1 <?xml version="1.0" encoding="iso-8859-1"?>
2 <!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook XML V5.0-Based Extension//EN"
3 "../../../share/xml/freebsd50.dtd" [
4 <!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN" "release.ent">
6 <!ENTITY % sponsor PUBLIC "-//FreeBSD//ENTITIES Sponsor Specification//EN" "sponsor.ent">
8 <!ENTITY % vendor PUBLIC "-//FreeBSD//ENTITIES Vendor Specification//EN" "vendor.ent">
10 <!ENTITY security SYSTEM "../../share/xml/security.xml">
11 <!ENTITY errata SYSTEM "../../share/xml/errata.xml">
13 <article xmlns="http://docbook.org/ns/docbook"
14 xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0">
17 <title>&os; &release.current; Release Notes</title>
20 <orgname>The &os; Project</orgname>
23 <pubdate>$FreeBSD$</pubdate>
25 <!-- Last rev: 288943 -->
29 <holder role="mailto:doc@FreeBSD.org">The &os; Documentation
33 <legalnotice xml:id="trademarks" role="trademarks">
43 <para>The release notes for &os; &release.current; contain
44 a summary of the changes made to the &os; base system on the
45 &release.branch; development line. This document lists
46 applicable security advisories that were issued since the last
47 release, as well as significant changes to the &os; kernel and
48 userland. Some brief remarks on upgrading are also
53 <sect1 xml:id="intro">
54 <title>Introduction</title>
56 <para>This document contains the release notes for &os;
57 &release.current;. It describes recently added, changed, or
58 deleted features of &os;. It also provides some notes on
59 upgrading from previous versions of &os;.</para>
61 <para releasetype="current">The &release.type; distribution to
62 which these release notes apply represents the latest point
63 along the &release.branch; development branch since
64 &release.branch; was created. Information regarding pre-built,
65 binary &release.type; distributions along this branch can be
67 xlink:href="&release.url;">&release.url;</uri>.</para>
69 <para releasetype="snapshot">The &release.type; distribution to
70 which these release notes apply represents a point along the
71 &release.branch; development branch between &release.prev; and
72 the future &release.next;. Information regarding pre-built,
73 binary &release.type; distributions along this branch can be
75 xlink:href="&release.url;">&release.url;</uri>.</para>
77 <para releasetype="release">This distribution of &os;
78 &release.current; is a &release.type; distribution. It can be
79 found at <uri xlink:href="&release.url;">&release.url;</uri> or
80 any of its mirrors. More information on obtaining this (or
81 other) &release.type; distributions of &os; can be found in the
83 xlink:href="&url.books.handbook;/mirrors.html"><quote>Obtaining
84 &os;</quote> appendix</link> to the <link
85 xlink:href="&url.books.handbook;/">&os;
86 Handbook</link>.</para>
88 <para>All users are encouraged to consult the release errata
89 before installing &os;. The errata document is updated with
90 <quote>late-breaking</quote> information discovered late in the
91 release cycle or after the release. Typically, it contains
92 information on known bugs, security advisories, and corrections
93 to documentation. An up-to-date copy of the errata for &os;
94 &release.current; can be found on the &os; Web site.</para>
96 <para>This document describes the most user-visible new or changed
97 features in &os; since &release.prev;. In general, changes
98 described here are unique to the &release.branch; branch unless
99 specifically marked as &merged; features.</para>
101 <para>Typical release note items document recent security
102 advisories issued after &release.prev;, new drivers or hardware
103 support, new commands or options, major bug fixes, or
104 contributed software upgrades. They may also list changes to
105 major ports/packages or release engineering practices. Clearly
106 the release notes cannot list every single change made to &os;
