1 <!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook V4.1-Based Extension//EN" [
2 <!ENTITY % articles.ent PUBLIC "-//FreeBSD//ENTITIES DocBook FreeBSD Articles Entity Set//EN">
5 <!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN">
11 <title>&os; &release.current; Release Notes</title>
13 <corpauthor>The &os; Project</corpauthor>
15 <pubdate>$FreeBSD$</pubdate>
28 <holder role="mailto:doc@FreeBSD.org">The &os; Documentation Project</holder>
31 <legalnotice id="trademarks" role="trademarks">
42 <para>The release notes for &os; &release.current; contain a summary
43 of the changes made to the &os; base system on the
44 &release.branch; development line.
45 This document lists applicable security advisories that were issued since
46 the last release, as well as significant changes to the &os;
48 Some brief remarks on upgrading are also presented.</para>
53 <title>Introduction</title>
55 <para>This document contains the release notes for &os;
57 describes recently added, changed, or deleted features of &os;.
58 It also provides some notes on upgrading
59 from previous versions of &os;.</para>
61 <![ %release.type.current [
63 <para>The &release.type; distribution to which these release notes
64 apply represents the latest point along the &release.branch; development
65 branch since &release.branch; was created. Information regarding pre-built, binary
66 &release.type; distributions along this branch
67 can be found at <ulink url="&release.url;"></ulink>.</para>
71 <![ %release.type.snapshot [
73 <para>The &release.type; distribution to which these release notes
74 apply represents a point along the &release.branch; development
75 branch between &release.prev; and the future &release.next;.
77 pre-built, binary &release.type; distributions along this branch
78 can be found at <ulink url="&release.url;"></ulink>.</para>
82 <![ %release.type.release [
84 <para>This distribution of &os; &release.current; is a
85 &release.type; distribution. It can be found at <ulink
86 url="&release.url;"></ulink> or any of its mirrors. More
87 information on obtaining this (or other) &release.type;
88 distributions of &os; can be found in the <ulink
89 url="&url.books.handbook;/mirrors.html"><quote>Obtaining
90 &os;</quote> appendix</ulink> to the <ulink
91 url="&url.books.handbook;/">&os; Handbook</ulink>.</para>
95 <para>All users are encouraged to consult the release errata before
96 installing &os;. The errata document is updated with
97 <quote>late-breaking</quote> information discovered late in the
98 release cycle or after the release. Typically, it contains
99 information on known bugs, security advisories, and corrections to
100 documentation. An up-to-date copy of the errata for &os;
101 &release.current; can be found on the &os; Web site.</para>
105 <title>What's New</title>
107 <para>This section describes the most user-visible new or changed
108 features in &os; since &release.prev;.</para>
110 <para>Typical release note items document recent security
111 advisories issued after &release.prev;, new drivers or hardware
112 support, new commands or options, major bug fixes, or
113 contributed software upgrades. They may also list changes to
114 major ports/packages or release engineering practices. Clearly
115 the release notes cannot list every single change made to &os;
116 between releases; this document focuses primarily on security
117 advisories, user-visible changes, and major architectural
120 <sect2 id="security">
121 <title>Security Advisories</title>
123 <para>Problems described in the following security advisories have
124 been fixed. For more information, consult the individual
125 advisories available from
126 <ulink url="http://security.FreeBSD.org/"></ulink>.</para>
128 <informaltable frame="none" pgwide="0">
130 <colspec colwidth="1*">
131 <colspec colwidth="1*">
132 <colspec colwidth="3*">
135 <entry>Advisory</entry>
143 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:01.lukemftpd.asc"
144 >SA-09:01.lukemftpd</ulink></entry>
145 <entry>07 January 2009</entry>
146 <entry><para>Cross-site request forgery in
147 &man.lukemftpd.8;</para></entry>
151 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:02.openssl.asc"
152 >SA-09:02.openssl</ulink></entry>
153 <entry>07 January 2009</entry>
154 <entry><para>OpenSSL incorrectly checks for malformed
