1 <?xml version="1.0" encoding="iso-8859-1"?>
2 <!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook XML V5.0-Based Extension//EN"
3 "../../../share/xml/freebsd50.dtd" [
4 <!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN" "release.ent">
7 <article xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0">
8 <info><title>&os; &release.current; Release Notes</title>
11 <author><orgname>The &os; Project</orgname></author>
13 <pubdate>$FreeBSD$</pubdate>
17 <holder role="mailto:doc@FreeBSD.org">The &os; Documentation Project</holder>
20 <legalnotice xml:id="trademarks" role="trademarks">
30 <para>The release notes for &os; &release.current; contain a summary
31 of the changes made to the &os; base system on the
32 &release.branch; development line.
33 This document lists applicable security advisories that were issued since
34 the last release, as well as significant changes to the &os;
36 Some brief remarks on upgrading are also presented.</para>
40 <sect1 xml:id="intro">
41 <title>Introduction</title>
43 <para>This document contains the release notes for &os;
44 &release.current;. It describes recently added, changed, or
45 deleted features of &os;. It also provides some notes on
46 upgrading from previous versions of &os;.</para>
48 <para>This distribution of &os; &release.current; is a
49 &release.type; distribution. It can be found at <uri xlink:href="&release.url;">&release.url;</uri> or any of its mirrors. More
50 information on obtaining this (or other) &release.type;
51 distributions of &os; can be found in the <link xlink:href="&url.books.handbook;/mirrors.html"><quote>Obtaining
52 &os;</quote> appendix</link> to the <link xlink:href="&url.books.handbook;/">&os; Handbook</link>.</para>
54 <para>All users are encouraged to consult the release errata before
55 installing &os;. The errata document is updated with
56 <quote>late-breaking</quote> information discovered late in the
57 release cycle or after the release. Typically, it contains
58 information on known bugs, security advisories, and corrections to
59 documentation. An up-to-date copy of the errata for &os;
60 &release.current; can be found on the &os; Web site.</para>
64 <title>What's New</title>
66 <para>This section describes the most user-visible new or changed
67 features in &os; since &release.prev;.</para>
69 <para>Typical release note items document recent security
70 advisories issued after &release.prev;, new drivers or hardware
71 support, new commands or options, major bug fixes, or
72 contributed software upgrades. They may also list changes to
73 major ports/packages or release engineering practices. Clearly
74 the release notes cannot list every single change made to &os;
75 between releases; this document focuses primarily on security
76 advisories, user-visible changes, and major architectural
79 <sect2 xml:id="security">
80 <title>Security Advisories</title>
82 <para>Problems described in the following security advisories have
83 been fixed. For more information, consult the individual
84 advisories available from
85 <uri xlink:href="http://security.FreeBSD.org/">http://security.FreeBSD.org/</uri>.</para>
87 <informaltable frame="none" pgwide="1">
89 <colspec colwidth="1*"/>
90 <colspec colwidth="1*"/>
91 <colspec colwidth="3*"/>
94 <entry>Advisory</entry>
102 <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-12:01.openssl.asc">SA-12:01.openssl</link></entry>
103 <entry>3 May 2012</entry>
104 <entry><para>OpenSSL multiple vulnerabilities</para></entry>
108 <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-12:02.crypt.asc">SA-12:02.crypt</link></entry>
109 <entry>30 May 2012</entry>
110 <entry><para>Incorrect <function>crypt()</function> hashing</para></entry>
114 <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-12:03.bind.asc">SA-12:03.bind</link></entry>
115 <entry>12 June 2012</entry>
116 <entry><para>Incorrect handling of zero-length RDATA fields in &man.named.8;</para></entry>
120 <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-12:04.sysret.asc">SA-12:04.sysret</link></entry>
121 <entry>12 June 2012</entry>
122 <entry><para>Privilege escalation when returning from kernel</para></entry>
126 <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-12:05.bind.asc">SA-12:05.bind</link></entry>
127 <entry>6 August 2012</entry>
128 <entry><para>&man.named.8; DNSSEC validation Denial of Service</para></entry>
132 <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-12:06.bind.asc">SA-12:06.bind</link></entry>
133 <entry>22 November 2012</entry>
134 <entry><para>Multiple Denial of Service vulnerabilities with &man.named.8;</para></entry>
138 <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-12:07.hostapd.asc">SA-12:07.hostapd</link></entry>
139 <entry>22 November 2012</entry>
140 <entry><para>Insufficient message length validation for EAP-TLS messages</para></entry>
144 <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-12:08.linux.asc">SA-12:08.linux</link></entry>
145 <entry>22 November 2012</entry>
146 <entry><para>Linux compatibility layer input validation error</para></entry>
153 <sect2 xml:id="kernel">
154 <title>Kernel Changes</title>
156 <para revision="232728">The &os; Jail subsystem now supports
157 mounting &man.devfs.5;, &man.nullfs.5;, and ZFS filesystem
158 inside a jail. New &man.jail.8; parameters
159 <varname>allow.mount.devfs</varname>,
160 <varname>allow.mount.nullfs</varname>, and
161 <varname>allow.mount.zfs</varname> to control the per-jail
162 capabilities have been added. All of them are disabled by
165 <para revision="234167">A new &man.loader.8; tunable
166 <varname>kern.eventtimer.activetick</varname> has been added.
167 This tunable specifies whether each hardclock tick should
168 be run on every active CPU or only one. By setting it to
169 <literal>0</literal>, the total number of interrupts can be reduced
170 on SMP machines. The default value is
171 <literal>1</literal>.</para>
173 <para revision="229723">The &man.posix.fadvise.2; system call
174 has been implemented. This is a function similar to
175 &man.madvise.2; except that it operates on a file descriptor
176 instead of a memory region.</para>
178 <para revision="237795">The &man.filemon.4; pseudo-device has
179 been added. This allows a process to collect file operations
180 data of its children.</para>
182 <para revision="235413">The &man.sysctl.8; variable
183 <varname>kern.stop_scheduler_on_panic</varname> is now set to
184 <literal>1</literal> by default.</para>
186 <para revision="231907" arch="powerpc">&os;/powerpc64 now
187 supports kernel profiling by using &man.kgmon.8;.</para>
189 <para revision="231145">The &os; Linux ABI compatibility layer
190 now supports the <function>linux_fadvise64()</function> and
191 <function>linux_fadvise64_64()</function> system calls.</para>
193 <para revision="230266">The default value of the &man.loader.8;
194 tunable <varname>hw.memtest.tests</varname> is now
195 automatically set to <literal>0</literal> when &os; is running
196 on a virtual machine.</para>
198 <para revision="234075">A new &man.loader.8; tunable
199 <varname>kern.msgbuf_show_timestamp</varname> has been added.
