1 Updating Information for FreeBSD current users.
3 This file is maintained and copyrighted by M. Warner Losh <imp@freebsd.org>.
4 See end of file for further details. For commonly done items, please see the
5 COMMON ITEMS: section later in the file. These instructions assume that you
6 basically know what you are doing. If not, then please consult the FreeBSD
9 http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/makeworld.html
11 Items affecting the ports and packages system can be found in
12 /usr/ports/UPDATING. Please read that file before running portupgrade.
14 NOTE: FreeBSD has switched from gcc to clang. If you have trouble bootstrapping
15 from older versions of FreeBSD, try WITHOUT_CLANG and WITH_GCC to bootstrap to
16 the tip of head, and then rebuild without this option. The bootstrap process
17 from older version of current across the gcc/clang cutover is a bit fragile.
20 Many changes in the IPsec code have been merged from the FreeBSD-CURRENT
21 branch. The IPSEC_FILTERTUNNEL kernel option is removed in favour of
22 corresponding sysctl. The IPSEC_NAT_T kernel option is also removed,
23 and now NAT-T is supported by default. Security associations now use
24 the single namespace for SPI allocation, so if you use several manually
25 configured security associations with the same SPI, this configuration
29 Clang, llvm, lldb, compiler-rt and libc++ have been upgraded to 3.9.1.
30 Please see the 20141231 entry below for information about prerequisites
31 and upgrading, if you are not already using clang 3.5.0 or higher.
34 Clang, llvm, lldb, compiler-rt and libc++ have been upgraded to 3.9.0.
35 Please see the 20141231 entry below for information about prerequisites
36 and upgrading, if you are not already using clang 3.5.0 or higher.
39 The layout of the pmap structure has changed for powerpc to put the pmap
40 statistics at the front for all CPU variations. libkvm(3) and all tools
41 that link against it need to be recompiled.
44 isl(4) and cyapa(4) drivers now require a new driver,
45 chromebook_platform(4), to work properly on Chromebook-class hardware.
46 On other types of hardware the drivers may need to be configured using
47 device hints. Please see the corresponding manual pages for details.
50 Relocatable object files with the extension of .So have been renamed
51 to use an extension of .pico instead. The purpose of this change is
52 to avoid a name clash with shared libraries on case-insensitive file
53 systems. On those file systems, foo.So is the same file as foo.so.
56 The libc stub for the pipe(2) system call has been replaced with
57 a wrapper that calls the pipe2(2) system call and the pipe(2)
58 system call is now only implemented by the kernels that include
59 "options COMPAT_FREEBSD10" in their config file (this is the
60 default). Users should ensure that this option is enabled in
61 their kernel or upgrade userspace to r302092 before upgrading their
65 CAM will now strip leading spaces from SCSI disks' serial numbers.
66 This will effect users who create UFS filesystems on SCSI disks using
67 those disk's diskid device nodes. For example, if /etc/fstab
68 previously contained a line like
69 "/dev/diskid/DISK-%20%20%20%20%20%20%20ABCDEFG0123456", you should
70 change it to "/dev/diskid/DISK-ABCDEFG0123456". Users of geom
71 transforms like gmirror may also be affected. ZFS users should
75 The bitstring(3) API has been updated with new functionality and
76 improved performance. But it is binary-incompatible with the old API.
77 Objects built with the new headers may not be linked against objects
78 built with the old headers.
81 The brk and sbrk functions have been removed from libc on arm64.
82 Binutils from ports has been updated to not link to these
83 functions and should be updated to the latest version before
84 installing a new libc.
87 The armv6 port now defaults to hard float ABI. Limited support
88 for running both hardfloat and soft float on the same system
89 is available using the libraries installed with -DWITH_LIBSOFT.
90 This has only been tested as an upgrade path for installworld
91 and packages may fail or need manual intervention to run. New
92 packages will be needed.
94 To update an existing self-hosted armv6hf system, you must add
95 TARGET_ARCH=armv6 on the make command line for both the build
96 and the install steps.
99 Kernel modules compiled outside of a kernel build now default to
100 installing to /boot/modules instead of /boot/kernel. Many kernel
101 modules built this way (such as those in ports) already overrode
102 KMODDIR explicitly to install into /boot/modules. However,
103 manually building and installing a module from /sys/modules will
104 now install to /boot/modules instead of /boot/kernel.
107 The CAM I/O scheduler has been committed to the kernel. There should be
108 no user visible impact. This does enable NCQ Trim on ada SSDs. While the
109 list of known rogues that claim support for this but actually corrupt
110 data is believed to be complete, be on the lookout for data
111 corruption. The known rogue list is believed to be complete:
113 o Crucial MX100, M550 drives with MU01 firmware.
114 o Micron M510 and M550 drives with MU01 firmware.
115 o Micron M500 prior to MU07 firmware
116 o Samsung 830, 840, and 850 all firmwares
117 o FCCT M500 all firmwares
119 Crucial has firmware http://www.crucial.com/usa/en/support-ssd-firmware
120 with working NCQ TRIM. For Micron branded drives, see your sales rep for
121 updated firmware. Black listed drives will work correctly because these
122 drives work correctly so long as no NCQ TRIMs are sent to them. Given
123 this list is the same as found in Linux, it's believed there are no
124 other rogues in the market place. All other models from the above
127 To be safe, if you are at all concerned, you can quirk each of your
128 drives to prevent NCQ from being sent by setting:
129 kern.cam.ada.X.quirks="0x2"
130 in loader.conf. If the drive requires the 4k sector quirk, set the
134 The FAST_DEPEND build option has been removed and its functionality is
135 now the one true way. The old mkdep(1) style of 'make depend' has
136 been removed. See 20160311 for further details.
139 Resource range types have grown from unsigned long to uintmax_t. All
140 drivers, and anything using libdevinfo, need to be recompiled.
143 WITH_FAST_DEPEND is now enabled by default for in-tree and out-of-tree
144 builds. It no longer runs mkdep(1) during 'make depend', and the
145 'make depend' stage can safely be skipped now as it is auto ran
146 when building 'make all' and will generate all SRCS and DPSRCS before
147 building anything else. Dependencies are gathered at compile time with
148 -MF flags kept in separate .depend files per object file. Users should
149 run 'make cleandepend' once if using -DNO_CLEAN to clean out older
153 On amd64, clang 3.8.0 can now insert sections of type AMD64_UNWIND into
154 kernel modules. Therefore, if you load any kernel modules at boot time,
155 please install the boot loaders after you install the kernel, but before
159 make kernel KERNCONF=YOUR_KERNEL_HERE
160 make -C sys/boot install
161 <reboot in single user>
163 Then follow the usual steps, described in the General Notes section,
167 Clang, llvm, lldb and compiler-rt have been upgraded to 3.8.0. Please
168 see the 20141231 entry below for information about prerequisites and
169 upgrading, if you are not already using clang 3.5.0 or higher.
172 The AIO subsystem is now a standard part of the kernel. The
173 VFS_AIO kernel option and aio.ko kernel module have been removed.
174 Due to stability concerns, asynchronous I/O requests are only
175 permitted on sockets and raw disks by default. To enable
176 asynchronous I/O requests on all file types, set the
177 vfs.aio.enable_unsafe sysctl to a non-zero value.
180 The ELF object manipulation tool objcopy is now provided by the
181 ELF Tool Chain project rather than by GNU binutils. It should be a
182 drop-in replacement, with the addition of arm64 support. The
183 (temporary) src.conf knob WITHOUT_ELFCOPY_AS_OBJCOPY knob may be set
184 to obtain the GNU version if necessary.
187 Building ZFS pools on top of zvols is prohibited by default. That
188 feature has never worked safely; it's always been prone to deadlocks.
189 Using a zvol as the backing store for a VM guest's virtual disk will
190 still work, even if the guest is using ZFS. Legacy behavior can be
191 restored by setting vfs.zfs.vol.recursive=1.
194 The NONE and HPN patches has been removed from OpenSSH. They are
195 still available in the security/openssh-portable port.
