2 <title>&os;/&arch; &release.current; Release Notes</title>
4 <corpauthor>The &os; Project</corpauthor>
6 <pubdate>$FreeBSD$</pubdate>
16 <holder role="mailto:doc@FreeBSD.org">The &os; Documentation Project</holder>
19 <legalnotice id="trademarks" role="trademarks">
29 <para>The release notes for &os; &release.current; contain a summary
30 of the changes made to the &os; base system on the
31 &release.branch; development line.
32 This document lists applicable security advisories that were issued since
33 the last release, as well as significant changes to the &os;
35 Some brief remarks on upgrading are also presented.</para>
40 <title>Introduction</title>
42 <para>This document contains the release notes for &os;
43 &release.current; on the &arch.print; hardware platform. It
44 describes recently added, changed, or deleted features of &os;.
45 It also provides some notes on upgrading
46 from previous versions of &os;.</para>
48 <![ %release.type.current [
50 <para>The &release.type; distribution to which these release notes
51 apply represents the latest point along the &release.branch; development
52 branch since &release.branch; was created. Information regarding pre-built, binary
53 &release.type; distributions along this branch
54 can be found at <ulink url="&release.url;"></ulink>.</para>
58 <![ %release.type.snapshot [
60 <para>The &release.type; distribution to which these release notes
61 apply represents a point along the &release.branch; development
62 branch between &release.prev; and the future &release.next;.
64 pre-built, binary &release.type; distributions along this branch
65 can be found at <ulink url="&release.url;"></ulink>.</para>
69 <![ %release.type.release [
71 <para>This distribution of &os; &release.current; is a
72 &release.type; distribution. It can be found at <ulink
73 url="&release.url;"></ulink> or any of its mirrors. More
74 information on obtaining this (or other) &release.type;
75 distributions of &os; can be found in the <ulink
76 url="&url.books.handbook;/mirrors.html"><quote>Obtaining
77 &os;</quote> appendix</ulink> to the <ulink
78 url="&url.books.handbook;/">&os;
79 Handbook</ulink>.</para>
83 <para>All users are encouraged to consult the release errata before
84 installing &os;. The errata document is updated with
85 <quote>late-breaking</quote> information discovered late in the
86 release cycle or after the release. Typically, it contains
87 information on known bugs, security advisories, and corrections to
88 documentation. An up-to-date copy of the errata for &os;
89 &release.current; can be found on the &os; Web site.</para>
94 <title>What's New</title>
96 <para>This section describes
97 the most user-visible new or changed features in &os;
99 In general, changes described here are unique to the &release.branch;
100 branch unless specifically marked as &merged; features.
103 <para>Typical release note items
104 document recent security advisories issued after
106 new drivers or hardware support, new commands or options,
107 major bug fixes, or contributed software upgrades. They may also
108 list changes to major ports/packages or release engineering
109 practices. Clearly the release notes cannot list every single
110 change made to &os; between releases; this document focuses
111 primarily on security advisories, user-visible changes, and major
112 architectural improvements.</para>
114 <sect2 id="security">
115 <title>Security Advisories</title>
117 <para>A temporary file vulnerability in &man.texindex.1;, which
118 could allow a local attacker to overwrite files in the context
119 of a user running the &man.texindex.1; utility, has been fixed.
120 For more details see security advisory <ulink
121 url="http://security.FreeBSD.org/advisories/FreeBSD-SA-06:01.texindex.asc">FreeBSD-SA-06:01.texindex</ulink>. &merged;</para>
123 <para>A temporary file vulnerability in the &man.ee.1; text
124 editor, which could allow a local attacker to overwrite files in
125 the context of a user running &man.ee.1;, has been fixed. For
126 more details see security advisory <ulink
127 url="http://security.FreeBSD.org/advisories/FreeBSD-SA-06:02.ee.asc">FreeBSD-SA-06:02.ee</ulink>. &merged;</para>
129 <para>Several vulnerabilities in the &man.cpio.1; utility have
130 been corrected. For more
131 details see security advisory <ulink
132 url="http://security.FreeBSD.org/advisories/FreeBSD-SA-06:03.cpio.asc">FreeBSD-SA-06:03.cpio</ulink>. &merged;</para>
134 <para>An error in &man.ipfw.4; IP fragment handling, which could
135 cause a crash, has been fixed. For more
136 details see security advisory <ulink
137 url="http://security.FreeBSD.org/advisories/FreeBSD-SA-06:04.ipfw.asc">FreeBSD-SA-06:04.ipfw</ulink>. &merged;</para>
139 <para>A potential buffer overflow in the IEEE 802.11 scanning code
140 has been corrected. For more
141 details see security advisory <ulink
142 url="http://security.FreeBSD.org/advisories/FreeBSD-SA-06:05.80211.asc">FreeBSD-SA-06:05.80211</ulink>. &merged;</para>
144 <para>Two instances in which portions of kernel memory could be
145 disclosed to users have been fixed. For more details see
146 security advisory <ulink
147 url="http://security.FreeBSD.org/advisories/FreeBSD-SA-06:06.kmem.asc">FreeBSD-SA-06:06.kmem</ulink>. &merged;</para>
149 <para>A logic bug in the IP fragment handling in &man.pf.4;, which
150 could cause a crash under certain circumstances, has been fixed.
151 For more details see security advisory <ulink
152 url="http://security.FreeBSD.org/advisories/FreeBSD-SA-06:07.pf.asc">FreeBSD-SA-06:07.pf</ulink>. &merged;</para>
154 <para>A logic bug in the NFS server code, which could cause a crash when
155 the server received a message with a zero-length payload, has been fixed.
156 For more details see security advisory <ulink
157 url="http://security.FreeBSD.org/advisories/FreeBSD-SA-06:10.nfs.asc">FreeBSD-SA-06:10.nfs</ulink>. &merged;</para>
159 <para>A programming error in the &man.fast.ipsec.4; implementation
160 results in the sequence number associated with a Security
161 Association not being updated, allowing packets to unconditionally
162 pass sequence number verification checks, has been fixed.
163 For more details see security advisory <ulink
164 url="http://security.FreeBSD.org/advisories/FreeBSD-SA-06:11.ipsec.asc">FreeBSD-SA-06:11.ipsec</ulink>. &merged;</para>
166 <para>A logic bug that could cause &man.opiepasswd.1; to allow an unprivileged
167 user to configure OPIE authentication for the root user under certain
168 circumstances, has been fixed.
169 For more details see security advisory <ulink
170 url="http://security.FreeBSD.org/advisories/FreeBSD-SA-06:12.opie.asc">FreeBSD-SA-06:12.opie</ulink>. &merged;</para>
172 <para>An asynchronous signal handling vulnerability in &man.sendmail.8;,
173 which could allow a remote attacker to execute arbitrary code with the
174 privileges of the user running sendmail, typically root, has been fixed.
175 For more details see security advisory <ulink
176 url="http://security.FreeBSD.org/advisories/FreeBSD-SA-06:13.sendmail.asc">FreeBSD-SA-06:13.sendmail</ulink>. &merged;</para>
178 <para arch="i386,amd64">An information disclosure issue found in the
179 &os; kernel running on 7th- and 8th-generation AMD processors
180 has been fixed. For more details see security advisory <ulink
181 url="http://security.FreeBSD.org/advisories/FreeBSD-SA-06:14.fpu.asc">FreeBSD-SA-06:14.fpu</ulink>. &merged;</para>
183 <para>A bug in &man.ypserv.8;, which effectively disabled the
184 <filename>/var/yp/securenets</filename> access control mechanism,
185 has been corrected. More details are available in security
187 <ulink url="http://security.FreeBSD.org/advisories/FreeBSD-SA-06:15.ypserv.asc">FreeBSD-SA-06:15.ypserv</ulink>. &merged;</para>
189 <para>A bug in the smbfs file system, which could allow an
190 attacker to escape out of &man.chroot.2 environments on an smbfs
191 mounted filesystem, has been fixed. For more details, see
193 <ulink url="http://security.FreeBSD.org/advisories/FreeBSD-SA-06:16.smbfs.asc">FreeBSD-SA-06:16.smbfs</ulink>. &merged;</para>
195 <para>A potential denial of service problem in &man.sendmail.8;
196 caused by excessive recursion which leads to stack
197 exhaustion when attempting delivery of a malformed
198 MIME message, has been fixed. For more details,
199 see security advisory <ulink
200 url="http://security.FreeBSD.org/advisories/FreeBSD-SA-06:17.sendmail.asc">FreeBSD-SA-06:17.sendmail</ulink>. &merged;</para>
202 <para>A potential buffer overflow condition in &man.sppp.4; has
203 been corrected. For more details, see security advisory
204 <ulink url="http://security.FreeBSD.org/advisories/FreeBSD-SA-06:18.ppp.asc">FreeBSD-SA-06:18.ppp</ulink>. &merged;</para>
208 <title>Kernel Changes</title>
210 <para>&man.acpi.4; now has basic support for the HPET time counter.</para>
212 <para>The &man.acpi.ibm.4; driver now supports setting the fan control
213 mode to manual or automatic, and adjusting the fan speed if the
214 fan control mode is manual. To enable manual control of the fan speed,
215 the sysctl variable <varname>dev.acpi_ibm.<replaceable>0</replaceable>.fan</varname>
216 needs to be set to zero (manual). This should only be used with
217 extreme precaution, as disabling automatic fan control might
218 overheat the hardware and lead to permanent damage.</para>
220 <para>The &man.apm.4; suspend/resume support has been improved.</para>
222 <para>Security event auditing is now supported in the &os; kernel,
223 and is enabled by the <literal>AUDIT</literal> kernel
224 configuration option. More information can be found in the
225 &man.audit.4; manual page.</para>
227 <para>The <literal>options COMPAT_43</literal> kernel
228 configuration option has been deemed unnecessary and has been
229 removed from <filename>GENERIC</filename> and related kernel
230 configurations. This change may result in a small performance
231 increase for some workloads.</para>
233 <para>The &man.ddb.4; debugger now provides the <literal>show lock</literal>
234 command. If the argument has a valid lock class,
235 this displays various information about the lock and calls a
236 new function pointer in lock_class (lc_ddb_show) to dump class-specific
237 information about the lock as well (such as the owner of a mutex or
238 xlock'ed sx lock). &merged;</para>
240 <para>The &man.ddb.4; debugger now provides the <literal>show sleepq</literal>
241 command. This takes a wait channel as an argument and looks
242 for a sleep queue associated with that wait channel.</para>
244 <para><filename>DEFAULTS</filename> kernel configuration files
245 for each platform have been added. These files contain
246 directives that are implicitly included in all kernel
247 configurations, and generally include basic, mandatory
248 functionality for each platform. &merged;</para>
250 <para>A bug in file descriptor handling such that a simple
251 <literal>close(0); dup(fd)</literal> sequence does not return
252 descriptor <literal>0</literal> in some cases, has been fixed.</para>
254 <para>The &man.firmware.9; subsystem has been added. This
255 subsystem provides a mechanism
256 to load binary data into the kernel via a specially crafted module.
