could cause a system panic
625 when <literal>SCTP_RECVINFO</literal> or
626 <literal>SCTP_NXTINFO</literal> is specified to the
627 &man.getsockopt.2; system call has been fixed.</para>
629 <para revision="231070,231140">The &os; &man.sctp.4; protocol stack now
630 supports the <literal>SCTP_REMOTE_UDP_ENCAPS_PORT</literal>
631 socket option.</para>
633 <para revision="232805">The <literal>SO_PROTOCOL</literal> and
634 <literal>SO_PROTOTYPE</literal> socket options have been
635 added. These return the socket protocol number.</para>
637 <para revision="232945">The <literal>TCP_KEEPINIT</literal>,
638 <literal>TCP_KEEPIDLE</literal>,
639 <literal>TCP_KEEPINTVL</literal>, and
640 <literal>TCP_KEEPCNT</literal> socket options have been
641 added. These allow controlling initial timeout, idle time,
642 idle resend interval, and idle send count on a per-socket
647 <title>Disks and Storage</title>
649 <para revision="240758">The &man.arcmsr.4; driver has been
650 updated to version 1.20.00.25.</para>
652 <para revision="229291">The &man.ahci.4; driver now supports a
653 new &man.loader.8; tunable <varname>hw.ahci.force</varname>.
654 This controls whether it attempts to attach an AHCI-capable
655 device even if it is configured to use legacy emulation.
656 This is enabled by default.</para>
658 <para revision="231251">The new &man.cam.4;-based &man.ata.4;
659 driver now supports old &man.loader.8; tunables
660 <varname>hw.ata.ata_dma</varname> and
661 <varname>hw.ata.atapi_dma</varname>, for backward
662 compatibility.</para>
664 <para revision="236778">The &man.cam.4; driver now supports
665 SEMB (SATA Enclosure Management Bridge) devices, which are
666 equivalent to the SCSI SES/SAF-TE devices.</para>
668 <para revision="236765">A new &man.sysctl.8; variable
669 <varname>kern.cam.pmp.hide_special</varname> has been added.
670 This controls whether special PMP ports such as PMP (Port
671 MultiPlier) configuration or SEMB (SATA Enclosure Management
672 Bridge) will be exposed or hidden. The default value is
673 <literal>1</literal> (hidden).</para>
675 <para revision="231772">The ctl(4) driver, which supports
676 &man.cam.4; Target Layer and &man.ctladm.8;, a userland
677 control utility, have been added. ctl(4) is a disk and
678 processor device emulation subsystem supporting tagged
679 queuing, SCSI task attribute, SCSI implicit command
680 ordering, full task management, multiple ports, multiple
681 simultaneous initiators, multiple simultaneous backing
682 stores, mode sense/select, and error injection
685 <para revision="230014">The &man.cd.4; driver now supports
686 Audio CDs in the same way as &man.acd.4; did. It will
687 report a 2352-byte sector size to the &man.geom.4; subsystem and use
688 the <literal>READ CD</literal> command for reading the data.