198 With the addition of ypldap(8), a new _ypldap user is now required
199 during installworld. "mergemaster -p" can be used to add the user
200 prior to installworld, as documented in the handbook.
203 The tftp loader (pxeboot) now uses the option root-path directive. As a
204 consequence it no longer looks for a pxeboot.4th file on the tftp
205 server. Instead it uses the regular /boot infrastructure as with the
209 The code to start recording plug and play data into the modules has
210 been committed. While the old tools will properly build a new kernel,
211 a number of warnings about "unknown metadata record 4" will be produced
212 for an older kldxref. To avoid such warnings, make sure to rebuild
213 the kernel toolchain (or world). Make sure that you have r292078 or
214 later when trying to build 292077 or later before rebuilding.
217 Debug data files are now built by default with 'make buildworld' and
218 installed with 'make installworld'. This facilitates debugging but
219 requires more disk space both during the build and for the installed
220 world. Debug files may be disabled by setting WITHOUT_DEBUG_FILES=yes
224 r291527 changed the internal interface between the nfsd.ko and
225 nfscommon.ko modules. As such, they must both be upgraded to-gether.
226 __FreeBSD_version has been bumped because of this.
229 Add support for unicode collation strings leads to a change of
230 order of files listed by ls(1) for example. To get back to the old
231 behaviour, set LC_COLLATE environment variable to "C".
233 Databases administrators will need to reindex their databases given
234 collation results will be different.
236 Due to a bug in install(1) it is recommended to remove the ancient
237 locales before running make installworld.
239 rm -rf /usr/share/locale/*
242 The OpenSSL has been upgraded to 1.0.2d. Any binaries requiring
243 libcrypto.so.7 or libssl.so.7 must be recompiled.
246 Qlogic 24xx/25xx firmware images were updated from 5.5.0 to 7.3.0.
247 Kernel modules isp_2400_multi and isp_2500_multi were removed and
248 should be replaced with isp_2400 and isp_2500 modules respectively.
251 The build previously allowed using 'make -n' to not recurse into
252 sub-directories while showing what commands would be executed, and
253 'make -n -n' to recursively show commands. Now 'make -n' will recurse
254 and 'make -N' will not.
257 If you specify SENDMAIL_MC or SENDMAIL_CF in make.conf, mergemaster
258 and etcupdate will now use this file. A custom sendmail.cf is now
259 updated via this mechanism rather than via installworld. If you had
260 excluded sendmail.cf in mergemaster.rc or etcupdate.conf, you may
261 want to remove the exclusion or change it to "always install".
262 /etc/mail/sendmail.cf is now managed the same way regardless of
263 whether SENDMAIL_MC/SENDMAIL_CF is used. If you are not using
264 SENDMAIL_MC/SENDMAIL_CF there should be no change in behavior.
267 Compatibility shims for legacy ATA device names have been removed.
268 It includes ATA_STATIC_ID kernel option, kern.cam.ada.legacy_aliases
269 and kern.geom.raid.legacy_aliases loader tunables, kern.devalias.*
270 environment variables, /dev/ad* and /dev/ar* symbolic links.
273 Clang, llvm, lldb, compiler-rt and libc++ have been upgraded to 3.7.0.
274 Please see the 20141231 entry below for information about prerequisites
275 and upgrading, if you are not already using clang 3.5.0 or higher.
278 Kernel debug files have been moved to /usr/lib/debug/boot/kernel/,
279 and renamed from .symbols to .debug. This reduces the size requirements
280 on the boot partition or file system and provides consistency with
281 userland debug files.
283 When using the supported kernel installation method the
284 /usr/lib/debug/boot/kernel directory will be renamed (to kernel.old)
285 as is done with /boot/kernel.
287 Developers wishing to maintain the historical behavior of installing
288 debug files in /boot/kernel/ can set KERN_DEBUGDIR="" in src.conf(5).
291 The wireless drivers had undergone changes that remove the 'parent
292 interface' from the ifconfig -l output. The rc.d network scripts
293 used to check presence of a parent interface in the list, so old
294 scripts would fail to start wireless networking. Thus, etcupdate(3)
295 or mergemaster(8) run is required after kernel update, to update your
296 rc.d scripts in /etc.
299 pf no longer supports 'scrub fragment crop' or 'scrub fragment drop-ovl'
300 These configurations are now automatically interpreted as
301 'scrub fragment reassemble'.
304 Kernel-loadable modules for the random(4) device are back. To use
305 them, the kernel must have
308 options RANDOM_LOADABLE
310 kldload(8) can then be used to load random_fortuna.ko
311 or random_yarrow.ko. Please note that due to the indirect
312 function calls that the loadable modules need to provide,
313 the build-in variants will be slightly more efficient.
315 The random(4) kernel option RANDOM_DUMMY has been retired due to
316 unpopularity. It was not all that useful anyway.
319 The WITHOUT_ELFTOOLCHAIN_TOOLS src.conf(5) knob has been retired.
320 Control over building the ELF Tool Chain tools is now provided by
321 the WITHOUT_TOOLCHAIN knob.
324 The polarity of Pulse Per Second (PPS) capture events with the
325 uart(4) driver has been corrected. Prior to this change the PPS
326 "assert" event corresponded to the trailing edge of a positive PPS
327 pulse and the "clear" event was the leading edge of the next pulse.
329 As the width of a PPS pulse in a typical GPS receiver is on the
330 order of 1 millisecond, most users will not notice any significant
331 difference with this change.
333 Anyone who has compensated for the historical polarity reversal by
334 configuring a negative offset equal to the pulse width will need to
335 remove that workaround.
338 The default group assigned to /dev/dri entries has been changed
339 from 'wheel' to 'video' with the id of '44'. If you want to have
340 access to the dri devices please add yourself to the video group
343 # pw groupmod video -m $USER
346 The menu.rc and loader.rc files will now be replaced during
347 upgrades. Please migrate local changes to menu.rc.local and
348 loader.rc.local instead.
351 GNU Binutils versions of addr2line, c++filt, nm, readelf, size,
352 strings and strip have been removed. The src.conf(5) knob
353 WITHOUT_ELFTOOLCHAIN_TOOLS no longer provides the binutils tools.
356 As ZFS requires more kernel stack pages than is the default on some
357 architectures e.g. i386, it now warns if KSTACK_PAGES is less than
358 ZFS_MIN_KSTACK_PAGES (which is 4 at the time of writing).
360 Please consider using 'options KSTACK_PAGES=X' where X is greater
361 than or equal to ZFS_MIN_KSTACK_PAGES i.e. 4 in such configurations.
364 sendmail has been updated to 8.15.2. Starting with FreeBSD 11.0
365 and sendmail 8.15, sendmail uses uncompressed IPv6 addresses by
366 default, i.e., they will not contain "::". For example, instead
367 of ::1, it will be 0:0:0:0:0:0:0:1. This permits a zero subnet
368 to have a more specific match, such as different map entries for
369 IPv6:0:0 vs IPv6:0. This change requires that configuration
370 data (including maps, files, classes, custom ruleset, etc.) must
371 use the same format, so make certain such configuration data is
372 upgrading. As a very simple check search for patterns like
373 'IPv6:[0-9a-fA-F:]*::' and 'IPv6::'. To return to the old
374 behavior, set the m4 option confUSE_COMPRESSED_IPV6_ADDRESSES or
375 the cf option UseCompressedIPv6Addresses.
378 The default kernel entropy-processing algorithm is now
379 Fortuna, replacing Yarrow.
381 Assuming you have 'device random' in your kernel config
382 file, the configurations allow a kernel option to override
383 this default. You may choose *ONE* of:
385 options RANDOM_YARROW # Legacy /dev/random algorithm.
386 options RANDOM_DUMMY # Blocking-only driver.
388 If you have neither, you get Fortuna. For most people,
389 read no further, Fortuna will give a /dev/random that works
390 like it always used to, and the difference will be irrelevant.
392 If you remove 'device random', you get *NO* kernel-processed
393 entropy at all. This may be acceptable to folks building
394 embedded systems, but has complications. Carry on reading,
395 and it is assumed you know what you need.