155 signatures</para></entry>
159 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:03.ntpd.asc"
160 >SA-09:03.ntpd</ulink></entry>
161 <entry>13 January 2009</entry>
162 <entry><para>ntpd cryptographic signature
163 bypass</para></entry>
167 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:04.bind.asc"
168 >SA-09:04.bind</ulink></entry>
169 <entry>13 January 2009</entry>
170 <entry><para>BIND DNSSEC incorrect checks for
171 malformed signatures</para></entry>
175 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:05.telnetd.asc"
176 >SA-09:05.telnetd</ulink></entry>
177 <entry>16 February 2009</entry>
178 <entry><para>telnetd code execution
179 vulnerability</para></entry>
183 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:06.ktimer.asc"
184 >SA-09:06.ktimer</ulink></entry>
185 <entry>23 March 2009</entry>
186 <entry><para>Local privilege escalation</para></entry>
190 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:07.libc.asc"
191 >SA-09:07.libc</ulink></entry>
192 <entry>04 April 2009</entry>
193 <entry><para>Information leak in &man.db.3;</para></entry>
197 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:08.openssl.asc"
198 >SA-09:08.openssl</ulink></entry>
199 <entry>22 April 2009</entry>
200 <entry><para>Remotely exploitable crash in
201 OpenSSL</para></entry>
209 <title>Kernel Changes</title>
211 <para>The &man.ddb.8; kernel debugger now supports a
212 <command>show mount</command> subcommand.</para>
214 <para>The &os; DTrace subsystem now supports a probe for
215 process execution.</para>
217 <para arch="amd64">The &os; kernel virtual address space has
218 been increased to 6GB. This allows subsystems to use larger
219 virtual memory space than before. For example, &man.zfs.8;
220 adaptive replacement cache (ARC) requires large kernel memory
221 space to cache file system data, so it benefits from the
222 increased address space. Note that the ceiling on the kernel
223 map size is now 60% of the size rather than an absolute
226 <para>The &man.jail.8; subsystem has been updated. Changes include:</para>
230 <para>Multiple addresses of both IPv4 and IPv6 per jail has
231 been supported. It is even possible to have jails without
232 an IP address at all, which basically gives one a chrooted
233 environment with restricted process view and no
238 <para>SCTP (&man.sctp.4;) with IPv6 in jails has been
243 <para>Specific CPU binding by using &man.cpuset.1; has been
244 implemented. Note that the current implementation allows
245 the superuser inside of the jail to change the CPU
246 bindings specified. This behavior will be fixed in the
251 <para>A &man.jail.8; can start with a specific route
256 <para>A <literal>show jails</literal> subcommand in
257 &man.ddb.8; has been added.</para>
261 <para>Compatibility support which permits 32-bit jail
262 binaries to be used on 64-bit systems to manage jails has
267 <para>Note that both version numbers of
268 <literal>jail</literal> and <literal>prison</literal> in
269 the &man.jail.8; have been updated for the new
274 <para>The &man.kld.4; now supports installing 32-bit system
275 calls to the &os; system call translation layer from kernel
278 <para>The &man.ktr.4; now supports a new KTR tracepoint in the
279 <literal>KTR_CALLOUT</literal> class to note when a callout
280 routine finishes executing.</para>
282 <para>Types of variables used to track amount of allocated
283 System V shared memory have been changed from
284 <literal>int</literal> to <literal>size_t</literal>. This
285 makes it possible to use more than 2 GB shared memory segments
286 on 64-bit architectures. Please note the new BUGS section in
287 &man.shmctl.2; and <filename>/usr/src/UPDATING</filename> for
288 limitations of this temporary solution.</para>
290 <para>A &man.sysctl.3; leaf node has a flag to tag itself as
293 <para>The &os; 32-bit system call translation layer now
294 supports installing 32-bit system calls for
295 <literal>VFS_AIO</literal>.</para>
297 <para arch="amd64,i386">The &os; virtual memory subsystem now
298 supports Superpages. The Superpages is a feature that enables
299 each entry in the TLB (translation lookaside buffer) to map a
300 large physical memory region into a virtual address space in
301 modern CPUs. This provides possible memory savings for
