1 <?xml version="1.0" encoding="iso-8859-1"?>
2 <!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook XML V5.0-Based Extension//EN"
3 "../../../share/xml/freebsd50.dtd" [
4 <!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN" "release.ent">
6 <!ENTITY % sponsor PUBLIC "-//FreeBSD//ENTITIES Sponsor Specification//EN" "sponsor.ent">
8 <!ENTITY % vendor PUBLIC "-//FreeBSD//ENTITIES Vendor Specification//EN" "vendor.ent">
10 <!ENTITY security SYSTEM "../../share/xml/security.xml">
11 <!ENTITY errata SYSTEM "../../share/xml/errata.xml">
13 <article xmlns="http://docbook.org/ns/docbook"
14 xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0">
17 <title>&os; &release.current; Release Notes</title>
20 <orgname>The &os; Project</orgname>
23 <pubdate>$FreeBSD$</pubdate>
25 <!-- Last rev: 288943 -->
29 <holder role="mailto:doc@FreeBSD.org">The &os; Documentation
33 <legalnotice xml:id="trademarks" role="trademarks">
43 <para>The release notes for &os; &release.current; contain
44 a summary of the changes made to the &os; base system on the
45 &release.branch; development line. This document lists
46 applicable security advisories that were issued since the last
47 release, as well as significant changes to the &os; kernel and
48 userland. Some brief remarks on upgrading are also
53 <sect1 xml:id="intro">
54 <title>Introduction</title>
56 <para>This document contains the release notes for &os;
57 &release.current;. It describes recently added, changed, or
58 deleted features of &os;. It also provides some notes on
59 upgrading from previous versions of &os;.</para>
61 <para releasetype="current">The &release.type; distribution to
62 which these release notes apply represents the latest point
63 along the &release.branch; development branch since
64 &release.branch; was created. Information regarding pre-built,
65 binary &release.type; distributions along this branch can be
67 xlink:href="&release.url;">&release.url;</uri>.</para>
69 <para releasetype="snapshot">The &release.type; distribution to
70 which these release notes apply represents a point along the
71 &release.branch; development branch between &release.prev; and
72 the future &release.next;. Information regarding pre-built,
73 binary &release.type; distributions along this branch can be
75 xlink:href="&release.url;">&release.url;</uri>.</para>
77 <para releasetype="release">This distribution of &os;
78 &release.current; is a &release.type; distribution. It can be
79 found at <uri xlink:href="&release.url;">&release.url;</uri> or
80 any of its mirrors. More information on obtaining this (or
81 other) &release.type; distributions of &os; can be found in the
83 xlink:href="&url.books.handbook;/mirrors.html"><quote>Obtaining
84 &os;</quote> appendix</link> to the <link
85 xlink:href="&url.books.handbook;/">&os;
86 Handbook</link>.</para>
88 <para>All users are encouraged to consult the release errata
89 before installing &os;. The errata document is updated with
90 <quote>late-breaking</quote> information discovered late in the
91 release cycle or after the release. Typically, it contains
92 information on known bugs, security advisories, and corrections
93 to documentation. An up-to-date copy of the errata for &os;
94 &release.current; can be found on the &os; Web site.</para>
96 <para>This document describes the most user-visible new or changed
97 features in &os; since &release.prev;. In general, changes
98 described here are unique to the &release.branch; branch unless
99 specifically marked as &merged; features.</para>
101 <para>Typical release note items document recent security
102 advisories issued after &release.prev;, new drivers or hardware
103 support, new commands or options, major bug fixes, or
104 contributed software upgrades. They may also list changes to
105 major ports/packages or release engineering practices. Clearly
106 the release notes cannot list every single change made to &os;
107 between releases; this document focuses primarily on security
108 advisories, user-visible changes, and major architectural
112 <sect1 xml:id="upgrade">