397 *PLEASE* read random(4) and random(9) if you are in the
398 habit of tweaking kernel configs, and/or if you are a member
399 of the embedded community, wanting specific and not-usual
400 behaviour from your security subsystems.
402 NOTE!! If you use RANDOM_DUMMY and/or have no 'device
403 random', you will NOT have a functioning /dev/random, and
404 many cryptographic features will not work, including SSH.
405 You may also find strange behaviour from the random(3) set
406 of library functions, in particular sranddev(3), srandomdev(3)
407 and arc4random(3). The reason for this is that the KERN_ARND
408 sysctl only returns entropy if it thinks it has some to
409 share, and with RANDOM_DUMMY or no 'device random' this
413 An additional fix for the issue described in the 20150614 sendmail
414 entry below has been been committed in revision 284717.
417 FreeBSD's old make (fmake) has been removed from the system. It is
418 available as the devel/fmake port or via pkg install fmake.
421 The fix for the issue described in the 20150614 sendmail entry
422 below has been been committed in revision 284436. The work
423 around described in that entry is no longer needed unless the
424 default setting is overridden by a confDH_PARAMETERS configuration
425 setting of '5' or pointing to a 512 bit DH parameter file.
428 ALLOW_DEPRECATED_ATF_TOOLS/ATFFILE support has been removed from
429 atf.test.mk (included from bsd.test.mk). Please upgrade devel/atf
430 and devel/kyua to version 0.20+ and adjust any calling code to work
431 with Kyuafile and kyua.
434 The import of openssl to address the FreeBSD-SA-15:10.openssl
435 security advisory includes a change which rejects handshakes
436 with DH parameters below 768 bits. sendmail releases prior
437 to 8.15.2 (not yet released), defaulted to a 512 bit
438 DH parameter setting for client connections. To work around
439 this interoperability, sendmail can be configured to use a
440 2048 bit DH parameter by:
442 1. Edit /etc/mail/`hostname`.mc
443 2. If a setting for confDH_PARAMETERS does not exist or
444 exists and is set to a string beginning with '5',
446 3. If a setting for confDH_PARAMETERS exists and is set to
447 a file path, create a new file with:
448 openssl dhparam -out /path/to/file 2048
449 4. Rebuild the .cf file:
450 cd /etc/mail/; make; make install
452 cd /etc/mail/; make restart
454 A sendmail patch is coming, at which time this file will be
458 Generation of legacy formatted entries have been disabled by default
459 in pwd_mkdb(8), as all base system consumers of the legacy formatted
460 entries were converted to use the new format by default when the new,
461 machine independent format have been added and supported since FreeBSD
464 Please see the pwd_mkdb(8) manual page for further details.
467 Clang and llvm have been upgraded to 3.6.1 release. Please see the
468 20141231 entry below for information about prerequisites and upgrading,
469 if you are not already using 3.5.0 or higher.
472 TI platform code switched to using vendor DTS files and this update
473 may break existing systems running on Beaglebone, Beaglebone Black,
476 - dtb files should be regenerated/reinstalled. Filenames are the
477 same but content is different now
478 - GPIO addressing was changed, now each GPIO bank (32 pins per bank)
479 has its own /dev/gpiocX device, e.g. pin 121 on /dev/gpioc0 in old
480 addressing scheme is now pin 25 on /dev/gpioc3.
481 - Pandaboard: /etc/ttys should be updated, serial console device is
482 now /dev/ttyu2, not /dev/ttyu0
485 soelim(1) from gnu/usr.bin/groff has been replaced by usr.bin/soelim.
486 If you need the GNU extension from groff soelim(1), install groff
487 from package: pkg install groff, or via ports: textproc/groff.
490 chmod, chflags, chown and chgrp now affect symlinks in -R mode as
491 defined in symlink(7); previously symlinks were silently ignored.
494 The const qualifier has been removed from iconv(3) to comply with
495 POSIX. The ports tree is aware of this from r384038 onwards.
498 Libraries specified by LIBADD in Makefiles must have a corresponding
499 DPADD_<lib> variable to ensure correct dependencies. This is now
500 enforced in src.libnames.mk.
503 From legacy ata(4) driver was removed support for SATA controllers
504 supported by more functional drivers ahci(4), siis(4) and mvs(4).
505 Kernel modules ataahci and ataadaptec were removed completely,
506 replaced by ahci and mvs modules respectively.
509 Clang, llvm and lldb have been upgraded to 3.6.0 release. Please see
510 the 20141231 entry below for information about prerequisites and
511 upgrading, if you are not already using 3.5.0 or higher.
514 The 32-bit PowerPC kernel has been changed to a position-independent
515 executable. This can only be booted with a version of loader(8)
516 newer than January 31, 2015, so make sure to update both world and
517 kernel before rebooting.
520 If you are running a -CURRENT kernel since r273872 (Oct 30th, 2014),
521 but before r278950, the RNG was not seeded properly. Immediately
522 upgrade the kernel to r278950 or later and regenerate any keys (e.g.
523 ssh keys or openssl keys) that were generated w/ a kernel from that
524 range. This does not affect programs that directly used /dev/random
525 or /dev/urandom. All userland uses of arc4random(3) are affected.
528 The autofs(4) ABI was changed in order to restore binary compatibility
529 with 10.1-RELEASE. The automountd(8) daemon needs to be rebuilt to work
533 The powerpc64 kernel has been changed to a position-independent
534 executable. This can only be booted with a new version of loader(8),
535 so make sure to update both world and kernel before rebooting.
538 Clang and llvm have been upgraded to 3.5.1 release. This is a bugfix
539 only release, no new features have been added. Please see the 20141231
540 entry below for information about prerequisites and upgrading, if you
541 are not already using 3.5.0.
544 ELF tools addr2line, elfcopy (strip), nm, size, and strings are now
545 taken from the ELF Tool Chain project rather than GNU binutils. They
546 should be drop-in replacements, with the addition of arm64 support.
547 The WITHOUT_ELFTOOLCHAIN_TOOLS= knob may be used to obtain the
548 binutils tools, if necessary. See 20150805 for updated information.
551 The default Unbound configuration now enables remote control
552 using a local socket. Users who have already enabled the
553 local_unbound service should regenerate their configuration
554 by running "service local_unbound setup" as root.
557 The GNU texinfo and GNU info pages have been removed.
558 To be able to view GNU info pages please install texinfo from ports.
561 Clang, llvm and lldb have been upgraded to 3.5.0 release.
563 As of this release, a prerequisite for building clang, llvm and lldb is
564 a C++11 capable compiler and C++11 standard library. This means that to
565 be able to successfully build the cross-tools stage of buildworld, with
566 clang as the bootstrap compiler, your system compiler or cross compiler
567 should either be clang 3.3 or later, or gcc 4.8 or later, and your
568 system C++ library should be libc++, or libdstdc++ from gcc 4.8 or
571 On any standard FreeBSD 10.x or 11.x installation, where clang and
572 libc++ are on by default (that is, on x86 or arm), this should work out
575 On 9.x installations where clang is enabled by default, e.g. on x86 and
576 powerpc, libc++ will not be enabled by default, so libc++ should be
577 built (with clang) and installed first. If both clang and libc++ are
578 missing, build clang first, then use it to build libc++.
580 On 8.x and earlier installations, upgrade to 9.x first, and then follow
581 the instructions for 9.x above.
583 Sparc64 and mips users are unaffected, as they still use gcc 4.2.1 by
584 default, and do not build clang.
586 Many embedded systems are resource constrained, and will not be able to
587 build clang in a reasonable time, or in some cases at all. In those
588 cases, cross building bootable systems on amd64 is a workaround.
590 This new version of clang introduces a number of new warnings, of which
591 the following are most likely to appear:
595 This warns in two cases, for both C and C++:
596 * When the code is trying to take the absolute value of an unsigned
597 quantity, which is effectively a no-op, and almost never what was
598 intended. The code should be fixed, if at all possible. If you are
599 sure that the unsigned quantity can be safely cast to signed, without
600 loss of information or undefined behavior, you can add an explicit
601 cast, or disable the warning.
