1 <!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook V4.1-Based Extension//EN" [
2 <!ENTITY % articles.ent PUBLIC "-//FreeBSD//ENTITIES DocBook FreeBSD Articles Entity Set//EN">
5 <!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN">
11 <title>&os; &release.current; Release Notes</title>
13 <corpauthor>The &os; Project</corpauthor>
15 <pubdate>$FreeBSD$</pubdate>
19 <holder role="mailto:doc@FreeBSD.org">The &os; Documentation Project</holder>
22 <legalnotice id="trademarks" role="trademarks">
32 <para>The release notes for &os; &release.current; contain a summary
33 of the changes made to the &os; base system on the
34 &release.branch; development line.
35 This document lists applicable security advisories that were issued since
36 the last release, as well as significant changes to the &os;
38 Some brief remarks on upgrading are also presented.</para>
43 <title>Introduction</title>
45 <para>This document contains the release notes for &os;
47 describes recently added, changed, or deleted features of &os;.
48 It also provides some notes on upgrading
49 from previous versions of &os;.</para>
51 <![ %release.type.current [
53 <para>The &release.type; distribution to which these release notes
54 apply represents the latest point along the &release.branch; development
55 branch since &release.branch; was created. Information regarding pre-built, binary
56 &release.type; distributions along this branch
57 can be found at <ulink url="&release.url;"></ulink>.</para>
61 <![ %release.type.snapshot [
63 <para>The &release.type; distribution to which these release notes
64 apply represents a point along the &release.branch; development
65 branch between &release.prev; and the future &release.next;.
67 pre-built, binary &release.type; distributions along this branch
68 can be found at <ulink url="&release.url;"></ulink>.</para>
72 <![ %release.type.release [
74 <para>This distribution of &os; &release.current; is a
75 &release.type; distribution. It can be found at <ulink
76 url="&release.url;"></ulink> or any of its mirrors. More
77 information on obtaining this (or other) &release.type;
78 distributions of &os; can be found in the <ulink
79 url="&url.books.handbook;/mirrors.html"><quote>Obtaining
80 &os;</quote> appendix</ulink> to the <ulink
81 url="&url.books.handbook;/">&os;
82 Handbook</ulink>.</para>
86 <para>All users are encouraged to consult the release errata before
87 installing &os;. The errata document is updated with
88 <quote>late-breaking</quote> information discovered late in the
89 release cycle or after the release. Typically, it contains
90 information on known bugs, security advisories, and corrections to
91 documentation. An up-to-date copy of the errata for &os;
92 &release.current; can be found on the &os; Web site.</para>
97 <title>What's New</title>
99 <para>This section describes the most user-visible new or changed
100 features in &os; since &release.prev;.</para>
102 <para>Typical release note items document recent security
103 advisories issued after &release.prev;, new drivers or hardware
104 support, new commands or options, major bug fixes, or
105 contributed software upgrades. They may also list changes to
106 major ports/packages or release engineering practices. Clearly
107 the release notes cannot list every single change made to &os;
108 between releases; this document focuses primarily on security
109 advisories, user-visible changes, and major architectural
112 <sect2 id="security">
113 <title>Security Advisories</title>
115 <para>Problems described in the following security advisories have
116 been fixed. For more information, consult the individual
117 advisories available from
118 <ulink url="http://security.FreeBSD.org/"></ulink>.</para>
120 <informaltable frame="none" pgwide="0">
122 <colspec colwidth="1*">
123 <colspec colwidth="1*">
124 <colspec colwidth="3*">
127 <entry>Advisory</entry>
135 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-10:08.bzip2.asc"
136 >SA-10:08.bzip2</ulink></entry>
137 <entry>20 September 2010</entry>
138 <entry><para>Integer overflow in bzip2 decompression</para></entry>
140 <!-- XXX: not for 8.2
142 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-10:09.pseudofs.asc"
143 >SA-10:09.pseudofs</ulink></entry>
144 <entry>10 October 2010</entry>
145 <entry><para>Spurious mutex unlock</para></entry>
149 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-10:10.openssl.asc"
150 >SA-10:10.openssl</ulink></entry>
151 <entry>29 November 2010</entry>
152 <entry><para>OpenSSL multiple vulnerabilities</para></entry>
160 <title>Kernel Changes</title>
162 <para arch="ia64" revision="209326">The maximum number of pages
163 used for DMA bounce buffer pool has been increased from 256 to
166 <para arch="powerpc" revision="209765">The default value of
167 <varname>kern.hz</varname> has been increased from 100 to
170 <para arch="powerpc" revision="209767">The SMP kernel now works on
171 MPC7400-based Apple desktop machines such as
174 <para arch="powerpc" revision="211593">&os;/powerpc now supports
175 DMA bounce buffer which is required on systems with larger RAM
178 <para arch="amd64" revision="214620">&os;/amd64 now always sets
179 the KVA space as equal to or larger than physical memory size.