113 <title>Upgrading from Previous Releases of &os;</title>
115 <para arch="amd64,i386">Binary upgrades between RELEASE versions
116 (and snapshots of the various security branches) are supported
117 using the &man.freebsd-update.8; utility. The binary upgrade
118 procedure will update unmodified userland utilities, as well as
119 unmodified GENERIC kernels distributed as a part of an official
120 &os; release. The &man.freebsd-update.8; utility requires that
121 the host being upgraded have Internet connectivity.</para>
123 <para>Source-based upgrades (those based on recompiling the &os;
124 base system from source code) from previous versions are
125 supported, according to the instructions in
126 <filename>/usr/src/UPDATING</filename>.</para>
129 <para>Upgrading &os; should only be attempted after backing up
130 <emphasis>all</emphasis> data and configuration files.</para>
134 <sect1 xml:id="security-errata">
135 <title>Security and Errata</title>
137 <para>This section lists the various Security Advisories and
138 Errata Notices since &release.prev;.</para>
140 <sect2 xml:id="security">
141 <title>Security Advisories</title>
146 <sect2 xml:id="errata">
147 <title>Errata Notices</title>
153 <sect1 xml:id="userland">
154 <title>Userland</title>
156 <para>This section covers changes and additions to userland
157 applications, contributed software, and system utilities.</para>
159 <sect2 xml:id="userland-config">
160 <title>Userland Configuration Changes</title>
162 <para revision="313203">The &man.inetd.8; utility is now built
163 without <literal>libwrap</literal> support when
164 <literal>WITHOUT_TCP_WRAPPERS</literal> is set in
165 &man.src.conf.5;.</para>
167 <para revision="316045">The &man.libthr.3; library and related
168 files are now evaluated and removed by the
169 <literal>delete-old-libs</literal> target when upgrading the
170 system if <literal>WITHOUT_LIBTHR</literal> is
171 set in &man.src.conf.5;.</para>
173 <para revision="316423" contrib="sponsor" sponsor="&ff;">The
174 <literal>WITH_LLD_AS_LD</literal> build knob has been added,
175 which installs <application>LLD</application> as
176 <filename>/usr/bin/ld</filename> if set.</para>
178 <para revision="318472" contrib="sponsor" sponsor="&ff;">
179 <application>LLD</application> has been enabled by default and
180 installed as <filename>/usr/bin/ld</filename> on
181 &os;/&arch.arm64;.</para>
183 <para revision="319244">The
184 <literal>WITH_RPCBIND_WARMSTART_SUPPORT</literal>
185 &man.src.conf.5; knob has been added, which when enabled
186 allows building &man.rpcbind.8; with
187 <literal>warmstart</literal> support.</para>
190 <sect2 xml:id="userland-programs">
191 <title>Userland Application Changes</title>
193 <para revision="305476" contrib="sponsor"
194 sponsor="&ff;">Support for &man.blacklistd.8; has been added
195 to <application>OpenSSH</application>.</para>
197 <para revision="306213">The &man.bspatch.1; utility has been
198 updated with &man.capsicum.4; support.</para>
200 <para revision="308720" contrib="sponsor" sponsor="&gandi;">The
201 &man.cron.8; utility has been updated to add support for
202 including files within <filename
203 class="directory">/etc/cron.d</filename> and <filename
204 class="directory">/usr/local/etc/cron.d</filename> by
207 <para revision="308721" contrib="sponsor" sponsor="&gandi;">The
208 &man.syslogd.8; utility has been updated to add the
209 <literal>include</literal> keyword which allows specifying
210 a directory containing configuration files to be included in
211 addition to &man.syslog.conf.5;. The default
212 &man.syslog.conf.5; has been updated to include <filename
213 class="directory">/etc/syslog.d</filename> and <filename
214 class="directory">/usr/local/etc/syslog.d</filename> by
217 <para revision="308914">The &man.zfsbootcfg.8; utility has been
218 added, providing one-time &man.boot.config.5;-style options
219 for &man.zfsboot.8;.</para>
221 <para revision="315514" contrib="sponsor" sponsor="&yandex;">The
222 &man.setkey.8; utility has been modified to show the runtime
223 <acronym>NAT-T</acronym> configuration. The
