Bump copyright year.

[FreeBSD/stable/9.git] / release / doc / en_US.ISO8859-1 / relnotes / article.xml

<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook XML V5.0-Based Extension//EN"
        "../../../share/xml/freebsd50.dtd" [
<!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN" "release.ent">
 %release;
]>
<article xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0">
  <info><title>&os; &release.current; Release Notes</title>
    

    <author><orgname>The &os; Project</orgname></author>

    <pubdate>$FreeBSD$</pubdate>

    <copyright>
      <year>2014</year>
      <holder role="mailto:doc@FreeBSD.org">The &os; Documentation Project</holder>
    </copyright>

    <legalnotice xml:id="trademarks" role="trademarks">
      &tm-attrib.freebsd;
      &tm-attrib.ibm;
      &tm-attrib.ieee;
      &tm-attrib.intel;
      &tm-attrib.sparc;
      &tm-attrib.general;
    </legalnotice>

    <abstract>
      <para>The release notes for &os; &release.current; contain a summary
        of the changes made to the &os; base system on the
        &release.branch; development line.
        This document lists applicable security advisories that were issued since
        the last release, as well as significant changes to the &os;
        kernel and userland.
        Some brief remarks on upgrading are also presented.</para>
    </abstract>
  </info>

  <sect1 xml:id="intro">
    <title>Introduction</title>

    <para>This document contains the release notes for &os;
      &release.current;.  It describes recently added, changed, or
      deleted features of &os;.  It also provides some notes on
      upgrading from previous versions of &os;.</para>

    <para>This distribution of &os; &release.current; is a
      &release.type; distribution.  It can be found at <uri xlink:href="&release.url;">&release.url;</uri> or any of its mirrors.  More
      information on obtaining this (or other) &release.type;
      distributions of &os; can be found in the <link xlink:href="&url.books.handbook;/mirrors.html"><quote>Obtaining
      &os;</quote> appendix</link> to the <link xlink:href="&url.books.handbook;/">&os; Handbook</link>.</para>

    <para>All users are encouraged to consult the release errata before
      installing &os;.  The errata document is updated with
      <quote>late-breaking</quote> information discovered late in the
      release cycle or after the release.  Typically, it contains
      information on known bugs, security advisories, and corrections to
      documentation.  An up-to-date copy of the errata for &os;
      &release.current; can be found on the &os; Web site.</para>
  </sect1>

  <sect1 xml:id="new">
    <title>What's New</title>

    <para>This section describes the most user-visible new or changed
      features in &os; since &release.prev;.</para>

    <para>Typical release note items document recent security
      advisories issued after &release.prev;, new drivers or hardware
      support, new commands or options, major bug fixes, or
      contributed software upgrades.  They may also list changes to
      major ports/packages or release engineering practices.  Clearly
      the release notes cannot list every single change made to &os;
      between releases; this document focuses primarily on security
      advisories, user-visible changes, and major architectural
      improvements.</para>

    <sect2 xml:id="security">
      <title>Security Advisories</title>

      <para>Problems described in the following security advisories have
        been fixed.  For more information, consult the individual
        advisories available from
        <uri xlink:href="http://security.FreeBSD.org/">http://security.FreeBSD.org/</uri>.</para>

      <informaltable frame="none" pgwide="1">
        <tgroup cols="3">
          <colspec colwidth="1*"/>
          <colspec colwidth="1*"/>
          <colspec colwidth="3*"/>
          <thead>
            <row>
              <entry>Advisory</entry>
              <entry>Date</entry>
              <entry>Topic</entry>
            </row>
          </thead>

          <tbody>
            <row>
              <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-12:01.openssl.asc">SA-12:01.openssl</link></entry>
              <entry>3&nbsp;May&nbsp;2012</entry>
              <entry><para>OpenSSL multiple vulnerabilities</para></entry>
            </row>

            <row>
              <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-12:02.crypt.asc">SA-12:02.crypt</link></entry>
              <entry>30&nbsp;May&nbsp;2012</entry>
              <entry><para>Incorrect <function>crypt()</function> hashing</para></entry>
            </row>

            <row>
              <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-12:03.bind.asc">SA-12:03.bind</link></entry>
              <entry>12&nbsp;June&nbsp;2012</entry>
              <entry><para>Incorrect handling of zero-length RDATA fields in &man.named.8;</para></entry>
            </row>

            <row>
              <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-12:04.sysret.asc">SA-12:04.sysret</link></entry>
              <entry>12&nbsp;June&nbsp;2012</entry>
              <entry><para>Privilege escalation when returning from kernel</para></entry>
            </row>

            <row>
              <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-12:05.bind.asc">SA-12:05.bind</link></entry>
              <entry>6&nbsp;August&nbsp;2012</entry>
              <entry><para>&man.named.8; DNSSEC validation Denial of Service</para></entry>
            </row>

            <row>
              <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-12:06.bind.asc">SA-12:06.bind</link></entry>
              <entry>22&nbsp;November&nbsp;2012</entry>
              <entry><para>Multiple Denial of Service vulnerabilities with &man.named.8;</para></entry>
            </row>

            <row>
              <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-12:07.hostapd.asc">SA-12:07.hostapd</link></entry>
              <entry>22&nbsp;November&nbsp;2012</entry>
              <entry><para>Insufficient message length validation for EAP-TLS messages</para></entry>
            </row>

            <row>
              <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-12:08.linux.asc">SA-12:08.linux</link></entry>
              <entry>22&nbsp;November&nbsp;2012</entry>
              <entry><para>Linux compatibility layer input validation error</para></entry>
            </row>
          </tbody>
        </tgroup>
      </informaltable>
    </sect2>

    <sect2 xml:id="kernel">
      <title>Kernel Changes</title>

      <para revision="232728">The &os; Jail subsystem now supports
        mounting &man.devfs.5;, &man.nullfs.5;, and ZFS filesystem
        inside a jail.  New &man.jail.8; parameters
        <varname>allow.mount.devfs</varname>,
        <varname>allow.mount.nullfs</varname>, and
        <varname>allow.mount.zfs</varname> to control the per-jail
        capabilities have been added.  All of them are disabled by
        default.</para>

