1 <?xml version="1.0" encoding="iso-8859-1"?>
2 <!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook XML V5.0-Based Extension//EN"
3 "../../../share/xml/freebsd50.dtd" [
4 <!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN" "release.ent">
6 <!ENTITY % sponsor PUBLIC "-//FreeBSD//ENTITIES Sponsor Specification//EN" "sponsor.ent">
8 <!ENTITY % vendor PUBLIC "-//FreeBSD//ENTITIES Vendor Specification//EN" "vendor.ent">
10 <!ENTITY security SYSTEM "../../share/xml/security.xml">
11 <!ENTITY errata SYSTEM "../../share/xml/errata.xml">
13 <article xmlns="http://docbook.org/ns/docbook"
14 xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0">
17 <title>&os; &release.current; Release Notes</title>
20 <orgname>The &os; Project</orgname>
23 <pubdate>$FreeBSD$</pubdate>
25 <!-- Last rev: 288943 -->
29 <holder role="mailto:doc@FreeBSD.org">The &os; Documentation
33 <legalnotice xml:id="trademarks" role="trademarks">
43 <para>The release notes for &os; &release.current; contain
44 a summary of the changes made to the &os; base system on the
45 &release.branch; development line. This document lists
46 applicable security advisories that were issued since the last
47 release, as well as significant changes to the &os; kernel and
48 userland. Some brief remarks on upgrading are also
53 <sect1 xml:id="intro">
54 <title>Introduction</title>
56 <para>This document contains the release notes for &os;
57 &release.current;. It describes recently added, changed, or
58 deleted features of &os;. It also provides some notes on
59 upgrading from previous versions of &os;.</para>
61 <para releasetype="current">The &release.type; distribution to
62 which these release notes apply represents the latest point
63 along the &release.branch; development branch since
64 &release.branch; was created. Information regarding pre-built,
65 binary &release.type; distributions along this branch can be
67 xlink:href="&release.url;">&release.url;</uri>.</para>
69 <para releasetype="snapshot">The &release.type; distribution to
70 which these release notes apply represents a point along the
71 &release.branch; development branch between &release.prev; and
72 the future &release.next;. Information regarding pre-built,
73 binary &release.type; distributions along this branch can be
75 xlink:href="&release.url;">&release.url;</uri>.</para>
77 <para releasetype="release">This distribution of &os;
78 &release.current; is a &release.type; distribution. It can be
79 found at <uri xlink:href="&release.url;">&release.url;</uri> or
80 any of its mirrors. More information on obtaining this (or
81 other) &release.type; distributions of &os; can be found in the
83 xlink:href="&url.books.handbook;/mirrors.html"><quote>Obtaining
84 &os;</quote> appendix</link> to the <link
85 xlink:href="&url.books.handbook;/">&os;
86 Handbook</link>.</para>
88 <para>All users are encouraged to consult the release errata
89 before installing &os;. The errata document is updated with
90 <quote>late-breaking</quote> information discovered late in the
91 release cycle or after the release. Typically, it contains
92 information on known bugs, security advisories, and corrections
93 to documentation. An up-to-date copy of the errata for &os;
94 &release.current; can be found on the &os; Web site.</para>
96 <para>This document describes the most user-visible new or changed
97 features in &os; since &release.prev;. In general, changes
98 described here are unique to the &release.branch; branch unless
99 specifically marked as &merged; features.</para>
101 <para>Typical release note items document recent security
102 advisories issued after &release.prev;, new drivers or hardware
103 support, new commands or options, major bug fixes, or
104 contributed software upgrades. They may also list changes to
105 major ports/packages or release engineering practices. Clearly
106 the release notes cannot list every single change made to &os;
107 between releases; this document focuses primarily on security
108 advisories, user-visible changes, and major architectural
112 <sect1 xml:id="upgrade">
113 <title>Upgrading from Previous Releases of &os;</title>
115 <para arch="amd64,i386">Binary upgrades between RELEASE versions
116 (and snapshots of the various security branches) are supported
117 using the &man.freebsd-update.8; utility. The binary upgrade
118 procedure will update unmodified userland utilities, as well as