200 When it is enabled, a timestamp is added to each line of the
201 system message buffer. The default value is
202 <literal>0</literal> (disabled).</para>
204 <para revision="230320">The &man.null.4; and &man.zero.4; pseudo
205 device driver now supports non-blocking mode via the &man.fcntl.2;
208 <para revision="233599">The &os; &man.sched.ule.4; scheduler has
209 been improved for CPU load balancing on SMT (Simultaneous
210 MultiThreading) CPUs. It gives a 10-15% performance improvement
211 when the number of threads is lesser than the number of
214 <para revision="235992" arch="sparc64">The <literal>PREEMPTION</literal> kernel option is
215 now enabled in the <filename>GENERIC</filename> kernel.</para>
217 <para revision="230039">A new &man.sysctl.8; variable
218 <varname>security.bsd.unprivileged_idprio</varname> has been
219 added. This variable controls whether non-root users can set
220 an idle priority or not. This is disabled by default.</para>
222 <para revision="228445">The &man.splash.4; screen interface now
223 supports ASCII art in <application>TheDraw</application>
226 <sect3 xml:id="boot">
227 <title>Boot Loader Changes</title>
229 <para revision="230065">The &man.boot0cfg.8; utility now
230 supports configuration of PXE boot via the
231 <filename>boot0</filename> boot block temporarily on the
232 next boot. The slice number <literal>6</literal> or a
233 keyword <literal>PXE</literal> can be specified to enable
234 PXE boot using the <option>-s</option> option.</para>
236 <para revision="231287">The &os; &man.boot.8; block now
237 supports <filename>/boot/config</filename> in addition to
238 <filename>/boot.config</filename> as the boot block
239 parameter file. When both of them exist, the former will be
242 <para revision="234693">The <filename>gptboot</filename> boot
243 block now reads the backup GPT header from the last LBA only
244 when the primary GPT header and tables are invalid. This
245 mitigates interoperability issues with some &man.geom.4;
246 providers like <literal>MIRROR</literal> which use the last
247 LBA for the metadata.</para>
249 <para revision="237766">The <filename>zfsboot</filename> boot
250 block and <filename>zfsloader</filename> support
251 filesystems within a ZFS storage pool. In
252 <filename>zfsloader</filename>, the ZFS device name format is now
253 <literal>zfs:pool/fs</literal>
254 and the fully qualified file path format is
255 <literal>zfs:pool/fs:/path/to/file</literal>.
256 The <filename>zfsboot</filename> boot block accepts the
257 kernel/loader name in the format
258 <literal>pool:fs:path/to/file</literal>
260 <literal>pool:path/to/file</literal>.
261 In the latter case a default filesystem is used (the pool
262 root or a filesystem with the <literal>bootfs</literal> property). The
263 <filename>zfsboot</filename> boot block passes
264 the GUIDs of the selected
265 storage pool and dataset to <filename>zfsloader</filename>
266 to be used as its defaults.</para>
268 <para revision="236076" arch="sparc64">&os;/sparc64 now
269 supports booting from ZFS via the <filename>zfsboot</filename> boot block and
270 <filename>zfsloader</filename>. For example, the following commands create a
271 mirrored storage pool <literal>rpool</literal> consisting of
272 <literal>da0a</literal> and <literal>da0b</literal> and
273 configure the storage pool as the root filesystem:</para>
275 <screen>&prompt.root; gpart create -s vtoc8 da0
276 &prompt.root; gpart add -t freebsd-zfs -s 10g da0
277 &prompt.root; gpart add -t freebsd-swap -s 10g da0
278 &prompt.root; gpart add -t freebsd-zfs -s 10g da0
279 &prompt.root; zpool create rpool mirror da0a da0b
280 &prompt.root; zpool set bootfs=rpool rpool
281 &prompt.root; zpool export rpool
282 &prompt.root; gpart bootcode -p /boot/zfsboot da0
283 &prompt.root; sysctl kern.geom.debugflags=0x10
284 &prompt.root; dd if=/boot/zfsloader of=/dev/da0a bs=512 oseek=1024 conv=notrunc
285 &prompt.root; dd if=/boot/zfsloader of=/dev/da0b bs=512 oseek=1024 conv=notrunc
286 &prompt.root; zpool import rpool
287 &prompt.root; cp -p /boot/zfs/zpool.cache /rpool/boot/zfs/zpool.cache
288 &prompt.root; zfs set mountpoint=/ rpool</screen>
291 <sect3 xml:id="proc">
292 <title>Hardware Support</title>
294 <para revision="230751" arch="powerpc">The &man.abtn.4;
295 driver, which supports ADB keyboards found on Apple laptops,
296 has been added.</para>
298 <para revision="233798" arch="amd64">A workaround for Erratum
299 721 for AMD Processor Family 10h and 12h has been
300 implemented. Under a highly specific and detailed set of
301 internal timing conditions, the processor may incorrectly
302 update the stack pointer after a long series of push and/or
303 near-call instructions, or a long series of pop and/or
304 near-return instructions.</para>
306 <para revision="232677" arch="powerpc">The atibl(4) driver,
307 which supports backlight control of ATI graphics chips on
308 PowerBooks and iBooks, has been added.</para>
310 <para revision="229858">The &man.acpi.wmi.4; driver now
311 supports attaching multiple instances.</para>
313 <para revision="230290" arch="powerpc">The adm1030(4) driver
314 for G4 MDD fans now shows its PWM parameter in the device's
315 &man.sysctl.8; variable.</para>
317 <para revision="234559" arch="arm">The cesa(4) driver for the
318 Marvell crypto engine and security accelerator has been
321 <para revision="230305" arch="powerpc">The &man.hwpmc.4;
322 driver now supports PowerPC G4+ (MPC745x/MPC744x).</para>
324 <para revision="234046" arch="amd64,i386">The &man.hwpmc.4;
325 driver now supports the Intel Sandy Bridge
326 microarchitecture.</para>
328 <para revision="236238">The &man.hwpmc.4; driver now supports
329 software events. Simultaneous usage of software PMC and
330 hardware PMC is allowed.</para>
332 <para revision="236078">The pcf8563(4) driver for the NXP
333 (Philips) PCF8563 RTC has been added.</para>
