1 <!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook V4.1-Based Extension//EN" [
2 <!ENTITY % articles.ent PUBLIC "-//FreeBSD//ENTITIES DocBook FreeBSD Articles Entity Set//EN">
5 <!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN">
11 <title>&os; &release.current; Release Notes</title>
13 <corpauthor>The &os; Project</corpauthor>
15 <pubdate>$FreeBSD$</pubdate>
19 <holder role="mailto:doc@FreeBSD.org">The &os; Documentation Project</holder>
22 <legalnotice id="trademarks" role="trademarks">
32 <para>The release notes for &os; &release.current; contain a summary
33 of the changes made to the &os; base system on the
34 &release.branch; development line.
35 This document lists applicable security advisories that were issued since
36 the last release, as well as significant changes to the &os;
38 Some brief remarks on upgrading are also presented.</para>
43 <title>Introduction</title>
45 <para>This document contains the release notes for &os;
47 describes recently added, changed, or deleted features of &os;.
48 It also provides some notes on upgrading
49 from previous versions of &os;.</para>
51 <![ %release.type.current [
53 <para>The &release.type; distribution to which these release notes
54 apply represents the latest point along the &release.branch; development
55 branch since &release.branch; was created. Information regarding pre-built, binary
56 &release.type; distributions along this branch
57 can be found at <ulink url="&release.url;"></ulink>.</para>
61 <![ %release.type.snapshot [
63 <para>The &release.type; distribution to which these release notes
64 apply represents a point along the &release.branch; development
65 branch between &release.prev; and the future &release.next;.
67 pre-built, binary &release.type; distributions along this branch
68 can be found at <ulink url="&release.url;"></ulink>.</para>
72 <![ %release.type.release [
74 <para>This distribution of &os; &release.current; is a
75 &release.type; distribution. It can be found at <ulink
76 url="&release.url;"></ulink> or any of its mirrors. More
77 information on obtaining this (or other) &release.type;
78 distributions of &os; can be found in the <ulink
79 url="&url.books.handbook;/mirrors.html"><quote>Obtaining
80 &os;</quote> appendix</ulink> to the <ulink
81 url="&url.books.handbook;/">&os;
82 Handbook</ulink>.</para>
86 <para>All users are encouraged to consult the release errata before
87 installing &os;. The errata document is updated with
88 <quote>late-breaking</quote> information discovered late in the
89 release cycle or after the release. Typically, it contains
90 information on known bugs, security advisories, and corrections to
91 documentation. An up-to-date copy of the errata for &os;
92 &release.current; can be found on the &os; Web site.</para>
97 <title>What's New</title>
99 <para>This section describes the most user-visible new or changed
100 features in &os; since &release.prev;.</para>
102 <para>Typical release note items document recent security
103 advisories issued after &release.prev;, new drivers or hardware
104 support, new commands or options, major bug fixes, or
105 contributed software upgrades. They may also list changes to
106 major ports/packages or release engineering practices. Clearly
107 the release notes cannot list every single change made to &os;
108 between releases; this document focuses primarily on security
109 advisories, user-visible changes, and major architectural
112 <sect2 id="security">
113 <title>Security Advisories</title>
115 <para>Problems described in the following security advisories have
116 been fixed. For more information, consult the individual
117 advisories available from
118 <ulink url="http://security.FreeBSD.org/"></ulink>.</para>
120 <informaltable frame="none" pgwide="0">
122 <colspec colwidth="1*">
123 <colspec colwidth="1*">
124 <colspec colwidth="3*">
127 <entry>Advisory</entry>
135 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-10:08.bzip2.asc"
136 >SA-10:08.bzip2</ulink></entry>
137 <entry>20 September 2010</entry>
138 <entry><para>Integer overflow in bzip2 decompression</para></entry>
140 <!-- XXX: not for 8.2
142 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-10:09.pseudofs.asc"
143 >SA-10:09.pseudofs</ulink></entry>
144 <entry>10 October 2010</entry>
145 <entry><para>Spurious mutex unlock</para></entry>
149 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-10:10.openssl.asc"
150 >SA-10:10.openssl</ulink></entry>
151 <entry>29 November 2010</entry>
152 <entry><para>OpenSSL multiple vulnerabilities</para></entry>
160 <title>Kernel Changes</title>
162 <para arch="ia64" revision="209326">The maximum number of pages
163 used for DMA bounce buffer pool has been increased from 256 to
166 <para arch="powerpc" revision="209765">The default value of
167 <varname>kern.hz</varname> has been increased from 100 to
170 <para arch="powerpc" revision="209767">The SMP kernel now works on
171 MPC7400-based Apple desktop machines such as
174 <para arch="powerpc" revision="211593">&os;/powerpc now supports
175 DMA bounce buffer which is required on systems with larger RAM
178 <para arch="mips" revision="215938">&os;/mips support has been
179 improved. It now supports SMP on a SWARM with a dual-core
180 Sibyte processor.</para>
182 <para arch="sparc64" revision="215598">&os;/sparc64 now supports
183 reservation-based physical memory allocation which provides
184 better performance.</para>
186 <para arch="amd64" revision="214620">&os;/amd64 now always sets
187 the KVA space as equal to or larger than physical memory size.
