1 Updating Information for FreeBSD current users
3 This file is maintained and copyrighted by M. Warner Losh <imp@freebsd.org>.
4 See end of file for further details. For commonly done items, please see the
5 COMMON ITEMS: section later in the file. These instructions assume that you
6 basically know what you are doing. If not, then please consult the FreeBSD
9 http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/makeworld.html
11 Items affecting the ports and packages system can be found in
12 /usr/ports/UPDATING. Please read that file before running portupgrade.
14 NOTE: FreeBSD has switched from gcc to clang. If you have trouble bootstrapping
15 from older versions of FreeBSD, try WITHOUT_CLANG to bootstrap to the tip of
16 stable/10, and then rebuild without this option. The bootstrap process from
17 older version of current is a bit fragile.
19 20160130 p29 FreeBSD-SA-16:11.openssl
21 Fix OpenSSL SSLv2 ciphersuite downgrade vulnerability. [SA-16:11]
23 20160127 p28 FreeBSD-SA-16:09.ntp
24 FreeBSD-SA-16:10.linux
26 Fix multiple vulnerabilities of ntp. [SA-16:09]
28 Fix Linux compatibility layer issetugid(2) system call
29 vulnerability. [SA-16:10]
31 20160114 p27 FreeBSD-SA-16:07.openssh
33 Fix OpenSSH client information leak. [SA-16:07]
35 20160114 p26 FreeBSD-EN-16:02.pf
36 FreeBSD-EN-16:03.yplib
39 FreeBSD-SA-16:03.linux
40 FreeBSD-SA-16:04.linux
42 FreeBSD-SA-16:06.bsnmpd
44 Fix pf(4) generating bad TCP checksums. [EN-16:02]
45 Fix infinite loop in YP/NIS client library. [EN-16:03]
46 Fix remote denial of service in SCTP. [SA-16:01]
47 Update NTP to 4.2.8p5. [SA-16:02]
48 Fix kernel memory diclosure in Linux compatibility layer. [SA-16:03]
49 Fix kernel memory overwrite in Linux compatibility layer. [SA-16:04]
50 Fix crash in TCP MD5 signatures. [SA-16:05]
51 Fix insecure default permissions for snmpd.config. [SA-16:06]
53 20151205 p25 FreeBSD-SA-15:26.openssl
55 Fix multiple OpenSSL vulnerabilities. [SA-15:26]
57 20151104 p24 FreeBSD-SA-15:25.ntp [revised]
58 FreeBSD-EN-15:19.kqueue
61 Fix regression in ntpd(8) lacking support for RAWDCF reference
62 clock in 10.1-RELEASE-p23. [SA-15:25.ntp]
64 Fix kqueue write events never fired for files greater 2GB. [EN-15:19]
66 Fix applications exiting due to segmentation violation on a correct
67 memory address. [EN-15:20]
69 20151026: p23 FreeBSD-SA-15:25.ntp
71 Fix multiple NTP vulnerabilities. New NTP version is 4.2.8p4.
73 The configuration file syntax has been changed, thus mergemaster
74 run is recommended. Now the "kod" parameter requires "limited"
75 parameter. If the ntp.conf is not updated, the ntpd will run
76 successfully, but with KoD disabled.
78 20151002: p22 FreeBSD-SA-15:24.rpcbind [revised]
79 Revised patch to address a regression that prevents NIS from working.
81 20150929: p21 FreeBSD-SA-15:24.rpcbind
83 Fix rpcbind(8) remote denial of service. [SA-15:24]
85 20150916: p20 FreeBSD-EN-15:18.pkg
87 Implement pubkey support for pkg(7) bootstrap. [EN-15:18]
89 20150825: p19 FreeBSD-SA-15:21.amd64
90 FreeBSD-SA-15:22.openssh
91 FreeBSD-EN-15:14.ixgbe
94 Fix local privilege escalation in IRET handler. [SA-15:21]
96 Fix OpenSSH multiple vulnerabilities. [SA-15:22]
98 Disabled ixgbe(4) flow-director support. [EN-15:14]
100 Fix insufficient check of unsupported pkg(7) signature methods.
103 20150818: p18 FreeBSD-SA-15:20.expat
105 Fix multiple integer overflows in expat (libbsdxml) XML parser.
108 20150805: p17 FreeBSD-SA-15:18.bsdpatch
109 FreeBSD-SA-15:19.routed
111 Fix patch(1) shell injection vulnerability via ed(1).
114 Fix routed remote denial of service vulnerability. [SA-15:19]
116 20150728: p16 FreeBSD-SA-15:14.bsdpatch
118 FreeBSD-SA-15:16.openssh
120 Fix patch(1) shell injection vulnerability. [SA-15:14]
122 Fix resource exhaustion in TCP reassembly. [SA-15:15]
124 Fix OpenSSH multiple vulnerabilities. [SA-15:16]
126 20150721: p15 FreeBSD-SA-15:13.tcp
128 Fix resource exhaustion due to sessions stuck in LAST_ACK state.
131 20150630: p14 FreeBSD-EN-15:08.sendmail [revised]
132 FreeBSD-EN-15:09.xlocale
133 FreeBSD-EN-15:10.iconv
135 Improvements to sendmail TLS/DH interoperability. [EN-15:08]
137 Fix inconsistency between locale and rune locale states.
140 Improved iconv(3) UTF-7 support. [EN-15:10]
142 20150618: p13 FreeBSD-EN-15:08.sendmail
143 Improvements to sendmail TLS/DH interoperability. [EN-15:08]
145 20150612: p12 FreeBSD-SA-15:10.openssl
146 Fix multiple vulnerabilities in OpenSSL. [SA-15:10]
148 20150609: p11 FreeBSD-EN-15:06.file
151 Updated base system file(1) to 5.22 to address multiple denial
152 of service issues. [EN-15:06]
154 Improved reliability of ZFS when TRIM/UNMAP and/or L2ARC is used.
157 20150513: p10 FreeBSD-EN-15:04.freebsd-update
160 Fix bug with freebsd-update(8) that does not ensure the previous
161 upgrade was completed. [EN-15:04]
163 Fix deadlock on reboot with UFS tuned with SU+J. [EN-15:05]
165 20150407: p9 FreeBSD-SA-15:04.igmp [revised]
167 FreeBSD-SA-15:08.bsdinstall
168 FreeBSD-SA-15:09.ipv6
170 Improved patch for SA-15:04.igmp.
172 Fix multiple vulnerabilities of ntp. [SA-15:07]
174 Fix bsdinstall(8) insecure default GELI keyfile permissions. [SA-15:08]
176 Fix Denial of Service with IPv6 Router Advertisements. [SA-15:09]
179 Fix patch for SA-15:06.openssl.
181 20150319: p7 FreeBSD-SA-15:06.openssl
182 Fix multiple vulnerabilities in OpenSSL. [SA-15:06]
184 20150225: p6 FreeBSD-SA-15:04.igmp
186 FreeBSD-EN-15:02.openssl
187 FreeBSD-EN-15:03.freebsd-update
189 Fix integer overflow in IGMP protocol. [SA-15:04]
191 Fix vt(4) crash with improper ioctl parameters. [EN-15:01]
193 Updated base system OpenSSL to 1.0.1l. [EN-15:02]
195 Fix freebsd-update libraries update ordering issue. [EN-15:03]
197 20150127: p5 FreeBSD-SA-15:02.kmem
198 FreeBSD-SA-15:03.sctp
200 Fix SCTP SCTP_SS_VALUE kernel memory corruption and disclosure
201 vulnerability. [SA-15:02]
203 Fix SCTP stream reset vulnerability. [SA-15:03]
205 20150114: p4 FreeBSD-SA-15:01.openssl
206 Fix multiple vulnerabilities in OpenSSL. [SA-15:01]
208 20141223: p3 FreeBSD-SA-14:31.ntp
209 FreeBSD-EN-14:13.freebsd-update
211 Fix multiple vulnerabilities in NTP suite. [SA-14:31]
212 Fix directory deletion issue in freebsd-update. [EN-14:13]
214 20141217: p2 FreeBSD-SA-14:30.unbound
215 Fix unbound remote denial of service vulnerability.
217 20141210: p1 FreeBSD-SA-14:27.stdio
218 FreeBSD-SA-14:28.file
220 Fix buffer overflow in stdio. [SA-14:27]
222 Fix multiple vulnerabilities in file(1) and libmagic(3).
226 The ofwfb driver, used to provide a graphics console on PowerPC when
227 using vt(4), no longer allows mmap() of all of physical memory. This
228 will prevent Xorg on PowerPC with some ATI graphics cards from
229 initializing properly unless x11-servers/xorg-server is updated to
233 The libatf-c and libatf-c++ major versions were downgraded to 0 and
234 1 respectively to match the upstream numbers. They were out of
235 sync because, when they were originally added to FreeBSD, the
236 upstream versions were not respected. These libraries are private
237 and not yet built by default, so renumbering them should be a
238 non-issue. However, unclean source trees will yield broken test
239 programs once the operator executes "make delete-old-libs" after a
242 Additionally, the atf-sh binary was made private by moving it into
243 /usr/libexec/. Already-built shell test programs will keep the
244 path to the old binary so they will break after "make delete-old"
247 If you are using WITH_TESTS=yes (not the default), wipe the object
248 tree and rebuild from scratch to prevent spurious test failures.
249 This is only needed once: the misnumbered libraries and misplaced
250 binaries have been added to OptionalObsoleteFiles.inc so they will
251 be removed during a clean upgrade.
254 The ixgbe tunables now match their sysctl counterparts, for example:
255 hw.ixgbe.enable_aim => hw.ix.enable_aim
256 Anyone using ixgbe tunables should ensure they update /boot/loader.conf.
259 The NFSv4.1 server committed by r269398 changes the internal
260 function call interfaces used between the NFS and krpc modules.
261 As such, __FreeBSD_version was bumped.
264 The default unbound configuration has been modified to address
265 issues with reverse lookups on networks that use private
266 address ranges. If you use the local_unbound service, run
267 "service local_unbound setup" as root to regenerate your
268 configuration, then "service local_unbound reload" to load the
272 It is no longer necessary to include the dwarf version in your DEBUG
273 options in your kernel config file. The bug that required it to be
274 placed in the config file has bene fixed. DEBUG should now just
275 contain -g. The build system will automatically update things
276 to do the right thing.
279 Several ABI breaking changes were merged to CTL and new iSCSI code.
280 All CTL and iSCSI-related tools, such as ctladm, ctld, iscsid and
281 iscsictl need to be rebuilt to work with a new kernel.
284 The WITHOUT_VT_SUPPORT kernel config knob has been renamed
285 WITHOUT_VT. (The other _SUPPORT knobs have a consistent meaning
286 which differs from the behaviour controlled by this knob.)
289 On i386 and amd64 systems, the onifconsole flag is now set by default
290 in /etc/ttys for ttyu0. This causes ttyu0 to be automatically enabled
291 as a login TTY if it is set in the bootloader as an active kernel
292 console. No changes in behavior should result otherwise. To revert to
293 the previous behavior, set ttyu0 to "off" in /etc/ttys.
296 Clang and llvm have been upgraded to 3.4.1 release.
299 Clang and llvm have been upgraded to 3.4 release.
302 If a Makefile in a tests/ directory was auto-generating a Kyuafile
303 instead of providing an explicit one, this would prevent such
304 Makefile from providing its own Kyuafile in the future during
305 NO_CLEAN builds. This has been fixed in the Makefiles but manual
306 intervention is needed to clean an objdir if you use NO_CLEAN:
307 # find /usr/obj -name Kyuafile | xargs rm -f
310 OpenSSH will now ignore errors caused by kernel lacking of Capsicum
311 capability mode support. Please note that enabling the feature in
312 kernel is still highly recommended.
