The &os; Project $FreeBSD$ 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 The &os; Documentation Project &tm-attrib.freebsd; &tm-attrib.ibm; &tm-attrib.ieee; &tm-attrib.intel; &tm-attrib.sparc; &tm-attrib.general; The release notes for &os; &release.current; contain a summary of the changes made to the &os; base system on the &release.branch; development line. This document lists applicable security advisories that were issued since the last release, as well as significant changes to the &os; kernel and userland. Some brief remarks on upgrading are also presented. This document contains the release notes for &os; &release.current;. It describes recently added, changed, or deleted features of &os;. It also provides some notes on upgrading from previous versions of &os;. The latest, up-to-date version of the release notes are available online at &release.url;10.0R/relnotes.html. The &release.type; distribution to which these release notes apply represents the latest point along the &release.branch; development branch since &release.branch; was created. Information regarding pre-built, binary &release.type; distributions along this branch can be found at &release.url;. The &release.type; distribution to which these release notes apply represents a point along the &release.branch; development branch between &release.prev; and the future &release.next;. Information regarding pre-built, binary &release.type; distributions along this branch can be found at &release.url;. This distribution of &os; &release.current; is a &release.type; distribution. It can be found at &release.url; or any of its mirrors. More information on obtaining this (or other) &release.type; distributions of &os; can be found in the Obtaining &os; appendix to the &os; Handbook. All users are encouraged to consult the release errata before installing &os;. The errata document is updated with late-breaking information discovered late in the release cycle or after the release. Typically, it contains information on known bugs, security advisories, and corrections to documentation. An up-to-date copy of the errata for &os; &release.current; can be found on the &os; Web site. This section describes the most user-visible new or changed features in &os; since &release.prev;. In general, changes described here are unique to the &release.branch; branch unless specifically marked as &merged; features. Typical release note items document recent security advisories issued after &release.prev;, new drivers or hardware support, new commands or options, major bug fixes, or contributed software upgrades. They may also list changes to major ports/packages or release engineering practices. Clearly the release notes cannot list every single change made to &os; between releases; this document focuses primarily on security advisories, user-visible changes, and major architectural improvements. No security advisories. The use of unmapped VMIO buffers eliminates the need to perform TLB shootdown for mapping on buffer creation and reuse, greatly reducing the amount of IPIs for shootdown on big-SMP machines and eliminating up to 25-30% of the system time on i/o intensive workloads. The maximum amount of memory the &os; kernel can address has been increased from 1TB to 4TB. A new &man.cpuset.2; API has been added for thread to CPU binding and CPU resource grouping and assignment. The &man.cpuset.1; userland utility has been added to allow manipulation of processor sets. The &man.ddb.4; kernel debugger now has an output capture facility. Input and output from &man.ddb.4; can now be captured to a memory buffer for later inspection using &man.sysctl.8; or a textdump. The new capture command controls this feature. The &man.ddb.4; debugger now supports a simple scripting facility, which supports a set of named scripts consisting of a set of &man.ddb.4; commands. These commands can be managed from within &man.ddb.4; or with the use of the new &man.ddb.8; utility. More details can be found in the &man.ddb.4; manual page. The kernel now supports a new textdump format of kernel dumps. A textdump provides higher-level information via mechanically generated/extracted debugging output, rather than a simple memory dump. This facility can be used to generate brief kernel bug reports that are rich in debugging information, but are not dependent on kernel symbol tables or precisely synchronized source code. More information can be found in the &man.textdump.4; manual page. Kernel support for M:N