259 <para>The &man.gdb.1; remote debugging interface now supports
260 copying console messages to a remote debugger instance.
261 To enable this, set <literal>debug.gdbcons="1"</literal>
262 in <filename>loader.conf</filename>, enter <literal>boot -d;
263 gdb; step</literal> from the loader prompt,
264 then attach &man.gdb.1; from a remote machine.
265 The sysctl variable <varname>debug.gdbcons</varname> can be
266 used to turn on/off this functionality.</para>
268 <para>&man.hwpmc.4; and &man.pmcstat.8; now support profiling
269 of dynamically loaded kernel modules and
270 shared objects loaded with &man.dlopen.3;.
271 &man.pmcstat.8; can now log over a network socket
272 to a remote host.</para>
274 <para>The &man.random.4; entropy device driver is now MPSAFE.
277 <para>&os; now supports concurrent &man.read.2;/&man.readv.2;
278 access to a file.</para>
280 <para>The experimental CORE process scheduler has been added,
281 enabled with the <literal>options SCHED_CORE</literal> kernel
282 configuration option. It is forked from the &man.sched.ule.4;
284 with a different algorithm for detecting an interactive process.
285 More information can be found in the &man.sched.core.4; manual
288 <para>The <literal>SIGCHLD</literal> signal queuing has been
289 added. For each child process whose status has been changed,
290 a <literal>SIGCHLD</literal> instance is queued. If the signal is still pending,
291 and the process changed status several times, the signal information
292 is updated to reflect the latest process status.
293 There is a loader tunable <varname>kern.sigqueue.queue_sigchild</varname>
294 which can control the behavior, setting it to zero disables the
295 <literal>SIGCHLD</literal> queuing feature.</para>
297 <para arch="amd64,i386">Instead of including all of physical
298 memory in a kernel crash dump, the kernel now defaults to dumping only pages that are
299 actively mapped into kernel virtual memory. A new
300 <varname>debug.minidump</varname> sysctl variable
301 can be used to turn off this behavior when set to zero. &merged;</para>
303 <para>A new sysctl variable <varname>kern.malloc_stats</varname>
304 has been added. This allows exporting of kernel malloc
305 statistics via a binary structure stream.</para>
307 <para>A new sysctl variable <varname>kern.forcesigexit</varname>
308 has been added. This forces a process
309 to sigexit if a trap signal is being held by the current thread or
310 ignored by the current process. It is enabled by default.</para>
312 <para arch="alpha">Support for Linux emulation on the Alpha
313 platform has been removed, due to the lack of a
314 <filename>linux_base</filename> port that both supports the
315 Alpha architecture and is in good working condition.</para>
317 <para>The pcvt(4) driver, an alternative to &man.syscons.4;,
318 has been removed, as it had fallen out of sync with the rest
319 of the kernel.</para>
321 <para>RedZone, a buffer corruption protection for the kernel &man.malloc.9;
322 facility has been implemented. This detects both buffer underflows and
323 overflows at runtime on &man.free.9; and &man.realloc.9;,
324 and prints backtraces from where memory was allocated and from where
325 it was freed. For more details, see the &man.redzone.9; manual page.</para>
327 <para>A new sysctl variable <varname>security.mac.biba.interfaces_equal</varname>
328 which makes all network interfaces be created with the label
329 <literal>biba/equal(equal-equal)</literal>, has been added.
330 This is useful where programs such as &man.dhclient.8; and &man.ppp.8;.
331 which initialize network interfaces do not have any labeling support.
332 This variable is set as <literal>0</literal> (disabled) by default.
335 <para>A new sysctl variable <varname>vm.zone_stats</varname>
336 has been added. This allows to export &man.uma.9; allocator
337 statistics via a binary structure stream.</para>
339 <para>The sysctl variable <varname>hw.pci.do_powerstate</varname>
340 has been changed from a boolean to a range.
341 <literal>0</literal> means no power management,
342 <literal>1</literal> means conservative power management which
343 any device class that has caused problems is added to the watch list,
344 <literal>2</literal> means aggressive power management where
345 any device class that is not fundamental to the system is added to the list,
346 and <literal>3</literal> means power them all down unconditionally.
347 The default is <literal>1</literal>.</para>
349 <para arch="ia64">The <filename>GENERIC</filename> kernel now enables
350 SMP support by default.</para>
352 <para>Sample kernel configuration files
353 <filename>src/sys/<replaceable>arch</replaceable>/conf/MAC</filename>
354 for the Mandatory Access Control framework have been added.</para>
356 <para><varname>POSIX_TIMERS</varname> support has been updated to 200112L.</para>
358 <para>An experimental support for POSIX message queue has been
361 <para>&os; now runs on the Xbox, whose architecture is nearly identical
362 to the i386. For details of the latest development, see
363 <ulink url="http://www.FreeBSD.org/platforms/xbox.html"></ulink>.
367 <title>Boot Loader Changes</title>
369 <para>A new option <option>-S</option>,
370 which allows setting the <filename>boot2</filename>
371 serial console speed in the <filename>/boot.config</filename>
372 file or on the <prompt>boot:</prompt> prompt line,
373 has been added.</para>
375 <para arch="i386,amd64">A new loader tunable
376 <varname>comconsole_speed</varname> to change
377 the serial console speed has been added.
378 If the previous stage boot loader requested a serial console,
379 then the default speed is determined from the current serial port
380 speed. Otherwise it is set to 9600 or the value of
381 the <literal>BOOT_COMCONSOLE_SPEED</literal> kernel option.
384 <!-- Above this line, order boot loader changes by keyword-->
386 <para arch="pc98">A bootable CDROM loader has been implemented
387 for the pc98 platform. &merged;</para>
389 <para arch="i386">A bug in the i386 boot loader, which could
390 cause filesystem corruption if
391 a <filename>nextboot.conf</filename> file was used and landed
392 after cylinder 1023, has been fixed.</para>
397 <title>Hardware Support</title>
399 <para>The &man.amdsmb.4; driver has been added. It provides
400 support for the AMD-8111 SMBus 2.0 controller. &merged;</para>
402 <para>The &man.cardbus.4;, &man.pccard.4;,
403 &man.pccbb.4;, and &man.exca.4; drivers are now buildable
404 as kernel modules.</para>
406 <para>An &man.acpi.dock.4; driver has been added to provide
407 support for controlling laptop docking station functions via
410 <para>The &man.acpi.thermal.4; driver now supports
411 passive cooling. &merged;</para>
413 <para>The &man.acpi.thermal.4; driver now supports overriding
414 the <literal>_PSV</literal>, <literal>_HOT</literal>, and
415 <literal>_CRT</literal> temperature values.</para>
417 <!-- The following note should remain MI (i.e. don't set arch="alpha") --
418 -- because the alpha docs will be disappearing at some point before --
420 <para>Support for the alpha architecture has been removed. Alpha
421 support will remain on the RELENG_5 and RELENG_6 codelines.</para>
423 <para>The &man.cardbus.4; driver now supports
424 <filename>/dev/cardbus<replaceable>%d</replaceable>.cis</filename>.</para>
426 <para arch="i386,pc98">The &man.ce.4; driver,
427 which supports Cronyx Tau-PCI/32 adapters, has been added.
430 <para>The <literal>est</literal> &man.cpufreq.4; driver now supports
431 frequency control for the VIA C7-M family of processors.</para>
433 <para>Support for the PadLock Security Co-processor in VIA C3,
435 processors has been added to the &man.crypto.9; subsystem.
436 More information can be found in the &man.padlock.4; manual
440 <para>A bug which prevented the &man.ichsmb.4; kernel module
441 from unloading has been fixed.</para>
443 <para arch="i386,amd64">Dual-core processors (such as the Intel
444 Core Duo) now have both cores available for use by
445 default in SMP-enabled kernels. &merged;</para>
447 <para arch="i386,amd64">&man.ipmi.4;, an OpenIPMI compatible driver,
449 OpenIPMI (Intelligent Platform Management Interface) is an open
450 standard designed to enable remote monitoring and control of server,
451 networking and telecommunication platforms. &merged;</para>
453 <para>The &man.kbdmux.4; driver has been integrated into &man.syscons.4; and
454 the <devicename>kbd</devicename> device driver.
455 By default &man.syscons.4; will look for the &man.kbdmux.4;
456 keyboard first, and then, if not found, look for any keyboard.