      <para revision="234167">A new &man.loader.8; tunable
        <varname>kern.eventtimer.activetick</varname> has been added.
        This tunable specifies whether each hardclock tick should
        be run on every active CPU or only one.  By setting it to
        <literal>0</literal>, the total number of interrupts can be reduced
        on SMP machines.  The default value is
        <literal>1</literal>.</para>

      <para revision="229723">The &man.posix.fadvise.2; system call
        has been implemented.  This is a function similar to
        &man.madvise.2; except that it operates on a file descriptor
        instead of a memory region.</para>

      <para revision="237795">The &man.filemon.4; pseudo-device has
        been added.  This allows a process to collect file operations
        data of its children.</para>

      <para revision="235413">The &man.sysctl.8; variable
        <varname>kern.stop_scheduler_on_panic</varname> is now set to
        <literal>1</literal> by default.</para>

      <para revision="231907" arch="powerpc">&os;/powerpc64 now
        supports kernel profiling by using &man.kgmon.8;.</para>

      <para revision="231145">The &os; Linux ABI compatibility layer
        now supports the <function>linux_fadvise64()</function> and
        <function>linux_fadvise64_64()</function> system calls.</para>

      <para revision="230266">The default value of the &man.loader.8;
        tunable <varname>hw.memtest.tests</varname> is now
        automatically set to <literal>0</literal> when &os; is running
        on a virtual machine.</para>

      <para revision="234075">A new &man.loader.8; tunable
        <varname>kern.msgbuf_show_timestamp</varname> has been added.
        When it is enabled, a timestamp is added to each line of the
        system message buffer.  The default value is
        <literal>0</literal> (disabled).</para>

      <para revision="230320">The &man.null.4; and &man.zero.4; pseudo
        device driver now supports non-blocking mode via the &man.fcntl.2;
        system call.</para>

      <para revision="233599">The &os; &man.sched.ule.4; scheduler has
        been improved for CPU load balancing on SMT (Simultaneous
        MultiThreading) CPUs.  It gives a 10-15% performance improvement
        when the number of threads is lesser than the number of
        logical CPUs.</para>

      <para revision="235992" arch="sparc64">The <literal>PREEMPTION</literal> kernel option is
        now enabled in the <filename>GENERIC</filename> kernel.</para>

      <para revision="230039">A new &man.sysctl.8; variable
        <varname>security.bsd.unprivileged_idprio</varname> has been
        added.  This variable controls whether non-root users can set
        an idle priority or not.  This is disabled by default.</para>

      <para revision="228445">The &man.splash.4; screen interface now
        supports ASCII art in <application>TheDraw</application>
        format.</para>

      <sect3 xml:id="boot">
        <title>Boot Loader Changes</title>

        <para revision="230065">The &man.boot0cfg.8; utility now
          supports configuration of PXE boot via the
          <filename>boot0</filename> boot block temporarily on the
          next boot.  The slice number <literal>6</literal> or a
          keyword <literal>PXE</literal> can be specified to enable
          PXE boot using the <option>-s</option> option.</para>

        <para revision="231287">The &os; &man.boot.8; block now
          supports <filename>/boot/config</filename> in addition to
          <filename>/boot.config</filename> as the boot block
          parameter file.  When both of them exist, the former will be
          used.</para>

        <para revision="234693">The <filename>gptboot</filename> boot
          block now reads the backup GPT header from the last LBA only
          when the primary GPT header and tables are invalid.  This
          mitigates interoperability issues with some &man.geom.4;
          providers like <literal>MIRROR</literal> which use the last
          LBA for the metadata.</para>

        <para revision="237766">The <filename>zfsboot</filename> boot
          block and <filename>zfsloader</filename> support
          filesystems within a ZFS storage pool.  In
          <filename>zfsloader</filename>, the ZFS device name format is now
          <literal>zfs:pool/fs</literal>
          and the fully qualified file path format is
          <literal>zfs:pool/fs:/path/to/file</literal>.
          The <filename>zfsboot</filename> boot block accepts the
          kernel/loader name in the format
          <literal>pool:fs:path/to/file</literal>
          or, as before,
          <literal>pool:path/to/file</literal>.
          In the latter case a default filesystem is used (the pool
          root or a filesystem with the <literal>bootfs</literal> property).  The
          <filename>zfsboot</filename> boot block passes
          the GUIDs of the selected
          storage pool and dataset to <filename>zfsloader</filename>
          to be used as its defaults.</para>

        <para revision="236076" arch="sparc64">&os;/sparc64 now
          supports booting from ZFS via the <filename>zfsboot</filename> boot block and
          <filename>zfsloader</filename>.  For example, the following commands create a
          mirrored storage pool <literal>rpool</literal> consisting of
          <literal>da0a</literal> and <literal>da0b</literal> and
          configure the storage pool as the root filesystem:</para>

        <screen>&prompt.root; gpart create -s vtoc8 da0
&prompt.root; gpart add -t freebsd-zfs -s 10g da0
&prompt.root; gpart add -t freebsd-swap -s 10g da0
&prompt.root; gpart add -t freebsd-zfs -s 10g da0
&prompt.root; zpool create rpool mirror da0a da0b
&prompt.root; zpool set bootfs=rpool rpool
&prompt.root; zpool export rpool
&prompt.root; gpart bootcode -p /boot/zfsboot da0
&prompt.root; sysctl kern.geom.debugflags=0x10
&prompt.root; dd if=/boot/zfsloader of=/dev/da0a bs=512 oseek=1024 conv=notrunc
&prompt.root; dd if=/boot/zfsloader of=/dev/da0b bs=512 oseek=1024 conv=notrunc
&prompt.root; zpool import rpool
&prompt.root; cp -p /boot/zfs/zpool.cache /rpool/boot/zfs/zpool.cache
&prompt.root; zfs set mountpoint=/ rpool</screen>
      </sect3>

      <sect3 xml:id="proc">
        <title>Hardware Support</title>

        <para revision="230751" arch="powerpc">The &man.abtn.4;
          driver, which supports ADB keyboards found on Apple laptops,
          has been added.</para>

        <para revision="233798" arch="amd64">A workaround for Erratum
          721 for AMD Processor Family 10h and 12h has been
          implemented.  Under a highly specific and detailed set of
          internal timing conditions, the processor may incorrectly
          update the stack pointer after a long series of push and/or
          near-call instructions, or a long series of pop and/or
          near-return instructions.</para>