188 The default size was calculated based on one-third of the
189 physical memory size by a code derived from one for i386. It
190 has been changed because constraints for memory space are not
191 severe on amd64 and this change would help to prevent a
192 <quote>kmem_map too small</quote> panic which often occurs
193 when using ZFS.</para>
195 <para arch="amd64,i386" revision="214621">CPU topology detection
196 for Intel CPUs has been improved.</para>
198 <para arch="amd64,i386" revision="215513">ACPI suspend/resume
199 functionality support has been improved.</para>
201 <para arch="amd64,i386" revision="214784">The qpi(4) pseudo bus
202 driver has been added. This supports extra PCI buses on Intel
203 QPI chipsets where various hardware such as memory controllers
204 for each socket is connected.</para>
206 <para arch="amd64,i386,ia64" revision="215006">The &man.acpi.4;
207 driver now uses ACPI Reset Register capability by default only
208 when a flag in the FADT which indicates it is available. This
209 behavior was controlled by a &man.sysctl.8; variable
210 <varname>hw.acpi.handle_reboot</varname> and the default value
211 was always set to <literal>0</literal>.</para>
213 <para arch="amd64,i386,ia64" revision="215521">The &man.acpi.4;
214 driver now supports new loader tunables
215 <varname>hw.acpi.install_interface</varname> and
216 <varname>hw.acpi.remove_interface</varname>. For more
217 details, see &man.acpi.4; manual page.</para>
219 <para revision="209692">The &man.ddb.8; kernel debugger now
220 supports an optional delay in <command>reset</command> and
221 <command>reboot</command> commands. This allows an
222 administrator to break the system into debugger and trigger
223 automatic textdump when an unattended panic occurs.</para>
225 <para revision="212230">The &man.ddb.8; kernel debugger now
226 supports a <command>show cdev</command> command. This
227 displays the list of all created cdev's, consisting of devfs
228 node name and struct cdev address.</para>
230 <para revision="214326">The &os; <filename>GENERIC</filename>
231 kernel is now compiled with <option>KDB</option> and
232 <option>KDB_TRACE</option> options. From 8.2-RELEASE the
233 kernel supports displaying a stack trace on panic by using
234 &man.stack.9; facility with no debugger backend like
235 &man.ddb.8;. Note that this does not change the default
236 behaviors of the <filename>GENERIC</filename> kernel on
239 <para revision="213554,213556,213560">The following
240 &man.sysctl.8; variables are also now loader tunables:
241 <varname>vm.kmem_size</varname>,
242 <varname>vm.kmem_size_max</varname>, and
243 <varname>vm.kmem_size_min</varname>,
244 <varname>debug.kdb.stop_cpus</varname>,
245 <varname>debug.trace_on_panic</varname>, and
246 <varname>kern.sync_on_panic</varname>. Also, new
247 &man.sysctl.8; variables <varname>vm.kmem_map_size</varname>
248 for the current kmem map size and
249 <varname>vm.kmem_map_free</varname> for largest contiguous
250 free range in kmem map, <varname>vfs.ncsizefactor</varname>
251 for size factor for namecache, and
252 <varname>vfs.ncnegfactor</varname> for ratio of negative
253 namecache entries have been added.</para>
255 <para revision="212427">The &os; &man.memguard.9; framework has
256 been improved to make it able to detect use-after-free of
257 allocated memories over a longer time. For more details, see