302 applications that share large amounts of memory between the
303 address spaces and performance improvements due to fewer TLB
304 misses. This is disabled by default and can be enabled by
305 setting a loader tunable
306 <varname>vm.pmap.pg_ps_enabled</varname> to
307 <literal>1</literal>.</para>
310 <title>Boot Loader Changes</title>
312 <para>The &man.boot.8; now supports 4-byte volume ID that
313 certain versions of &windows; put into the MBR and invoking
314 PXE by pressing F6 key on some supported BIOSes.</para>
316 <para arch="i386">The &man.boot.8; BTX loader has been
317 improved. This fixes several boot issues on recent machines
318 reported for 7.1-RELEASE and before.</para>
320 <para>The &man.loader.8; is now able to obtain DHCP options
321 from network boot via &man.kenv.2; variables.</para>
323 <para>A bug in the &man.loader.8; has been fixed. Now the
324 following line works as expected:</para>
326 <programlisting>loader_conf_files="<replaceable>foo</replaceable> <replaceable>bar</replaceable> ${<replaceable>variable</replaceable>}"</programlisting>
330 <title>Hardware Support</title>
332 <para arch="sparc64">The &os; now supports Ultra SPARC III
333 (Cheetah) family.</para>
335 <para>The &man.acpi.4; subsystem now supports a &man.sysctl.8;
336 variable <varname>debug.batt.batt_sleep_ms</varname>. On
337 some laptops with smart batteries, enabling battery
338 monitoring software causes keystrokes from &man.atkbd.4; to
339 be lost. This sysctl variable adds a delay in millisecond
340 to the status checking code as a workaround.</para>
342 <para>The &man.acpi.asus.4; driver now supports Asus A8Sr
345 <para arch="powerpc">Support for the AltiVec, a floating point
346 and integer SIMD instruction set has been added.</para>
348 <para>The &man.cpuctl.4; driver, which provides a special
349 device <filename>/dev/cpuctl</filename> as an interface to
350 the system CPU has been added. The functionality includes
351 to retrieve CPUID information, read/write machine specific
352 registers (MSR), and perform CPU firmware updates.</para>
354 <para>The &man.cpufreq.4; driver now supports an
355 <varname>hw.est.msr_info</varname> loader tunable. When
356 this is set to <literal>1</literal>, it attempts to build a
357 simple list containing just the high and low frequencies if
358 it cannot obtain a frequency list from either ACPI or the
359 static tables. This is disabled by default.</para>
361 <para arch="amd64,i386">CPU frequency change notifiers are now
362 disabled when the TSC is P-state invariant. Also, a new
364 <varname>kern.timecounter.invariant_tsc</varname> has been
365 added to force this behavior by setting it to
368 <para>The &man.atkbd.4; now disables the interrupt handler
369 which is called from the keyboard callback function when
370 polled mode is enabled. This fixes duplicated/missing
371 characters problem at mountroot on multi CPU systems while
372 &man.kbdmux.4; is enabled.</para>
374 <para>In the &man.pci.4; subsystem INTx is now disabled when
375 MSI/MSIX is enabled. This change fixes interrupt storm
376 related issues.</para>
378 <para arch="sparc64">The schizo(4) driver for Schizo
379 Fireplane/Safari to PCI 2.1 and Tomatillo JBus to PCI 2.2
380 bridges has been added.</para>
382 <para>The &man.u3g.4; driver for USB based 3G cards and
383 dongles including Vodafone Mobile Connect Card 3G, Qualcomm
384 CDMA MSM, Huawei E220, Novatel U740, Sierra MC875U, and so
385 on has been added. This provides support for the multiple
386 USB-to-serial interfaces exposed by many 3G USB/PC Card
387 modems, and the device is accessed through the &man.ucom.4;
388 driver which makes it behave like a &man.tty.4;.</para>
390 <para>The &man.sched.ule.4; scheduler now supports a loader
391 tunable <varname>machdep.hyperthreading_enabled</varname> as
392 the &man.sched.4bsd.4; does. Note that it cannot be
393 modified at run-time.</para>
396 <title>Multimedia Support</title>
398 <para>The &man.agp.4; now supports Intel G4X series graphics
401 <para>The DRM, a kernel module named Direct Rendering
402 Manager that gives direct hardware access to DRI clients,
403 has been updated. Support for AMD/ATI r500, r600, r700,
404 and IGP based chips, XGI V3XE/V5/V8, and Intel i915
405 chipsets has been improved.</para>
407 <para>A new loader tunable <varname>hw.drm.msi</varname>