315 OpenSSH is now built with sandbox support, and will use sandbox as
316 the default privilege separation method. This requires Capsicum
317 capability mode support in kernel.
320 The nve(4) driver for NVIDIA nForce MCP Ethernet adapters has
321 been deprecated and will not be part of FreeBSD 11.0 and later
322 releases. If you use this driver, please consider switching to
323 the nfe(4) driver instead.
329 The behavior of gss_pseudo_random() for the krb5 mechanism
330 has changed, for applications requesting a longer random string
331 than produced by the underlying enctype's pseudo-random() function.
332 In particular, the random string produced from a session key of
333 enctype aes256-cts-hmac-sha1-96 or aes256-cts-hmac-sha1-96 will
334 be different at the 17th octet and later, after this change.
335 The counter used in the PRF+ construction is now encoded as a
336 big-endian integer in accordance with RFC 4402.
337 __FreeBSD_version is bumped to 1000701.
340 The WITHOUT_ATF build knob has been removed and its functionality
341 has been subsumed into the more generic WITHOUT_TESTS. If you were
342 using the former to disable the build of the ATF libraries, you
343 should change your settings to use the latter.
346 The default version of mtree is nmtree which is obtained from
347 NetBSD. The output is generally the same, but may vary
348 slightly. If you found you need identical output adding
349 "-F freebsd9" to the command line should do the trick. For the
350 time being, the old mtree is available as fmtree.
353 libbsdyml has been renamed to libyaml and moved to /usr/lib/private.
354 This will break ports-mgmt/pkg. Rebuild the port, or upgrade to pkg
355 1.1.4_8 and verify bsdyml not linked in, before running "make
357 # make -C /usr/ports/ports-mgmt/pkg build deinstall install clean
359 # pkg install pkg; ldd /usr/local/sbin/pkg | grep bsdyml
362 The rc.d/jail script has been updated to support jail(8)
363 configuration file. The "jail_<jname>_*" rc.conf(5) variables
364 for per-jail configuration are automatically converted to
365 /var/run/jail.<jname>.conf before the jail(8) utility is invoked.
366 This is transparently backward compatible. See below about some
367 incompatibilities and rc.conf(5) manual page for more details.
369 These variables are now deprecated in favor of jail(8) configuration
370 file. One can use "rc.d/jail config <jname>" command to generate
371 a jail(8) configuration file in /var/run/jail.<jname>.conf without
372 running the jail(8) utility. The default pathname of the
373 configuration file is /etc/jail.conf and can be specified by
374 using $jail_conf or $jail_<jname>_conf variables.
376 Please note that jail_devfs_ruleset accepts an integer at
377 this moment. Please consider to rewrite the ruleset name
381 BIND has been removed from the base system. If all you need
382 is a local resolver, simply enable and start the local_unbound
383 service instead. Otherwise, several versions of BIND are
384 available in the ports tree. The dns/bind99 port is one example.
386 With this change, nslookup(1) and dig(1) are no longer in the base
387 system. Users should instead use host(1) and drill(1) which are
388 in the base system. Alternatively, nslookup and dig can
389 be obtained by installing the dns/bind-tools port.
392 With the addition of unbound(8), a new unbound user is now
393 required during installworld. "mergemaster -p" can be used to
394 add the user prior to installworld, as documented in the handbook.
397 OpenSSH is now built with DNSSEC support, and will by default
398 silently trust signed SSHFP records. This can be controlled with
399 the VerifyHostKeyDNS client configuration setting. DNSSEC support
400 can be disabled entirely with the WITHOUT_LDNS option in src.conf.
403 The GNU Compiler Collection and C++ standard library (libstdc++)
404 are no longer built by default on platforms where clang is the system
405 compiler. You can enable them with the WITH_GCC and WITH_GNUCXX
409 The PROCDESC kernel option is now part of the GENERIC kernel
410 configuration and is required for the rwhod(8) to work.
411 If you are using custom kernel configuration, you should include
415 The API and ABI related to the Capsicum framework was modified
416 in backward incompatible way. The userland libraries and programs
417 have to be recompiled to work with the new kernel. This includes the
418 following libraries and programs, but the whole buildworld is
419 advised: libc, libprocstat, dhclient, tcpdump, hastd, hastctl,
420 kdump, procstat, rwho, rwhod, uniq.
423 AES-NI intrinsic support has been added to gcc. The AES-NI module
424 has been updated to use this support. A new gcc is required to build
425 the aesni module on both i386 and amd64.
428 The PADLOCK_RNG and RDRAND_RNG kernel options are now devices.
429 Thus "device padlock_rng" and "device rdrand_rng" should be
430 used instead of "options PADLOCK_RNG" & "options RDRAND_RNG".
433 WITH_ICONV has been split into two feature sets. WITH_ICONV now
434 enables just the iconv* functionality and is now on by default.
435 WITH_LIBICONV_COMPAT enables the libiconv api and link time
436 compatability. Set WITHOUT_ICONV to build the old way.
437 If you have been using WITH_ICONV before, you will very likely
438 need to turn on WITH_LIBICONV_COMPAT.
441 INVARIANTS option now enables DEBUG for code with OpenSolaris and
442 Illumos origin, including ZFS. If you have INVARIANTS in your
443 kernel configuration, then there is no need to set DEBUG or ZFS_DEBUG
445 DEBUG used to enable witness(9) tracking of OpenSolaris (mostly ZFS)
446 locks if WITNESS option was set. Because that generated a lot of
447 witness(9) reports and all of them were believed to be false
448 positives, this is no longer done. New option OPENSOLARIS_WITNESS
449 can be used to achieve the previous behavior.
452 Timer values in IPv6 data structures now use time_uptime instead
453 of time_second. Although this is not a user-visible functional
454 change, userland utilities which directly use them---ndp(8),
455 rtadvd(8), and rtsold(8) in the base system---need to be updated
459 find -delete can now delete the pathnames given as arguments,
460 instead of only files found below them or if the pathname did
461 not contain any slashes. Formerly, the following error message
464 find: -delete: <path>: relative path potentially not safe
466 Deleting the pathnames given as arguments can be prevented
467 without error messages using -mindepth 1 or by changing
468 directory and passing "." as argument to find. This works in the
469 old as well as the new version of find.
472 Behavior of devfs rules path matching has been changed.
473 Pattern is now always matched against fully qualified devfs
474 path and slash characters must be explicitly matched by
475 slashes in pattern (FNM_PATHNAME). Rulesets involving devfs
476 subdirectories must be reviewed.
479 The default ARM ABI has changed to the ARM EABI. The old ABI is
480 incompatible with the ARM EABI and all programs and modules will
481 need to be rebuilt to work with a new kernel.
483 To keep using the old ABI ensure the WITHOUT_ARM_EABI knob is set.
485 NOTE: Support for the old ABI will be removed in the future and
486 users are advised to upgrade.
489 pkg_install has been disconnected from the build if you really need it
490 you should add WITH_PKGTOOLS in your src.conf(5).
493 Most of network statistics structures were changed to be able
494 keep 64-bits counters. Thus all tools, that work with networking
495 statistics, must be rebuilt (netstat(1), bsnmpd(1), etc.)
498 Fix targets that run multiple make's to use && rather than ;
499 so that subsequent steps depend on success of previous.
501 NOTE: if building 'universe' with -j* on stable/8 or stable/9
502 it would be better to start the build using bmake, to avoid
503 overloading the machine.
506 Fix a bug that allowed a tracing process (e.g. gdb) to write
507 to a memory-mapped file in the traced process's address space
508 even if neither the traced process nor the tracing process had
509 write access to that file.
512 CVS has been removed from the base system. An exact copy
513 of the code is available from the devel/cvs port.
516 Some people report the following error after the switch to bmake:
518 make: illegal option -- J
519 usage: make [-BPSXeiknpqrstv] [-C directory] [-D variable]
521 *** [buildworld] Error code 2
523 this likely due to an old instance of make in
524 ${MAKEPATH} (${MAKEOBJDIRPREFIX}${.CURDIR}/make.${MACHINE})
525 which src/Makefile will use that blindly, if it exists, so if
526 you see the above error:
528 rm -rf `make -V MAKEPATH`
533 Use bmake by default.
534 Whereas before one could choose to build with bmake via
535 -DWITH_BMAKE one must now use -DWITHOUT_BMAKE to use the old
536 make. The goal is to remove these knobs for 10-RELEASE.
538 It is worth noting that bmake (like gmake) treats the command
539 line as the unit of failure, rather than statements within the
540 command line. Thus '(cd some/where && dosomething)' is safer
541 than 'cd some/where; dosomething'. The '()' allows consistent
542 behavior in parallel build.
545 Fix a bug that allows NFS clients to issue READDIR on files.
548 The WITHOUT_IDEA option has been removed because
549 the IDEA patent expired.
552 The sysctl which controls TRIM support under ZFS has been renamed
553 from vfs.zfs.trim_disable -> vfs.zfs.trim.enabled and has been
557 The mergemaster command now uses the default MAKEOBJDIRPREFIX
558 rather than creating it's own in the temporary directory in
559 order allow access to bootstrapped versions of tools such as
560 install and mtree. When upgrading from version of FreeBSD where
561 the install command does not support -l, you will need to
562 install a new mergemaster command if mergemaster -p is required.
563 This can be accomplished with the command (cd src/usr.sbin/mergemaster
567 Legacy ATA stack, disabled and replaced by new CAM-based one since
568 FreeBSD 9.0, completely removed from the sources. Kernel modules
569 atadisk and atapi*, user-level tools atacontrol and burncd are
570 removed. Kernel option `options ATA_CAM` is now permanently enabled
574 SOCK_CLOEXEC and SOCK_NONBLOCK flags have been added to socket(2)
575 and socketpair(2). Software, in particular Kerberos, may
576 automatically detect and use these during building. The resulting
577 binaries will not work on older kernels.
580 CTL_DISABLE has also been added to the sparc64 GENERIC (for further
581 information, see the respective 20130304 entry).
584 Recent commits to callout(9) changed the size of struct callout,
585 so the KBI is probably heavily disturbed. Also, some functions
586 in callout(9)/sleep(9)/sleepqueue(9)/condvar(9) KPIs were replaced
587 by macros. Every kernel module using it won't load, so rebuild
590 The ctl device has been re-enabled in GENERIC for i386 and amd64,
591 but does not initialize by default (because of the new CTL_DISABLE
592 option) to save memory. To re-enable it, remove the CTL_DISABLE
593 option from the kernel config file or set kern.cam.ctl.disable=0
594 in /boot/loader.conf.
597 The ctl device has been disabled in GENERIC for i386 and amd64.
598 This was done due to the extra memory being allocated at system
599 initialisation time by the ctl driver which was only used if
600 a CAM target device was created. This makes a FreeBSD system
601 unusable on 128MB or less of RAM.
604 A new compression method (lz4) has been merged to -HEAD. Please
605 refer to zpool-features(7) for more information.
607 Please refer to the "ZFS notes" section of this file for information
608 on upgrading boot ZFS pools.
611 A BSD-licensed patch(1) variant has been added and is installed
612 as bsdpatch, being the GNU version the default patch.
613 To inverse the logic and use the BSD-licensed one as default,
614 while having the GNU version installed as gnupatch, rebuild
615 and install world with the WITH_BSD_PATCH knob set.