119 unmodified GENERIC kernels distributed as a part of an official
120 &os; release. The &man.freebsd-update.8; utility requires that
121 the host being upgraded have Internet connectivity.</para>
123 <para>Source-based upgrades (those based on recompiling the &os;
124 base system from source code) from previous versions are
125 supported, according to the instructions in
126 <filename>/usr/src/UPDATING</filename>.</para>
129 <para>Upgrading &os; should only be attempted after backing up
130 <emphasis>all</emphasis> data and configuration files.</para>
134 <sect1 xml:id="security-errata">
135 <title>Security and Errata</title>
137 <para>This section lists the various Security Advisories and
138 Errata Notices since &release.prev;.</para>
140 <sect2 xml:id="security">
141 <title>Security Advisories</title>
146 <sect2 xml:id="errata">
147 <title>Errata Notices</title>
153 <sect1 xml:id="userland">
154 <title>Userland</title>
156 <para>This section covers changes and additions to userland
157 applications, contributed software, and system utilities.</para>
159 <sect2 xml:id="userland-config">
160 <title>Userland Configuration Changes</title>
162 <para revision="313203">The &man.inetd.8; utility can now be
163 built without <literal>libwrap</literal> support when
164 <literal>WITHOUT_TCP_WRAPPERS</literal> is set in
165 &man.src.conf.5;.</para>
167 <para revision="316045">The &man.libthr.3; library and related
168 files are now evaluated and removed by the
169 <literal>delete-old-libs</literal> target when upgrading the
170 system if <literal>WITHOUT_LIBTHR</literal> is
171 set in &man.src.conf.5;.</para>
173 <para revision="316423" contrib="sponsor" sponsor="&ff;">The
174 <literal>WITH_LLD_AS_LD</literal> build knob has been added,
175 which installs <application>LLD</application> as
176 <filename>/usr/bin/ld</filename> if set.</para>
179 <sect2 xml:id="userland-programs">
180 <title>Userland Application Changes</title>
182 <para revision="308720" contrib="sponsor" sponsor="&gandi;">The
183 &man.cron.8; utility has been updated to add support for
184 including files within <filename
185 class="directory">/etc/cron.d</filename> and <filename
186 class="directory">/usr/local/etc/cron.d</filename> by
189 <para revision="308721" contrib="sponsor" sponsor="&gandi;">The
190 &man.syslogd.8; utility has been updated to add the
191 <literal>include</literal> keyword which allows specifying
192 a directory containing configuration files to be included in
193 addition to &man.syslog.conf.5;. The default
194 &man.syslog.conf.5; has been updated to include <filename
195 class="directory">/etc/syslog.d</filename> and <filename
196 class="directory">/usr/local/etc/syslog.d</filename> by
199 <para revision="308914">The &man.zfsbootcfg.8; utility has been
200 added, providing one-time &man.nextboot.8; options for
201 &man.zfsboot.8;.</para>
203 <para revision="315514" contrib="sponsor" sponsor="&yandex;">The
204 &man.setkey.8; utility has been modified to show the runtime
205 <acronym>NAT-T</acronym> configuration. The
206 <literal>-g</literal> and <literal>-t</literal> flags have
207 been added, which list only global and virtual policies,
208 respectively when used with the <literal>-D</literal> and
209 <literal>-P</literal> flags.</para>
211 <para revision="316098" contrib="sponsor"
212 sponsor="&dellemc;">The &man.getaddrinfo.1; utility has been
213 added, ported from NetBSD.</para>
215 <para revision="316944" contrib="sponsor"
216 sponsor="&multiplay;">The &man.jail.8; utility has been
217 updated to allow explicitly-assigned <acronym>IPv4</acronym>
218 and <acronym>IPv6</acronym> addresses to be used within
221 <para revision="317855">The &man.daemon.8; utility has been
222 updated to allow redirecting &man.stdout.4; and &man.stderr.4;
223 output to &man.syslog.3; and to a file.</para>
226 <sect2 xml:id="userland-contrib">
227 <title>Contributed Software</title>
229 <para revision="307729">&man.unbound.8; has been updated to
230 version 1.5.10.</para>
232 <para revision="309511"><application>Subversion</application>
233 has been updated to version 1.9.5.</para>
235 <para revision="309847">&man.file.1; has been updated to version
238 <para revision="310490">The &man.amd.8; utility has been updated
239 to version 6.2.</para>
241 <para revision="312336">The <acronym>CLDR</acronym> locales have
242 been updated to version 30.0.3. The unicode locales have been
243 updated to version 9.0.0.</para>