        <para revision="232677" arch="powerpc">The atibl(4) driver,
          which supports backlight control of ATI graphics chips on
          PowerBooks and iBooks, has been added.</para>

        <para revision="229858">The &man.acpi.wmi.4; driver now
          supports attaching multiple instances.</para>

        <para revision="230290" arch="powerpc">The adm1030(4) driver
          for G4 MDD fans now shows its PWM parameter in the device's
          &man.sysctl.8; variable.</para>

        <para revision="234559" arch="arm">The cesa(4) driver for the
          Marvell crypto engine and security accelerator has been
          added.</para>

        <para revision="230305" arch="powerpc">The &man.hwpmc.4;
          driver now supports PowerPC G4+ (MPC745x/MPC744x).</para>

        <para revision="234046" arch="amd64,i386">The &man.hwpmc.4;
          driver now supports the Intel Sandy Bridge
          microarchitecture.</para>

        <para revision="236238">The &man.hwpmc.4; driver now supports
          software events.  Simultaneous usage of software PMC and
          hardware PMC is allowed.</para>

        <para revision="236078">The pcf8563(4) driver for the NXP
          (Philips) PCF8563 RTC has been added.</para>

        <para revision="233471" arch="powerpc">&os;/powerpc now
          supports the PWM-controlled fans found on the PowerMac SMU (System
          Management Unit).</para>

        <para revision="236081" arch="arm">&os;/arm now supports the Atmel
          SAM9XE family of microcontrollers.</para>

        <para revision="230754,233950">The following &man.sysctl.8;
          variables have been added: <varname>kern.proc.env</varname>
          for environment strings, <varname>kern.proc.auxv</varname>
          for ELF auxiliary vectors from a process's stack,
          <varname>kern.proc.groups</varname> for process groups,
          <varname>kern.proc.rlimit</varname> for process resource
          limits, <varname>kern.proc.ps_strings</varname> for the
          ps_strings location, and <varname>kern.proc.osrel</varname> for
          the osreldate of the process's binary.</para>

        <para revision="229100,229369">The &man.usb.4; driver now
          handles suspend and resume correctly with no need to reload
          the kernel module.</para>

        <para revision="230302">A bug in the &man.xhci.4; (USB 3.0)
          driver has been fixed.  It did not work with USB 3.0
          hubs.</para>

        <para revision="229927">The &man.viawd.4; driver, which
          supports the watchdog timer found in VIA south bridges (VT8251,
          CX700, VX800, VX855, VX900), has been added.</para>

        <para revision="235926">The &man.wbwd.4; driver, which
          supports the watchdog timer found in Winbond Super I/O chips,
          has been added.</para>

        <sect4 xml:id="mm">
          <title>Multimedia Support</title>

          <para revision="236926,236927,239965">The drm2(4) Intel GPU driver,
            which supports GEM and KMS and works with new generations of
            GPUs such as IronLake, SandyBridge, and IvyBridge, has been
            added.  The &man.agp.4; driver now supports SandyBridge
            and IvyBridge CPU northbridges.</para>

          <para revision="232798">The &man.snd.hda.4; driver has been
            updated.  It now supports and provides HDMI, new volume control,
            automatic recording source selection, runtime
            reconfiguration, more then 4 PCM devices on a controller,
            multichannel recording, additional playback/record
            streams, higher bandwidth, and more informative device
            names.</para>

          <para revision="233165">The &man.snd.hdspe.4; driver has
            been added.  This supports RME HDSPe AIO and RayDAT sound
            cards.</para>

          <para revision="230964,230985,231047,235769">GPL-licensed
            headers in the &man.snd.emu10kx.4;, &man.snd.maestro3.4;,
            and &man.snd.csa.4; drivers have been replaced with
            BSD-licensed one.  These drivers are now fully
            BSD-licensed and included in the <filename>GENERIC</filename>
            kernel on &os;/amd64 and &os;/i386.</para>
        </sect4>

        <sect4 xml:id="net-if">
          <title>Network Interface Support</title>

          <para revision="229520">A bug in the &man.ae.4; driver which could
            prevent it from working under certain conditions has been
            fixed.</para>

          <para revision="229106">The &man.axe.4; driver now supports
            TX/RX checksum offloading support for the ASIX AX88772B
            controller.</para>

          <para>The &man.bce.4; driver has been improved:</para>

          <itemizedlist>
            <listitem>
              <para revision="229864">Unnecessary link up/down has
                been eliminated.</para>
            </listitem>

            <listitem>
              <para revision="236216">A bug has been fixed which could
                prevent IPMI from working when the interface was
                marked as down.</para>
            </listitem>

            <listitem>
              <para revision="235818">It now supports remote PHYs,
                which allow the controller to perform MDIO type accesses
                to a remote transceiver by using message pages defined
                through MRBE (MultiRate Backplane Ethernet).  This is
                found on machines such as the Dell PowerEdge M610
                Blade.</para>
            </listitem>
          </itemizedlist>

          <para>The &man.bge.4; and brgphy(4) drivers have been
            improved:</para>

          <itemizedlist>
            <listitem>
              <para revision="229350">A bug which could prevent
                DMA functionality from working correctly has been
                fixed.</para>
            </listitem>

            <listitem>
              <para revision="233495">It now works with a PCI-X BCM 5704
                controller that is connected to AMD-8131 PCI-X bridge.</para>
            </listitem>

            <listitem>
              <para revision="229357,229867,232134">It now supports
                the BCM 5720 and BCM 5720C PHY, and the BCM 57780 1000BASE-T
                media interface.</para>
            </listitem>

            <listitem>
              <para revision="231734">It now supports a &man.loader.8;
                tunable
                <varname>dev.bge.<replaceable>N</replaceable>.msi</varname>
                to control the use of MSI.  The default value is
                <literal>1</literal> (enabled).</para>
            </listitem>
          </itemizedlist>

          <para revision="231093,237925">The &man.cxgbe.4; and
            &man.cxgb.4; drivers have been updated to firmware version
            1.5.2.0.  They now support device configuration via a
            plain text configuration file, IPv6 hardware checksumming,
            IPv6 TSO and LRO, a <literal>loadfw</literal> command in the
            cxgbetool(8) utility which allows installing a firmware to
            the card, and &man.sysctl.8; variables under
            <varname>dev.t4nex.<replaceable>N</replaceable>.misc</varname>
            for various information.</para>