689 This fixes an interoperability issue with <filename
690 role="package">multimedia/vlc</filename>.</para>
692 <para revision="236677">The &man.da.4; driver now supports
693 <literal>BIO_DELETE</literal>. To select the method, a new
694 &man.sysctl.8; variable
695 <varname>kern.cam.da.<replaceable>N</replaceable>.delete_method</varname>
696 has been added for each device instance. The following
697 values are supported:</para>
699 <informaltable frame="none" pgwide="1">
704 <entry>Method</entry>
711 <entry>no provisioning support reported by the device</entry>
715 <entry>DISABLE</entry>
716 <entry>provisioning support was disabled because of errors</entry>
721 <entry>WRITE SAME (10) command to write zeroes</entry>
726 <entry>WRITE SAME (10) command with UNMAP bit set</entry>
731 <entry>use WRITE SAME (16) command with UNMAP bit set</entry>
736 <entry>use UNMAP command (equivalent of the ATA DSM TRIM command)</entry>
742 <para>When it was <literal>NONE</literal>, the device did not
743 report logical block provisioning support via respective
744 VPD pages. One can set a specific method for testing and it
745 will be disabled automatically when not supported on the
748 <para revision="238500">The <application>MIRROR</application>
749 &man.geom.4; class now supports
750 <literal>BIO_DELETE</literal>. This means the
751 <literal>TRIM</literal> command will be issued on
752 supported devices when deleting data.</para>
754 <para revision="229303,234916">The
755 <application>MULTIPATH</application> &man.geom.4; class has
756 been updated. It now supports Active/Active mode,
757 Active/Read mode as hybrid of Active/Active and
758 Active/Passive, keeping a failed path without removing the
759 geom provider, manual configuration without on-disk
760 metadata, and <command>add</command>,
761 <command>remove</command>, <command>fail</command>,
762 <command>restore</command>, <command>configure</command>
763 subcommands in the &man.gmultipath.8; utility to manage the
764 configured paths.</para>
766 <para revision="234406">The
767 <application>PART_LDM</application> &man.geom.4; class has
768 been added. This partition scheme has support for Logical Disk
769 Manager, which is also known as dynamic volumes in Microsoft
770 Windows NT. Note that JBOD, RAID0, and RAID5 volumes are
771 not supported yet.</para>
773 <para revision="230763">The <application>PART_MBR</application>
774 &man.geom.4; class now allows a primary or extended Linux
775 swap partition to be used as the system dump device.</para>
777 <para revision="235877" arch="amd64,i386">The
778 <application>RAID</application> &man.geom.4; class is now
779 included in the <filename>GENERIC</filename> kernel.</para>
781 <para revision="230244">The <application>RAID</application>
782 &man.geom.4; class now supports disks with over 2TB capacity
783 for the Intel metadata format.</para>
785 <para revision="235874">The <application>RAID</application>
786 &man.geom.4; class now supports the DDF metadata format, which
787 is defined in the SNIA Common RAID Disk Data Format
788 Specification v2.0.</para>
790 <para revision="235483">The
791 <application>UNCOMPRESS</application> &man.geom.4; class and
792 the &man.mkulzma.8; utility have been added. This class
793 supports lzma compressed images like the
794 <application>UZIP</application> &man.geom.4; class and the
795 &man.mkuzip.8; utility.</para>
797 <para revision="229975" arch="amd64,i386">The &man.hpt27xx.4;
798 driver has been added. This supports HighPoint RocketRAID
799 27xx-based SAS 6Gb/s HBA.</para>
801 <para revision="231689" arch="amd64,i386">The &man.isci.4;
802 driver, which supports the integrated SAS controller in the
803 Intel C600 (Patsburg) chipset, has been added.</para>
805 <para revision="230019">Bugs in &man.isp.4; target mode have
808 <para revision="230775">The &man.ixgbe.4; driver now supports
809 the Intel X540 adapter.</para>
811 <para revision="227533">A bug in the &man.mfi.4; driver has been
812 fixed. It could cause some inconsistencies due to missed
813 interrupt acknowledgements and output the following log
816 <screen>mfi0: COMMAND 0xffffffXXXXXXXXXX TIMEOUT AFTER XX SECONDS</screen>
818 <para revision="229611,234429">The &man.mfi.4; driver now
819 supports single-message MSI, and Drake Skinny and
820 Thunderbolt cards. The &man.loader.8; tunable
821 <varname>hw.mfi.msi</varname> has been added and it is
822 enabled by default.</para>
824 <para revision="230920,231679,237876">The &man.mps.4; driver
825 has been updated to version 14.00.00.01-fbsd. This now
826 supports Integrated RAID, WarpDrive controllers, WRITE12 and
827 READ12 for direct I/O, SCSI protection information (EEDP),
828 Transport Level Retries (TLR) for tape drives, and LSI's
