1 Updating Information for FreeBSD current users.
3 This file is maintained and copyrighted by M. Warner Losh <imp@freebsd.org>.
4 See end of file for further details. For commonly done items, please see the
5 COMMON ITEMS: section later in the file. These instructions assume that you
6 basically know what you are doing. If not, then please consult the FreeBSD
9 https://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/updating-src.html
11 Items affecting the ports and packages system can be found in
12 /usr/ports/UPDATING. Please read that file before running portupgrade.
14 NOTE: FreeBSD has switched from gcc to clang. If you have trouble bootstrapping
15 from older versions of FreeBSD, try WITHOUT_CLANG and WITH_GCC to bootstrap to
16 the tip of head, and then rebuild without this option. The bootstrap process
17 from older version of current across the gcc/clang cutover is a bit fragile.
19 20190820 p14 FreeBSD-SA-19:22.mbuf
21 FreeBSD-SA-19:24.mqueuefs
23 Fix IPv6 remote denial of service. [SA-19:22.mbuf]
25 Fix kernel memory disclosure from /dev/midistat. [SA-19:23.midi]
27 Fix reference count overflow in mqueuefs. [SA-19:24.mqueuefs]
29 20190806 p13 FreeBSD-EN-19:15.libunwind
30 FreeBSD-SA-19:18.bzip2
31 FreeBSD-SA-19:19.mldv2
32 FreeBSD-SA-19:20.bsnmp
33 FreeBSD-SA-19:21.bhyve
35 Fix incorrect exception handling. [EN-19:15.libunwind]
37 Fix multiple vulnerabilities in bzip2. [SA-19:18.bzip2]
39 Fix ICMPv6 / MLDv2 out-of-bounds memory access. [SA-19:19.mldv2]
41 Fix insufficient message length validation in bsnmp library.
44 Fix insufficient validation of guest-supplied data (e1000 device).
47 20190724 p12 FreeBSD-EN-19:13.mds
48 FreeBSD-SA-19:12.telnet
50 FreeBSD-SA-19:14.freebsd32
51 FreeBSD-SA-19:15.mqueuefs
52 FreeBSD-SA-19:16.bhyve
55 Fix panic from Intel CPU vulnerability mitigation. [EN-19:13.mds]
57 Fix multiple telnet client vulnerabilities. [SA-19:12.telnet]
59 Fix pts write-after-free. [SA-19:13.pts]
61 Fix kernel memory disclosure in freebsd32_ioctl. [SA-19:14.freebsd32]
63 Fix reference count overflow in mqueuefs. [SA-19:15.mqueuefs]
65 Fix byhve out-of-bounds read in XHCI device. [SA-19:16.bhyve]
67 Fix file descriptor reference count leak. [SA-19:17.fd]
69 20190702 p11 FreeBSD-EN-19:12.tzdata
70 FreeBSD-SA-19:09.iconv
72 FreeBSD-SA-19:11.cd_ioctl
74 Import tzdata 2019b. [EN-19:12.tzdata]
76 Fix iconv buffer overflow. [SA-19:09.iconv]
78 Fix kernel stack disclosure in UFS/FFS. [SA-19:10.ufs]
80 Fix privilege escalation in cd(4) driver. [SA-19:11.cd_ioctl]
82 20190514 p10 FreeBSD-EN-19:08.tzdata
83 FreeBSD-EN-19:09.xinstall
90 Import tzdata 2019a. [EN-19:08.tzdata]
92 Fix install with partially matching relative paths. [EN-19:09.xinstall]
94 Fix multiple vulnerabilities in hostapd/wpa_supplicant. [SA-19:03.wpa]
96 Fix authenticated denial of service in ntpd. [SA-19:04.ntp]
98 Fix IPv6 fragment reassembly in pf. [SA-19:05.pf]
100 Fix ICMP/ICMP6 packet filter bypass in pf. [SA-19:06.pf]
102 Add mitigations for Microarchitectural Data Sampling. [SA-19:07.mds]
105 20190205 p9 FreeBSD-SA-19:01.syscall
107 amd64: clear callee-preserved registers on syscall exit
110 20190109 p8 FreeBSD-EN-19:03.sqlite
111 FreeBSD-EN-19:04.tzdata
112 FreeBSD-EN-19:05.kqueue
114 Update sqlite3-3.20.0 --> sqlite3-3.26.0 (3260000) [EN-19:03.sqlite]
116 Import tzdata 2018h, 2018i [EN-19:04.tzdata]
118 Avoid unsynchronized updates to kn_status. [EN-19:05.kqueue]
121 20181219 p7 FreeBSD-SA-18:15.bootpd
122 FreeBSD-EN-18:16.ptrace
126 bootpd: validate hardware type [SA-18:15.bootpd]
128 Only clear a pending thread event if one is pending. [EN-18:16.ptrace]
130 Update the free page count when blacklisting pages. [EN-18:17.vm]
132 Resolve a hang in ZFS during vnode reclamation [EN-18:18.zfs]
135 20181204 p6 FreeBSD-SA-18:14.bhyve
137 Fix insufficient bounds checking in bhyve(8) device model.
140 20181127 p5 FreeBSD-SA-18:13.nfs
141 FreeBSD-EN-18:13.icmp
142 FreeBSD-EN-18:14.tzdata
143 FreeBSD-EN-18:15.loader
145 Fix multiple vulnerabilities in NFS server code. [SA-18:13.nfs]
147 Fix ICMP buffer underwrite. [EN-18:13.icmp]
149 Timezone database information update. [EN-18:14.tzdata]
151 Fix deferred kernel loading breaks loader password. [EN-18:15.loader]
153 20180927 p4 FreeBSD-EN-18:09.ip
154 FreeBSD-EN-18:10.syscall
155 FreeBSD-EN-18:11.listen
158 Fix regression in IPv6 fragment reassembly. [EN-18:09.ip]
160 Fix NULL pointer dereference in freebsd4_getfsstat. [EN-18:10.syscall]
162 Fix DoS in listen syscall over IPv6 socket. [EN-18:11.listen]
164 Fix small kernel memory disclosures. [EN-18:12.mem]
166 20180912 p3 FreeBSD-SA-18:12.elf
167 FreeBSD-EN-18:08.lazyfpu
169 Fix improper elf header parsing. [SA-18:12.elf]
171 Fix regression in Lazy FPU remediation. [EN-18:08.lazyfpu]
173 20180814 p2 FreeBSD-SA-18:08.tcp [revised]
174 FreeBSD-SA-18:09.l1tf
176 FreeBSD-SA-18:11.hostapd
178 Revise manual pages. [SA-18:08.tcp]
180 Fix L1 Terminal Fault (L1TF) kernel information disclosure.
183 Fix resource exhaustion in IP fragment reassembly. [SA-18:10.ip]
185 Fix unauthenticated EAPOL-Key decryption vulnerability.
188 20180806 p1 FreeBSD-SA-18:08.tcp
190 Fix resource exhaustion in TCP reassembly.
196 The tz database (tzdb) has been updated to 2018e. This version more
197 correctly models time stamps in time zones with negative DST such as
198 Europe/Dublin (from 1971 on), Europe/Prague (1946/7), and
199 Africa/Windhoek (1994/2017). This does not affect the UT offsets, only
200 time zone abbreviations and the tm_isdst flag.
203 The use of RSS hash from the network card aka flowid has been
204 disabled by default for lagg(4) as it's currently incompatible with
205 the lacp and loadbalance protocols.
207 This can be re-enabled by setting the following in loader.conf:
208 net.link.lagg.default_use_flowid="1"
211 Clang, llvm, lld, lldb, compiler-rt and libc++ have been upgraded to
212 6.0.0. Please see the 20141231 entry below for information about
213 prerequisites and upgrading, if you are not already using clang 3.5.0
217 The LOADER_FIREWIRE_SUPPORT build variable as been renamed to
218 WITH/OUT_LOADER_FIREWIRE. LOADER_{NO_,}GELI_SUPPORT has been renamed
219 to WITH/OUT_LOADER_GELI.
222 The geli password typed at boot is now hidden. To restore the previous
223 behavior, see geli(8) for configuration options.
225 The SW_WATCHDOG option is no longer necessary to enable the
226 hardclock-based software watchdog if no hardware watchdog is
227 configured. As before, SW_WATCHDOG will cause the software
228 watchdog to be enabled even if a hardware watchdog is configured.
231 lint(1) binaries and library are no longer built by default. To
232 enable building them, define WITH_LINT in src.conf. If you are using
233 a FreeBSD 12 or later system to build 11-stable, you may need to
234 install a lint(1) binary to use WITH_LINT.
237 When building multiple kernels using KERNCONF, non-existent KERNCONF
238 files will produce an error and buildkernel will fail. Previously
239 missing KERNCONF files silently failed giving no indication as to
240 why, only to subsequently discover during installkernel that the
241 desired kernel was never built in the first place.
244 Clang, llvm, lldb, compiler-rt and libc++ have been upgraded to 5.0.0.
245 Please see the 20141231 entry below for information about prerequisites
246 and upgrading, if you are not already using clang 3.5.0 or higher.
249 Since the switch to GPT disk labels, fsck for UFS/FFS has been
250 unable to automatically find alternate superblocks. As of r322806,
251 the information needed to find alternate superblocks has been
252 moved to the end of the area reserved for the boot block.