335 <para revision="233471" arch="powerpc">&os;/powerpc now
336 supports the PWM-controlled fans found on the PowerMac SMU (System
337 Management Unit).</para>
339 <para revision="236081" arch="arm">&os;/arm now supports the Atmel
340 SAM9XE family of microcontrollers.</para>
342 <para revision="230754,233950">The following &man.sysctl.8;
343 variables have been added: <varname>kern.proc.env</varname>
344 for environment strings, <varname>kern.proc.auxv</varname>
345 for ELF auxiliary vectors from a process's stack,
346 <varname>kern.proc.groups</varname> for process groups,
347 <varname>kern.proc.rlimit</varname> for process resource
348 limits, <varname>kern.proc.ps_strings</varname> for the
349 ps_strings location, and <varname>kern.proc.osrel</varname> for
350 the osreldate of the process's binary.</para>
352 <para revision="229100,229369">The &man.usb.4; driver now
353 handles suspend and resume correctly with no need to reload
354 the kernel module.</para>
356 <para revision="230302">A bug in the &man.xhci.4; (USB 3.0)
357 driver has been fixed. It did not work with USB 3.0
360 <para revision="229927">The &man.viawd.4; driver, which
361 supports the watchdog timer found in VIA south bridges (VT8251,
362 CX700, VX800, VX855, VX900), has been added.</para>
364 <para revision="235926">The &man.wbwd.4; driver, which
365 supports the watchdog timer found in Winbond Super I/O chips,
366 has been added.</para>
369 <title>Multimedia Support</title>
371 <para revision="236926,236927,239965">The drm2(4) Intel GPU driver,
372 which supports GEM and KMS and works with new generations of
373 GPUs such as IronLake, SandyBridge, and IvyBridge, has been
374 added. The &man.agp.4; driver now supports SandyBridge
375 and IvyBridge CPU northbridges.</para>
377 <para revision="232798">The &man.snd.hda.4; driver has been
378 updated. It now supports and provides HDMI, new volume control,
379 automatic recording source selection, runtime
380 reconfiguration, more then 4 PCM devices on a controller,
381 multichannel recording, additional playback/record
382 streams, higher bandwidth, and more informative device
385 <para revision="233165">The &man.snd.hdspe.4; driver has
386 been added. This supports RME HDSPe AIO and RayDAT sound
389 <para revision="230964,230985,231047,235769">GPL-licensed
390 headers in the &man.snd.emu10kx.4;, &man.snd.maestro3.4;,
391 and &man.snd.csa.4; drivers have been replaced with
392 BSD-licensed one. These drivers are now fully
393 BSD-licensed and included in the <filename>GENERIC</filename>
394 kernel on &os;/amd64 and &os;/i386.</para>
397 <sect4 xml:id="net-if">
398 <title>Network Interface Support</title>
400 <para revision="229520">A bug in the &man.ae.4; driver which could
401 prevent it from working under certain conditions has been
404 <para revision="229106">The &man.axe.4; driver now supports
405 TX/RX checksum offloading support for the ASIX AX88772B
408 <para>The &man.bce.4; driver has been improved:</para>
412 <para revision="229864">Unnecessary link up/down has
413 been eliminated.</para>
417 <para revision="236216">A bug has been fixed which could
418 prevent IPMI from working when the interface was
419 marked as down.</para>
423 <para revision="235818">It now supports remote PHYs,
424 which allow the controller to perform MDIO type accesses
425 to a remote transceiver by using message pages defined
426 through MRBE (MultiRate Backplane Ethernet). This is
427 found on machines such as the Dell PowerEdge M610
432 <para>The &man.bge.4; and brgphy(4) drivers have been
437 <para revision="229350">A bug which could prevent
438 DMA functionality from working correctly has been
443 <para revision="233495">It now works with a PCI-X BCM 5704
444 controller that is connected to AMD-8131 PCI-X bridge.</para>
448 <para revision="229357,229867,232134">It now supports
449 the BCM 5720 and BCM 5720C PHY, and the BCM 57780 1000BASE-T
450 media interface.</para>
454 <para revision="231734">It now supports a &man.loader.8;
456 <varname>dev.bge.<replaceable>N</replaceable>.msi</varname>
457 to control the use of MSI. The default value is
458 <literal>1</literal> (enabled).</para>
462 <para revision="231093,237925">The &man.cxgbe.4; and
463 &man.cxgb.4; drivers have been updated to firmware version
464 1.5.2.0. They now support device configuration via a
465 plain text configuration file, IPv6 hardware checksumming,
466 IPv6 TSO and LRO, a <literal>loadfw</literal> command in the
467 cxgbetool(8) utility which allows installing a firmware to
468 the card, and &man.sysctl.8; variables under
469 <varname>dev.t4nex.<replaceable>N</replaceable>.misc</varname>
470 for various information.</para>
472 <para revision="229334">The &man.dc.4; driver now supports
473 NVIDIA (ULi) M5261/M5263 PCI FastEthernet controllers, which
474 are found on the ULi M1563 South Bridge and M1689 Bridge.</para>
476 <para revision="229711,229717,229720">The &man.et.4; driver
477 now works on all platforms. A bug which could prevent
478 &man.altq.4; support from working has been fixed. A new
479 &man.sysctl.8; variable under
480 <varname>dev.et.<replaceable>N</replaceable>.stats</varname>
481 has been added for hardware MAC statistics.</para>
483 <para revision="238262">The &man.igb.4; driver has been
484 updated to version 2.3.4. It now supports newer i210/i211
487 <para revision="233838,235843">The &man.iwn.4; driver now
488 supports Intel Centrino Wireless-N + WiMAX 6150 and
489 Wireless-N 100/130 series.</para>
491 <para revision="230709">The &man.miibus.4; bus driver now
492 supports device hints
493 <varname>hint.miibus.<replaceable>N</replaceable>.phymask</varname>
494 for PHY addresses being probed. This is useful to manually
495 probe PHYs which do not implement basic the register set of
496 IEEE 802.3. Also, the &man.miibus.4; driver has been
497 changed to a hinted bus, allowing to add child devices via
498 hints and to set their attach arguments in addition to