618 Due to the use of the new -l option to install(1) during build
619 and install, you must take care not to directly set the INSTALL
620 make variable in your /etc/make.conf, /etc/src.conf, or on the
621 command line. If you wish to use the -C flag for all installs
622 you may be able to add INSTALL+=-C to /etc/make.conf or
626 The install(1) option -M has changed meaning and now takes an
627 argument that is a file or path to append logs to. In the
628 unlikely event that -M was the last option on the command line
629 and the command line contained at least two files and a target
630 directory the first file will have logs appended to it. The -M
631 option served little practical purpose in the last decade so its
632 use is expected to be extremely rare.
635 After switching to Clang as the default compiler some users of ZFS
636 on i386 systems started to experience stack overflow kernel panics.
637 Please consider using 'options KSTACK_PAGES=4' in such configurations.
640 GEOM_LABEL now mangles label names read from file system metadata.
641 Mangling affect labels containing spaces, non-printable characters,
642 '%' or '"'. Device names in /etc/fstab and other places may need to
646 By default, only the 10 most recent kernel dumps will be saved. To
647 restore the previous behaviour (no limit on the number of kernel dumps
648 stored in the dump directory) add the following line to /etc/rc.conf:
653 With the addition of auditdistd(8), a new auditdistd user is now
654 required during installworld. "mergemaster -p" can be used to
655 add the user prior to installworld, as documented in the handbook.
658 The sin6_scope_id member variable in struct sockaddr_in6 is now
659 filled by the kernel before passing the structure to the userland via
660 sysctl or routing socket. This means the KAME-specific embedded scope
661 id in sin6_addr.s6_addr[2] is always cleared in userland application.
662 This behavior can be controlled by net.inet6.ip6.deembed_scopeid.
663 __FreeBSD_version is bumped to 1000025.
666 On i386 and amd64 systems WITH_CLANG_IS_CC is now the default.
667 This means that the world and kernel will be compiled with clang
668 and that clang will be installed as /usr/bin/cc, /usr/bin/c++,
669 and /usr/bin/cpp. To disable this behavior and revert to building
670 with gcc, compile with WITHOUT_CLANG_IS_CC. Really old versions
671 of current may need to bootstrap WITHOUT_CLANG first if the clang
672 build fails (its compatibility window doesn't extend to the 9 stable
676 The IPFIREWALL_FORWARD kernel option has been removed. Its
677 functionality now turned on by default.
680 The ZERO_COPY_SOCKET kernel option has been removed and
681 split into SOCKET_SEND_COW and SOCKET_RECV_PFLIP.
682 NB: SOCKET_SEND_COW uses the VM page based copy-on-write
683 mechanism which is not safe and may result in kernel crashes.
684 NB: The SOCKET_RECV_PFLIP mechanism is useless as no current
685 driver supports disposeable external page sized mbuf storage.
686 Proper replacements for both zero-copy mechanisms are under
687 consideration and will eventually lead to complete removal
688 of the two kernel options.
691 The IPv4 network stack has been converted to network byte
692 order. The following modules need to be recompiled together
693 with kernel: carp(4), divert(4), gif(4), siftr(4), gre(4),
694 pf(4), ipfw(4), ng_ipfw(4), stf(4).
697 Support for non-MPSAFE filesystems was removed from VFS. The
698 VFS_VERSION was bumped, all filesystem modules shall be
702 All the non-MPSAFE filesystems have been disconnected from
703 the build. The full list includes: codafs, hpfs, ntfs, nwfs,
704 portalfs, smbfs, xfs.
707 The interface cloning API and ABI has changed. The following
708 modules need to be recompiled together with kernel:
709 ipfw(4), pfsync(4), pflog(4), usb(4), wlan(4), stf(4),
710 vlan(4), disc(4), edsc(4), if_bridge(4), gif(4), tap(4),
711 faith(4), epair(4), enc(4), tun(4), if_lagg(4), gre(4).
714 The sdhci driver was split in two parts: sdhci (generic SD Host
715 Controller logic) and sdhci_pci (actual hardware driver).
716 No kernel config modifications are required, but if you
717 load sdhc as a module you must switch to sdhci_pci instead.
720 Import the FUSE kernel and userland support into base system.
723 The GNU sort(1) program has been removed since the BSD-licensed
724 sort(1) has been the default for quite some time and no serious
725 problems have been reported. The corresponding WITH_GNU_SORT
729 The pfil(9) API/ABI for AF_INET family has been changed. Packet
730 filtering modules: pf(4), ipfw(4), ipfilter(4) need to be recompiled
734 The net80211(4) ABI has been changed to allow for improved driver
735 PS-POLL and power-save support. All wireless drivers need to be
736 recompiled to work with the new kernel.
739 The random(4) support for the VIA hardware random number
740 generator (`PADLOCK') is no longer enabled unconditionally.
741 Add the padlock_rng device in the custom kernel config if
742 needed. The GENERIC kernels on i386 and amd64 do include the
743 device, so the change only affects the custom kernel
747 The pf(4) packet filter ABI has been changed. pfctl(8) and
748 snmp_pf module need to be recompiled to work with new kernel.
751 A new ZFS feature flag "com.delphix:empty_bpobj" has been merged
752 to -HEAD. Pools that have empty_bpobj in active state can not be
753 imported read-write with ZFS implementations that do not support
754 this feature. For more information read the zpool-features(5)
758 The sparc64 ZFS loader has been changed to no longer try to auto-
759 detect ZFS providers based on diskN aliases but now requires these
760 to be explicitly listed in the OFW boot-device environment variable.
763 The OpenSSL has been upgraded to 1.0.1c. Any binaries requiring
764 libcrypto.so.6 or libssl.so.6 must be recompiled. Also, there are
765 configuration changes. Make sure to merge /etc/ssl/openssl.cnf.
768 The following sysctls and tunables have been renamed for consistency
769 with other variables:
770 kern.cam.da.da_send_ordered -> kern.cam.da.send_ordered
771 kern.cam.ada.ada_send_ordered -> kern.cam.ada.send_ordered
774 The sort utility has been replaced with BSD sort. For now, GNU sort
775 is also available as "gnusort" or the default can be set back to
776 GNU sort by setting WITH_GNU_SORT. In this case, BSD sort will be
777 installed as "bsdsort".
780 A new version of ZFS (pool version 5000) has been merged to -HEAD.
781 Starting with this version the old system of ZFS pool versioning
782 is superseded by "feature flags". This concept enables forward
783 compatibility against certain future changes in functionality of ZFS
784 pools. The first read-only compatible "feature flag" for ZFS pools
785 is named "com.delphix:async_destroy". For more information
786 read the new zpool-features(5) manual page.
787 Please refer to the "ZFS notes" section of this file for information
788 on upgrading boot ZFS pools.
791 The malloc(3) implementation embedded in libc now uses sources imported
792 as contrib/jemalloc. The most disruptive API change is to
793 /etc/malloc.conf. If your system has an old-style /etc/malloc.conf,
794 delete it prior to installworld, and optionally re-create it using the
795 new format after rebooting. See malloc.conf(5) for details
796 (specifically the TUNING section and the "opt.*" entries in the MALLCTL
800 Big-endian MIPS TARGET_ARCH values no longer end in "eb". mips64eb
801 is now spelled mips64. mipsn32eb is now spelled mipsn32. mipseb is
802 now spelled mips. This is to aid compatibility with third-party
803 software that expects this naming scheme in uname(3). Little-endian
804 settings are unchanged. If you are updating a big-endian mips64 machine
805 from before this change, you may need to set MACHINE_ARCH=mips64 in
806 your environment before the new build system will recognize your machine.
809 Disable by default the option VFS_ALLOW_NONMPSAFE for all supported
813 Now unix domain sockets behave "as expected" on nullfs(5). Previously
814 nullfs(5) did not pass through all behaviours to the underlying layer,
815 as a result if we bound to a socket on the lower layer we could connect
816 only to the lower path; if we bound to the upper layer we could connect
817 only to the upper path. The new behavior is one can connect to both the
818 lower and the upper paths regardless what layer path one binds to.
821 The getifaddrs upgrade path broken with 20111215 has been restored.
822 If you have upgraded in between 20111215 and 20120209 you need to
823 recompile libc again with your kernel. You still need to recompile
824 world to be able to configure CARP but this restriction already
828 The set_rcvar() function has been removed from /etc/rc.subr. All
829 base and ports rc.d scripts have been updated, so if you have a
830 port installed with a script in /usr/local/etc/rc.d you can either
831 hand-edit the rcvar= line, or reinstall the port.
833 An easy way to handle the mass-update of /etc/rc.d:
834 rm /etc/rc.d/* && mergemaster -i
837 panic(9) now stops other CPUs in the SMP systems, disables interrupts
838 on the current CPU and prevents other threads from running.
839 This behavior can be reverted using the kern.stop_scheduler_on_panic
841 The new behavior can be incompatible with kern.sync_on_panic.
844 The carp(4) facility has been changed significantly. Configuration
845 of the CARP protocol via ifconfig(8) has changed, as well as format
846 of CARP events submitted to devd(8) has changed. See manual pages
847 for more information. The arpbalance feature of carp(4) is currently
848 not supported anymore.
850 Size of struct in_aliasreq, struct in6_aliasreq has changed. User
851 utilities using SIOCAIFADDR, SIOCAIFADDR_IN6, e.g. ifconfig(8),
852 need to be recompiled.
855 The acpi_wmi(4) status device /dev/wmistat has been renamed to
859 The option VFS_ALLOW_NONMPSAFE option has been added in order to
860 explicitely support non-MPSAFE filesystems.
861 It is on by default for all supported platform at this present
865 The broken amd(4) driver has been replaced with esp(4) in the amd64,
866 i386 and pc98 GENERIC kernel configuration files.
869 sysinstall has been removed
872 The stable/9 branch created in subversion. This corresponds to the
873 RELENG_9 branch in CVS.
876 This commit modifies vfs_register() so that it uses a hash
877 calculation to set vfc_typenum, which is enabled by default.
878 The first time a system is booted after this change, the
879 vfc_typenum values will change for all file systems. The
880 main effect of this is a change to the NFS server file handles
881 for file systems that use vfc_typenum in their fsid, such as ZFS.
882 It will, however, prevent vfc_typenum from changing when file
883 systems are loaded in a different order for subsequent reboots.
884 To disable this, you can set vfs.typenumhash=0 in /boot/loader.conf
885 until you are ready to remount all NFS clients after a reboot.
888 Bump the shared library version numbers for libraries that
889 do not use symbol versioning, have changed the ABI compared
890 to stable/8 and which shared library version was not bumped.
891 Done as part of 9.0-RELEASE cycle.
894 During the merge of Capsicum features, the fget(9) KPI was modified.
895 This may require the rebuilding of out-of-tree device drivers --
896 issues have been reported specifically with the nVidia device driver.
897 __FreeBSD_version is bumped to 900041.
899 Also, there is a period between 20110811 and 20110814 where the
900 special devices /dev/{stdin,stdout,stderr} did not work correctly.
901 Building world from a kernel during that window may not work.
904 The packet filter (pf) code has been updated to OpenBSD 4.5.
905 You need to update userland tools to be in sync with kernel.
906 This update breaks backward compatibility with earlier pfsync(4)
907 versions. Care must be taken when updating redundant firewall setups.
910 The following sysctls and tunables are retired on x86 platforms:
912 machdep.hlt_logical_cpus
913 The following sysctl is retired:
914 machdep.hyperthreading_allowed
915 The sysctls were supposed to provide a way to dynamically offline and
916 online selected CPUs on x86 platforms, but the implementation has not
917 been reliable especially with SCHED_ULE scheduler.