180 The default size was calculated based on one-third of the
181 physical memory size by a code derived from one for i386. It
182 has been changed because constraints for memory space are not
183 severe on amd64 and this change would help to prevent a
184 <quote>kmem_map too small</quote> panic which often occurs
185 when using ZFS.</para>
187 <para arch="amd64,i386" revision="214621">CPU topology detection
188 for Intel CPUs has been improved.</para>
190 <para arch="amd64,i386" revision="214784">The qpi(4) pseudo bus
191 driver has been added. This supports extra PCI buses on Intel
192 QPI chipsets where various hardware such as memory controllers
193 for each socket is connected.</para>
195 <para arch="amd64,ia64,i386" revision="215006">The &man.acpi.4;
196 driver now uses ACPI Reset Register capability by default only
197 when a flag in the FADT which indicates it is available. This
198 behavior was controlled by a &man.sysctl.8; variable
199 <varname>hw.acpi.handle_reboot</varname> and the default value
200 was always set to <literal>0</literal>.</para>
202 <para revision="209692">The &man.ddb.8; kernel debugger now
203 supports an optional delay in <command>reset</command> and
204 <command>reboot</command> commands. This allows an
205 administrator to break the system into debugger and trigger
206 automatic textdump when an unattended panic occurs.</para>
208 <para revision="212230">The &man.ddb.8; kernel debugger now
209 supports a <command>show cdev</command> command. This
210 displays the list of all created cdev's, consisting of devfs
211 node name and struct cdev address.</para>
213 <para revision="214326">The &os; <filename>GENERIC</filename>
214 kernel is now compiled with <option>KDB</option> and
215 <option>KDB_TRACE</option> options. From 8.2-RELEASE the
216 kernel supports displaying a stack trace on panic by using
217 &man.stack.9; facility with no debugger backend like
218 &man.ddb.8;. Note that this does not change the default
219 behaviors of the <filename>GENERIC</filename> kernel on
222 <para revision="213554,213556,213560">The following
223 &man.sysctl.8; variables are also now loader tunables:
224 <varname>vm.kmem_size</varname>,
225 <varname>vm.kmem_size_max</varname>, and
226 <varname>vm.kmem_size_min</varname>,
227 <varname>debug.kdb.stop_cpus</varname>,
228 <varname>debug.trace_on_panic</varname>, and
229 <varname>kern.sync_on_panic</varname>. Also, new
230 &man.sysctl.8; variables <varname>vm.kmem_map_size</varname>
231 for the current kmem map size and
232 <varname>vm.kmem_map_free</varname> for largest contiguous
233 free range in kmem map, <varname>vfs.ncsizefactor</varname>
234 for size factor for namecache, and
235 <varname>vfs.ncnegfactor</varname> for ratio of negative
236 namecache entries have been added.</para>
238 <para revision="212427">The &os; &man.memguard.9; framework has
239 been improved to make it able to detect use-after-free of
240 allocated memories over a longer time. For more details, see
241 &man.memguard.9; manual page.</para>
243 <para revision="214254">The &os; &man.crypto.4; framework
244 (opencrypto) now supports XTS-AES (XEX-TCB-CTS, or XEX-based
245 Tweaked Code Book mode with CipherText Stealing), which is
246 defined in IEEE Std. 1619-2007.</para>
249 <title>Boot Loader Changes</title>
251 <para revision="213994">&os; now fully supports GPT (GUID
252 Partition Table). Checksums of primary header and primary
253 partition table are verified properly now.</para>
255 <para revision="212717">The &man.pxeboot.8; now uses NFS
256 version 3 instead of version 2 by default.</para>
260 <title>Hardware Support</title>
262 <para revision="210476">The &man.aibs.4; driver has been
263 added. This supports the hardware sensors in ASUS
264 motherboards and replaces the &man.acpi.aiboost.4;
267 <para revision="211914">The &man.coretemp.4; driver now supports
268 Xeon 5500/5600 series.</para>
270 <para revision="209952">The &man.ichwd.4; driver
271 now supports Intel NM10 Express chipset watchdog
274 <para revision="215036">The &man.tpm.4; driver, which supports
275 Trusted Platform Module has been added.</para>
278 <title>Multimedia Support</title>
280 <para>The &os; Linux emulation subsystem now supports
281 video4linux API. This requires native video4linux
282 hardware drivers such as ones which<filename
283 role="ports">multimedia/pwc</filename> and <filename
284 role="ports">multimedia/webcamd</filename> provide.</para>
288 <title>Network Interface Support</title>
290 <para revision="212021">The &man.alc.4; driver now supports
291 Atheros AR8151/AR8152 PCIe Gigabit/Fast Ethernet
294 <para revision="215003">A bug in the &man.alc.4; driver
295 which can lead to a system freeze when the system is
296 booted without a cable plugged in. The symptom was found
297 in AR8132 on EEE PC.</para>
299 <para revision="212011">The TX interrupt moderation timer in
300 the &man.alc.4; driver has been reduced from 50ms to 1ms.