603 * When the code is trying to take an absolute value, but the called
604 abs() variant is for the wrong type, which can lead to truncation.
605 If you want to disable the warning instead of fixing the code, please
606 make sure that truncation will not occur, or it might lead to unwanted
609 -Wtautological-undefined-compare and
610 -Wundefined-bool-conversion
612 These warn when C++ code is trying to compare 'this' against NULL, while
613 'this' should never be NULL in well-defined C++ code. However, there is
614 some legacy (pre C++11) code out there, which actively abuses this
615 feature, which was less strictly defined in previous C++ versions.
617 Squid and openjdk do this, for example. The warning can be turned off
618 for C++98 and earlier, but compiling the code in C++11 mode might result
619 in unexpected behavior; for example, the parts of the program that are
620 unreachable could be optimized away.
623 The old NFS client and server (kernel options NFSCLIENT, NFSSERVER)
624 kernel sources have been removed. The .h files remain, since some
625 utilities include them. This will need to be fixed later.
626 If "mount -t oldnfs ..." is attempted, it will fail.
627 If the "-o" option on mountd(8), nfsd(8) or nfsstat(1) is used,
628 the utilities will report errors.
631 The handling of LOCAL_LIB_DIRS has been altered to skip addition of
632 directories to top level SUBDIR variable when their parent
633 directory is included in LOCAL_DIRS. Users with build systems with
634 such hierarchies and without SUBDIR entries in the parent
635 directory Makefiles should add them or add the directories to
639 faith(4) and faithd(8) have been removed from the base system. Faith
640 has been obsolete for a very long time.
643 vt(4), the new console driver, is enabled by default. It brings
644 support for Unicode and double-width characters, as well as
645 support for UEFI and integration with the KMS kernel video
648 You may need to update your console settings in /etc/rc.conf,
649 most probably the keymap. During boot, /etc/rc.d/syscons will
650 indicate what you need to do.
652 vt(4) still has issues and lacks some features compared to
653 syscons(4). See the wiki for up-to-date information:
654 https://wiki.freebsd.org/Newcons
656 If you want to keep using syscons(4), you can do so by adding
657 the following line to /boot/loader.conf:
661 pjdfstest has been integrated into kyua as an opt-in test suite.
662 Please see share/doc/pjdfstest/README for more details on how to
666 gperf has been removed from the base system for architectures
667 that use clang. Ports that require gperf will obtain it from the
671 pjdfstest has been moved from tools/regression/pjdfstest to
675 At svn r271982, The default linux compat kernel ABI has been adjusted
676 to 2.6.18 in support of the linux-c6 compat ports infrastructure
677 update. If you wish to continue using the linux-f10 compat ports,
678 add compat.linux.osrelease=2.6.16 to your local sysctl.conf. Users are
679 encouraged to update their linux-compat packages to linux-c6 during
680 their next update cycle.
683 The ofwfb driver, used to provide a graphics console on PowerPC when
684 using vt(4), no longer allows mmap() of all physical memory. This
685 will prevent Xorg on PowerPC with some ATI graphics cards from
686 initializing properly unless x11-servers/xorg-server is updated to
690 The xdev targets have been converted to using TARGET and
691 TARGET_ARCH instead of XDEV and XDEV_ARCH.
694 The default unbound configuration has been modified to address
695 issues with reverse lookups on networks that use private
696 address ranges. If you use the local_unbound service, run
697 "service local_unbound setup" as root to regenerate your
698 configuration, then "service local_unbound reload" to load the
702 The GNU texinfo and GNU info pages are not built and installed
703 anymore, WITH_INFO knob has been added to allow to built and install
705 UPDATE: see 20150102 entry on texinfo's removal
708 The GNU readline library is now an INTERNALLIB - that is, it is
709 statically linked into consumers (GDB and variants) in the base
710 system, and the shared library is no longer installed. The
711 devel/readline port is available for third party software that
715 The Itanium architecture (ia64) has been removed from the list of
716 known architectures. This is the first step in the removal of the
720 Commit r268115 has added NFSv4.1 server support, merged from
721 projects/nfsv4.1-server. Since this includes changes to the
722 internal interfaces between the NFS related modules, a full
723 build of the kernel and modules will be necessary.
724 __FreeBSD_version has been bumped.
727 The WITHOUT_VT_SUPPORT kernel config knob has been renamed
728 WITHOUT_VT. (The other _SUPPORT knobs have a consistent meaning
729 which differs from the behaviour controlled by this knob.)
732 Maximal length of the serial number in CTL was increased from 16 to
733 64 chars, that breaks ABI. All CTL-related tools, such as ctladm
734 and ctld, need to be rebuilt to work with a new kernel.
737 The libatf-c and libatf-c++ major versions were downgraded to 0 and
738 1 respectively to match the upstream numbers. They were out of
739 sync because, when they were originally added to FreeBSD, the
740 upstream versions were not respected. These libraries are private
741 and not yet built by default, so renumbering them should be a
742 non-issue. However, unclean source trees will yield broken test
743 programs once the operator executes "make delete-old-libs" after a
746 Additionally, the atf-sh binary was made private by moving it into
747 /usr/libexec/. Already-built shell test programs will keep the
748 path to the old binary so they will break after "make delete-old"
751 If you are using WITH_TESTS=yes (not the default), wipe the object
752 tree and rebuild from scratch to prevent spurious test failures.
753 This is only needed once: the misnumbered libraries and misplaced
754 binaries have been added to OptionalObsoleteFiles.inc so they will
755 be removed during a clean upgrade.
758 Clang and llvm have been upgraded to 3.4.1 release.
761 We bogusly installed src.opts.mk in /usr/share/mk. This file should
762 be removed to avoid issues in the future (and has been added to
766 /etc/src.conf now affects only builds of the FreeBSD src tree. In the
767 past, it affected all builds that used the bsd.*.mk files. The old
768 behavior was a bug, but people may have relied upon it. To get this
769 behavior back, you can .include /etc/src.conf from /etc/make.conf
770 (which is still global and isn't changed). This also changes the
771 behavior of incremental builds inside the tree of individual
772 directories. Set MAKESYSPATH to ".../share/mk" to do that.
773 Although this has survived make universe and some upgrade scenarios,
774 other upgrade scenarios may have broken. At least one form of
775 temporary breakage was fixed with MAKESYSPATH settings for buildworld
776 as well... In cases where MAKESYSPATH isn't working with this
777 setting, you'll need to set it to the full path to your tree.
779 One side effect of all this cleaning up is that bsd.compiler.mk
780 is no longer implicitly included by bsd.own.mk. If you wish to
781 use COMPILER_TYPE, you must now explicitly include bsd.compiler.mk
785 The lindev device has been removed since /dev/full has been made a
786 standard device. __FreeBSD_version has been bumped.
789 The knob WITHOUT_VI was added to the base system, which controls
790 building ex(1), vi(1), etc. Older releases of FreeBSD required ex(1)
791 in order to reorder files share/termcap and didn't build ex(1) as a
792 build tool, so building/installing with WITH_VI is highly advised for
793 build hosts for older releases.
795 This issue has been fixed in stable/9 and stable/10 in r277022 and
796 r276991, respectively.
799 The YES_HESIOD knob has been removed. It has been obsolete for
800 a decade. Please move to using WITH_HESIOD instead or your builds
801 will silently lack HESIOD.
804 The uart(4) driver has been changed with respect to its handling
805 of the low-level console. Previously the uart(4) driver prevented
806 any process from changing the baudrate or the CLOCAL and HUPCL
807 control flags. By removing the restrictions, operators can make
808 changes to the serial console port without having to reboot.
809 However, when getty(8) is started on the serial device that is
810 associated with the low-level console, a misconfigured terminal
811 line in /etc/ttys will now have a real impact.
812 Before upgrading the kernel, make sure that /etc/ttys has the
813 serial console device configured as 3wire without baudrate to
814 preserve the previous behaviour. E.g:
815 ttyu0 "/usr/libexec/getty 3wire" vt100 on secure
818 Support for libwrap (TCP wrappers) in rpcbind was disabled by default
819 to improve performance. To re-enable it, if needed, run rpcbind
820 with command line option -W.