457 Switching to &man.kbdmux.4; can be done at boot time by loading
458 the <literal>kbdmux</literal> kernel module via &man.loader.8;,
459 or at runtime via &man.kldload.8; and releasing the active
460 keyboard. &merged;</para>
462 <para arch="amd64,i386">The &man.kbdmux.4; driver is now included in the
463 <filename>GENERIC</filename> kernel by default.
464 Also, the <quote>Boot FreeBSD with USB keyboard</quote>
465 menu item in the boot loader menu has been removed
466 since this fixes USB keyboard probing problems.
469 <para>The &man.nfsmb.4; driver, which supports the NVIDIA nForce
470 2/3/4 SMBus 2.0 controller, has been added. &merged;</para>
472 <para arch="ia64">The loader tunable <varname>debug.mpsafevfs</varname>
473 is set to <literal>1</literal> by default.</para>
475 <para>The &man.sab.4; driver has been removed (it has been
476 superceded by the &man.scc.4; driver).</para>
478 <para>The &man.scc.4; driver has been added.
479 This provides generic support for serial communications
480 controllers and delegates the control over each channel
481 and mode to a subordinate driver such as &man.uart.4;.</para>
483 <para arch="amd64">The smbios(4) driver support for amd64 has been
486 <para>The tnt4882(4) driver, which supports the National Instruments
487 PCI-GPIB card, has been added.</para>
489 <para arch="alpha,amd64,i386,ia64,sparc64">The &man.uart.4; driver has been included in the
490 <filename>GENERIC</filename> kernel by default.
491 When both &man.sio.4; and &man.uart.4; can handle a given serial port,
492 &man.sio.4; will claim it.</para>
494 <para>The &man.uart.4; driver now supports LOM (Lights Out Management)
495 and RSC (Remote System Control) devices as consoles.</para>
497 <para arch="i386">A new loader tunable
498 <varname>hw.apic.enable_extint</varname> has been added.
499 This tunable can be used to disable masking of the ExtINT pin on the first
500 I/O APIC. At least one chipset for the Intel Pentium III seems
501 to need this, even though all of the pins in the 8259As are masked.
502 The default is still to mask the ExtINT pin.</para>
504 <para arch="i386">Support has been improved for
505 so-called <quote>legacy-free</quote> hardware, in particular,
506 i386 systems without AT-style keyboard controllers such as the
507 Macbook Pro. &merged;</para>
510 <title>Multimedia Support</title>
512 <para>The &man.agp.4; driver now supports ATI AGP chipsets.
515 <para>The new midi(4) driver which is based on NetBSD's one
516 has been added. This supports &man.snd.cmi.4; and
517 &man.snd.emu10k1.4; drivers.</para>
519 <para>The &man.sound.4; driver now supports
520 wider range sampling rate, multiple precisions choice,
521 and 24/32 bit PCM format conversion. &merged;</para>
523 <para>The &man.snd.als4000.4; driver is now MPSAFE. &merged;</para>
525 <para>The &man.snd.atiixp.4; driver has been added.
526 This supports ATI IXP 200/300/400 series audio controllers. &merged;</para>
528 <para>The &man.snd.atiixp.4; driver now supports
529 suspend and resume features.</para>
531 <para>The &man.snd.cmi.4; driver is now MPSAFE.</para>
533 <para>The &man.snd.emu10kx.4; driver has been added. It
534 supports Creative SoundBlaster Live! and Audigy series sound
535 cards with optional pseudo-multichannel playback.</para>
537 <para>The &man.snd.envy24.4; driver has been added to support
538 the Envy24 series of audio chips.</para>
540 <para>The &man.snd.es137x.4; driver is now MPSAFE. &merged;</para>
542 <para>The &man.snd.ich.4; driver is now MPSAFE. &merged;</para>
544 <para>The &man.snd.solo.4; driver is now MPSAFE. &merged;</para>
546 <para>The &man.snd.via8233.4; driver is now MPSAFE. &merged;</para>
548 <para>The &man.snd.via82c686.4; driver is now MPSAFE. &merged;</para>
550 <para arch="amd64">The &man.speaker.4; driver now supports &os;/amd64. &merged;</para>
552 <para>The &man.uaudio.4; driver now supports 24/32 bit audio
553 formats and conversion.</para>
557 <title>Network Interface Support</title>
559 <para>The &man.ath.4; driver has been updated to
560 HAL version 0.9.17.2. &merged;</para>
562 <para arch="amd64,i386,pc98,sparc64">The &man.ath.4;, &man.ath.hal.4;, and
563 <literal>ath_rate_sample</literal> drivers have been
564 included in the <filename>GENERIC</filename> kernel by
565 default. &merged;</para>
567 <para arch="amd64,i386">The &man.bce.4; driver, which supports Broadcom
568 NetXtreme II (BCM5706/BCM5708) PCI/PCIe Gigabit Ethernet controllers,
569 has been added. For more details, see &man.bce.4;. &merged;</para>
571 <para>A bug which prevents the &man.bfe.4; driver from working
572 on a system with over 1GB RAM has been fixed. &merged;</para>
574 <para>The &man.bge.4; driver's Jumbo frame support is now MPSAFE.</para>
576 <para>The &man.bge.4; driver now supports big-endian
577 architectures such as sparc64.</para>
579 <para>The &man.bge.4; driver now supports &man.polling.4; mode.
582 <para>The &man.cm.4; driver is now MPSAFE.</para>
584 <para>The &man.dc.4; driver is now MPSAFE. &merged;</para>
586 <para>The &man.de.4; driver has been converted to the &man.bus.dma.9;
587 API and is now MPSAFE.</para>
589 <para>The &man.ed.4; driver is now MPSAFE.</para>
591 <para>The &man.el.4; driver has been removed due to lack of use.</para>
593 <para>The &man.em.4; driver now supports big-endian
594 architectures such as sparc64. &merged;</para>
596 <para>The &man.em.4; driver has been updated to
597 version 6.1.4 from Intel. Among other changes, it now supports
598 80003, 82571, 82571EB and 82572 based adapters, as well as
599 onboard-NICs on ICH8-based motherboards. &merged;</para>
601 <para>The &man.em.4; driver now includes
602 initial support for suspend and resume features.</para>
604 <para>The performance of the &man.em.4; driver has been improved
605 by using a fast interrupt handler and taskqueue
606 instead of ithread handler. This change can be disabled
607 by defining <literal>NO_EM_FASTINTR</literal> kernel option
608 for debugging purpose.</para>
610 <para>The &man.iwi.4; driver now supports big-endian
611 architectures such as sparc64.</para>
613 <para>A number of improvements and bugfixes have been made to the
614 functionality of the &man.iwi.4; driver. This driver now
615 requires the firmware image in the
616 <filename role="package">net/iwi-firmware-kmod</filename>
617 port/package; prior versions of this driver used the
618 <filename role="package">net/iwi-firmware</filename>
619 port/package. &merged;</para>
621 <para>The &man.le.4; driver, which supports AMD Am7900 LANCE
622 and Am79C9xx PCnet NICs,
623 has been added. While the &man.lnc.4; driver also supports these
624 NICs, this driver has several advantages over it such as
625 MPSAFE, ALTQ, VLAN_MTU, ifmedia, and 32-bit DMA for PCI
626 variants. This driver is based on NetBSD's implementation.
629 <para>The &man.lge.4; driver is now MPSAFE. &merged;</para>
631 <para>The lnc(4) driver has been removed. The &man.le.4; and
632 &man.pcn.4; drivers support all devices that were supported
635 <para>The &man.my.4; driver is now MPSAFE. &merged;</para>
637 <para>The &man.my.4; driver now supports &man.altq.4;. &merged;</para>
639 <para arch="i386,amd64">The &man.mxge.4; driver,
640 which supports Myricom Myri10GE 10 Gigabit Ethernet
641 adapters, has been added. For more details, see
644 <para>The &man.nfe.4; driver, an open-source driver for nForce
645 Ethernet devices, has been added, originally from
648 <para>The &man.nve.4; driver has been updated to version 1.0-0310
649 (23-Nov-2005). It also now has &man.altq.4; support. &merged;</para>
651 <para>The &man.pcn.4; driver is now MPSAFE. &merged;</para>
653 <para>The &man.re.4; driver now supports the D-Link DGE-528(T)
654 Gigabit Ethernet card.</para>
656 <para>The &man.sf.4; driver is now MPSAFE. &merged;</para>
658 <para>The &man.sk.4; driver is now MPSAFE. &merged;</para>
660 <para>The &man.ste.4; driver is now MPSAFE. &merged;</para>
662 <para>The &man.stge.4; driver has been added. It supports the
663 Sundance/Tamarack TC9021 Gigabit Ethernet controller and was
664 ported from NetBSD. &merged;</para>
666 <para>The &man.ti.4; driver now supports big-endian
667 architectures such as sparc64.</para>
669 <para>The &man.ufoma.4; driver for
670 FOMA (third generation mobile phone system by NTT DoCoMo, Inc.
671 in Japan) has been added.
672 This should support other third generation mobile phones
673 since the driver is based on USB Implementation Guideline
674 from MCPC (Mobile Computing Promotion Consortium) in Japan.</para>
676 <para>The vgapci(4) driver has been added. This is a stub
677 device driver for VGA PCI devices and serves as a bus
678 so that other drivers such as drm(4),
679 &man.acpi.video.4;, and &man.agp.4; can attach to
680 it thus allowing multiple drivers for the same device.</para>
682 <para>The &man.wi.4; driver is now buildable as
683 a kernel module.</para>
685 <para arch="amd64,i386,pc98">The &man.wlan.wep.4;,
686 &man.wlan.ccmp.4;, and &man.wlan.tkip.4; drivers
687 have been included in the <filename>GENERIC</filename>
688 kernel by default.</para>
690 <para>The network interface groups feature has been imported
691 from OpenBSD. This feature allows an administrator to, for
692 example, apply firewall rules to an entire group of
693 interfaces. More information can be found in
694 &man.ifconfig.8;.</para>
699 <sect3 id="net-proto">
700 <title>Network Protocols</title>
702 <para>The &man.arp.4; retransmission algorithm has been
703 rewritten so that ARP requests are retransmitted without
704 suppression, while there is demand for such ARP entry.
