1 <!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook V4.1-Based Extension//EN" [
2 <!ENTITY % articles.ent PUBLIC "-//FreeBSD//ENTITIES DocBook FreeBSD Articles Entity Set//EN">
5 <!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN">
11 <title>&os; &release.current; Release Notes</title>
13 <corpauthor>The &os; Project</corpauthor>
15 <pubdate>$FreeBSD$</pubdate>
19 <holder role="mailto:doc@FreeBSD.org">The &os; Documentation Project</holder>
22 <legalnotice id="trademarks" role="trademarks">
32 <para>The release notes for &os; &release.current; contain a summary
33 of the changes made to the &os; base system on the
34 &release.branch; development line.
35 This document lists applicable security advisories that were issued since
36 the last release, as well as significant changes to the &os;
38 Some brief remarks on upgrading are also presented.</para>
43 <title>Introduction</title>
45 <para>This document contains the release notes for &os;
47 describes recently added, changed, or deleted features of &os;.
48 It also provides some notes on upgrading
49 from previous versions of &os;.</para>
51 <![ %release.type.current [
53 <para>The &release.type; distribution to which these release notes
54 apply represents the latest point along the &release.branch; development
55 branch since &release.branch; was created. Information regarding pre-built, binary
56 &release.type; distributions along this branch
57 can be found at <ulink url="&release.url;"></ulink>.</para>
61 <![ %release.type.snapshot [
63 <para>The &release.type; distribution to which these release notes
64 apply represents a point along the &release.branch; development
65 branch between &release.prev; and the future &release.next;.
67 pre-built, binary &release.type; distributions along this branch
68 can be found at <ulink url="&release.url;"></ulink>.</para>
72 <![ %release.type.release [
74 <para>This distribution of &os; &release.current; is a
75 &release.type; distribution. It can be found at <ulink
76 url="&release.url;"></ulink> or any of its mirrors. More
77 information on obtaining this (or other) &release.type;
78 distributions of &os; can be found in the <ulink
79 url="&url.books.handbook;/mirrors.html"><quote>Obtaining
80 &os;</quote> appendix</ulink> to the <ulink
81 url="&url.books.handbook;/">&os;
82 Handbook</ulink>.</para>
86 <para>All users are encouraged to consult the release errata before
87 installing &os;. The errata document is updated with
88 <quote>late-breaking</quote> information discovered late in the
89 release cycle or after the release. Typically, it contains
90 information on known bugs, security advisories, and corrections to
91 documentation. An up-to-date copy of the errata for &os;
92 &release.current; can be found on the &os; Web site.</para>
97 <title>What's New</title>
99 <para>This section describes the most user-visible new or changed
100 features in &os; since &release.prev;.</para>
102 <para>Typical release note items document recent security
103 advisories issued after &release.prev;, new drivers or hardware
104 support, new commands or options, major bug fixes, or
105 contributed software upgrades. They may also list changes to
106 major ports/packages or release engineering practices. Clearly
107 the release notes cannot list every single change made to &os;
108 between releases; this document focuses primarily on security
109 advisories, user-visible changes, and major architectural
112 <sect2 id="security">
113 <title>Security Advisories</title>
115 <para>Problems described in the following security advisories have
116 been fixed. For more information, consult the individual
117 advisories available from
118 <ulink url="http://security.FreeBSD.org/"></ulink>.</para>
120 <informaltable frame="none" pgwide="0">
122 <colspec colwidth="1*">
123 <colspec colwidth="1*">
124 <colspec colwidth="3*">
127 <entry>Advisory</entry>
135 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-10:08.bzip2.asc"
136 >SA-10:08.bzip2</ulink></entry>
137 <entry>20 September 2010</entry>
138 <entry><para>Integer overflow in bzip2 decompression</para></entry>
140 <!-- XXX: not for 8.2
142 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-10:09.pseudofs.asc"
143 >SA-10:09.pseudofs</ulink></entry>
144 <entry>10 October 2010</entry>
145 <entry><para>Spurious mutex unlock</para></entry>
149 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-10:10.openssl.asc"
150 >SA-10:10.openssl</ulink></entry>
151 <entry>29 November 2010</entry>
152 <entry><para>OpenSSL multiple vulnerabilities</para></entry>
160 <title>Kernel Changes</title>
162 <para arch="ia64" revision="209326">The maximum number of pages
163 used for DMA bounce buffer pool has been increased from 256 to
166 <para arch="powerpc" revision="209765">The default value of
167 <varname>kern.hz</varname> has been increased from 100 to
170 <para arch="powerpc" revision="209767">The SMP kernel now works on
171 MPC7400-based Apple desktop machines such as
174 <para arch="powerpc" revision="211593">&os;/powerpc now supports
175 DMA bounce buffer which is required on systems with larger RAM
178 <para arch="mips" revision="215938">&os;/mips support has been
179 improved. It now supports SMP on a SWARM with a dual-core
180 Sibyte processor.</para>
182 <para arch="mips">&os;/mips now supports Netlogic Microsystems'
183 XLR and XLS multi-core processor families.</para>
185 <para arch="sparc64" revision="215598">&os;/sparc64 now supports
186 reservation-based physical memory allocation which provides
187 better performance.</para>
189 <para arch="amd64" revision="214620">&os;/amd64 now always sets
190 the KVA space as equal to or larger than physical memory size.