253 Filesystems created with a newfs of this vintage or later
254 will create the recovery information. If you have a filesystem
255 created prior to this change and wish to have a recovery block
256 created for your filesystem, you can do so by running fsck in
257 forground mode (i.e., do not use the -p or -y options). As it
258 starts, fsck will ask ``SAVE DATA TO FIND ALTERNATE SUPERBLOCKS''
259 to which you should answer yes.
262 arm64 builds now use the base system LLD 4.0.0 linker by default,
263 instead of requiring that the aarch64-binutils port or package be
264 installed. To continue using aarch64-binutils, set
265 CROSS_BINUTILS_PREFIX=/usr/local/aarch64-freebsd/bin .
268 The ctl.ko module no longer implements the iSCSI target frontend:
269 cfiscsi.ko does instead.
271 If building cfiscsi.ko as a kernel module, the module can be loaded
272 via one of the following methods:
273 - `cfiscsi_load="YES"` in loader.conf(5).
274 - Add `cfiscsi` to `$kld_list` in rc.conf(5).
275 - ctladm(8)/ctld(8), when compiled with iSCSI support
276 (`WITH_ISCSI=yes` in src.conf(5))
278 Please see cfiscsi(4) for more details.
281 The mmcsd.ko module now additionally depends on geom_flashmap.ko.
282 Also, mmc.ko and mmcsd.ko need to be a matching pair built from the
283 same source (previously, the dependency of mmcsd.ko on mmc.ko was
284 missing, but mmcsd.ko now will refuse to load if it is incompatible
288 Binds and sends to the loopback addresses, IPv6 and IPv4, will now
289 use any explicitly assigned loopback address available in the jail
290 instead of using the first assigned address of the jail.
293 As of r316810 for ipfilter, keep frags is no longer assumed when
294 keep state is specified in a rule. r316810 aligns ipfilter with
295 documentation in man pages separating keep frags from keep state.
296 This allows keep state to specified without forcing keep frags
297 and allows keep frags to be specified independently of keep state.
298 To maintain previous behaviour, also specify keep frags with
299 keep state (as documented in ipf.conf.5).
302 Clang, llvm, lldb, compiler-rt and libc++ have been upgraded to 4.0.0.
303 Please see the 20141231 entry below for information about prerequisites
304 and upgrading, if you are not already using clang 3.5.0 or higher.
307 The code that provides support for ZFS .zfs/ directory functionality
308 has been reimplemented. It's not possible now to create a snapshot
309 by mkdir under .zfs/snapshot/. That should be the only user visible
313 Many changes in the IPsec code have been merged from the FreeBSD-CURRENT
314 branch. The IPSEC_FILTERTUNNEL kernel option is removed in favour of
315 corresponding sysctl. The IPSEC_NAT_T kernel option is also removed,
316 and now NAT-T is supported by default. Security associations now use
317 the single namespace for SPI allocation, so if you use several manually
318 configured security associations with the same SPI, this configuration
322 Clang, llvm, lldb, compiler-rt and libc++ have been upgraded to 3.9.1.
323 Please see the 20141231 entry below for information about prerequisites
324 and upgrading, if you are not already using clang 3.5.0 or higher.
327 Clang, llvm, lldb, compiler-rt and libc++ have been upgraded to 3.9.0.
328 Please see the 20141231 entry below for information about prerequisites
329 and upgrading, if you are not already using clang 3.5.0 or higher.
332 The layout of the pmap structure has changed for powerpc to put the pmap
333 statistics at the front for all CPU variations. libkvm(3) and all tools
334 that link against it need to be recompiled.
337 isl(4) and cyapa(4) drivers now require a new driver,
338 chromebook_platform(4), to work properly on Chromebook-class hardware.
339 On other types of hardware the drivers may need to be configured using
340 device hints. Please see the corresponding manual pages for details.
343 Relocatable object files with the extension of .So have been renamed
344 to use an extension of .pico instead. The purpose of this change is
345 to avoid a name clash with shared libraries on case-insensitive file
346 systems. On those file systems, foo.So is the same file as foo.so.
349 The libc stub for the pipe(2) system call has been replaced with
350 a wrapper that calls the pipe2(2) system call and the pipe(2)
351 system call is now only implemented by the kernels that include
352 "options COMPAT_FREEBSD10" in their config file (this is the
353 default). Users should ensure that this option is enabled in
354 their kernel or upgrade userspace to r302092 before upgrading their
358 CAM will now strip leading spaces from SCSI disks' serial numbers.
359 This will effect users who create UFS filesystems on SCSI disks using
360 those disk's diskid device nodes. For example, if /etc/fstab
361 previously contained a line like
362 "/dev/diskid/DISK-%20%20%20%20%20%20%20ABCDEFG0123456", you should
363 change it to "/dev/diskid/DISK-ABCDEFG0123456". Users of geom
364 transforms like gmirror may also be affected. ZFS users should
368 The bitstring(3) API has been updated with new functionality and
369 improved performance. But it is binary-incompatible with the old API.
370 Objects built with the new headers may not be linked against objects
371 built with the old headers.
374 The brk and sbrk functions have been removed from libc on arm64.
375 Binutils from ports has been updated to not link to these
376 functions and should be updated to the latest version before
377 installing a new libc.
380 The armv6 port now defaults to hard float ABI. Limited support
381 for running both hardfloat and soft float on the same system
382 is available using the libraries installed with -DWITH_LIBSOFT.
383 This has only been tested as an upgrade path for installworld
384 and packages may fail or need manual intervention to run. New
385 packages will be needed.
387 To update an existing self-hosted armv6hf system, you must add
388 TARGET_ARCH=armv6 on the make command line for both the build
389 and the install steps.
392 Kernel modules compiled outside of a kernel build now default to
393 installing to /boot/modules instead of /boot/kernel. Many kernel
394 modules built this way (such as those in ports) already overrode
395 KMODDIR explicitly to install into /boot/modules. However,
396 manually building and installing a module from /sys/modules will
397 now install to /boot/modules instead of /boot/kernel.
400 The CAM I/O scheduler has been committed to the kernel. There should be
401 no user visible impact. This does enable NCQ Trim on ada SSDs. While the
402 list of known rogues that claim support for this but actually corrupt
403 data is believed to be complete, be on the lookout for data
404 corruption. The known rogue list is believed to be complete:
406 o Crucial MX100, M550 drives with MU01 firmware.
407 o Micron M510 and M550 drives with MU01 firmware.
408 o Micron M500 prior to MU07 firmware
409 o Samsung 830, 840, and 850 all firmwares
410 o FCCT M500 all firmwares
412 Crucial has firmware http://www.crucial.com/usa/en/support-ssd-firmware
413 with working NCQ TRIM. For Micron branded drives, see your sales rep for
414 updated firmware. Black listed drives will work correctly because these
415 drives work correctly so long as no NCQ TRIMs are sent to them. Given
416 this list is the same as found in Linux, it's believed there are no
417 other rogues in the market place. All other models from the above
420 To be safe, if you are at all concerned, you can quirk each of your
421 drives to prevent NCQ from being sent by setting:
422 kern.cam.ada.X.quirks="0x2"
423 in loader.conf. If the drive requires the 4k sector quirk, set the
427 The FAST_DEPEND build option has been removed and its functionality is
428 now the one true way. The old mkdep(1) style of 'make depend' has
429 been removed. See 20160311 for further details.
432 Resource range types have grown from unsigned long to uintmax_t. All
433 drivers, and anything using libdevinfo, need to be recompiled.
436 WITH_FAST_DEPEND is now enabled by default for in-tree and out-of-tree
437 builds. It no longer runs mkdep(1) during 'make depend', and the
438 'make depend' stage can safely be skipped now as it is auto ran
439 when building 'make all' and will generate all SRCS and DPSRCS before
440 building anything else. Dependencies are gathered at compile time with
441 -MF flags kept in separate .depend files per object file. Users should
442 run 'make cleandepend' once if using -DNO_CLEAN to clean out older
446 On amd64, clang 3.8.0 can now insert sections of type AMD64_UNWIND into
447 kernel modules. Therefore, if you load any kernel modules at boot time,
448 please install the boot loaders after you install the kernel, but before
452 make kernel KERNCONF=YOUR_KERNEL_HERE
453 make -C sys/boot install
454 <reboot in single user>
456 Then follow the usual steps, described in the General Notes section,
460 Clang, llvm, lldb and compiler-rt have been upgraded to 3.8.0. Please
461 see the 20141231 entry below for information about prerequisites and
462 upgrading, if you are not already using clang 3.5.0 or higher.
465 The AIO subsystem is now a standard part of the kernel. The
466 VFS_AIO kernel option and aio.ko kernel module have been removed.
467 Due to stability concerns, asynchronous I/O requests are only
468 permitted on sockets and raw disks by default. To enable
469 asynchronous I/O requests on all file types, set the
470 vfs.aio.enable_unsafe sysctl to a non-zero value.
473 The ELF object manipulation tool objcopy is now provided by the
474 ELF Tool Chain project rather than by GNU binutils. It should be a
475 drop-in replacement, with the addition of arm64 support. The
476 (temporary) src.conf knob WITHOUT_ELFCOPY_AS_OBJCOPY knob may be set
477 to obtain the GNU version if necessary.
480 Building ZFS pools on top of zvols is prohibited by default. That
481 feature has never worked safely; it's always been prone to deadlocks.
482 Using a zvol as the backing store for a VM guest's virtual disk will
483 still work, even if the guest is using ZFS. Legacy behavior can be
484 restored by setting vfs.zfs.vol.recursive=1.
487 The NONE and HPN patches has been removed from OpenSSH. They are
488 still available in the security/openssh-portable port.