829 userland utility.</para>
831 <para revision="232562">A bug in the &man.mpt.4; driver has
832 been fixed. It could attempt to attach MegaRAID cards which
833 should be handled by the &man.mfi.4; driver.</para>
835 <para revision="229107">The &man.usb.4; storage device driver
836 now enables power save mode by default.</para>
840 <title>File Systems</title>
842 <para>The &os; NFS filesystem has been improved:</para>
846 <para revision="233326">It now supports a timeout on
847 positive name cache entries on the client side. A new
848 mount option <varname>nametimeo</varname> has been added
849 and set to <literal>60</literal> (in seconds) by
854 <para revision="234740">A memory leak when a ZFS volume is
855 exported via the &os; NFS server has been fixed.</para>
859 <para revision="233730">A bug has been fixed. When a
860 process writes to an mmap-backed file on an NFS
861 filesystem, flushing changes to the data could fail
862 under some circumstances such as errors due to
863 permission mismatch, and this failure could not be detected
864 as an error. A new &man.sysctl.8; variable
865 <varname>vfs.nfs.nfs_keep_dirty_on_error</varname> has
866 been added to control the behavior on the client side
867 related to this issue. When this is set to
868 <literal>1</literal>, the pages where a write operation
869 failed are kept dirty. The default value is set to
870 <literal>0</literal>.</para>
874 <para revision="229799">The &man.nfsv4.4; filesystem now
875 supports a &man.sysctl.8; variable
876 <varname>vfs.nfsd.disable_checkutf8</varname>. This
877 disables the check for UTF-8 compliance in
878 filenames. This is disabled by default. Note that
879 enabling this may help wht some interoperability issues but
880 results in an NFSv4 server that is not RFC 3530
885 <para revision="234511">The &man.tmpfs.5; filesystem is not an
886 experimental implementation anymore.</para>
888 <para revision="234849">The &man.tmpfs.5; filesystem now
889 supports a &man.sysctl.8; variable
890 <varname>vfs.tmpfs.memory_reserved</varname> to set the amount
891 of required free pages when &man.tmpfs.5; attempts to
892 allocate a new node.</para>
894 <para revision="229578,232328">&os;'s ZFS filesystem has been
895 updated by merging improvements from the illumos project. The
896 following changes are made:</para>
899 <listitem><para>New properties, <literal>clones</literal> and
900 <literal>written</literal>, have been added.</para></listitem>
902 <listitem><para>The &man.zfs.8; <command>send</command> command
903 now reports an estimated size of the stream.</para></listitem>
905 <listitem><para>The &man.zfs.8; <command>destroy</command> command
906 now reports an estimate of the space which would be reclaimed,
907 when <option>-n</option> is specified.</para></listitem>
909 <listitem><para>The &man.zfs.8; <command>get</command> command now
910 supports the <option>-t <replaceable>type</replaceable></option>
911 flag to specify the data type.</para></listitem>
914 <para revision="227705">A simple script
915 <filename>zfsboottest.sh</filename> has been added to the
916 source tree. This checks if the system is configured
917 correctly when using ZFS as the root filesystem. The script
919 <filename>/usr/src/tools/tools/zfsboottest.sh</filename> and
920 it uses the <filename>zfsboottest</filename> binary program in the
921 same directory.</para>
923 <para>The binary program can be built and installed by the
924 following command:</para>
926 <screen>&prompt.root; cd /usr/src/tools/tools/zfsboottest
928 &prompt.root; make install</screen>
930 <para>After that, the following command can be used to check the
931 system. <replaceable>poolname</replaceable> is the ZFS
932 storage pool name to boot:</para>
934 <screen>&prompt.root; sh /usr/src/tools/tools/zfsboottest/zfsboottest.sh <replaceable>poolname</replaceable></screen>
936 <para>The &man.sysctl.8; variable
937 <varname>vfs.zfs.txg.timeout</varname> has been changed from
938 read-only to writable.</para>
942 <sect2 id="userland">
943 <title>Userland Changes</title>
945 <para revision="238481">&man.auth.conf.5; has been removed
946 because it was deprecated years ago.</para>
948 <para revision="237740">The &man.camcontrol.8; utility now
949 supports a <command>fwdownload</command> subcommand for firmware
950 update on SCSI devices from Hitachi, HP, IBM, Plextor,
951 Quantum, and Seagate. This subcommand will reprogram the
952 firmware on devices connected over an ATA/SATA transport.</para>
954 <para revision="230597">The &man.dhclient.8; utility now
955 supports <literal>domain-search</literal> (option number 119,
956 described in RFC 3397). This allows a DHCP server to publish
957 a list of implicit domain suffixes used during name lookup.