918 machdep.hyperthreading_allowed tunable is still available to ignore
919 hyperthreading CPUs at OS level.
920 Individual CPUs can be disabled using hint.lapic.X.disabled tunable,
921 where X is an APIC ID of a CPU. Be advised, though, that disabling
922 CPUs in non-uniform fashion will result in non-uniform topology and
923 may lead to sub-optimal system performance with SCHED_ULE, which is
927 cpumask_t type is retired and cpuset_t is used in order to describe
931 Changes to ifconfig(8) for dynamic address family detection mandate
932 that you are running a kernel of 20110525 or later. Make sure to
933 follow the update procedure to boot a new kernel before installing
937 Support for sun4v architecture is officially dropped
940 Several KPI breaking changes have been committed to the mii(4) layer,
941 the PHY drivers and consequently some Ethernet drivers using mii(4).
942 This means that miibus.ko and the modules of the affected Ethernet
943 drivers need to be recompiled.
945 Note to kernel developers: Given that the OUI bit reversion problem
946 was fixed as part of these changes all mii(4) commits related to OUIs,
947 i.e. to sys/dev/mii/miidevs, PHY driver probing and vendor specific
948 handling, no longer can be merged verbatim to stable/8 and previous
952 Users of the Atheros AR71xx SoC code now need to add 'device ar71xx_pci'
953 into their kernel configurations along with 'device pci'.
956 The default NFS client is now the new NFS client, so fstype "newnfs"
957 is now "nfs" and the regular/old NFS client is now fstype "oldnfs".
958 Although mounts via fstype "nfs" will usually work without userland
959 changes, it is recommended that the mount(8) and mount_nfs(8)
960 commands be rebuilt from sources and that a link to mount_nfs called
961 mount_oldnfs be created. The new client is compiled into the
962 kernel with "options NFSCL" and this is needed for diskless root
963 file systems. The GENERIC kernel configs have been changed to use
964 NFSCL and NFSD (the new server) instead of NFSCLIENT and NFSSERVER.
965 To use the regular/old client, you can "mount -t oldnfs ...". For
966 a diskless root file system, you must also include a line like:
968 vfs.root.mountfrom="oldnfs:"
970 in the boot/loader.conf on the root fs on the NFS server to make
971 a diskless root fs use the old client.
974 The GENERIC kernels for all architectures now default to the new
975 CAM-based ATA stack. It means that all legacy ATA drivers were
976 removed and replaced by respective CAM drivers. If you are using
977 ATA device names in /etc/fstab or other places, make sure to update
978 them respectively (adX -> adaY, acdX -> cdY, afdX -> daY, astX -> saY,
979 where 'Y's are the sequential numbers starting from zero for each type
980 in order of detection, unless configured otherwise with tunables,
981 see cam(4)). There will be symbolic links created in /dev/ to map
982 old adX devices to the respective adaY. They should provide basic
983 compatibility for file systems mounting in most cases, but they do
984 not support old user-level APIs and do not have respective providers
985 in GEOM. Consider using updated management tools with new device names.
987 It is possible to load devices ahci, ata, siis and mvs as modules,
988 but option ATA_CAM should remain in kernel configuration to make ata
989 module work as CAM driver supporting legacy ATA controllers. Device ata
990 still can be used in modular fashion (atacore + ...). Modules atadisk
991 and atapi* are not used and won't affect operation in ATA_CAM mode.
992 Note that to use CAM-based ATA kernel should include CAM devices
993 scbus, pass, da (or explicitly ada), cd and optionally others. All of
994 them are parts of the cam module.
996 ataraid(4) functionality is now supported by the RAID GEOM class.
997 To use it you can load geom_raid kernel module and use graid(8) tool
998 for management. Instead of /dev/arX device names, use /dev/raid/rX.
1000 No kernel config options or code have been removed, so if a problem
1001 arises, please report it and optionally revert to the old ATA stack.
1002 In order to do it you can remove from the kernel config:
1007 , and instead add back:
1008 device atadisk # ATA disk drives
1009 device ataraid # ATA RAID drives
1010 device atapicd # ATAPI CDROM drives
1011 device atapifd # ATAPI floppy drives
1012 device atapist # ATAPI tape drives
1015 The default NFS server has been changed to the new server, which
1016 was referred to as the experimental server. If you need to switch
1017 back to the old NFS server, you must now put the "-o" option on
1018 both the mountd and nfsd commands. This can be done using the
1019 mountd_flags and nfs_server_flags rc.conf variables until an
1020 update to the rc scripts is committed, which is coming soon.
1023 The GNU Objective-C runtime library (libobjc), and other Objective-C
1024 related components have been removed from the base system. If you
1025 require an Objective-C library, please use one of the available ports.
1028 ath(4) has been split into bus- and device- modules. if_ath contains
1029 the HAL, the TX rate control and the network device code. if_ath_pci
1030 contains the PCI bus glue. For Atheros MIPS embedded systems, if_ath_ahb
1031 contains the AHB glue. Users need to load both if_ath_pci and if_ath
1032 in order to use ath on everything else.
1034 TO REPEAT: if_ath_ahb is not needed for normal users. Normal users only
1035 need to load if_ath and if_ath_pci for ath(4) operation.
1038 As part of the replacement of sysinstall, the process of building
1039 release media has changed significantly. For details, please re-read
1040 release(7), which has been updated to reflect the new build process.
1043 GNU binutils 2.17.50 (as of 2007-07-03) has been merged to -HEAD. This
1044 is the last available version under GPLv2. It brings a number of new
1045 features, such as support for newer x86 CPU's (with SSE-3, SSSE-3, SSE
1046 4.1 and SSE 4.2), better support for powerpc64, a number of new
1047 directives, and lots of other small improvements. See the ChangeLog
1048 file in contrib/binutils for the full details.
1051 IPsec's HMAC_SHA256-512 support has been fixed to be RFC4868
1052 compliant, and will now use half of hash for authentication.
1053 This will break interoperability with all stacks (including all
1054 actual FreeBSD versions) who implement
1055 draft-ietf-ipsec-ciph-sha-256-00 (they use 96 bits of hash for
1057 The only workaround with such peers is to use another HMAC
1058 algorithm for IPsec ("phase 2") authentication.
1061 Remove the uio_yield prototype and symbol. This function has
1062 been misnamed since it was introduced and should not be
1063 globally exposed with this name. The equivalent functionality
1064 is now available using kern_yield(curthread->td_user_pri).
1065 The function remains undocumented.
1068 A SYSCTL_[ADD_]UQUAD was added for unsigned uint64_t pointers,
1069 symmetric with the existing SYSCTL_[ADD_]QUAD. Type checking
1070 for scalar sysctls is defined but disabled. Code that needs
1071 UQUAD to pass the type checking that must compile on older
1072 systems where the define is not present can check against
1073 __FreeBSD_version >= 900030.
1075 The system dialog(1) has been replaced with a new version previously
1076 in ports as devel/cdialog. dialog(1) is mostly command-line compatible
1077 with the previous version, but the libdialog associated with it has
1078 a largely incompatible API. As such, the original version of libdialog
1079 will be kept temporarily as libodialog, until its base system consumers
1080 are replaced or updated. Bump __FreeBSD_version to 900030.
1083 If you are trying to run make universe on a -stable system, and you get
1084 the following warning:
1085 "Makefile", line 356: "Target architecture for i386/conf/GENERIC
1086 unknown. config(8) likely too old."
1087 or something similar to it, then you must upgrade your -stable system
1088 to 8.2-Release or newer (really, any time after r210146 7/15/2010 in
1089 stable/8) or build the config from the latest stable/8 branch and
1090 install it on your system.
1092 Prior to this date, building a current universe on 8-stable system from
1093 between 7/15/2010 and 1/2/2011 would result in a weird shell parsing
1094 error in the first kernel build phase. A new config on those old
1095 systems will fix that problem for older versions of -current.
1098 The TCP stack has been modified to allow Khelp modules to interact with
1099 it via helper hook points and store per-connection data in the TCP
1100 control block. Bump __FreeBSD_version to 900029. User space tools that
1101 rely on the size of struct tcpcb in tcp_var.h (e.g. sockstat) need to
1105 Generic IEEE 802.3 annex 31B full duplex flow control support has been
1106 added to mii(4) and bge(4), bce(4), msk(4), nfe(4) and stge(4) along
1107 with brgphy(4), e1000phy(4) as well as ip1000phy() have been converted
1108 to take advantage of it instead of using custom implementations. This
1109 means that these drivers now no longer unconditionally advertise
1110 support for flow control but only do so if flow control is a selected
1111 media option. This was implemented in the generic support that way in
1112 order to allow flow control to be switched on and off via ifconfig(8)
1113 with the PHY specific default to typically off in order to protect
1114 from unwanted effects. Consequently, if you used flow control with
1115 one of the above mentioned drivers you now need to explicitly enable
1116 it, for example via:
1117 ifconfig bge0 media auto mediaopt flowcontrol
1119 Along with the above mentioned changes generic support for setting
1120 1000baseT master mode also has been added and brgphy(4), ciphy(4),
1121 e1000phy(4) as well as ip1000phy(4) have been converted to take
1122 advantage of it. This means that these drivers now no longer take the
1123 link0 parameter for selecting master mode but the master media option
1124 has to be used instead, for example like in the following:
1125 ifconfig bge0 media 1000baseT mediaopt full-duplex,master
1127 Selection of master mode now is also available with all other PHY
1128 drivers supporting 1000baseT.
1131 The TCP stack has received a significant update to add support for
1132 modularised congestion control and generally improve the clarity of
1133 congestion control decisions. Bump __FreeBSD_version to 900025. User
1134 space tools that rely on the size of struct tcpcb in tcp_var.h (e.g.
1135 sockstat) need to be recompiled.
1138 The man(1) utility has been replaced by a new version that no longer
1139 uses /etc/manpath.config. Please consult man.conf(5) for how to
1140 migrate local entries to the new format.
1143 The copyright strings printed by login(1) and sshd(8) at the time of a
1144 new connection have been removed to follow other operating systems and
1148 A workaround for a fixed ld bug has been removed in kernel code,
1149 so make sure that your system ld is built from sources after
1150 revision 210245 from 2010-07-19 (r211583 if building head kernel
1151 on stable/8, r211584 for stable/7; both from 2010-08-21).
1152 A symptom of incorrect ld version is different addresses for
1153 set_pcpu section and __start_set_pcpu symbol in kernel and/or modules.
1156 The $ipv6_prefer variable in rc.conf(5) has been split into
1157 $ip6addrctl_policy and $ipv6_activate_all_interfaces.
1159 The $ip6addrctl_policy is a variable to choose a pre-defined
1160 address selection policy set by ip6addrctl(8). A value
1161 "ipv4_prefer", "ipv6_prefer" or "AUTO" can be specified. The
1164 The $ipv6_activate_all_interfaces specifies whether IFDISABLED
1165 flag (see an entry of 20090926) is set on an interface with no
1166 corresponding $ifconfig_IF_ipv6 line. The default is "NO" for
1167 security reason. If you want IPv6 link-local address on all
1168 interfaces by default, set this to "YES".
1170 The old ipv6_prefer="YES" is equivalent to
1171 ipv6_activate_all_interfaces="YES" and
1172 ip6addrctl_policy="ipv6_prefer".
1175 DTrace has grown support for userland tracing. Due to this, DTrace is
1176 now i386 and amd64 only.