107 between releases; this document focuses primarily on security
108 advisories, user-visible changes, and major architectural
112 <sect1 xml:id="upgrade">
113 <title>Upgrading from Previous Releases of &os;</title>
115 <para arch="amd64,i386">Binary upgrades between RELEASE versions
116 (and snapshots of the various security branches) are supported
117 using the &man.freebsd-update.8; utility. The binary upgrade
118 procedure will update unmodified userland utilities, as well as
119 unmodified GENERIC kernels distributed as a part of an official
120 &os; release. The &man.freebsd-update.8; utility requires that
121 the host being upgraded have Internet connectivity.</para>
123 <para>Source-based upgrades (those based on recompiling the &os;
124 base system from source code) from previous versions are
125 supported, according to the instructions in
126 <filename>/usr/src/UPDATING</filename>.</para>
129 <para>Upgrading &os; should only be attempted after backing up
130 <emphasis>all</emphasis> data and configuration files.</para>
134 <sect1 xml:id="security-errata">
135 <title>Security and Errata</title>
137 <para>This section lists the various Security Advisories and
138 Errata Notices since &release.prev;.</para>
140 <sect2 xml:id="security">
141 <title>Security Advisories</title>
146 <sect2 xml:id="errata">
147 <title>Errata Notices</title>
153 <sect1 xml:id="userland">
154 <title>Userland</title>
156 <para>This section covers changes and additions to userland
157 applications, contributed software, and system utilities.</para>
159 <sect2 xml:id="userland-config">
160 <title>Userland Configuration Changes</title>
162 <para revision="313203">The &man.inetd.8; utility can now be
163 built without <literal>libwrap</literal> support when
164 <literal>WITHOUT_TCP_WRAPPERS</literal> is set in
165 &man.src.conf.5;.</para>
167 <para revision="316045">The &man.libthr.3; library and related
168 files are now evaluated and removed by the
169 <literal>delete-old-libs</literal> target when upgrading the
170 system if <literal>WITHOUT_LIBTHR</literal> is
171 set in &man.src.conf.5;.</para>
173 <para revision="316423" contrib="sponsor" sponsor="&ff;">The
174 <literal>WITH_LLD_AS_LD</literal> build knob has been added,
175 which installs <application>LLD</application> as
176 <filename>/usr/bin/ld</filename> if set.</para>
179 <sect2 xml:id="userland-programs">
180 <title>Userland Application Changes</title>
182 <para revision="308720" contrib="sponsor" sponsor="&gandi;">The
183 &man.cron.8; utility has been updated to add support for
184 including files within <filename
185 class="directory">/etc/cron.d</filename> and <filename
186 class="directory">/usr/local/etc/cron.d</filename> by
189 <para revision="308721" contrib="sponsor" sponsor="&gandi;">The
190 &man.syslogd.8; utility has been updated to add the
191 <literal>include</literal> keyword which allows specifying
192 a directory containing configuration files to be included in
193 addition to &man.syslog.conf.5;. The default
194 &man.syslog.conf.5; has been updated to include <filename
195 class="directory">/etc/syslog.d</filename> and <filename
196 class="directory">/usr/local/etc/syslog.d</filename> by
199 <para revision="308914">The &man.zfsbootcfg.8; utility has been
200 added, providing one-time &man.boot.config.5;-style options
201 for &man.zfsboot.8;.</para>
203 <para revision="315514" contrib="sponsor" sponsor="&yandex;">The
204 &man.setkey.8; utility has been modified to show the runtime
205 <acronym>NAT-T</acronym> configuration. The
206 <literal>-g</literal> and <literal>-t</literal> flags have
207 been added, which list only global and virtual policies,
208 respectively, when used with the <literal>-D</literal> and
209 <literal>-P</literal> flags.</para>
211 <para revision="316098" contrib="sponsor"
212 sponsor="&dellemc;">The &man.getaddrinfo.1; utility has been