408 which controls if DRM uses MSI or not. This is set to
409 <literal>1</literal> (enabled) by default.</para>
411 <para>The snd_au88x0(4) driver for Aureal Vortex
412 1/2/Advantage PCI has been removed because this was
413 broken for a long time.</para>
415 <para>The &man.snd.hda.4; driver has been updated. Changes
416 include: multiple codec per HDA bus, multiple functional
417 groups per codec, multiple audio devices per functional
418 group, digital (SPDIF/HDMI) audio input/output,
419 suspend/resume, and part of multichannel audio.</para>
421 <para>Note that due to added HDMI audio and logical audio
422 devices support, updated driver often provides several PCM
423 devices. In some cases it can make system default audio
424 device no longer corresponding to the users's habitual
425 audio connectors. In such cases the default device can be
426 specified in audio application setup or defined globally
427 via <varname>hw.snd.default_unit sysctl</varname>
428 as described in the &man.sound.4; manual page.</para>
432 <title>Network Interface Support</title>
434 <para>The &man.ae.4; driver now supports WoL
435 (Wake on LAN).</para>
437 <para arch="amd64,i386">The &man.ale.4; driver is now
438 included in the <filename>GENERIC</filename>
441 <para>The &man.ath.hal.4;, Atheros Hardware Access Layer,
442 has been updated to the open source version.</para>
444 <para>The &man.axe.4; driver has been improved in
445 performance by eliminating extra context switches and now
446 supports Apple USB Ethernet adapter.</para>
448 <para>The &man.bce.4; driver's firmware has been updated to
449 the latest version (4.6.X).</para>
451 <para>The ciphy(4) driver now supports Vitesse VSC8211
454 <para>The &man.cxgb.4; driver has been updated to the
455 firmware revision 4.7 and now supports hardware MAC
458 <para>The &man.fxp.4; driver has been improved. Changes include:</para>
462 <para>The checksum offload feature can be controlled by
463 &man.ifconfig.8; now.</para>
467 <para>Rx checksum offload support for 82559 or later
468 controllers has been added.</para>
472 <para>TSO (TCP Segmentation Offload) support for 82550
473 and 82551 controllers has been added.</para>
477 <para>WoL (Wake on LAN) support for 82550, 82551, 82558,
478 and 82559-based controllers has been added. Note that
479 ICH based controllers are treated as 82559, and 82557,
480 earlier revision of 82558, and 82559ER have no WoL
485 <para>VLAN hardware tag insertion/stripping support and
486 Tx/Rx checksum offload for VLAN frames support have
487 been added. Note that the VLAN hardware assistance is
488 available only on 82550 or 82551-based
493 <para>A bug in &man.igb.4; driver which prevents a loader
494 tunable <varname>hw.igb.ave_latency</varname> from working
495 has been fixed.</para>
497 <para>The &man.ixgbe.4; driver has been updated to
498 version 1.7.4.</para>
500 <para>The &man.jme.4; driver now supports newer JMicron
501 JMC250/JMC260 revisions.</para>
503 <para>The &man.msk.4; driver has been improved. An issue
504 which makes it hang up in a certain condition has been
505 fixed. A hardware MAC statistics support has been added
506 and users can get the information via sysctl variables
508 <varname>dev.msk.<replaceable>N</replaceable>.stats</varname>.</para>
510 <para>The &man.mxge.4; driver now supports some newer
511 revisions and 10GBASE-LRM and 10GBASE-Twinax media
514 <para>The &man.nfe.4; driver now supports hardware MAC
517 <para>The &man.re.4; driver has been improved. It now
518 detects the link status. A new loader tunable
519 <varname>hw.re.prefer_iomap</varname> to disable memory
520 register mapping. This tunable is <literal>0</literal>
521 for all controllers except RTL8169SC family.</para>
523 <para>The &man.rl.4; driver has been improved. It now
524 detects the link status and a bug which prevents it from
525 working on systems with more than 4GB memory has been
528 <para>A bug in &man.sis.4; on VLAN tagged frame handling has
531 <para>The &man.txp.4; driver now works on all supported
532 architecture. Also, &man.altq.4; support, WoL support,
533 checksum offload when VLAN enabled, better link state
534 change handling, a new sysctl variable
535 <varname>dev.txp.<replaceable>N</replaceable>.stats</varname>
536 for MAC statistics have been added. A new sysctl