301 The 50ms timer resulted in a poor UDP performance.</para>
303 <para revision="214297,214298,214301">The &man.axe.4; driver
304 has been improved for stability and better performance on
305 the TX packet rate.</para>
307 <para revision="211379">The &man.bce.4; driver now supports
310 <para revision="214997">The &man.bge.4; driver now supports
311 BCM5718 family. This family is the successor to the
312 BCM5714/BCM5715 family and supports IPv4/IPv6 checksum
313 offloading, TSO, VLAN hardware tagging, jumbo frames,
314 MSI/MSIX, IOV, RSS and TSS. The current version of the
315 driver supports all hardware features except IOV and
318 <para revision="211367">A bug in the &man.bge.4; driver which
319 prevents TSO in BCM57780 from working has been
322 <para revision="214700">A bug in the &man.bge.4; driver
323 which can wrongly disable the TX checksum offloading
324 feature as well when one tries only the RX checksum
325 offloading has been fixed.</para>
327 <para revision="214714">Some improvements for reliability of
328 the &man.bge.4; driver with BCM5906 or BCM6906 controller
329 has been added.</para>
331 <para revision="213109">UDP checksum offloading in the
332 &man.bge.4; driver has been disabled by default. This is
333 because Broadcom controllers have a bug which can generate
334 UDP datagrams with checksum value <literal>0</literal>
335 when TX UDP checksum offloading is enabled. The checksum
336 offloading can be enabled by using the following loader
339 <programlisting>dev.bge.<replaceable>N</replaceable>.forced_udpcsum</programlisting>
341 <para revision="213593">A bug in the &man.bge.4; driver
342 which can lead poor performance on a system with RAM
343 larger than 4GB has been fixed. The cause was that all of
344 Broadcom controllers except for BCM5755 and later has 4GB
345 boundary DMA bug and the inefficient use of bounce
348 <para revision="212275">The &man.bwi.4; driver, which supports
349 Broadcom BCM430* and BCM431* family Wireless Ethernet
350 controllers, has been added. This is not compiled into
351 the <filename>GENERIC</filename> kernel because there are
352 some problems. The kernel module
353 <filename>if_bwi.ko</filename> is available and can be
354 loaded without recompiling the kernel to enable this
357 <para revision="212274">A bug in the &man.bwn.4; driver which
358 prevents WPA authentication from working has been
361 <para revision="211848">The &man.cxgb.4; driver now supports
362 the following new &man.sysctl.8; variables:
363 <varname>hw.cxgb.nfilters</varname> sets the maximum
364 number of entries in the hardware filter table,
365 <varname>dev.cxgbc.<replaceable>N</replaceable>.pkt_timestamp</varname>
366 provides packet timestamp instead of connection hash, and
367 <varname>dev.cxgbc.<replaceable>N</replaceable>.core_clock</varname>
368 provides the core clock frequency in kHz.</para>
370 <para>The &man.em.4; driver has been updated to version
373 <para>The &man.igb.4; driver has been updated to version
376 <para revision="209309">The &man.em.4; and &man.igb.4; drivers
377 now provide statistics counters as &man.sysctl.8; MIB
380 <para revision="211241">The &man.em.4; and &man.igb.4; drivers
381 now support &man.led.4; interface via
382 <filename>/dev/led/em<replaceable>N</replaceable></filename>
384 <filename>/dev/led/igb<replaceable>N</replaceable></filename>
385 for identification LED control. The following command
386 line makes the LED blink on <literal>em0</literal>:</para>
388 <screen>&prompt.root; echo f2 > /dev/led/em0</screen>
390 <para revision="212386">The &man.ixgbe.4;
391 driver is now also provided as a kernel module.</para>
393 <para revision="212150">The &man.epair.4; virtual Ethernet
394 interface driver now supports explicit UP/DOWN linkstate.
395 This fixes an issue when it is used with the &man.carp.4;
398 <para revision="214717">The &man.fxp.4; driver now supports
399 TSO over VLAN on i82550 and i82551 controllers.</para>
401 <para revision="210673">The &man.iwn.4; driver now supports
402 Intel Wireless WiFi Link 6000 series. The firmware has
403 been updated to version 9.221.4.1.</para>
405 <para revision="209308">The &man.ixgbe.4; driver has been
406 updated to version 2.2.1. It now supports 82599, better
407 interrupt handling, hardware assist to LRO, and so
410 <para revision="212386">The &man.mwlfw.4;
411 driver is now also provided as a kernel module.</para>
413 <para revision="215218">The &man.re.4; driver now supports
414 64-bit DMA addressing for RTL810xE/RTL8168/RTL8111 PCIe
417 <para revision="211377">The &man.rl.4; driver now supports WoL
418 (Wake on LAN) on RTL8139B or newer controllers.</para>
420 <para revision="215222">The &man.rl.4; driver now supports
421 reading hardware statistics counters by setting a
422 &man.sysctl.8; variable
423 <varname>dev.re.<replaceable>N</replaceable>.stats</varname>
424 to <literal>1</literal>.</para>
426 <para revision="212039">The &man.rl.4; driver now supports a
427 device hint to change a way of register access. Although
428 some newer RTL8139 controllers support memory-mapped
429 register access, it is difficult to detect the support
430 automatically. For this reason the driver uses I/O
431 mapping by default and provides the following device hint.
432 If it is set to <literal>0</literal>, the driver uses
433 memory mapping for register access.</para>
435 <programlisting>hint.rl.<replaceable>N</replaceable>.prefer_iomap="0"</programlisting>
437 <para>Note that the default value is <literal>1</literal>.</para>
439 <para revision="214407">The man.rl.4; driver has been
440 improved on interrupt handling. It now has better TX
441 performance under high RX load.</para>
443 <para revision="215216">A bug in the &man.sk.4; driver has
444 been fixed. It did not program the station address for
445 Yukon controllers and overriding the station address with
446 &man.ifconfig.8; was not possible.</para>
448 <para revision="211359">The &man.sk.4; driver now disable TX
449 checksum offloading by default. This is because some
450 revision of Yukon controller generates corrupted frames.