491 With the addition of ypldap(8), a new _ypldap user is now required
492 during installworld. "mergemaster -p" can be used to add the user
493 prior to installworld, as documented in the handbook.
496 The tftp loader (pxeboot) now uses the option root-path directive. As a
497 consequence it no longer looks for a pxeboot.4th file on the tftp
498 server. Instead it uses the regular /boot infrastructure as with the
502 The code to start recording plug and play data into the modules has
503 been committed. While the old tools will properly build a new kernel,
504 a number of warnings about "unknown metadata record 4" will be produced
505 for an older kldxref. To avoid such warnings, make sure to rebuild
506 the kernel toolchain (or world). Make sure that you have r292078 or
507 later when trying to build 292077 or later before rebuilding.
510 Debug data files are now built by default with 'make buildworld' and
511 installed with 'make installworld'. This facilitates debugging but
512 requires more disk space both during the build and for the installed
513 world. Debug files may be disabled by setting WITHOUT_DEBUG_FILES=yes
517 r291527 changed the internal interface between the nfsd.ko and
518 nfscommon.ko modules. As such, they must both be upgraded to-gether.
519 __FreeBSD_version has been bumped because of this.
522 Add support for unicode collation strings leads to a change of
523 order of files listed by ls(1) for example. To get back to the old
524 behaviour, set LC_COLLATE environment variable to "C".
526 Databases administrators will need to reindex their databases given
527 collation results will be different.
529 Due to a bug in install(1) it is recommended to remove the ancient
530 locales before running make installworld.
532 rm -rf /usr/share/locale/*
535 The OpenSSL has been upgraded to 1.0.2d. Any binaries requiring
536 libcrypto.so.7 or libssl.so.7 must be recompiled.
539 Qlogic 24xx/25xx firmware images were updated from 5.5.0 to 7.3.0.
540 Kernel modules isp_2400_multi and isp_2500_multi were removed and
541 should be replaced with isp_2400 and isp_2500 modules respectively.
544 The build previously allowed using 'make -n' to not recurse into
545 sub-directories while showing what commands would be executed, and
546 'make -n -n' to recursively show commands. Now 'make -n' will recurse
547 and 'make -N' will not.
550 If you specify SENDMAIL_MC or SENDMAIL_CF in make.conf, mergemaster
551 and etcupdate will now use this file. A custom sendmail.cf is now
552 updated via this mechanism rather than via installworld. If you had
553 excluded sendmail.cf in mergemaster.rc or etcupdate.conf, you may
554 want to remove the exclusion or change it to "always install".
555 /etc/mail/sendmail.cf is now managed the same way regardless of
556 whether SENDMAIL_MC/SENDMAIL_CF is used. If you are not using
557 SENDMAIL_MC/SENDMAIL_CF there should be no change in behavior.
560 Compatibility shims for legacy ATA device names have been removed.
561 It includes ATA_STATIC_ID kernel option, kern.cam.ada.legacy_aliases
562 and kern.geom.raid.legacy_aliases loader tunables, kern.devalias.*
563 environment variables, /dev/ad* and /dev/ar* symbolic links.
566 Clang, llvm, lldb, compiler-rt and libc++ have been upgraded to 3.7.0.
567 Please see the 20141231 entry below for information about prerequisites
568 and upgrading, if you are not already using clang 3.5.0 or higher.
571 Kernel debug files have been moved to /usr/lib/debug/boot/kernel/,
572 and renamed from .symbols to .debug. This reduces the size requirements
573 on the boot partition or file system and provides consistency with
574 userland debug files.
576 When using the supported kernel installation method the
577 /usr/lib/debug/boot/kernel directory will be renamed (to kernel.old)
578 as is done with /boot/kernel.
580 Developers wishing to maintain the historical behavior of installing
581 debug files in /boot/kernel/ can set KERN_DEBUGDIR="" in src.conf(5).
584 The wireless drivers had undergone changes that remove the 'parent
585 interface' from the ifconfig -l output. The rc.d network scripts
586 used to check presence of a parent interface in the list, so old
587 scripts would fail to start wireless networking. Thus, etcupdate(3)
588 or mergemaster(8) run is required after kernel update, to update your
589 rc.d scripts in /etc.
592 pf no longer supports 'scrub fragment crop' or 'scrub fragment drop-ovl'
593 These configurations are now automatically interpreted as
594 'scrub fragment reassemble'.
597 Kernel-loadable modules for the random(4) device are back. To use
598 them, the kernel must have
601 options RANDOM_LOADABLE
603 kldload(8) can then be used to load random_fortuna.ko
604 or random_yarrow.ko. Please note that due to the indirect
605 function calls that the loadable modules need to provide,
606 the build-in variants will be slightly more efficient.
608 The random(4) kernel option RANDOM_DUMMY has been retired due to
609 unpopularity. It was not all that useful anyway.
612 The WITHOUT_ELFTOOLCHAIN_TOOLS src.conf(5) knob has been retired.
613 Control over building the ELF Tool Chain tools is now provided by
614 the WITHOUT_TOOLCHAIN knob.
617 The polarity of Pulse Per Second (PPS) capture events with the
618 uart(4) driver has been corrected. Prior to this change the PPS
619 "assert" event corresponded to the trailing edge of a positive PPS
620 pulse and the "clear" event was the leading edge of the next pulse.
622 As the width of a PPS pulse in a typical GPS receiver is on the
623 order of 1 millisecond, most users will not notice any significant
624 difference with this change.
626 Anyone who has compensated for the historical polarity reversal by
627 configuring a negative offset equal to the pulse width will need to
628 remove that workaround.
631 The default group assigned to /dev/dri entries has been changed
632 from 'wheel' to 'video' with the id of '44'. If you want to have
633 access to the dri devices please add yourself to the video group
636 # pw groupmod video -m $USER
639 The menu.rc and loader.rc files will now be replaced during
640 upgrades. Please migrate local changes to menu.rc.local and
641 loader.rc.local instead.
644 GNU Binutils versions of addr2line, c++filt, nm, readelf, size,
645 strings and strip have been removed. The src.conf(5) knob
646 WITHOUT_ELFTOOLCHAIN_TOOLS no longer provides the binutils tools.
649 As ZFS requires more kernel stack pages than is the default on some
650 architectures e.g. i386, it now warns if KSTACK_PAGES is less than
651 ZFS_MIN_KSTACK_PAGES (which is 4 at the time of writing).
653 Please consider using 'options KSTACK_PAGES=X' where X is greater
654 than or equal to ZFS_MIN_KSTACK_PAGES i.e. 4 in such configurations.
657 sendmail has been updated to 8.15.2. Starting with FreeBSD 11.0
658 and sendmail 8.15, sendmail uses uncompressed IPv6 addresses by
659 default, i.e., they will not contain "::". For example, instead
660 of ::1, it will be 0:0:0:0:0:0:0:1. This permits a zero subnet
661 to have a more specific match, such as different map entries for
662 IPv6:0:0 vs IPv6:0. This change requires that configuration
663 data (including maps, files, classes, custom ruleset, etc.) must
664 use the same format, so make certain such configuration data is
665 upgrading. As a very simple check search for patterns like
666 'IPv6:[0-9a-fA-F:]*::' and 'IPv6::'. To return to the old
667 behavior, set the m4 option confUSE_COMPRESSED_IPV6_ADDRESSES or
668 the cf option UseCompressedIPv6Addresses.
671 The default kernel entropy-processing algorithm is now
672 Fortuna, replacing Yarrow.
674 Assuming you have 'device random' in your kernel config
675 file, the configurations allow a kernel option to override
676 this default. You may choose *ONE* of:
678 options RANDOM_YARROW # Legacy /dev/random algorithm.
679 options RANDOM_DUMMY # Blocking-only driver.
681 If you have neither, you get Fortuna. For most people,
682 read no further, Fortuna will give a /dev/random that works
683 like it always used to, and the difference will be irrelevant.
685 If you remove 'device random', you get *NO* kernel-processed
686 entropy at all. This may be acceptable to folks building
687 embedded systems, but has complications. Carry on reading,
688 and it is assumed you know what you need.
690 *PLEASE* read random(4) and random(9) if you are in the
691 habit of tweaking kernel configs, and/or if you are a member
692 of the embedded community, wanting specific and not-usual
693 behaviour from your security subsystems.
695 NOTE!! If you use RANDOM_DUMMY and/or have no 'device
696 random', you will NOT have a functioning /dev/random, and
697 many cryptographic features will not work, including SSH.
698 You may also find strange behaviour from the random(3) set
699 of library functions, in particular sranddev(3), srandomdev(3)
700 and arc4random(3). The reason for this is that the KERN_ARND
701 sysctl only returns entropy if it thinks it has some to
702 share, and with RANDOM_DUMMY or no 'device random' this
706 An additional fix for the issue described in the 20150614 sendmail
707 entry below has been been committed in revision 284717.
710 FreeBSD's old make (fmake) has been removed from the system. It is
711 available as the devel/fmake port or via pkg install fmake.
714 The fix for the issue described in the 20150614 sendmail entry
715 below has been been committed in revision 284436. The work
716 around described in that entry is no longer needed unless the
717 default setting is overridden by a confDH_PARAMETERS configuration
718 setting of '5' or pointing to a 512 bit DH parameter file.
721 ALLOW_DEPRECATED_ATF_TOOLS/ATFFILE support has been removed from
722 atf.test.mk (included from bsd.test.mk). Please upgrade devel/atf
723 and devel/kyua to version 0.20+ and adjust any calling code to work
724 with Kyuafile and kyua.