224 <literal>-g</literal> and <literal>-t</literal> flags have
225 been added, which list only global and virtual policies,
226 respectively, when used with the <literal>-D</literal> and
227 <literal>-P</literal> flags.</para>
229 <para revision="316098" contrib="sponsor"
230 sponsor="&dellemc;">The &man.getaddrinfo.1; utility has been
231 added, ported from NetBSD.</para>
233 <para revision="316944" contrib="sponsor"
234 sponsor="&multiplay;">The &man.jail.8; utility has been
235 updated to allow explicitly-assigned <acronym>IPv4</acronym>
236 and <acronym>IPv6</acronym> addresses to be used within
239 <para revision="317855">The &man.daemon.8; utility has been
240 updated to allow redirecting &man.stdout.4; and &man.stderr.4;
241 output to &man.syslog.3; or to a file.</para>
243 <para revision="318576" contrib="sponsor" sponsor="&ff;">The
244 &man.efivar.8; utility has been added, providing an interface
245 to manage <acronym>UEFI</acronym> variables.</para>
247 <para revision="319388">The &man.cxgbetool.8; utility has been
248 added, providing command-line access to features and debugging
249 facilities of &man.cxgbe.4; devices.</para>
252 <sect2 xml:id="userland-contrib">
253 <title>Contributed Software</title>
255 <para revision="305837">&man.readelf.1; has been updated to
256 report &arch.arm; program and section header types.</para>
258 <para revision="305844" contrib="sponsor" sponsor="&ff;">The
259 <acronym>ELF</acronym> Tool Chain has been updated to upstream
260 revision r3490.</para>
262 <para revision="307631">&man.groff.1; has been updated to use
263 the changelog date rather than file modification date in
264 manual pages for build reproducibility.</para>
267 <para>&man.groff.1; is planned to be deprecated effective &os;
271 <para revision="307729">&man.unbound.8; has been updated to
272 version 1.5.10.</para>
274 <para revision="309125">&man.strings.1; has been updated to fix
275 the exit status when multiple files are provided as arguments,
276 and an error is encountered before the last file.</para>
278 <para revision="309183" contrib="sponsor"
279 sponsor="&ff;">&man.makewhatis.1; has been updated to produce
280 build-reproducible output.</para>
282 <para revision="309511"><application>Subversion</application>
283 has been updated to version 1.9.5.</para>
285 <para revision="309847">&man.file.1; has been updated to version
288 <para revision="310490">The &man.amd.8; utility has been updated
289 to version 6.2.</para>
291 <para revision="312336">The <acronym>CLDR</acronym> locales have
292 been updated to version 30.0.3. The unicode locales have been
293 updated to version 9.0.0.</para>
295 <para revision="312517">&man.xz.1; has been updated to version
298 <para revision="313537">&man.tcpdump.1; has been updated to
299 version 4.9.0.</para>
301 <para revision="313795">&man.zlib.3; has been updated to version
304 <para revision="313980"><application>openresolv</application>
305 has been updated to version 3.9.0.</para>
307 <para revision="313680">The NetBSD test suite has been updated
308 to the 01.11.2017_23.20 snapshot.</para>
310 <para revision="314278"><literal>libucl</literal> has been
311 updated to version 20170219.</para>
313 <para revision="315432">&man.libarchive.3; has been updated to
314 version 3.3.1.</para>
316 <para revision="315995">&man.dma.8; has been updated to the
317 2017-02-10 snapshot.</para>
319 <para revision="316068">&man.ntpd.8; has been updated to version
322 <para revision="316303"><application>ACPICA</application> has
323 been updated to version 20170303.</para>
325 <para revision="316349">Timezone data files have been updated to
326 version 2017b.</para>
328 <para revision="316420">&man.mandoc.1; has been updated to
331 <para revision="316423"><application>Clang</application> has
332 been updated to version 4.0.0.</para>
334 <para revision="316423"><application>LLVM</application> has
335 been updated to version 4.0.0.</para>
337 <para revision="316423"><application>LLD</application> has
338 been updated to version 4.0.0.</para>
340 <para revision="316423"><application>LLDB</application> has