538 <varname>dev.txp.<replaceable>N</replaceable>.process_limit</varname>
539 to control how many received frames should be served in Rx
540 handler (set to 64 by default and valid ranges are 16 to
541 128 in unit of frames) has been added. The firmware has
542 been updated to the latest version.</para>
546 <sect3 id="net-proto">
547 <title>Network Protocols</title>
549 <para>IPv4 source address selection for unbound sockets has
550 been implemented as follows:</para>
554 <para>If we found a route, use the address corresponding
555 to the outgoing interface.</para>
559 <para>Otherwise we assume the foreign address is reachable
560 on a directly connected network and try to find a
561 corresponding interface to take the source address
566 <para>As a last resort use the default jail address.</para>
570 <para>This also changes the semantics of selecting the IP for
571 processes within a &man.jail.8; as it now uses the same
572 logic as outside the &man.jail.8;.</para>
574 <para>The TCP MD5 Signature Option (RFC 2385) for IPv6 has
575 been implemented in the same way it has been implemented for
578 <para>The &man.ng.netflow.4; Netgraph node now supports
579 ability to generate egress netflow instead or in addition to
580 ingress. An <literal>NGM_NETFLOW_SETCONFIG</literal> control
581 message has been added to control the new functionality.</para>
583 <para>The &man.tap.4;, Ethernet tunnel software network
584 interface now supports <literal>TAPGIFNAME</literal>
585 character device ioctl. This is a convenient shortcut to
586 obtain network interface name using file descriptor for
587 character device.</para>
589 <para>The &man.tap.4; now supports
590 <literal>SIOCSIFMTU</literal> ioctl to set a higher MTU than
591 1500 (ETHERMTU). This allows &man.tap.4; device to be added
592 to a bridge, which requires all interface members to have
593 the same MTU, with an interface configured for jumbo
596 <para>The domains list for handling the list of supported
597 domains in the &man.unix.4; (UNIX domain protocol family)
598 subsystem is now MPSAFE.</para>
602 <title>Disks and Storage</title>
604 <para>The &man.ata.4; driver now supports Marvell PATA M88SX6121.</para>
606 <para>The &man.ata.4; driver now recognizes nForce MCP67 and
607 MCP73 SATA controllers as AHCI.</para>
609 <para>The &man.ataraid.4; driver now has an initial support
610 for DDF metadata found on Adaptec HostRAID controllers.
611 Note that spares and rebuilds are not supported yet.</para>
613 <para>The &man.cam.4; SCSI subsystem now supports a sysctl
614 variable <varname>kern.cam.cd.retry_count</varname>. This
615 controls the number of retries for the CD media. When
616 trying to read scratched or damaged CDs and DVDs, the
617 default mechanism is sub-optimal, and programs like
618 <application>ddrescue</application> do much better if you
619 turn off the retries entirely since their algorithms do it
620 by themselves. This value is set to <literal>4</literal>
621 (for a total 5 attempts) by default. Setting to 0 turns off
622 all retry attempts.</para>
624 <para>A bug in the &man.ciss.4; driver which caused low
625 <quote>max device openings</quote> count that has led
626 to poor performance has been fixed.</para>
628 <para>The &man.glabel.8; GEOM class now supports a new
629 UFS-based label called <literal>ufsid</literal> that can be
630 used to reference UFS-carrying devices by the unique file
631 system ID. This file system ID is automatically generated
632 and detected when &man.glabel.8; GEOM class is enabled. An
633 example of this new label is:
634 <filename>/dev/ufsid/48e69c8b5c8e1b43</filename>. The
635 benefit of using GEOM labels in general is to avoid problems
636 of device renaming when shifting drives or
639 <para>The &man.gjournal.8; GEOM class now supports the root
640 file system. Previously, an unclean shutdown would make it
641 impossible to mount root file system at boot.</para>
643 <para>The &man.gpart.8; utility has been updated. The APM
644 scheme now supports Tivo Series 1 partitions (read only), a
645 new EBR scheme to support Extended Boot Records has been
646 added, the BSD scheme now support bootcode, and bugs in PC98
647 and VTOC8 scheme have been fixed.</para>
649 <para>An issue in the &man.gvinum.8; with access permissions
650 to underlying disks used by a gvinum plex has been fixed.
