1 <?xml version="1.0" encoding="iso-8859-1"?>
2 <!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook XML V5.0-Based Extension//EN"
3 "http://www.FreeBSD.org/XML/share/xml/freebsd50.dtd" [
4 <!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN"
5 "http://www.FreeBSD.org/release/XML/share/xml/release.ent">
7 <!ENTITY % sponsor PUBLIC "-//FreeBSD//ENTITIES Sponsor Specification//EN"
8 "http://www.FreeBSD.org/release/XML/share/xml/sponsor.ent">
10 <!ENTITY % vendor PUBLIC "-//FreeBSD//ENTITIES Vendor Specification//EN"
11 "http://www.FreeBSD.org/release/XML/share/xml/vendor.ent">
13 <!ENTITY security PUBLIC "-//FreeBSD//ENTITIES Security Advisory List//EN"
14 "http://www.FreeBSD.org/release/XML/share/xml/security.xml">
15 <!ENTITY errata PUBLIC "-//FreeBSD//ENTITIES Errata List//EN"
16 "http://www.FreeBSD.org/release/XML/share/xml/errata.xml">
18 <article xmlns="http://docbook.org/ns/docbook"
19 xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0"
23 <title>&os; &release.current; Release Notes</title>
26 <orgname>The &os; Project</orgname>
29 <pubdate>$FreeBSD$</pubdate>
31 <!-- First rev: 285831 -->
32 <!-- Last rev: 284813 -->
36 <holder role="mailto:doc@FreeBSD.org">The &os; Documentation
40 <legalnotice xml:id="trademarks" role="trademarks">
50 <para>The release notes for &os; &release.current; contain
51 a summary of the changes made to the &os; base system on the
52 &release.branch; development line. This document lists
53 applicable security advisories that were issued since the last
54 release, as well as significant changes to the &os; kernel and
55 userland. Some brief remarks on upgrading are also
60 <sect1 xml:id="intro">
61 <title>Introduction</title>
63 <para>This document contains the release notes for &os;
64 &release.current;. It describes recently added, changed, or
65 deleted features of &os;. It also provides some notes on
66 upgrading from previous versions of &os;.</para>
68 <para releasetype="current">The &release.type; distribution to
69 which these release notes apply represents the latest point
70 along the &release.branch; development branch since
71 &release.branch; was created. Information regarding pre-built,
72 binary &release.type; distributions along this branch can be
74 xlink:href="&release.url;">&release.url;</uri>.</para>
76 <para releasetype="snapshot">The &release.type; distribution to
77 which these release notes apply represents a point along the
78 &release.branch; development branch between &release.prev; and
79 the future &release.next;. Information regarding pre-built,
80 binary &release.type; distributions along this branch can be
82 xlink:href="&release.url;">&release.url;</uri>.</para>
84 <para releasetype="release">This distribution of &os;
85 &release.current; is a &release.type; distribution. It can be
86 found at <uri xlink:href="&release.url;">&release.url;</uri> or
87 any of its mirrors. More information on obtaining this (or
88 other) &release.type; distributions of &os; can be found in the
90 xlink:href="&url.books.handbook;/mirrors.html"><quote>Obtaining
91 &os;</quote> appendix</link> to the <link
92 xlink:href="&url.books.handbook;/">&os;
93 Handbook</link>.</para>
95 <para>All users are encouraged to consult the release errata
96 before installing &os;. The errata document is updated with
97 <quote>late-breaking</quote> information discovered late in the
98 release cycle or after the release. Typically, it contains
99 information on known bugs, security advisories, and corrections
100 to documentation. An up-to-date copy of the errata for &os;
101 &release.current; can be found on the &os; Web site.</para>
103 <para>This document describes the most user-visible new or changed
104 features in &os; since &release.prev;.</para>
106 <para>Typical release note items document recent security
107 advisories issued after &release.prev;, new drivers or hardware
108 support, new commands or options, major bug fixes, or
109 contributed software upgrades. They may also list changes to
110 major ports/packages or release engineering practices. Clearly
111 the release notes cannot list every single change made to &os;
112 between releases; this document focuses primarily on security
113 advisories, user-visible changes, and major architectural
117 <sect1 xml:id="upgrade">
118 <title>Upgrading from Previous Releases of &os;</title>
120 <para arch="amd64,i386">Binary upgrades between RELEASE versions