245 <para revision="312517">&man.xz.1; has been updated to version
248 <para revision="313537">&man.tcpdump.1; has been updated to
249 version 4.9.0.</para>
251 <para revision="313795">&man.zlib.3; has been updated to version
254 <para revision="313980"><application>openresolv</application>
255 has been updated to version 3.9.0.</para>
257 <para revision="313680">The NetBSD test suite has been updated
258 to the 01.11.2017_23.20 snapshot.</para>
260 <para revision="314278"><literal>libucl</literal> has been
261 updated to version 20170219.</para>
263 <para revision="315432">&man.libarchive.3; has been updated to
264 version 3.3.1.</para>
266 <para revision="315995">&man.dma.8; has been updated to the
267 2017-02-10 snapshot.</para>
269 <para revision="316068">&man.ntpd.8; has been updated to version
272 <para revision="316303"><application>ACPICA</application> has
273 been updated to version 20170303.</para>
275 <para revision="316349">Timezone data files have been updated to
276 version 2017b.</para>
278 <para revision="316420">&man.mandoc.1; has been updated to
281 <para revision="316423"><application>Clang</application> has
282 been updated to version 4.0.0.</para>
284 <para revision="316423"><application>LLVM</application> has
285 been updated to version 4.0.0.</para>
287 <para revision="316423"><application>LLD</application> has
288 been updated to version 4.0.0.</para>
290 <para revision="316423"><application>LLDB</application> has
291 been updated to version 4.0.0.</para>
293 <para revision="316423"><application>compiler-rt</application>
294 has been updated to version 4.0.0.</para>
296 <para revision="316423"><application>libc++</application> has
297 been updated to version 4.0.0.</para>
299 <para revision="316957">&man.tcsh.1; has been updated to version
302 <para revision="318239" contrib="sponsor"
303 sponsor="&ff;">&man.blacklistd.8; has been updated to the
304 20170503 snapshot.</para>
306 <para revision="318402" contrib="sponsor"
307 sponsor="&ff;">&man.blacklistd.8; support for
308 <application>OpenSSH</application> has been refined to adjust
309 notification points to catch all authentication failures
310 rather than authentication failures caused by invalid
311 login usernames.</para>
314 <sect2 xml:id="userland-installer">
315 <title>Installation and Configuration Tools</title>
320 <sect2 xml:id="userland-rc">
321 <title><filename class="directory">/etc/rc.d</filename>
324 <para revision="310009" contrib="sponsor"
325 sponsor="&fisglobal;">The <literal>jail_confwarn</literal>
326 &man.rc.conf.5; entry has been added, which suppresses warning
327 about obsolete per-&man.jail.8; configurations.</para>
330 <sect2 xml:id="userland-periodic">
331 <title><filename class="directory">/etc/periodic</filename>
334 <para revision="317857">The <filename>410.status-mfi</filename>
335 &man.periodic.8; script has been added to monitor the status
336 of &man.mfi.4; volumes.</para>
339 <sect2 xml:id="userland-libraries">
340 <title>Runtime Libraries and API</title>
342 <para revision="317618" contrib="sponsor"
343 sponsor="&dellemc;">The <function>clock_nanosleep()</function>
344 system call has been added. The
345 <function>nanosleep()</function> system call is now a wrapper
346 around <function>clock_nanosleep()</function>.</para>
349 <sect2 xml:id="userland-abi">
350 <title>ABI Compatibility</title>
352 <para revision="315274" contrib="sponsor"
353 sponsor="&dellemc;">The
354 <function>sem_clockwait_np()</function> library function has
355 been added, which allows the caller to specify the reference
356 clock and choose between absolute and relative mode.</para>
358 <para revision="315282">The <application>clang</application>
359 <literal>nullability</literal> attribute has been added to the
360 <literal>C</literal> library headers.</para>
364 <sect1 xml:id="kernel">
365 <title>Kernel</title>
367 <para>This section covers changes to kernel configurations, system
368 tuning, and system control parameters that are not otherwise
371 <sect2 xml:id="kernel-bugfix">
372 <title>Kernel Bug Fixes</title>
374 <para revision="316039">The &man.kvm.close.3; function has been
375 updated to return the accumulated error from previous
376 &man.close.2; calls.</para>
378 <para revision="317434">The &man.ipf.4; packet filter has been
379 updated to prevent "keep state" from incorrectly
380 implying "keep frags", matching the behavior
381 documented in &man.ipf.5;.</para>
384 <sect2 xml:id="kernel-config">