258 &man.memguard.9; manual page.</para>
260 <para revision="214254">The &os; &man.crypto.4; framework
261 (opencrypto) now supports XTS-AES (XEX-TCB-CTS, or XEX-based
262 Tweaked Code Book mode with CipherText Stealing), which is
263 defined in IEEE Std. 1619-2007.</para>
265 <para arch="amd64" revision="215788">Xen HVM support in
266 &os;/amd64 kernel has been improved. For more details, see
267 &man.xen.4; manual page.</para>
270 <title>Boot Loader Changes</title>
272 <para revision="213994">&os; now fully supports GPT (GUID
273 Partition Table). Checksums of primary header and primary
274 partition table are verified properly now.</para>
276 <para arch="powerpc" revision="215919,215920">Memory
277 management issues which prevents &os; OpenFirmware loader
278 and netbooting from working have been fixed.</para>
280 <para revision="212717">The &man.pxeboot.8; now uses NFS
281 version 3 instead of version 2 by default.</para>
285 <title>Hardware Support</title>
287 <para arch="amd64,i386" revision="215633">The &man.aesni.4;
288 driver, which supports AES accelerator on Intel CPUs has
289 been added. This accelerates AES operations for
290 &man.crypto.4;.</para>
292 <para arch="amd64,i386" revision="210476">The &man.aibs.4;
293 driver has been added. This supports the hardware sensors
294 in ASUS motherboards and replaces the &man.acpi.aiboost.4;
297 <para arch="amd64,i386" revision="211914">The &man.coretemp.4;
298 driver now supports Xeon 5500/5600 series.</para>
300 <para arch="powerpc" revision="215694">&os;/powerpc now
301 supports I2C bus in Apple System Management Unit.</para>
303 <para arch="powerpc" revision="215695">A device driver which
304 supports CPU temperature sensors on PowerMac 11,2 has been
307 <para revision="215482">The &man.ehci.4;, &man.ohci.4;, and
308 &man.uhci.4; driver now support LOW speed BULK transfer
311 <para arch="amd64,i386" revision="209952">The &man.ichwd.4;
312 driver now supports Intel NM10 Express chipset watchdog
315 <para revision="215036">The &man.tpm.4; driver, which supports
316 Trusted Platform Module has been added.</para>
318 <para revision="215944">The xhci(4) driver, which supports
319 Extensible Host Controller Interface (xHCI) and USB 3.0 has
323 <title>Multimedia Support</title>
325 <para>The &os; Linux emulation subsystem now supports
326 video4linux API. This requires native video4linux
327 hardware drivers such as ones which<filename
328 role="ports">multimedia/pwc</filename> and <filename
329 role="ports">multimedia/webcamd</filename> provide.</para>
331 <para revision="215483">MIDI input buffer size in the
332 &man.uaudio.4; driver has been changed. This fixes a
333 problem where the input appears several seconds
336 <para revision="215484">An issue in the &man.uaudio.4;
337 driver which prevents some USB audio devices from working
338 has been fixed.</para>
342 <title>Network Interface Support</title>
344 <para revision="212021">The &man.alc.4; driver now supports
345 Atheros AR8151/AR8152 PCIe Gigabit/Fast Ethernet
348 <para revision="215003">A bug in the &man.alc.4; driver
349 which can lead to a system freeze when the system is
350 booted without a cable plugged in. The symptom was found
351 in AR8132 on EEE PC.</para>
353 <para revision="212011">The TX interrupt moderation timer in
354 the &man.alc.4; driver has been reduced from 50ms to 1ms.