341 been updated to version 4.0.0.</para>
343 <para revision="316423"><application>compiler-rt</application>
344 has been updated to version 4.0.0.</para>
346 <para revision="316423"><application>libc++</application> has
347 been updated to version 4.0.0.</para>
349 <para revision="316957">&man.tcsh.1; has been updated to version
352 <para revision="318239" contrib="sponsor"
353 sponsor="&ff;">&man.blacklistd.8; has been updated to the
354 20170503 snapshot.</para>
356 <para revision="318402" contrib="sponsor"
357 sponsor="&ff;">&man.blacklistd.8; support for
358 <application>OpenSSH</application> has been refined to adjust
359 notification points to catch all authentication failures
360 rather than only those caused by invalid login
363 <para revision="319349">&man.byacc.1; has been updated to
364 version 20170201.</para>
366 <para revision="319884"><application>bmake</application> has
367 been updated to version 20170510.</para>
370 <sect2 xml:id="userland-installer">
371 <title>Installation and Configuration Tools</title>
373 <para revision="311686">The installer, &man.bsdinstall.8;, has
374 been updated to include support for hidden wireless networks
375 when configuring the &man.wlan.4; interface.</para>
378 <sect2 xml:id="userland-rc">
379 <title><filename class="directory">/etc/rc.d</filename>
382 <para revision="310009" contrib="sponsor"
383 sponsor="&fisglobal;">The <literal>jail_confwarn</literal>
384 &man.rc.conf.5; entry has been added, which suppresses
385 warnings about obsolete per-&man.jail.8;
386 configurations.</para>
389 <sect2 xml:id="userland-periodic">
390 <title><filename class="directory">/etc/periodic</filename>
393 <para revision="317373">The default &man.periodic.conf.5; has
394 been updated to include the
395 <literal>anticongestion_sleeptime</literal> option,
396 consolidating random sleeps in &man.periodic.8; scripts and
397 replacing the <literal>daily_ntpd_avoid_congestion</literal>
398 option. The default value is 3600 seconds.</para>
400 <para revision="317857">The <filename>410.status-mfi</filename>
401 &man.periodic.8; script has been added to monitor the status
402 of &man.mfi.4; volumes.</para>
405 <sect2 xml:id="userland-libraries">
406 <title>Runtime Libraries and API</title>
408 <para revision="310372">The <literal>libmd</literal> library has
409 been updated to introduce functions that operate on &man.fd.4;
410 instead of <literal>filename</literal>.</para>
412 <para revision="316039">The &man.kvm.close.3; function has been
413 updated to return the accumulated error from previous
414 &man.close.2; calls.</para>
416 <para revision="316613">The C standard library has been updated
417 to make use of &man.reallocarray.3; for bounds
420 <para revision="317618" contrib="sponsor"
421 sponsor="&dellemc;">The <function>clock_nanosleep()</function>
422 system call has been added. The
423 <function>nanosleep()</function> system call is now a wrapper
424 around <function>clock_nanosleep()</function>.</para>
426 <para revision="318121">The system libraries have been updated
427 to make use of &man.reallocarray.3; for bounds
431 <sect2 xml:id="userland-abi">
432 <title>ABI Compatibility</title>
434 <para revision="309258">The type <literal>max_align_t</literal>
435 is now defined for C11 compliance.</para>
437 <para revision="315274" contrib="sponsor"
438 sponsor="&dellemc;">The
439 <function>sem_clockwait_np()</function> library function has
440 been added, which allows the caller to specify the reference
441 clock and choose between absolute and relative mode.</para>
443 <para revision="315282">The <application>clang</application>
444 <literal>nullability</literal> qualifiers have been added to
445 the <literal>C</literal> library headers.</para>
447 <para revision="315282">Uses of the <acronym>GNU</acronym>
448 <literal>__nonnull__</literal> attribute have been replaced
449 with the more benign <application>Clang</application>
450 nullability attributes.</para>
453 <sect2 xml:id="userland-debug">
454 <title>Userland Debugging</title>
456 <para revision="304499">&man.ptrace.2; now supports events for