499 automatically-probed PHYs.</para>
501 <para revision="229524">The &man.msk.4; driver now uses 64-bit
502 DMA addressing on 64-bit platforms.</para>
504 <para revision="236413">The &man.mxge.4; driver has been
505 updated to firmware version 1.4.55 from Myricom.</para>
507 <para revision="232137">The nsphyter(4) driver now supports
508 National DP83849.</para>
510 <para revision="231663">The &man.oce.4; driver, which
511 supports Emulex OneConnect 10Gbit Ethernet cards, has been
514 <para revision="236004">The &man.ral.4; driver now supports
515 Ralink RT2800 and RT3000 chipsets.</para>
517 <para revision="229529,231731">The &man.re.4; driver now
518 supports the RTL8411 PCIe Gigabit Ethernet controller. A bug
519 which could prevent WoL (Wake-on-LAN) from working on
520 RTL8168E has been fixed.</para>
522 <para revision="234028">The &man.runfw.4; firmware has been
523 updated to version 0.236.</para>
525 <para revision="228100">The &man.sfxge.4; driver, which
526 supports 10Gb Ethernet adapters based on Solarflare SFC9000
527 family controllers, has been added.</para>
529 <para revision="233485">The smcphy(4) driver now supports the
530 Seeq Technology 80220 PHY. This is found on Adaptec
531 AIC-6915 Starfire Ethernet controllers supported by the
532 &man.sf.4; driver.</para>
534 <para revision="229417,229438">The &man.ti.4; driver now
535 supports the &man.altq.4; framework, reporting link-state
536 changes, and &man.sysctl.8; variables under
537 <varname>dev.ti.<replaceable>N</replaceable></varname> for
538 interrupt moderation parameters.</para>
540 <para revision="229441">A bug in the &man.ti.4; driver which could
541 prevent it from working correctly with the <literal>PAE</literal>
542 kernel option has been fixed.</para>
544 <para revision="229540">The &man.vge.4; driver has been
545 updated to improve its link establishment and link-state
548 <para revision="229641">The &man.vr.4; driver now enables
549 flow control capability in the PHY drivers.</para>
551 <para revision="231697">The &man.xnb.4; Xen Paravirtualized
552 Backend Ethernet Driver (netback) has been updated. This is
553 attached via the newbus framework and works properly in both
554 HVM and PVM mode.</para>
558 <sect3 xml:id="net-proto">
559 <title>Network Protocols</title>
561 <para revision="236051">The &man.if.bridge.4; pseudo-interface
562 now supports reporting link-state changes depending on the status
563 of the member interfaces.</para>
565 <para revision="234597">The <literal>table</literal> argument
566 in the &man.ipfw.4; packet filter rule syntax now supports
567 IP address, interface name, port number, and jail ID. The
568 following syntax is valid:</para>
570 <programlisting>skipto tablearg ip from any to any via table(42) in</programlisting>
572 <para>The &os; &man.ip6.4; protocol stack has been improved in terms
573 of its performance. Benchmarking can be found at <uri xlink:href="http://people.freebsd.org/~bz/bench/">http://people.freebsd.org/~bz/bench/</uri>.</para>
575 <para revision="232292">The &os; &man.ip6.4; protocol stack now
576 supports multiple FIBs.</para>
578 <para revision="230604">An IPv6 default route configured via
579 Router Advertisement messages is now reinstalled correctly
580 when the default route is manually removed and then another
581 RA message is received for the same route.</para>
583 <para revision="227885">A bug which could return an incorrect
584 value for the <literal>IPV6_MULTICASE_HOPS</literal> socket option
585 has been fixed.</para>
587 <para revision="231768">A new &man.sysctl.3; name
588 <literal>NET_RT_IFLISTL</literal> has been added. This
589 queries the address list and works on extended and
590 extensible structures <varname>if_msghdrl</varname> and
591 <varname>ifa_msghdrl</varname> without breaking the
594 <para revision="231650,235527">The &man.netmap.4; fast packet
595 I/O framework has been added. The &man.em.4;, lem(4),
596 &man.igb.4;, and &man.re.4; drivers now support this
597 framework. The technical details can be found at <uri xlink:href="http://info.iet.unipi.it/~luigi/netmap/">http://info.iet.unipi.it/~luigi/netmap/</uri>.</para>
599 <para revision="231045">The &os; &man.sctp.4; protocol stack now
600 supports a new &man.sysctl.8; variable
601 <varname>net.inet.sctp.blackhole</varname>. If this is set
602 to <literal>1</literal>, no <literal>ABORT</literal> is sent
603 back in response to an incoming <literal>INIT</literal>. If
604 this is set to <literal>2</literal>, no
605 <literal>ABORT</literal> is sent back in response to an
606 out-of-the-blue packet. If set to <literal>0</literal>
607 (the default), <literal>ABORT</literal>s are sent.</para>
609 <para revision="231049">A bug which could cause a system panic
610 when <literal>SCTP_RECVINFO</literal> or
611 <literal>SCTP_NXTINFO</literal> is specified to the
612 &man.getsockopt.2; system call has been fixed.</para>
614 <para revision="231070,231140">The &os; &man.sctp.4; protocol stack now
615 supports the <literal>SCTP_REMOTE_UDP_ENCAPS_PORT</literal>
616 socket option.</para>
618 <para revision="232805">The <literal>SO_PROTOCOL</literal> and
619 <literal>SO_PROTOTYPE</literal> socket options have been
620 added. These return the socket protocol number.</para>
622 <para revision="232945">The <literal>TCP_KEEPINIT</literal>,
623 <literal>TCP_KEEPIDLE</literal>,
624 <literal>TCP_KEEPINTVL</literal>, and
625 <literal>TCP_KEEPCNT</literal> socket options have been
626 added. These allow controlling initial timeout, idle time,
627 idle resend interval, and idle send count on a per-socket
631 <sect3 xml:id="disks">
632 <title>Disks and Storage</title>
634 <para revision="240758">The &man.arcmsr.4; driver has been
635 updated to version 1.20.00.25.</para>
637 <para revision="229291">The &man.ahci.4; driver now supports a
638 new &man.loader.8; tunable <varname>hw.ahci.force</varname>.