727 The import of openssl to address the FreeBSD-SA-15:10.openssl
728 security advisory includes a change which rejects handshakes
729 with DH parameters below 768 bits. sendmail releases prior
730 to 8.15.2 (not yet released), defaulted to a 512 bit
731 DH parameter setting for client connections. To work around
732 this interoperability, sendmail can be configured to use a
733 2048 bit DH parameter by:
735 1. Edit /etc/mail/`hostname`.mc
736 2. If a setting for confDH_PARAMETERS does not exist or
737 exists and is set to a string beginning with '5',
739 3. If a setting for confDH_PARAMETERS exists and is set to
740 a file path, create a new file with:
741 openssl dhparam -out /path/to/file 2048
742 4. Rebuild the .cf file:
743 cd /etc/mail/; make; make install
745 cd /etc/mail/; make restart
747 A sendmail patch is coming, at which time this file will be
751 Generation of legacy formatted entries have been disabled by default
752 in pwd_mkdb(8), as all base system consumers of the legacy formatted
753 entries were converted to use the new format by default when the new,
754 machine independent format have been added and supported since FreeBSD
757 Please see the pwd_mkdb(8) manual page for further details.
760 Clang and llvm have been upgraded to 3.6.1 release. Please see the
761 20141231 entry below for information about prerequisites and upgrading,
762 if you are not already using 3.5.0 or higher.
765 TI platform code switched to using vendor DTS files and this update
766 may break existing systems running on Beaglebone, Beaglebone Black,
769 - dtb files should be regenerated/reinstalled. Filenames are the
770 same but content is different now
771 - GPIO addressing was changed, now each GPIO bank (32 pins per bank)
772 has its own /dev/gpiocX device, e.g. pin 121 on /dev/gpioc0 in old
773 addressing scheme is now pin 25 on /dev/gpioc3.
774 - Pandaboard: /etc/ttys should be updated, serial console device is
775 now /dev/ttyu2, not /dev/ttyu0
778 soelim(1) from gnu/usr.bin/groff has been replaced by usr.bin/soelim.
779 If you need the GNU extension from groff soelim(1), install groff
780 from package: pkg install groff, or via ports: textproc/groff.
783 chmod, chflags, chown and chgrp now affect symlinks in -R mode as
784 defined in symlink(7); previously symlinks were silently ignored.
787 The const qualifier has been removed from iconv(3) to comply with
788 POSIX. The ports tree is aware of this from r384038 onwards.
791 Libraries specified by LIBADD in Makefiles must have a corresponding
792 DPADD_<lib> variable to ensure correct dependencies. This is now
793 enforced in src.libnames.mk.
796 From legacy ata(4) driver was removed support for SATA controllers
797 supported by more functional drivers ahci(4), siis(4) and mvs(4).
798 Kernel modules ataahci and ataadaptec were removed completely,
799 replaced by ahci and mvs modules respectively.
802 Clang, llvm and lldb have been upgraded to 3.6.0 release. Please see
803 the 20141231 entry below for information about prerequisites and
804 upgrading, if you are not already using 3.5.0 or higher.
807 The 32-bit PowerPC kernel has been changed to a position-independent
808 executable. This can only be booted with a version of loader(8)
809 newer than January 31, 2015, so make sure to update both world and
810 kernel before rebooting.
813 If you are running a -CURRENT kernel since r273872 (Oct 30th, 2014),
814 but before r278950, the RNG was not seeded properly. Immediately
815 upgrade the kernel to r278950 or later and regenerate any keys (e.g.
816 ssh keys or openssl keys) that were generated w/ a kernel from that
817 range. This does not affect programs that directly used /dev/random
818 or /dev/urandom. All userland uses of arc4random(3) are affected.
821 The autofs(4) ABI was changed in order to restore binary compatibility
822 with 10.1-RELEASE. The automountd(8) daemon needs to be rebuilt to work
826 The powerpc64 kernel has been changed to a position-independent
827 executable. This can only be booted with a new version of loader(8),
828 so make sure to update both world and kernel before rebooting.
831 Clang and llvm have been upgraded to 3.5.1 release. This is a bugfix
832 only release, no new features have been added. Please see the 20141231
833 entry below for information about prerequisites and upgrading, if you
834 are not already using 3.5.0.
837 ELF tools addr2line, elfcopy (strip), nm, size, and strings are now
838 taken from the ELF Tool Chain project rather than GNU binutils. They
839 should be drop-in replacements, with the addition of arm64 support.
840 The WITHOUT_ELFTOOLCHAIN_TOOLS= knob may be used to obtain the
841 binutils tools, if necessary. See 20150805 for updated information.
844 The default Unbound configuration now enables remote control
845 using a local socket. Users who have already enabled the
846 local_unbound service should regenerate their configuration
847 by running "service local_unbound setup" as root.
850 The GNU texinfo and GNU info pages have been removed.
851 To be able to view GNU info pages please install texinfo from ports.
854 Clang, llvm and lldb have been upgraded to 3.5.0 release.
856 As of this release, a prerequisite for building clang, llvm and lldb is
857 a C++11 capable compiler and C++11 standard library. This means that to
858 be able to successfully build the cross-tools stage of buildworld, with
859 clang as the bootstrap compiler, your system compiler or cross compiler
860 should either be clang 3.3 or later, or gcc 4.8 or later, and your
861 system C++ library should be libc++, or libdstdc++ from gcc 4.8 or
864 On any standard FreeBSD 10.x or 11.x installation, where clang and
865 libc++ are on by default (that is, on x86 or arm), this should work out
868 On 9.x installations where clang is enabled by default, e.g. on x86 and
869 powerpc, libc++ will not be enabled by default, so libc++ should be
870 built (with clang) and installed first. If both clang and libc++ are
871 missing, build clang first, then use it to build libc++.
873 On 8.x and earlier installations, upgrade to 9.x first, and then follow
874 the instructions for 9.x above.
876 Sparc64 and mips users are unaffected, as they still use gcc 4.2.1 by
877 default, and do not build clang.
879 Many embedded systems are resource constrained, and will not be able to
880 build clang in a reasonable time, or in some cases at all. In those
881 cases, cross building bootable systems on amd64 is a workaround.
883 This new version of clang introduces a number of new warnings, of which
884 the following are most likely to appear:
888 This warns in two cases, for both C and C++:
889 * When the code is trying to take the absolute value of an unsigned
890 quantity, which is effectively a no-op, and almost never what was
891 intended. The code should be fixed, if at all possible. If you are
892 sure that the unsigned quantity can be safely cast to signed, without
893 loss of information or undefined behavior, you can add an explicit
894 cast, or disable the warning.
896 * When the code is trying to take an absolute value, but the called
897 abs() variant is for the wrong type, which can lead to truncation.
898 If you want to disable the warning instead of fixing the code, please
899 make sure that truncation will not occur, or it might lead to unwanted
902 -Wtautological-undefined-compare and
903 -Wundefined-bool-conversion
905 These warn when C++ code is trying to compare 'this' against NULL, while
906 'this' should never be NULL in well-defined C++ code. However, there is
907 some legacy (pre C++11) code out there, which actively abuses this
908 feature, which was less strictly defined in previous C++ versions.
910 Squid and openjdk do this, for example. The warning can be turned off
911 for C++98 and earlier, but compiling the code in C++11 mode might result
912 in unexpected behavior; for example, the parts of the program that are
913 unreachable could be optimized away.
916 The old NFS client and server (kernel options NFSCLIENT, NFSSERVER)
917 kernel sources have been removed. The .h files remain, since some
918 utilities include them. This will need to be fixed later.
919 If "mount -t oldnfs ..." is attempted, it will fail.
920 If the "-o" option on mountd(8), nfsd(8) or nfsstat(1) is used,
921 the utilities will report errors.
924 The handling of LOCAL_LIB_DIRS has been altered to skip addition of
925 directories to top level SUBDIR variable when their parent
926 directory is included in LOCAL_DIRS. Users with build systems with
927 such hierarchies and without SUBDIR entries in the parent
928 directory Makefiles should add them or add the directories to
932 faith(4) and faithd(8) have been removed from the base system. Faith
933 has been obsolete for a very long time.
936 vt(4), the new console driver, is enabled by default. It brings
937 support for Unicode and double-width characters, as well as
938 support for UEFI and integration with the KMS kernel video
941 You may need to update your console settings in /etc/rc.conf,
942 most probably the keymap. During boot, /etc/rc.d/syscons will
943 indicate what you need to do.
945 vt(4) still has issues and lacks some features compared to
946 syscons(4). See the wiki for up-to-date information:
947 https://wiki.freebsd.org/Newcons
949 If you want to keep using syscons(4), you can do so by adding
950 the following line to /boot/loader.conf:
954 pjdfstest has been integrated into kyua as an opt-in test suite.
955 Please see share/doc/pjdfstest/README for more details on how to
959 gperf has been removed from the base system for architectures
960 that use clang. Ports that require gperf will obtain it from the
964 pjdfstest has been moved from tools/regression/pjdfstest to
968 At svn r271982, The default linux compat kernel ABI has been adjusted
969 to 2.6.18 in support of the linux-c6 compat ports infrastructure
970 update. If you wish to continue using the linux-f10 compat ports,
971 add compat.linux.osrelease=2.6.16 to your local sysctl.conf. Users are
972 encouraged to update their linux-compat packages to linux-c6 during
973 their next update cycle.