457 &man.vfork.2;, permitting reliable debugging across
458 &man.vfork.2; invocations.</para>
460 <para revision="306786">Process core dumps now include the
461 process ID (<acronym>PID</acronym>) and command line
466 <sect1 xml:id="kernel">
467 <title>Kernel</title>
469 <para>This section covers changes to kernel configurations, system
470 tuning, and system control parameters that are not otherwise
473 <sect2 xml:id="kernel-general">
474 <title>General Kernel Changes</title>
476 <para revision="305514">The &man.getdtablesize.2; system call is
477 now permitted in capability mode.</para>
479 <para revision="305516">The <literal>kern.proc.nfds</literal>
480 &man.sysctl.8; is now permitted in capability mode.</para>
482 <para revision="312249">The
483 <filename>sys/conf/newvers.sh</filename> script has been
484 updated with an option to exclude build-specific metadata from
485 the kernel for build reproducibility.</para>
488 <sect2 xml:id="kernel-bugfix">
489 <title>Kernel Bug Fixes</title>
491 <para revision="317434">The &man.ipf.4; packet filter has been
492 updated to prevent <literal>keep state</literal> from
493 incorrectly implying <literal>keep frags</literal>, matching
494 the behavior documented in &man.ipf.5;.</para>
497 <sect2 xml:id="kernel-config">
498 <title>Kernel Configuration</title>
500 <para revision="312730">The
501 <literal>WITH_REPRODUCIBLE_BUILD</literal> &man.src.conf.5;
502 knob has been added, which when set, excludes build-specific
503 metadata from the kernel, for build reproducibility.</para>
505 <para revision="315514" contrib="sponsor"
506 sponsor="&yandex;">Support for <acronym>NAT-T</acronym> is now
507 enabled by default. The <literal>IPSEC_NAT_T</literal> kernel
508 configuration option has been removed.</para>
510 <para revision="315514" contrib="sponsor" sponsor="&yandex;">The
511 <literal>IPSEC_FILTERTUNNEL</literal> kernel option has been
512 removed, which was deprecated by the
513 <literal>net.inet.ipsec.filtertunnel</literal> sysctl.</para>
515 <para revision="318763">The <literal>EARLY_AP_STARTUP</literal>
516 option has been enabled by default on &arch.amd64; and
517 &arch.i386; architectures, which when enabled releases
518 Application Processors (<acronym>AP</acronym>s) earlier in the
519 kernel startup process.</para>
522 <sect2 xml:id="kernel-modules">
523 <title>Kernel Modules</title>
525 <para revision="307144">&man.cloudabi.4; has been updated to
526 allow running 32-bit binaries within 64-bit userland
527 environments when the kernel configuration file has the
528 <literal>COMPAT_CLOUDABI32</literal> option present.</para>
530 <para revision="315514" contrib="sponsor" sponsor="&yandex;">The
531 <literal>ipsec</literal> and <literal>tcpmd5</literal> kernel
532 modules have been added.</para>
535 <para>Following the addition of the <literal>tcpmd5</literal>
536 module, it is now necessary to have a security association
537 (<acronym>SA</acronym>) entry for both inbound and outbound
541 <para revision="316274" contrib="sponsor" sponsor="&yandex;">The
542 &man.ipfw.4; packet filter has been updated to add support for
543 named dynamic states.</para>
545 <para revision="316444" contrib="sponsor" sponsor="&yandex;">The
546 <literal>ipfw_nptv6</literal> kernel module has been added,
547 implementing Network Prefix Translation for
548 <acronym>IPv6</acronym> as defined in <acronym>RFC</acronym>
551 <para revision="316446" contrib="sponsor" sponsor="&yandex;">The
552 <literal>ipfw_nat64</literal> kernel module has been added,
553 implementing stateless and stateful
554 <acronym>NAT64</acronym>.</para>
556 <para revision="316660" contrib="sponsor" sponsor="&ff;">The
557 &man.cfumass.4; device has been added, providing a storage
558 frontend to <acronym>USB</acronym>
559 <acronym>OTG</acronym>-capable hardware.</para>
561 <para revision="317045" contrib="sponsor" sponsor="&yandex;">The
562 <literal>ipfw_pmod</literal> kernel module has been added,
563 designed for modifying packets of any protocol.</para>
566 <para>At present, only <acronym>TCP</acronym>