639 This controls whether it attempts to attach an AHCI-capable
640 device even if it is configured to use legacy emulation.
641 This is enabled by default.</para>
643 <para revision="231251">The new &man.cam.4;-based &man.ata.4;
644 driver now supports old &man.loader.8; tunables
645 <varname>hw.ata.ata_dma</varname> and
646 <varname>hw.ata.atapi_dma</varname>, for backward
647 compatibility.</para>
649 <para revision="236778">The &man.cam.4; driver now supports
650 SEMB (SATA Enclosure Management Bridge) devices, which are
651 equivalent to the SCSI SES/SAF-TE devices.</para>
653 <para revision="236765">A new &man.sysctl.8; variable
654 <varname>kern.cam.pmp.hide_special</varname> has been added.
655 This controls whether special PMP ports such as PMP (Port
656 MultiPlier) configuration or SEMB (SATA Enclosure Management
657 Bridge) will be exposed or hidden. The default value is
658 <literal>1</literal> (hidden).</para>
660 <para revision="231772">The ctl(4) driver, which supports
661 &man.cam.4; Target Layer and &man.ctladm.8;, a userland
662 control utility, have been added. ctl(4) is a disk and
663 processor device emulation subsystem supporting tagged
664 queuing, SCSI task attribute, SCSI implicit command
665 ordering, full task management, multiple ports, multiple
666 simultaneous initiators, multiple simultaneous backing
667 stores, mode sense/select, and error injection
670 <para revision="230014">The &man.cd.4; driver now supports
671 Audio CDs in the same way as &man.acd.4; did. It will
672 report a 2352-byte sector size to the &man.geom.4; subsystem and use
673 the <literal>READ CD</literal> command for reading the data.
674 This fixes an interoperability issue with <package>multimedia/vlc</package>.</para>
676 <para revision="236677">The &man.da.4; driver now supports
677 <literal>BIO_DELETE</literal>. To select the method, a new
678 &man.sysctl.8; variable
679 <varname>kern.cam.da.<replaceable>N</replaceable>.delete_method</varname>
680 has been added for each device instance. The following
681 values are supported:</para>
683 <informaltable frame="none" pgwide="1">
688 <entry>Method</entry>
695 <entry>no provisioning support reported by the device</entry>
699 <entry>DISABLE</entry>
700 <entry>provisioning support was disabled because of errors</entry>
705 <entry>WRITE SAME (10) command to write zeroes</entry>
710 <entry>WRITE SAME (10) command with UNMAP bit set</entry>
715 <entry>use WRITE SAME (16) command with UNMAP bit set</entry>
720 <entry>use UNMAP command (equivalent of the ATA DSM TRIM command)</entry>
726 <para>When it was <literal>NONE</literal>, the device did not
727 report logical block provisioning support via respective
728 VPD pages. One can set a specific method for testing and it
729 will be disabled automatically when not supported on the
732 <para revision="238500">The <application>MIRROR</application>
733 &man.geom.4; class now supports
734 <literal>BIO_DELETE</literal>. This means the
735 <literal>TRIM</literal> command will be issued on
736 supported devices when deleting data.</para>
738 <para revision="229303,234916">The
739 <application>MULTIPATH</application> &man.geom.4; class has
740 been updated. It now supports Active/Active mode,
741 Active/Read mode as hybrid of Active/Active and
742 Active/Passive, keeping a failed path without removing the
743 geom provider, manual configuration without on-disk
744 metadata, and <command>add</command>,
745 <command>remove</command>, <command>fail</command>,
746 <command>restore</command>, <command>configure</command>
747 subcommands in the &man.gmultipath.8; utility to manage the
748 configured paths.</para>
750 <para revision="234406">The
751 <application>PART_LDM</application> &man.geom.4; class has
752 been added. This partition scheme has support for Logical Disk
753 Manager, which is also known as dynamic volumes in Microsoft
754 Windows NT. Note that JBOD, RAID0, and RAID5 volumes are
755 not supported yet.</para>
757 <para revision="230763">The <application>PART_MBR</application>
758 &man.geom.4; class now allows a primary or extended Linux
759 swap partition to be used as the system dump device.</para>
761 <para revision="235877" arch="amd64,i386">The
762 <application>RAID</application> &man.geom.4; class is now
763 included in the <filename>GENERIC</filename> kernel.</para>
765 <para revision="230244">The <application>RAID</application>
766 &man.geom.4; class now supports disks with over 2TB capacity
767 for the Intel metadata format.</para>
769 <para revision="235874">The <application>RAID</application>
770 &man.geom.4; class now supports the DDF metadata format, which
771 is defined in the SNIA Common RAID Disk Data Format
772 Specification v2.0.</para>
774 <para revision="235483">The
775 <application>UNCOMPRESS</application> &man.geom.4; class and
776 the &man.mkulzma.8; utility have been added. This class
777 supports lzma compressed images like the
778 <application>UZIP</application> &man.geom.4; class and the
779 &man.mkuzip.8; utility.</para>
781 <para revision="229975" arch="amd64,i386">The &man.hpt27xx.4;
782 driver has been added. This supports HighPoint RocketRAID
783 27xx-based SAS 6Gb/s HBA.</para>
785 <para revision="231689" arch="amd64,i386">The &man.isci.4;
786 driver, which supports the integrated SAS controller in the
787 Intel C600 (Patsburg) chipset, has been added.</para>
789 <para revision="230019">Bugs in &man.isp.4; target mode have
792 <para revision="230775">The &man.ixgbe.4; driver now supports
793 the Intel X540 adapter.</para>