705 Due to this change, a sysctl variable
706 <varname>net.link.ether.inet.host_down_time</varname>
707 has been removed. &merged;</para>
709 <para>The &man.arp.4; protocol now supports a sysctl variable
710 <varname>net.link.ether.inet.log_arp_permanent_modify</varname>
711 to suppress logging of attempts to modify
712 permanent ARP entries. &merged;</para>
714 <para arch="amd64,i386,pc98">An experimental BPF Just-In-Time compiler
715 has been implemented for both &man.bpf.4; and &man.ng.bpf.4;.
717 <literal>options BPF_JITTER</literal> kernel option is needed.
718 The <varname>net.bpf_jitter.enable</varname>
719 can be used to disable this feature.</para>
721 <para>Multiple copies of a packet received via different
722 &man.bpf.4; listeners now all have identical
723 timestamps. &merged;</para>
725 <para>The bridge(4) driver has been removed from the tree. Its
726 functionality has been completely replaced by
727 &man.if.bridge.4;.</para>
729 <para>The &man.enc.4; IPsec filtering pseudo-device has been
730 added. It allows firewall packages using the &man.pfil.9;
731 framework to examine (and filter) IPsec traffic before
732 outbound encryption and after inbound decryption. &merged;</para>
734 <para>The &man.gre.4; driver, which is for GRE encapsulation
735 found in RFC 1701 and RFC 1702, now supports IPv6 over GRE.</para>
737 <para>The &man.if.bridge.4; driver now supports
738 creating SPAN ports, which transmit a copy of every frame
739 received by the bridge. This feature can be enabled
740 by using &man.ifconfig.8;. &merged;</para>
742 <para>The &man.if.bridge.4; driver now supports
743 RFC 3378 EtherIP. This change makes it possible to
744 add &man.gif.4; interfaces to bridges, which will then
745 send and receive IP protocol 97 packets.
746 Packets are Ethernet frames with an EtherIP header prepended.
749 <para>A hard-coded limit on the number of IPv4 multicast group
750 memberships (formerly 20) has been removed.</para>
752 <para>The path MTU discovery for multicast packets in the &os;
753 IPv6 stack has been disabled by default.
754 Path MTU notification from a large number of multicast routers
755 can be a kind of distributed Denial-of-Service attack to a router.
756 This feature can be re-enabled by using a new sysctl variable
757 <varname>net.inet6.ip6.mcast_pmtu</varname>. &merged;</para>
759 <para>The &man.ipfw.4; IP packet filter now supports IPv6. &merged;</para>
761 <para>The &man.ipfw.4; firewall system now supports substitution of the action
762 argument with the value obtained from table lookup,
763 which allows some optimization of rulesets.
764 This is now applicable only to <literal>pipe</literal>,
765 <literal>queue</literal>,
766 <literal>divert</literal>,
767 <literal>tee</literal>,
768 <literal>netgraph</literal>,
769 and <literal>ngtee</literal> rules. &merged;
770 For example, the following rules will throw different
771 packets to different pipes:</para>
773 <programlisting>pipe 1000 config bw 1000Kbyte/s
774 pipe 4000 config bw 4000Kbyte/s
775 table 1 add x.x.x.x 1000
776 table 1 add x.x.x.y 4000
777 pipe tablearg ip from table(1) to any</programlisting>
779 <para>The &man.ipfw.4; packet filter now supports
780 <literal>tag</literal> and <literal>untag</literal> rule keywords.
781 When a packet matches a rule with the <literal>tag</literal>
782 keyword, the numeric tag for the given number in the range
783 from 0 to 65535 will be attached to the packet.
784 The tag acts as an internal marker (it is not sent out over
785 the wire) that can be used to identify these packets later on,
786 for example, by using <literal>tagged</literal>
787 rule option. For more details, see &man.ipfw.8;.</para>
789 <para>The <literal>IPFIREWALL_FORWARD_EXTENDED</literal> kernel
790 option has been removed. This option was used to permit
791 &man.ipfw.4; to redirect packets with local destinations.
792 This behavior is now always enabled when
793 the <literal>IPFIREWALL_FORWARD</literal> kernel option is
794 enabled. &merged;</para>
796 <para>The ip6fw(8) packet filter has been removed. Since &man.ipfw.4; has gained
797 IPv6 support, it should be used instead. Please note that some rules might need
798 to be adjusted.</para>
800 <para>The &man.natm.4;, Native Mode ATM protocol layer is now MPSAFE.</para>
802 <para>The &man.ng.iface.4; Netgraph node now supports &man.altq.4;.
805 <para>A bug has been fixed in which NFS over TCP would not reconnect
806 when the server sent a FIN. This problem had occurred
807 with Solaris NFS servers. &merged;</para>
809 <para>The default retransmit timer for NFS over TCP is now 60 seconds.
810 This change prevents the unnecessary retransmission of
811 non-idempotent NFS requests. The <varname>nfs_access_cache</varname>
812 variable in &man.rc.conf.5; has also been changed to 60.</para>
814 <para>The default minimum number of nfsiod kernel threads
815 (&man.sysctl.8; variable <varname>vfs.nfs.iodmin</varname>)
816 has been changed from 4 to 0.</para>
818 <para>The sysctl variables <varname>net.inet.ip.portrange.reservedhigh</varname>
819 and <varname>net.inet.ip.portrange.reservedlow</varname>
820 can be used with IPv6 now. &merged;</para>
822 <para>A new sysctl variable <varname>net.inet.icmp.reply_from_interface</varname>
823 has been added. This allows the &man.icmp.4;
824 reply to non-local packets to be generated with
825 the IP address the packet came through in.
826 This is useful for routers to show in &man.traceroute.8;
827 the actual path a packet has taken instead of
828 the possibly different return path.</para>
830 <para>A new sysctl variable <varname>net.inet.icmp.quotelen</varname>
831 has been added. This allows to change length of
832 the quotation of the original packet in an ICMP reply.
833 The minimum of 8 bytes is internally enforced.
834 The maximum quotation is the remaining space in the
835 reply mbuf. This option is added in response to the
837 <filename>draft-gont-icmp-payload-00.txt</filename>.</para>
839 <para>The &man.icmp.4; now always quotes the entire TCP header
840 when responding and allocate an mbuf cluster if needed.
841 This change fixes the TCP issues raised in I-D
842 <filename>draft-gont-icmp-payload-00.txt</filename>.</para>
844 <para>A new socket option <literal>IP_MINTTL</literal> has been added.
845 This may be used to set the minimum acceptable
846 TTL a packet must have when received on a socket.
847 All packets with a lower TTL are silently dropped.
848 This works on already connected/connecting and
849 listening sockets for RAW, UDP, and TCP. This option
850 is only really useful when set to <literal>255</literal>, preventing packets
851 from outside the directly connected networks reaching
852 local listeners on sockets. Also, this option allows
853 userland implementation of <quote>The Generalized TTL
854 Security Mechanism (GTSM)</quote> found in RFC 3682.</para>
856 <para>Stealth forwarding now supports IPv6 as well as IPv4.
857 This behavior can be controlled by using a new sysctl variable
858 <varname>net.inet6.ip6.stealth</varname>.</para>
860 <para>The <literal>IPV6_V6ONLY</literal> socket option
861 now works for UDP.</para>
863 <para>The TCP bandwidth-delay product limiting feature has
864 been disabled when the RTT is below a certain threshold.
865 This optimization does not make sense on a LAN, as it has
866 trouble figuring out the maximal bandwidth due to the coarse
867 tick granularity. A new sysctl variable
868 <varname>net.inet.tcp.inflight.rttthresh</varname> specifies
869 the threshold in milliseconds below which this feature
870 will disengage. It defaults to 10ms. &merged;</para>
874 <title>Disks and Storage</title>
876 <para>The &man.aac.4; driver now supports the Adaptec 2610SA SATA-RAID
877 controller in some Hewlett-Packard machines.</para>
879 <para>The performance of the &man.amr.4; driver has been improved;
880 it also now supports full 64-bit DMA. While this feature is
881 enabled by default, this can be forced off by setting the
882 <varname>hw.amr.force_sg32</varname> loader tunable for
886 <para>The &man.amr.4; driver now supports the &man.ioctl.2; requests
887 necessary for the Linux LSI MegaRaid tools in &os;'s Linux emulation
891 <para>The &man.ata.4; driver now supports a workaround
892 for some controllers whose DMA does not work properly
893 in 48bit mode. For affected controllers,
894 PIO mode will be used for access to areas beyond 137GB.
897 <para>The &man.ata.4; driver now supports the ITE IT8211F IDE controller,
898 and the Promise PDC40718 and PDC40719 chip found in Promise
902 <para>The &man.ata.4; driver now supports DMA for kernel crash dumps,
903 as well as crash dumping to an &man.ataraid.4; device.
906 <para>The &man.ata.4; driver now supports USB mass storage class
907 devices. To enable it, a line <literal>device atausb</literal>
908 in the kernel configuration file or loading the
909 <filename>atausb</filename> kernel module is needed.
910 Note that this functionality cannot coexist with the
911 &man.umass.4; driver.</para>
913 <para>The &man.ataraid.4; driver now supports
914 JMicron ATA RAID metadata. &merged;</para>
916 <para>The <literal>GEOM_LABEL</literal> class now supports
917 Ext2FS, NTFS, and ReiserFS. &merged;</para>
919 <para>The <literal>GEOM_MIRROR</literal> class now supports
920 kernel crash dumps to the GEOM providers.