121 (and snapshots of the various security branches) are supported
122 using the &man.freebsd-update.8; utility. The binary upgrade
123 procedure will update unmodified userland utilities, as well as
124 unmodified <filename>GENERIC</filename> kernel distributed as
125 a part of an official &os; release. The &man.freebsd-update.8;
126 utility requires that the host being upgraded have Internet
129 <para>Source-based upgrades (those based on recompiling the &os;
130 base system from source code) from previous versions are
131 supported, according to the instructions in
132 <filename>/usr/src/UPDATING</filename>.</para>
135 <para>Upgrading &os; should only be attempted after
136 backing up <emphasis>all</emphasis> data and configuration
141 <sect1 xml:id="security-errata">
142 <title>Security and Errata</title>
144 <para>This section lists the various Security Advisories and
145 Errata Notices since &release.prev;.</para>
147 <sect2 xml:id="security">
148 <title>Security Advisories</title>
153 <sect2 xml:id="errata">
154 <title>Errata Notices</title>
160 <sect1 xml:id="userland">
161 <title>Userland</title>
163 <para>This section covers changes and additions to userland
164 applications, contributed software, and system utilities.</para>
166 <sect2 xml:id="userland-programs">
167 <title>Userland Application Changes</title>
169 <para revision="287326,288202" contrib="sponsor" sponsor="&ff;">The
170 &man.ar.1; utility now supports a <option>-D</option> flag to
171 prevent real mtime, uid, gid, and file mode values from being
172 inserted. This is called <quote>deterministic mode</quote>
173 and useful for making the resulting archives reproducible.
174 This behavior is enabled by default, and can be disabled by
175 specifying a <literal>-U</literal> flag.</para>
177 <para revision="286965">The &man.camcontrol.8;
178 <command>fwdownload</command> subcommand has been improved.
179 Changes include better support of SATA drives, downloading
180 firmaware to IBM LTO drives, <option>-q</option> flag to
181 suppress information output, and <command>opcodes</command>
182 subcommand to issue the <literal>REPORT SUPPORTED
183 OPCODES</literal> service action of the <literal>SCSI
184 MAINTENANCE IN</literal> command.</para>
186 <para revision="291774">The &man.cp.1; utility has been updated
187 to include a new flag, <literal>-s</literal>, which creates
188 a symbolic link to the specified source.</para>
190 <para revision="285929">A bug in the &man.ctladm.8; utility
191 which could return a non-zero value even if it succeeds has
194 <para revision="288185">A bug in the &man.grdc.6; program which
195 caused a wrong display in the 12-hour mode has been
198 <para revision="286810" contrib="sponsor"
199 sponsor="&yandex;">The &man.ifconfig.8; utility now reports
200 SFP/SFP+ data when a <option>-v</option> flag is specified and
201 the NIC driver provides them.</para>
203 <para revision="288048">Bugs in the &man.inetd.8; daemon which
204 could cause a crash when an RPC entry is defined and an IPv6
205 address is specified in <varname>-a</varname> flag have been
208 <para revision="286064">The &man.jail.8; utility has been
209 updated to include a new flag, <literal>-l</literal>, which
210 ensures a clean environment in the target jail when used.
211 Additionally, &man.jail.8; will run a shell within the target
212 jail when run no commands are specified.</para>
214 <para revision="286952">The &man.last.1; utility now supports
215 <literal>reboot</literal> as a pseudo-user name which prints
216 all system reboot entries (<literal>SHUTDOWN_TIME</literal>
217 and <literal>BOOT_TIME</literal> records). This was
218 accidentally removed as of &os; 9.0.</para>
220 <para revision="287027">The &man.mv.1; utility now returns
221 <literal>1</literal> instead of <literal>64</literal>
222 when more than two arguments are specified and
223 the target is not a valid directory.</para>
225 <para revision="287122">The &man.mkimg.1; utility has been
226 updated to include support for <literal>NTFS</literal>
227 filesystems in both <acronym>MBR</acronym> and
228 <acronym>GPT</acronym> partitioning schemes.</para>
230 <para revision="287122">A bug in the &man.mkimg.1; utility
231 which prevented dynamic VHD format from working with QEMU
232 has been fixed.</para>
234 <para revision="287593">A bug in the &man.netstat.1; utility
235 which showed the statistics in the number of packets divided