795 <para revision="227533">A bug in the &man.mfi.4; driver has been
796 fixed. It could cause some inconsistencies due to missed
797 interrupt acknowledgements and output the following log
800 <screen>mfi0: COMMAND 0xffffffXXXXXXXXXX TIMEOUT AFTER XX SECONDS</screen>
802 <para revision="229611,234429">The &man.mfi.4; driver now
803 supports single-message MSI, and Drake Skinny and
804 Thunderbolt cards. The &man.loader.8; tunable
805 <varname>hw.mfi.msi</varname> has been added and it is
806 enabled by default.</para>
808 <para revision="230920,231679,237876">The &man.mps.4; driver
809 has been updated to version 14.00.00.01-fbsd. This now
810 supports Integrated RAID, WarpDrive controllers, WRITE12 and
811 READ12 for direct I/O, SCSI protection information (EEDP),
812 Transport Level Retries (TLR) for tape drives, and LSI's
813 userland utility.</para>
815 <para revision="232562">A bug in the &man.mpt.4; driver has
816 been fixed. It could attempt to attach MegaRAID cards which
817 should be handled by the &man.mfi.4; driver.</para>
819 <para revision="229107">The &man.usb.4; storage device driver
820 now enables power save mode by default.</para>
824 <title>File Systems</title>
826 <para>The &os; NFS filesystem has been improved:</para>
830 <para revision="233326">It now supports a timeout on
831 positive name cache entries on the client side. A new
832 mount option <varname>nametimeo</varname> has been added
833 and set to <literal>60</literal> (in seconds) by
838 <para revision="234740">A memory leak when a ZFS volume is
839 exported via the &os; NFS server has been fixed.</para>
843 <para revision="233730">A bug has been fixed. When a
844 process writes to an mmap-backed file on an NFS
845 filesystem, flushing changes to the data could fail
846 under some circumstances such as errors due to
847 permission mismatch, and this failure could not be detected
848 as an error. A new &man.sysctl.8; variable
849 <varname>vfs.nfs.nfs_keep_dirty_on_error</varname> has
850 been added to control the behavior on the client side
851 related to this issue. When this is set to
852 <literal>1</literal>, the pages where a write operation
853 failed are kept dirty. The default value is set to
854 <literal>0</literal>.</para>
858 <para revision="229799">The &man.nfsv4.4; filesystem now
859 supports a &man.sysctl.8; variable
860 <varname>vfs.nfsd.disable_checkutf8</varname>. This
861 disables the check for UTF-8 compliance in
862 filenames. This is disabled by default. Note that
863 enabling this may help wht some interoperability issues but
864 results in an NFSv4 server that is not RFC 3530
869 <para revision="234511">The &man.tmpfs.5; filesystem is not an
870 experimental implementation anymore.</para>
872 <para revision="234849">The &man.tmpfs.5; filesystem now
873 supports a &man.sysctl.8; variable
874 <varname>vfs.tmpfs.memory_reserved</varname> to set the amount
875 of required free pages when &man.tmpfs.5; attempts to
876 allocate a new node.</para>
878 <para revision="229578,232328">&os;'s ZFS filesystem has been
879 updated by merging improvements from the illumos project. The
880 following changes are made:</para>
883 <listitem><para>New properties, <literal>clones</literal> and
884 <literal>written</literal>, have been added.</para></listitem>
886 <listitem><para>The &man.zfs.8; <command>send</command> command
887 now reports an estimated size of the stream.</para></listitem>
889 <listitem><para>The &man.zfs.8; <command>destroy</command> command
890 now reports an estimate of the space which would be reclaimed,
891 when <option>-n</option> is specified.</para></listitem>
893 <listitem><para>The &man.zfs.8; <command>get</command> command now
894 supports the <option>-t <replaceable>type</replaceable></option>
895 flag to specify the data type.</para></listitem>
898 <para revision="227705">A simple script
899 <filename>zfsboottest.sh</filename> has been added to the
900 source tree. This checks if the system is configured
901 correctly when using ZFS as the root filesystem. The script
903 <filename>/usr/src/tools/tools/zfsboottest.sh</filename> and
904 it uses the <filename>zfsboottest</filename> binary program in the
905 same directory.</para>
907 <para>The binary program can be built and installed by the
908 following command:</para>
910 <screen>&prompt.root; cd /usr/src/tools/tools/zfsboottest
912 &prompt.root; make install</screen>
914 <para>After that, the following command can be used to check the
915 system. <replaceable>poolname</replaceable> is the ZFS
916 storage pool name to boot:</para>
918 <screen>&prompt.root; sh /usr/src/tools/tools/zfsboottest/zfsboottest.sh <replaceable>poolname</replaceable></screen>
920 <para>The &man.sysctl.8; variable
921 <varname>vfs.zfs.txg.timeout</varname> has been changed from
922 read-only to writable.</para>
926 <sect2 xml:id="userland">
927 <title>Userland Changes</title>
929 <para revision="238481">&man.auth.conf.5; has been removed
930 because it was deprecated years ago.</para>
932 <para revision="237740">The &man.camcontrol.8; utility now
933 supports a <command>fwdownload</command> subcommand for firmware
934 update on SCSI devices from Hitachi, HP, IBM, Plextor,
935 Quantum, and Seagate. This subcommand will reprogram the
936 firmware on devices connected over an ATA/SATA transport.</para>
938 <para revision="230597">The &man.dhclient.8; utility now
939 supports <literal>domain-search</literal> (option number 119,
940 described in RFC 3397). This allows a DHCP server to publish
941 a list of implicit domain suffixes used during name lookup.