923 <para>The <literal>GEOM_MIRROR</literal> and <literal>GEOM_RAID3</literal>
924 classes now support sysctl variables
925 <varname>kern.geom.mirror.disconnect_on_failure</varname>
927 <varname>kern.geom.graid3.disconnect_on_failure</varname>
928 to control whether failed components will be disconnected or not.
929 The default value is <literal>1</literal> to preserve the current
930 behavior, and if it is set to <literal>0</literal> such components
931 are not disconnected and the kernel will try to still use them
932 (only the first error will be logged).
933 This is helpful for the case of multiple broken components (in
934 different places), so actually all data is available.
935 The broken components will be visible in <command>gmirror list</command>
936 or <command>graid3 list</command> output with flag
937 <literal>BROKEN</literal>.
940 <para>The <literal>GEOM_MIRROR</literal> and <literal>GEOM_RAID3</literal>
941 classes now use parallel I/O requests for synchronization
942 to improve the performance. New sysctl variables
943 <varname>kern.geom.mirror.sync_requests</varname> and
944 <varname>kern.geom.raid3.sync_requests</varname>
945 define how many parallel I/O requests should be used.
946 Also, the sysctl variables
947 <varname>kern.geom.mirror.reqs_per_sync</varname>,
948 <varname>kern.geom.mirror.syncs_per_sec</varname>,
949 <varname>kern.geom.raid3.reqs_per_sync</varname>, and
950 <varname>kern.geom.raid3.syncs_per_sec</varname>
951 are deprecated and have been removed.
954 <para>A new GEOM class <literal>GEOM_ZERO</literal> has been added.
955 It creates a very huge provider (41PB) <filename>/dev/gzero</filename>
956 and is mainly useful for performance testing.
957 On <literal>BIO_READ</literal> request it zero-fills
958 <varname>bio_data</varname> and on <literal>BIO_WRITE</literal>
962 <para>The GEOM class kernel module <filename>g_md.ko</filename>
963 has been renamed to <filename>geom_md.ko</filename>
964 for consistency.</para>
966 <para arch="amd64,i386">The &man.hptmv.4; driver has been updated and now supports
967 amd64 as well as PAE.</para>
969 <para>The &man.mfi.4; driver, which supports
970 the LSI MegaRAID SAS controller family, has been added.
973 <para>The &man.mpt.4; driver has been updated to support
974 various new features such as RAID volume and RAID member
975 state/settings reporting, periodic volume re-synchronization
976 status reporting, and sysctl variables for volume
977 re-synchronization rate, volume member write cache status,
978 and volume transaction queue depth.</para>
980 <para>The &man.mpt.4; driver now supports SAS HBA (partially),
981 64-bit PCI, and large data transfer.</para>
983 <para>The &man.twa.4; driver has been updated to the 9.3.0.1
984 release on the 3ware Web site. &merged;</para>
986 <para>A new GEOM-based disk encryption facility, GEOM_ELI, has been
987 added. It uses the &man.crypto.9; framework for hardware acceleration
988 and supports different cryptographic algorithms. See &man.geli.8; for
989 more information. &merged;</para>
991 <para>The &man.geli.8; disk encryption system now supports loading keyfiles before the root
992 file system is mounted. &merged;
993 For example, the following entries
994 can be used in <filename>/boot/loader.conf</filename> to enable
997 <programlisting>geli_da0_keyfile0_load="YES"
998 geli_da0_keyfile0_type="da0:geli_keyfile0"
999 geli_da0_keyfile0_name="/boot/keys/da0.key0"
1000 geli_da0_keyfile1_load="YES"
1001 geli_da0_keyfile1_type="da0:geli_keyfile1"
1002 geli_da0_keyfile1_name="/boot/keys/da0.key1"
1003 geli_da0_keyfile2_load="YES"
1004 geli_da0_keyfile2_type="da0:geli_keyfile2"
1005 geli_da0_keyfile2_name="/boot/keys/da0.key2"
1007 geli_da1s3a_keyfile0_load="YES"
1008 geli_da1s3a_keyfile0_type="da1s3a:geli_keyfile0"
1009 geli_da1s3a_keyfile0_name="/boot/keys/da1s3a.key"</programlisting>
1011 <para>&man.geli.8; is now able to perform data integrity
1012 verification (data authentication) of encrypted data stored on
1013 disk. Note that the encryption algorithm is now specified to
1014 the &man.geli.8; control program using the <option>-e</option>
1015 option; the <option>-a</option> option is now used to specify
1016 the authentication algorithm</para>
1018 <para>The &man.umass.4; driver now supports
1019 <literal>PLAY_MSF</literal>,
1020 <literal>PLAY_TRACK</literal>,
1021 <literal>PLAY_TRACK_REL</literal>,
1022 <literal>PAUSE</literal>,
1023 <literal>PLAY_12</literal> commands so that
1024 the &man.cdcontrol.1; utility can handle a USB CD drive.</para>
1028 <title>File Systems</title>
1030 <para arch="amd64,i386,pc98">The &man.linsysfs.5;
1031 pseudo-filesystem driver has been added.
1032 It provides a subset of the
1033 Linux <filename>sys</filename> filesystem, and is required for
1034 the correct operation of some Linux binaries (such as the LSI
1035 MegaRAID SAS utility). &merged;</para>
1037 <para>A part of the FreeBSD NFS subsystem (the interface with
1038 the protocol stack and callouts, the NFS client side) is now MPSAFE.</para>
1040 <para>Initial (read-only) support for SGI's XFS filesystem has been
1045 <sect2 id="userland">
1046 <title>Userland Changes</title>
1048 <para>Padding of <varname>ai_addrlen</varname>
1049 in <varname>struct addrinfo</varname> has been removed,
1050 which was originally for the ABI compatibility.
1051 For example, this change breaks the ABI compatibility of the
1052 &man.getaddrinfo.3; function on 64-bit architectures, including
1053 &os;/amd64, &os;/ia64, and &os;/sparc64.</para>
1055 <para>The &man.asf.8; utility has been revised and extended. Now
1056 it can operate via several interfaces including &man.kvm.3;,
1057 which supports not only live systems, but also kernel crash dumps.
1060 <para>The &man.arp.8; utility now allows the <option>-i</option>
1061 option together with the <option>-d</option> and <option>-a</option> options
1062 to allow all entries for a given interface to be removed.</para>
1064 <para>The OpenBSM userland tools, including &man.audit.8;,
1066 &man.auditreduce.1;, and
1067 &man.praudit.1;, have been added. &merged;</para>
1069 <para>The &man.bsdiff.1; and &man.bspatch.1; utilities
1070 have been added. These are tools for constructing and
1071 applying binary patches. &merged;</para>
1073 <para>The &man.bsnmpd.1; utility now supports the Host Resources
1074 MIB described in RFC 2790. &merged;</para>
1076 <para>&man.cached.8; has been added. It is a daemon that caches
1077 the results of nsswitch lookups (such as those to the password,
1078 group, and services databases) for improved performance.</para>
1080 <para>The &man.cmp.1; utility now supports an <option>-h</option>
1081 flag to compare the symbolic link itself rather than the
1082 file that the link points to. &merged;</para>
1084 <para>The &man.config.8; utility now supports the <literal>nocpu</literal>
1085 directive, which cancels the effect of a
1086 previous <literal>cpu</literal> directive. &merged;</para>
1088 <para>The &man.config.8; utility now reads <filename>DEFAULTS</filename>
1089 kernel configuration file if it exists in the current directory
1090 before the specified configuration file. &merged;</para>
1092 <para>The &man.cp.1; utility now supports a <option>-l</option>
1093 option, which causes it to create hardlinks to the source files
1094 instead of copying them. &merged;</para>
1096 <para>The &man.csh.1; utility now supports NLS catalogs.
1097 Note that this requires installing
1098 the <filename role="package">shells/tcsh_nls</filename> port.
1101 <para>The &man.csup.1; utility has been imported.
1102 This is an implementation of a CVSup-compatible client written
1103 in the C language. Note that it currently supports checkout mode
1104 only. &merged;</para>
1106 <para>The &man.dhclient.8; program now sends the host's name in
1107 DHCP requests if it is not specified in the configuration
1108 file. &merged;</para>
1110 <para>The &man.devd.8; utility now supports a <option>-f</option> option
1111 to specify a configuration file. &merged;</para>
1113 <para>The &man.du.1; program now supports a <option>-n</option>
1114 flag, which causes it to ignore files and directories with
1115 the <literal>nodump</literal> flag set. &merged;</para>
1117 <para>The &man.fsdb.8; utility now supports changing the birth
1118 time of files on UFS2 file systems using the new
1119 the <literal>btime</literal> command.</para>
1121 <para>The &man.find.1; program now supports <option>-Btime</option>
1122 and other related primaries, which can be used to create expressions
1123 based on a file's creation time. &merged;</para>
1125 <para>A bug in the &man.find.1; program which prevents
1126 numeric arguments for <option>-user</option> and
1127 <option>-group</option> from working as expected
1128 has been fixed.</para>
1130 <para>The &man.freebsd-update.8; utility, a tool for managing
1131 binary updates to the &os; base system, has been added. &merged;</para>
1133 <para>The &man.ftpd.8; utility now creates a PID file
1134 <filename>/var/run/ftpd.pid</filename> even when
1135 no <option>-p</option> option is specified. &merged;</para>
1137 <para>The &man.gbde.8; utility now supports
1138 <option>-k</option> and <option>-K</option> options
1139 to specify a key file in addition to a passphrase.</para>
1141 <para>The &man.getfacl.1; utility now supports
1142 a <option>-q</option> flag to suppress the per-file header
1143 comment listing the file name, owner, and group.
1146 <para>The &man.getent.1; utility has been imported from NetBSD.