823 Switched back to the GPL dtc compiler due to updates in the upstream
824 dts files not being supported by the BSDL dtc compiler. You will need
825 to rebuild your kernel toolchain to pick up the new compiler. Core dumps
826 may result while building dtb files during a kernel build if you fail
827 to do so. Set WITHOUT_GPL_DTC if you require the BSDL compiler.
830 Clang and llvm have been upgraded to 3.4 release.
833 The nve(4) driver has been removed. Please use the nfe(4) driver
834 for NVIDIA nForce MCP Ethernet adapters instead.
837 An ABI incompatibility crept into the libc++ 3.4 import in r261283.
838 This could cause certain C++ applications using shared libraries built
839 against the previous version of libc++ to crash. The incompatibility
840 has now been fixed, but any C++ applications or shared libraries built
841 between r261283 and r261801 should be recompiled.
844 OpenSSH will now ignore errors caused by kernel lacking of Capsicum
845 capability mode support. Please note that enabling the feature in
846 kernel is still highly recommended.
849 OpenSSH is now built with sandbox support, and will use sandbox as
850 the default privilege separation method. This requires Capsicum
851 capability mode support in kernel.
854 The libelf and libdwarf libraries have been updated to newer
855 versions from upstream. Shared library version numbers for
856 these two libraries were bumped. Any ports or binaries
857 requiring these two libraries should be recompiled.
858 __FreeBSD_version is bumped to 1100006.
861 If a Makefile in a tests/ directory was auto-generating a Kyuafile
862 instead of providing an explicit one, this would prevent such
863 Makefile from providing its own Kyuafile in the future during
864 NO_CLEAN builds. This has been fixed in the Makefiles but manual
865 intervention is needed to clean an objdir if you use NO_CLEAN:
866 # find /usr/obj -name Kyuafile | xargs rm -f
869 The behavior of gss_pseudo_random() for the krb5 mechanism
870 has changed, for applications requesting a longer random string
871 than produced by the underlying enctype's pseudo-random() function.
872 In particular, the random string produced from a session key of
873 enctype aes256-cts-hmac-sha1-96 or aes256-cts-hmac-sha1-96 will
874 be different at the 17th octet and later, after this change.
875 The counter used in the PRF+ construction is now encoded as a
876 big-endian integer in accordance with RFC 4402.
877 __FreeBSD_version is bumped to 1100004.
880 The WITHOUT_ATF build knob has been removed and its functionality
881 has been subsumed into the more generic WITHOUT_TESTS. If you were
882 using the former to disable the build of the ATF libraries, you
883 should change your settings to use the latter.
886 The default version of mtree is nmtree which is obtained from
887 NetBSD. The output is generally the same, but may vary
888 slightly. If you found you need identical output adding
889 "-F freebsd9" to the command line should do the trick. For the
890 time being, the old mtree is available as fmtree.
893 libbsdyml has been renamed to libyaml and moved to /usr/lib/private.
894 This will break ports-mgmt/pkg. Rebuild the port, or upgrade to pkg
895 1.1.4_8 and verify bsdyml not linked in, before running "make
897 # make -C /usr/ports/ports-mgmt/pkg build deinstall install clean
899 # pkg install pkg; ldd /usr/local/sbin/pkg | grep bsdyml
902 The stable/10 branch has been created in subversion from head
906 The rc.d/jail script has been updated to support jail(8)
907 configuration file. The "jail_<jname>_*" rc.conf(5) variables
908 for per-jail configuration are automatically converted to
909 /var/run/jail.<jname>.conf before the jail(8) utility is invoked.
910 This is transparently backward compatible. See below about some
911 incompatibilities and rc.conf(5) manual page for more details.
913 These variables are now deprecated in favor of jail(8) configuration
914 file. One can use "rc.d/jail config <jname>" command to generate
915 a jail(8) configuration file in /var/run/jail.<jname>.conf without
916 running the jail(8) utility. The default pathname of the
917 configuration file is /etc/jail.conf and can be specified by
918 using $jail_conf or $jail_<jname>_conf variables.
920 Please note that jail_devfs_ruleset accepts an integer at
921 this moment. Please consider to rewrite the ruleset name
925 BIND has been removed from the base system. If all you need
926 is a local resolver, simply enable and start the local_unbound
927 service instead. Otherwise, several versions of BIND are
928 available in the ports tree. The dns/bind99 port is one example.
930 With this change, nslookup(1) and dig(1) are no longer in the base
931 system. Users should instead use host(1) and drill(1) which are
932 in the base system. Alternatively, nslookup and dig can
933 be obtained by installing the dns/bind-tools port.
936 With the addition of unbound(8), a new unbound user is now
937 required during installworld. "mergemaster -p" can be used to
938 add the user prior to installworld, as documented in the handbook.
941 OpenSSH is now built with DNSSEC support, and will by default
942 silently trust signed SSHFP records. This can be controlled with
943 the VerifyHostKeyDNS client configuration setting. DNSSEC support
944 can be disabled entirely with the WITHOUT_LDNS option in src.conf.
947 The GNU Compiler Collection and C++ standard library (libstdc++)
948 are no longer built by default on platforms where clang is the system
949 compiler. You can enable them with the WITH_GCC and WITH_GNUCXX
953 The PROCDESC kernel option is now part of the GENERIC kernel
954 configuration and is required for the rwhod(8) to work.
955 If you are using custom kernel configuration, you should include
959 The API and ABI related to the Capsicum framework was modified
960 in backward incompatible way. The userland libraries and programs
961 have to be recompiled to work with the new kernel. This includes the
962 following libraries and programs, but the whole buildworld is
963 advised: libc, libprocstat, dhclient, tcpdump, hastd, hastctl,
964 kdump, procstat, rwho, rwhod, uniq.
967 AES-NI intrinsic support has been added to gcc. The AES-NI module
968 has been updated to use this support. A new gcc is required to build
969 the aesni module on both i386 and amd64.
972 The PADLOCK_RNG and RDRAND_RNG kernel options are now devices.
973 Thus "device padlock_rng" and "device rdrand_rng" should be
974 used instead of "options PADLOCK_RNG" & "options RDRAND_RNG".
977 WITH_ICONV has been split into two feature sets. WITH_ICONV now
978 enables just the iconv* functionality and is now on by default.
979 WITH_LIBICONV_COMPAT enables the libiconv api and link time
980 compatibility. Set WITHOUT_ICONV to build the old way.
981 If you have been using WITH_ICONV before, you will very likely
982 need to turn on WITH_LIBICONV_COMPAT.
985 INVARIANTS option now enables DEBUG for code with OpenSolaris and
986 Illumos origin, including ZFS. If you have INVARIANTS in your
987 kernel configuration, then there is no need to set DEBUG or ZFS_DEBUG
989 DEBUG used to enable witness(9) tracking of OpenSolaris (mostly ZFS)
990 locks if WITNESS option was set. Because that generated a lot of
991 witness(9) reports and all of them were believed to be false
992 positives, this is no longer done. New option OPENSOLARIS_WITNESS
993 can be used to achieve the previous behavior.
996 Timer values in IPv6 data structures now use time_uptime instead
997 of time_second. Although this is not a user-visible functional
998 change, userland utilities which directly use them---ndp(8),
999 rtadvd(8), and rtsold(8) in the base system---need to be updated
1000 to r253970 or later.
1003 find -delete can now delete the pathnames given as arguments,
1004 instead of only files found below them or if the pathname did
1005 not contain any slashes. Formerly, the following error message
1008 find: -delete: <path>: relative path potentially not safe
1010 Deleting the pathnames given as arguments can be prevented
1011 without error messages using -mindepth 1 or by changing
1012 directory and passing "." as argument to find. This works in the
1013 old as well as the new version of find.
1016 Behavior of devfs rules path matching has been changed.
1017 Pattern is now always matched against fully qualified devfs
1018 path and slash characters must be explicitly matched by
1019 slashes in pattern (FNM_PATHNAME). Rulesets involving devfs
1020 subdirectories must be reviewed.