236 by 1024, not 1000 has been fixed.</para>
238 <para revision="287746">The &man.pciconf.8; utility has been
239 updated to use the PCI ID database from the <filename
240 role="package">misc/pciids</filename> package, if present,
241 falling back to the PCI ID database in the &os; base
244 <para revision="288710" contrib="sponsor" sponsor="&gandi;">A
245 new utility, &man.sesutil.8;, has been added, which is used
246 to manage &man.ses.4; devices.</para>
248 <para revision="292231">Support for a
249 <option>-manage-gids</option> flag has been added to
250 &man.nfsuserd.8;. This option can be enabled at boot time by
251 setting an &man.rc.conf.5; variable
252 <varname>nfs_server_managegids</varname> to
253 <literal>YES</literal>.</para>
255 <para revision="287269">The &man.pkill.1; utility now supports
256 &man.jail.2; name in a <option>-j</option> option in addition to
257 &man.jail.2; ID.</para>
259 <para revision="287084"><command>userdel</command> and
260 <command>usermod</command> subcommand of the &man.pw.8; utility
261 now supports a <option>-y</option> flag.</para>
263 <para revision="292462" contrib="sponsor"
264 sponsor="&dellinc;">The resolver library has been updated to
265 reload <filename>/etc/resolv.conf</filename> if the
266 modification time has changed.</para>
268 <para revision="293744" contrib="sponsor" sponsor="&ff;">The
269 initial implementation of <quote>reroot</quote> support has
270 been added to the &man.reboot.8; utility, allowing the root
271 filesystem to be mounted from a temporary source filesystem
272 without requiring a full system reboot.</para>
274 <para revision="287392">The &man.timeout.1; utility has been
275 added. This utility runs a command with a time limit and is
276 compatible with <application>GNU timeout</application>.</para>
278 <para revision="287080">The &man.watchdogd.8; daemon now supports
279 a <option>-x <replaceable>exit_timeout</replaceable></option>
280 option to specify the timeout period in seconds to
281 leave in effect when the program exits.</para>
283 <para revision="287375">The &man.ypinit.8; script now supports
284 <filename>eui64</filename> NIS map file.</para>
287 <sect2 xml:id="userland-contrib">
288 <title>Contributed Software</title>
290 <para revision="286082">A bug in &man.libarchive.3; library which
291 could report an error when handling a sparse file entry
292 in a tar file has been fixed
293 by importing changeset <literal>bf4f6ec64e</literal>.</para>
295 <para revision="286751">Time zone database has been updated to
296 version <literal>2015f</literal>.</para>
298 <para revision="290152">The &man.file.1; utility has been
299 updated to version 5.25.</para>
301 <para revision="292588">The &man.xz.1; utility has been updated
302 to version 5.2.2, which provides support for multi-threaded
305 <para revision="293650">The &man.ntpd.8; utility has been
306 updated to version 4.2.8p5.</para>
308 <para revision="294190">The &man.unbound.8; utility has been
309 updated to version 1.5.7.</para>
311 <para revision="294286">The &man.less.1; utility has been
312 updated to version v481.</para>
314 <para revision="295690">The
315 <literal>unbound-control-setup</literal> script has been
316 removed from the base system.</para>
318 <para revision="295691">The &man.unbound.8; utility has been
319 updated to enable the <literal>insecure-lan-zones</literal>
320 option in preference of listing each <acronym>AS112</acronym>
321 zone individually.</para>
323 <para revision="296317">The <application>OpenSSL</application>
324 suite has been updated to version 1.0.1s.</para>
326 <para revision="296853">The <application>OpenSSH</application>
327 suite has been updated to version 7.2p2.</para>
330 <sect2 xml:id="userland-installer">
331 <title>Installation and Configuration Tools</title>
333 <para revision="295264" contrib="sponsor"
334 sponsor="&scaleengine;">The &man.bsdinstall.8; utility has
335 been updated to support <acronym>ZFS</acronym> installation
336 on <acronym>EFI</acronym>-based systems.</para>
339 <sect2 xml:id="userland-rc">
340 <title><filename class="directory">/etc/rc.d</filename>
343 <para revision="294680">The <filename>rc.d/netwait</filename>
344 script has been updated to wait for network
345 interfaces that attach late in the boot process, such as some
346 <acronym>USB</acronym> network cards.</para>
348 <para revision="287091">Firewall rules set by
349 <literal>firewall_type="SIMPLE"</literal> now uses