1147 It retrieves and displays information from an administrative
1148 database (such as <filename>hosts</filename>) using the lookup
1149 order specified in &man.nsswitch.conf.5;. &merged;</para>
1151 <para>The &man.gpt.8; utility now supports setting GPT partition labels.</para>
1153 <para>The &man.gvinum.8; utility now supports commands
1154 to rename objects and to move a subdisk from
1155 one drive to another. &merged;</para>
1157 <para>The &man.gvinum.8; utility now supports the
1158 <command>resetconfig</command> sub-command.</para>
1160 <para>An implementation of Generic Security Service API (GSS-API)
1161 version 2 and its C binding described in RFC2743 and RFC2744
1162 has been added. This is a new extensible GSS-API layer which
1163 can support GSS-API plugins, similar the the Solaris
1164 implementation, and the Kerberos 5 GSS mechanism has
1165 been rewritten as a plugin library for the new implementation.</para>
1167 <para>The &man.hccontrol.8; utility now supports HCI node
1168 autodetection.</para>
1170 <para>The &man.id.1; utility now prints the effective user
1171 ID after the group ID.</para>
1173 <para>The &man.ifconfig.8; utility now supports
1174 a <option>-k</option> flag to allow printing
1175 potentially sensitive keying material to standard output.
1176 This sensitive information will not be printed by default.</para>
1178 <para>The &man.ifconfig.8; utility now supports a <option>-tunnel</option>
1179 parameter, which is just an alias for <option>deletetunnel</option>,
1180 yet is more convenient and easier to type.</para>
1182 <para>The <option>-vlandev</option> parameter to &man.ifconfig.8;
1183 no longer requires a network interface as its argument. The
1184 argument still is supported for backward compatibility, but
1185 is now deprecated and its use is discouraged.</para>
1187 <para>The &man.iostat.8; utility now supports
1188 a <option>-x</option> flag (inspired by Solaris) to print
1189 extended disk statistics. If the new <option>-z</option> flag is
1190 also specified, no output is made for disks with no
1191 activity. &merged;</para>
1193 <para>The &man.ipfwpcap.8; utility has been added; it captures
1194 packets on a &man.divert.4; socket and writes them as
1195 &man.pcap.3; (also known as &man.tcpdump.1;) format data to a
1196 file or pipe.</para>
1198 <para>The &man.jail.8; utility supports a <option>-J
1199 <replaceable>jid_file</replaceable></option> option to
1200 write out a JidFile, similar to a PidFile, containing
1201 the jailid, path, hostname, IP and the command used to start
1202 the jail. &merged;</para>
1204 <para>The &man.jail.8; program now supports a <option>-s</option>
1205 option to specify a jail's securelevel. &merged;</para>
1207 <para>The &man.jexec.8; utility now supports <option>-u</option>
1208 and <option>-U</option> flags to specify username credentials
1209 under which a command should be executed. &merged;</para>
1211 <para>The &man.kdump.1; program now supports a <option>-H</option>
1212 flag, which causes kdump to print an additional field holding
1213 the threadid. &merged;</para>
1215 <para>The &man.kdump.1; program now supports a <option>-s</option>
1216 flag to suppress the display of I/O data. &merged;</para>
1218 <para>The &man.kdump.1; program now supports printing
1219 flags in a system call argument by using symbol names.</para>
1221 <para>The &man.kenv.1; utility now supports a <option>-q</option>
1222 flag to suppress warnings.</para>
1224 <para>&man.kgdb.1; now supports a <option>-w</option>
1225 option to open kmem-based targets in read-write mode.
1226 This allows one to use kgdb on <filename>/dev/mem</filename>
1227 and be able to patch memory on a live system.</para>
1229 <para>The &man.libarchive.3; library now supports
1230 POSIX.1e-style Extended Attributes.</para>
1232 <para>The <application>libc</application> library now includes
1233 initial implementation of symbol maps and symbol version
1236 <para>The <application>libedit</application> library has been
1237 updated from the NetBSD source tree as of August 2005.</para>
1239 <para>The <application>libm</application> library now includes
1240 initial implementation of symbol maps and symbol version
1243 <para>The &man.libmemstat.3; library has been added.
1244 This is for use by debugging and monitoring applications
1245 in tracking kernel memory statistics. It provides an
1246 abstracted interface to &man.uma.9; and &man.malloc.9;
1247 statistics, wrapped around the binary stream sysctl variables
1248 for the allocators. &merged;</para>
1250 <para>The &man.ln.1; utility now supports
1251 an <option>-F</option> flag, which deletes existing
1252 empty directories when creating symbolic links.
1255 <para>The &man.locate.1; utility now supports
1256 a <option>-0</option> flag to make this utility
1257 interoperable with &man.xargs.1;'s <option>-0</option> flag.
1260 <para>The &man.logger.1; utility now supports
1261 a <option>-P</option>, which specifies the port to which syslog
1262 messages should be sent. &merged;</para>
1264 <para>The &man.ls.1; utility now supports
1265 an <option>-I</option> flag to disable the automatic
1266 <option>-A</option> flag for the superuser. &merged;</para>
1268 <para>The &man.ls.1; utility now supports
1269 an <option>-U</option> flag to use the file creation
1270 time for sorting. &merged;</para>
1272 <para>A new &man.malloc.3; implementation has been introduced.
1273 This implementation, sometimes referred to
1274 as <quote>jemalloc</quote>, was designed to improve the
1275 performance of multi-threaded programs, particularly on SMP
1276 systems, while preserving the performance of single-threaded
1277 programs. Due to the use of different algorithms and data
1278 structures, jemalloc may expose some previously-unknown bugs in
1279 userland code, although most of the &os; base system and common
1280 ports have been tested and/or fixed.</para>
1282 <para>The &man.mdconfig.8; utility now supports producing
1283 device listings formatted as XML. Currently, the
1284 <command>list</command> and <command>query</command>
1285 sub-commands support this feature.</para>
1287 <para>The &man.mdconfig.8; utility's <option>-u</option> option
1288 now supports specifying multiple devices separated
1289 by comma character.</para>
1291 <para>The &man.mdmfs.8; utility now supports a <option>-P</option> flag
1292 to allow skipping the &man.newfs.8; process
1293 when using a vnode-backed disk.</para>
1295 <para>The &man.mdmfs.8; utility now supports a <option>-E</option> flag
1296 to allow to specify location of the &man.mdconfig.8;
1297 utility instead of using the default one
1298 (<filename>/sbin/mdconfig</filename>).</para>
1300 <para>A new function &man.memmem.3; has been implemented in
1301 <filename>libc</filename>. This is the binary equivalent to
1302 &man.strstr.3; and found in <filename>glibc</filename>.</para>
1304 <para>The &man.mergemaster.8; utility now supports
1305 an <option>-A</option> option to explicitly specify
1306 an architecture to pass through to the underlying makefiles.
1309 <para>The &man.mount.8; <literal>nodev</literal> option has
1310 been removed.</para>
1312 <para>The &man.mount.8; utility now supports &man.mqueuefs.5;.</para>
1314 <para>A bug which prevents the &man.mount.8; utility from converting
1315 a read-only mount to read-write via <command>mount -u -o rw</command>,
1316 has been fixed.</para>
1318 <para>The &man.mount.8; utility now supports a
1319 <literal>late</literal> keyword in &man.fstab.5;, along with a
1320 corresponding <option>-l</option> command-line option to specify
1321 that these <quote>late</quote> file systems should be
1324 <para>The &man.moused.8; daemon now supports an <option>-H</option> flag
1325 to enable horizontal virtual scrolling similar to the
1326 <option>-V</option> flag for vertical virtual scrolling.
1329 <para>The &man.netstat.1; utility now supports an
1330 <option>-h</option> flag for interface stats mode,
1331 which prints all interface statistics in human readable form. &merged;</para>
1333 <para>The &man.netstat.1; utility now supports
1334 printing &man.ipsec.4; protocol statistics if the
1335 kernel was compiled with <literal>FAST_IPSEC</literal>
1336 rather than the KAME IPSEC stack.
1337 Note that the output of <command>netstat -s -p ipsec</command>
1338 differs depending on which stack is compiled into
1339 the kernel since they each keep different statistics. &merged;</para>
1341 <para>The <filename>/etc/nsswitch.conf</filename> file is now
1342 installed statically instead of being generated on every
1345 <para>The &man.periodic.8; daily script now supports
1346 display of the status of &man.gmirror.8;, &man.graid3.8;,
1347 &man.gstripe.8;, and &man.gconcat.8; devices.
1348 Note that these are disabled by default. &merged;</para>
1350 <para>A new function, &man.pidfile.3;, which provides reliable
1351 pidfiles handling, has been implemented in
1352 <filename>libutil</filename>. &merged;</para>
1354 <para>The &man.ping.8; utility now supports a <quote>sweeping
1355 ping</quote> in which &man.icmp.4; payload of
1356 packets being sent is increased with given step.