1023 The default ARM ABI has changed to the ARM EABI. The old ABI is
1024 incompatible with the ARM EABI and all programs and modules will
1025 need to be rebuilt to work with a new kernel.
1027 To keep using the old ABI ensure the WITHOUT_ARM_EABI knob is set.
1029 NOTE: Support for the old ABI will be removed in the future and
1030 users are advised to upgrade.
1033 pkg_install has been disconnected from the build if you really need it
1034 you should add WITH_PKGTOOLS in your src.conf(5).
1037 Most of network statistics structures were changed to be able
1038 keep 64-bits counters. Thus all tools, that work with networking
1039 statistics, must be rebuilt (netstat(1), bsnmpd(1), etc.)
1042 Fix a bug that allowed a tracing process (e.g. gdb) to write
1043 to a memory-mapped file in the traced process's address space
1044 even if neither the traced process nor the tracing process had
1045 write access to that file.
1048 CVS has been removed from the base system. An exact copy
1049 of the code is available from the devel/cvs port.
1052 Some people report the following error after the switch to bmake:
1054 make: illegal option -- J
1055 usage: make [-BPSXeiknpqrstv] [-C directory] [-D variable]
1057 *** [buildworld] Error code 2
1059 this likely due to an old instance of make in
1060 ${MAKEPATH} (${MAKEOBJDIRPREFIX}${.CURDIR}/make.${MACHINE})
1061 which src/Makefile will use that blindly, if it exists, so if
1062 you see the above error:
1064 rm -rf `make -V MAKEPATH`
1069 Use bmake by default.
1070 Whereas before one could choose to build with bmake via
1071 -DWITH_BMAKE one must now use -DWITHOUT_BMAKE to use the old
1072 make. The goal is to remove these knobs for 10-RELEASE.
1074 It is worth noting that bmake (like gmake) treats the command
1075 line as the unit of failure, rather than statements within the
1076 command line. Thus '(cd some/where && dosomething)' is safer
1077 than 'cd some/where; dosomething'. The '()' allows consistent
1078 behavior in parallel build.
1081 Fix a bug that allows NFS clients to issue READDIR on files.
1084 The WITHOUT_IDEA option has been removed because
1085 the IDEA patent expired.
1088 The sysctl which controls TRIM support under ZFS has been renamed
1089 from vfs.zfs.trim_disable -> vfs.zfs.trim.enabled and has been
1093 The mergemaster command now uses the default MAKEOBJDIRPREFIX
1094 rather than creating it's own in the temporary directory in
1095 order allow access to bootstrapped versions of tools such as
1096 install and mtree. When upgrading from version of FreeBSD where
1097 the install command does not support -l, you will need to
1098 install a new mergemaster command if mergemaster -p is required.
1099 This can be accomplished with the command (cd src/usr.sbin/mergemaster
1103 Legacy ATA stack, disabled and replaced by new CAM-based one since
1104 FreeBSD 9.0, completely removed from the sources. Kernel modules
1105 atadisk and atapi*, user-level tools atacontrol and burncd are
1106 removed. Kernel option `options ATA_CAM` is now permanently enabled
1110 SOCK_CLOEXEC and SOCK_NONBLOCK flags have been added to socket(2)
1111 and socketpair(2). Software, in particular Kerberos, may
1112 automatically detect and use these during building. The resulting
1113 binaries will not work on older kernels.
1116 CTL_DISABLE has also been added to the sparc64 GENERIC (for further
1117 information, see the respective 20130304 entry).
1120 Recent commits to callout(9) changed the size of struct callout,
1121 so the KBI is probably heavily disturbed. Also, some functions
1122 in callout(9)/sleep(9)/sleepqueue(9)/condvar(9) KPIs were replaced
1123 by macros. Every kernel module using it won't load, so rebuild
1126 The ctl device has been re-enabled in GENERIC for i386 and amd64,
1127 but does not initialize by default (because of the new CTL_DISABLE
1128 option) to save memory. To re-enable it, remove the CTL_DISABLE
1129 option from the kernel config file or set kern.cam.ctl.disable=0
1130 in /boot/loader.conf.
1133 The ctl device has been disabled in GENERIC for i386 and amd64.
1134 This was done due to the extra memory being allocated at system
1135 initialisation time by the ctl driver which was only used if
1136 a CAM target device was created. This makes a FreeBSD system
1137 unusable on 128MB or less of RAM.
1140 A new compression method (lz4) has been merged to -HEAD. Please
1141 refer to zpool-features(7) for more information.
1143 Please refer to the "ZFS notes" section of this file for information
1144 on upgrading boot ZFS pools.
1147 A BSD-licensed patch(1) variant has been added and is installed
1148 as bsdpatch, being the GNU version the default patch.
1149 To inverse the logic and use the BSD-licensed one as default,
1150 while having the GNU version installed as gnupatch, rebuild
1151 and install world with the WITH_BSD_PATCH knob set.
1154 Due to the use of the new -l option to install(1) during build
1155 and install, you must take care not to directly set the INSTALL
1156 make variable in your /etc/make.conf, /etc/src.conf, or on the
1157 command line. If you wish to use the -C flag for all installs
1158 you may be able to add INSTALL+=-C to /etc/make.conf or
1162 The install(1) option -M has changed meaning and now takes an
1163 argument that is a file or path to append logs to. In the
1164 unlikely event that -M was the last option on the command line
1165 and the command line contained at least two files and a target
1166 directory the first file will have logs appended to it. The -M
1167 option served little practical purpose in the last decade so its
1168 use is expected to be extremely rare.
1171 After switching to Clang as the default compiler some users of ZFS
1172 on i386 systems started to experience stack overflow kernel panics.
1173 Please consider using 'options KSTACK_PAGES=4' in such configurations.
1176 GEOM_LABEL now mangles label names read from file system metadata.
1177 Mangling affect labels containing spaces, non-printable characters,
1178 '%' or '"'. Device names in /etc/fstab and other places may need to
1182 By default, only the 10 most recent kernel dumps will be saved. To
1183 restore the previous behaviour (no limit on the number of kernel dumps
1184 stored in the dump directory) add the following line to /etc/rc.conf:
1189 With the addition of auditdistd(8), a new auditdistd user is now
1190 required during installworld. "mergemaster -p" can be used to
1191 add the user prior to installworld, as documented in the handbook.
1194 The sin6_scope_id member variable in struct sockaddr_in6 is now
1195 filled by the kernel before passing the structure to the userland via
1196 sysctl or routing socket. This means the KAME-specific embedded scope
1197 id in sin6_addr.s6_addr[2] is always cleared in userland application.
1198 This behavior can be controlled by net.inet6.ip6.deembed_scopeid.
1199 __FreeBSD_version is bumped to 1000025.
1202 On i386 and amd64 systems WITH_CLANG_IS_CC is now the default.
1203 This means that the world and kernel will be compiled with clang
1204 and that clang will be installed as /usr/bin/cc, /usr/bin/c++,
1205 and /usr/bin/cpp. To disable this behavior and revert to building
1206 with gcc, compile with WITHOUT_CLANG_IS_CC. Really old versions
1207 of current may need to bootstrap WITHOUT_CLANG first if the clang
1208 build fails (its compatibility window doesn't extend to the 9 stable
1212 The IPFIREWALL_FORWARD kernel option has been removed. Its
1213 functionality now turned on by default.
1216 The ZERO_COPY_SOCKET kernel option has been removed and
1217 split into SOCKET_SEND_COW and SOCKET_RECV_PFLIP.
1218 NB: SOCKET_SEND_COW uses the VM page based copy-on-write
1219 mechanism which is not safe and may result in kernel crashes.
1220 NB: The SOCKET_RECV_PFLIP mechanism is useless as no current
1221 driver supports disposeable external page sized mbuf storage.
1222 Proper replacements for both zero-copy mechanisms are under
1223 consideration and will eventually lead to complete removal
1224 of the two kernel options.