350 &man.ipfw.4; <command>tables</command> for addresses to be
353 <para revision="287737">The <filename>rc.d/netif</filename>
354 script now updates only static routes when an interface
359 <sect1 xml:id="kernel">
360 <title>Kernel</title>
362 <para>This section covers changes to kernel configurations, system
363 tuning, and system control parameters that are not otherwise
366 <para revision="286742">The &man.vt.4; terminal console driver now
367 supports <option>ALT_BREAK_TO_DEBUGGER</option> and
368 <varname>debug.kdb.alt_break_to_debugger</varname> sysctl
369 variable when kernel debugger support (<option>options
370 KDB</option>) is enabled.</para>
372 <para revision="287782">The &man.vt.4; terminal console driver now
373 supports <varname>kern.vt.bell_enable</varname> sysctl variable
374 to enable or disable terminal bell. The default is
375 <literal>1</literal> (enabled).</para>
377 <para revision="286843">A <function>thread_create()</function>
378 function has been added as an API to create userspace thread in
381 <sect2 xml:id="kernel-bugfix">
382 <title>Kernel Bug Fixes</title>
384 <para revision="288167" contrib="sponsor"
385 sponsor="&multiplay;">The &man.kqueue.2; system call has been
386 updated to handle write events to files larger than 2
390 <sect2 xml:id="kernel-config">
391 <title>Kernel Configuration</title>
393 <para revision="286132" contrib="sponsor"
394 sponsor="&ff;" arch="amd64,i386">The &man.pms.4; driver
395 has been removed from
396 <filename>GENERIC</filename> kernel.</para>
399 <sect2 xml:id="kernel-sysctl">
400 <title>System Tuning and Controls</title>
402 <para revision="287438">A &man.sysctl.3; variable
403 <varname>kern.features.invariants</varname> has been added.
404 It shows if the kernel is compiled with <option>INVARIANTS</option>
407 <para revision="286322" contrib="sponsor"
408 sponsor="&ff;">A bug which could prevent a loader
409 tunable <varname>kern.racct.enable</varname> from working
410 has been fixed.</para>
414 <sect1 xml:id="drivers">
415 <title>Devices and Drivers</title>
417 <para>This section covers changes and additions to devices and
418 device drivers since &release.prev;.</para>
420 <sect2 xml:id="drivers-device">
421 <title>Device Drivers</title>
423 <para revision="287079" arch="arm">The <literal>imxwdt</literal>
424 driver, which supports Freescale i.MX watchdog, has been
427 <para revision="287926">The &man.puc.4; driver now supports MSI
428 interrupts and prefers it to the legacy interrupts. This
429 behavior can be disabled by setting
430 <varname>hw.puc.msi_disable</varname> loader tunable.</para>
432 <para revision="287037">A bug in the &man.uart.4; driver which
433 could cause a polarity reversal of PPS (Pulse Per Second)
434 capture events has been fixed. The trailing edge of a
435 positive PPS pulse and the leading edge of the next pulse were
436 used as "assert" and "clear" event respectively.</para>
438 <para revision="287037">The &man.uart.4; driver now supports
439 runtime configuration of PPS signal source captured by the
440 driver via <varname>dev.uart.pps_mode</varname> and
441 <varname>dev.uart.<replaceable>0</replaceable>.pps_mode</varname>
442 sysctl variables. The values <literal>0</literal>,
443 <literal>1</literal>, and <literal>2</literal> correspond to
444 disabled, capturing pulses on the CTS line,
445 and capturing pulses on the DCD line, respectively.
446 The default value is <literal>2</literal>.</para>
448 <para revision="287035">The &man.uftdi.4; driver now supports
449 <varname>UFTDIIOC_READ_EEPROM</varname>,
450 <varname>UFTDIIOC_WRITE_EEPROM</varname>,
451 and <varname>UFTDIIOC_ERASE_EEPROM</varname>
453 read/write serial EEPROM attached to the controller chip.</para>
456 <sect2 xml:id="drivers-storage">
457 <title>Storage Drivers</title>
459 <para revision="280451">Legacy &man.ata.4; drivers such as
460 <literal>ataahci</literal>, <literal>ataadaptec</literal>,
461 and <literal>mv_sata</literal> have been removed in favor of
462 the new drivers such as &man.ahci.4;, &man.siis.4;, and
465 <para revision="288732" contrib="sponsor" sponsor="&ix;">The
466 <acronym>CTL</acronym> High Availability implementation has
467 been rewritten.</para>
469 <para revision="288810">The &man.ctl.4; driver has been updated
470 to support CD-ROM and removable devices.</para>
472 <para contrib="sponsor" sponsor="&ix;">The &man.isp.4; driver has
473 been updated and improved: added support for 16Gbps FC cards,