976 The ofwfb driver, used to provide a graphics console on PowerPC when
977 using vt(4), no longer allows mmap() of all physical memory. This
978 will prevent Xorg on PowerPC with some ATI graphics cards from
979 initializing properly unless x11-servers/xorg-server is updated to
983 The xdev targets have been converted to using TARGET and
984 TARGET_ARCH instead of XDEV and XDEV_ARCH.
987 The default unbound configuration has been modified to address
988 issues with reverse lookups on networks that use private
989 address ranges. If you use the local_unbound service, run
990 "service local_unbound setup" as root to regenerate your
991 configuration, then "service local_unbound reload" to load the
995 The GNU texinfo and GNU info pages are not built and installed
996 anymore, WITH_INFO knob has been added to allow to built and install
998 UPDATE: see 20150102 entry on texinfo's removal
1001 The GNU readline library is now an INTERNALLIB - that is, it is
1002 statically linked into consumers (GDB and variants) in the base
1003 system, and the shared library is no longer installed. The
1004 devel/readline port is available for third party software that
1008 The Itanium architecture (ia64) has been removed from the list of
1009 known architectures. This is the first step in the removal of the
1013 Commit r268115 has added NFSv4.1 server support, merged from
1014 projects/nfsv4.1-server. Since this includes changes to the
1015 internal interfaces between the NFS related modules, a full
1016 build of the kernel and modules will be necessary.
1017 __FreeBSD_version has been bumped.
1020 The WITHOUT_VT_SUPPORT kernel config knob has been renamed
1021 WITHOUT_VT. (The other _SUPPORT knobs have a consistent meaning
1022 which differs from the behaviour controlled by this knob.)
1025 Maximal length of the serial number in CTL was increased from 16 to
1026 64 chars, that breaks ABI. All CTL-related tools, such as ctladm
1027 and ctld, need to be rebuilt to work with a new kernel.
1030 The libatf-c and libatf-c++ major versions were downgraded to 0 and
1031 1 respectively to match the upstream numbers. They were out of
1032 sync because, when they were originally added to FreeBSD, the
1033 upstream versions were not respected. These libraries are private
1034 and not yet built by default, so renumbering them should be a
1035 non-issue. However, unclean source trees will yield broken test
1036 programs once the operator executes "make delete-old-libs" after a
1037 "make installworld".
1039 Additionally, the atf-sh binary was made private by moving it into
1040 /usr/libexec/. Already-built shell test programs will keep the
1041 path to the old binary so they will break after "make delete-old"
1044 If you are using WITH_TESTS=yes (not the default), wipe the object
1045 tree and rebuild from scratch to prevent spurious test failures.
1046 This is only needed once: the misnumbered libraries and misplaced
1047 binaries have been added to OptionalObsoleteFiles.inc so they will
1048 be removed during a clean upgrade.
1051 Clang and llvm have been upgraded to 3.4.1 release.
1054 We bogusly installed src.opts.mk in /usr/share/mk. This file should
1055 be removed to avoid issues in the future (and has been added to
1059 /etc/src.conf now affects only builds of the FreeBSD src tree. In the
1060 past, it affected all builds that used the bsd.*.mk files. The old
1061 behavior was a bug, but people may have relied upon it. To get this
1062 behavior back, you can .include /etc/src.conf from /etc/make.conf
1063 (which is still global and isn't changed). This also changes the
1064 behavior of incremental builds inside the tree of individual
1065 directories. Set MAKESYSPATH to ".../share/mk" to do that.
1066 Although this has survived make universe and some upgrade scenarios,
1067 other upgrade scenarios may have broken. At least one form of
1068 temporary breakage was fixed with MAKESYSPATH settings for buildworld
1069 as well... In cases where MAKESYSPATH isn't working with this
1070 setting, you'll need to set it to the full path to your tree.
1072 One side effect of all this cleaning up is that bsd.compiler.mk
1073 is no longer implicitly included by bsd.own.mk. If you wish to
1074 use COMPILER_TYPE, you must now explicitly include bsd.compiler.mk
1078 The lindev device has been removed since /dev/full has been made a
1079 standard device. __FreeBSD_version has been bumped.
1082 The knob WITHOUT_VI was added to the base system, which controls
1083 building ex(1), vi(1), etc. Older releases of FreeBSD required ex(1)
1084 in order to reorder files share/termcap and didn't build ex(1) as a
1085 build tool, so building/installing with WITH_VI is highly advised for
1086 build hosts for older releases.
1088 This issue has been fixed in stable/9 and stable/10 in r277022 and
1089 r276991, respectively.
1092 The YES_HESIOD knob has been removed. It has been obsolete for
1093 a decade. Please move to using WITH_HESIOD instead or your builds
1094 will silently lack HESIOD.
1097 The uart(4) driver has been changed with respect to its handling
1098 of the low-level console. Previously the uart(4) driver prevented
1099 any process from changing the baudrate or the CLOCAL and HUPCL
1100 control flags. By removing the restrictions, operators can make
1101 changes to the serial console port without having to reboot.
1102 However, when getty(8) is started on the serial device that is
1103 associated with the low-level console, a misconfigured terminal
1104 line in /etc/ttys will now have a real impact.
1105 Before upgrading the kernel, make sure that /etc/ttys has the
1106 serial console device configured as 3wire without baudrate to
1107 preserve the previous behaviour. E.g:
1108 ttyu0 "/usr/libexec/getty 3wire" vt100 on secure
1111 Support for libwrap (TCP wrappers) in rpcbind was disabled by default
1112 to improve performance. To re-enable it, if needed, run rpcbind
1113 with command line option -W.
1116 Switched back to the GPL dtc compiler due to updates in the upstream
1117 dts files not being supported by the BSDL dtc compiler. You will need
1118 to rebuild your kernel toolchain to pick up the new compiler. Core dumps
1119 may result while building dtb files during a kernel build if you fail
1120 to do so. Set WITHOUT_GPL_DTC if you require the BSDL compiler.
1123 Clang and llvm have been upgraded to 3.4 release.
1126 The nve(4) driver has been removed. Please use the nfe(4) driver
1127 for NVIDIA nForce MCP Ethernet adapters instead.
1130 An ABI incompatibility crept into the libc++ 3.4 import in r261283.
1131 This could cause certain C++ applications using shared libraries built
1132 against the previous version of libc++ to crash. The incompatibility
1133 has now been fixed, but any C++ applications or shared libraries built
1134 between r261283 and r261801 should be recompiled.
1137 OpenSSH will now ignore errors caused by kernel lacking of Capsicum
1138 capability mode support. Please note that enabling the feature in
1139 kernel is still highly recommended.
1142 OpenSSH is now built with sandbox support, and will use sandbox as
1143 the default privilege separation method. This requires Capsicum
1144 capability mode support in kernel.
1147 The libelf and libdwarf libraries have been updated to newer
1148 versions from upstream. Shared library version numbers for
1149 these two libraries were bumped. Any ports or binaries
1150 requiring these two libraries should be recompiled.
1151 __FreeBSD_version is bumped to 1100006.
1154 If a Makefile in a tests/ directory was auto-generating a Kyuafile
1155 instead of providing an explicit one, this would prevent such
1156 Makefile from providing its own Kyuafile in the future during
1157 NO_CLEAN builds. This has been fixed in the Makefiles but manual
1158 intervention is needed to clean an objdir if you use NO_CLEAN:
1159 # find /usr/obj -name Kyuafile | xargs rm -f
1162 The behavior of gss_pseudo_random() for the krb5 mechanism
1163 has changed, for applications requesting a longer random string
1164 than produced by the underlying enctype's pseudo-random() function.
1165 In particular, the random string produced from a session key of
1166 enctype aes256-cts-hmac-sha1-96 or aes256-cts-hmac-sha1-96 will
1167 be different at the 17th octet and later, after this change.
1168 The counter used in the PRF+ construction is now encoded as a
1169 big-endian integer in accordance with RFC 4402.
1170 __FreeBSD_version is bumped to 1100004.
1173 The WITHOUT_ATF build knob has been removed and its functionality
1174 has been subsumed into the more generic WITHOUT_TESTS. If you were
1175 using the former to disable the build of the ATF libraries, you
1176 should change your settings to use the latter.
1179 The default version of mtree is nmtree which is obtained from
1180 NetBSD. The output is generally the same, but may vary
1181 slightly. If you found you need identical output adding
1182 "-F freebsd9" to the command line should do the trick. For the
1183 time being, the old mtree is available as fmtree.
1186 libbsdyml has been renamed to libyaml and moved to /usr/lib/private.
1187 This will break ports-mgmt/pkg. Rebuild the port, or upgrade to pkg
1188 1.1.4_8 and verify bsdyml not linked in, before running "make
1190 # make -C /usr/ports/ports-mgmt/pkg build deinstall install clean
1192 # pkg install pkg; ldd /usr/local/sbin/pkg | grep bsdyml
1195 The stable/10 branch has been created in subversion from head
1199 The rc.d/jail script has been updated to support jail(8)
1200 configuration file. The "jail_<jname>_*" rc.conf(5) variables
1201 for per-jail configuration are automatically converted to
1202 /var/run/jail.<jname>.conf before the jail(8) utility is invoked.
1203 This is transparently backward compatible. See below about some
1204 incompatibilities and rc.conf(5) manual page for more details.