1227 The IPv4 network stack has been converted to network byte
1228 order. The following modules need to be recompiled together
1229 with kernel: carp(4), divert(4), gif(4), siftr(4), gre(4),
1230 pf(4), ipfw(4), ng_ipfw(4), stf(4).
1233 Support for non-MPSAFE filesystems was removed from VFS. The
1234 VFS_VERSION was bumped, all filesystem modules shall be
1238 All the non-MPSAFE filesystems have been disconnected from
1239 the build. The full list includes: codafs, hpfs, ntfs, nwfs,
1240 portalfs, smbfs, xfs.
1243 The interface cloning API and ABI has changed. The following
1244 modules need to be recompiled together with kernel:
1245 ipfw(4), pfsync(4), pflog(4), usb(4), wlan(4), stf(4),
1246 vlan(4), disc(4), edsc(4), if_bridge(4), gif(4), tap(4),
1247 faith(4), epair(4), enc(4), tun(4), if_lagg(4), gre(4).
1250 The sdhci driver was split in two parts: sdhci (generic SD Host
1251 Controller logic) and sdhci_pci (actual hardware driver).
1252 No kernel config modifications are required, but if you
1253 load sdhc as a module you must switch to sdhci_pci instead.
1256 Import the FUSE kernel and userland support into base system.
1259 The GNU sort(1) program has been removed since the BSD-licensed
1260 sort(1) has been the default for quite some time and no serious
1261 problems have been reported. The corresponding WITH_GNU_SORT
1265 The pfil(9) API/ABI for AF_INET family has been changed. Packet
1266 filtering modules: pf(4), ipfw(4), ipfilter(4) need to be recompiled
1270 The net80211(4) ABI has been changed to allow for improved driver
1271 PS-POLL and power-save support. All wireless drivers need to be
1272 recompiled to work with the new kernel.
1275 The random(4) support for the VIA hardware random number
1276 generator (`PADLOCK') is no longer enabled unconditionally.
1277 Add the padlock_rng device in the custom kernel config if
1278 needed. The GENERIC kernels on i386 and amd64 do include the
1279 device, so the change only affects the custom kernel
1283 The pf(4) packet filter ABI has been changed. pfctl(8) and
1284 snmp_pf module need to be recompiled to work with new kernel.
1287 A new ZFS feature flag "com.delphix:empty_bpobj" has been merged
1288 to -HEAD. Pools that have empty_bpobj in active state can not be
1289 imported read-write with ZFS implementations that do not support
1290 this feature. For more information read the zpool-features(5)
1294 The sparc64 ZFS loader has been changed to no longer try to auto-
1295 detect ZFS providers based on diskN aliases but now requires these
1296 to be explicitly listed in the OFW boot-device environment variable.
1299 The OpenSSL has been upgraded to 1.0.1c. Any binaries requiring
1300 libcrypto.so.6 or libssl.so.6 must be recompiled. Also, there are
1301 configuration changes. Make sure to merge /etc/ssl/openssl.cnf.
1304 The following sysctls and tunables have been renamed for consistency
1305 with other variables:
1306 kern.cam.da.da_send_ordered -> kern.cam.da.send_ordered
1307 kern.cam.ada.ada_send_ordered -> kern.cam.ada.send_ordered
1310 The sort utility has been replaced with BSD sort. For now, GNU sort
1311 is also available as "gnusort" or the default can be set back to
1312 GNU sort by setting WITH_GNU_SORT. In this case, BSD sort will be
1313 installed as "bsdsort".
1316 A new version of ZFS (pool version 5000) has been merged to -HEAD.
1317 Starting with this version the old system of ZFS pool versioning
1318 is superseded by "feature flags". This concept enables forward
1319 compatibility against certain future changes in functionality of ZFS
1320 pools. The first read-only compatible "feature flag" for ZFS pools
1321 is named "com.delphix:async_destroy". For more information
1322 read the new zpool-features(5) manual page.
1323 Please refer to the "ZFS notes" section of this file for information
1324 on upgrading boot ZFS pools.
1327 The malloc(3) implementation embedded in libc now uses sources imported
1328 as contrib/jemalloc. The most disruptive API change is to
1329 /etc/malloc.conf. If your system has an old-style /etc/malloc.conf,
1330 delete it prior to installworld, and optionally re-create it using the
1331 new format after rebooting. See malloc.conf(5) for details
1332 (specifically the TUNING section and the "opt.*" entries in the MALLCTL
1336 Big-endian MIPS TARGET_ARCH values no longer end in "eb". mips64eb
1337 is now spelled mips64. mipsn32eb is now spelled mipsn32. mipseb is
1338 now spelled mips. This is to aid compatibility with third-party
1339 software that expects this naming scheme in uname(3). Little-endian
1340 settings are unchanged. If you are updating a big-endian mips64 machine
1341 from before this change, you may need to set MACHINE_ARCH=mips64 in
1342 your environment before the new build system will recognize your machine.
1345 Disable by default the option VFS_ALLOW_NONMPSAFE for all supported
1349 Now unix domain sockets behave "as expected" on nullfs(5). Previously
1350 nullfs(5) did not pass through all behaviours to the underlying layer,
1351 as a result if we bound to a socket on the lower layer we could connect
1352 only to the lower path; if we bound to the upper layer we could connect
1353 only to the upper path. The new behavior is one can connect to both the
1354 lower and the upper paths regardless what layer path one binds to.
1357 The getifaddrs upgrade path broken with 20111215 has been restored.
1358 If you have upgraded in between 20111215 and 20120209 you need to
1359 recompile libc again with your kernel. You still need to recompile
1360 world to be able to configure CARP but this restriction already
1361 comes from 20111215.
1364 The set_rcvar() function has been removed from /etc/rc.subr. All
1365 base and ports rc.d scripts have been updated, so if you have a
1366 port installed with a script in /usr/local/etc/rc.d you can either
1367 hand-edit the rcvar= line, or reinstall the port.
1369 An easy way to handle the mass-update of /etc/rc.d:
1370 rm /etc/rc.d/* && mergemaster -i
1373 panic(9) now stops other CPUs in the SMP systems, disables interrupts
1374 on the current CPU and prevents other threads from running.
1375 This behavior can be reverted using the kern.stop_scheduler_on_panic
1377 The new behavior can be incompatible with kern.sync_on_panic.
1380 The carp(4) facility has been changed significantly. Configuration
1381 of the CARP protocol via ifconfig(8) has changed, as well as format
1382 of CARP events submitted to devd(8) has changed. See manual pages
1383 for more information. The arpbalance feature of carp(4) is currently
1384 not supported anymore.
1386 Size of struct in_aliasreq, struct in6_aliasreq has changed. User
1387 utilities using SIOCAIFADDR, SIOCAIFADDR_IN6, e.g. ifconfig(8),
1388 need to be recompiled.
1391 The acpi_wmi(4) status device /dev/wmistat has been renamed to
1395 The option VFS_ALLOW_NONMPSAFE option has been added in order to
1396 explicitely support non-MPSAFE filesystems.
1397 It is on by default for all supported platform at this present
1401 The broken amd(4) driver has been replaced with esp(4) in the amd64,
1402 i386 and pc98 GENERIC kernel configuration files.
1405 sysinstall has been removed
1408 The stable/9 branch created in subversion. This corresponds to the
1409 RELENG_9 branch in CVS.
1415 Avoid using make -j when upgrading. While generally safe, there are
1416 sometimes problems using -j to upgrade. If your upgrade fails with
1417 -j, please try again without -j. From time to time in the past there
1418 have been problems using -j with buildworld and/or installworld. This
1419 is especially true when upgrading between "distant" versions (eg one
1420 that cross a major release boundary or several minor releases, or when
1421 several months have passed on the -current branch).
1423 Sometimes, obscure build problems are the result of environment
1424 poisoning. This can happen because the make utility reads its
1425 environment when searching for values for global variables. To run
1426 your build attempts in an "environmental clean room", prefix all make
1427 commands with 'env -i '. See the env(1) manual page for more details.