958 If this option is specified, a <literal>search</literal>
959 keyword will be added to
960 <filename>/etc/resolv.conf</filename>.</para>
962 <para revision="230047">The &man.dump.8; utility now uses 53
963 characters for the device names in
964 <filename>/etc/dumpdates</filename>. This was previously limited to 32
967 <para revision="235253">The &man.fetch.1; utility now correctly
968 supports a percent-encoded user and password part in a
971 <para revision="230410">The &man.fdlopen.3; function has been
972 implemented. This is an interface for &man.rtld.1; to load a
973 shared object by file descriptor.</para>
975 <para revision="229845">The &man.fopen.3; function now supports
976 the <option>x</option> (an exclusive create-and-open mode) option
977 in the ISO/IEC 9899:2011 and C11 standards.</para>
979 <para revision="234023">A bug in the &man.gcc.1; compiler has
980 been fixed. It could lead to incorrect calculations when
981 <option>-ffast-math</option> is specified.</para>
983 <para revision="229509">The &man.hastd.8; daemon now supports
984 specifying the filename of its process ID file in
985 &man.hast.conf.5;.</para>
987 <para revision="231221">The &man.ifconfig.8; utility now
988 supports a <literal>vlanhwcsum</literal> parameter to set or
989 reset checksum offloading capability on VLANs.</para>
991 <para revision="238872">A bug in the &man.ifconfig.8; utility
992 which could display an error message in a jail with no IPv6
993 support has been fixed.</para>
995 <para revision="232486">The &man.ifconfig.8; utility now
996 supports a <literal>carp state <replaceable>state</replaceable></literal>
998 the state to <literal>backup</literal> or
999 <literal>master</literal> forcibly.</para>
1001 <para revision="235839">The &man.jail.8; utility now supports a
1002 configuration file (&man.jail.conf.5;) for complex
1003 configurations.</para>
1005 <para revision="237789">The &man.kdump.1; utility now supports a
1006 <option>-p <replaceable>pid</replaceable></option> option to
1007 accept either a process ID or a thread ID.</para>
1009 <para revision="236118">The &man.kenv.1; utility now supports a
1010 <option>-v</option> flag to display an entry in
1011 <literal>name=value</literal> format, and a <option>-N</option>
1012 flag to display only the name.</para>
1014 <para revision="233560">The &man.kldload.8; utility now supports a
1015 <option>-n</option> flag to ignore the error status when the
1016 specified module is already loaded.</para>
1018 <para revision="237738"><application>libedit</application> has
1019 been updated to a NetBSD snapshot as of 28 December,
1022 <para revision="236523">&man.libmap.conf.5; now supports
1023 <literal>include</literal> and <literal>includedir</literal>
1024 directives. They allow to include specified files for the
1025 configuration.</para>
1027 <para revision="234372">Lock handling performance in the
1028 <application>libthr</application> pthread library has been
1029 improved. It now works 10 times faster especially under the
1030 condition that a mutex is heavily contested.</para>
1032 <para revision="235798">A new C++ stack has been imported. This
1033 consists of <application>libcxxrt</application>, originally
1034 developed by a &os; developer under contract by PathScale and
1035 open sourced by the &os; and NetBSD foundations, and
1036 <application>libc++</application> from the LLVM project.