474 improved target mode support, completed Multi-ID (NPIV)
475 functionality.</para>
478 <sect2 xml:id="drivers-network">
479 <title>Network Drivers</title>
481 <para revision="295524" contrib="sponsor"
482 sponsor="&limelight;, &intelcorp;">The &man.ixgbe.4; driver
483 has been updated to version 3.1.13-k.</para>
485 <para revision="286895">Firmwares for model T4 and T5 bundled
486 with the &man.cxgbe.4; driver have been updated to
487 version 1.14.4.0.</para>
491 <sect1 xml:id="hardware">
492 <title>Hardware Support</title>
494 <para>This section covers general hardware support for physical
495 machines, hypervisors, and virtualization environments, as well
496 as hardware changes and updates that do not otherwise fit in
497 other sections of this document.</para>
499 <sect2 xml:id="hardware-support">
500 <title>Hardware Support</title>
502 <para revision="293675">The &man.ismt.4; driver has been added,
503 providing support for recent &intel; SMBus 2.0
507 <sect2 xml:id="hardware-virtualization">
508 <title>Virtualization Support</title>
510 <para revision="287802">The &man.xen.4; driver has been updated
511 to include support for <literal>blkif</literal> indirect
516 <sect1 xml:id="storage">
517 <title>Storage</title>
519 <para>This section covers changes and additions to file systems
520 and other storage subsystems, both local and networked.</para>
522 <sect2 xml:id="storage-zfs">
525 <para revision="287665" contrib="sponsor"
526 sponsor="&clusterhq;">The &man.zfs.8; <literal>l2arc</literal>
527 code has been updated to take <literal>ashift</literal> into
528 account when gathering buffers to be written to the
529 <literal>l2arc</literal> device.</para>
533 <sect1 xml:id="boot">
534 <title>Boot Loader Changes</title>
536 <para>This section covers the boot loader, boot menu, and other
537 boot-related changes.</para>
539 <sect2 xml:id="boot-loader">
540 <title>Boot Loader Changes</title>
542 <para revision="294445">Initial terminal emulation support has
543 been added to <filename>loader.efi</filename> for
544 <acronym>UEFI</acronym>-based systems.</para>
546 <para revision="294999" contrib="sponsor"
547 sponsor="&multiplay;">Initial <acronym>ZFS</acronym> boot
548 support has been added to the <acronym>EFI</acronym>
549 implementation.</para>
551 <para revision="295475" contrib="sponsor"
552 sponsor="&scaleengine;">The <acronym>UEFI</acronym> loader has
553 been updated to support multiple <acronym>ZFS</acronym> boot
554 environments, such as those provided by <filename
555 role="package">sysutils/beadm</filename>.</para>
558 <sect2 xml:id="boot-menu">
559 <title>Boot Menu Changes</title>
561 <para revision="294446">The <acronym>UEFI</acronym> boot menu
562 has been updated to enable the <quote>Beastie</quote> menu,
563 similiar to the traditional &man.sc.4; boot menu.</para>
567 <sect1 xml:id="network">
568 <title>Networking</title>
570 <para>This section describes changes that affect networking in
573 <para revision="287594,287723">The &man.epair.4; virtual
574 Ethernet interface and the &man.lagg.4; pseudo interface now
575 support <filename>VIMAGE</filename> kernel.</para>
577 <para revision="287594">A bug in the &man.epair.4; virtual
578 Ethernet interface which could cause a panic when running
579 &man.ifconfig.8; <command>create</command> and
580 <command>destory</command> quickly has been fixed.</para>
582 <para revision="287723">&man.sysctl.3; variables in the
583 &man.lagg.4; pseudo interface
584 <varname>net.link.lagg.<replaceable>N</replaceable>.<replaceable>*</replaceable></varname>
585 have been removed in favor of per-interface &man.ifconfig.8;
586 flags and options. <command>ifconfig -v</command>
587 command shows them.</para>
589 <para revision="287723">Bugs in the
590 &man.lagg.4; pseudo interface which could cause a system
591 panic have been fixed.</para>
593 <para revision="286125" contrib="sponsor"
594 sponsor="&netgate;">A bug in &man.pf.4; packet filter which
595 could cause a rule with no <literal>log</literal> parameter to
596 log the matched packet has been fixed.</para>
598 <para revision="286316">A bug in &os; IPv6 stack which did not
599 invoke an <literal>LLENTRY_DELETED</literal> event when an L2
600 address was deleted from the link-level address table for
603 <para revision="287733">Obsolete APIs,
604 <literal>SIOCGDRLST_IN6</literal> and
605 <literal>SIOCGPRLST_IN6</literal> in &os; IPv6 stack have been