1206 These variables are now deprecated in favor of jail(8) configuration
1207 file. One can use "rc.d/jail config <jname>" command to generate
1208 a jail(8) configuration file in /var/run/jail.<jname>.conf without
1209 running the jail(8) utility. The default pathname of the
1210 configuration file is /etc/jail.conf and can be specified by
1211 using $jail_conf or $jail_<jname>_conf variables.
1213 Please note that jail_devfs_ruleset accepts an integer at
1214 this moment. Please consider to rewrite the ruleset name
1218 BIND has been removed from the base system. If all you need
1219 is a local resolver, simply enable and start the local_unbound
1220 service instead. Otherwise, several versions of BIND are
1221 available in the ports tree. The dns/bind99 port is one example.
1223 With this change, nslookup(1) and dig(1) are no longer in the base
1224 system. Users should instead use host(1) and drill(1) which are
1225 in the base system. Alternatively, nslookup and dig can
1226 be obtained by installing the dns/bind-tools port.
1229 With the addition of unbound(8), a new unbound user is now
1230 required during installworld. "mergemaster -p" can be used to
1231 add the user prior to installworld, as documented in the handbook.
1234 OpenSSH is now built with DNSSEC support, and will by default
1235 silently trust signed SSHFP records. This can be controlled with
1236 the VerifyHostKeyDNS client configuration setting. DNSSEC support
1237 can be disabled entirely with the WITHOUT_LDNS option in src.conf.
1240 The GNU Compiler Collection and C++ standard library (libstdc++)
1241 are no longer built by default on platforms where clang is the system
1242 compiler. You can enable them with the WITH_GCC and WITH_GNUCXX
1243 options in src.conf.
1246 The PROCDESC kernel option is now part of the GENERIC kernel
1247 configuration and is required for the rwhod(8) to work.
1248 If you are using custom kernel configuration, you should include
1252 The API and ABI related to the Capsicum framework was modified
1253 in backward incompatible way. The userland libraries and programs
1254 have to be recompiled to work with the new kernel. This includes the
1255 following libraries and programs, but the whole buildworld is
1256 advised: libc, libprocstat, dhclient, tcpdump, hastd, hastctl,
1257 kdump, procstat, rwho, rwhod, uniq.
1260 AES-NI intrinsic support has been added to gcc. The AES-NI module
1261 has been updated to use this support. A new gcc is required to build
1262 the aesni module on both i386 and amd64.
1265 The PADLOCK_RNG and RDRAND_RNG kernel options are now devices.
1266 Thus "device padlock_rng" and "device rdrand_rng" should be
1267 used instead of "options PADLOCK_RNG" & "options RDRAND_RNG".
1270 WITH_ICONV has been split into two feature sets. WITH_ICONV now
1271 enables just the iconv* functionality and is now on by default.
1272 WITH_LIBICONV_COMPAT enables the libiconv api and link time
1273 compatibility. Set WITHOUT_ICONV to build the old way.
1274 If you have been using WITH_ICONV before, you will very likely
1275 need to turn on WITH_LIBICONV_COMPAT.
1278 INVARIANTS option now enables DEBUG for code with OpenSolaris and
1279 Illumos origin, including ZFS. If you have INVARIANTS in your
1280 kernel configuration, then there is no need to set DEBUG or ZFS_DEBUG
1282 DEBUG used to enable witness(9) tracking of OpenSolaris (mostly ZFS)
1283 locks if WITNESS option was set. Because that generated a lot of
1284 witness(9) reports and all of them were believed to be false
1285 positives, this is no longer done. New option OPENSOLARIS_WITNESS
1286 can be used to achieve the previous behavior.
1289 Timer values in IPv6 data structures now use time_uptime instead
1290 of time_second. Although this is not a user-visible functional
1291 change, userland utilities which directly use them---ndp(8),
1292 rtadvd(8), and rtsold(8) in the base system---need to be updated
1293 to r253970 or later.
1296 find -delete can now delete the pathnames given as arguments,
1297 instead of only files found below them or if the pathname did
1298 not contain any slashes. Formerly, the following error message
1301 find: -delete: <path>: relative path potentially not safe
1303 Deleting the pathnames given as arguments can be prevented
1304 without error messages using -mindepth 1 or by changing
1305 directory and passing "." as argument to find. This works in the
1306 old as well as the new version of find.
1309 Behavior of devfs rules path matching has been changed.
1310 Pattern is now always matched against fully qualified devfs
1311 path and slash characters must be explicitly matched by
1312 slashes in pattern (FNM_PATHNAME). Rulesets involving devfs
1313 subdirectories must be reviewed.
1316 The default ARM ABI has changed to the ARM EABI. The old ABI is
1317 incompatible with the ARM EABI and all programs and modules will
1318 need to be rebuilt to work with a new kernel.
1320 To keep using the old ABI ensure the WITHOUT_ARM_EABI knob is set.
1322 NOTE: Support for the old ABI will be removed in the future and
1323 users are advised to upgrade.
1326 pkg_install has been disconnected from the build if you really need it
1327 you should add WITH_PKGTOOLS in your src.conf(5).
1330 Most of network statistics structures were changed to be able
1331 keep 64-bits counters. Thus all tools, that work with networking
1332 statistics, must be rebuilt (netstat(1), bsnmpd(1), etc.)
1335 Fix a bug that allowed a tracing process (e.g. gdb) to write
1336 to a memory-mapped file in the traced process's address space
1337 even if neither the traced process nor the tracing process had
1338 write access to that file.
1341 CVS has been removed from the base system. An exact copy
1342 of the code is available from the devel/cvs port.
1345 Some people report the following error after the switch to bmake:
1347 make: illegal option -- J
1348 usage: make [-BPSXeiknpqrstv] [-C directory] [-D variable]
1350 *** [buildworld] Error code 2
1352 this likely due to an old instance of make in
1353 ${MAKEPATH} (${MAKEOBJDIRPREFIX}${.CURDIR}/make.${MACHINE})
1354 which src/Makefile will use that blindly, if it exists, so if
1355 you see the above error:
1357 rm -rf `make -V MAKEPATH`
1362 Use bmake by default.
1363 Whereas before one could choose to build with bmake via
1364 -DWITH_BMAKE one must now use -DWITHOUT_BMAKE to use the old
1365 make. The goal is to remove these knobs for 10-RELEASE.
1367 It is worth noting that bmake (like gmake) treats the command
1368 line as the unit of failure, rather than statements within the
1369 command line. Thus '(cd some/where && dosomething)' is safer
1370 than 'cd some/where; dosomething'. The '()' allows consistent
1371 behavior in parallel build.
1374 Fix a bug that allows NFS clients to issue READDIR on files.
1377 The WITHOUT_IDEA option has been removed because
1378 the IDEA patent expired.
1381 The sysctl which controls TRIM support under ZFS has been renamed
1382 from vfs.zfs.trim_disable -> vfs.zfs.trim.enabled and has been
1386 The mergemaster command now uses the default MAKEOBJDIRPREFIX
1387 rather than creating it's own in the temporary directory in
1388 order allow access to bootstrapped versions of tools such as
1389 install and mtree. When upgrading from version of FreeBSD where
1390 the install command does not support -l, you will need to
1391 install a new mergemaster command if mergemaster -p is required.
1392 This can be accomplished with the command (cd src/usr.sbin/mergemaster
1396 Legacy ATA stack, disabled and replaced by new CAM-based one since
1397 FreeBSD 9.0, completely removed from the sources. Kernel modules
1398 atadisk and atapi*, user-level tools atacontrol and burncd are
1399 removed. Kernel option `options ATA_CAM` is now permanently enabled
1403 SOCK_CLOEXEC and SOCK_NONBLOCK flags have been added to socket(2)
1404 and socketpair(2). Software, in particular Kerberos, may
1405 automatically detect and use these during building. The resulting
1406 binaries will not work on older kernels.
1409 CTL_DISABLE has also been added to the sparc64 GENERIC (for further
1410 information, see the respective 20130304 entry).
1413 Recent commits to callout(9) changed the size of struct callout,
1414 so the KBI is probably heavily disturbed. Also, some functions
1415 in callout(9)/sleep(9)/sleepqueue(9)/condvar(9) KPIs were replaced
1416 by macros. Every kernel module using it won't load, so rebuild
1419 The ctl device has been re-enabled in GENERIC for i386 and amd64,
1420 but does not initialize by default (because of the new CTL_DISABLE
1421 option) to save memory. To re-enable it, remove the CTL_DISABLE
1422 option from the kernel config file or set kern.cam.ctl.disable=0
1423 in /boot/loader.conf.
1426 The ctl device has been disabled in GENERIC for i386 and amd64.
1427 This was done due to the extra memory being allocated at system
1428 initialisation time by the ctl driver which was only used if
1429 a CAM target device was created. This makes a FreeBSD system
1430 unusable on 128MB or less of RAM.
1433 A new compression method (lz4) has been merged to -HEAD. Please
1434 refer to zpool-features(7) for more information.
1436 Please refer to the "ZFS notes" section of this file for information
1437 on upgrading boot ZFS pools.
1440 A BSD-licensed patch(1) variant has been added and is installed
1441 as bsdpatch, being the GNU version the default patch.
1442 To inverse the logic and use the BSD-licensed one as default,
1443 while having the GNU version installed as gnupatch, rebuild
1444 and install world with the WITH_BSD_PATCH knob set.