191 The default size was calculated based on one-third of the
192 physical memory size by a code derived from one for i386. It
193 has been changed because constraints for memory space are not
194 severe on amd64 and this change would help to prevent a
195 <quote>kmem_map too small</quote> panic which often occurs
196 when using ZFS.</para>
198 <para arch="amd64,i386" revision="214621">CPU topology detection
199 for Intel CPUs has been improved.</para>
201 <para arch="amd64,i386" revision="215513">ACPI suspend/resume
202 functionality support has been improved.</para>
204 <para arch="amd64,i386" revision="215513">&os; kernel now
205 supports <function>kern_fpu_enter()</function> and
206 <function>kern_fpu_leave()</function> KPIs which allow the
207 kernel subsystems to use XMM register files used in Intel SSE
208 (Streaming SIMD Extensions).</para>
210 <para arch="amd64,i386,ia64" revision="215006">The &man.acpi.4;
211 driver now uses ACPI Reset Register capability by default only
212 when a flag in the FADT which indicates it is available. This
213 behavior was controlled by a &man.sysctl.8; variable
214 <varname>hw.acpi.handle_reboot</varname> and the default value
215 was always set to <literal>0</literal>.</para>
217 <para arch="amd64,i386,ia64" revision="215521">The &man.acpi.4;
218 driver now supports new loader tunables
219 <varname>hw.acpi.install_interface</varname> and
220 <varname>hw.acpi.remove_interface</varname>. For more
221 details, see &man.acpi.4; manual page.</para>
223 <para revision="209692">The &man.ddb.8; kernel debugger now
224 supports an optional delay in <command>reset</command> and
225 <command>reboot</command> commands. This allows an
226 administrator to break the system into debugger and trigger
227 automatic textdump when an unattended panic occurs.</para>
229 <para revision="212230">The &man.ddb.8; kernel debugger now
230 supports a <command>show cdev</command> command. This
231 displays the list of all created cdev's, consisting of devfs
232 node name and struct cdev address.</para>
234 <para revision="214326">The &os; <filename>GENERIC</filename>
235 kernel is now compiled with <option>KDB</option> and
236 <option>KDB_TRACE</option> options. From 8.2-RELEASE the
237 kernel supports displaying a stack trace on panic by using
238 &man.stack.9; facility with no debugger backend like
239 &man.ddb.8;. Note that this does not change the default
240 behaviors of the <filename>GENERIC</filename> kernel on
243 <para revision="213554,213556,213560">The following
244 &man.sysctl.8; variables are also now loader tunables:
245 <varname>vm.kmem_size</varname>,
246 <varname>vm.kmem_size_max</varname>, and
247 <varname>vm.kmem_size_min</varname>,
248 <varname>debug.kdb.stop_cpus</varname>,
249 <varname>debug.trace_on_panic</varname>, and
250 <varname>kern.sync_on_panic</varname>. Also, new
251 &man.sysctl.8; variables <varname>vm.kmem_map_size</varname>
252 for the current kmem map size and
253 <varname>vm.kmem_map_free</varname> for largest contiguous
254 free range in kmem map, <varname>vfs.ncsizefactor</varname>
255 for size factor for namecache, and
256 <varname>vfs.ncnegfactor</varname> for ratio of negative
257 namecache entries have been added.</para>
259 <para revision="212427">The &os; &man.memguard.9; framework has
260 been improved to make it able to detect use-after-free of
261 allocated memories over a longer time. For more details, see
262 &man.memguard.9; manual page.</para>
264 <para revision="214756"><literal>PT_LWPINFO</literal> request to
265 obtain information about the kernel thread that caused the
266 traced process to stop in the &man.ptrace.2; process tracing
267 and debugging facility has been improved. It now reports
268 system call entry and leave events, as well as availability of
269 <varname>siginfo_t</varname> accompanying the reported
272 <para revision="214254">The &os; &man.crypto.4; framework
273 (opencrypto) now supports XTS-AES (XEX-TCB-CTS, or XEX-based
274 Tweaked Code Book mode with CipherText Stealing), which is
275 defined in IEEE Std. 1619-2007.</para>
277 <para arch="amd64" revision="215788">Xen HVM support in
278 &os;/amd64 kernel has been improved. For more details, see
279 &man.xen.4; manual page.</para>
281 <para arch="amd64,i386" revision="214784">The qpi(4) pseudo bus
282 driver has been added. This supports extra PCI buses on Intel
283 QPI chipsets where various hardware such as memory controllers
284 for each socket is connected.</para>
287 <title>Boot Loader Changes</title>
289 <para revision="213994">&os; now fully supports GPT (GUID
290 Partition Table). Checksums of primary header and primary
291 partition table are verified properly now.</para>
293 <para arch="powerpc" revision="215919,215920">Memory
294 management issues which prevents &os; OpenFirmware loader
295 and netbooting from working have been fixed.</para>
297 <para revision="212717">The &man.pxeboot.8; now uses NFS
298 version 3 instead of version 2 by default.</para>
302 <title>Hardware Support</title>
304 <para arch="amd64,i386" revision="215633">The &man.aesni.4;
305 driver, which supports AES accelerator on Intel CPUs has
306 been added. This accelerates AES operations for
307 &man.crypto.4;.</para>
309 <para arch="amd64,i386" revision="210476">The &man.aibs.4;
310 driver has been added. This supports the hardware sensors
311 in ASUS motherboards and replaces the &man.acpi.aiboost.4;
314 <para arch="amd64,i386" revision="211914">The &man.coretemp.4;
315 driver now supports Xeon 5500/5600 series.</para>
317 <para arch="powerpc" revision="215694">&os;/powerpc now
318 supports I2C bus in Apple System Management Unit.</para>
320 <para arch="powerpc" revision="215695">A device driver which
321 supports CPU temperature sensors on PowerMac 11,2 has been
324 <para revision="215482">The &man.ehci.4;, &man.ohci.4;, and
325 &man.uhci.4; driver now support LOW speed BULK transfer
328 <para arch="amd64,i386" revision="209952">The &man.ichwd.4;
329 driver now supports Intel NM10 Express chipset watchdog
332 <para revision="215036">The &man.tpm.4; driver, which supports
333 Trusted Platform Module has been added.</para>
335 <para revision="215944">The xhci(4) driver, which supports
336 Extensible Host Controller Interface (xHCI) and USB 3.0 has
340 <title>Multimedia Support</title>
342 <para>The &os; Linux emulation subsystem now supports
343 video4linux API. This requires native video4linux
344 hardware drivers such as the ones provided by <filename
345 role="ports">multimedia/pwcbsd</filename> and <filename
346 role="ports">multimedia/webcamd</filename>.</para>
348 <para revision="215483">MIDI input buffer size in the
349 &man.uaudio.4; driver has been changed. This fixes a
350 problem where the input appears several seconds
353 <para revision="215484">An issue in the &man.uaudio.4;
354 driver which prevents some USB audio devices from working
355 has been fixed.</para>
359 <title>Network Interface Support</title>
361 <para revision="212021">The &man.alc.4; driver now supports
362 Atheros AR8151/AR8152 PCIe Gigabit/Fast Ethernet
365 <para revision="215003">A bug in the &man.alc.4; driver
366 which can lead to a system freeze when the system is
367 booted without a cable plugged in has been fixed. The
368 symptom was found in AR8132 on EEE PC.</para>
370 <para revision="212011">The TX interrupt moderation timer in
371 the &man.alc.4; driver has been reduced from 50ms to 1ms.