          <para revision="229334">The &man.dc.4; driver now supports
            NVIDIA (ULi) M5261/M5263 PCI FastEthernet controllers, which
            are found on the ULi M1563 South Bridge and M1689 Bridge.</para>

          <para revision="229711,229717,229720">The &man.et.4; driver
            now works on all platforms.  A bug which could prevent
            &man.altq.4; support from working has been fixed.  A new
            &man.sysctl.8; variable under
            <varname>dev.et.<replaceable>N</replaceable>.stats</varname>
            has been added for hardware MAC statistics.</para>

          <para revision="238262">The &man.igb.4; driver has been
            updated to version 2.3.4.  It now supports newer i210/i211
            devices.</para>

          <para revision="233838,235843">The &man.iwn.4; driver now
            supports Intel Centrino Wireless-N + WiMAX 6150 and
            Wireless-N 100/130 series.</para>

          <para revision="230709">The &man.miibus.4; bus driver now
            supports device hints
            <varname>hint.miibus.<replaceable>N</replaceable>.phymask</varname>
            for PHY addresses being probed.  This is useful to manually
            probe PHYs which do not implement basic the register set of
            IEEE 802.3.  Also, the &man.miibus.4; driver has been
            changed to a hinted bus, allowing to add child devices via
            hints and to set their attach arguments in addition to
            automatically-probed PHYs.</para>

          <para revision="229524">The &man.msk.4; driver now uses 64-bit
            DMA addressing on 64-bit platforms.</para>

          <para revision="236413">The &man.mxge.4; driver has been
            updated to firmware version 1.4.55 from Myricom.</para>

          <para revision="232137">The nsphyter(4) driver now supports
            National DP83849.</para>

          <para revision="231663">The &man.oce.4; driver, which
            supports Emulex OneConnect 10Gbit Ethernet cards, has been
            added.</para>

          <para revision="236004">The &man.ral.4; driver now supports
            Ralink RT2800 and RT3000 chipsets.</para>

          <para revision="229529,231731">The &man.re.4; driver now
            supports the RTL8411 PCIe Gigabit Ethernet controller.  A bug
            which could prevent WoL (Wake-on-LAN) from working on
            RTL8168E has been fixed.</para>

          <para revision="234028">The &man.runfw.4; firmware has been
            updated to version 0.236.</para>

          <para revision="228100">The &man.sfxge.4; driver, which
            supports 10Gb Ethernet adapters based on Solarflare SFC9000
            family controllers, has been added.</para>

          <para revision="233485">The smcphy(4) driver now supports the
            Seeq Technology 80220 PHY.  This is found on Adaptec
            AIC-6915 Starfire Ethernet controllers supported by the
            &man.sf.4; driver.</para>

          <para revision="229417,229438">The &man.ti.4; driver now
            supports the &man.altq.4; framework, reporting link-state
            changes, and &man.sysctl.8; variables under
            <varname>dev.ti.<replaceable>N</replaceable></varname> for
            interrupt moderation parameters.</para>

          <para revision="229441">A bug in the &man.ti.4; driver which could
            prevent it from working correctly with the <literal>PAE</literal>
            kernel option has been fixed.</para>

          <para revision="229540">The &man.vge.4; driver has been
            updated to improve its link establishment and link-state
            detection.</para>

          <para revision="229641">The &man.vr.4; driver now enables
            flow control capability in the PHY drivers.</para>

          <para revision="231697">The &man.xnb.4; Xen Paravirtualized
            Backend Ethernet Driver (netback) has been updated.  This is
            attached via the newbus framework and works properly in both
            HVM and PVM mode.</para>
        </sect4>
      </sect3>

      <sect3 xml:id="net-proto">
        <title>Network Protocols</title>

        <para revision="236051">The &man.if.bridge.4; pseudo-interface
          now supports reporting link-state changes depending on the status
          of the member interfaces.</para>

        <para revision="234597">The <literal>table</literal> argument
          in the &man.ipfw.4; packet filter rule syntax now supports
          IP address, interface name, port number, and jail ID.  The
          following syntax is valid:</para>

        <programlisting>skipto tablearg ip from any to any via table(42) in</programlisting>

        <para>The &os; &man.ip6.4; protocol stack has been improved in terms
          of its performance.  Benchmarking can be found at <uri xlink:href="http://people.freebsd.org/~bz/bench/">http://people.freebsd.org/~bz/bench/</uri>.</para>

        <para revision="232292">The &os; &man.ip6.4; protocol stack now
          supports multiple FIBs.</para>

        <para revision="230604">An IPv6 default route configured via
          Router Advertisement messages is now reinstalled correctly
          when the default route is manually removed and then another
          RA message is received for the same route.</para>

        <para revision="227885">A bug which could return an incorrect
          value for the <literal>IPV6_MULTICASE_HOPS</literal> socket option
          has been fixed.</para>

        <para revision="231768">A new &man.sysctl.3; name
          <literal>NET_RT_IFLISTL</literal> has been added.  This
          queries the address list and works on extended and
          extensible structures <varname>if_msghdrl</varname> and
          <varname>ifa_msghdrl</varname> without breaking the
          ABI.</para>

        <para revision="231650,235527">The &man.netmap.4; fast packet
          I/O framework has been added.  The &man.em.4;, lem(4),
          &man.igb.4;, and &man.re.4; drivers now support this
          framework.  The technical details can be found at <uri xlink:href="http://info.iet.unipi.it/~luigi/netmap/">http://info.iet.unipi.it/~luigi/netmap/</uri>.</para>

        <para revision="231045">The &os; &man.sctp.4; protocol stack now
          supports a new &man.sysctl.8; variable
          <varname>net.inet.sctp.blackhole</varname>.  If this is set
          to <literal>1</literal>, no <literal>ABORT</literal> is sent
          back in response to an incoming <literal>INIT</literal>. If
          this is set to <literal>2</literal>, no
          <literal>ABORT</literal> is sent back in response to an
          out-of-the-blue packet.  If set to <literal>0</literal>
          (the default), <literal>ABORT</literal>s are sent.</para>