651 If the plex is a raid5 plex and is being written to, parity data might
652 have to be read from the underlying disks, requiring them to be opened for
653 reading as well as writing.</para>
655 <para>The &man.hptmv.4; driver has been updated to version
656 1.16 from the vendor.</para>
658 <para>The &man.mmc.4; and &man.mmcsd.4; driver now support MMC
659 and SDHC cards, high speed timing, wide bus, and multiblock
662 <para arch="sparc64">The &man.mpt.4; driver is now in the
663 <filename>GENERIC</filename> kernel.</para>
665 <para>The &man.sdhci.4; driver has been added. This supports
666 PCI devices with class 8 and subclass 5 according to SD Host
667 Controller Specification.</para>
669 <para>The &man.sdhci.4; driver now supports kernel dumping and
670 a sysctl variable <varname>hw.sdhci.debug</varname> for debug
673 <para>The &man.twa.4; driver now supports 64-bit DMA.</para>
675 <para>The &man.mmc.4; &man.mmcsd.4;, and &man.sdhci.4; driver
676 are now included as a kernel module.</para>
680 <title>File Systems</title>
682 <para>The semantics of &man.acl.3; extended access control
683 list has been changed as follows:</para>
687 <para>The inode modification time (mtime) is not updated
688 when extended attribute are added, modified, or removed.</para>
692 <para>The inode access time (atime) is not updated
693 when extended attribute are queried.</para>
697 <para>The &os; NFS file system now supports a sysctl variable
698 <varname>vfs.nfs.prime_access_cache</varname> to determine
699 whether or not <function>nfs_getattr()</function> will use
700 an ACCESS RPC to prime the access cache instead of a simple
701 GETATTR RPC. This is because on many NFS servers an ACCESS
702 RPC is much more expensive to service than a GETATTR RPC for
703 files in an NFSv3 mount. The sysctl variable is enabled by
704 default to maintain the previous behavior.</para>
706 <para>The &os; UDF file system now supports a fifo.</para>
708 <para>The shared vnode locking for pathname lookups in
709 &man.VFS.9; subsystem has been improved. This is disabled
710 by default. Setting a sysctl variable
711 <varname>vfs.lookup_shared</varname> to <literal>1</literal>
712 enables it for better performance. Note that the
713 <literal>LOOKUP_SHARED</literal> kernel option equivalent to
714 the sysctl variable has been removed.</para>
718 <sect2 id="userland">
719 <title>Userland Changes</title>
721 <para>A bug in the &man.atacontrol.8; utility which prevents it
722 from working when <filename>/usr</filename> is not mounted or
723 invoked from <filename>/rescue</filename>, has been
726 <para>The &man.btpand.8; daemon from NetBSD has been added.