372 The 50ms timer resulted in a poor UDP performance.</para>
374 <para revision="214297,214298,214301">The &man.axe.4; driver
375 has been improved for stability and better performance on
376 the TX packet rate.</para>
378 <para revision="214997">The &man.bge.4; driver now supports
379 BCM5718 family. This family is the successor to the
380 BCM5714/BCM5715 family and supports IPv4/IPv6 checksum
381 offloading, TSO, VLAN hardware tagging, jumbo frames,
382 MSI/MSIX, IOV, RSS and TSS. The current version of the
383 driver supports all hardware features except IOV and
386 <para revision="211367">A bug in the &man.bge.4; driver which
387 prevents TSO in BCM57780 from working has been
390 <para revision="214700">A bug in the &man.bge.4; driver
391 which can wrongly disable the TX checksum offloading
392 feature as well when one tries only the RX checksum
393 offloading has been fixed.</para>
395 <para revision="214714">Some improvements for reliability of
396 the &man.bge.4; driver with BCM5906 controller has been
399 <para revision="214698">The &man.bge.4; driver now supports
400 hardware MAC statistics in controller's internal memory
401 for BCM5705 or newer Broadcom controllers. These counters
402 can be accessed via &man.sysctl.8; variable
403 <varname>dev.bge.<replaceable>N</replaceable>.stats.*</varname>
404 and provide useful information to diagnose driver
407 <para revision="213109">UDP checksum offloading in the
408 &man.bge.4; driver has been disabled by default. This is
409 because Broadcom controllers have a bug which can generate
410 UDP datagrams with checksum value <literal>0</literal>
411 when TX UDP checksum offloading is enabled. The checksum
412 offloading can be enabled by using the following loader
415 <programlisting>dev.bge.<replaceable>N</replaceable>.forced_udpcsum</programlisting>
417 <para revision="213593">A bug in the &man.bge.4; driver
418 which can lead to poor performance on a system with RAM
419 larger than 4GB has been fixed. The cause was that all of
420 Broadcom controllers except for BCM5755 and later has 4GB
421 boundary DMA bug and the inefficient use of bounce
424 <para revision="212275">The &man.bwi.4; driver, which supports
425 Broadcom BCM430* and BCM431* family Wireless Ethernet
426 controllers, has been added. This is not compiled into
427 the <filename>GENERIC</filename> kernel because there are
428 some problems. The kernel module
429 <filename>if_bwi.ko</filename> is available and can be
430 loaded without recompiling the kernel to enable this
433 <para revision="212274">A bug in the &man.bwn.4; driver which
434 prevents WPA authentication from working has been
437 <para revision="215499">A bug in the &man.cdce.4; driver has
440 <para revision="211848">The &man.cxgb.4; driver now supports
441 the following new &man.sysctl.8; variables:
442 <varname>hw.cxgb.nfilters</varname> sets the maximum
443 number of entries in the hardware filter table,
444 <varname>dev.cxgbc.<replaceable>N</replaceable>.pkt_timestamp</varname>
445 provides packet timestamp instead of connection hash, and
446 <varname>dev.cxgbc.<replaceable>N</replaceable>.core_clock</varname>
447 provides the core clock frequency in kHz.</para>
449 <para>The &man.em.4; driver has been updated to version
452 <para>The &man.igb.4; driver has been updated to version
455 <para revision="209309">The &man.em.4; and &man.igb.4; drivers
456 now provide statistics counters as &man.sysctl.8; MIB
459 <para revision="211241">The &man.em.4; and &man.igb.4; drivers
460 now support &man.led.4; interface via
461 <filename>/dev/led/em<replaceable>N</replaceable></filename>
463 <filename>/dev/led/igb<replaceable>N</replaceable></filename>
464 for identification LED control. The following command
465 line makes the LED blink on <literal>em0</literal>:</para>
467 <screen>&prompt.root; echo f2 > /dev/led/em0</screen>
469 <para revision="212150">The &man.epair.4; virtual Ethernet
470 interface driver now supports explicit UP/DOWN linkstate.
471 This fixes an issue when it is used with the &man.carp.4;
474 <para revision="214717">The &man.fxp.4; driver now supports
475 TSO over VLAN on i82550 and i82551 controllers.</para>
477 <para revision="210673">The &man.iwn.4; driver now supports
478 Intel Wireless WiFi Link 6000 series. The firmware has
479 been updated to version 9.221.4.1.</para>
481 <para revision="212386">The &man.ixgbe.4;
482 driver is now also provided as a kernel module.</para>
484 <para revision="209308,215970,217593">The &man.ixgbe.4;
485 driver has been updated to version 2.3.8. It now supports
486 82599, better interrupt handling, hardware assist to LRO,
487 VM SRIOV interface, and so on.</para>
490 revision="211379,215881,215890,2105894,216002,216023,216029,216031,216033">The
491 &man.miibus.4; has been rewritten for the generic IEEE
492 802.3 annex 31B full duplex flow control support. The
493 &man.alc.4;, &man.bge.4;, &man.bce.4;, &man.cas.4;,
494 &man.fxp.4;, &man.gem.4;, &man.jme.4;, &man.msk.4;,
495 &man.nfe.4;, &man.re.4;, &man.stge.4;, and &man.xl.4;
496 drivers along with atphy(4), bmtphy(4), brgphy(4),
497 e1000phy(4), gentbi(4), inphy(4), ip1000phy(4), jmphy(4),
498 nsgphy(4), nsphyter(4), and &man.rgephy.4; have been
499 updated to support flow control via this facility.</para>
501 <para revision="212386">The &man.mwlfw.4;
502 driver is now also provided as a kernel module.</para>
504 <para revision="216054">A bug in the &man.mxge.4; driver
505 which prevents TSO from working has been fixed.</para>
507 <para revision="215456">The &man.nfe.4; driver now supports
508 WoL (Wake on LAN).</para>
510 <para revision="215218">The &man.re.4; driver now supports
511 64-bit DMA addressing for RTL810xE/RTL8168/RTL8111 PCIe
514 <para revision="215405">The &man.re.4; driver now supports
515 hardware interrupt moderation of TX completion interrupt
516 on RTL8169/RTL8168 controllers.</para>
518 <para revision="211377">The &man.rl.4; driver now supports WoL
519 (Wake on LAN) on RTL8139B or newer controllers.</para>
521 <para revision="215222">The &man.rl.4; driver now supports
522 reading hardware statistics counters by setting a
523 &man.sysctl.8; variable
524 <varname>dev.rl.<replaceable>N</replaceable>.stats</varname>
525 to <literal>1</literal>.</para>
527 <para revision="212039">The &man.rl.4; driver now supports a
528 device hint to change a way of register access. Although
529 some newer RTL8139 controllers support memory-mapped
530 register access, it is difficult to detect the support
531 automatically. For this reason the driver uses I/O
532 mapping by default and provides the following device hint.