567 <acronym>MSS</acronym> modification is implemented.</para>
571 <sect2 xml:id="kernel-sysctl">
572 <title>System Tuning and Controls</title>
574 <para revision="315539">The
575 <literal>vfs.root_mount_always_wait</literal> tunable has been
576 added, which forces the kernel to wait for root mount holds
577 even if the root device is already present.</para>
579 <para revision="316120" contrib="sponsor"
580 sponsor="&dellemc;">When the system real time clock
581 (<acronym>RTC</acronym>) is adjusted, such as by
582 <function>clock_settime()</function>, sleeping threads are now
583 awakened and absolute sleep times are reevaluated based on the
584 new value of the RTC.</para>
588 <sect1 xml:id="drivers">
589 <title>Devices and Drivers</title>
591 <para>This section covers changes and additions to devices and
592 device drivers since &release.prev;.</para>
594 <sect2 xml:id="drivers-device">
595 <title>Device Drivers</title>
597 <para revision="307768">The &man.jedec.ts.4; driver has been
598 added, providing support for thermal sensors on memory
599 modules. The driver currently supports chips that are fully
600 compliant with the <acronym>JEDEC</acronym>
601 <acronym>JC</acronym> 42.4 specification.</para>
603 <para revision="308104">The &man.chromebook.platform.4; driver
604 has been added, providing support for various Chromebook
607 <para revision="308942">The &man.bytgpio.4; driver has been
608 added, providing support for Intel® Bay Trail™
609 SoC GPIO controllers.</para>
611 <para revision="312394"><filename>/dev/kmem</filename> no longer
612 supports access via <function>mmap()</function>. Consumers
613 wishing to use <filename>/dev/kmem</filename> must use
614 <function>read()</function> and
615 <function>write()</function>.</para>
617 <para revision="306533" contrib="sponsor"
618 sponsor="&chelsio;">&man.devctl.8; now supports a "clear
619 driver" command as a complement to "set
623 <sect2 xml:id="drivers-storage">
624 <title>Storage Drivers</title>
626 <para revision="319435">The &man.mpr.4; driver has been updated
628 (<acronym>SAS</acronym>/<acronym>SATA</acronym>/<acronym>PCIe</acronym>)
629 Broadcom® storage adapters.</para>
632 <sect2 xml:id="drivers-network">
633 <title>Network Drivers</title>
635 <para revision="306660" contrib="sponsor"
636 sponsor="&chelsio;">The &man.cxgbe.4; driver has been updated
637 to provide support for Virtual Function devices
638 (<acronym>VFs</acronym>) on Chelsio T4 and T5 adapters.</para>
640 <para revision="306661" contrib="sponsor"
641 sponsor="&chelsio;">TCP connections using the TCP Offload
642 Engine (<acronym>TOE</acronym>) on Chelsio T4+ adapters can
643 now perform zero-copy sends via
644 <function>aio_write()</function>.</para>
646 <para revision="306664" contrib="sponsor"
647 sponsor="&chelsio;">The &man.cxgbev.4; driver has been added,
648 providing support for Virtual Function devices
649 (<acronym>VFs</acronym>) on Chelsio T4 and T5 adapters.</para>
651 <para revision="309377" contrib="sponsor"
652 sponsor="&broadcom;">The &man.bnxt.4; driver has been added,
653 providing support for Broadcom® NetXtreme-C™ and
654 NetXtreme-E™ devices.</para>
656 <para revision="309560" contrib="sponsor"
657 sponsor="&chelsio;">The &man.cxgbe.4; driver now supports
658 devices using T6-based adapters which support 10, 25, 40, and
661 <para revision="309560" contrib="sponsor"
662 sponsor="&chelsio;">The &man.cxgbe.4; driver has been updated
663 to provide support for Virtual Function devices
664 (<acronym>VFs</acronym>) on Chelsio T6 adapters.</para>
666 <para revision="309560" contrib="sponsor"
667 sponsor="&chelsio;">The &man.cxgbev.4; driver has been updated
668 to provide support for Virtual Function devices
669 (<acronym>VFs</acronym>) on Chelsio T6 adapters.</para>
671 <para revision="310852" contrib="sponsor"
672 sponsor="&netgate;">The &man.miibus.4; driver has been updated
673 to support Microchip/Micrel KSZ9031 Gigabit ethernet
676 <para revision="312358">The &man.alc.4; driver has been updated
677 to provide support for Atheros® Killer E2400™
678 Gigabit ethernet cards.</para>