451 The checksum offloading can be enabled manually by using
452 <option>txcsum</option> option in the &man.ifconfig.8;
455 <para revision="212468,213612,213628">The &man.sis.4; driver
456 now works on all supported platforms. Some stability and
457 performance issues have also been fixed.</para>
459 <para revision="213637">The &man.sis.4; driver now supports
460 WoL (Wake on LAN) on NS DP8315 controller.</para>
462 <para revision="213626">A tunable
463 <varname>dev.sis.<replaceable>N</replaceable>.manual_pad</varname>
464 for the &man.sis.4; driver has been added. This controls
465 whether padding with 0x00 for short frames by software,
466 not the controller. The reason why this tunable has been
467 added is that NS DP83815/DP83816 pads them with 0xff
468 though RFC 1042 specifies it should be 0x00. The tunable
469 is disabled by default, which means padding with 0xff is
470 used because padding with 0x00 by software needs extra CPU
471 cycles. Setting a non-zero value enables the software
474 <para revision="211357">The &man.ste.4; driver now supports a
475 device hint to change a way of register access. Although
476 it uses memory-mapped register access by default, some old
477 IC Plus Corp (formerly Sundace) controllers are found
478 unstable. The following device hint makes the driver use
479 I/O mapping for register access:</para>
481 <programlisting>hint.ste.<replaceable>N</replaceable>.prefer_iomap="1"</programlisting>
483 <para revision="213120">The &man.xl.4; driver now supports
484 WoL (Wake on LAN). Note that not all controllers support
485 this functionality and some need an additional remote
490 <sect3 id="net-proto">
491 <title>Network Protocols</title>
493 <para revision="209783">The &man.altq.4; support is now provided
494 as a kernel module <filename>alq.ko</filename>.</para>
496 <para revision="212738">A bug in the &man.ipfw.4; packet
497 filter subsystem has been fixed. The &man.sysctl.8; variable
498 <varname>net.inet.ip.fw.one_pass</varname> did not work for
499 <literal>netgraph</literal> action.</para>
501 <para revision="215342">A new loader tunable
502 <varname>net.link.ifqmaxlen</varname> has been added. It
503 specifies the default value of send interface queue length.
504 The default value for this parameter is
505 <varname>50</varname>.</para>
507 <para revision="212742">A <literal>ngtee</literal> action in
508 the &man.ipfw.4; packet filter subsystem has been changed.
509 It no longer accepts a packet.</para>
511 <para revision="214108">A possible panic in the &man.ipfw.4;
512 pseudo interface for logging has been fixed.</para>
514 <para revision="209691">IPsec flow distribution has been
515 improved for more parallel processing.</para>
517 <para revision="209277">A bug in &os; IPv4 stack that a proxy
518 ARP entry cannot be added over &man.netgraph.4; interfaces
519 has been fixed.</para>
521 <para revision="211435">A bug in &os; IPv6 stack which prevents
522 an <option>-I</option> in the &man.ping6.8; utility from
524 <varname>net.inet6.ip6.use_defaultzone=1</varname> has been
527 <para revision="214111">The &man.lagg.4; interface now
528 supports a &man.sysctl.8; variable
529 <varname>net.link.lagg.failover_rx_all</varname>. This
530 controls whether to accept input packets on any link in a
531 failover lagg.</para>
533 <para revision="209843">A new &man.netgraph.4; node
534 &man.ng.patch.4; has been added. This performs data
535 modification of packets passing through. Modifications are
536 restricted to a subset of C language operations on unsigned
537 integers of 8, 16, 32 or 64-bit size.</para>
539 <para revision="212320">The &man.ng.ether.4; &man.netgraph.4;
540 node now supports interface transfer between multiple virtual
541 network stacks by &man.ifconfig.8; <command>vnet</command>
542 command. A &man.ng.ether.4; node associated with an network
543 interface is now destroyed and recreated when the network
544 interface is moved to another vnet.</para>
546 <para revision="212905">An ICMP unreachable problem in the
547 &man.pf.4; packet filter subsystem when TSO support is
548 enabled has been fixed.</para>
550 <para revision="211538">A TCP bandwidth delay product window
551 limiting algorithm by a &man.sysctl.8; variable
552 <varname>net.inet.tcp.inflight.enable</varname> is now
553 disabled by default. It has been found that this algorithm
554 is inefficient on a fast network with smaller RTT than 10ms.