533 If it is set to <literal>0</literal>, the driver uses
534 memory mapping for register access.</para>
536 <programlisting>hint.rl.<replaceable>N</replaceable>.prefer_iomap="0"</programlisting>
538 <para>Note that the default value is <literal>1</literal>.</para>
540 <para revision="214407">The &man.rl.4; driver has been
541 improved on interrupt handling. It now has better TX
542 performance under high RX load.</para>
544 <para revision="215216">A bug in the &man.sk.4; driver has
545 been fixed. It did not program the station address for
546 Yukon controllers and overriding the station address with
547 &man.ifconfig.8; was not possible.</para>
549 <para revision="211359">The &man.sk.4; driver now disable TX
550 checksum offloading by default. This is because some
551 revision of Yukon controller generates corrupted frames.
552 The checksum offloading can be enabled manually by using
553 <option>txcsum</option> option in the &man.ifconfig.8;
556 <para revision="212468,213612,213628">The &man.sis.4; driver
557 now works on all supported platforms. Some stability and
558 performance issues have also been fixed.</para>
560 <para revision="213637">The &man.sis.4; driver now supports
561 WoL (Wake on LAN) on NS DP8315 controller.</para>
563 <para revision="213626">A tunable
564 <varname>dev.sis.<replaceable>N</replaceable>.manual_pad</varname>
565 for the &man.sis.4; driver has been added. This controls
566 whether padding with 0x00 for short frames by software,
567 not the controller. The reason why this tunable has been
568 added is that NS DP83815/DP83816 pads them with 0xff
569 though RFC 1042 specifies it should be 0x00. The tunable
570 is disabled by default, which means padding with 0xff is
571 used because padding with 0x00 by software needs extra CPU
572 cycles. Setting a non-zero value enables the software
575 <para revision="211357">The &man.ste.4; driver now supports a
576 device hint to change a way of register access. Although
577 it uses memory-mapped register access by default, some old
578 IC Plus Corp (formerly Sundace) controllers are found
579 unstable. The following device hint makes the driver use
580 I/O mapping for register access:</para>
582 <programlisting>hint.ste.<replaceable>N</replaceable>.prefer_iomap="1"</programlisting>
584 <para revision="213120">The &man.xl.4; driver now supports
585 WoL (Wake on LAN). Note that not all controllers support
586 this functionality and some need an additional remote
591 <sect3 id="net-proto">
592 <title>Network Protocols</title>
594 <para revision="209783">The &man.alq.9; support is now
595 provided as a kernel module
596 <filename>alq.ko</filename>.</para>
598 <para revision="212738,216348">A bug in the &man.ipfw.4;
599 packet filter subsystem has been fixed. The &man.sysctl.8;
600 variable <varname>net.inet.ip.fw.one_pass</varname> did not
601 work for <literal>netgraph</literal> action and in-kernel
604 <para revision="215342">A new loader tunable
605 <varname>net.link.ifqmaxlen</varname> has been added. It
606 specifies the default value of send interface queue length.
607 The default value for this parameter is
608 <varname>50</varname>.</para>
610 <para revision="212742">A <literal>ngtee</literal> action in
611 the &man.ipfw.4; packet filter subsystem has been changed.
612 It no longer accepts a packet.</para>
614 <para revision="214108">A possible panic in the &man.ipfw.4;
615 pseudo interface for logging has been fixed.</para>
617 <para revision="209691">IPsec flow distribution has been
618 improved for more parallel processing.</para>
620 <para revision="209277">A bug in &os; IPv4 stack that a proxy
621 ARP entry cannot be added over &man.netgraph.4; interfaces
622 has been fixed.</para>
624 <para revision="211435">A bug in &os; IPv6 stack which prevents
625 an <option>-I</option> in the &man.ping6.8; utility from
627 <varname>net.inet6.ip6.use_defaultzone=1</varname> has been
630 <para revision="214111">The &man.lagg.4; interface now
631 supports a &man.sysctl.8; variable
632 <varname>net.link.lagg.failover_rx_all</varname>. This
633 controls whether to accept input packets on any link in a
634 failover lagg.</para>
636 <para revision="215869">The &man.ng.eiface.4; &man.netgraph.4;
637 node now supports VLAN-compatible MTU and an MTU size which
638 is larger than 1500.</para>
640 <para revision="212320">The &man.ng.ether.4; &man.netgraph.4;
641 node now supports interface transfer between multiple virtual
642 network stacks by &man.ifconfig.8; <command>vnet</command>
643 command. A &man.ng.ether.4; node associated with an network
644 interface is now destroyed and recreated when the network
645 interface is moved to another vnet.</para>
647 <para revision="209843">A new &man.netgraph.4; node
648 &man.ng.patch.4; has been added. This performs data
649 modification of packets passing through. Modifications are
650 restricted to a subset of C language operations on unsigned
651 integers of 8, 16, 32 or 64-bit size.</para>
653 <para revision="212905">An ICMP unreachable problem in the
654 &man.pf.4; packet filter subsystem when TSO support is
655 enabled has been fixed.</para>
657 <para revision="211538">A TCP bandwidth delay product window
658 limiting algorithm by a &man.sysctl.8; variable
659 <varname>net.inet.tcp.inflight.enable</varname> is now
660 disabled by default. It has been found that this algorithm
661 is inefficient on a fast network with smaller RTT than 10ms.