1177 dtruss(1) is now installed by default on those systems and a new
1178 kernel module is needed for userland tracing: fasttrap.
1179 No changes to your kernel config file are necessary to enable
1180 userland tracing, but you might consider adding 'STRIP=' and
1181 'CFLAGS+=-fno-omit-frame-pointer' to your make.conf if you want
1182 to have informative userland stack traces in DTrace (ustack).
1185 The acpi_aiboost(4) driver has been removed in favor of the new
1186 aibs(4) driver. You should update your kernel configuration file.
1189 BSD grep has been imported to the base system and it is built by
1190 default. It is completely BSD licensed, highly GNU-compatible, uses
1191 less memory than its GNU counterpart and has a small codebase.
1192 However, it is slower than its GNU counterpart, which is mostly
1193 noticeable for larger searches, for smaller ones it is measurable
1194 but not significant. The reason is complex, the most important factor
1195 is that we lack a modern and efficient regex library and GNU
1196 overcomes this by optimizing the searches internally. Future work
1197 on improving the regex performance is planned, for the meantime,
1198 users that need better performance, can build GNU grep instead by
1199 setting the WITH_GNU_GREP knob.
1202 Due to the import of powerpc64 support, all existing powerpc kernel
1203 configuration files must be updated with a machine directive like this:
1204 machine powerpc powerpc
1206 In addition, an updated config(8) is required to build powerpc kernels
1210 A new version of ZFS (version 15) has been merged to -HEAD.
1211 This version uses a python library for the following subcommands:
1212 zfs allow, zfs unallow, zfs groupspace, zfs userspace.
1213 For full functionality of these commands the following port must
1214 be installed: sysutils/py-zfs
1217 'vm_page's are now hashed by physical address to an array of mutexes.
1218 Currently this is only used to serialize access to hold_count. Over
1219 time the page queue mutex will be peeled away. This changes the size
1220 of pmap on every architecture. And requires all callers of vm_page_hold
1221 and vm_page_unhold to be updated.
1224 WITH_CTF can now be specified in src.conf (not recommended, there
1225 are some problems with static executables), make.conf (would also
1226 affect ports which do not use GNU make and do not override the
1227 compile targets) or in the kernel config (via "makeoptions
1229 When WITH_CTF was specified there before this was silently ignored,
1230 so make sure that WITH_CTF is not used in places which could lead
1231 to unwanted behavior.
1234 The kernel option COMPAT_IA32 has been replaced with COMPAT_FREEBSD32
1235 to allow 32-bit compatibility on non-x86 platforms. All kernel
1236 configurations on amd64 and ia64 platforms using these options must
1237 be modified accordingly.
1240 The utmp user accounting database has been replaced with utmpx,
1241 the user accounting interface standardized by POSIX.
1242 Unfortunately the semantics of utmp and utmpx don't match,
1243 making it practically impossible to support both interfaces.
1244 The user accounting database is used by tools like finger(1),
1245 last(1), talk(1), w(1) and ac(8).
1247 All applications in the base system use utmpx. This means only
1248 local binaries (e.g. from the ports tree) may still use these
1249 utmp database files. These applications must be rebuilt to make
1252 After the system has been upgraded, it is safe to remove the old
1253 log files (/var/run/utmp, /var/log/lastlog and /var/log/wtmp*),
1254 assuming their contents is of no importance anymore. Old wtmp
1255 databases can only be used by last(1) and ac(8) after they have
1256 been converted to the new format using wtmpcvt(1).
1259 Introduce the kernel thread "deadlock resolver" (which can be enabled
1260 via the DEADLKRES option, see NOTES for more details) and the
1261 sleepq_type() function for sleepqueues.
1264 The rc.firewall and rc.firewall6 were unified, and
1265 rc.firewall6 and rc.d/ip6fw were removed.
1266 According to the removal of rc.d/ip6fw, ipv6_firewall_* rc
1267 variables are obsoleted. Instead, the following new rc
1268 variables are added to rc.d/ipfw:
1270 firewall_client_net_ipv6, firewall_simple_iif_ipv6,
1271 firewall_simple_inet_ipv6, firewall_simple_oif_ipv6,
1272 firewall_simple_onet_ipv6, firewall_trusted_ipv6
1274 The meanings correspond to the relevant IPv4 variables.
1280 The default terminal emulation for syscons(4) has been changed
1281 from cons25 to xterm on all platforms except pc98. This means
1282 that the /etc/ttys file needs to be updated to ensure correct
1283 operation of applications on the console.
1285 The terminal emulation style can be toggled per window by using
1286 vidcontrol(1)'s -T flag. The TEKEN_CONS25 kernel configuration
1287 options can be used to change the compile-time default back to
1290 To prevent graphical artifacts, make sure the TERM environment
1291 variable is set to match the terminal emulation that is being
1292 performed by syscons(4).
1295 The layout of the structure ieee80211req_scan_result has changed.
1296 Applications that require wireless scan results (e.g. ifconfig(8))
1297 from net80211 need to be recompiled.
1299 Applications such as wpa_supplicant(8) may require a full world
1300 build without using NO_CLEAN in order to get synchronized with the
1304 The iwn(4) driver has been updated to support the 5000 and 5150 series.
1305 There's one kernel module for each firmware. Adding "device iwnfw"
1306 to the kernel configuration file means including all three firmware
1307 images inside the kernel. If you want to include just the one for
1308 your wireless card, use the devices iwn4965fw, iwn5000fw or
1312 The rc.d/network_ipv6, IPv6 configuration script has been integrated
1313 into rc.d/netif. The changes are the following:
1315 1. To use IPv6, simply define $ifconfig_IF_ipv6 like $ifconfig_IF
1316 for IPv4. For aliases, $ifconfig_IF_aliasN should be used.
1317 Note that both variables need the "inet6" keyword at the head.
1319 Do not set $ipv6_network_interfaces manually if you do not
1320 understand what you are doing. It is not needed in most cases.
1322 $ipv6_ifconfig_IF and $ipv6_ifconfig_IF_aliasN still work, but
1325 2. $ipv6_enable is obsolete. Use $ipv6_prefer and
1326 "inet6 accept_rtadv" keyword in ifconfig(8) instead.
1328 If you define $ipv6_enable=YES, it means $ipv6_prefer=YES and
1329 all configured interfaces have "inet6 accept_rtadv" in the
1330 $ifconfig_IF_ipv6. These are for backward compatibility.
1332 3. A new variable $ipv6_prefer has been added. If NO, IPv6
1333 functionality of interfaces with no corresponding
1334 $ifconfig_IF_ipv6 is disabled by using "inet6 ifdisabled" flag,
1335 and the default address selection policy of ip6addrctl(8)
1336 is the IPv4-preferred one (see rc.d/ip6addrctl for more details).
1337 Note that if you want to configure IPv6 functionality on the
1338 disabled interfaces after boot, first you need to clear the flag by
1339 using ifconfig(8) like:
1341 ifconfig em0 inet6 -ifdisabled
1343 If YES, the default address selection policy is set as
1346 The default value of $ipv6_prefer is NO.
1348 4. If your system need to receive Router Advertisement messages,
1349 define "inet6 accept_rtadv" in $ifconfig_IF_ipv6. The rc(8)
1350 scripts automatically invoke rtsol(8) when the interface becomes
1351 UP. The Router Advertisement messages are used for SLAAC
1352 (State-Less Address AutoConfiguration).
1355 802.11s D3.03 support was committed. This is incompatible with the
1356 previous code, which was based on D3.0.
1359 A sysctl variable net.inet6.ip6.accept_rtadv now sets the default value
1360 of a per-interface flag ND6_IFF_ACCEPT_RTADV, not a global knob to
1361 control whether accepting Router Advertisement messages or not.
1362 Also, a per-interface flag ND6_IFF_AUTO_LINKLOCAL has been added and
1363 a sysctl variable net.inet6.ip6.auto_linklocal is its default value.
1364 The ifconfig(8) utility now supports these flags.
1367 ZFS snapshots are now mounted with MNT_IGNORE flag. Use -v option for
1368 mount(8) and -a option for df(1) to see them.
1371 The old tunable hw.bus.devctl_disable has been superseded by
1372 hw.bus.devctl_queue. hw.bus.devctl_disable=1 in loader.conf should be
1373 replaced by hw.bus.devctl_queue=0. The default for this new tunable
1377 Remove the option STOP_NMI. The default action is now to use NMI only
1378 for KDB via the newly introduced function stop_cpus_hard() and
1379 maintain stop_cpus() to just use a normal IPI_STOP on ia32 and amd64.
1382 The stable/8 branch created in subversion. This corresponds to the
1383 RELENG_8 branch in CVS.
1386 Bump the shared library version numbers for all libraries that do not
1387 use symbol versioning as part of the 8.0-RELEASE cycle. Bump
1388 __FreeBSD_version to 800105.
1391 Due to changes in the implementation of virtual network stack support,
1392 all network-related kernel modules must be recompiled. As this change
1393 breaks the ABI, bump __FreeBSD_version to 800104.
1396 The TOE interface to the TCP syncache has been modified to remove
1397 struct tcpopt (<netinet/tcp_var.h>) from the ABI of the network stack.
1398 The cxgb driver is the only TOE consumer affected by this change, and
1399 needs to be recompiled along with the kernel. As this change breaks
1400 the ABI, bump __FreeBSD_version to 800103.
1403 Padding has been added to struct tcpcb, sackhint and tcpstat in
1404 <netinet/tcp_var.h> to facilitate future MFCs and bug fixes whilst
1405 maintaining the ABI. However, this change breaks the ABI, so bump
1406 __FreeBSD_version to 800102. User space tools that rely on the size of
1407 any of these structs (e.g. sockstat) need to be recompiled.
1410 The NFS_LEGACYRPC option has been removed along with the old kernel
1411 RPC implementation that this option selected. Kernel configurations
1412 may need to be adjusted.
1415 The network interface device nodes at /dev/net/<interface> have been
1416 removed. All ioctl operations can be performed the normal way using
1417 routing sockets. The kqueue functionality can generally be replaced
1418 with routing sockets.
1421 The documentation from the FreeBSD Documentation Project (Handbook,
1422 FAQ, etc.) is now installed via packages by sysinstall(8) and under
1423 the /usr/local/share/doc/freebsd directory instead of /usr/share/doc.
1426 The ABI of various structures related to the SYSV IPC API have been
1427 changed. As a result, the COMPAT_FREEBSD[456] and COMPAT_43 kernel
1428 options now all require COMPAT_FREEBSD7. Bump __FreeBSD_version to
1432 Layout of struct vnet has changed as routing related variables were
1433 moved to their own Vimage module. Modules need to be recompiled. Bump
1434 __FreeBSD_version to 800099.
1437 NGROUPS_MAX and NGROUPS have been increased from 16 to 1023 and 1024
1438 respectively. As long as no more than 16 groups per process are used,
1439 no changes should be visible. When more than 16 groups are used, old
1440 binaries may fail if they call getgroups() or getgrouplist() with
1441 statically sized storage. Recompiling will work around this, but
1442 applications should be modified to use dynamically allocated storage
1443 for group arrays as POSIX.1-2008 does not cap an implementation's
1444 number of supported groups at NGROUPS_MAX+1 as previous versions did.
1446 NFS and portalfs mounts may also be affected as the list of groups is
1447 truncated to 16. Users of NFS who use more than 16 groups, should
1448 take care that negative group permissions are not used on the exported
1449 file systems as they will not be reliable unless a GSSAPI based
1450 authentication method is used.