1357 This is useful for testing problematic channels, MTU issues
1358 or traffic policing functions in networks. &merged;</para>
1360 <para>The &man.pkill.1; utility now supports a
1361 <option>-F</option> option which allows to
1362 restrict matches to a process whose PID is stored in the
1363 pidfile file. When another new option <option>-L</option>
1364 is also specified, the pidfile file must be locked with the
1365 &man.flock.2; syscall or created with &man.pidfile.3;.</para>
1367 <para>The &man.pkill.1; utility now supports a
1368 <option>-I</option> flag which works like <option>-i</option>
1369 of &man.rm.1;. When this flag is specified, &man.pkill.1;
1370 will ask for confirmation before sending a signal to
1371 each matching process.</para>
1373 <para>The &man.pkill.1; utility (also known as &man.pgrep.1;) has
1374 been moved from <filename>/usr/bin</filename>
1375 to <filename>/bin</filename> so that it can be used by startup
1376 scripts. Symbolic links from its former location have been
1377 created for backward compatibliity. &merged;</para>
1379 <para>The &man.powerd.8; program now supports a
1380 <option>-P</option> option, which specifies a pidfile to use.</para>
1382 <para>An extensible implementation of &man.printf.3;, compatible
1383 with GLIBC, has been added to <filename>libc</filename>. It is
1384 only used if the environment variable
1385 <varname>USE_XPRINTF</varname> is defined, one of the extension
1386 functions is called, or the global variable
1387 <varname>__use_xprintf</varname> is set to a value greater than
1388 <literal>0</literal>. Five extensions are currently supported:
1389 <literal>%H</literal> (hex dump),
1390 <literal>%T</literal> (<varname>time_t</varname> and
1391 time-related structures),
1392 <literal>%M</literal> (errno message),
1393 <literal>%Q</literal> (double-quoted, escaped string),
1394 <literal>%V</literal> (&man.strvis.3;-format string),
1397 <para>The DNS resolver library in &os;'s <application>libc</application>
1398 has been updated to BIND9's one. &merged;</para>
1400 <para>The &man.rfcomm.sppd.1; program now supports service names
1401 in addition to <option>-c</option> option with channel number.
1402 The supported names are: DUN (Dial-Up Networking), FAX (Fax),
1403 LAN (LAN Access Using PPP), and SP (Serial Port). &merged;</para>
1405 <para>The &man.rpcgen.1; utility now generates headers and stub files
1406 that can be used with ANSI C compilers by default.</para>
1408 <para>The &man.rtld.1; runtime linker now supports ELF symbol versioning
1409 using GNU semantics. This implementation aims to be compatible
1410 with symbol versioning support as implemented by GNU libc and
1411 documented in <ulink url="http://people.redhat.com/~drepper/symbol-versioning"></ulink>
1412 and LSB 3.0. Also, <function>dlvsym()</function>
1413 function has been added to
1414 allow lookups for a specific version of a given symbol.</para>
1416 <para>A bug in the &man.sed.1; utility which can cause
1417 incorrect calculation of pattern space length in some cases
1418 has been fixed.</para>
1420 <para>The &man.sh.1; utility now supports a <literal>times</literal>
1421 built-in command. &merged;</para>
1423 <para>The &man.snapinfo.8; utility, which shows snapshot locations
1424 on UFS filesystems, has been added. &merged;</para>
1426 <para>The &man.strtonum.3; library function has been implemented
1427 based on OpenBSD's implementation. This is an improved version of
1428 &man.strtoll.3;. &merged;</para>
1430 <para>The &man.sysctl.8; utility now supports a <option>-q</option>
1431 flag to suppress a limited set of warnings and errors.</para>
1433 <para>The &man.tail.1; utility now supports a <option>-q</option>
1434 flag to suppress header lines when multiple files are
1435 specified. &merged;</para>
1437 <para>The &man.time.1; utility now prints the time that a given
1438 command has been running if sent a <literal>SIGINFO</literal> signal.</para>
1440 <para>The &man.traceroute.8; utility now supports
1441 a <option>-e</option> option, which sets a fixed destination
1442 port for probe packets. This can be useful for tracing behind
1443 packet-filtering firewalls. &merged;</para>
1445 <para>&man.traceroute.8; now decodes the complete set of ICMP
1446 unreachable messages in its output. &merged;</para>
1448 <para>The &man.truss.1; utility now supports an <option>-s</option>
1449 flag for the same functionality as the strace utility
1450 (<filename role="package">devel/strace</filename>).</para>
1452 <para arch="ppc">The &man.truss.1; utility now supports &os;/ppc.</para>
1454 <para>The usbd(8) utility has been removed.
1455 The &man.devd.8; utility and its configuration
1456 file now support functionality which is equivalent to it.</para>
1458 <para>The &man.xargs.1; utility now supports a <option>-r</option>
1459 flag which makes the command execution when the standard input
1460 does not contain any non-whitespace-characters. &merged;</para>
1462 <para>The shared library version number of all libraries has
1463 been updated due to some possible ABI changes. The libraries
1464 include: snmp_<replaceable>*</replaceable>, libdialog, libg2c, libobjc,
1465 libreadline, libregex, libstdc++, libkrb5, libalias, libarchive,
1466 libbegemot, libbluetooth, libbsnmp, libbz2, libc_r, libcrypt,
1467 libdevstat, libedit, libexpat, libfetch, libftpio, libgpib,
1468 libipsec, libkiconv, libmagic, libmp, libncp, libncurses,
1469 libnetgraph, libngatm, libopie, libpam, libpthread, libradius,
1470 libsdp, libsmb, libtacplus, libthr, libthread_db, libugidfw,
1471 libusbhid, libutil, libvgl, libwrap, libypclnt, libm, libcrypto,
1472 libssh, and libssl.</para>
1474 <para>The <function>wcsdup()</function> function has been
1475 implemented. This function is popular in Microsoft and GNU
1478 <sect3 id="rc-scripts">
1479 <title><filename>/etc/rc.d</filename> Scripts</title>
1481 <para>The <filename>auditd</filename> script for
1482 OpenBSM &man.auditd.8; has been added. &merged;</para>
1484 <para>The <filename>bluetooth</filename> script
1485 has been added. This script will be called from
1486 &man.devd.8; in response to device attachment/detachment
1487 events and to stop/start particular device without unplugging
1488 it by hand. The configuration parameters are in
1489 <filename>/etc/defaults/bluetooth.device.conf</filename>,
1490 and can be overridden by using
1491 <filename>/etc/bluetooth/<replaceable>$device</replaceable>.conf</filename>
1492 (where <replaceable>$device</replaceable> is <devicename>ubt0</devicename>,
1493 <devicename>btcc0</devicename>, and so on.)
1494 For more details, see &man.bluetooth.conf.5;. &merged;</para>
1496 <para>The <filename>ftpd</filename> script for
1497 stand-alone &man.ftpd.8; has been added.</para>
1499 <para>The <filename>gbde_swap</filename> script has
1500 been removed in favor a new <filename>encswap</filename>
1501 script which also supports &man.geli.8; for swap
1504 <para>The <filename>geli</filename> and <filename>geli2</filename>
1505 scripts has been added for &man.geli.8; device
1506 configuration on boot.</para>
1508 <para>The <filename>ike</filename> script for
1509 IPsec IKE daemon has been removed because no such daemon
1510 is included in the base system.</para>
1512 <para>The <filename>hcsecd</filename> and
1513 <filename>sdpd</filename> scripts have been added
1514 for &man.hcsecd.8; and &man.sdpd.8; daemons.
1515 These daemons can run even if no Bluetooth devices
1516 are attached to the system, but both daemons depend on
1517 Bluetooth socket layer and thus disabled by default.
1518 Bluetooth sockets layer must be either loaded
1519 as a module or compiled into kernel before the daemons can run.
1522 <para>The <filename>hostapd</filename> script for
1523 &man.hostapd.8; has been added. &merged;</para>
1525 <para>The <filename>mdconfig</filename> script to
1526 handle vnode backed &man.md.4; devices has been added.
1527 This is a replacement of the <filename>ramdisk</filename>
1528 script, and all of variables in <varname>ramdisk_*</varname>
1529 have been changed to <varname>mdconfig_*</varname>.
1530 Also, two new &man.rc.conf.5; variables
1531 <varname>mdconfig_<replaceable>*</replaceable>_files</varname>
1533 <varname>mdconfig_<replaceable>*</replaceable>_cmd</varname>
1534 have been added. For example:</para>
1536 <programlisting>mdconfig_md0="-t malloc -s 10m"
1537 mdconfig_md1="-t vnode -f /var/foo.img"</programlisting>
1539 <para>The <filename>netif</filename> script now supports
1540 <varname>ipv4_addrs_<replaceable>ifn</replaceable></varname>
1542 which add one or more IPv4 address from a ranged list in
1543 CIDR notation. &merged; For example:</para>
1545 <programlisting>ipv4_addrs_ed0="192.168.0.1/24 192.168.1.1-5/28"</programlisting>
1547 <para>The <filename>rcconf.sh</filename> script in <filename>/etc/rc.d</filename>
1548 has been removed and a variable <varname>early_late_divider</varname>,
1549 which designates the script to separate the early and late stages
1550 of the boot process, has been added.</para>
1552 <para>The <filename>rc.initdiskless</filename> script now uses &man.tar.1;
1553 instead of &man.pax.1; because &man.pax.1; needs a writable
1554 temporary directory that may not be available when this script
1557 <para>The <filename>pccard</filename> script has been removed
1558 since OLDCARD is deprecated.</para>
1560 <para>The <filename>ppp-user</filename> script has been renamed to
1561 <filename>ppp</filename>. &merged;</para>
1563 <para>The <varname>removable_interfaces</varname> variable
1564 has been removed.</para>
1566 <para>A new keyword <literal>NOAUTO</literal> in
1567 <varname>ifconfig_<replaceable>ifn</replaceable></varname>
1568 has been added. This prevents configuration of an interface
1569 at boot time or via <filename>/etc/pccard_ether</filename>,
1570 and allows <filename>/etc/rc.d/netif</filename>
1571 to be used to start and stop an interface
1572 on a purely manual basis.</para>
1576 <sect2 id="contrib">
1577 <title>Contributed Software</title>
1579 <para><application>Intel ACPI-CA</application>
1580 has been updated to 20051021.</para>
1582 <para><application>BIND</application> has been updated from 9.3.1
1583 to 9.3.2. &merged;</para>
1585 <para><application>BSNMPD</application> has been updated from
1586 1.11 to 1.12.</para>
1588 <para><application>DRM</application> has
1589 been updated to a snapshot from DRI CVS as of 20060517.