threading has been removed. While the KSE (Kernel Scheduled Entities) project was quite successful in bringing threading to FreeBSD, the M:N approach taken by the KSE library was never developed to its full potential. Backwards compatibility for applications using KSE threading will be provided via &man.libmap.conf.5; for dynamically linked binaries. The &os; Project greatly appreciates the work of &a.julian;, &a.deischen;, and &a.davidxu; on KSE support. The &os; kernel now exports information about certain kernel features via the kern.features sysctl tree. The &man.feature.present.3; library call provides a convenient interface for user applications to test the presence of features. The &os; kernel now has support for large memory page mappings (superpages). The ULE scheduler is now the default process scheduler in GENERIC kernels. Support was added for the new Intel on-CPU Bull Mountain random number generator, found on IvyBridge and supposedly later CPUs, accessible with RDRAND instruction. The BSD Hypervisor, &man.bhyve.8; is included with &os;. &man.bhyve.8; requires Intel CPUs with VT-x and Extended Page Table (EPT) support. These features are on all Nehalem models and beyond (e.g. Nehalem and newer), but not on the lower-end Atom CPUs. &man.virtio.4; support has been added. &man.virtio.4; is the name for the paravirtualization interface developed for the Linux KVM, but since adopted to other virtual machine hypervisors (with the notable exception of Xen). This work brings in a BSD-licensed clean-room implementation of the virtio kernel drivers for disk IO (&man.virtio_blk.4; and &man.virtio_scsi.4;), network IO (&man.vtnet.4;), memory ballooning (&man.virtio_balloon.4;), and PCI. Tested with on Qemu/KVM, VirtualBox, and &man.bhyve.4;. Paravirtualized drivers which support Microsoft Hyper-V have been imported and made part of the amd64 GENERIC kernel. For i386, these drivers are not part of GENERIC, so the following lines must be added to /boot/loader.conf to load these drivers: hv_ata_pci_disengage_load="YES" hv_netsvc_load="YES" hv_utils_load="YES" hv_vmbus_load="YES" Alternatively, the Hyper-V drivers can be added to the i386 kernel by adding device hyperv to the kernel config, and then recompiling the kernel. The &man.vmx.4; driver has been added. &man.vmx.4; is a VMware VMXNET3 ethernet driver ported from OpenBSD. Xen PVHVM virtualization is now part of the GENERIC kernel. Raspberry PI support has been added. Refer to these setup instructions and quick start guide. The default ABI on ARM is now the ARM EABI. This brings a number of improvements and allows future support for VFP and Thumb-2. ARM support has been greatly improved, including support for ARMv6 and ARMv7, SMP and thread-local storage (TLS). Additionally support for some newer SoC like the MV78x60 and OMAP4 was added. See this announcement for further details. Superpages support on ARM has been added. Superpages support provides improved performance and scalability by allowing TLB translations to dynamically cover large physical memory regions. All ARMv6 and ARMv7-based platforms can take advantage of this feature. See this page for further details. The BTX kernel used by the boot loader has been changed to invoke BIOS routines from real mode. This change makes it possible to boot &os; from USB devices. A new gptboot boot loader has been added to support booting from a GPT labeled disk. A new boot command has been added to &man.gpt.8;, which makes a GPT disk bootable by writing the required bits of the boot loader, creating a new boot partition if required. The &man.cmx.4; driver, a driver for Omnikey CardMan 4040 PCMCIA smartcard readers, has been added. The &man.syscons.4; driver now supports Colemak keyboard layout. The &man.uslcom.4; driver, a driver for Silicon Laboratories CP2101/CP2102-based USB serial adapters, has been imported from OpenBSD. Support for version 2.0 of the USB Audio reference design has been added. New devices should support higher bandwidth, increased sampling frequency and wider dynamic range. The &man.ale.4; driver has been added to provide support for Atheros AR8121/AR8113/AR8114 Gigabit/Fast Ethernet controllers. The &man.em.4; driver has been split into two drivers with some common parts. The &man.em.4; driver will continue to support adapters up to the 82575, as well as new client/desktop adapters. A new &man.igb.4; driver will support new server adapters. The &man.jme.4; driver has been added to provide support for PCIe network