555 It had been enabled by default since 5.2-RELEASE, and then
556 had been disabled only if the RTT was lesser than 10ms since
557 7.0-RELEASE. Pluggable TCP congestion control algorithm
558 modules are planned to be added for the future
561 <para revision="211602">A bug in &os; TCP Path MTU discovery
562 which can lead to a wrong calculation for a smaller MTU than
563 256 octets has been fixed. Note that this bug does not
564 affect when MTU is equal to or larger than 256
567 <para revision="211870">The TCP initial window increase in RFC
568 3390 which can be controlled by a &man.sysctl.8; variable
569 <varname>net.inet.tcp.rfc3390</varname> now reduces the
570 congestion window to the restart window if a TCP connection
571 has been idle for one retransmit timeout or more. For more
572 details, see RFC 5681 Section 4.1.</para>
574 <para revision="214859">The &man.siftr.4;, Statistical
575 Information For TCP Research (SIFTR) kernel module has been
576 added. This is a facility that logs a range of statistics
577 on active TCP connections to a log file. It provides the
578 ability to make highly granular measurements of TCP
579 connection state, aimed at system administrators, developers
580 and researchers.</para>
582 <para revision="212319">&os; virtual network stack (vnet) now
583 supports IPv4 multicast routing.</para>
587 <title>Disks and Storage</title>
589 <para revision="211458">The &man.ahci.4; driver now disables NCQ
590 and PMP support on VIA VT8251 because they are unreliable
593 <para revision="211718">The &man.ahci.4; driver now uses 15
594 seconds for device reset timeout instead of 10 seconds
595 because some devices needs 10-12 seconds to spin up.</para>
597 <para revision="210836">The &man.arcmsr.4; driver
598 has been updated to version 1.20.00.17.</para>
600 <para revision="215173">The &man.ada.4; driver now supports a
601 now &man.sysctl.8; variable
602 <varname>kern.cam.ada.spindown_shutdown</varname> which
603 controls whether or not to spin-down disks when shutting
604 down if the device supports the functionality. The default
605 value is <literal>1</literal>.</para>
607 <para revision="210164">The &man.ata.4; driver
608 now supports limiting initial ATA mode for devices via
610 <varname>hint.<replaceable>devname</replaceable>.<replaceable>unit</replaceable>.dev<replaceable>N</replaceable
612 <varname>hint.<replaceable>devname</replaceable>.<replaceable>unit</replaceable>.mode</varname>.
613 The valid values are the same as ones supported in the
614 &man.atacontrol.8; and &man.camcontrol.8;.</para>
616 <para revision="210204">The &man.ata.4; driver
617 now enables cable status check on both of controller and
619 <varname>hw.ata.ata_dma_check_80pin</varname> is
622 <para revision="213291">An issue of device detection of
623 Serverworks K2 SATA controllers in the &man.ata.4; has been fixed.</para>
625 <para revision="214667">A bug in the &man.ata.4; driver which
626 prevents some Silicon Image chipsets from working on big
627 endian systems has been fixed.</para>
629 <para revision="214330">The &man.gconcat.8; GEOM class now
630 supports kernel crash dump. The dumping is performed to the
631 component where a dump partition begins.</para>
633 <para revision="214405">A bug in the &man.geli.8; GEOM class
634 on little endian platforms has been fixed. The metadata
635 version has been updated to <literal>4</literal> due to
638 <para revision="214405">The &man.geli.8; GEOM class now
639 supports a &man.sysctl.8; variable
640 <varname>kern.geom.eli.overwrites</varname>. This specifies
641 the number of times on-disk keys should be overwritten when
642 destroying them. The default value is
643 <literal>5</literal>.</para>
645 <para revision="214405">The &man.geli.8; GEOM class has been
646 improved for preventing the same encryption key from being
647 used in 2^20 blocks (sectors).</para>
649 <para revision="214405">The &man.geli.8; GEOM class now uses
650 XTS-AES mode by default.</para>
652 <para revision="214405">A &man.sysctl.8; variable
653 <varname>kern.geom.eli.debug</varname> now allows a value
654 <literal>-1</literal>. This means turn off any log messages
655 of the &man.geli.8; GEOM class.</para>
657 <para revision="210376">The &man.mpt.4; driver now supports
658 larger I/O sizes which the device and &man.CAM.4; subsystem
659 can support. This was limited to 64KB, and the number of
660 scatter/gather segments was limited to 33 on platforms with
663 <para revision="209404">The &man.twa.4;
664 driver has been updated. The version number is
669 <title>File Systems</title>
671 <para revision="214050">The &man.linprocfs.5; Linux process
672 file system now supports
673 <filename>proc/$$/environment</filename>.</para>
675 <para revision="212716">The &os; NFS client now supports a
676 kernel environment variable
677 <varname>boot.nfsroot.nfshandlelen</varname>. This lets the
678 diskless root file system on boot to use NFS version 3 and
679 the specified file handle length. If this variable is not
680 set, NFS version 2 is used.</para>
682 <para revision="212668">The ZFS on-disk format has been updated
683 to version 15.</para>
685 <para revision="212671">The ZFS metaslab code has been updated.