213 added, ported from NetBSD.</para>
215 <para revision="316944" contrib="sponsor"
216 sponsor="&multiplay;">The &man.jail.8; utility has been
217 updated to allow explicitly-assigned <acronym>IPv4</acronym>
218 and <acronym>IPv6</acronym> addresses to be used within
221 <para revision="317855">The &man.daemon.8; utility has been
222 updated to allow redirecting &man.stdout.4; and &man.stderr.4;
223 output to &man.syslog.3; or to a file.</para>
226 <sect2 xml:id="userland-contrib">
227 <title>Contributed Software</title>
229 <para revision="307729">&man.unbound.8; has been updated to
230 version 1.5.10.</para>
232 <para revision="309511"><application>Subversion</application>
233 has been updated to version 1.9.5.</para>
235 <para revision="309847">&man.file.1; has been updated to version
238 <para revision="310490">The &man.amd.8; utility has been updated
239 to version 6.2.</para>
241 <para revision="312336">The <acronym>CLDR</acronym> locales have
242 been updated to version 30.0.3. The unicode locales have been
243 updated to version 9.0.0.</para>
245 <para revision="312517">&man.xz.1; has been updated to version
248 <para revision="313537">&man.tcpdump.1; has been updated to
249 version 4.9.0.</para>
251 <para revision="313795">&man.zlib.3; has been updated to version
254 <para revision="313980"><application>openresolv</application>
255 has been updated to version 3.9.0.</para>
257 <para revision="313680">The NetBSD test suite has been updated
258 to the 01.11.2017_23.20 snapshot.</para>
260 <para revision="314278"><literal>libucl</literal> has been
261 updated to version 20170219.</para>
263 <para revision="315432">&man.libarchive.3; has been updated to
264 version 3.3.1.</para>
266 <para revision="315995">&man.dma.8; has been updated to the
267 2017-02-10 snapshot.</para>
269 <para revision="316068">&man.ntpd.8; has been updated to version
272 <para revision="316303"><application>ACPICA</application> has
273 been updated to version 20170303.</para>
275 <para revision="316349">Timezone data files have been updated to
276 version 2017b.</para>
278 <para revision="316420">&man.mandoc.1; has been updated to
281 <para revision="316423"><application>Clang</application> has
282 been updated to version 4.0.0.</para>
284 <para revision="316423"><application>LLVM</application> has
285 been updated to version 4.0.0.</para>
287 <para revision="316423"><application>LLD</application> has
288 been updated to version 4.0.0.</para>
290 <para revision="316423"><application>LLDB</application> has
291 been updated to version 4.0.0.</para>
293 <para revision="316423"><application>compiler-rt</application>
294 has been updated to version 4.0.0.</para>
296 <para revision="316423"><application>libc++</application> has
297 been updated to version 4.0.0.</para>
299 <para revision="316957">&man.tcsh.1; has been updated to version
302 <para revision="318239" contrib="sponsor"
303 sponsor="&ff;">&man.blacklistd.8; has been updated to the
304 20170503 snapshot.</para>
306 <para revision="318402" contrib="sponsor"
307 sponsor="&ff;">&man.blacklistd.8; support for
308 <application>OpenSSH</application> has been refined to adjust
309 notification points to catch all authentication failures
310 rather than only those caused by invalid login
314 <sect2 xml:id="userland-installer">
315 <title>Installation and Configuration Tools</title>
317 <para revision="311686">The &man.bsdinstall.8; installer has
318 been updated to include support for hidden wireless networks
319 when configuring the &man.wlan.4; interface.</para>
322 <sect2 xml:id="userland-rc">
323 <title><filename class="directory">/etc/rc.d</filename>
326 <para revision="310009" contrib="sponsor"
327 sponsor="&fisglobal;">The <literal>jail_confwarn</literal>
328 &man.rc.conf.5; entry has been added, which suppresses warning
329 about obsolete per-&man.jail.8; configurations.</para>
332 <sect2 xml:id="userland-periodic">