680 <para revision="314005" contrib="sponsor" sponsor="&ms;">The
681 &man.alc.4; driver has been updated to provide support for
682 Atheros® Killer E2500™ Gigabit ethernet
685 <para revision="315330" contrib="sponsor"
686 sponsor="&netgate;">The &man.etherswitch.4; driver has been
687 updated to support RTL8366RB and RTL8366SR cards.</para>
689 <para revision="315514" contrib="sponsor" sponsor="&yandex;">The
690 &man.if.ipsec.4; virtual tunneling interface has been added,
691 implementing route-based <acronym>VPN</acronym>s protected
692 with Encapsulating Security Payload
693 (<acronym>ESP</acronym>).</para>
695 <para revision="317116">The &man.qlnxe.4; driver has been added,
696 providing support for Cavium® Qlogic™ 45000 Series
699 <para revision="317182">The &man.qlxgbe.4; firmware has been
700 updated to version 5.4.64.</para>
702 <para revision="318357" contrib="sponsor"
703 sponsor="&intelcorp;">The &man.ixl.4; driver has been updated
704 to version 1.7.12-k.</para>
706 <para revision="319269" contrib="sponsor"
707 sponsor="&chelsio;">The &man.cxgbe.4; driver has been updated
708 to firmware version 1.16.45.0 for T4, T5, and T6 cards.</para>
712 <sect1 xml:id="hardware">
713 <title>Hardware Support</title>
715 <para>This section covers general hardware support for physical
716 machines, hypervisors, and virtualization environments, as well
717 as hardware changes and updates that do not otherwise fit in
718 other sections of this document.</para>
720 <sect2 xml:id="hardware-support">
721 <title>Hardware Support</title>
723 <para revision="307576">The &man.atkbdc.4; driver has been
724 updated to provide support for Elantech® trackpads. To
725 enable hardware support, add
726 <literal>hw.psm.elantech_support=1</literal> to
727 &man.loader.conf.5;.</para>
730 <sect2 xml:id="hardware-virtualization">
731 <title>Virtualization Support</title>
733 <para revision="306471" contrib="sponsor"
734 sponsor="&chelsio;"><acronym>PCI</acronym> passthrough with
735 &man.bhyve.4; supports more dynamic configurations permitting
736 devices to be marked for passthrough or host use at
739 <para revision="306520" contrib="sponsor"
740 sponsor="&chelsio;"><acronym>PCI</acronym> passthrough with
741 &man.bhyve.4; resets functions via <acronym>FLR</acronym> when
742 a virtual machine is started and stopped.</para>
744 <para revision="309312" contrib="sponsor"
745 sponsor="&ms;"><acronym>PCI</acronym> passthrough support has
746 been enabled on &os; virtual machines running on
747 Microsoft® Hyper-V™.</para>
749 <para revision="314091" contrib="sponsor" sponsor="&ms;">The
750 &man.hv.netvsc.4; driver <acronym>SR-IOV</acronym>
751 implementation has been updated to support Virtual Function
752 (<acronym>VF</acronym>) devices, such as the Mellanox®
753 Connect-X3™ network card.</para>
755 <para revision="316272" contrib="sponsor" sponsor="&ms;">Support
756 for Microsoft® Hyper-V™ Generation 2 virtual
757 machines has been added.</para>
759 <para revision="317119" contrib="sponsor" sponsor="&ms;">Support
760 for synthetic keyboards has been added for virtual machines
761 running on Microsoft® Hyper-V™.</para>
763 <para revision="312790">The &os; virtual machines provided on
764 Amazon® EC2™ now enable <acronym>IPv6</acronym> by
768 <sect2 xml:id="hardware-arm">
769 <title>ARM Support</title>
771 <para revision="305436">Support for the Allwinner A13 board has
776 <sect1 xml:id="storage">
777 <title>Storage</title>
779 <para>This section covers changes and additions to file systems
780 and other storage subsystems, both local and networked.</para>
782 <sect2 xml:id="storage-general">
783 <title>General Storage</title>
788 <sect2 xml:id="storage-net">
789 <title>Networked Storage</title>
791 <para revision="318660">The <acronym>NFS</acronym> client now
792 properly handles <literal>NFS4ERR_BAD_SESSION</literal> errors
793 received from an <acronym>NFS</acronym> server. Additionally,
794 the kernel <acronym>RPC</acronym> client has been updated to
795 prevent creating new <acronym>TCP</acronym> connections when
796 <literal>ERESTART</literal> is received from