686 This provides a noticeable improvement on write speed,
687 especially on pools with less than 30% of free space. The
688 related OpenSolaris Bug IDs are 6826241, 6869229, 6918420,
691 <para revision="214013">The ZFS now supports offlining of log
692 devices. The related OpenSolaris Bug IDs are 6599442,
693 6726045, and 6803605.</para>
695 <para revision="212672">Performance improvements for the ZFS
696 have been imported from OpenSolaris. They include caching of
697 ACL permission checks, faster handling of &man.stat.2;,
698 mitigation of mutex lock contention. The related
699 OpenSolaris Bug IDs are 6802734, 6844861, 6848431, 6775100,
700 6827779, 6857433, 6860318, 6865875, 6867395, 6868276, and
703 <para revision="210541">The default value of
704 <varname>vfs.zfs.vdev.max_pending</varname> has been
705 decreased from 35 to 10 (OpenSolaris Bug ID is 6891731) to
706 improve latency.</para>
708 <para>Various bugs in the ZFS subsystem have been fixed. The
709 related OpenSolaris Bug IDs are: 6328632, 6396518, 6501037,
710 6504953, 6542860, 6551866, 6572357, 6572376, 6582163,
711 6586537, 6595194, 6596237, 6604992, 6621164, 6623978,
712 6633095, 6635482, 6664765, 6674216, 6696242, 6696858,
713 6702206, 6710376, 6713916, 6717022, 6722540, 6722991,
714 6737463, 6739487, 6739553, 6740164, 6745863, 6747596,
715 6747698, 6748436, 6755435, 6757430, 6758107, 6759986,
716 6759999, 6761100, 6761406, 6764124, 6765294, 6767129,
717 6769612, 6770866, 6774713, 6774886, 6775697, 6776104,
718 6776548, 6780491, 6784104, 6784108, 6785914, 6788152,
719 6788830, 6789318, 6790064, 6790345, 6790687, 6791064,
720 6791066, 6791071, 6791101, 6792134, 6792139, 6792884,
721 6793430, 6794136, 6794570, 6794830, 6797109, 6797118,
722 6798384, 6798878, 6799895, 6800184, 6800942, 6801507,
723 6801810, 6803343, 6803822, 6804954, 6807339, 6807765,
724 6809340, 6809683, 6809691, 6810367, 6815592, 6815893,
725 6816124, 6818183, 6821169, 6821170, 6822816, 6824006,
726 6824062, 6824968, 6826466, 6826468, 6826469, 6826470,
727 6826471, 6826472, 6827260, 6830237, 6830541, 6833162,
728 6833711, 6833999, 6834217, 6836714, 6836768, 6838062,
729 6838344, 6841321, 6843014, 6843069, 6843235, 6844069,
730 6844900, 6847229, 6848242, 6856634, 6857012, 6861983,
731 6862984, 6863610, 6870564, 6880764, 6882227, 6892298,
732 6898245, 6906110, 6906946, 6939941, 6950219, 6951024, and
737 <sect2 id="userland">
738 <title>Userland Changes</title>
740 <para revision="209267">The &man.arp.8; utility has been improved.
741 It now runs faster even when a single interface has a number
744 <para revision="214729">A bug in the &man.b64decode.1; which
745 prevents an <option>-r</option> option from handling arbitrary
746 breaks in a base64 encoded string has been fixed.</para>
748 <para revision="211723">The &man.calendar.1; utility now supports
749 repeating events which span multiple years, lunar events, and
752 <para revision="210915">The &man.dhclient.8; utility now reports a
753 reason for exiting and the 10-second period in which the
754 &man.dhclient.8; ignores routing messages has been changed to
755 start just after <filename>dhclient-script</filename> starts
756 instead of just after it finished. This change fixes a
757 symptom that &man.dhclient.8; silently exits under a certain
760 <para revision="214983">Userland support for the &man.dtrace.1;
761 subsystem has been added. This allows inspection of userland
762 software itself and its correlation with the kernel, thus
763 allowing a much better picture of what exactly is going on
764 behind the scenes. The &man.dtruss.1; utility has been added
765 and the <filename>libproc</filename> has been updated to
766 support the facility.</para>
768 <para revision="209362">The &man.du.1; utility now supports a
769 <option>-t <replaceable>threshold</replaceable></option>
770 option to display entries that exceeds the value of
771 <replaceable>threshold</replaceable>. If the value is
772 negative, it displays entries with a value less than the
773 absolute value of <replaceable>threshold</replaceable>.</para>
775 <para revision="210567">The &man.gcore.1; utility now supports an
776 <option>-f</option> flag which forces a full dump of all the
777 segments except for the malformed ones.</para>
779 <para revision="214405">The &man.geli.8; utility now supports
780 <command>resize</command> subcommand to resize encrypted file
781 systems prior to growing it</para>
783 <para revision="214405">The &man.geli.8; utility now supports
784 <command>suspend</command> and <command>resume</command>
785 subcommands. The <command>suspend</command> subcommand makes
786 &man.geli.8; devices wait for all in-flight I/O requests,
787 suspend new I/O requests, remove all &man.geli.8; sensitive
788 data from the kernel memory (like encryption keys) and will
789 wait for either <command>geli resume</command> or
790 <command>geli detach</command> command. For more
791 information, see &man.geli.8; manual page.</para>
793 <para revision="214405">The &man.geli.8; utility now checks the
794 metadata provider size strictly. If the check fails, the
795 provider is not attached. A new option <option>-f</option>
796 can override this behavior.</para>
798 <para revision="214405">The &man.geli.8; utility now supports
799 <option>-J <replaceable>newpassfile</replaceable></option> and
800 <option>-j <replaceable>passfile</replaceable></option>
801 options for loading passphrease from a file.</para>
803 <para revision="211938">The <function>gethost*()</function>,
804 <function>getnet*()</function>, and
805 <function>getproto*()</function> functions now set the errno
806 to <literal>ERANGE</literal> and the NSS backend terminates
807 with <literal>NS_RETURN</literal> when the result buffer size
810 <para revision="209497">The &man.gpart.8; utility now supports
811 <command>resize</command> command to resize partitions for all
812 schemes but EBR.</para>
814 <para revision="213661">The &man.gpart.8; utility now handles
815 given geom/provider names with and without
816 <filename>/dev/</filename> prefix.</para>
818 <para revision="213684">The &man.gpart.8; utility now supports
819 an <option>-F</option> option for <command>force</command>
820 subcommand. This option force destroying of the partition
821 table even if it is not empty.</para>
823 <para revision="213684">The &man.gpart.8; utility now supports a
824 <command>recover</command> subcommand for GPT partition
825 tables. A corrupted GPT is now marked when the following
826 three types of corruption:</para>
830 <para>Primary GPT header or table is corrupted.</para>
834 <para>Secondary GPT header or table is corrupted.</para>
838 <para>Secondary GPT header is not located at the last LBA.</para>
842 <para>Any changes to the corrupted GPT table is not allowed
843 except for <command>destroy</command> and
844 <command>recover</command> subcommands./para>
846 <para revision="213994">The &man.gpart.8; utility now supports
847 <literal>GPT_ENT_ATTR_BOOTME</literal>,
848 <literal>GPT_ENT_ATTR_BOOTONCE</literal>, and
849 <literal>GPT_ENT_ATTR_BOOTFAILED</literal> attributes in GPT.