        <para revision="231049">A bug which could cause a system panic
          when <literal>SCTP_RECVINFO</literal> or
          <literal>SCTP_NXTINFO</literal> is specified to the
          &man.getsockopt.2; system call has been fixed.</para>

        <para revision="231070,231140">The &os; &man.sctp.4; protocol stack now
          supports the <literal>SCTP_REMOTE_UDP_ENCAPS_PORT</literal>
          socket option.</para>

        <para revision="232805">The <literal>SO_PROTOCOL</literal> and
          <literal>SO_PROTOTYPE</literal> socket options have been
          added.  These return the socket protocol number.</para>

        <para revision="232945">The <literal>TCP_KEEPINIT</literal>,
          <literal>TCP_KEEPIDLE</literal>,
          <literal>TCP_KEEPINTVL</literal>, and
          <literal>TCP_KEEPCNT</literal> socket options have been
          added.  These allow controlling initial timeout, idle time,
          idle resend interval, and idle send count on a per-socket
          basis.</para>
      </sect3>

      <sect3 xml:id="disks">
        <title>Disks and Storage</title>

        <para revision="240758">The &man.arcmsr.4; driver has been
          updated to version 1.20.00.25.</para>

        <para revision="229291">The &man.ahci.4; driver now supports a
          new &man.loader.8; tunable <varname>hw.ahci.force</varname>.
          This controls whether it attempts to attach an AHCI-capable
          device even if it is configured to use legacy emulation.
          This is enabled by default.</para>

        <para revision="231251">The new &man.cam.4;-based &man.ata.4;
          driver now supports old &man.loader.8; tunables
          <varname>hw.ata.ata_dma</varname> and
          <varname>hw.ata.atapi_dma</varname>, for backward
          compatibility.</para>

        <para revision="236778">The &man.cam.4; driver now supports
          SEMB (SATA Enclosure Management Bridge) devices, which are
          equivalent to the SCSI SES/SAF-TE devices.</para>

        <para revision="236765">A new &man.sysctl.8; variable
          <varname>kern.cam.pmp.hide_special</varname> has been added.
          This controls whether special PMP ports such as PMP (Port
          MultiPlier) configuration or SEMB (SATA Enclosure Management
          Bridge) will be exposed or hidden.  The default value is
          <literal>1</literal> (hidden).</para>

        <para revision="231772">The ctl(4) driver, which supports
          &man.cam.4; Target Layer and &man.ctladm.8;, a userland
          control utility, have been added.  ctl(4) is a disk and
          processor device emulation subsystem supporting tagged
          queuing, SCSI task attribute, SCSI implicit command
          ordering, full task management, multiple ports, multiple
          simultaneous initiators, multiple simultaneous backing
          stores, mode sense/select, and error injection
          support.</para>

        <para revision="230014">The &man.cd.4; driver now supports
          Audio CDs in the same way as &man.acd.4; did.  It will
          report a 2352-byte sector size to the &man.geom.4; subsystem and use
          the <literal>READ CD</literal> command for reading the data.
          This fixes an interoperability issue with <package>multimedia/vlc</package>.</para>

        <para revision="236677">The &man.da.4; driver now supports
          <literal>BIO_DELETE</literal>.  To select the method, a new
          &man.sysctl.8; variable
          <varname>kern.cam.da.<replaceable>N</replaceable>.delete_method</varname>
          has been added for each device instance.  The following
          values are supported:</para>

        <informaltable frame="none" pgwide="1">
          <tgroup cols="2">
            <thead>
              <row>
                <entry>Value</entry>
                <entry>Method</entry>
              </row>
            </thead>

            <tbody>
              <row>
                <entry>NONE</entry>
                <entry>no provisioning support reported by the device</entry>
              </row>

              <row>
                <entry>DISABLE</entry>
                <entry>provisioning support was disabled because of errors</entry>
              </row>

              <row>
                <entry>ZERO</entry>
                <entry>WRITE SAME (10) command to write zeroes</entry>
              </row>

              <row>
                <entry>WS10</entry>
                <entry>WRITE SAME (10) command with UNMAP bit set</entry>
              </row>

              <row>
                <entry>WS16</entry>
                <entry>use WRITE SAME (16) command with UNMAP bit set</entry>
              </row>

              <row>
                <entry>UNMAP</entry>
                <entry>use UNMAP command (equivalent of the ATA DSM TRIM command)</entry>
              </row>
            </tbody>
          </tgroup>
        </informaltable>

        <para>When it was <literal>NONE</literal>, the device did not
          report logical block provisioning support via respective
          VPD pages.  One can set a specific method for testing and it
          will be disabled automatically when not supported on the
          device.</para>

        <para revision="238500">The <application>MIRROR</application>
          &man.geom.4; class now supports
          <literal>BIO_DELETE</literal>.  This means the
          <literal>TRIM</literal> command will be issued on
          supported devices when deleting data.</para>

        <para revision="229303,234916">The
          <application>MULTIPATH</application> &man.geom.4; class has
          been updated.  It now supports Active/Active mode,
          Active/Read mode as hybrid of Active/Active and
          Active/Passive, keeping a failed path without removing the
          geom provider, manual configuration without on-disk
          metadata, and <command>add</command>,
          <command>remove</command>, <command>fail</command>,
          <command>restore</command>, <command>configure</command>
          subcommands in the &man.gmultipath.8; utility to manage the
          configured paths.</para>

        <para revision="234406">The
          <application>PART_LDM</application> &man.geom.4; class has
          been added.  This partition scheme has support for Logical Disk
          Manager, which is also known as dynamic volumes in Microsoft
          Windows NT.  Note that JBOD, RAID0, and RAID5 volumes are
          not supported yet.</para>

        <para revision="230763">The <application>PART_MBR</application>
          &man.geom.4; class now allows a primary or extended Linux
          swap partition to be used as the system dump device.</para>

        <para revision="235877" arch="amd64,i386">The
          <application>RAID</application> &man.geom.4; class is now
          included in the <filename>GENERIC</filename> kernel.</para>

        <para revision="230244">The <application>RAID</application>
          &man.geom.4; class now supports disks with over 2TB capacity
          for the Intel metadata format.</para>

        <para revision="235874">The <application>RAID</application>
          &man.geom.4; class now supports the DDF metadata format, which
          is defined in the SNIA Common RAID Disk Data Format
          Specification v2.0.</para>