385 <title>Kernel Configuration</title>
387 <para revision="315514" contrib="sponsor" sponsor="&yandex;">The
388 <literal>IPSEC_NAT_T</literal> kernel configuration option has
389 been removed. Support for <acronym>NAT-T</acronym> is now
390 enabled by default.</para>
392 <para revision="315514" contrib="sponsor" sponsor="&yandex;">The
393 <literal>IPSEC_FILTERTUNNEL</literal> kernel option has been
394 removed, which was deprecated by the
395 <literal>net.inet.ipsec.filtertunnel</literal> sysctl.</para>
398 <sect2 xml:id="kernel-modules">
399 <title>Kernel Modules</title>
401 <para revision="315514" contrib="sponsor" sponsor="&yandex;">The
402 <literal>ipsec</literal> and <literal>tcpmd5</literal> kernel
403 modules have been added.</para>
405 <para revision="316274" contrib="sponsor" sponsor="&yandex;">The
406 &man.ipfw.4; packet filter has been updated to add support for
407 named dynamic states.</para>
409 <para revision="316444" contrib="sponsor" sponsor="&yandex;">The
410 <literal>ipfw_nptv6</literal> kernel module has been added,
411 implementing Network Prefix Translation for
412 <acronym>IPv6</acronym> as defined in <acronym>RFC</acronym>
415 <para revision="316446" contrib="sponsor" sponsor="&yandex;">The
416 <literal>ipfw_nat64</literal> kernel module has been added,
417 implementing stateless and stateful
418 <acronym>NAT64</acronym>.</para>
420 <para revision="316660" contrib="sponsor" sponsor="&ff;">The
421 &man.cfumass.4; device has been added, providing a storage
422 frontend to <acronym>USB</acronym>
423 <acronym>OTG</acronym>-capable hardware.</para>
425 <para revision="317045" contrib="sponsor" sponsor="&yandex;">The
426 <literal>ipfw_pmod</literal> kernel module has been added,
427 designed for modifying packets of any protocol.</para>
430 <para>At present, only <acronym>TCP</acronym>
431 <acronym>MSS</acronym> modification is implemented.</para>
435 <sect2 xml:id="kernel-sysctl">
436 <title>System Tuning and Controls</title>
438 <para revision="315539">The
439 <literal>vfs.root_mount_always_wait</literal> tunable has been
440 added, which forces the kernel to wait for root mount holds
441 even if the root device is already present.</para>
443 <para revision="316120" contrib="sponsor"
444 sponsor="&dellemc;">When the system real time clock
445 (<acronym>RTC</acronym>) is adjusted, such as by
446 <function>clock_settime()</function>, sleeping threads are now
447 awakened and absolute sleep times are reevaluated based on the
448 new value of the RTC.</para>
452 <sect1 xml:id="drivers">
453 <title>Devices and Drivers</title>
455 <para>This section covers changes and additions to devices and
456 device drivers since &release.prev;.</para>
458 <sect2 xml:id="drivers-device">
459 <title>Device Drivers</title>
461 <para revision="307768">The &man.jedec.ts.4; driver has been
462 added, providing support for thermal sensors on memory
463 modules. The driver currently supports chips that are fully
464 compliant with the <acronym>JEDEC</acronym>
465 <acronym>JC</acronym> 42.4 specification.</para>
467 <para revision="308104">The &man.chromebook.platform.4; driver
468 has been added, providing support for various Chromebook
471 <para revision="308942">The &man.bytgpio.4; driver has been
472 added, providing support for Intel® Bay Trail™
473 SoC GPIO controllers.</para>
475 <para revision="318357" contrib="sponsor"
476 sponsor="&intelcorp;">The &man.ixl.4; driver has been updated
477 to version 1.7.12-k.</para>
480 <sect2 xml:id="drivers-storage">
481 <title>Storage Drivers</title>
486 <sect2 xml:id="drivers-network">
487 <title>Network Drivers</title>
489 <para revision="309377" contrib="sponsor"
490 sponsor="&broadcom;">The &man.bnxt.4; driver has been added,
491 providing support for Broadcom® NetXtreme-C™ and
492 NetXtreme-E™ devices.</para>
494 <para revision="311506" contrib="sponsor"
495 sponsor="&chelsio;">The &man.cxgbe.4; driver has been updated
496 to firmware version 1.16.26.0.</para>
498 <para revision="312358">The &man.alc.4; driver has been updated
499 to provide support for Atheros® Killer E2400™
500 Gigabit ethernet cards.</para>
502 <para revision="314005" contrib="sponsor" sponsor="&ms;">The
503 &man.alc.4; driver has been updated to provide support for
504 Atheros® Killer E2500™ Gigabit ethernet
507 <para revision="317116">The &man.qlnxe.4; driver has been added,
508 providing support for Cavium® Qlogic™ 45000 Series