355 The 50ms timer resulted in a poor UDP performance.</para>
357 <para revision="214297,214298,214301">The &man.axe.4; driver
358 has been improved for stability and better performance on
359 the TX packet rate.</para>
361 <para revision="214997">The &man.bge.4; driver now supports
362 BCM5718 family. This family is the successor to the
363 BCM5714/BCM5715 family and supports IPv4/IPv6 checksum
364 offloading, TSO, VLAN hardware tagging, jumbo frames,
365 MSI/MSIX, IOV, RSS and TSS. The current version of the
366 driver supports all hardware features except IOV and
369 <para revision="211367">A bug in the &man.bge.4; driver which
370 prevents TSO in BCM57780 from working has been
373 <para revision="214700">A bug in the &man.bge.4; driver
374 which can wrongly disable the TX checksum offloading
375 feature as well when one tries only the RX checksum
376 offloading has been fixed.</para>
378 <para revision="214714">Some improvements for reliability of
379 the &man.bge.4; driver with BCM5906 or BCM6906 controller
380 has been added.</para>
382 <para revision="213109">UDP checksum offloading in the
383 &man.bge.4; driver has been disabled by default. This is
384 because Broadcom controllers have a bug which can generate
385 UDP datagrams with checksum value <literal>0</literal>
386 when TX UDP checksum offloading is enabled. The checksum
387 offloading can be enabled by using the following loader
390 <programlisting>dev.bge.<replaceable>N</replaceable>.forced_udpcsum</programlisting>
392 <para revision="213593">A bug in the &man.bge.4; driver
393 which can lead poor performance on a system with RAM
394 larger than 4GB has been fixed. The cause was that all of
395 Broadcom controllers except for BCM5755 and later has 4GB
396 boundary DMA bug and the inefficient use of bounce
399 <para revision="212275">The &man.bwi.4; driver, which supports
400 Broadcom BCM430* and BCM431* family Wireless Ethernet
401 controllers, has been added. This is not compiled into
402 the <filename>GENERIC</filename> kernel because there are
403 some problems. The kernel module
404 <filename>if_bwi.ko</filename> is available and can be
405 loaded without recompiling the kernel to enable this
408 <para revision="212274">A bug in the &man.bwn.4; driver which
409 prevents WPA authentication from working has been
412 <para revision="215499">A bug in the &man.cdce.4; driver has
415 <para revision="211848">The &man.cxgb.4; driver now supports
416 the following new &man.sysctl.8; variables:
417 <varname>hw.cxgb.nfilters</varname> sets the maximum
418 number of entries in the hardware filter table,
419 <varname>dev.cxgbc.<replaceable>N</replaceable>.pkt_timestamp</varname>
420 provides packet timestamp instead of connection hash, and
421 <varname>dev.cxgbc.<replaceable>N</replaceable>.core_clock</varname>
422 provides the core clock frequency in kHz.</para>
424 <para>The &man.em.4; driver has been updated to version
427 <para>The &man.igb.4; driver has been updated to version
430 <para revision="209309">The &man.em.4; and &man.igb.4; drivers
431 now provide statistics counters as &man.sysctl.8; MIB
434 <para revision="211241">The &man.em.4; and &man.igb.4; drivers
435 now support &man.led.4; interface via
436 <filename>/dev/led/em<replaceable>N</replaceable></filename>
438 <filename>/dev/led/igb<replaceable>N</replaceable></filename>
439 for identification LED control. The following command
440 line makes the LED blink on <literal>em0</literal>:</para>
442 <screen>&prompt.root; echo f2 > /dev/led/em0</screen>
444 <para revision="212150">The &man.epair.4; virtual Ethernet
445 interface driver now supports explicit UP/DOWN linkstate.