1447 Due to the use of the new -l option to install(1) during build
1448 and install, you must take care not to directly set the INSTALL
1449 make variable in your /etc/make.conf, /etc/src.conf, or on the
1450 command line. If you wish to use the -C flag for all installs
1451 you may be able to add INSTALL+=-C to /etc/make.conf or
1455 The install(1) option -M has changed meaning and now takes an
1456 argument that is a file or path to append logs to. In the
1457 unlikely event that -M was the last option on the command line
1458 and the command line contained at least two files and a target
1459 directory the first file will have logs appended to it. The -M
1460 option served little practical purpose in the last decade so its
1461 use is expected to be extremely rare.
1464 After switching to Clang as the default compiler some users of ZFS
1465 on i386 systems started to experience stack overflow kernel panics.
1466 Please consider using 'options KSTACK_PAGES=4' in such configurations.
1469 GEOM_LABEL now mangles label names read from file system metadata.
1470 Mangling affect labels containing spaces, non-printable characters,
1471 '%' or '"'. Device names in /etc/fstab and other places may need to
1475 By default, only the 10 most recent kernel dumps will be saved. To
1476 restore the previous behaviour (no limit on the number of kernel dumps
1477 stored in the dump directory) add the following line to /etc/rc.conf:
1482 With the addition of auditdistd(8), a new auditdistd user is now
1483 required during installworld. "mergemaster -p" can be used to
1484 add the user prior to installworld, as documented in the handbook.
1487 The sin6_scope_id member variable in struct sockaddr_in6 is now
1488 filled by the kernel before passing the structure to the userland via
1489 sysctl or routing socket. This means the KAME-specific embedded scope
1490 id in sin6_addr.s6_addr[2] is always cleared in userland application.
1491 This behavior can be controlled by net.inet6.ip6.deembed_scopeid.
1492 __FreeBSD_version is bumped to 1000025.
1495 On i386 and amd64 systems WITH_CLANG_IS_CC is now the default.
1496 This means that the world and kernel will be compiled with clang
1497 and that clang will be installed as /usr/bin/cc, /usr/bin/c++,
1498 and /usr/bin/cpp. To disable this behavior and revert to building
1499 with gcc, compile with WITHOUT_CLANG_IS_CC. Really old versions
1500 of current may need to bootstrap WITHOUT_CLANG first if the clang
1501 build fails (its compatibility window doesn't extend to the 9 stable
1505 The IPFIREWALL_FORWARD kernel option has been removed. Its
1506 functionality now turned on by default.
1509 The ZERO_COPY_SOCKET kernel option has been removed and
1510 split into SOCKET_SEND_COW and SOCKET_RECV_PFLIP.
1511 NB: SOCKET_SEND_COW uses the VM page based copy-on-write
1512 mechanism which is not safe and may result in kernel crashes.
1513 NB: The SOCKET_RECV_PFLIP mechanism is useless as no current
1514 driver supports disposeable external page sized mbuf storage.
1515 Proper replacements for both zero-copy mechanisms are under
1516 consideration and will eventually lead to complete removal
1517 of the two kernel options.
1520 The IPv4 network stack has been converted to network byte
1521 order. The following modules need to be recompiled together
1522 with kernel: carp(4), divert(4), gif(4), siftr(4), gre(4),
1523 pf(4), ipfw(4), ng_ipfw(4), stf(4).
1526 Support for non-MPSAFE filesystems was removed from VFS. The
1527 VFS_VERSION was bumped, all filesystem modules shall be
1531 All the non-MPSAFE filesystems have been disconnected from
1532 the build. The full list includes: codafs, hpfs, ntfs, nwfs,
1533 portalfs, smbfs, xfs.
1536 The interface cloning API and ABI has changed. The following
1537 modules need to be recompiled together with kernel:
1538 ipfw(4), pfsync(4), pflog(4), usb(4), wlan(4), stf(4),
1539 vlan(4), disc(4), edsc(4), if_bridge(4), gif(4), tap(4),
1540 faith(4), epair(4), enc(4), tun(4), if_lagg(4), gre(4).
1543 The sdhci driver was split in two parts: sdhci (generic SD Host
1544 Controller logic) and sdhci_pci (actual hardware driver).
1545 No kernel config modifications are required, but if you
1546 load sdhc as a module you must switch to sdhci_pci instead.
1549 Import the FUSE kernel and userland support into base system.
1552 The GNU sort(1) program has been removed since the BSD-licensed
1553 sort(1) has been the default for quite some time and no serious
1554 problems have been reported. The corresponding WITH_GNU_SORT
1558 The pfil(9) API/ABI for AF_INET family has been changed. Packet
1559 filtering modules: pf(4), ipfw(4), ipfilter(4) need to be recompiled
1563 The net80211(4) ABI has been changed to allow for improved driver
1564 PS-POLL and power-save support. All wireless drivers need to be
1565 recompiled to work with the new kernel.
1568 The random(4) support for the VIA hardware random number
1569 generator (`PADLOCK') is no longer enabled unconditionally.
1570 Add the padlock_rng device in the custom kernel config if
1571 needed. The GENERIC kernels on i386 and amd64 do include the
1572 device, so the change only affects the custom kernel
1576 The pf(4) packet filter ABI has been changed. pfctl(8) and
1577 snmp_pf module need to be recompiled to work with new kernel.
1580 A new ZFS feature flag "com.delphix:empty_bpobj" has been merged
1581 to -HEAD. Pools that have empty_bpobj in active state can not be
1582 imported read-write with ZFS implementations that do not support
1583 this feature. For more information read the zpool-features(5)
1587 The sparc64 ZFS loader has been changed to no longer try to auto-
1588 detect ZFS providers based on diskN aliases but now requires these
1589 to be explicitly listed in the OFW boot-device environment variable.
1592 The OpenSSL has been upgraded to 1.0.1c. Any binaries requiring
1593 libcrypto.so.6 or libssl.so.6 must be recompiled. Also, there are
1594 configuration changes. Make sure to merge /etc/ssl/openssl.cnf.
1597 The following sysctls and tunables have been renamed for consistency
1598 with other variables:
1599 kern.cam.da.da_send_ordered -> kern.cam.da.send_ordered
1600 kern.cam.ada.ada_send_ordered -> kern.cam.ada.send_ordered
1603 The sort utility has been replaced with BSD sort. For now, GNU sort
1604 is also available as "gnusort" or the default can be set back to
1605 GNU sort by setting WITH_GNU_SORT. In this case, BSD sort will be
1606 installed as "bsdsort".
1609 A new version of ZFS (pool version 5000) has been merged to -HEAD.
1610 Starting with this version the old system of ZFS pool versioning
1611 is superseded by "feature flags". This concept enables forward
1612 compatibility against certain future changes in functionality of ZFS
1613 pools. The first read-only compatible "feature flag" for ZFS pools
1614 is named "com.delphix:async_destroy". For more information
1615 read the new zpool-features(5) manual page.
1616 Please refer to the "ZFS notes" section of this file for information
1617 on upgrading boot ZFS pools.
1620 The malloc(3) implementation embedded in libc now uses sources imported
1621 as contrib/jemalloc. The most disruptive API change is to
1622 /etc/malloc.conf. If your system has an old-style /etc/malloc.conf,
1623 delete it prior to installworld, and optionally re-create it using the
1624 new format after rebooting. See malloc.conf(5) for details
1625 (specifically the TUNING section and the "opt.*" entries in the MALLCTL
1629 Big-endian MIPS TARGET_ARCH values no longer end in "eb". mips64eb
1630 is now spelled mips64. mipsn32eb is now spelled mipsn32. mipseb is
1631 now spelled mips. This is to aid compatibility with third-party
1632 software that expects this naming scheme in uname(3). Little-endian
1633 settings are unchanged. If you are updating a big-endian mips64 machine
1634 from before this change, you may need to set MACHINE_ARCH=mips64 in
1635 your environment before the new build system will recognize your machine.
1638 Disable by default the option VFS_ALLOW_NONMPSAFE for all supported
1642 Now unix domain sockets behave "as expected" on nullfs(5). Previously
1643 nullfs(5) did not pass through all behaviours to the underlying layer,
1644 as a result if we bound to a socket on the lower layer we could connect
1645 only to the lower path; if we bound to the upper layer we could connect
1646 only to the upper path. The new behavior is one can connect to both the
1647 lower and the upper paths regardless what layer path one binds to.
1650 The getifaddrs upgrade path broken with 20111215 has been restored.
1651 If you have upgraded in between 20111215 and 20120209 you need to
1652 recompile libc again with your kernel. You still need to recompile
1653 world to be able to configure CARP but this restriction already
1654 comes from 20111215.
1657 The set_rcvar() function has been removed from /etc/rc.subr. All
1658 base and ports rc.d scripts have been updated, so if you have a
1659 port installed with a script in /usr/local/etc/rc.d you can either
1660 hand-edit the rcvar= line, or reinstall the port.
1662 An easy way to handle the mass-update of /etc/rc.d:
1663 rm /etc/rc.d/* && mergemaster -i
1666 panic(9) now stops other CPUs in the SMP systems, disables interrupts
1667 on the current CPU and prevents other threads from running.
1668 This behavior can be reverted using the kern.stop_scheduler_on_panic
1670 The new behavior can be incompatible with kern.sync_on_panic.
1673 The carp(4) facility has been changed significantly. Configuration
1674 of the CARP protocol via ifconfig(8) has changed, as well as format
1675 of CARP events submitted to devd(8) has changed. See manual pages
1676 for more information. The arpbalance feature of carp(4) is currently
1677 not supported anymore.