662 It had been enabled by default since 5.2-RELEASE, and then
663 had been disabled only if the RTT was lesser than 10ms since
664 7.0-RELEASE. Pluggable TCP congestion control algorithm
665 modules are planned to be added for the future
668 <para revision="211602">A bug in &os; TCP Path MTU discovery
669 which can lead to a wrong calculation for a smaller MTU than
670 256 octets has been fixed. Note that this bug does not
671 affect when MTU is equal to or larger than 256
674 <para revision="211870">The TCP initial window increase in RFC
675 3390 which can be controlled by a &man.sysctl.8; variable
676 <varname>net.inet.tcp.rfc3390</varname> now reduces the
677 congestion window to the restart window if a TCP connection
678 has been idle for one retransmit timeout or more. For more
679 details, see RFC 5681 Section 4.1.</para>
681 <para revision="214859">The &man.siftr.4;, Statistical
682 Information For TCP Research (SIFTR) kernel module has been
683 added. This is a facility that logs a range of statistics
684 on active TCP connections to a log file. It provides the
685 ability to make highly granular measurements of TCP
686 connection state, aimed at system administrators, developers
687 and researchers.</para>
689 <para revision="212319">&os; virtual network stack (vnet) now
690 supports IPv4 multicast routing.</para>
694 <title>Disks and Storage</title>
696 <para revision="211458">The &man.ahci.4; driver now disables NCQ
697 and PMP support on VIA VT8251 because they are unreliable
700 <para revision="211718">The &man.ahci.4; driver now uses 15
701 seconds for device reset timeout instead of 10 seconds
702 because some devices needs 10-12 seconds to spin up.</para>
704 <para revision="215825">The &man.arcmsr.4; driver
705 has been updated to version 1.20.00.19.</para>
707 <para revision="215173">The &man.ada.4; driver now supports a
708 new &man.sysctl.8; variable
709 <varname>kern.cam.ada.spindown_shutdown</varname> which
710 controls whether or not to spin-down disks when shutting
711 down if the device supports the functionality. The default
712 value is <literal>1</literal>.</para>
714 <para revision="210164">The &man.ata.4; driver
715 now supports limiting initial ATA mode for devices via
717 <varname>hint.<replaceable>devname</replaceable>.<replaceable>unit</replaceable>.dev<replaceable>N</replaceable
719 <varname>hint.<replaceable>devname</replaceable>.<replaceable>unit</replaceable>.mode</varname>.
720 The valid values are the same as ones supported in the
721 &man.atacontrol.8; and &man.camcontrol.8;.</para>
723 <para revision="210204">The &man.ata.4; driver now disables
724 cable status check on both of controller and device side
725 when the loader tunable
726 <varname>hw.ata.ata_dma_check_80pin</varname> is
727 <literal>0</literal>. The check on controller side was
728 performed regardless of this loader tunable.</para>
730 <para revision="215777">The &man.ata.4; driver now reports
731 SATA power management capabilities to &man.CAM.4; layer when
732 <option>ATA_CAM</option> is enabled. This allows a device
733 to initiate transitions if controller configured to accept
735 <varname>hint.ata.<replaceable>N</replaceable>.pm_level=1</varname>
738 <para revision="214671">The &man.ata.4; driver has been
739 improved on hotplugging and connection speed reporting
740 support for some Intel SATA controllers including ICH5 and
741 ICH8+ operating in legacy mode.</para>
743 <para revision="213291">An issue of device detection of
744 Serverworks K2 SATA controllers in the &man.ata.4; has been fixed.</para>
746 <para revision="214667">A bug in the &man.ata.4; driver which
747 prevents some Silicon Image chipsets from working on big
748 endian systems has been fixed.</para>
750 <para revision="214330">The &man.gconcat.8; GEOM class now
751 supports kernel crash dump. The dumping is performed to the
752 component where a dump partition begins.</para>
754 <para revision="214405">A bug in the &man.geli.8; GEOM class
755 on little endian platforms has been fixed. The metadata
756 version has been updated to <literal>4</literal> due to
759 <para revision="214405">The &man.geli.8; GEOM class now
760 supports a &man.sysctl.8; variable
761 <varname>kern.geom.eli.overwrites</varname>. This specifies
762 the number of times on-disk keys should be overwritten when
763 destroying them. The default value is
764 <literal>5</literal>.</para>
766 <para revision="214405">The &man.geli.8; GEOM class has been
767 improved for preventing the same encryption key from being
768 used in 2^20 blocks (sectors).</para>
770 <para revision="214405">The &man.geli.8; GEOM class now uses
771 XTS-AES mode by default.</para>
773 <para revision="214405">A &man.sysctl.8; variable
774 <varname>kern.geom.eli.debug</varname> now allows a value
775 <literal>-1</literal>. This means turn off any log messages
776 of the &man.geli.8; GEOM class.</para>
778 <para revision="210376">The &man.mpt.4; driver now supports
779 larger I/O sizes which the device and &man.CAM.4; subsystem
780 can support. This was limited to 64KB, and the number of
781 scatter/gather segments was limited to 33 on platforms with
784 <para revision="209404">The &man.twa.4;
785 driver has been updated. The version number is
790 <title>File Systems</title>
792 <para revision="214050">The &man.linprocfs.5; Linux process
793 file system now supports
794 <filename>proc/$$/environment</filename>.</para>
796 <para revision="212716">The &os; NFS client now supports a
797 kernel environment variable
798 <varname>boot.nfsroot.nfshandlelen</varname>. This lets the
799 diskless root file system on boot to use NFS version 3 and
800 the specified file handle length. If this variable is not
801 set, NFS version 2 is used.</para>
803 <para revision="212668">The ZFS on-disk format has been updated
804 to version 15.</para>
806 <para revision="212671">The ZFS metaslab code has been updated.