446 This fixes an issue when it is used with the &man.carp.4;
449 <para revision="214717">The &man.fxp.4; driver now supports
450 TSO over VLAN on i82550 and i82551 controllers.</para>
452 <para revision="210673">The &man.iwn.4; driver now supports
453 Intel Wireless WiFi Link 6000 series. The firmware has
454 been updated to version 9.221.4.1.</para>
456 <para revision="212386">The &man.ixgbe.4;
457 driver is now also provided as a kernel module.</para>
459 <para revision="209308,215970,217593">The &man.ixgbe.4;
460 driver has been updated to version 2.3.8. It now supports
461 82599, better interrupt handling, hardware assist to LRO,
462 VM SRIOV interface, and so on.</para>
464 <para revision="211379,215881,216023,216029,216031">The
465 &man.miibus.4; has been rewritten for the generic IEEE
466 802.3 annex 31B full duplex flow control support. The
467 &man.alc.4; &man.bge.4;, &man.bce.4;, &man.jme.4;,
468 &man.msk.4;, &man.nfe.4;, &man.re.4;, and &man.stge.4;
469 drivers along with brgphy(4), e1000phy(4), ip1000phy(4),
470 atphy(4), bmtphy(4), gentbi(4), inphy(4), jmphy(4),
471 nsgphy(4), nsphyter(4), and &man.rgephy.4; have been
472 updated to support flow control via this facility./para>
474 <para revision="212386">The &man.mwlfw.4;
475 driver is now also provided as a kernel module.</para>
477 <para revision="216054">A bug in the &man.mxge.4; driver
478 which prevents TSO from working has been fixed.</para>
480 <para revision="215456">The &man.nfe.4; driver now supports
481 WoL (Wake on LAN).</para>
483 <para revision="215218">The &man.re.4; driver now supports
484 64-bit DMA addressing for RTL810xE/RTL8168/RTL8111 PCIe
487 <para revision="215405">The &man.re.4; driver now supports
488 hardware interrupt moderation of TX completion interrupt
489 on RTL8169/RTL8169 controllers.</para>
491 <para revision="211377">The &man.rl.4; driver now supports WoL
492 (Wake on LAN) on RTL8139B or newer controllers.</para>
494 <para revision="215222">The &man.rl.4; driver now supports
495 reading hardware statistics counters by setting a
496 &man.sysctl.8; variable
497 <varname>dev.re.<replaceable>N</replaceable>.stats</varname>
498 to <literal>1</literal>.</para>
500 <para revision="212039">The &man.rl.4; driver now supports a
501 device hint to change a way of register access. Although
502 some newer RTL8139 controllers support memory-mapped
503 register access, it is difficult to detect the support
504 automatically. For this reason the driver uses I/O
505 mapping by default and provides the following device hint.
506 If it is set to <literal>0</literal>, the driver uses
507 memory mapping for register access.</para>
509 <programlisting>hint.rl.<replaceable>N</replaceable>.prefer_iomap="0"</programlisting>
511 <para>Note that the default value is <literal>1</literal>.</para>
513 <para revision="214407">The &man.rl.4; driver has been
514 improved on interrupt handling. It now has better TX
515 performance under high RX load.</para>
517 <para revision="217861">The &man.run.4; driver, which is
518 from OpenBSD and supports Ralink RT2700U/RT2800U/RT3000U
519 USB 802.11agn devices has been added.</para>
521 <para revision="215216">A bug in the &man.sk.4; driver has
522 been fixed. It did not program the station address for
523 Yukon controllers and overriding the station address with
524 &man.ifconfig.8; was not possible.</para>
526 <para revision="211359">The &man.sk.4; driver now disable TX
527 checksum offloading by default. This is because some
528 revision of Yukon controller generates corrupted frames.
529 The checksum offloading can be enabled manually by using
530 <option>txcsum</option> option in the &man.ifconfig.8;
533 <para revision="212468,213612,213628">The &man.sis.4; driver
534 now works on all supported platforms. Some stability and
535 performance issues have also been fixed.</para>
537 <para revision="213637">The &man.sis.4; driver now supports
538 WoL (Wake on LAN) on NS DP8315 controller.</para>
540 <para revision="213626">A tunable
541 <varname>dev.sis.<replaceable>N</replaceable>.manual_pad</varname>
542 for the &man.sis.4; driver has been added. This controls
543 whether padding with 0x00 for short frames by software,
544 not the controller. The reason why this tunable has been
545 added is that NS DP83815/DP83816 pads them with 0xff
546 though RFC 1042 specifies it should be 0x00. The tunable
547 is disabled by default, which means padding with 0xff is
548 used because padding with 0x00 by software needs extra CPU
549 cycles. Setting a non-zero value enables the software
552 <para revision="211357">The &man.ste.4; driver now supports a
553 device hint to change a way of register access. Although
554 it uses memory-mapped register access by default, some old
555 IC Plus Corp (formerly Sundace) controllers are found
556 unstable. The following device hint makes the driver use
557 I/O mapping for register access:</para>
559 <programlisting>hint.ste.<replaceable>N</replaceable>.prefer_iomap="1"</programlisting>
561 <para revision="213120">The &man.xl.4; driver now supports
562 WoL (Wake on LAN). Note that not all controllers support
563 this functionality and some need an additional remote
568 <sect3 id="net-proto">
569 <title>Network Protocols</title>
571 <para revision="209783">The &man.altq.4; support is now provided
572 as a kernel module <filename>alq.ko</filename>.</para>
574 <para revision="212738,216348">A bug in the &man.ipfw.4;
575 packet filter subsystem has been fixed. The &man.sysctl.8;
576 variable <varname>net.inet.ip.fw.one_pass</varname> did not
577 work for <literal>netgraph</literal> action and in-kernel
580 <para revision="215342">A new loader tunable
581 <varname>net.link.ifqmaxlen</varname> has been added. It
582 specifies the default value of send interface queue length.