1453 The compiling option ADAPTIVE_LOCKMGRS has been introduced. This
1454 option compiles in the support for adaptive spinning for lockmgrs
1455 which want to enable it. The lockinit() function now accepts the flag
1456 LK_ADAPTIVE in order to make the lock object subject to adaptive
1457 spinning when both held in write and read mode.
1460 The layout of the structure returned by IEEE80211_IOC_STA_INFO has
1461 changed. User applications that use this ioctl need to be rebuilt.
1464 The layout of struct thread has changed. Kernel and modules need to
1468 The layout of structs ifnet, domain, protosw and vnet_net has changed.
1469 Kernel modules need to be rebuilt. Bump __FreeBSD_version to 800097.
1472 window(1) has been removed from the base system. It can now be
1473 installed from ports. The port is called misc/window.
1476 The way we are storing and accessing `routing table' entries has
1477 changed. Programs reading the FIB, like netstat, need to be
1481 A new netisr implementation has been added for FreeBSD 8. Network
1482 file system modules, such as igmp, ipdivert, and others, should be
1484 Bump __FreeBSD_version to 800096.
1487 Remove the tunable/sysctl debug.mpsafevfs as its initial purpose is no
1491 Add VOP_ACCESSX(9). File system modules need to be rebuilt.
1492 Bump __FreeBSD_version to 800094.
1495 Add mnt_xflag field to 'struct mount'. File system modules need to be
1497 Bump __FreeBSD_version to 800093.
1500 The compiling option ADAPTIVE_SX has been retired while it has been
1501 introduced the option NO_ADAPTIVE_SX which handles the reversed logic.
1502 The KPI for sx_init_flags() changes as accepting flags:
1503 SX_ADAPTIVESPIN flag has been retired while the SX_NOADAPTIVE flag has
1504 been introduced in order to handle the reversed logic.
1505 Bump __FreeBSD_version to 800092.
1508 Add support for hierarchical jails. Remove global securelevel.
1509 Bump __FreeBSD_version to 800091.
1512 The layout of struct vnet_net has changed, therefore modules
1514 Bump __FreeBSD_version to 800090.
1517 The newly imported zic(8) produces a new format in the output. Please
1518 run tzsetup(8) to install the newly created data to /etc/localtime.
1521 The sysctl tree for the usb stack has renamed from hw.usb2.* to
1522 hw.usb.* and is now consistent again with previous releases.
1525 802.11 monitor mode support was revised and driver api's were changed.
1526 Drivers dependent on net80211 now support DLT_IEEE802_11_RADIO instead
1527 of DLT_IEEE802_11. No user-visible data structures were changed but
1528 applications that use DLT_IEEE802_11 may require changes.
1529 Bump __FreeBSD_version to 800088.
1532 The layout of the following structs has changed: sysctl_oid,
1533 socket, ifnet, inpcbinfo, tcpcb, syncache_head, vnet_inet,
1534 vnet_inet6 and vnet_ipfw. Most modules need to be rebuild or
1535 panics may be experienced. World rebuild is required for
1536 correctly checking networking state from userland.
1537 Bump __FreeBSD_version to 800085.
1540 MLDv2 and Source-Specific Multicast (SSM) have been merged
1541 to the IPv6 stack. VIMAGE hooks are in but not yet used.
1542 The implementation of SSM within FreeBSD's IPv6 stack closely
1543 follows the IPv4 implementation.
1545 For kernel developers:
1547 * The most important changes are that the ip6_output() and
1548 ip6_input() paths no longer take the IN6_MULTI_LOCK,
1549 and this lock has been downgraded to a non-recursive mutex.
1551 * As with the changes to the IPv4 stack to support SSM, filtering
1552 of inbound multicast traffic must now be performed by transport
1553 protocols within the IPv6 stack. This does not apply to TCP and
1554 SCTP, however, it does apply to UDP in IPv6 and raw IPv6.
1556 * The KPIs used by IPv6 multicast are similar to those used by
1557 the IPv4 stack, with the following differences:
1558 * im6o_mc_filter() is analogous to imo_multicast_filter().
1559 * The legacy KAME entry points in6_joingroup and in6_leavegroup()
1560 are shimmed to in6_mc_join() and in6_mc_leave() respectively.
1561 * IN6_LOOKUP_MULTI() has been deprecated and removed.
1562 * IPv6 relies on MLD for the DAD mechanism. KAME's internal KPIs
1563 for MLDv1 have an additional 'timer' argument which is used to
1564 jitter the initial membership report for the solicited-node
1565 multicast membership on-link.
1566 * This is not strictly needed for MLDv2, which already jitters
1567 its report transmissions. However, the 'timer' argument is
1568 preserved in case MLDv1 is active on the interface.
1570 * The KAME linked-list based IPv6 membership implementation has
1571 been refactored to use a vector similar to that used by the IPv4
1573 Code which maintains a list of its own multicast memberships
1574 internally, e.g. carp, has been updated to reflect the new
1577 * There is a known Lock Order Reversal (LOR) due to in6_setscope()
1578 acquiring the IF_AFDATA_LOCK and being called within ip6_output().
1579 Whilst MLDv2 tries to avoid this otherwise benign LOR, it is an
1580 implementation constraint which needs to be addressed in HEAD.
1582 For application developers:
1584 * The changes are broadly similar to those made for the IPv4
1587 * The use of IPv4 and IPv6 multicast socket options on the same
1588 socket, using mapped addresses, HAS NOT been tested or supported.
1590 * There are a number of issues with the implementation of various
1591 IPv6 multicast APIs which need to be resolved in the API surface
1592 before the implementation is fully compatible with KAME userland
1593 use, and these are mostly to do with interface index treatment.
1595 * The literature available discusses the use of either the delta / ASM
1596 API with setsockopt(2)/getsockopt(2), or the full-state / ASM API
1597 using setsourcefilter(3)/getsourcefilter(3). For more information
1598 please refer to RFC 3768, 'Socket Interface Extensions for
1599 Multicast Source Filters'.
1601 * Applications which use the published RFC 3678 APIs should be fine.
1603 For systems administrators:
1605 * The mtest(8) utility has been refactored to support IPv6, in
1606 addition to IPv4. Interface addresses are no longer accepted
1607 as arguments, their names must be used instead. The utility
1608 will map the interface name to its first IPv4 address as
1609 returned by getifaddrs(3).
1611 * The ifmcstat(8) utility has also been updated to print the MLDv2
1612 endpoint state and source filter lists via sysctl(3).
1614 * The net.inet6.ip6.mcast.loop sysctl may be tuned to 0 to disable
1615 loopback of IPv6 multicast datagrams by default; it defaults to 1
1616 to preserve the existing behaviour. Disabling multicast loopback is
1617 recommended for optimal system performance.
1619 * The IPv6 MROUTING code has been changed to examine this sysctl
1620 instead of attempting to perform a group lookup before looping
1621 back forwarded datagrams.
1623 Bump __FreeBSD_version to 800084.
1626 Implement low-level Bluetooth HCI API.
1627 Bump __FreeBSD_version to 800083.
1630 The layout of struct malloc_type, used by modules to register new
1631 memory allocation types, has changed. Most modules will need to
1632 be rebuilt or panics may be experienced.
1633 Bump __FreeBSD_version to 800081.
1636 Anticipate overflowing inp_flags - add inp_flags2.
1637 This changes most offsets in inpcb, so checking v4 connection
1638 state will require a world rebuild.
1639 Bump __FreeBSD_version to 800080.
1642 Add an llentry to struct route and struct route_in6. Modules
1643 embedding a struct route will need to be recompiled.
1644 Bump __FreeBSD_version to 800079.
1647 The size of rt_metrics_lite and by extension rtentry has changed.
1648 Networking administration apps will need to be recompiled.
1649 The route command now supports show as an alias for get, weighting
1650 of routes, sticky and nostick flags to alter the behavior of stateful
1652 Bump __FreeBSD_version to 800078.
1655 Do not use Giant for kbdmux(4) locking. This is wrong and
1656 apparently causing more problems than it solves. This will
1657 re-open the issue where interrupt handlers may race with
1658 kbdmux(4) in polling mode. Typical symptoms include (but
1659 not limited to) duplicated and/or missing characters when
1660 low level console functions (such as gets) are used while
1661 interrupts are enabled (for example geli password prompt,
1662 mountroot prompt etc.). Disabling kbdmux(4) may help.
1665 The size of structs vnet_net, vnet_inet and vnet_ipfw has changed;
1666 kernel modules referencing any of the above need to be recompiled.
1667 Bump __FreeBSD_version to 800075.
1670 GEOM_PART has become the default partition slicer for storage devices,
1671 replacing GEOM_MBR, GEOM_BSD, GEOM_PC98 and GEOM_GPT slicers. It
1672 introduces some changes:
1674 MSDOS/EBR: the devices created from MSDOS extended partition entries
1675 (EBR) can be named differently than with GEOM_MBR and are now symlinks
1676 to devices with offset-based names. fstabs may need to be modified.
1678 BSD: the "geometry does not match label" warning is harmless in most
1679 cases but it points to problems in file system misalignment with
1680 disk geometry. The "c" partition is now implicit, covers the whole
1681 top-level drive and cannot be (mis)used by users.
1683 General: Kernel dumps are now not allowed to be written to devices
1684 whose partition types indicate they are meant to be used for file
1685 systems (or, in case of MSDOS partitions, as something else than
1688 Most of these changes date approximately from 200812.
1691 The uscanner(4) driver has been removed from the kernel. This follows
1692 Linux removing theirs in 2.6 and making libusb the default interface
1693 (supported by sane).
1696 The multicast forwarding code has been cleaned up. netstat(1)
1697 only relies on KVM now for printing bandwidth upcall meters.
1698 The IPv4 and IPv6 modules are split into ip_mroute_mod and
1699 ip6_mroute_mod respectively. The config(5) options for statically
1700 compiling this code remain the same, i.e. 'options MROUTING'.
1703 Support for the IFF_NEEDSGIANT network interface flag has been
1704 removed, which means that non-MPSAFE network device drivers are no
1705 longer supported. In particular, if_ar, if_sr, and network device
1706 drivers from the old (legacy) USB stack can no longer be built or
1710 POSIX.1 Native Language Support (NLS) has been enabled in libc and
1711 a bunch of new language catalog files have also been added.
1712 This means that some common libc messages are now localized and
1713 they depend on the LC_MESSAGES environmental variable.
1716 The k8temp(4) driver has been renamed to amdtemp(4) since
1717 support for Family 10 and Family 11 CPU families was added.
1720 IGMPv3 and Source-Specific Multicast (SSM) have been merged
1721 to the IPv4 stack. VIMAGE hooks are in but not yet used.
1723 For kernel developers, the most important changes are that the
1724 ip_output() and ip_input() paths no longer take the IN_MULTI_LOCK(),
1725 and this lock has been downgraded to a non-recursive mutex.
1727 Transport protocols (UDP, Raw IP) are now responsible for filtering
1728 inbound multicast traffic according to group membership and source
1729 filters. The imo_multicast_filter() KPI exists for this purpose.
1730 Transports which do not use multicast (SCTP, TCP) already reject
1731 multicast by default. Forwarding and receive performance may improve
1732 as a mutex acquisition is no longer needed in the ip_input()
1733 low-level input path. in_addmulti() and in_delmulti() are shimmed
1734 to new KPIs which exist to support SSM in-kernel.
1736 For application developers, it is recommended that loopback of
1737 multicast datagrams be disabled for best performance, as this
1738 will still cause the lock to be taken for each looped-back
1739 datagram transmission. The net.inet.ip.mcast.loop sysctl may
1740 be tuned to 0 to disable loopback by default; it defaults to 1
1741 to preserve the existing behaviour.