adapters based on JMicron JMC250 Gigabit Ethernet and JMC260 Fast Ethernet controllers. The &man.malo.4; driver has been added to provide support for Marvell Libertas 88W8335 based PCI network adapters. The firmware for the &man.mxge.4; driver has been updated from 1.4.25 to 1.4.29. The &man.sf.4; driver has been overhauled to improve its performance and to add support for checksum offloading. It should also work on all architectures. The &man.re.4; driver has been overhauled to fix a number of issues. This driver now has Wake On LAN (WOL) support. The &man.vr.4; driver has been overhauled to fix a number of outstanding issues. It also now works on all architectures. The &man.wpi.4; driver has been updated to include a number of stability fixes. The &man.cxgbe.4; driver has been updated to support 40G/10G Ethernet NICs based on Chelsio's Terminator 5 (T5) ASIC. The iw_cxgbe driver has been added. This is an experimental iWARP/RDMA driver (kernel verbs only) for Chelsio's T4 and T5 based cards. The Open Fabrics Enterprise Distribution (OFED) and OFED Infiniband core has been updated to the same version as supplied by Linux version 3.7 The Mellanox Infiniband driver has been updated to firmware version 2.30.3200 for ConnectX3 NICs. Support has been added for ConnectX3 VPI NICs, where each port can be used as Infiniband 56 GB/s or Ethernet 40 GB/s. Support has been added for dynamically loading kernel modules for Infiniband core (ibcore) and IP over Infiniband (ipoib). &man.netmap.4; has been added. &man.netmap.4; is a framework for high-performance direct-to-hardware packet IO, offering low latency and high PPS rates to userland applications while bypassing any kernel-side packet processing. With &man.netmap.4; it is trivially possible to fully saturate a 10 Gbps network interface with minimal packet sizes. For more information, see: Netmap Project. &man.carp.4; has been rewritten to make addresses more sane from the viewpoint of routing daemons such as quagga/zebra. It also brings support for a single redundant address on the subnet (carpdev), switching state with &man.ifconfig.8;, better locking and using modern kernel interfaces to allocate multicast memberships. Configuration of the CARP protocol via &man.ifconfig.8; has changed, as well as format of CARP events submitted to &man.devd.8; has changed. See &man.carp.4; for more information. The arpbalance feature of &man.carp.4; is currently not supported anymore. The &man.pf.4; firewall now supports fine-grain locking and better utilization on multi-cpu machines resulting in significant improvements in performance. Support for up to 65536 routing tables has been introduced. Support for setting/matching differentiated services codepoints (DSCP) in IP header has been added to &man.ipfw.8;. The &man.aac.4; driver now supports volumes larger than 2TB in size. The &man.ata.4; driver now supports a spindown command for disks; after a configurable amount of time, if no requests have been received for a disk, the disk will be spun down until the next request. The &man.atacontrol.8; utility now supports a spindown command to configure this feature. The &man.hptrr.4; driver has been updated to version 1.2 from Highpoint. &man.nvme.4; has been added and provides NVM Express support. NVM Express is an optimized register interface, command set and feature set of PCI Express (PCIe)-based Solid-State Drives (SSDs). For more information, see nvmexpress.org. A new kernel-based iSCSI target and initiator has been added UFS filesystems can now be enlarged with &man.growfs.8; while mounted read-write. This is especially useful for virtual machines, allowing the addition of more harddrive space without interruption of service. A state of the art FUSE implementation is now part of the base system. It allows the use of nearly all fusefs file systems &man.bsdinstall.8; now supports installing ZFS on the root file system. It includes a single configuration menu that allows you to select all of the required details, including which drives to use, what ZFS RAID level to use (taking into consideration the selected number of drives), GPT or MBR, GELI encryption, forcing 4K sectors, pool name, etc. TRIM support has been added for ZFS. Support for the high performance LZ4 compression algorithm has been added to ZFS. LZ4 is usually faster and can achieve a higher compression ratio than LZJB, the default compression algorithm Support for L2ARC compression has been added to ZFS. The zio nop-write improvement