942 If this option is specified, a <literal>search</literal>
943 keyword will be added to
944 <filename>/etc/resolv.conf</filename>.</para>
946 <para revision="230047">The &man.dump.8; utility now uses 53
947 characters for the device names in
948 <filename>/etc/dumpdates</filename>. This was previously limited to 32
951 <para revision="235253">The &man.fetch.1; utility now correctly
952 supports a percent-encoded user and password part in a
955 <para revision="230410">The &man.fdlopen.3; function has been
956 implemented. This is an interface for &man.rtld.1; to load a
957 shared object by file descriptor.</para>
959 <para revision="229845">The &man.fopen.3; function now supports
960 the <option>x</option> (an exclusive create-and-open mode) option
961 in the ISO/IEC 9899:2011 and C11 standards.</para>
963 <para revision="234023">A bug in the &man.gcc.1; compiler has
964 been fixed. It could lead to incorrect calculations when
965 <option>-ffast-math</option> is specified.</para>
967 <para revision="229509">The &man.hastd.8; daemon now supports
968 specifying the filename of its process ID file in
969 &man.hast.conf.5;.</para>
971 <para revision="231221">The &man.ifconfig.8; utility now
972 supports a <literal>vlanhwcsum</literal> parameter to set or
973 reset checksum offloading capability on VLANs.</para>
975 <para revision="238872">A bug in the &man.ifconfig.8; utility
976 which could display an error message in a jail with no IPv6
977 support has been fixed.</para>
979 <para revision="232486">The &man.ifconfig.8; utility now
980 supports a <literal>carp state state</literal>
982 the state to <literal>backup</literal> or
983 <literal>master</literal> forcibly.</para>
985 <para revision="235839">The &man.jail.8; utility now supports a
986 configuration file (&man.jail.conf.5;) for complex
987 configurations.</para>
989 <para revision="237789">The &man.kdump.1; utility now supports a
990 <option>-p <replaceable>pid</replaceable></option> option to
991 accept either a process ID or a thread ID.</para>
993 <para revision="236118">The &man.kenv.1; utility now supports a
994 <option>-v</option> flag to display an entry in
995 <literal>name=value</literal> format, and a <option>-N</option>
996 flag to display only the name.</para>
998 <para revision="233560">The &man.kldload.8; utility now supports a
999 <option>-n</option> flag to ignore the error status when the
1000 specified module is already loaded.</para>
1002 <para revision="237738"><application>libedit</application> has
1003 been updated to a NetBSD snapshot as of 28 December,
1006 <para revision="236523">&man.libmap.conf.5; now supports
1007 <literal>include</literal> and <literal>includedir</literal>
1008 directives. They allow to include specified files for the
1009 configuration.</para>
1011 <para revision="234372">Lock handling performance in the
1012 <application>libthr</application> pthread library has been
1013 improved. It now works 10 times faster especially under the
1014 condition that a mutex is heavily contested.</para>
1016 <para revision="235798">A new C++ stack has been imported. This
1017 consists of <application>libcxxrt</application>, originally
1018 developed by a &os; developer under contract by PathScale and
1019 open sourced by the &os; and NetBSD foundations, and
1020 <application>libc++</application> from the LLVM project.
1021 <application>libcxxrt</application> is a drop-in replacement
1022 for GNU <application>libsupc++</application>, which implements
1023 the C++ runtime support for features such as run-time type
1024 information, dynamic casting, thread-safe static initializer,
1025 and exceptions. <application>libc++</application> implements
1026 the C++11 standard library, and will replace GNU
1027 <application>libstdc++</application> in a future release. In
1028 9.1-RELEASE, <application>libstdc++</application> is still
1029 installed as standard and now dynamically links against
1030 <application>libsupc++</application>. This allows libraries
1031 linking <application>libstdc++</application> and
1032 <application>libc++</application> to both be used in the same
1033 program, to aid migration.</para>
1035 <para revision="230919">The &man.limits.1; utility now supports
1036 a <option>-P <replaceable>pid</replaceable></option> option to
1037 control limits for the specified process.</para>
1039 <para revision="237731">The &man.pciconf.8; utility now supports a
1040 <option>-e</option> flag to display PCI error details in
1041 listing mode. When this is specified, the status of any error
1042 bits in the PCI status register and PCI-express device status
1043 register will be displayed. It also lists any errors
1044 indicated by version 1 of PCI-express Advanced Error Reporting
1047 <para revision="229710">The &man.procstat.1; utility now shows the
1048 superpage mapping flag when displaying process virtual memory
1051 <para revision="230917,230918">The &man.procstat.1; utility now
1052 supports an <option>-e</option> flag to display process
1053 environment variables, an <option>-x</option> flag to display
1054 ELF auxiliary vectors, and an <option>-l</option> flag to
1055 display resource limits.</para>
1057 <para revision="234535">A bug in the &man.remquo.3; functions
1058 where the quotient did not always have the correct sign when
1059 the remainder was <literal>0</literal>, and another bug that
1060 the remainder and quotient were both off by a bit in certain
1061 cases involving subnormal remainders, have been fixed. Note
1062 that these bugs affected all platforms except amd64 and
1065 <para revision="231579">The &man.rtld.1; run-time linker now
1066 supports GCC's RELRO (RElocation Read-Only). This prevents the
1067 GOT (Global Offset Table) from being overwritten.</para>
1069 <para revision="235396">The &man.rtld.1; run-time linker now
1070 supports a GNU hash section (<literal>DT_GNU_HASH</literal>),
1071 which is a replacement of optional ELF hash section.</para>
1073 <para revision="235139">The &man.setbuf.1; utility and
1074 <application>libstdbuf</application> library have been added.