        <para revision="235483">The
          <application>UNCOMPRESS</application> &man.geom.4; class and
          the &man.mkulzma.8; utility have been added.  This class
          supports lzma compressed images like the
          <application>UZIP</application> &man.geom.4; class and the
          &man.mkuzip.8; utility.</para>

        <para revision="229975" arch="amd64,i386">The &man.hpt27xx.4;
          driver has been added.  This supports HighPoint RocketRAID
          27xx-based SAS 6Gb/s HBA.</para>

        <para revision="231689" arch="amd64,i386">The &man.isci.4;
          driver, which supports the integrated SAS controller in the
          Intel C600 (Patsburg) chipset, has been added.</para>

        <para revision="230019">Bugs in &man.isp.4; target mode have
          been fixed.</para>

        <para revision="230775">The &man.ixgbe.4; driver now supports
          the Intel X540 adapter.</para>

        <para revision="227533">A bug in the &man.mfi.4; driver has been
          fixed.  It could cause some inconsistencies due to missed
          interrupt acknowledgements and output the following log
          message:</para>

        <screen>mfi0: COMMAND 0xffffffXXXXXXXXXX TIMEOUT AFTER XX SECONDS</screen>

        <para revision="229611,234429">The &man.mfi.4; driver now
          supports single-message MSI, and Drake Skinny and
          Thunderbolt cards.  The &man.loader.8; tunable
          <varname>hw.mfi.msi</varname> has been added and it is
          enabled by default.</para>

        <para revision="230920,231679,237876">The &man.mps.4; driver
          has been updated to version 14.00.00.01-fbsd.  This now
          supports Integrated RAID, WarpDrive controllers, WRITE12 and
          READ12 for direct I/O, SCSI protection information (EEDP),
          Transport Level Retries (TLR) for tape drives, and LSI's
          userland utility.</para>

        <para revision="232562">A bug in the &man.mpt.4; driver has
          been fixed.  It could attempt to attach MegaRAID cards which
          should be handled by the &man.mfi.4; driver.</para>

        <para revision="229107">The &man.usb.4; storage device driver
          now enables power save mode by default.</para>
      </sect3>

      <sect3 xml:id="fs">
        <title>File Systems</title>

        <para>The &os; NFS filesystem has been improved:</para>

        <itemizedlist>
          <listitem>
            <para revision="233326">It now supports a timeout on
              positive name cache entries on the client side.  A new
              mount option <varname>nametimeo</varname> has been added
              and set to <literal>60</literal> (in seconds) by
              default.</para>
          </listitem>

          <listitem>
            <para revision="234740">A memory leak when a ZFS volume is
              exported via the &os; NFS server has been fixed.</para>
          </listitem>

          <listitem>
            <para revision="233730">A bug has been fixed.  When a
              process writes to an mmap-backed file on an NFS
              filesystem, flushing changes to the data could fail
              under some circumstances such as errors due to
              permission mismatch, and this failure could not be detected
              as an error.  A new &man.sysctl.8; variable
              <varname>vfs.nfs.nfs_keep_dirty_on_error</varname> has
              been added to control the behavior on the client side
              related to this issue.  When this is set to
              <literal>1</literal>, the pages where a write operation
              failed are kept dirty.  The default value is set to
              <literal>0</literal>.</para>
          </listitem>

          <listitem>
            <para revision="229799">The &man.nfsv4.4; filesystem now
              supports a &man.sysctl.8; variable
              <varname>vfs.nfsd.disable_checkutf8</varname>.  This
              disables the check for UTF-8 compliance in
              filenames.  This is disabled by default.  Note that
              enabling this may help wht some interoperability issues but
              results in an NFSv4 server that is not RFC 3530
              compliant.</para>
          </listitem>
        </itemizedlist>

        <para revision="234511">The &man.tmpfs.5; filesystem is not an
          experimental implementation anymore.</para>

        <para revision="234849">The &man.tmpfs.5; filesystem now
          supports a &man.sysctl.8; variable
          <varname>vfs.tmpfs.memory_reserved</varname> to set the amount
          of required free pages when &man.tmpfs.5; attempts to
          allocate a new node.</para>

        <para revision="229578,232328">&os;'s ZFS filesystem has been
          updated by merging improvements from the illumos project.  The
          following changes are made:</para>

        <itemizedlist>
          <listitem><para>New properties, <literal>clones</literal> and
              <literal>written</literal>, have been added.</para></listitem>

          <listitem><para>The &man.zfs.8; <command>send</command> command
              now reports an estimated size of the stream.</para></listitem>

          <listitem><para>The &man.zfs.8; <command>destroy</command> command
              now reports an estimate of the space which would be reclaimed,
              when <option>-n</option> is specified.</para></listitem>

          <listitem><para>The &man.zfs.8; <command>get</command> command now
              supports the <option>-t <replaceable>type</replaceable></option>
              flag to specify the data type.</para></listitem>
        </itemizedlist>

        <para revision="227705">A simple script
          <filename>zfsboottest.sh</filename> has been added to the
          source tree.  This checks if the system is configured
          correctly when using ZFS as the root filesystem.  The script
          is located at
          <filename>/usr/src/tools/tools/zfsboottest.sh</filename> and
          it uses the <filename>zfsboottest</filename> binary program in the
          same directory.</para>

        <para>The binary program can be built and installed by the
          following command:</para>

        <screen>&prompt.root; cd /usr/src/tools/tools/zfsboottest
&prompt.root; make
&prompt.root; make install</screen>

        <para>After that, the following command can be used to check the
          system.  <replaceable>poolname</replaceable> is the ZFS
          storage pool name to boot:</para>

        <screen>&prompt.root; sh /usr/src/tools/tools/zfsboottest/zfsboottest.sh <replaceable>poolname</replaceable></screen>

        <para>The &man.sysctl.8; variable
          <varname>vfs.zfs.txg.timeout</varname> has been changed from
          read-only to writable.</para>
      </sect3>
    </sect2>

    <sect2 xml:id="userland">
      <title>Userland Changes</title>

      <para revision="238481">&man.auth.conf.5; has been removed
        because it was deprecated years ago.</para>