583 The default value for this parameter is
584 <varname>50</varname>.</para>
586 <para revision="212742">A <literal>ngtee</literal> action in
587 the &man.ipfw.4; packet filter subsystem has been changed.
588 It no longer accepts a packet.</para>
590 <para revision="214108">A possible panic in the &man.ipfw.4;
591 pseudo interface for logging has been fixed.</para>
593 <para revision="209691">IPsec flow distribution has been
594 improved for more parallel processing.</para>
596 <para revision="209277">A bug in &os; IPv4 stack that a proxy
597 ARP entry cannot be added over &man.netgraph.4; interfaces
598 has been fixed.</para>
600 <para revision="211435">A bug in &os; IPv6 stack which prevents
601 an <option>-I</option> in the &man.ping6.8; utility from
603 <varname>net.inet6.ip6.use_defaultzone=1</varname> has been
606 <para revision="214111">The &man.lagg.4; interface now
607 supports a &man.sysctl.8; variable
608 <varname>net.link.lagg.failover_rx_all</varname>. This
609 controls whether to accept input packets on any link in a
610 failover lagg.</para>
612 <para revision="215869">The &man.ng.eiface.4; &man.netgraph.4;
613 node now supports VLAN-compatible MTU and an MTU size which
614 is larger than 1500.</para>
616 <para revision="212320">The &man.ng.ether.4; &man.netgraph.4;
617 node now supports interface transfer between multiple virtual
618 network stacks by &man.ifconfig.8; <command>vnet</command>
619 command. A &man.ng.ether.4; node associated with an network
620 interface is now destroyed and recreated when the network
621 interface is moved to another vnet.</para>
623 <para revision="209843">A new &man.netgraph.4; node
624 &man.ng.patch.4; has been added. This performs data
625 modification of packets passing through. Modifications are
626 restricted to a subset of C language operations on unsigned
627 integers of 8, 16, 32 or 64-bit size.</para>
629 <para revision="212905">An ICMP unreachable problem in the
630 &man.pf.4; packet filter subsystem when TSO support is
631 enabled has been fixed.</para>
633 <para revision="211538">A TCP bandwidth delay product window
634 limiting algorithm by a &man.sysctl.8; variable
635 <varname>net.inet.tcp.inflight.enable</varname> is now
636 disabled by default. It has been found that this algorithm
637 is inefficient on a fast network with smaller RTT than 10ms.