807 This provides a noticeable improvement on write speed,
808 especially on pools with less than 30% of free space. The
809 related OpenSolaris Bug IDs are 6826241, 6869229, 6918420,
812 <para revision="214013">The ZFS now supports offlining of log
813 devices. The related OpenSolaris Bug IDs are 6599442,
814 6726045, and 6803605.</para>
816 <para revision="212672">Performance improvements for the ZFS
817 have been imported from OpenSolaris. They include caching of
818 ACL permission checks, faster handling of &man.stat.2;,
819 mitigation of mutex lock contention. The related
820 OpenSolaris Bug IDs are 6802734, 6844861, 6848431, 6775100,
821 6827779, 6857433, 6860318, 6865875, 6867395, 6868276, and
824 <para revision="210541">The default value of
825 <varname>vfs.zfs.vdev.max_pending</varname> has been
826 decreased from 35 to 10 (OpenSolaris Bug ID is 6891731) to
827 improve latency.</para>
829 <para>Various bugs in the ZFS subsystem have been fixed. The
830 related OpenSolaris Bug IDs are: 6328632, 6396518, 6501037,
831 6504953, 6542860, 6551866, 6572357, 6572376, 6582163,
832 6586537, 6595194, 6596237, 6604992, 6621164, 6623978,
833 6633095, 6635482, 6664765, 6674216, 6696242, 6696858,
834 6702206, 6710376, 6713916, 6717022, 6722540, 6722991,
835 6737463, 6739487, 6739553, 6740164, 6745863, 6747596,
836 6747698, 6748436, 6755435, 6757430, 6758107, 6759986,
837 6759999, 6761100, 6761406, 6764124, 6765294, 6767129,
838 6769612, 6770866, 6774713, 6774886, 6775697, 6776104,
839 6776548, 6780491, 6784104, 6784108, 6785914, 6788152,
840 6788830, 6789318, 6790064, 6790345, 6790687, 6791064,
841 6791066, 6791071, 6791101, 6792134, 6792139, 6792884,
842 6793430, 6794136, 6794570, 6794830, 6797109, 6797118,
843 6798384, 6798878, 6799895, 6800184, 6800942, 6801507,
844 6801810, 6803343, 6803822, 6804954, 6807339, 6807765,
845 6809340, 6809683, 6809691, 6810367, 6815592, 6815893,
846 6816124, 6818183, 6821169, 6821170, 6822816, 6824006,
847 6824062, 6824968, 6826466, 6826468, 6826469, 6826470,
848 6826471, 6826472, 6827260, 6830237, 6830541, 6833162,
849 6833711, 6833999, 6834217, 6836714, 6836768, 6838062,
850 6838344, 6841321, 6843014, 6843069, 6843235, 6844069,
851 6844900, 6847229, 6848242, 6856634, 6857012, 6861983,
852 6862984, 6863610, 6870564, 6880764, 6882227, 6892298,
853 6898245, 6906110, 6906946, 6939941, 6950219, 6951024, and
858 <sect2 id="userland">
859 <title>Userland Changes</title>
861 <para revision="209267">The &man.arp.8; utility has been improved.
862 It now runs faster even when a single interface has a number
865 <para revision="214729">A bug in the &man.b64decode.1; which
866 prevents an <option>-r</option> option from handling arbitrary
867 breaks in a base64 encoded string has been fixed.</para>
869 <para revision="211723">The &man.calendar.1; utility now supports
870 repeating events which span multiple years, lunar events, and
873 <para revision="210915">The &man.dhclient.8; utility now reports a
874 reason for exiting and the 10-second period in which the
875 &man.dhclient.8; ignores routing messages has been changed to
876 start just after <filename>dhclient-script</filename> starts
877 instead of just after it finished. This change fixes a
878 symptom that &man.dhclient.8; silently exits under a certain
881 <para revision="214983">Userland support for the &man.dtrace.1;
882 subsystem has been added. This allows inspection of userland
883 software itself and its correlation with the kernel, thus
884 allowing a much better picture of what exactly is going on
885 behind the scenes. The &man.dtruss.1; utility has been added
886 and the <filename>libproc</filename> has been updated to
887 support the facility.</para>
889 <para revision="209362">The &man.du.1; utility now supports a
890 <option>-t <replaceable>threshold</replaceable></option>
891 option to display entries that exceeds the value of
892 <replaceable>threshold</replaceable>. If the value is
893 negative, it displays entries with a value less than the
894 absolute value of <replaceable>threshold</replaceable>.</para>
896 <para revision="215667">The &man.fdisk.8; utility now supports
897 partitions which are provided by &man.gjournal.8; or
898 &man.geli.8; GEOM class.</para>
900 <para revision="210567">The &man.gcore.1; utility now supports an
901 <option>-f</option> flag which forces a full dump of all the
902 segments except for the malformed ones.</para>
904 <para revision="214405">The &man.geli.8; utility now supports
905 <command>resize</command> subcommand to resize encrypted file
906 systems prior to growing it.</para>
908 <para revision="214405">The &man.geli.8; utility now supports
909 <command>suspend</command> and <command>resume</command>
910 subcommands. The <command>suspend</command> subcommand makes
911 &man.geli.8; devices wait for all in-flight I/O requests,
912 suspend new I/O requests, remove all &man.geli.8; sensitive
913 data from the kernel memory (like encryption keys) and will
914 wait for either <command>geli resume</command> or
915 <command>geli detach</command> command. For more
916 information, see &man.geli.8; manual page.</para>
918 <para revision="214405">The &man.geli.8; utility now checks the
919 metadata provider size strictly. If the check fails, the
920 provider is not attached. A new option <option>-f</option>
921 can override this behavior.</para>
923 <para revision="214405">The &man.geli.8; utility now supports
924 <option>-J <replaceable>newpassfile</replaceable></option> and
925 <option>-j <replaceable>passfile</replaceable></option>
926 options for loading passphrase from a file.</para>
928 <para revision="211938">The <function>gethost*()</function>,
929 <function>getnet*()</function>, and
930 <function>getproto*()</function> functions now set the errno
931 to <literal>ERANGE</literal> and the NSS backend terminates
932 with <literal>NS_RETURN</literal> when the result buffer size
935 <para revision="209497">The &man.gpart.8; utility now supports
936 <command>resize</command> command to resize partitions for all
937 schemes but EBR.</para>
939 <para revision="215941">The &man.gpart.8; utility now supports
940 <command>backup</command> and <command>restore</command>
941 subcommands to backup partition tables and restore
944 <para revision="213661">The &man.gpart.8; utility now handles
945 given geom/provider names with and without
946 <filename>/dev/</filename> prefix.</para>
948 <para revision="213684">The &man.gpart.8; utility now supports
949 an <option>-F</option> option for <command>force</command>
950 subcommand. This option force destroying of the partition
951 table even if it is not empty.</para>
953 <para revision="213684">The &man.gpart.8; utility now supports a
954 <command>recover</command> subcommand for GPT partition
955 tables. A corrupted GPT is now marked when the following
956 three types of corruption:</para>
960 <para>Primary GPT header or table is corrupted.</para>
964 <para>Secondary GPT header or table is corrupted.</para>
968 <para>Secondary GPT header is not located at the last LBA.</para>
972 <para>Any changes to the corrupted GPT table is not allowed
973 except for <command>destroy</command> and
974 <command>recover</command> subcommands.</para>
976 <para revision="213994">The &man.gpart.8; utility now supports
977 <literal>GPT_ENT_ATTR_BOOTME</literal>,
978 <literal>GPT_ENT_ATTR_BOOTONCE</literal>, and
979 <literal>GPT_ENT_ATTR_BOOTFAILED</literal> attributes in GPT.