      <para revision="237740">The &man.camcontrol.8; utility now
        supports a <command>fwdownload</command> subcommand for firmware
        update on SCSI devices from Hitachi, HP, IBM, Plextor,
        Quantum, and Seagate.  This subcommand will reprogram the
        firmware on devices connected over an ATA/SATA transport.</para>

      <para revision="230597">The &man.dhclient.8; utility now
        supports <literal>domain-search</literal> (option number 119,
        described in RFC 3397).  This allows a DHCP server to publish
        a list of implicit domain suffixes used during name lookup.
        If this option is specified, a <literal>search</literal>
        keyword will be added to
        <filename>/etc/resolv.conf</filename>.</para>

      <para revision="230047">The &man.dump.8; utility now uses 53
        characters for the device names in
        <filename>/etc/dumpdates</filename>.  This was previously limited to 32
        characters.</para>

      <para revision="235253">The &man.fetch.1; utility now correctly
        supports a percent-encoded user and password part in a
        URL.</para>

      <para revision="230410">The &man.fdlopen.3; function has been
        implemented.  This is an interface for &man.rtld.1; to load a
        shared object by file descriptor.</para>

      <para revision="229845">The &man.fopen.3; function now supports
        the <option>x</option> (an exclusive create-and-open mode) option
        in the ISO/IEC 9899:2011 and C11 standards.</para>

      <para revision="234023">A bug in the &man.gcc.1; compiler has
        been fixed.  It could lead to incorrect calculations when
        <option>-ffast-math</option> is specified.</para>

      <para revision="229509">The &man.hastd.8; daemon now supports
        specifying the filename of its process ID file in
        &man.hast.conf.5;.</para>

      <para revision="231221">The &man.ifconfig.8; utility now
        supports a <literal>vlanhwcsum</literal> parameter to set or
        reset checksum offloading capability on VLANs.</para>

      <para revision="238872">A bug in the &man.ifconfig.8; utility
        which could display an error message in a jail with no IPv6
        support has been fixed.</para>

      <para revision="232486">The &man.ifconfig.8; utility now
        supports a <literal>carp state state</literal>
        parameter to set
        the state to <literal>backup</literal> or
        <literal>master</literal> forcibly.</para>

      <para revision="235839">The &man.jail.8; utility now supports a
        configuration file (&man.jail.conf.5;) for complex
        configurations.</para>

      <para revision="237789">The &man.kdump.1; utility now supports a
        <option>-p <replaceable>pid</replaceable></option> option to
        accept either a process ID or a thread ID.</para>

      <para revision="236118">The &man.kenv.1; utility now supports a
        <option>-v</option> flag to display an entry in
        <literal>name=value</literal> format, and a <option>-N</option>
        flag to display only the name.</para>

      <para revision="233560">The &man.kldload.8; utility now supports a
        <option>-n</option> flag to ignore the error status when the
        specified module is already loaded.</para>

      <para revision="237738"><application>libedit</application> has
        been updated to a NetBSD snapshot as of 28 December,
        2009.</para>

      <para revision="236523">&man.libmap.conf.5; now supports
        <literal>include</literal> and <literal>includedir</literal>
        directives.  They allow to include specified files for the
        configuration.</para>

      <para revision="234372">Lock handling performance in the
        <application>libthr</application> pthread library has been
        improved.  It now works 10 times faster especially under the
        condition that a mutex is heavily contested.</para>

      <para revision="235798">A new C++ stack has been imported.  This
        consists of <application>libcxxrt</application>, originally
        developed by a &os; developer under contract by PathScale and
        open sourced by the &os; and NetBSD foundations, and
        <application>libc++</application> from the LLVM project.
        <application>libcxxrt</application> is a drop-in replacement
        for GNU <application>libsupc++</application>, which implements
        the C++ runtime support for features such as run-time type
        information, dynamic casting, thread-safe static initializer,
        and exceptions.  <application>libc++</application> implements
        the C++11 standard library, and will replace GNU
        <application>libstdc++</application> in a future release.  In
        9.1-RELEASE, <application>libstdc++</application> is still
        installed as standard and now dynamically links against
        <application>libsupc++</application>.  This allows libraries
        linking <application>libstdc++</application> and
        <application>libc++</application> to both be used in the same
        program, to aid migration.</para>

      <para revision="230919">The &man.limits.1; utility now supports
        a <option>-P <replaceable>pid</replaceable></option> option to
        control limits for the specified process.</para>

      <para revision="237731">The &man.pciconf.8; utility now supports a
        <option>-e</option> flag to display PCI error details in
        listing mode.  When this is specified, the status of any error
        bits in the PCI status register and PCI-express device status
        register will be displayed.  It also lists any errors
        indicated by version 1 of PCI-express Advanced Error Reporting
        (AER).</para>

      <para revision="229710">The &man.procstat.1; utility now shows the
        superpage mapping flag when displaying process virtual memory
        mappings.</para>

      <para revision="230917,230918">The &man.procstat.1; utility now
        supports an <option>-e</option> flag to display process
        environment variables, an <option>-x</option> flag to display
        ELF auxiliary vectors, and an <option>-l</option> flag to
        display resource limits.</para>

      <para revision="234535">A bug in the &man.remquo.3; functions
        where the quotient did not always have the correct sign when
        the remainder was <literal>0</literal>, and another bug that
        the remainder and quotient were both off by a bit in certain
        cases involving subnormal remainders, have been fixed.  Note
        that these bugs affected all platforms except amd64 and
        i386.</para>

      <para revision="231579">The &man.rtld.1; run-time linker now
        supports GCC's RELRO (RElocation Read-Only).  This prevents the
        GOT (Global Offset Table) from being overwritten.</para>

      <para revision="235396">The &man.rtld.1; run-time linker now
        supports a GNU hash section (<literal>DT_GNU_HASH</literal>),
        which is a replacement of optional ELF hash section.</para>

      <para revision="235139">The &man.setbuf.1; utility and
        <application>libstdbuf</application> library have been added.
        This controls the default buffering behavior of standard
        stdio streams.</para>

      <para revision="227702">The &man.top.1; utility now correctly
        supports per-thread I/O statistics of ZFS in the <option>-m
        io</option> option.</para>

      <para revision="234330">The &man.unzip.1; utility now supports a
        <option>-Z</option> option for zipinfo.</para>