638 It had been enabled by default since 5.2-RELEASE, and then
639 had been disabled only if the RTT was lesser than 10ms since
640 7.0-RELEASE. Pluggable TCP congestion control algorithm
641 modules are planned to be added for the future
644 <para revision="211602">A bug in &os; TCP Path MTU discovery
645 which can lead to a wrong calculation for a smaller MTU than
646 256 octets has been fixed. Note that this bug does not
647 affect when MTU is equal to or larger than 256
650 <para revision="211870">The TCP initial window increase in RFC
651 3390 which can be controlled by a &man.sysctl.8; variable
652 <varname>net.inet.tcp.rfc3390</varname> now reduces the
653 congestion window to the restart window if a TCP connection
654 has been idle for one retransmit timeout or more. For more
655 details, see RFC 5681 Section 4.1.</para>
657 <para revision="214859">The &man.siftr.4;, Statistical
658 Information For TCP Research (SIFTR) kernel module has been
659 added. This is a facility that logs a range of statistics
660 on active TCP connections to a log file. It provides the
661 ability to make highly granular measurements of TCP
662 connection state, aimed at system administrators, developers
663 and researchers.</para>
665 <para revision="212319">&os; virtual network stack (vnet) now
666 supports IPv4 multicast routing.</para>
670 <title>Disks and Storage</title>
672 <para revision="211458">The &man.ahci.4; driver now disables NCQ
673 and PMP support on VIA VT8251 because they are unreliable
676 <para revision="211718">The &man.ahci.4; driver now uses 15
677 seconds for device reset timeout instead of 10 seconds
678 because some devices needs 10-12 seconds to spin up.</para>
680 <para revision="215825">The &man.arcmsr.4; driver
681 has been updated to version 1.20.00.19.</para>
683 <para revision="215173">The &man.ada.4; driver now supports a
684 now &man.sysctl.8; variable
685 <varname>kern.cam.ada.spindown_shutdown</varname> which
686 controls whether or not to spin-down disks when shutting
687 down if the device supports the functionality. The default
688 value is <literal>1</literal>.</para>
690 <para revision="210164">The &man.ata.4; driver
691 now supports limiting initial ATA mode for devices via
693 <varname>hint.<replaceable>devname</replaceable>.<replaceable>unit</replaceable>.dev<replaceable>N</replaceable
695 <varname>hint.<replaceable>devname</replaceable>.<replaceable>unit</replaceable>.mode</varname>.
696 The valid values are the same as ones supported in the
697 &man.atacontrol.8; and &man.camcontrol.8;.</para>
699 <para revision="210204">The &man.ata.4; driver
700 now enables cable status check on both of controller and
702 <varname>hw.ata.ata_dma_check_80pin</varname> is
705 <para revision="213291">An issue of device detection of
706 Serverworks K2 SATA controllers in the &man.ata.4; has been fixed.</para>
708 <para revision="214667">A bug in the &man.ata.4; driver which
709 prevents some Silicon Image chipsets from working on big
710 endian systems has been fixed.</para>
712 <para revision="214330">The &man.gconcat.8; GEOM class now
713 supports kernel crash dump. The dumping is performed to the
714 component where a dump partition begins.</para>
716 <para revision="214405">A bug in the &man.geli.8; GEOM class
717 on little endian platforms has been fixed. The metadata
718 version has been updated to <literal>4</literal> due to
721 <para revision="214405">The &man.geli.8; GEOM class now
722 supports a &man.sysctl.8; variable
723 <varname>kern.geom.eli.overwrites</varname>. This specifies
724 the number of times on-disk keys should be overwritten when
725 destroying them. The default value is
726 <literal>5</literal>.</para>
728 <para revision="214405">The &man.geli.8; GEOM class has been
729 improved for preventing the same encryption key from being
730 used in 2^20 blocks (sectors).</para>
732 <para revision="214405">The &man.geli.8; GEOM class now uses
733 XTS-AES mode by default.</para>
735 <para revision="214405">A &man.sysctl.8; variable
736 <varname>kern.geom.eli.debug</varname> now allows a value
737 <literal>-1</literal>. This means turn off any log messages
738 of the &man.geli.8; GEOM class.</para>
740 <para revision="210376">The &man.mpt.4; driver now supports
741 larger I/O sizes which the device and &man.CAM.4; subsystem
742 can support. This was limited to 64KB, and the number of
743 scatter/gather segments was limited to 33 on platforms with
746 <para revision="209404">The &man.twa.4;
747 driver has been updated. The version number is
752 <title>File Systems</title>
754 <para revision="214050">The &man.linprocfs.5; Linux process
755 file system now supports
756 <filename>proc/$$/environment</filename>.</para>
758 <para revision="212716">The &os; NFS client now supports a
759 kernel environment variable
760 <varname>boot.nfsroot.nfshandlelen</varname>. This lets the
761 diskless root file system on boot to use NFS version 3 and
762 the specified file handle length. If this variable is not
763 set, NFS version 2 is used.</para>
765 <para revision="212668">The ZFS on-disk format has been updated
766 to version 15.</para>
768 <para revision="212671">The ZFS metaslab code has been updated.