1743 For systems administrators, to obtain best performance with
1744 multicast reception and multiple groups, it is always recommended
1745 that a card with a suitably precise hash filter is used. Hash
1746 collisions will still result in the lock being taken within the
1747 transport protocol input path to check group membership.
1749 If deploying FreeBSD in an environment with IGMP snooping switches,
1750 it is recommended that the net.inet.igmp.sendlocal sysctl remain
1751 enabled; this forces 224.0.0.0/24 group membership to be announced
1754 The size of 'struct igmpstat' has changed; netstat needs to be
1755 recompiled to reflect this.
1756 Bump __FreeBSD_version to 800070.
1759 libusb20.so.1 is now installed as libusb.so.1 and the ports system
1760 updated to use it. This requires a buildworld/installworld in order to
1761 update the library and dependencies (usbconfig, etc). Its advisable to
1762 rebuild all ports which uses libusb. More specific directions are given
1763 in the ports collection UPDATING file. Any /etc/libmap.conf entries for
1764 libusb are no longer required and can be removed.
1767 A workaround is committed to allow the creation of System V shared
1768 memory segment of size > 2 GB on the 64-bit architectures.
1769 Due to a limitation of the existing ABI, the shm_segsz member
1770 of the struct shmid_ds, returned by shmctl(IPC_STAT) call is
1771 wrong for large segments. Note that limits must be explicitly
1772 raised to allow such segments to be created.
1775 The layout of struct ifnet has changed, requiring a rebuild of all
1776 network device driver modules.
1779 The /dev handling for the new USB stack has changed, a
1780 buildworld/installworld is required for libusb20.
1783 The new USB2 stack has now been permanently moved in and all kernel and
1784 module names reverted to their previous values (eg, usb, ehci, ohci,
1785 ums, ...). The old usb stack can be compiled in by prefixing the name
1786 with the letter 'o', the old usb modules have been removed.
1787 Updating entry 20090216 for xorg and 20090215 for libmap may still
1791 The rc.conf(5) option if_up_delay has been renamed to
1792 defaultroute_delay to better reflect its purpose. If you have
1793 customized this setting in /etc/rc.conf you need to update it to
1797 xorg 7.4 wants to configure its input devices via hald which does not
1798 yet work with USB2. If the keyboard/mouse does not work in xorg then
1800 Option "AllowEmptyInput" "off"
1801 to your ServerLayout section. This will cause X to use the configured
1802 kbd and mouse sections from your xorg.conf.
1805 The GENERIC kernels for all architectures now default to the new USB2
1806 stack. No kernel config options or code have been removed so if a
1807 problem arises please report it and optionally revert to the old USB
1808 stack. If you are loading USB kernel modules or have a custom kernel
1809 that includes GENERIC then ensure that usb names are also changed over,
1810 eg uftdi -> usb2_serial_ftdi.
1812 Older programs linked against the ports libusb 0.1 need to be
1813 redirected to the new stack's libusb20. /etc/libmap.conf can
1815 # Map old usb library to new one for usb2 stack
1816 libusb-0.1.so.8 libusb20.so.1
1819 All USB ethernet devices now attach as interfaces under the name ueN
1820 (eg. ue0). This is to provide a predictable name as vendors often
1821 change usb chipsets in a product without notice.
1824 The ichsmb(4) driver has been changed to require SMBus slave
1825 addresses be left-justified (xxxxxxx0b) rather than right-justified.
1826 All of the other SMBus controller drivers require left-justified
1827 slave addresses, so this change makes all the drivers provide the
1831 INET6 statistics (struct ip6stat) was updated.
1832 netstat(1) needs to be recompiled.
1835 NTFS has been removed from GENERIC kernel on amd64 to match
1836 GENERIC on i386. Should not cause any issues since mount_ntfs(8)
1837 will load ntfs.ko module automatically when NTFS support is
1838 actually needed, unless ntfs.ko is not installed or security
1839 level prohibits loading kernel modules. If either is the case,
1840 "options NTFS" has to be added into kernel config.
1843 TCP Appropriate Byte Counting (RFC 3465) support added to kernel.
1844 New field in struct tcpcb breaks ABI, so bump __FreeBSD_version to
1845 800061. User space tools that rely on the size of struct tcpcb in
1846 tcp_var.h (e.g. sockstat) need to be recompiled.
1849 ng_tty(4) module updated to match the new TTY subsystem.
1850 Due to API change, user-level applications must be updated.
1851 New API support added to mpd5 CVS and expected to be present
1852 in next mpd5.3 release.
1855 With __FreeBSD_version 800060 the makefs tool is part of
1856 the base system (it was a port).
1859 The afdata and ifnet locks have been changed from mutexes to
1860 rwlocks, network modules will need to be re-compiled.
1863 __FreeBSD_version 800059 incorporates the new arp-v2 rewrite.
1864 RTF_CLONING, RTF_LLINFO and RTF_WASCLONED flags are eliminated.
1865 The new code reduced struct rtentry{} by 16 bytes on 32-bit
1866 architecture and 40 bytes on 64-bit architecture. The userland
1867 applications "arp" and "ndp" have been updated accordingly.
1868 The output from "netstat -r" shows only routing entries and
1869 none of the L2 information.
1872 __FreeBSD_version 800057 marks the switchover from the
1873 binary ath hal to source code. Users must add the line:
1875 options AH_SUPPORT_AR5416
1877 to their kernel config files when specifying:
1881 The ath_hal module no longer exists; the code is now compiled
1882 together with the driver in the ath module. It is now
1883 possible to tailor chip support (i.e. reduce the set of chips
1884 and thereby the code size); consult ath_hal(4) for details.
1887 __FreeBSD_version 800054 adds memory barriers to
1888 <machine/atomic.h>, new interfaces to ifnet to facilitate
1889 multiple hardware transmit queues for cards that support
1890 them, and a lock-less ring-buffer implementation to
1891 enable drivers to more efficiently manage queueing of
1895 A new version of ZFS (version 13) has been merged to -HEAD.
1896 This version has zpool attribute "listsnapshots" off by
1897 default, which means "zfs list" does not show snapshots,
1898 and is the same as Solaris behavior.
1901 dummynet(4) ABI has changed. ipfw(8) needs to be recompiled.
1904 The uhci, ohci, ehci and slhci USB Host controller drivers have
1905 been put into separate modules. If you load the usb module
1906 separately through loader.conf you will need to load the
1907 appropriate *hci module as well. E.g. for a UHCI-based USB 2.0
1908 controller add the following to loader.conf:
1914 The ABI used by the PMC toolset has changed. Please keep
1915 userland (libpmc(3)) and the kernel module (hwpmc(4)) in
1919 atapci kernel module now includes only generic PCI ATA
1920 driver. AHCI driver moved to ataahci kernel module.
1921 All vendor-specific code moved into separate kernel modules:
1922 ataacard, ataacerlabs, ataadaptec, ataamd, ataati, atacenatek,
1923 atacypress, atacyrix, atahighpoint, ataintel, ataite, atajmicron,
1924 atamarvell, atamicron, atanational, atanetcell, atanvidia,
1925 atapromise, ataserverworks, atasiliconimage, atasis, atavia
1928 The TTY subsystem of the kernel has been replaced by a new
1929 implementation, which provides better scalability and an
1930 improved driver model. Most common drivers have been migrated to
1931 the new TTY subsystem, while others have not. The following
1932 drivers have not yet been ported to the new TTY layer:
1935 cy, digi, rc, rp, sio
1941 ng_h4, ng_tty, ppp, sl, snp
1943 Adding these drivers to your kernel configuration file shall
1944 cause compilation to fail.
1947 ntpd has been upgraded to 4.2.4p5.
1950 OpenSSH has been upgraded to 5.1p1.
1952 For many years, FreeBSD's version of OpenSSH preferred DSA
1953 over RSA for host and user authentication keys. With this
1954 upgrade, we've switched to the vendor's default of RSA over
1955 DSA. This may cause upgraded clients to warn about unknown
1956 host keys even for previously known hosts. Users should
1957 follow the usual procedure for verifying host keys before
1958 accepting the RSA key.
1960 This can be circumvented by setting the "HostKeyAlgorithms"
1961 option to "ssh-dss,ssh-rsa" in ~/.ssh/config or on the ssh
1964 Please note that the sequence of keys offered for
1965 authentication has been changed as well. You may want to
1966 specify IdentityFile in a different order to revert this
1970 The sio(4) driver has been removed from the i386 and amd64
1971 kernel configuration files. This means uart(4) is now the
1972 default serial port driver on those platforms as well.
1974 To prevent collisions with the sio(4) driver, the uart(4) driver
1975 uses different names for its device nodes. This means the
1976 onboard serial port will now most likely be called "ttyu0"
1977 instead of "ttyd0". You may need to reconfigure applications to
1978 use the new device names.
1980 When using the serial port as a boot console, be sure to update
1981 /boot/device.hints and /etc/ttys before booting the new kernel.
1982 If you forget to do so, you can still manually specify the hints
1983 at the loader prompt:
1985 set hint.uart.0.at="isa"
1986 set hint.uart.0.port="0x3F8"
1987 set hint.uart.0.flags="0x10"
1988 set hint.uart.0.irq="4"
1992 The gpt(8) utility has been removed. Use gpart(8) to partition
1996 The version that Linuxulator emulates was changed from 2.4.2
1997 to 2.6.16. If you experience any problems with Linux binaries
1998 please try to set sysctl compat.linux.osrelease to 2.4.2 and
1999 if it fixes the problem contact emulation mailing list.
2002 ISDN4BSD (I4B) was removed from the src tree. You may need to
2003 update a your kernel configuration and remove relevant entries.
2006 I have checked in code to support multiple routing tables.
2007 See the man pages setfib(1) and setfib(2).
2008 This is a hopefully backwards compatible version,
2009 but to make use of it you need to compile your kernel
2010 with options ROUTETABLES=2 (or more up to 16).
2013 The 802.11 wireless support was redone to enable multi-bss
2014 operation on devices that are capable. The underlying device
2015 is no longer used directly but instead wlanX devices are
2016 cloned with ifconfig. This requires changes to rc.conf files.
2017 For example, change:
2018 ifconfig_ath0="WPA DHCP"
2021 ifconfig_wlan0="WPA DHCP"
2022 see rc.conf(5) for more details. In addition, mergemaster of
2023 /etc/rc.d is highly recommended. Simultaneous update of userland
2024 and kernel wouldn't hurt either.
2026 As part of the multi-bss changes the wlan_scan_ap and wlan_scan_sta
2027 modules were merged into the base wlan module. All references
2028 to these modules (e.g. in kernel config files) must be removed.
2031 psm(4) has gained write(2) support in native operation level.
2032 Arbitrary commands can be written to /dev/psm%d and status can
2033 be read back from it. Therefore, an application is responsible
2034 for status validation and error recovery. It is a no-op in
2035 other operation levels.
2038 Support for KSE threading has been removed from the kernel. To
2039 run legacy applications linked against KSE libmap.conf may
2040 be used. The following libmap.conf may be used to ensure
2041 compatibility with any prior release:
2043 libpthread.so.1 libthr.so.1
2044 libpthread.so.2 libthr.so.2
2045 libkse.so.3 libthr.so.3
2048 The layout of struct vmspace has changed. This affects libkvm
2049 and any executables that link against libkvm and use the
2050 kvm_getprocs() function. In particular, but not exclusively,
2051 it affects ps(1), fstat(1), pkill(1), systat(1), top(1) and w(1).