850 The attribute keywords in the command line are
851 <literal>bootme</literal>, <literal>bootonce</literal>, and
852 <literal>bootfailed</literal> respectively.</para>
854 <para revision="213049">The &man.hastd.8; utility now supports
855 <literal>SIGHUP</literal> for reloading the configuration
856 file. When <literal>SIGTERM</literal> or
857 <literal>SIGINT</literal> is received, the worker processes
860 <para revision="212144">The &man.ifconfig.8; utility now check an
861 invalid CIDR subnet notation more strictly. It wrongly
862 accepted <literal>10.0.0.1/10.0.0.1</literal> as
863 <literal>10.0.0.1/10</literal>.</para>
865 <para revision="209284">Incorrect behaviors in stuttering
866 sequences and reverse ranges in the &man.jot.1; utility have
869 <para revision="213667">The <filename>libarchive</filename> and
870 &man.tar.1; utility now support LZMA (Lempel-Ziv-Markov
871 chain-Algorithm) compression format.</para>
873 <para revision="215229">The &man.tar.1; utility now supports a
874 blocksize which is up to <literal>8192</literal> (4MB) in the
875 <option>-b <replaceable>blocksize</replaceable></option>
878 <para revision="214442">A bug in the &man.lpr.1; utility which
879 prevents it from working with some files on a ZFS file system
880 has been fixed.</para>
882 <para revision="213978">The <option>-p</option> option in the
883 &man.mount.8; utility now displays <literal>rw</literal> mount
884 option correctly as in the &man.fstab.5; format.</para>
886 <para revision="213889">The &man.ncal.1; utility has been
887 updated. The option <option>-b</option> has been replaced
888 with <option>-C</option> and <option>-B
889 <replaceable>number</replaceable></option>. Options
890 <option>-3</option> to show previous, this and next month, and
891 <option>-A <replaceable>number</replaceable></option> to show
892 months after this month have been added. The option
893 <option>-m <replaceable>N</replaceable>
894 <replaceable>YYYY</replaceable></option> now prints only the
895 month, not the whole year.</para>
897 <para revision="211699">The &man.newsyslog.8; utility now supports
898 an <option>-S <replaceable>pidfile</replaceable></option>
899 option to override the default &man.syslogd.8; PID
902 <para revision="213980">The &man.ntpd.8; utility is now compiled
903 with shared memory reference clock driver. For example, GPS
904 devices can be used as source of precise time via <filename
905 role="ports">astro/gpsd</filename> in the Ports
908 <para revision="212848">An off-by-one error in the &man.pax.1;
909 utility when ustar file name is too long has been
912 <para revision="209912">The &man.pkill.1; utility now supports
913 an <option>-l</option> option which the &man.kill.1; utility
916 <para revision="211098">The &man.pmcstat.8; utility now supports a
917 file and a network socket as a top source. A new option
918 <option>-O <replaceable>filename</replaceable></option>
919 specifies to send log output to
920 <replaceable>filename</replaceable>, and another new option
921 <option>-R <replaceable>filename</replaceable></option>
922 specifies to receive events from
923 <replaceable>filename</replaceable>. For a socket, the
924 <replaceable>filename</replaceable> is in a form of
925 <replaceable>ipaddr:port</replaceable>. This allows top
926 monitoring over TCP on a system with no local symbols, for
929 <para revision="210089">The &man.pom.6; utility now
930 supports a <option>-p</option> flag to print only the
933 <para revision="212472">The &man.powerd.8; utility now supports
934 an <option>-m <replaceable>freq</replaceable></option> and
935 <option>-M <replaceable>freq</replaceable></option> to control
936 the minimum and maximum frequency, respectively.</para>
938 <para revision="213825">The &man.ruptime.1; utility now displays
939 hostnames longer than 12 characters.</para>
941 <para revision="215066">A <option>-u nounset</option> option in
942 the &man.sh.1; program now handles expansion of positional and
943 special variables $@, $*, and $!.</para>
945 <para revision="210616">A bug in the &man.sh.1; program has been
946 fixed. A <literal>SIGINT</literal> signal is now passed
947 through from a child process if the shell is interactive and
948 the job control is enabled. For example, aborting
949 &man.sleep.1; command by Ctrl-C no longer display
950 <literal>ok</literal> in the following command line:</para>
952 <screen>&prompt.user; sleep 5; echo ok</screen>
954 <para revision="210732">The &man.sh.1; program now supports a
955 <command>bg</command> command consisting solely of
956 redirections. For example:</para>
958 <screen>&prompt.user; < /dev/null &</screen>
960 <para revision="211536">The &man.sleep.1; utility now supports
961 <literal>SIGINFO</literal> signal and reports the specified