727 This daemon provides support for Bluetooth Network Access
728 Point (NAP), Group Ad-hoc Network (GN) and Personal Area
729 Network User (PANU) profiles.</para>
731 <para>The &man.ncal.1; utility now supports multibyte
734 <para>The &man.config.8; utility now supports
735 multiple <varname>makeoption</varname> lines.</para>
737 <para>The &man.csup.1; utility now supports CVSMode to fetch a
738 complete CVS repository. Note that the rsync transfer mode is
739 currently disabled.</para>
741 <para>The &man.dirname.1; utility now accepts multiple arguments
742 in the same way that &man.basename.1; does.</para>
744 <para>The &man.du.1; utility now supports an <option>-l</option>
745 flag. When specified, the &man.du.1; counts a file with
746 multiple hard links as multiple different files.</para>
748 <para>The &man.du.1; utility now supports an <option>-A</option> flag
749 to display the apparent size instead of the disk usage. This can be
750 helpful when operating on compressed volumes or sparse files.</para>
752 <para>The &man.du.1; utility now supports a <option>-B
753 <replaceable>blocksize</replaceable></option> option to
754 calculate block counts in blocksize byte blocks. This is
755 different from the <option>-k</option> or <option>-m</option>
756 options or setting <varname>BLOCKSIZE</varname> and gives an
757 estimate of how much space the examined file hierarchy would
758 require on a file system with the given
759 <replaceable>blocksize</replaceable>. Unless in
760 <option>-A</option> mode, <replaceable>blocksize</replaceable>
761 is rounded up to the next multiple of 512.</para>
763 <para>The &man.dumpfs.8; utility now supports an
764 <option>-f</option> flag, which causes it to list all free
765 fragments in the file system by fragment (block) number. This
766 new mode does the necessary arithmetic to generate absolute
767 fragment numbers rather than the cg-relative numbers printed
768 in the default mode.</para>
770 <para>If <option>-f</option> is passed once, contiguous fragment
771 ranges are collapsed into an X-Y format as free block lists
772 are currently printed in regular dumpfs output. If specified
773 twice, all block numbers are printed individually, allowing
774 both compact and more script-friendly representation.</para>
776 <para>The &man.fetch.1; utility now supports an
777 <option>-i</option> flag which supports If-Modified-Since HTTP
778 1.1 request. If specified it will cause the file to be
779 downloaded only if it is more recent than the mtime of the
780 file. Also, <application>libfetch</application> now accepts
781 the mtime in the url structure and a flag to indicate when
782 this behavior is desired.</para>
784 <para>The &man.fsck.8; utility now supports a
785 <option>-C</option> flag for <literal>check clean</literal>
786 mode. This checks if the file system was dismounted cleanly
787 first and then skip file system checks if true. Otherwise it
788 does full checks.</para>
790 <para>The &man.fsck.8; utility now supports a
791 <option>-D</option> flag for damaged recovery mode, which will
792 enable certain aggressive operations that can make
793 &man.fsck.8; to survive with file systems that has very
794 serious data damage. This is a useful last resort when on
795 disk data damage is very serious and causes &man.fsck.8; to
796 crash otherwise.</para>
798 <para>The &man.getaddrinfo.3; function now supports SCTP.</para>
800 <para>A bug was fixed in the &man.ipfw.8; utility which displays
801 extra messages for a NAT rule even when a <option>-q</option>
802 flag is specified.</para>
804 <para>The &man.ln.1; utility now supports a <option>-w</option>
805 flag to check if the source file actually exists. When the
806 flag is specified and the file does not exist, &man.ln.1; will
807 issue a warning message.</para>
809 <para>The &man.make.1; utility now supports a
810 <option>-p</option> flag to print the input graph only, not
811 executing any commands. The output is the same as <option>-d
812 g1</option>. When combined with <option>-f
813 /dev/null</option>, only the built-in rules of make are
816 <para>The &man.make.1; utility now supports a
817 <option>-Q</option> flag to cause file banners not to be
818 generated in addition to the same effect of a
819 <option>-q</option> flag when a <option>-j</option> option is
822 <para>The &man.make.1; utility now supports the
823 <varname>.MAKE.JOB.PREFIX</varname> variable. If
824 <option>-j</option> and <option>-v</option> are specified, it
825 outputs for each target is prefixed with a token <literal>---
826 <replaceable>target</replaceable> ---</literal> the first part
827 of which can be controlled via the variable.</para>
829 <para>The &man.make.1; utility now supports
830 <varname>.MAKE.PID</varname> and <varname>.MAKE.PPID</varname>
831 variable. These are set to process ID of the &man.make.1;
832 process and one of its parent process respectively.</para>
834 <para>The &man.makefs.8; utility to create a file system image
835 from a directory tree has been added.</para>