797 &man.sosend.9;.</para>
799 <para revision="318660">The <acronym>NFS</acronym> client now
800 supports the Amazon® Elastic File System™
801 (<acronym>EFS</acronym>).</para>
804 <sect2 xml:id="storage-zfs">
807 <para revision="318785">The
808 <literal>vfs.zfs.debug_flags</literal> &man.sysctl.8; has been
809 deprecated in favor of
810 <literal>vfs.zfs.debugflags</literal>. Additionally,
811 <literal>vfs.zfs.debugflags</literal> can now be configured in
812 &man.loader.conf.5;, whereas
813 <literal>vfs.zfs.debug_flags</literal> could not.</para>
816 <sect2 xml:id="storage-geom">
817 <title><literal>geom(4)</literal></title>
823 <sect1 xml:id="boot">
824 <title>Boot Loader Changes</title>
826 <para>This section covers the boot loader, boot menu, and other
827 boot-related changes.</para>
829 <sect2 xml:id="boot-loader">
830 <title>Boot Loader Changes</title>
832 <para revision="305845" contrib="sponsor" sponsor="&ff;">The
833 <acronym>UEFI</acronym> boot loader has been updated for build
834 reproducibility.</para>
836 <para revision="307632" contrib="sponsor" sponsor="&gandi;">The
837 <acronym>EFI</acronym> loader has been updated to support
838 <acronym>TFTPFS</acronym>, providing netboot support without
839 requiring an <acronym>NFS</acronym> server.</para>
841 <para revision="320088" contrib="sponsor" sponsor="&ff;">The
842 default <acronym>EFI</acronym> partition created by
843 &man.bsdinstall.8; has been increased from 800kb to
847 <sect2 xml:id="boot-menu">
848 <title>Boot Menu Changes</title>
854 <sect1 xml:id="network">
855 <title>Networking</title>
857 <para>This section describes changes that affect networking in
860 <sect2 xml:id="network-general">
861 <title>General Network Changes</title>
863 <para revision="311681" contrib="sponsor" sponsor="&yandex;">The
864 network stack has been updated to include
865 <function>ip6_tryforward()</function>, providing performance
866 benefits as result of a reduced number of checks.</para>
868 <para revision="313523" contrib="sponsor"
869 sponsor="&dellemc;">The network stack has been modified to fix
870 incorrect or invalid <acronym>IP</acronym> addresses if
871 multiple threads emit a <acronym>UDP</acronym>
872 <literal>log_in_vain</literal> message concurrently.</para>
874 <para revision="317386" contrib="sponsor"
875 sponsor="&multiplay;">The <acronym>TCP</acronym> stack has
876 been changed to use the estimated <acronym>RTT</acronym>
877 instead of timestamps for receive buffer auto resizing.</para>
880 <sect2 xml:id="network-protocols">
881 <title>Network Protocols</title>
883 <para revision="309337" contrib="sponsor"
884 sponsor="&dellemc;">Support for <acronym>GARP</acronym>
885 (gratuitous <acronym>ARP</acronym>) retransmit has been added.
886 A new &man.sysctl.8;,
887 <literal>net.link.ether.inet.garp_rexmit_count</literal>, has
888 been added, which sets the maximum number of retransmissions
889 when set to a non-zero value.</para>
891 <para revision="315514" contrib="sponsor"
892 sponsor="&yandex;">Support for the
893 <literal>UDP_ENCAP_ESPINUDP_NON_IKE</literal> encapsulation
894 type has been removed.</para>
898 <sect1 xml:id="ports">
899 <title>Ports Collection and Package Infrastructure</title>
901 <para>This section covers changes to the &os; Ports
902 Collection, package infrastructure, and package maintenance and
903 installation tools.</para>
905 <sect2 xml:id="ports-infrastructure">
906 <title>Infrastructure Changes</title>
911 <sect2 xml:id="ports-packages ">
912 <title>Packaging Changes</title>
919 <title>Documentation</title>
921 <para>This section covers changes to the &os; Documentation
922 Project sources and toolchain.</para>
924 <sect2 xml:id="doc-sources">
925 <title>Documentation Source Changes</title>
930 <sect2 xml:id="doc-toolchain">
931 <title>Documentation Toolchain Changes</title>
937 <sect1 xml:id="releng">
938 <title>Release Engineering and Integration</title>
940 <para>This section convers changes that are specific to the
941 &os; Release Engineering processes.</para>
943 <sect2 xml:id="releng-changes">
944 <title>Integration Changes</title>