333 <title><filename class="directory">/etc/periodic</filename>
336 <para revision="317373">The default &man.periodic.conf.5; has
337 been updated to include the
338 <literal>anticongestion_sleeptime</literal> option,
339 consolidating random sleeps in &man.periodic.8; scripts and
340 replacing the <literal>daily_ntpd_avoid_congestion</literal>
341 option. The default value is 3600 seconds.</para>
343 <para revision="317857">The <filename>410.status-mfi</filename>
344 &man.periodic.8; script has been added to monitor the status
345 of &man.mfi.4; volumes.</para>
348 <sect2 xml:id="userland-libraries">
349 <title>Runtime Libraries and API</title>
351 <para revision="316039">The &man.kvm.close.3; function has been
352 updated to return the accumulated error from previous
353 &man.close.2; calls.</para>
355 <para revision="317618" contrib="sponsor"
356 sponsor="&dellemc;">The <function>clock_nanosleep()</function>
357 system call has been added. The
358 <function>nanosleep()</function> system call is now a wrapper
359 around <function>clock_nanosleep()</function>.</para>
362 <sect2 xml:id="userland-abi">
363 <title>ABI Compatibility</title>
365 <para revision="309258">The type <literal>max_align_t</literal>
366 is now defined for C11 compliance.</para>
368 <para revision="315274" contrib="sponsor"
369 sponsor="&dellemc;">The
370 <function>sem_clockwait_np()</function> library function has
371 been added, which allows the caller to specify the reference
372 clock and choose between absolute and relative mode.</para>
374 <para revision="315282">The <application>clang</application>
375 <literal>nullability</literal> attribute has been added to the
376 <literal>C</literal> library headers.</para>
380 <sect1 xml:id="kernel">
381 <title>Kernel</title>
383 <para>This section covers changes to kernel configurations, system
384 tuning, and system control parameters that are not otherwise
387 <sect2 xml:id="kernel-bugfix">
388 <title>Kernel Bug Fixes</title>
390 <para revision="317434">The &man.ipf.4; packet filter has been
391 updated to prevent <literal>keep state</literal> from
392 incorrectly implying <literal>keep frags</literal>, matching
393 the behavior documented in &man.ipf.5;.</para>
396 <sect2 xml:id="kernel-config">
397 <title>Kernel Configuration</title>
399 <para revision="315514" contrib="sponsor" sponsor="&yandex;">The
400 <literal>IPSEC_NAT_T</literal> kernel configuration option has
401 been removed. Support for <acronym>NAT-T</acronym> is now
402 enabled by default.</para>
404 <para revision="315514" contrib="sponsor" sponsor="&yandex;">The
405 <literal>IPSEC_FILTERTUNNEL</literal> kernel option has been
406 removed, which was deprecated by the
407 <literal>net.inet.ipsec.filtertunnel</literal> sysctl.</para>
410 <sect2 xml:id="kernel-modules">
411 <title>Kernel Modules</title>
413 <para revision="307144">&man.cloudabi.4; has been updated to
414 allow running 32-bit binaries within 64-bit userland
415 environments when the kernel configuration file has the
416 <literal>COMPAT_CLOUDABI32</literal> option present.</para>
418 <para revision="315514" contrib="sponsor" sponsor="&yandex;">The
419 <literal>ipsec</literal> and <literal>tcpmd5</literal> kernel
420 modules have been added.</para>
422 <para revision="316274" contrib="sponsor" sponsor="&yandex;">The
423 &man.ipfw.4; packet filter has been updated to add support for
424 named dynamic states.</para>
426 <para revision="316444" contrib="sponsor" sponsor="&yandex;">The
427 <literal>ipfw_nptv6</literal> kernel module has been added,
428 implementing Network Prefix Translation for
429 <acronym>IPv6</acronym> as defined in <acronym>RFC</acronym>
432 <para revision="316446" contrib="sponsor" sponsor="&yandex;">The
433 <literal>ipfw_nat64</literal> kernel module has been added,
434 implementing stateless and stateful
435 <acronym>NAT64</acronym>.</para>
437 <para revision="316660" contrib="sponsor" sponsor="&ff;">The