962 sleep time and the remaining time.</para>
964 <para revision="213036,213038">The &man.tftp.1; and &man.tftpd.8;
965 utilities have been improved for better interoperability and
966 they now supports RFC 1350, 2347, 2348, 2349, and 3617.</para>
968 <para revision="213899">A bug in <literal>[=]=]</literal>
969 equivalent class handling in the &man.tr.1; utility has been
972 <para revision="210566">The &man.uname.1; utility now supports an
973 <option>-o</option> flag as a synonym for the
974 <option>-s</option> flag for compatibility with other
977 <para revision="211060">Bugs in &man.vi.1; utility have been
978 fixed. They include handling of <literal>^@</literal> and
979 <literal>^C</literal> in insert mode when reading an ex
982 <para revision="214345">The &man.watchdogd.8; program now set
983 <literal>MADV_PROTECT</literal> memory flag onto themselves to
984 protect from being terminated by the &os; kernel when
985 available memory becomes short. This kind of process
986 termination happens in a swap-intensive workload.</para>
988 <para revision="209870">The <command>set sharenfs</command>
989 command in the &man.zfs.8; utility now supports
990 <option>sec</option> option.</para>
992 <sect3 id="periodic-scripts">
993 <title><filename>/etc/periodic</filename> Scripts</title>
995 <para>A periodic script for <command>zfs scrub</command> has
996 been added. For more details, see &man.periodic.conf.5;
999 <para>A periodic script which can be used to find installed
1000 ports' files with mismatched checksum has been added. For more
1001 details, see &man.periodic.conf.5;</para>
1004 <sect3 id="rc-scripts">
1005 <title><filename>/etc/rc.d</filename> Scripts</title>
1011 <sect2 id="contrib">
1012 <title>Contributed Software</title>
1016 <para>The <application>ACPI-CA</application> has been updated to
1019 <para>The <application>awk</application> has been updated from
1020 the 23 October 2007 release to the 26 November 2009 release.</para>
1022 <para revision="214287">The &man.ee.1; program has been updated
1023 to version 1.5.2.</para>
1025 <para><application>ISC BIND</application> has been updated to
1026 version 9.6-ESV-R2.</para>
1028 <para><application>netcat</application> has been updated to
1031 <para><application>OpenSSH</application> has been updated from
1032 version 5.1p1 to version 5.4p1.</para>
1034 <para><application>OpenSSL</application> has been updated to
1035 version 0.9.8n.</para>
1037 <para><application>sendmail</application> has been updated to
1038 version 8.14.4.</para>
1040 <para>The timezone database has been updated to the
1041 <application>tzdata2010o</application> release.</para>
1045 <title>Release Engineering and Integration</title>
1047 <para revision="211007">The &man.sysinstall.8; utility now uses
1048 the following numbers for default and minimum partition sizes:
1049 1GB for <filename>/</filename>, 4GB for
1050 <filename>/var</filename>, and 1GB for
1051 <filename>/tmp</filename>.</para>
1053 <para revision="211009">The &man.sysinstall.8; utility now
1054 attempts to enable &man.getty.8; on a serial port when no VGA
1055 card on the system.</para>
1057 <para>The supported version of
1058 the <application>GNOME</application> desktop environment
1059 (<filename role="package">x11/gnome2</filename>) has been
1060 updated to 2.32.1.</para>
1062 <para>The supported version of
1063 the <application>KDE</application> desktop environment
1064 (<filename role="package">x11/kde4</filename>) has been
1065 updated to 4.5.5.</para>
1069 <sect1 id="upgrade">
1070 <title>Upgrading from previous releases of &os;</title>
1072 <para arch="amd64,i386">Upgrades between RELEASE versions (and
1073 snapshots of the various security branches) are supported using
1074 the &man.freebsd-update.8; utility. The binary upgrade
1075 procedure will update unmodified userland utilities, as well as
1076 unmodified GENERIC kernel distributed as a part of an
1077 official &os; release. The &man.freebsd-update.8; utility
1078 requires that the host being upgraded has Internet
1079 connectivity.</para>
1081 <para>An older form of binary upgrade is supported through the
1082 <command>Upgrade</command> option from the main
1083 &man.sysinstall.8; menu on CDROM distribution media. This type
1084 of binary upgrade may be useful on non-&arch.i386;,
1085 non-&arch.amd64; machines or on systems with no Internet
1086 connectivity.</para>
1088 <para>Source-based upgrades (those based on recompiling the &os;
1089 base system from source code) from previous versions are
1090 supported, according to the instructions in
1091 <filename>/usr/src/UPDATING</filename>.</para>
1094 <para>Upgrading &os; should, of course, only be attempted after
1095 backing up <emphasis>all</emphasis> data and configuration