837 <para>The &man.mergemaster.8; utility now supports an
838 <option>-F</option> option to automatically install files that
839 differ only in version control ID strings.</para>
841 <para>The &man.mount.8; utility now supports an <option>-o
842 mountprog=<replaceable>/somewhere/mount_xxx</replaceable></option>
843 option to force it to use the specified program to mount the
844 file system instead of calling &man.nmount.2; directly. This
845 is useful when you want to use third party programs such as
846 FUSE, for example.</para>
848 <para>The &man.netstat.1; utility now reports &man.unix.4;
849 sockets listen queue statistics when an <option>-L</option>
850 flag is specified.</para>
852 <para>A bug in the &man.netstat.1; utility has been fixed. It
853 crashed with the following options in the previous
856 <screen>&prompt.user; netstat -m -N foo</screen>
858 <para>A bug in the &man.netstat.1; utility has been fixed. The
859 <option>-ss</option> option now works in the icmp6 section as
862 <para>The &man.pciconf.8; utility now supports a
863 <option>-b</option> flag, which lists any base address
864 registers (BAR) that are assigned resources for each
867 <para>The &man.powerd.8; program has been improved. Changes
868 include reasonable CPU load estimation on SMP systems and a
869 new mode named as <literal>hiadaptive</literal> for AC-powered
870 systems which rises frequency twice faster, drops it 4 times
871 slower, prefers twice lower CPU load and has additional delay
872 before leaving the highest frequency after the period of
875 <para>The &man.stat.1; utility now displays an octal
876 representation of suid, sgid and sticky bits when an
877 <option>-x</option> flag is specified.</para>
879 <para>The &man.strndup.3; function has been added.</para>
881 <para>The &man.wc.1; utility now supports an <option>-L</option>
882 flag to output the number of characters in the longest input
885 <para>A bug in the &man.rpc.yppasswdd.8; program which leaves a
886 zombie process when a password or default shell is changed has
890 <sect3 id="rc-scripts">
891 <title><filename>/etc/rc.d</filename> Scripts</title>
899 <title>Contributed Software</title>
901 <para><application>ISC BIND</application> has been updated to
902 version 9.4.3-P2.</para>
904 <para>The timezone database has been updated from
905 the <application>tzdata2008h</application> release to
906 the <application>tzdata2009f</application> release.</para>
910 <title>Ports/Packages Collection Infrastructure</title>
912 <para>A bug in &man.pkg.create.1; which prevents the
913 <option>-n</option> flag from working has been fixed.</para>
915 <para>The &os; Ports Collection now supports multiple
916 &man.make.1; jobs in some supported ports. This is
917 automatically enabled when a port is marked as
918 <varname>MAKE_JOBS_SAFE</varname> and improves CPU utilization
919 at the build stage by passing an option
920 <option>-j<replaceable>X</replaceable></option> to the top
921 level <filename>Makefile</filename> from the vendor. The
922 number <replaceable>X</replaceable> is set to the number of
923 CPUs by default, and can be set by users via a &man.make.1;
924 variable <varname>MAKE_JOBS_NUMBER</varname>. For more
925 details, see <filename>ports/Mk/bsd.port.mk</filename>.</para>
929 <title>Release Engineering and Integration</title>
931 <para>The supported version of
932 the <application>GNOME</application> desktop environment
933 (<filename role="package">x11/gnome2</filename>) has been
934 updated from 2.22 to 2.26.</para>
936 <para>The supported version of
937 the <application>KDE</application> desktop environment has
938 been updated from 3.5.10 (<filename
939 role="package">x11/kde3</filename>) to 4.2.2 (<filename
940 role="package">x11/kde4</filename>).</para>
945 <title>Documentation</title>
953 <title>Upgrading from previous releases of &os;</title>
955 <para arch="amd64,i386">Beginning with &os; 6.2-RELEASE, binary
956 upgrades between RELEASE versions (and snapshots of the various
957 security branches) are supported using the
958 &man.freebsd-update.8; utility. The binary upgrade procedure
959 will update unmodified userland utilities, as well as unmodified
960 GENERIC or SMP kernels distributed as a part of an official &os;
961 release. The &man.freebsd-update.8; utility requires that the
962 host being upgraded have Internet connectivity.</para>
964 <para>An older form of binary upgrade is supported through the
965 <command>Upgrade</command> option from the main
966 &man.sysinstall.8; menu on CDROM distribution media. This type
967 of binary upgrade may be useful on non-&arch.i386;,
968 non-&arch.amd64; machines or on systems with no Internet
971 <para>Source-based upgrades (those based on recompiling the &os;
972 base system from source code) from previous versions are
973 supported, according to the instructions in
974 <filename>/usr/src/UPDATING</filename>.</para>
977 <para>Upgrading &os; should, of course, only be attempted after
978 backing up <emphasis>all</emphasis> data and configuration