2052 The effects are minimal, but it's advisable to upgrade world
2056 The latest em driver no longer has support in it for the
2057 82575 adapter, this is now moved to the igb driver. The
2058 split was done to make new features that are incompatible
2059 with older hardware easier to do.
2062 The new geom_lvm(4) geom class has been renamed to geom_linux_lvm(4),
2063 likewise the kernel option is now GEOM_LINUX_LVM.
2066 The default NFS mount mode has changed from UDP to TCP for
2067 increased reliability. If you rely on (insecurely) NFS
2068 mounting across a firewall you may need to update your
2072 Belatedly note the addition of m_collapse for compacting
2076 The fts(3) structures have been changed to use adequate
2077 integer types for their members and so to be able to cope
2078 with huge file trees. The old fts(3) ABI is preserved
2079 through symbol versioning in libc, so third-party binaries
2080 using fts(3) should still work, although they will not take
2081 advantage of the extended types. At the same time, some
2082 third-party software might fail to build after this change
2083 due to unportable assumptions made in its source code about
2084 fts(3) structure members. Such software should be fixed
2085 by its vendor or, in the worst case, in the ports tree.
2086 FreeBSD_version 800015 marks this change for the unlikely
2087 case that a portable fix is impossible.
2090 To upgrade to -current after this date, you must be running
2091 FreeBSD not older than 6.0-RELEASE. Upgrading to -current
2092 from 5.x now requires a stop over at RELENG_6 or RELENG_7 systems.
2095 The ADAPTIVE_GIANT kernel option has been retired because its
2096 functionality is the default now.
2099 The AT keyboard emulation of sunkbd(4) has been turned on
2100 by default. In order to make the special symbols of the Sun
2101 keyboards driven by sunkbd(4) work under X these now have
2102 to be configured the same way as Sun USB keyboards driven
2103 by ukbd(4) (which also does AT keyboard emulation), f.e.:
2105 Option "XkbLayout" "us"
2106 Option "XkbRules" "xorg"
2107 Option "XkbSymbols" "pc(pc105)+sun_vndr/usb(sun_usb)+us"
2110 It has been decided that it is desirable to provide ABI
2111 backwards compatibility to the FreeBSD 4/5/6 versions of the
2112 PCIOCGETCONF, PCIOCREAD and PCIOCWRITE IOCTLs, which was
2113 broken with the introduction of PCI domain support (see the
2114 20070930 entry). Unfortunately, this required the ABI of
2115 PCIOCGETCONF to be broken again in order to be able to
2116 provide backwards compatibility to the old version of that
2117 IOCTL. Thus consumers of PCIOCGETCONF have to be recompiled
2118 again. As for prominent ports this affects neither pciutils
2119 nor xorg-server this time, the hal port needs to be rebuilt
2123 The misnamed kthread_create() and friends have been renamed
2124 to kproc_create() etc. Many of the callers already
2125 used kproc_start()..
2126 I will return kthread_create() and friends in a while
2127 with implementations that actually create threads, not procs.
2128 Renaming corresponds with version 800002.
2137 Avoid using make -j when upgrading. While generally safe, there are
2138 sometimes problems using -j to upgrade. If your upgrade fails with
2139 -j, please try again without -j. From time to time in the past there
2140 have been problems using -j with buildworld and/or installworld. This
2141 is especially true when upgrading between "distant" versions (eg one
2142 that cross a major release boundary or several minor releases, or when
2143 several months have passed on the -current branch).
2145 Sometimes, obscure build problems are the result of environment
2146 poisoning. This can happen because the make utility reads its
2147 environment when searching for values for global variables. To run
2148 your build attempts in an "environmental clean room", prefix all make
2149 commands with 'env -i '. See the env(1) manual page for more details.
2151 When upgrading from one major version to another it is generally best
2152 to upgrade to the latest code in the currently installed branch first,
2153 then do an upgrade to the new branch. This is the best-tested upgrade
2154 path, and has the highest probability of being successful. Please try
2155 this approach before reporting problems with a major version upgrade.
2157 When upgrading a live system, having a root shell around before
2158 installing anything can help undo problems. Not having a root shell
2159 around can lead to problems if pam has changed too much from your
2160 starting point to allow continued authentication after the upgrade.
2164 When upgrading the boot ZFS pool to a new version, always follow
2167 1.) recompile and reinstall the ZFS boot loader and boot block
2168 (this is part of "make buildworld" and "make installworld")
2170 2.) update the ZFS boot block on your boot drive
2172 The following example updates the ZFS boot block on the first
2173 partition (freebsd-boot) of a GPT partitioned drive ad0:
2174 "gpart bootcode -p /boot/gptzfsboot -i 1 ad0"
2176 Non-boot pools do not need these updates.
2180 If you are updating from a prior version of FreeBSD (even one just
2181 a few days old), you should follow this procedure. It is the most
2182 failsafe as it uses a /usr/obj tree with a fresh mini-buildworld,
2184 make kernel-toolchain
2185 make -DALWAYS_CHECK_MAKE buildkernel KERNCONF=YOUR_KERNEL_HERE
2186 make -DALWAYS_CHECK_MAKE installkernel KERNCONF=YOUR_KERNEL_HERE
2188 To test a kernel once
2189 ---------------------
2190 If you just want to boot a kernel once (because you are not sure
2191 if it works, or if you want to boot a known bad kernel to provide
2192 debugging information) run
2193 make installkernel KERNCONF=YOUR_KERNEL_HERE KODIR=/boot/testkernel
2194 nextboot -k testkernel
2196 To just build a kernel when you know that it won't mess you up
2197 --------------------------------------------------------------
2198 This assumes you are already running a CURRENT system. Replace
2199 ${arch} with the architecture of your machine (e.g. "i386",
2200 "arm", "amd64", "ia64", "pc98", "sparc64", "powerpc", "mips", etc).
2202 cd src/sys/${arch}/conf
2203 config KERNEL_NAME_HERE
2204 cd ../compile/KERNEL_NAME_HERE
2209 If this fails, go to the "To build a kernel" section.
2211 To rebuild everything and install it on the current system.
2212 -----------------------------------------------------------
2213 # Note: sometimes if you are running current you gotta do more than
2214 # is listed here if you are upgrading from a really old current.
2216 <make sure you have good level 0 dumps>
2218 make kernel KERNCONF=YOUR_KERNEL_HERE
2220 <reboot in single user> [3]
2227 To cross-install current onto a separate partition
2228 --------------------------------------------------
2229 # In this approach we use a separate partition to hold
2230 # current's root, 'usr', and 'var' directories. A partition
2231 # holding "/", "/usr" and "/var" should be about 2GB in
2234 <make sure you have good level 0 dumps>
2237 make buildkernel KERNCONF=YOUR_KERNEL_HERE
2238 <maybe newfs current's root partition>
2239 <mount current's root partition on directory ${CURRENT_ROOT}>
2240 make installworld DESTDIR=${CURRENT_ROOT}
2241 make distribution DESTDIR=${CURRENT_ROOT} # if newfs'd
2242 make installkernel KERNCONF=YOUR_KERNEL_HERE DESTDIR=${CURRENT_ROOT}
2243 cp /etc/fstab ${CURRENT_ROOT}/etc/fstab # if newfs'd
2244 <edit ${CURRENT_ROOT}/etc/fstab to mount "/" from the correct partition>
2245 <reboot into current>
2246 <do a "native" rebuild/install as described in the previous section>
2247 <maybe install compatibility libraries from ports/misc/compat*>
2251 To upgrade in-place from stable to current
2252 ----------------------------------------------
2253 <make sure you have good level 0 dumps>
2255 make kernel KERNCONF=YOUR_KERNEL_HERE [8]
2257 <reboot in single user> [3]
2264 Make sure that you've read the UPDATING file to understand the
2265 tweaks to various things you need. At this point in the life
2266 cycle of current, things change often and you are on your own
2267 to cope. The defaults can also change, so please read ALL of
2268 the UPDATING entries.
2270 Also, if you are tracking -current, you must be subscribed to
2271 freebsd-current@freebsd.org. Make sure that before you update
2272 your sources that you have read and understood all the recent
2273 messages there. If in doubt, please track -stable which has
2274 much fewer pitfalls.
2276 [1] If you have third party modules, such as vmware, you
2277 should disable them at this point so they don't crash your
2280 [3] From the bootblocks, boot -s, and then do
2285 adjkerntz -i # if CMOS is wall time
2286 Also, when doing a major release upgrade, it is required that
2287 you boot into single user mode to do the installworld.
2289 [4] Note: This step is non-optional. Failure to do this step
2290 can result in a significant reduction in the functionality of the
2291 system. Attempting to do it by hand is not recommended and those
2292 that pursue this avenue should read this file carefully, as well
2293 as the archives of freebsd-current and freebsd-hackers mailing lists
2294 for potential gotchas. The -U option is also useful to consider.
2295 See mergemaster(8) for more information.
2297 [5] Usually this step is a noop. However, from time to time
2298 you may need to do this if you get unknown user in the following
2299 step. It never hurts to do it all the time. You may need to
2300 install a new mergemaster (cd src/usr.sbin/mergemaster && make
2301 install) after the buildworld before this step if you last updated
2302 from current before 20130425 or from -stable before 20130430.
2304 [6] This only deletes old files and directories. Old libraries
2305 can be deleted by "make delete-old-libs", but you have to make
2306 sure that no program is using those libraries anymore.
2308 [8] In order to have a kernel that can run the 4.x binaries needed to
2309 do an installworld, you must include the COMPAT_FREEBSD4 option in
2310 your kernel. Failure to do so may leave you with a system that is
2311 hard to boot to recover. A similar kernel option COMPAT_FREEBSD5 is
2312 required to run the 5.x binaries on more recent kernels. And so on
2313 for COMPAT_FREEBSD6 and COMPAT_FREEBSD7.
2315 Make sure that you merge any new devices from GENERIC since the
2316 last time you updated your kernel config file.
2318 [9] When checking out sources, you must include the -P flag to have
2319 cvs prune empty directories.
2321 If CPUTYPE is defined in your /etc/make.conf, make sure to use the
2322 "?=" instead of the "=" assignment operator, so that buildworld can
2323 override the CPUTYPE if it needs to.
2325 MAKEOBJDIRPREFIX must be defined in an environment variable, and
2326 not on the command line, or in /etc/make.conf. buildworld will
2327 warn if it is improperly defined.
2330 This file contains a list, in reverse chronological order, of major
2331 breakages in tracking -current. It is not guaranteed to be a complete
2332 list of such breakages, and only contains entries since October 10, 2007.
2333 If you need to see UPDATING entries from before that date, you will need
2334 to fetch an UPDATING file from an older FreeBSD release.
2336 Copyright information:
2338 Copyright 1998-2009 M. Warner Losh. All Rights Reserved.
2340 Redistribution, publication, translation and use, with or without
2341 modification, in full or in part, in any form or format of this
2342 document are permitted without further permission from the author.
2344 THIS DOCUMENT IS PROVIDED BY WARNER LOSH ``AS IS'' AND ANY EXPRESS OR
2345 IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
2346 WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
2347 DISCLAIMED. IN NO EVENT SHALL WARNER LOSH BE LIABLE FOR ANY DIRECT,
2348 INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
2349 (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
2350 SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
2351 HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
2352 STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
2353 IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
2354 POSSIBILITY OF SUCH DAMAGE.
2356 Contact Warner Losh if you have any questions about your use of
projects / FreeBSD / releng / 10.1.git / blob