1075 This controls the default buffering behavior of standard
1076 stdio streams.</para>
1078 <para revision="227702">The &man.top.1; utility now correctly
1079 supports per-thread I/O statistics of ZFS in the <option>-m
1080 io</option> option.</para>
1082 <para revision="234330">The &man.unzip.1; utility now supports a
1083 <option>-Z</option> option for zipinfo.</para>
1085 <para revision="235785">The &man.xlocale.3; API has been
1086 implemented. This consists of <literal>_l</literal>-suffixed
1087 versions of various standard library functions that use the
1088 global locale, making them take an explicit locale parameter
1089 and allowing thread-safe extended locale support. Most of
1090 these APIs are required for IEEE Std 1003.1-2008 (POSIX.1-2008
1091 or ISO/IEC 9945:2009) compatibility, and are required by
1092 <application>libc++</application> and recent versions of
1093 <application>GNOME</application>. This implementation also
1094 supports several extensions for compatibility with Apple
1095 <application>Darwin</application>.</para>
1097 <sect3 xml:id="periodic-scripts">
1098 <title>&man.periodic.8; Scripts</title>
1100 <para revision="231721">A new variable
1101 <varname>daily_status_zfs_zpool_list_enable</varname> has
1102 been added. It controls whether or not to list all of the ZFS
1103 pools in <filename>periodic/daily/404.status-zfs</filename>.
1104 The default value is <literal>YES</literal>.</para>
1106 <para revision="229381">The default value of
1107 <varname>daily_scrub_zfs_default_threshold</varname> used in
1108 <filename>periodic/daily/800.scrub-zfs</filename> is now set
1112 <sect3 xml:id="rc-scripts">
1113 <title>&man.rc.8; Scripts</title>
1115 <para revision="227607">The <filename>rc.d/nfsd</filename> script
1116 now sets the <varname>vfs.nfsd.server_max_nfsvers</varname>
1117 &man.sysctl.8; variable to <literal>4</literal> when
1118 <varname>nfsv4_server_enable</varname> is set to
1119 <literal>YES</literal>.</para>
1121 <para revision="242189">A backwards compatibility issue when
1122 both <literal>ipv6_enable=YES</literal> and
1123 <literal>ipv6_gateway_enable=YES</literal> are defined at
1124 the same time has been fixed.</para>
1128 <sect2 xml:id="contrib">
1129 <title>Contributed Software</title>
1131 <para revision="241417"><application>ISC BIND</application> has
1132 been updated to version 9.8.3-P4.</para>
1134 <para revision="236018">The
1135 <application>compiler-rt</application> library, which provides
1136 low-level target-specific interfaces such as functions in
1137 <application>libgcc</application>, has been updated to
1138 revision 147467.</para>
1140 <para revision="237983"><application>file</application>
1141 (&man.file.1;) has been updated to version 5.11.</para>
1143 <para revision="230237">GNU &man.gperf.1; has been updated to
1144 version 3.0.3 (the latest GPLv2-licensed version).</para>
1146 <para revision="229588"><application>libarchive</application>,
1147 &man.bsdtar.1;, and &man.cpio.1; have been updated to version
1150 <para revision="236167">The <application>libpcap</application>
1151 library has been updated to 1.2.1.</para>
1153 <para revision="229551"><application>libstdc++</application>
1154 has been updated to revision 135556 of the
1155 <literal>gcc-4_2-branch</literal> (the last LGPLv2-licensed
1158 <para revision="236144">The <application>LLVM</application>
1159 compiler infrastructure and <application>clang</application>,
1160 a C language family front-end, version 3.1 have been imported.
1161 Note that it is not used for building the &os; base system by
1164 <para revision="235971">The <literal>netcat</literal> utility
1165 has been updated to version 5.1.</para>
1167 <para revision="237998"><application>OpenSSL</application> has
1168 been updated to version 0.9.8x.</para>
1170 <para revision="249865">The <application>sendmail</application>
1171 (&man.sendmail.8;) utility has been updated to version 8.14.8.</para>
1173 <para revision="236192">The <application>tcpdump</application>
1174 (&man.tcpdump.1;) utility has been updated to version 4.2.1.</para>
1176 <para revision="232633">The <application>TENEX C
1177 shell</application> (&man.tcsh.1;) has been updated to version
1180 <para revision="233447">The <application>timezone</application>
1181 database has been updated to the
1182 <application>tzdata2012a</application> release.</para>
1184 <para revision="237691">The <application>zlib</application>
1185 library has been updated to version 1.2.7.</para>
1188 <sect2 xml:id="releng">
1189 <title>Release Engineering and Integration</title>
1191 <para>The supported version of the
1192 <application>KDE</application> desktop environment (<package>x11/kde4</package>) has been updated to
1195 <para revision="234055" arch="powerpc">Issues where the &os;
1196 installation CDROM image caused a panic, and was not
1197 recognized on OpenBIOS-based environments like QEMU, have been
1202 <sect1 xml:id="upgrade">
1203 <title>Upgrading from previous releases of &os;</title>
1206 <title>Upgrading using &man.freebsd-update.8; or a source-based
1209 <para arch="amd64,i386">Beginning with &os; 6.2-RELEASE, binary
1210 upgrades between RELEASE versions (and snapshots of the
1211 various security branches) are supported using the
1212 &man.freebsd-update.8; utility. The binary upgrade procedure
1213 will update unmodified userland utilities, as well as an
1214 unmodified <filename>GENERIC</filename> kernel, distributed as
1215 a part of an official &os; release. The
1216 &man.freebsd-update.8; utility requires that the host being
1217 upgraded have Internet connectivity.</para>
1219 <para>Source-based upgrades (those based on recompiling the &os;
1220 base system from source code) from previous versions are
1221 supported using to the instructions in
1222 <filename>/usr/src/UPDATING</filename>.</para>
1224 <para>For more specific information about upgrading
1225 instructions, see <uri xlink:href="http://www.FreeBSD.org/releases/9.1R/installation.html">http://www.FreeBSD.org/releases/9.1R/installation.html</uri>.</para>
1228 <para>Upgrading &os; should, of course, only be attempted
1229 after backing up <emphasis>all</emphasis> data and
1230 configuration files.</para>
1235 <title xml:id="upgrade-pitfalls">User-visible incompatibilities</title>
1237 <para>FreeBSD 9.0 and later have several incompatibilities in
1238 system configuration which you might want to know before
1239 upgrading your system. <emphasis>Please read this section and
1240 the <link xlink:href="http://www.freebsd.org/releases/9.0R/relnotes-detailed.html#UPGRADE">Upgrading
1241 Section in 9.0-RELEASE Release Notes</link> carefully before
1242 submitting a problem report and/or posting a question to the
1243 FreeBSD mailing lists.</emphasis></para>