from Illumos was imported into &os;. To reduce I/O, nop-write skips overwriting data if the checksum (cryptographically secure) of new data matches the checksum of existing data. It also saves space if snapshots are in use. This improvement only works only on datasets with enabled compression, disabled deduplication and sha256 checksums. ZFS will now compare the checksums of incoming writes to the checksum of the existing on-disk data and avoid issuing any write I/O for data that has not changed. This will reduce I/O as well as space usage because if the old block is referenced by a snapshot, both copies of the block are kept even though both contain the same data. On platforms where &man.clang.1; is the default system compiler, (such as i386, amd64, arm) GCC and GNU libstdc++ are no longer built by default. &man.clang.1; and libc++ from LLVM are used on these platforms by instead. GCC 4.2.1 and libstdc++ are still built and used by default on pc98 and all other platforms where &man.clang.1; is not the default system compiler. &man.clang.1; and llvm have been updated to version 3.3 release. Please refer to Clang 3.3 Release Notes. BIND has been replaced by &man.unbound.8; for local dns resolution in the base system. With this change, nslookup and dig are no longer a part of the base system. Users should instead use &man.host.1; and &man.drill.1; Alternatively, nslookup and dig can be obtained by installing the dns/bind-tools port. sysinstall has been removed from the base system. Auxiliary libraries and tools used by sysinstall such as libdisk, libftpio, and sade have also been removed. sysinstall has been replaced by &man.bsdinstall.8; and &man.bsdconfig.8;. &man.freebsd-version.1; has been added. This tool makes a best effort to determine the version and patch level of the installed kernel and userland. GNU patch has been removed from the base system, and replaced by a BSD-licensed &man.patch.1; program. GNU sort has been removed from the base system, and replaced by a BSD-licensed &man.sort.1; program. Berkely yacc (byacc) has been imported from invisible island. This brings bison compatibilities to &man.yacc.1; while preserving full backwards compatibility with previous version of &man.yacc.1;. &man.lex.1; has been replaced by flex 2.5.37 &man.make.1; has been replaced with the "Portable" BSD make tool (bmake) from NetBSD. The &man.adduser.8; utility now supports a -M option to set the mode of a new user's home directory. BSD-licensed versions of &man.ar.1; and &man.ranlib.1;, based on libarchive, have replaced the GNU Binutils versions of these utilities. BSD-licensed versions of &man.bc.1; and &man.dc.1; have replaced their GNU counterparts. &man.chflags.1; now supports a -v flag for verbose output and a -f flag to ignore errors with the same semantics as (for example) &man.chmod.1;. For compatibility with other implementations, &man.cp.1; now supports a -a flag, which is equivalent to specifying the -RrP flags. BSD-licensed version of &man.cpio.1; based on libarchive, has replaced the GNU cpio. Note that the GNU cpio is still installed as gcpio. The &man.env.1; program now supports -u name which will completely unset the given variable name by removing it from the environment, instead of just setting it to a null value. The &man.fdopendir.3; library function has been added. The &man.fetch.3; library now support HTTP 1.1 If-Modified-Since behavior. The &man.fetch.1; program now supports -i filename which will only download the specified HTTP URL if the content is newer than filename. &man.find.1; has been enhanced by the addition of a number of primaries that were present in GNU find but not &os; &man.find.1;. &man.kgdb.1; now supports a new add-kld command to make it easier to debug crash dumps with kernel modules. The &man.ls.1; program now supports a -D option to specify a date format string to be used with the long format (-l) output. &man.nc.1; now supports a -O switch to disable the use of TCP options. &man.nc.1;'s -o switch has been deprecated. It will be removed in a future release. The &man.ping6.8; utility now returns 2 when the packet transmission was successful but no responses were received (this is the same behavior as &man.ping.8;). It returned a non-zero value before this change. The &man.procstat.1; utility has been added to display detailed information about processes. The &man.realpath.1; utility now supports a -q flag to suppress warnings; it now also accepts multiple paths on its command line. &man.sh.1; has