1679 Size of struct in_aliasreq, struct in6_aliasreq has changed. User
1680 utilities using SIOCAIFADDR, SIOCAIFADDR_IN6, e.g. ifconfig(8),
1681 need to be recompiled.
1684 The acpi_wmi(4) status device /dev/wmistat has been renamed to
1688 The option VFS_ALLOW_NONMPSAFE option has been added in order to
1689 explicitely support non-MPSAFE filesystems.
1690 It is on by default for all supported platform at this present
1694 The broken amd(4) driver has been replaced with esp(4) in the amd64,
1695 i386 and pc98 GENERIC kernel configuration files.
1698 sysinstall has been removed
1701 The stable/9 branch created in subversion. This corresponds to the
1702 RELENG_9 branch in CVS.
1708 Avoid using make -j when upgrading. While generally safe, there are
1709 sometimes problems using -j to upgrade. If your upgrade fails with
1710 -j, please try again without -j. From time to time in the past there
1711 have been problems using -j with buildworld and/or installworld. This
1712 is especially true when upgrading between "distant" versions (eg one
1713 that cross a major release boundary or several minor releases, or when
1714 several months have passed on the -current branch).
1716 Sometimes, obscure build problems are the result of environment
1717 poisoning. This can happen because the make utility reads its
1718 environment when searching for values for global variables. To run
1719 your build attempts in an "environmental clean room", prefix all make
1720 commands with 'env -i '. See the env(1) manual page for more details.
1722 When upgrading from one major version to another it is generally best
1723 to upgrade to the latest code in the currently installed branch first,
1724 then do an upgrade to the new branch. This is the best-tested upgrade
1725 path, and has the highest probability of being successful. Please try
1726 this approach before reporting problems with a major version upgrade.
1728 When upgrading a live system, having a root shell around before
1729 installing anything can help undo problems. Not having a root shell
1730 around can lead to problems if pam has changed too much from your
1731 starting point to allow continued authentication after the upgrade.
1733 This file should be read as a log of events. When a later event changes
1734 information of a prior event, the prior event should not be deleted.
1735 Instead, a pointer to the entry with the new information should be
1736 placed in the old entry. Readers of this file should also sanity check
1737 older entries before relying on them blindly. Authors of new entries
1738 should write them with this in mind.
1742 When upgrading the boot ZFS pool to a new version, always follow
1745 1.) recompile and reinstall the ZFS boot loader and boot block
1746 (this is part of "make buildworld" and "make installworld")
1748 2.) update the ZFS boot block on your boot drive
1750 The following example updates the ZFS boot block on the first
1751 partition (freebsd-boot) of a GPT partitioned drive ada0:
1752 "gpart bootcode -p /boot/gptzfsboot -i 1 ada0"
1754 Non-boot pools do not need these updates.
1758 If you are updating from a prior version of FreeBSD (even one just
1759 a few days old), you should follow this procedure. It is the most
1760 failsafe as it uses a /usr/obj tree with a fresh mini-buildworld,
1762 make kernel-toolchain
1763 make -DALWAYS_CHECK_MAKE buildkernel KERNCONF=YOUR_KERNEL_HERE
1764 make -DALWAYS_CHECK_MAKE installkernel KERNCONF=YOUR_KERNEL_HERE
1766 To test a kernel once
1767 ---------------------
1768 If you just want to boot a kernel once (because you are not sure
1769 if it works, or if you want to boot a known bad kernel to provide
1770 debugging information) run
1771 make installkernel KERNCONF=YOUR_KERNEL_HERE KODIR=/boot/testkernel
1772 nextboot -k testkernel
1774 To just build a kernel when you know that it won't mess you up
1775 --------------------------------------------------------------
1776 This assumes you are already running a CURRENT system. Replace
1777 ${arch} with the architecture of your machine (e.g. "i386",
1778 "arm", "amd64", "ia64", "pc98", "sparc64", "powerpc", "mips", etc).
1780 cd src/sys/${arch}/conf
1781 config KERNEL_NAME_HERE
1782 cd ../compile/KERNEL_NAME_HERE
1787 If this fails, go to the "To build a kernel" section.
1789 To rebuild everything and install it on the current system.
1790 -----------------------------------------------------------
1791 # Note: sometimes if you are running current you gotta do more than
1792 # is listed here if you are upgrading from a really old current.
1794 <make sure you have good level 0 dumps>
1796 make kernel KERNCONF=YOUR_KERNEL_HERE
1798 <reboot in single user> [3]
1805 To cross-install current onto a separate partition
1806 --------------------------------------------------
1807 # In this approach we use a separate partition to hold
1808 # current's root, 'usr', and 'var' directories. A partition
1809 # holding "/", "/usr" and "/var" should be about 2GB in
1812 <make sure you have good level 0 dumps>
1815 make buildkernel KERNCONF=YOUR_KERNEL_HERE
1816 <maybe newfs current's root partition>
1817 <mount current's root partition on directory ${CURRENT_ROOT}>
1818 make installworld DESTDIR=${CURRENT_ROOT} -DDB_FROM_SRC
1819 make distribution DESTDIR=${CURRENT_ROOT} # if newfs'd
1820 make installkernel KERNCONF=YOUR_KERNEL_HERE DESTDIR=${CURRENT_ROOT}
1821 cp /etc/fstab ${CURRENT_ROOT}/etc/fstab # if newfs'd
1822 <edit ${CURRENT_ROOT}/etc/fstab to mount "/" from the correct partition>
1823 <reboot into current>
1824 <do a "native" rebuild/install as described in the previous section>
1825 <maybe install compatibility libraries from ports/misc/compat*>
1829 To upgrade in-place from stable to current
1830 ----------------------------------------------
1831 <make sure you have good level 0 dumps>
1833 make kernel KERNCONF=YOUR_KERNEL_HERE [8]
1835 <reboot in single user> [3]
1842 Make sure that you've read the UPDATING file to understand the
1843 tweaks to various things you need. At this point in the life
1844 cycle of current, things change often and you are on your own
1845 to cope. The defaults can also change, so please read ALL of
1846 the UPDATING entries.
1848 Also, if you are tracking -current, you must be subscribed to
1849 freebsd-current@freebsd.org. Make sure that before you update
1850 your sources that you have read and understood all the recent
1851 messages there. If in doubt, please track -stable which has
1852 much fewer pitfalls.
1854 [1] If you have third party modules, such as vmware, you
1855 should disable them at this point so they don't crash your
1858 [3] From the bootblocks, boot -s, and then do
1863 adjkerntz -i # if CMOS is wall time
1864 Also, when doing a major release upgrade, it is required that
1865 you boot into single user mode to do the installworld.
1867 [4] Note: This step is non-optional. Failure to do this step
1868 can result in a significant reduction in the functionality of the
1869 system. Attempting to do it by hand is not recommended and those
1870 that pursue this avenue should read this file carefully, as well
1871 as the archives of freebsd-current and freebsd-hackers mailing lists
1872 for potential gotchas. The -U option is also useful to consider.
1873 See mergemaster(8) for more information.
1875 [5] Usually this step is a noop. However, from time to time
1876 you may need to do this if you get unknown user in the following
1877 step. It never hurts to do it all the time. You may need to
1878 install a new mergemaster (cd src/usr.sbin/mergemaster && make
1879 install) after the buildworld before this step if you last updated
1880 from current before 20130425 or from -stable before 20130430.
1882 [6] This only deletes old files and directories. Old libraries
1883 can be deleted by "make delete-old-libs", but you have to make
1884 sure that no program is using those libraries anymore.
1886 [8] In order to have a kernel that can run the 4.x binaries needed to
1887 do an installworld, you must include the COMPAT_FREEBSD4 option in
1888 your kernel. Failure to do so may leave you with a system that is
1889 hard to boot to recover. A similar kernel option COMPAT_FREEBSD5 is
1890 required to run the 5.x binaries on more recent kernels. And so on
1891 for COMPAT_FREEBSD6 and COMPAT_FREEBSD7.
1893 Make sure that you merge any new devices from GENERIC since the
1894 last time you updated your kernel config file.
1896 [9] When checking out sources, you must include the -P flag to have
1897 cvs prune empty directories.
1899 If CPUTYPE is defined in your /etc/make.conf, make sure to use the
1900 "?=" instead of the "=" assignment operator, so that buildworld can
1901 override the CPUTYPE if it needs to.
1903 MAKEOBJDIRPREFIX must be defined in an environment variable, and
1904 not on the command line, or in /etc/make.conf. buildworld will
1905 warn if it is improperly defined.
1908 This file contains a list, in reverse chronological order, of major
1909 breakages in tracking -current. It is not guaranteed to be a complete
1910 list of such breakages, and only contains entries since September 23, 2011.
1911 If you need to see UPDATING entries from before that date, you will need
1912 to fetch an UPDATING file from an older FreeBSD release.
1914 Copyright information:
1916 Copyright 1998-2009 M. Warner Losh. All Rights Reserved.
1918 Redistribution, publication, translation and use, with or without
1919 modification, in full or in part, in any form or format of this
1920 document are permitted without further permission from the author.
1922 THIS DOCUMENT IS PROVIDED BY WARNER LOSH ``AS IS'' AND ANY EXPRESS OR
1923 IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
1924 WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
1925 DISCLAIMED. IN NO EVENT SHALL WARNER LOSH BE LIABLE FOR ANY DIRECT,
1926 INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
1927 (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
1928 SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
1929 HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
1930 STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
1931 IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
1932 POSSIBILITY OF SUCH DAMAGE.
1934 Contact Warner Losh if you have any questions about your use of