438 &man.cfumass.4; device has been added, providing a storage
439 frontend to <acronym>USB</acronym>
440 <acronym>OTG</acronym>-capable hardware.</para>
442 <para revision="317045" contrib="sponsor" sponsor="&yandex;">The
443 <literal>ipfw_pmod</literal> kernel module has been added,
444 designed for modifying packets of any protocol.</para>
447 <para>At present, only <acronym>TCP</acronym>
448 <acronym>MSS</acronym> modification is implemented.</para>
452 <sect2 xml:id="kernel-sysctl">
453 <title>System Tuning and Controls</title>
455 <para revision="315539">The
456 <literal>vfs.root_mount_always_wait</literal> tunable has been
457 added, which forces the kernel to wait for root mount holds
458 even if the root device is already present.</para>
460 <para revision="316120" contrib="sponsor"
461 sponsor="&dellemc;">When the system real time clock
462 (<acronym>RTC</acronym>) is adjusted, such as by
463 <function>clock_settime()</function>, sleeping threads are now
464 awakened and absolute sleep times are reevaluated based on the
465 new value of the RTC.</para>
469 <sect1 xml:id="drivers">
470 <title>Devices and Drivers</title>
472 <para>This section covers changes and additions to devices and
473 device drivers since &release.prev;.</para>
475 <sect2 xml:id="drivers-device">
476 <title>Device Drivers</title>
478 <para revision="307768">The &man.jedec.ts.4; driver has been
479 added, providing support for thermal sensors on memory
480 modules. The driver currently supports chips that are fully
481 compliant with the <acronym>JEDEC</acronym>
482 <acronym>JC</acronym> 42.4 specification.</para>
484 <para revision="308104">The &man.chromebook.platform.4; driver
485 has been added, providing support for various Chromebook
488 <para revision="308942">The &man.bytgpio.4; driver has been
489 added, providing support for Intel® Bay Trail™
490 SoC GPIO controllers.</para>
493 <sect2 xml:id="drivers-storage">
494 <title>Storage Drivers</title>
499 <sect2 xml:id="drivers-network">
500 <title>Network Drivers</title>
502 <para revision="309377" contrib="sponsor"
503 sponsor="&broadcom;">The &man.bnxt.4; driver has been added,
504 providing support for Broadcom® NetXtreme-C™ and
505 NetXtreme-E™ devices.</para>
507 <para revision="310852" contrib="sponsor"
508 sponsor="&netgate;">The &man.miibus.4; driver has been updated
509 to support Microchip/Micrel KSZ9031 Gigabit ethernet
512 <para revision="311506" contrib="sponsor"
513 sponsor="&chelsio;">The &man.cxgbe.4; driver has been updated
514 to firmware version 1.16.26.0 for T4, T5, and T6 cards.</para>
516 <para revision="312358">The &man.alc.4; driver has been updated
517 to provide support for Atheros® Killer E2400™
518 Gigabit ethernet cards.</para>
520 <para revision="314005" contrib="sponsor" sponsor="&ms;">The
521 &man.alc.4; driver has been updated to provide support for
522 Atheros® Killer E2500™ Gigabit ethernet
525 <para revision="315330" contrib="sponsor"
526 sponsor="&netgate;">The &man.etherswitch.4; driver has been
527 updated to support RTL8366RB and RTL8366SR cards.</para>
529 <para revision="317116">The &man.qlnxe.4; driver has been added,
530 providing support for Cavium® Qlogic™ 45000 Series
533 <para revision="317182">The &man.qlxgbe.4; firmware has been
534 updated to version 5.4.64.</para>
536 <para revision="318357" contrib="sponsor"
537 sponsor="&intelcorp;">The &man.ixl.4; driver has been updated
538 to version 1.7.12-k.</para>
542 <sect1 xml:id="hardware">
543 <title>Hardware Support</title>
545 <para>This section covers general hardware support for physical
546 machines, hypervisors, and virtualization environments, as well
547 as hardware changes and updates that do not otherwise fit in
548 other sections of this document.</para>
550 <sect2 xml:id="hardware-support">
551 <title>Hardware Support</title>
553 <para revision="307576">The &man.atkbdc.4; driver has been