1592 <para><application>FILE</application> has been updated from 4.12
1595 <para><application>netcat</application> has been updated from the
1596 version in a 4 February 2005 OpenBSD snapshot to the version
1597 included in OpenBSD 3.9. &merged;</para>
1599 <para><application>GCC</application> has been updated from 3.4.4
1602 <para><application>GNU Readline library</application>
1603 has been updated from 5.0 to 5.1.</para>
1605 <para><application>GNU Troff</application>
1606 has been updated from version 1.19 to version 1.19.2.
1609 <para><application>IPFilter</application> has been updated from
1610 4.1.8 to 4.1.13. &merged;</para>
1612 <para><application>less</application> has been updated from v381
1613 to v394. &merged;</para>
1615 <para><application>lukemftpd</application> has been updated from a
1616 snapshot from NetBSD as of 9 August 2004 to a snapshot from
1617 NetBSD as of 31 August 2006.</para>
1619 <para><application>OpenSSH</application> has been updated from
1620 4.2p1 to 4.3p1.</para>
1622 <para><application>OpenSSL</application> has been updated from
1623 0.9.7e to 0.9.8b.</para>
1625 <para><application>hostapd</application>
1626 has been updated from version 0.3.9 to version 0.4.8.
1629 <para><application>sendmail</application> has been updated from
1630 8.13.4 to 8.13.8. &merged;</para>
1632 <para>The timezone database has been updated from the
1633 <application>tzdata2005l</application> release to the
1634 <application>tzdata2006g</application> release. &merged;</para>
1636 <para><application>tip</application> has been updated to a
1637 snapshot from OpenBSD as of 20060831.</para>
1639 <para>TrustedBSD <application>OpenBSM</application>,
1640 version 1.0 alpha 10, an implementation of the documented Sun Basic
1641 Security Module (BSM) Audit API and file format, as well as local
1642 extensions to support the Mac OS X and &os; operating systems
1643 has been added. This also includes command line tools for audit
1644 trail reduction and conversion to text, as well as documentation
1645 of the commands, file format, and APIs.
1646 For this functionality, the <literal>AUDIT</literal> kernel option,
1647 <filename>/var/audit</filename> directory, and
1648 <literal>audit</literal> group have been added. &merged;</para>
1650 <para><application>WPA Supplicant</application>
1651 has been updated from version 0.3.9 to version 0.4.8.
1654 <para><application>zlib</application>
1655 has been updated from version 1.2.2 to version 1.2.3.</para>
1659 <title>Ports/Packages Collection Infrastructure</title>
1661 <para>&man.pkg.add.1; now supports an <option>-F</option>
1662 flag to disable checking whether the same package is already
1663 installed or not. &merged;</para>
1665 <para>The &man.pkg.add.1; program now supports an <option>-P</option>
1666 flag, which is the same as the <option>-p</option> flag
1667 except that the given prefix is also used recursively for the
1668 dependency packages if any. &merged;</para>
1670 <para>The &man.pkg.add.1; and &man.pkg.create.1; utilities now support
1671 a <option>-K</option> flag to save packages to the current directory
1672 (or <varname>PKGDIR</varname> if defined) by default.
1675 <para>The &man.pkg.create.1; program now supports an <option>-x</option>
1676 flag to support basic regular expressions for package name,
1677 an <option>-E</option> flag for extended regular
1678 expressions, and a <option>-G</option> for exact matching. &merged;</para>
1680 <para>The &man.pkg.version.1; utility now supports an <option>-o</option>
1681 flag to show the origin recorded on package generation
1682 instead of the package name, and an <option>-O</option> flag
1683 to list packages with a specific registered origin.
1686 <para>The &man.portsnap.8; utility (<filename>sysutils/portsnap</filename>)
1687 has been added into the &os; base system. This is a secure,
1688 easy to use, fast, lightweight, and generally good way for
1689 users to keep their ports trees up to date. &merged;</para>
1691 <para>A incorrect handling of <varname>HTTP_PROXY_AUTH</varname>
1692 in the &man.portsnap.8; utility has been fixed. &merged;</para>
1694 <para>The startup scripts from the <varname>local_startup</varname>
1695 directory now evaluated by using &man.rcorder.8; with scripts
1696 in the base system. &merged;</para>
1698 <para>The suffix of startup scripts from the Ports Collection
1699 has been removed. This means <filename>foo.sh</filename>
1700 is renamed to <filename>foo</filename>, and now
1701 scripts whose name is something like
1702 <filename>foo.ORG</filename> will also be invoked.
1703 You are recommended to reinstall packages which install
1704 such scripts and remove extra files in the
1705 <varname>local_startup</varname> directory. &merged;</para>
1707 <para>New <filename>rc.conf</filename> variables,
1708 <varname>ldconfig_local_dirs</varname> and
1709 <varname>ldconfig_local32_dirs</varname> have been added.
1710 These hold lists of local &man.ldconfig.8; directories.
1713 <para>The <command>@cwd</command> command in
1714 <filename>pkg-plist</filename> now allows
1715 the case where no directory argument is given. If no
1716 directory argument is given, it will set current
1717 working directory to the first prefix given by the
1718 <command>@cwd</command> command. &merged;</para>
1722 <title>Release Engineering and Integration</title>
1724 <para>The default partition sizing algorithm of the
1725 &man.sysinstall.8; utility has been changed.</para>
1729 <para>On systems where the disk capacity is larger than (3 * RAMsize + 10GB),
1730 the default sizes will now be as follows:</para>
1732 <informaltable frame="none" pgwide="0">
1734 <colspec colwidth="1*">
1735 <colspec colwidth="2*">
1738 <entry>Partition</entry>
1744 <row><entry>swap</entry><entry>RAMsize * 2</entry></row>
1745 <row><entry><filename>/</filename></entry><entry>512 MB</entry></row>
1746 <row><entry><filename>/tmp</filename></entry><entry>512 MB</entry></row>
1747 <row><entry><filename>/var</filename></entry><entry>1024 MB + RAMsize</entry></row>
1748 <row><entry><filename>/usr</filename></entry><entry>the rest (8GB or more)</entry></row>
1755 <para>On systems where the disk capacity is larger than
1756 (RAMsize / 8 + 2 GB), the default sizes will be
1757 in the following ranges, with space allocated
1758 proportionally:</para>
1760 <informaltable frame="none" pgwide="0">
1762 <colspec colwidth="1*">
1763 <colspec colwidth="2*">
1766 <entry>Partition</entry>
1772 <row><entry>swap</entry><entry>from RAMsize / 8 to RAMsize * 2</entry></row>
1773 <row><entry><filename>/</filename></entry><entry>from 256MB to 512MB</entry></row>
1774 <row><entry><filename>/tmp</filename></entry><entry>from 128MB to 512MB</entry></row>
1775 <row><entry><filename>/var</filename></entry><entry>from 128MB to 1024MB</entry></row>
1776 <row><entry><filename>/usr</filename></entry><entry>from 1536MB to 8192MB</entry></row>
1783 <para>On systems with even less disk space, the existing behavior is not
1788 <para>The &man.sysinstall.8; utility now displays the running &os;
1789 version in menu titles. &merged;</para>
1791 <para>A new <literal>showconfig</literal>
1792 target has been added in <filename>src/Makefile</filename>
1793 to show the build configuration of the &os; source tree.</para>
1795 <para>A <filename>/media</filename> directory has been
1796 added to contain mount points for removable media
1797 such as CDROMs, floppy disks, USB drives, and so on. &merged;</para>
1799 <para>The <filename>src.conf</filename> file, which
1800 contains settings that will apply to every build involving
1801 the &os; source tree, has been added.
1802 For details, see &man.build.7; and &man.src.conf.5;.</para>
1804 <para>The supported version of
1805 the <application>GNOME</application> desktop environment
1806 (<filename role="package">x11/gnome2</filename>) has been
1807 updated from 2.10.2 to 2.14.1. &merged;</para>
1809 <para>The supported version of
1810 the <application>KDE</application> desktop environment
1811 (<filename role="package">x11/kde3</filename>) has been
1812 updated from 3.4.2 to 3.5.3. &merged;</para>
1814 <para arch="i386,amd64">The supported Linux emulation now uses the
1816 <filename role="package">emulators/linux_base-fc4</filename>
1817 package. &merged;</para>
1819 <para>The supported version of
1820 the <application>Perl</application> interpreter
1821 (<filename role="package">lang/perl5.8</filename>) has been updated
1822 from 5.8.7 to 5.8.8. &merged;</para>
1824 <para>The supported version of
1825 the <application>&xorg;</application> windowing system
1826 (<filename role="package">x11/xorg</filename>) has been updated
1827 from 6.8.2 to 6.9.0. &merged;</para>
1829 <para arch="pc98">&os;/pc98 release CDROMs are now
1830 bootable on systems with some supported SCSI adapters.
1835 <title>Documentation</title>
1837 <para>Documentation of existing functionality has been improved by
1838 the addition of the following manual pages:
1839 &man.acpi.sony.4;, &man.device.get.sysctl.9;,
1843 &man.snd.mss.4;, &man.snd.t4dwave.4;,
1844 &man.sysctl.9;.</para>
1846 <para>The manual pages for <application>NTP</application>
1847 have been updated to 4.2.0, to match the version of
1848 code actually included in &os;. &merged;</para>
1850 <para>Initial support for kernel subsystem API documentation generating
1851 framework using <filename role="package">devel/doxygen</filename>
1852 has been added into <filename>src/sys/doc/subsys</filename>.
1853 To generate the API document, type <command>make doxygen</command>
1854 in <filename>src/</filename> directory.</para>
1858 <sect1 id="upgrade">
1859 <title>Upgrading from previous releases of &os;</title>
1864 <para>Upgrading &os; should, of course, only be attempted after
1865 backing up <emphasis>all</emphasis> data and configuration