1037 <application>libcxxrt</application> is a drop-in replacement
1038 for GNU <application>libsupc++</application>, which implements
1039 the C++ runtime support for features such as run-time type
1040 information, dynamic casting, thread-safe static initializer,
1041 and exceptions. <application>libc++</application> implements
1042 the C++11 standard library, and will replace GNU
1043 <application>libstdc++</application> in a future release. In
1044 9.1-RELEASE, <application>libstdc++</application> is still
1045 installed as standard and now dynamically links against
1046 <application>libsupc++</application>. This allows libraries
1047 linking <application>libstdc++</application> and
1048 <application>libc++</application> to both be used in the same
1049 program, to aid migration.</para>
1051 <para revision="230919">The &man.limits.1; utility now supports
1052 a <option>-P <replaceable>pid</replaceable></option> option to
1053 control limits for the specified process.</para>
1055 <para revision="237731">The &man.pciconf.8; utility now supports a
1056 <option>-e</option> flag to display PCI error details in
1057 listing mode. When this is specified, the status of any error
1058 bits in the PCI status register and PCI-express device status
1059 register will be displayed. It also lists any errors
1060 indicated by version 1 of PCI-express Advanced Error Reporting
1063 <para revision="229710">The &man.procstat.1; utility now shows the
1064 superpage mapping flag when displaying process virtual memory
1067 <para revision="230917,230918">The &man.procstat.1; utility now
1068 supports an <option>-e</option> flag to display process
1069 environment variables, an <option>-x</option> flag to display
1070 ELF auxiliary vectors, and an <option>-l</option> flag to
1071 display resource limits.</para>
1073 <para revision="234535">A bug in the &man.remquo.3; functions
1074 where the quotient did not always have the correct sign when
1075 the remainder was <literal>0</literal>, and another bug that
1076 the remainder and quotient were both off by a bit in certain
1077 cases involving subnormal remainders, have been fixed. Note
1078 that these bugs affected all platforms except amd64 and
1081 <para revision="231579">The &man.rtld.1; run-time linker now
1082 supports GCC's RELRO (RElocation Read-Only). This prevents the
1083 GOT (Global Offset Table) from being overwritten.</para>
1085 <para revision="235396">The &man.rtld.1; run-time linker now
1086 supports a GNU hash section (<literal>DT_GNU_HASH</literal>),
1087 which is a replacement of optional ELF hash section.</para>
1089 <para revision="235139">The &man.setbuf.1; utility and
1090 <application>libstdbuf</application> library have been added.
1091 This controls the default buffering behavior of standard
1092 stdio streams.</para>
1094 <para revision="227702">The &man.top.1; utility now correctly
1095 supports per-thread I/O statistics of ZFS in the <option>-m
1096 io</option> option.</para>
1098 <para revision="234330">The &man.unzip.1; utility now supports a
1099 <option>-Z</option> option for zipinfo.</para>
1101 <para revision="235785">The &man.xlocale.3; API has been
1102 implemented. This consists of <literal>_l</literal>-suffixed
1103 versions of various standard library functions that use the
1104 global locale, making them take an explicit locale parameter
1105 and allowing thread-safe extended locale support. Most of
1106 these APIs are required for IEEE Std 1003.1-2008 (POSIX.1-2008
1107 or ISO/IEC 9945:2009) compatibility, and are required by
1108 <application>libc++</application> and recent versions of
1109 <application>GNOME</application>. This implementation also
1110 supports several extensions for compatibility with Apple
1111 <application>Darwin</application>.</para>
1113 <sect3 id="periodic-scripts">
1114 <title>&man.periodic.8; Scripts</title>
1116 <para revision="231721">A new variable
1117 <varname>daily_status_zfs_zpool_list_enable</varname> has
1118 been added. It controls whether or not to list all of the ZFS
1119 pools in <filename>periodic/daily/404.status-zfs</filename>.
1120 The default value is <literal>YES</literal>.</para>
1122 <para revision="229381">The default value of
1123 <varname>daily_scrub_zfs_default_threshold</varname> used in
1124 <filename>periodic/daily/800.scrub-zfs</filename> is now set
1128 <sect3 id="rc-scripts">
1129 <title>&man.rc.8; Scripts</title>
1131 <para revision="227607">The <filename>rc.d/nfsd</filename> script
1132 now sets the <varname>vfs.nfsd.server_max_nfsvers</varname>
1133 &man.sysctl.8; variable to <literal>4</literal> when
1134 <varname>nfsv4_server_enable</varname> is set to
1135 <literal>YES</literal>.</para>
1137 <para revision="242189">A backwards compatibility issue when
1138 both <literal>ipv6_enable=YES</literal> and
1139 <literal>ipv6_gateway_enable=YES</literal> are defined at
1140 the same time has been fixed.</para>
1144 <sect2 id="contrib">
1145 <title>Contributed Software</title>
1147 <para revision="241417"><application>ISC BIND</application> has
1148 been updated to version 9.8.3-P4.</para>
1150 <para revision="236018">The
1151 <application>compiler-rt</application> library, which provides
1152 low-level target-specific interfaces such as functions in
1153 <application>libgcc</application>, has been updated to
1154 revision 147467.</para>
1156 <para revision="237983"><application>file</application>
1157 (&man.file.1;) has been updated to version 5.11.</para>
1159 <para revision="230237">GNU &man.gperf.1; has been updated to
1160 version 3.0.3 (the latest GPLv2-licensed version).</para>
1162 <para revision="229588"><application>libarchive</application>,
1163 &man.bsdtar.1;, and &man.cpio.1; have been updated to version
1166 <para revision="236167">The <application>libpcap</application>
1167 library has been updated to 1.2.1.</para>
1169 <para revision="229551"><application>libstdc++</application>
1170 has been updated to revision 135556 of the
1171 <literal>gcc-4_2-branch</literal> (the last LGPLv2-licensed
1174 <para revision="236144">The <application>LLVM</application>
1175 compiler infrastructure and <application>clang</application>,
1176 a C language family front-end, version 3.1 have been imported.