many bug fixes, some new features, and will now refuse to parse some invalid scripts. Additionally, it now has filename completion and defaults to the "emacs" editing mode. The &man.split.1; utility now supports a -n flag to split a file into a certain number of chunks. The &man.tar.1; utility now supports a -Z flag to enable &man.compress.1;-style compression/decompression. The &man.tar.1; utility now supports a --numeric-owner flag to ignore user/group names on create and extract. The &man.tar.1; utility now supports an -S flag to sparsify files on extraction. The &man.tar.1; utility now supports a -s flag to substitute filenames based on the specified regular expression. The &man.tcgetsid.3; library function has been added to return the process group ID for the session leader for the controlling terminal. It is defined in IEEE Std 1003.1-2001 (POSIX). &man.top.1; now supports a -P flag to provide per-CPU usage statistics. &man.zdump.8; is now working properly on 64 bit architectures. &man.traceroute.8; now has the ability to print the AS number for each hop with the new -a switch; a new -A option allows selecting a particular WHOIS server. &man.traceroute6.8; now supports a -U flag to send probe packets with no upper-layer protocol, rather than the usual UDP probe packets. The followoing &man.rc.8; scripts have been added: &man.rc.8; Script Function ctld iSCSI target daemon startup script iscsictl iSCSI initiator management utility startup script iscsid iSCSI initiatior daemon startup script kfd Kerberos ticket forwarding daemon startup script local_unbound Unbound startup script for the local caching resolver postrandom Generates a new entropy file at system boot swap Replaces swap1; enable swap at system boot swaplate Enables swap with late set at system boot utx User accounting database startup and shutdown script The following &man.rc.8; scripts have been removed: &man.rc.8; Script Reason encswap Replaced by swap and swaplate named Removed with BIND swap1 Replaced by swap and swaplate &man.jemalloc.3; has been updated to 3.4.0. See this link. for more details. AMD has been updated from 6.0.10 to 6.1.5. awk has been updated from 1 May 2007 release to the 23 October 2007 release. bzip2 has been updated from 1.0.4 to 1.0.5. CVS has been removed from the base system, but is still available from ports Subversion has been imported into the base system and is installed as svnlite. svnlite should only be used for checking out &os; source and committing, and does not replace the full Subversion port. file has been updated to 5.11. hostapd has been updated from 0.5.8 to 0.5.10. IPFilter has been updated to 5.1.2. less has been updated to v458. ncurses has been updated from to 5.7-20081102. OpenSSH has been updated to 6.4. OpenPAM has been updated to the Micrampelis release. sendmail has been updated from 8.14.1 to 8.14.7. The timezone database has been updated from the tzdata2008h release to the tzdata2009m release. The stdtime part of libc, &man.zdump.8; and &man.zic.8; have been updated from the tzcode2004a release to the tzcode2009h release. If you have upgraded from source or via the &man.freebsd-update.8;, then please run &man.tzsetup.8; to install a new /etc/localtime. WPA Supplicant has been updated to 2.0. xz has been updated from snapshot as of 12 April 2010 to 5.0.0. &man.nvi.1; has been updated to 2.1.2. &man.nvi.1; supports wide character locales. The pkg_add, pkg_create, pkg_delete, pkg_info, pkg_updating, and pkg_version utilities have been removed. &man.pkg.7; must now be used to install binary packages. &man.pkg.7; is the next generation &os; package manager, also referred to as "pkgng". The supported version of the GNOME desktop environment (x11/gnome2) has been updated from 2.20.1 to 2.22. Beginning with &os; 6.2-RELEASE, binary upgrades between RELEASE versions (and snapshots of the various security branches) are supported using the &man.freebsd-update.8; utility. The binary upgrade procedure will update unmodified userland utilities, as well as unmodified GENERIC or SMP kernels distributed as a part of an official &os; release. The &man.freebsd-update.8; utility requires that the host being upgraded have Internet connectivity. Source-based upgrades (those based on recompiling the &os; base system from source code) from previous versions are supported, according to the instructions in /usr/src/UPDATING. Upgrading &os; should, of course, only be attempted after backing up all data and configuration files.