1429 When upgrading from one major version to another it is generally best
1430 to upgrade to the latest code in the currently installed branch first,
1431 then do an upgrade to the new branch. This is the best-tested upgrade
1432 path, and has the highest probability of being successful. Please try
1433 this approach before reporting problems with a major version upgrade.
1435 When upgrading a live system, having a root shell around before
1436 installing anything can help undo problems. Not having a root shell
1437 around can lead to problems if pam has changed too much from your
1438 starting point to allow continued authentication after the upgrade.
1440 This file should be read as a log of events. When a later event changes
1441 information of a prior event, the prior event should not be deleted.
1442 Instead, a pointer to the entry with the new information should be
1443 placed in the old entry. Readers of this file should also sanity check
1444 older entries before relying on them blindly. Authors of new entries
1445 should write them with this in mind.
1449 When upgrading the boot ZFS pool to a new version, always follow
1452 1.) recompile and reinstall the ZFS boot loader and boot block
1453 (this is part of "make buildworld" and "make installworld")
1455 2.) update the ZFS boot block on your boot drive
1457 The following example updates the ZFS boot block on the first
1458 partition (freebsd-boot) of a GPT partitioned drive ada0:
1459 "gpart bootcode -p /boot/gptzfsboot -i 1 ada0"
1461 Non-boot pools do not need these updates.
1465 If you are updating from a prior version of FreeBSD (even one just
1466 a few days old), you should follow this procedure. It is the most
1467 failsafe as it uses a /usr/obj tree with a fresh mini-buildworld,
1469 make kernel-toolchain
1470 make -DALWAYS_CHECK_MAKE buildkernel KERNCONF=YOUR_KERNEL_HERE
1471 make -DALWAYS_CHECK_MAKE installkernel KERNCONF=YOUR_KERNEL_HERE
1473 To test a kernel once
1474 ---------------------
1475 If you just want to boot a kernel once (because you are not sure
1476 if it works, or if you want to boot a known bad kernel to provide
1477 debugging information) run
1478 make installkernel KERNCONF=YOUR_KERNEL_HERE KODIR=/boot/testkernel
1479 nextboot -k testkernel
1481 To just build a kernel when you know that it won't mess you up
1482 --------------------------------------------------------------
1483 This assumes you are already running a CURRENT system. Replace
1484 ${arch} with the architecture of your machine (e.g. "i386",
1485 "arm", "amd64", "ia64", "pc98", "sparc64", "powerpc", "mips", etc).
1487 cd src/sys/${arch}/conf
1488 config KERNEL_NAME_HERE
1489 cd ../compile/KERNEL_NAME_HERE
1494 If this fails, go to the "To build a kernel" section.
1496 To rebuild everything and install it on the current system.
1497 -----------------------------------------------------------
1498 # Note: sometimes if you are running current you gotta do more than
1499 # is listed here if you are upgrading from a really old current.
1501 <make sure you have good level 0 dumps>
1503 make kernel KERNCONF=YOUR_KERNEL_HERE
1505 <reboot in single user> [3]
1512 To cross-install current onto a separate partition
1513 --------------------------------------------------
1514 # In this approach we use a separate partition to hold
1515 # current's root, 'usr', and 'var' directories. A partition
1516 # holding "/", "/usr" and "/var" should be about 2GB in
1519 <make sure you have good level 0 dumps>
1522 make buildkernel KERNCONF=YOUR_KERNEL_HERE
1523 <maybe newfs current's root partition>
1524 <mount current's root partition on directory ${CURRENT_ROOT}>
1525 make installworld DESTDIR=${CURRENT_ROOT} -DDB_FROM_SRC
1526 make distribution DESTDIR=${CURRENT_ROOT} # if newfs'd
1527 make installkernel KERNCONF=YOUR_KERNEL_HERE DESTDIR=${CURRENT_ROOT}
1528 cp /etc/fstab ${CURRENT_ROOT}/etc/fstab # if newfs'd
1529 <edit ${CURRENT_ROOT}/etc/fstab to mount "/" from the correct partition>
1530 <reboot into current>
1531 <do a "native" rebuild/install as described in the previous section>
1532 <maybe install compatibility libraries from ports/misc/compat*>
1536 To upgrade in-place from stable to current
1537 ----------------------------------------------
1538 <make sure you have good level 0 dumps>
1540 make kernel KERNCONF=YOUR_KERNEL_HERE [8]
1542 <reboot in single user> [3]
1549 Make sure that you've read the UPDATING file to understand the
1550 tweaks to various things you need. At this point in the life
1551 cycle of current, things change often and you are on your own
1552 to cope. The defaults can also change, so please read ALL of
1553 the UPDATING entries.
1555 Also, if you are tracking -current, you must be subscribed to
1556 freebsd-current@freebsd.org. Make sure that before you update
1557 your sources that you have read and understood all the recent
1558 messages there. If in doubt, please track -stable which has
1559 much fewer pitfalls.
1561 [1] If you have third party modules, such as vmware, you
1562 should disable them at this point so they don't crash your
1565 [3] From the bootblocks, boot -s, and then do
1570 adjkerntz -i # if CMOS is wall time
1571 Also, when doing a major release upgrade, it is required that
1572 you boot into single user mode to do the installworld.
1574 [4] Note: This step is non-optional. Failure to do this step
1575 can result in a significant reduction in the functionality of the
1576 system. Attempting to do it by hand is not recommended and those
1577 that pursue this avenue should read this file carefully, as well
1578 as the archives of freebsd-current and freebsd-hackers mailing lists
1579 for potential gotchas. The -U option is also useful to consider.
1580 See mergemaster(8) for more information.
1582 [5] Usually this step is a noop. However, from time to time
1583 you may need to do this if you get unknown user in the following
1584 step. It never hurts to do it all the time. You may need to
1585 install a new mergemaster (cd src/usr.sbin/mergemaster && make
1586 install) after the buildworld before this step if you last updated
1587 from current before 20130425 or from -stable before 20130430.
1589 [6] This only deletes old files and directories. Old libraries
1590 can be deleted by "make delete-old-libs", but you have to make
1591 sure that no program is using those libraries anymore.
1593 [8] In order to have a kernel that can run the 4.x binaries needed to
1594 do an installworld, you must include the COMPAT_FREEBSD4 option in
1595 your kernel. Failure to do so may leave you with a system that is
1596 hard to boot to recover. A similar kernel option COMPAT_FREEBSD5 is
1597 required to run the 5.x binaries on more recent kernels. And so on
1598 for COMPAT_FREEBSD6 and COMPAT_FREEBSD7.
1600 Make sure that you merge any new devices from GENERIC since the
1601 last time you updated your kernel config file.
1603 [9] When checking out sources, you must include the -P flag to have
1604 cvs prune empty directories.
1606 If CPUTYPE is defined in your /etc/make.conf, make sure to use the
1607 "?=" instead of the "=" assignment operator, so that buildworld can
1608 override the CPUTYPE if it needs to.
1610 MAKEOBJDIRPREFIX must be defined in an environment variable, and
1611 not on the command line, or in /etc/make.conf. buildworld will
1612 warn if it is improperly defined.
1615 This file contains a list, in reverse chronological order, of major
1616 breakages in tracking -current. It is not guaranteed to be a complete
1617 list of such breakages, and only contains entries since September 23, 2011.
1618 If you need to see UPDATING entries from before that date, you will need
1619 to fetch an UPDATING file from an older FreeBSD release.
1621 Copyright information:
1623 Copyright 1998-2009 M. Warner Losh. All Rights Reserved.
1625 Redistribution, publication, translation and use, with or without
1626 modification, in full or in part, in any form or format of this
1627 document are permitted without further permission from the author.
1629 THIS DOCUMENT IS PROVIDED BY WARNER LOSH ``AS IS'' AND ANY EXPRESS OR
1630 IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
1631 WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
1632 DISCLAIMED. IN NO EVENT SHALL WARNER LOSH BE LIABLE FOR ANY DIRECT,
1633 INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
1634 (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
1635 SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
1636 HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
1637 STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
1638 IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
1639 POSSIBILITY OF SUCH DAMAGE.
1641 Contact Warner Losh if you have any questions about your use of