1177 Note that it is not used for building the &os; base system by
1180 <para revision="235971">The <literal>netcat</literal> utility
1181 has been updated to version 5.1.</para>
1183 <para revision="237998"><application>OpenSSL</application> has
1184 been updated to version 0.9.8x.</para>
1186 <para revision="249865">The <application>sendmail</application>
1187 (&man.sendmail.8;) utility has been updated to version 8.14.7.</para>
1189 <para revision="236192">The <application>tcpdump</application>
1190 (&man.tcpdump.1;) utility has been updated to version 4.2.1.</para>
1192 <para revision="232633">The <application>TENEX C
1193 shell</application> (&man.tcsh.1;) has been updated to version
1196 <para revision="233447">The <application>timezone</application>
1197 database has been updated to the
1198 <application>tzdata2012a</application> release.</para>
1200 <para revision="237691">The <application>zlib</application>
1201 library has been updated to version 1.2.7.</para>
1205 <title>Release Engineering and Integration</title>
1207 <para>The supported version of the
1208 <application>KDE</application> desktop environment (<filename
1209 role="package">x11/kde4</filename>) has been updated to
1212 <para revision="234055" arch="powerpc">Issues where the &os;
1213 installation CDROM image caused a panic, and was not
1214 recognized on OpenBIOS-based environments like QEMU, have been
1219 <sect1 id="upgrade">
1220 <title>Upgrading from previous releases of &os;</title>
1223 <title>Upgrading using &man.freebsd-update.8; or a source-based
1226 <para arch="amd64,i386">Beginning with &os; 6.2-RELEASE, binary
1227 upgrades between RELEASE versions (and snapshots of the
1228 various security branches) are supported using the
1229 &man.freebsd-update.8; utility. The binary upgrade procedure
1230 will update unmodified userland utilities, as well as an
1231 unmodified <filename>GENERIC</filename> kernel, distributed as
1232 a part of an official &os; release. The
1233 &man.freebsd-update.8; utility requires that the host being
1234 upgraded have Internet connectivity.</para>
1236 <para>Source-based upgrades (those based on recompiling the &os;
1237 base system from source code) from previous versions are
1238 supported using to the instructions in
1239 <filename>/usr/src/UPDATING</filename>.</para>
1241 <para>For more specific information about upgrading
1242 instructions, see <ulink
1243 url="http://www.FreeBSD.org/releases/9.1R/installation.html"></ulink>.</para>
1246 <para>Upgrading &os; should, of course, only be attempted
1247 after backing up <emphasis>all</emphasis> data and
1248 configuration files.</para>
1253 <title id="upgrade-pitfalls">User-visible incompatibilities</title>
1255 <para>FreeBSD 9.0 and later have several incompatibilities in
1256 system configuration which you might want to know before
1257 upgrading your system. <emphasis>Please read this section and
1259 url="http://www.freebsd.org/releases/9.0R/relnotes-detailed.html#UPGRADE">Upgrading
1260 Section in 9.0-RELEASE Release Notes</ulink> carefully before
1261 submitting a problem report and/or posting a question to the
1262 FreeBSD mailing lists.</emphasis></para>