980 The attribute keywords in the command line are
981 <literal>bootme</literal>, <literal>bootonce</literal>, and
982 <literal>bootfailed</literal> respectively.</para>
984 <para revision="215728">An issue in the &man.newfs.8; utility
985 has been fixed. A UFS1 file system created with 64KB
986 blocksize was incorrectly recognized as one with a broken
987 superblock. This is because &os; kernel checks UFS2
988 superblock at 64KB offset in the partition first, and UFS1
989 with 64KB blocksize has an alternative superblock at the same
990 location. For example, a file system created by
991 <command>newfs -U -O 1 -b 65536 -f 8192</command> could lead
992 to this symptom.</para>
994 <para revision="213049">The &man.hastd.8; utility now supports
995 <literal>SIGHUP</literal> for reloading the configuration
996 file. When <literal>SIGTERM</literal> or
997 <literal>SIGINT</literal> is received, the worker processes
1000 <para revision="212144">The &man.ifconfig.8; utility now check an
1001 invalid CIDR subnet notation more strictly. It wrongly
1002 accepted <literal>10.0.0.1/10.0.0.1</literal> as
1003 <literal>10.0.0.1/10</literal>.</para>
1005 <para revision="215237">An accuracy issue in the &man.jn.3; and
1006 &man.jnf.3; functions in <filename>libm</filename> has been
1009 <para revision="209284">Incorrect behaviors in stuttering
1010 sequences and reverse ranges in the &man.jot.1; utility have
1013 <para revision="213667">The <filename>libarchive</filename> and
1014 &man.tar.1; utility now support LZMA (Lempel-Ziv-Markov
1015 chain-Algorithm) compression format.</para>
1017 <para revision="215229">The &man.tar.1; utility now supports a
1018 blocksize which is up to <literal>8192</literal> (4MB) in the
1019 <option>-b <replaceable>blocksize</replaceable></option>
1022 <para revision="214442">A bug in the &man.lpr.1; utility which
1023 prevents it from working with some files on a ZFS file system
1024 has been fixed.</para>
1026 <para revision="213978">The <option>-p</option> option in the
1027 &man.mount.8; utility now displays <literal>rw</literal> mount
1028 option correctly as in the &man.fstab.5; format.</para>
1030 <para revision="213889">The &man.ncal.1; utility has been
1031 updated. The option <option>-b</option> has been replaced
1032 with <option>-C</option> and <option>-B
1033 <replaceable>number</replaceable></option>. Options
1034 <option>-3</option> to show previous, this and next month, and
1035 <option>-A <replaceable>number</replaceable></option> to show
1036 months after this month have been added. The option
1037 <option>-m <replaceable>N</replaceable>
1038 <replaceable>YYYY</replaceable></option> now prints only the
1039 month, not the whole year.</para>
1041 <para revision="211699">The &man.newsyslog.8; utility now supports
1042 an <option>-S <replaceable>pidfile</replaceable></option>
1043 option to override the default &man.syslogd.8; PID
1046 <para revision="215622">The &man.newsyslog.8; utility now
1047 supports a special log file name
1048 <literal><include></literal> for processing file
1049 inclusion. Globbing in the file name and circular dependency
1050 detection are supported. For more details, see
1051 &man.newsyslog.conf.5; manual page.</para>
1053 <para revision="213980">The &man.ntpd.8; utility is now compiled
1054 with shared memory reference clock driver. For example, GPS
1055 devices can be used as source of precise time via <filename
1056 role="ports">astro/gpsd</filename> in the Ports
1059 <para revision="212848">An off-by-one error in the &man.pax.1;
1060 utility when ustar file name is too long has been
1063 <para revision="209912">The &man.pkill.1; utility now supports
1064 an <option>-l</option> option which the &man.kill.1; utility
1067 <para revision="211098">The &man.pmcstat.8; utility now supports a
1068 file and a network socket as a top source. A new option
1069 <option>-O <replaceable>filename</replaceable></option>
1070 specifies to send log output to
1071 <replaceable>filename</replaceable>, and another new option
1072 <option>-R <replaceable>filename</replaceable></option>
1073 specifies to receive events from
1074 <replaceable>filename</replaceable>. For a socket, the
1075 <replaceable>filename</replaceable> is in a form of
1076 <replaceable>ipaddr:port</replaceable>. This allows top
1077 monitoring over TCP on a system with no local symbols, for
1080 <para revision="210089">The &man.pom.6; utility now
1081 supports a <option>-p</option> flag to print only the
1084 <para revision="212472">The &man.powerd.8; utility now supports
1085 an <option>-m <replaceable>freq</replaceable></option> and
1086 <option>-M <replaceable>freq</replaceable></option> to control
1087 the minimum and maximum frequency, respectively.</para>
1089 <para revision="213825">The &man.ruptime.1; utility now displays
1090 hostnames longer than 12 characters.</para>
1092 <para revision="215066">A behavior of the &man.sh.1; program
1093 when an <option>-u</option> option is specified has been
1094 changed. The special parameters <varname>$@</varname> and
1095 <varname>$*</varname> no longer cause an error when there are
1096 no positional parameters.</para>
1098 <para revision="210616">A bug in the &man.sh.1; program has been
1099 fixed. A <literal>SIGINT</literal> signal is now passed
1100 through from a child process if the shell is interactive and
1101 the job control is enabled. For example, aborting