      <para revision="235785">The &man.xlocale.3; API has been
        implemented.  This consists of <literal>_l</literal>-suffixed
        versions of various standard library functions that use the
        global locale, making them take an explicit locale parameter
        and allowing thread-safe extended locale support.  Most of
        these APIs are required for IEEE Std 1003.1-2008 (POSIX.1-2008
        or ISO/IEC 9945:2009) compatibility, and are required by
        <application>libc++</application> and recent versions of
        <application>GNOME</application>.  This implementation also
        supports several extensions for compatibility with Apple
        <application>Darwin</application>.</para>

      <sect3 xml:id="periodic-scripts">
        <title>&man.periodic.8; Scripts</title>

        <para revision="231721">A new variable
          <varname>daily_status_zfs_zpool_list_enable</varname> has
          been added.  It controls whether or not to list all of the ZFS
          pools in <filename>periodic/daily/404.status-zfs</filename>.
          The default value is <literal>YES</literal>.</para>

        <para revision="229381">The default value of
          <varname>daily_scrub_zfs_default_threshold</varname> used in
          <filename>periodic/daily/800.scrub-zfs</filename> is now set
          to 35 days.</para>
      </sect3>

      <sect3 xml:id="rc-scripts">
        <title>&man.rc.8; Scripts</title>

        <para revision="227607">The <filename>rc.d/nfsd</filename> script
          now sets the <varname>vfs.nfsd.server_max_nfsvers</varname>
          &man.sysctl.8; variable to <literal>4</literal> when
          <varname>nfsv4_server_enable</varname> is set to
          <literal>YES</literal>.</para>

        <para revision="242189">A backwards compatibility issue when
          both <literal>ipv6_enable=YES</literal> and
          <literal>ipv6_gateway_enable=YES</literal> are defined at
          the same time has been fixed.</para>
      </sect3>
    </sect2>

    <sect2 xml:id="contrib">
      <title>Contributed Software</title>

      <para revision="241417"><application>ISC BIND</application> has
        been updated to version 9.8.3-P4.</para>

      <para revision="236018">The
        <application>compiler-rt</application> library, which provides
        low-level target-specific interfaces such as functions in
        <application>libgcc</application>, has been updated to
        revision 147467.</para>

      <para revision="237983"><application>file</application>
        (&man.file.1;) has been updated to version 5.11.</para>

      <para revision="230237">GNU &man.gperf.1; has been updated to
        version 3.0.3 (the latest GPLv2-licensed version).</para>

      <para revision="229588"><application>libarchive</application>,
        &man.bsdtar.1;, and &man.cpio.1; have been updated to version
        2.8.5.</para>

      <para revision="236167">The <application>libpcap</application>
        library has been updated to 1.2.1.</para>

      <para revision="229551"><application>libstdc++</application>
        has been updated to revision 135556 of the
        <literal>gcc-4_2-branch</literal> (the last LGPLv2-licensed
        version).</para>

      <para revision="236144">The <application>LLVM</application>
        compiler infrastructure and <application>clang</application>,
        a C language family front-end, version 3.1 have been imported.
        Note that it is not used for building the &os; base system by
        default.</para>

      <para revision="235971">The <literal>netcat</literal> utility
        has been updated to version 5.1.</para>

      <para revision="237998"><application>OpenSSL</application> has
        been updated to version 0.9.8x.</para>

      <para revision="249865">The <application>sendmail</application>
        (&man.sendmail.8;) utility has been updated to version 8.14.8.</para>

      <para revision="236192">The <application>tcpdump</application>
        (&man.tcpdump.1;) utility has been updated to version 4.2.1.</para>

      <para revision="232633">The <application>TENEX C
        shell</application> (&man.tcsh.1;) has been updated to version
        6.18.01.</para>

      <para revision="233447">The <application>timezone</application>
        database has been updated to the
        <application>tzdata2012a</application> release.</para>

      <para revision="237691">The <application>zlib</application>
        library has been updated to version 1.2.7.</para>
    </sect2>

    <sect2 xml:id="releng">
      <title>Release Engineering and Integration</title>

      <para>The supported version of the
        <application>KDE</application> desktop environment (<package>x11/kde4</package>) has been updated to
        4.8.4.</para>

      <para revision="234055" arch="powerpc">Issues where the &os;
        installation CDROM image caused a panic, and was not
        recognized on OpenBIOS-based environments like QEMU, have been
        fixed.</para>
    </sect2>
  </sect1>

  <sect1 xml:id="upgrade">
    <title>Upgrading from previous releases of &os;</title>

    <sect2>
      <title>Upgrading using &man.freebsd-update.8; or a source-based
        procedure</title>

      <para arch="amd64,i386">Beginning with &os; 6.2-RELEASE, binary
        upgrades between RELEASE versions (and snapshots of the
        various security branches) are supported using the
        &man.freebsd-update.8; utility.  The binary upgrade procedure
        will update unmodified userland utilities, as well as an
        unmodified <filename>GENERIC</filename> kernel, distributed as
        a part of an official &os; release.  The
        &man.freebsd-update.8; utility requires that the host being
        upgraded have Internet connectivity.</para>

      <para>Source-based upgrades (those based on recompiling the &os;
        base system from source code) from previous versions are
        supported using to the instructions in
        <filename>/usr/src/UPDATING</filename>.</para>

      <para>For more specific information about upgrading
        instructions, see <uri xlink:href="http://www.FreeBSD.org/releases/9.1R/installation.html">http://www.FreeBSD.org/releases/9.1R/installation.html</uri>.</para>

      <important>
        <para>Upgrading &os; should, of course, only be attempted
          after backing up <emphasis>all</emphasis> data and
          configuration files.</para>
      </important>
    </sect2>

    <sect2>
      <title xml:id="upgrade-pitfalls">User-visible incompatibilities</title>

      <para>FreeBSD 9.0 and later have several incompatibilities in
        system configuration which you might want to know before
        upgrading your system.  <emphasis>Please read this section and
        the <link xlink:href="http://www.freebsd.org/releases/9.0R/relnotes-detailed.html#UPGRADE">Upgrading
        Section in 9.0-RELEASE Release Notes</link> carefully before
        submitting a problem report and/or posting a question to the
        FreeBSD mailing lists.</emphasis></para>
    </sect2>
  </sect1>
</article>