554 updated to provide support for Elantech® trackpads. To
555 enable hardware support, add
556 <literal>hw.psm.elantech_support=1</literal> to
557 &man.loader.conf.5;.</para>
560 <sect2 xml:id="hardware-virtualization">
561 <title>Virtualization Support</title>
566 <sect2 xml:id="hardware-arm">
567 <title>ARM Support</title>
569 <para revision="305436">Support for the Allwinner A13 board has
574 <sect1 xml:id="storage">
575 <title>Storage</title>
577 <para>This section covers changes and additions to file systems
578 and other storage subsystems, both local and networked.</para>
580 <sect2 xml:id="storage-general">
581 <title>General Storage</title>
586 <sect2 xml:id="storage-net">
587 <title>Networked Storage</title>
592 <sect2 xml:id="storage-zfs">
598 <sect2 xml:id="storage-geom">
599 <title><literal>geom(4)</literal></title>
605 <sect1 xml:id="boot">
606 <title>Boot Loader Changes</title>
608 <para>This section covers the boot loader, boot menu, and other
609 boot-related changes.</para>
611 <sect2 xml:id="boot-loader">
612 <title>Boot Loader Changes</title>
614 <para revision="307632" contrib="sponsor" sponsor="&gandi;">The
615 <acronym>EFI</acronym> loader has been updated to support
616 <acronym>TFTPFS</acronym>, providing netboot support without
617 requiring an <acronym>NFS</acronym> server.</para>
620 <sect2 xml:id="boot-menu">
621 <title>Boot Menu Changes</title>
627 <sect1 xml:id="network">
628 <title>Networking</title>
630 <para>This section describes changes that affect networking in
633 <sect2 xml:id="network-general">
634 <title>General Network Changes</title>
636 <para revision="311681" contrib="sponsor" sponsor="&yandex;">The
637 network stack has been updated to include
638 <function>ip6_tryforward()</function>, providing performance
639 benefits as result of a reduced number of checks.</para>
641 <para revision="313523" contrib="sponsor"
642 sponsor="&dellemc;">The network stack has been modified to fix
643 incorrect or invalid <acronym>IP</acronym> addresses if
644 multiple threads emit a <acronym>UDP</acronym>
645 <literal>log_in_vain</literal> message concurrently.</para>
647 <para revision="317386" contrib="sponsor"
648 sponsor="&multiplay;">The <acronym>TCP</acronym> stack has
649 been changed to use the estimated <acronym>RTT</acronym>
650 instead of timestamps for receive buffer auto resizing.</para>
653 <sect2 xml:id="network-protocols">
654 <title>Network Protocols</title>
656 <para revision="309337" contrib="sponsor"
657 sponsor="&dellemc;">Support for <acronym>GARP</acronym>
658 retransmit has been added. A new &man.sysctl.8;,
659 <literal>net.link.ether.inet.garp_rexmit_count</literal>, has
660 been added, which sets the maximum number of retransmissions
661 when set to a non-zero value.</para>
663 <para revision="315514" contrib="sponsor"
664 sponsor="&yandex;">Support for the
665 <literal>UDP_ENCAP_ESPINUDP_NON_IKE</literal> encapsulation
666 type has been removed.</para>
670 <sect1 xml:id="ports">
671 <title>Ports Collection and Package Infrastructure</title>
673 <para>This section covers changes to the &os; Ports
674 Collection, package infrastructure, and package maintenance and
675 installation tools.</para>
677 <sect2 xml:id="ports-infrastructure">
678 <title>Infrastructure Changes</title>
683 <sect2 xml:id="ports-packages ">
684 <title>Packaging Changes</title>
691 <title>Documentation</title>
693 <para>This section covers changes to the &os; Documentation
694 Project sources and toolchain.</para>
696 <sect2 xml:id="doc-sources">
697 <title>Documentation Source Changes</title>
702 <sect2 xml:id="doc-toolchain">
703 <title>Documentation Toolchain Changes</title>
709 <sect1 xml:id="releng">
710 <title>Release Engineering and Integration</title>
712 <para>This section convers changes that are specific to the
713 &os; Release Engineering processes.</para>
715 <sect2 xml:id="releng-changes">
716 <title>Integration Changes</title>