1102 &man.sleep.1; command by Ctrl-C no longer display
1103 <literal>ok</literal> in the following command line:</para>
1105 <screen>&prompt.user; sleep 5; echo ok</screen>
1107 <para revision="210732">The &man.sh.1; program now supports a
1108 <command>bg</command> command consisting solely of
1109 redirections. For example:</para>
1111 <screen>&prompt.user; < /dev/null &</screen>
1113 <para revision="211536">The &man.sleep.1; utility now supports
1114 <literal>SIGINFO</literal> signal and reports the specified
1115 sleep time and the remaining time.</para>
1117 <para revision="213036,213038">The &man.tftp.1; and &man.tftpd.8;
1118 utilities have been improved for better interoperability and
1119 they now supports RFC 1350, 2347, 2348, 2349, and 3617.</para>
1121 <para revision="213899">A bug in <literal>[=]=]</literal>
1122 equivalent class handling in the &man.tr.1; utility has been
1123 fixed. A closing bracket immediately after
1124 <literal>[=</literal> was incorrectly treated as
1127 <para revision="210566">The &man.uname.1; utility now supports an
1128 <option>-o</option> flag as a synonym for the
1129 <option>-s</option> flag for compatibility with other
1132 <para revision="211060">Bugs in &man.vi.1; utility have been
1133 fixed. They include handling of <literal>^@</literal> and
1134 <literal>^C</literal> in insert mode when reading an ex
1137 <para revision="214345">The &man.watchdogd.8; program now set
1138 <literal>MADV_PROTECT</literal> memory flag onto themselves to
1139 protect from being terminated by the &os; kernel when
1140 available memory becomes short. This kind of process
1141 termination happens in a swap-intensive workload.</para>
1143 <para revision="209870">The <command>set sharenfs</command>
1144 command in the &man.zfs.8; utility now supports
1145 <option>sec</option> option.</para>
1147 <sect3 id="periodic-scripts">
1148 <title><filename>/etc/periodic</filename> Scripts</title>
1150 <para>A periodic script for <command>zfs scrub</command> has
1151 been added. For more details, see &man.periodic.conf.5;
1154 <para>A periodic script which can be used to find installed
1155 ports' files with mismatched checksum has been added. For more
1156 details, see &man.periodic.conf.5;</para>
1160 <sect2 id="contrib">
1161 <title>Contributed Software</title>
1163 <para>The <application>ACPI-CA</application> has been updated to
1166 <para revision="214287">The &man.ee.1; program has been updated
1167 to version 1.5.2.</para>
1169 <para><application>ISC BIND</application> has been updated to
1170 version 9.6-ESV-R4.</para>
1172 <para><application>netcat</application> has been updated to
1175 <para><application>OpenSSL</application> has been updated to
1176 version 0.9.8q.</para>
1178 <para>The <application>timezone</application> database has been
1179 updated to the <application>tzdata2010o</application>
1182 <para>The <application>xz</application> program has been updated
1183 from snapshot as of 12 April 2010 to 5.0.0 release</para>
1187 <title>Ports/Packages Collection Infrastructure</title>
1189 <para revision="215738">The &man.pkg.create.1; utility now supports LZMA
1190 (<application>xz</application>) compression. Note that the
1191 default is still <application>bzip2</application>.</para>
1195 <title>Release Engineering and Integration</title>
1197 <para revision="211007">The &man.sysinstall.8; utility now uses
1198 the following numbers for default and minimum partition sizes:
1199 1GB for <filename>/</filename>, 4GB for
1200 <filename>/var</filename>, and 1GB for
1201 <filename>/tmp</filename>.</para>
1203 <para revision="211009">The &man.sysinstall.8; utility now
1204 attempts to enable &man.getty.8; on a serial port when no VGA
1205 card on the system.</para>
1207 <para>The supported version of
1208 the <application>GNOME</application> desktop environment
1209 (<filename role="package">x11/gnome2</filename>) has been
1210 updated to 2.32.1.</para>
1212 <para>The supported version of
1213 the <application>KDE</application> desktop environment
1214 (<filename role="package">x11/kde4</filename>) has been
1215 updated to 4.5.5.</para>
1219 <sect1 id="upgrade">
1220 <title>Upgrading from previous releases of &os;</title>
1222 <para arch="amd64,i386">Upgrades between RELEASE versions (and
1223 snapshots of the various security branches) are supported using
1224 the &man.freebsd-update.8; utility. The binary upgrade
1225 procedure will update unmodified userland utilities, as well as
1226 unmodified GENERIC kernel distributed as a part of an
1227 official &os; release. The &man.freebsd-update.8; utility
1228 requires that the host being upgraded has Internet
1229 connectivity.</para>
1231 <para>An older form of binary upgrade is supported through the
1232 <command>Upgrade</command> option from the main
1233 &man.sysinstall.8; menu on CDROM distribution media. This type
1234 of binary upgrade may be useful on non-&arch.i386;,
1235 non-&arch.amd64; machines or on systems with no Internet
1236 connectivity.</para>
1238 <para>Source-based upgrades (those based on recompiling the &os;
1239 base system from source code) from previous versions are
1240 supported, according to the instructions in
1241 <filename>/usr/src/UPDATING</filename>.</para>
1244 <para>Upgrading &os; should, of course, only be attempted after
1245 backing up <emphasis>all</emphasis> data and configuration