511 <para revision="317182">The &man.qlxgbe.4; firmware has been
512 updated to version 5.4.64.</para>
516 <sect1 xml:id="hardware">
517 <title>Hardware Support</title>
519 <para>This section covers general hardware support for physical
520 machines, hypervisors, and virtualization environments, as well
521 as hardware changes and updates that do not otherwise fit in
522 other sections of this document.</para>
524 <sect2 xml:id="hardware-support">
525 <title>Hardware Support</title>
527 <para revision="307144">The &man.cloudabi.4; driver has been
528 updated to allow running 32-bit binaries within 64-bit
529 userland environments when the kernel configuration file has
530 the <literal>COMPAT_CLOUDABI32</literal> option
534 <sect2 xml:id="hardware-virtualization">
535 <title>Virtualization Support</title>
540 <sect2 xml:id="hardware-arm">
541 <title>ARM Support</title>
543 <para revision="305436">Support for the Allwinner A13 board has
548 <sect1 xml:id="storage">
549 <title>Storage</title>
551 <para>This section covers changes and additions to file systems
552 and other storage subsystems, both local and networked.</para>
554 <sect2 xml:id="storage-general">
555 <title>General Storage</title>
560 <sect2 xml:id="storage-net">
561 <title>Networked Storage</title>
566 <sect2 xml:id="storage-zfs">
572 <sect2 xml:id="storage-geom">
573 <title>&man.geom.4;</title>
579 <sect1 xml:id="boot">
580 <title>Boot Loader Changes</title>
582 <para>This section covers the boot loader, boot menu, and other
583 boot-related changes.</para>
585 <sect2 xml:id="boot-loader">
586 <title>Boot Loader Changes</title>
588 <para revision="307632" contrib="sponsor" sponsor="&gandi;">The
589 <acronym>EFI</acronym> loader has been updated to support
590 <acronym>TFTPFS</acronym>, providing netboot support without
591 requiring an <acronym>NFS</acronym> server.</para>
594 <sect2 xml:id="boot-menu">
595 <title>Boot Menu Changes</title>
601 <sect1 xml:id="network">
602 <title>Networking</title>
604 <para>This section describes changes that affect networking in
607 <sect2 xml:id="network-general">
608 <title>General Network Changes</title>
610 <para revision="311681" contrib="sponsor" sponsor="&yandex;">The
611 network stack has been updated to include
612 <function>ip6_tryforward()</function>, providing performance
613 benefits as result of a reduced number of checks.</para>
615 <para revision="313523" contrib="sponsor"
616 sponsor="&dellemc;">The network stack has been modified to fix
617 incorrect or invalid <acronym>IP</acronym> addresses if
618 multiple threads emit a <acronym>UDP</acronym>
619 <literal>log_in_vein</literal> message concurrently.</para>
621 <para revision="317386" contrib="sponsor"
622 sponsor="&multiplay;">The <acronym>TCP</acronym> stack has
623 been changed to use the estimated <acronym>RTT</acronym>
624 instead of timestamps for receive buffer auto resizing.</para>
627 <sect2 xml:id="network-protocols">
628 <title>Network Protocols</title>
630 <para revision="309337" contrib="sponsor"
631 sponsor="&dellemc;">Support for <acronym>GARP</acronym>
632 retransmit has been added. A new &man.sysctl.8;,
633 <literal>net.link.ether.inet.garp_rexmit_count</literal>, has
634 been added, which sets the maximum number of retransmissions
635 when set to a non-zero value.</para>
637 <para revision="315514" contrib="sponsor"
638 sponsor="&yandex;">Support for the
639 <literal>UDP_ENCAP_ESPINUDP_NON_IKE</literal> encapsulation
640 type has been removed.</para>
644 <sect1 xml:id="ports">
645 <title>Ports Collection and Package Infrastructure</title>
647 <para>This section covers changes to the &os; Ports
648 Collection, package infrastructure, and package maintenance and
649 installation tools.</para>
651 <sect2 xml:id="ports-infrastructure">
652 <title>Infrastructure Changes</title>
657 <sect2 xml:id="ports-packages ">
658 <title>Packaging Changes</title>
665 <title>Documentation</title>
667 <para>This section covers changes to the &os; Documentation
668 Project sources and toolchain.</para>
670 <sect2 xml:id="doc-sources">
671 <title>Documentation Source Changes</title>
676 <sect2 xml:id="doc-toolchain">
677 <title>Documentation Toolchain Changes</title>
683 <sect1 xml:id="releng">
684 <title>Release Engineering and Integration</title>
686 <para>This section convers changes that are specific to the
687 &os; Release Engineering processes.</para>
689 <sect2 xml:id="releng-changes">
690 <title>Integration Changes</title>