769 This provides a noticeable improvement on write speed,
770 especially on pools with less than 30% of free space. The
771 related OpenSolaris Bug IDs are 6826241, 6869229, 6918420,
774 <para revision="214013">The ZFS now supports offlining of log
775 devices. The related OpenSolaris Bug IDs are 6599442,
776 6726045, and 6803605.</para>
778 <para revision="212672">Performance improvements for the ZFS
779 have been imported from OpenSolaris. They include caching of
780 ACL permission checks, faster handling of &man.stat.2;,
781 mitigation of mutex lock contention. The related
782 OpenSolaris Bug IDs are 6802734, 6844861, 6848431, 6775100,
783 6827779, 6857433, 6860318, 6865875, 6867395, 6868276, and
786 <para revision="210541">The default value of
787 <varname>vfs.zfs.vdev.max_pending</varname> has been
788 decreased from 35 to 10 (OpenSolaris Bug ID is 6891731) to
789 improve latency.</para>
791 <para>Various bugs in the ZFS subsystem have been fixed. The
792 related OpenSolaris Bug IDs are: 6328632, 6396518, 6501037,
793 6504953, 6542860, 6551866, 6572357, 6572376, 6582163,
794 6586537, 6595194, 6596237, 6604992, 6621164, 6623978,
795 6633095, 6635482, 6664765, 6674216, 6696242, 6696858,
796 6702206, 6710376, 6713916, 6717022, 6722540, 6722991,
797 6737463, 6739487, 6739553, 6740164, 6745863, 6747596,
798 6747698, 6748436, 6755435, 6757430, 6758107, 6759986,
799 6759999, 6761100, 6761406, 6764124, 6765294, 6767129,
800 6769612, 6770866, 6774713, 6774886, 6775697, 6776104,
801 6776548, 6780491, 6784104, 6784108, 6785914, 6788152,
802 6788830, 6789318, 6790064, 6790345, 6790687, 6791064,
803 6791066, 6791071, 6791101, 6792134, 6792139, 6792884,
804 6793430, 6794136, 6794570, 6794830, 6797109, 6797118,
805 6798384, 6798878, 6799895, 6800184, 6800942, 6801507,
806 6801810, 6803343, 6803822, 6804954, 6807339, 6807765,
807 6809340, 6809683, 6809691, 6810367, 6815592, 6815893,
808 6816124, 6818183, 6821169, 6821170, 6822816, 6824006,
809 6824062, 6824968, 6826466, 6826468, 6826469, 6826470,
810 6826471, 6826472, 6827260, 6830237, 6830541, 6833162,
811 6833711, 6833999, 6834217, 6836714, 6836768, 6838062,
812 6838344, 6841321, 6843014, 6843069, 6843235, 6844069,
813 6844900, 6847229, 6848242, 6856634, 6857012, 6861983,
814 6862984, 6863610, 6870564, 6880764, 6882227, 6892298,
815 6898245, 6906110, 6906946, 6939941, 6950219, 6951024, and
820 <sect2 id="userland">
821 <title>Userland Changes</title>
823 <para revision="209267">The &man.arp.8; utility has been improved.
824 It now runs faster even when a single interface has a number
827 <para revision="214729">A bug in the &man.b64decode.1; which
828 prevents an <option>-r</option> option from handling arbitrary
829 breaks in a base64 encoded string has been fixed.</para>
831 <para revision="211723">The &man.calendar.1; utility now supports
832 repeating events which span multiple years, lunar events, and
835 <para revision="210915">The &man.dhclient.8; utility now reports a
836 reason for exiting and the 10-second period in which the
837 &man.dhclient.8; ignores routing messages has been changed to
838 start just after <filename>dhclient-script</filename> starts
839 instead of just after it finished. This change fixes a
840 symptom that &man.dhclient.8; silently exits under a certain
843 <para revision="214983">Userland support for the &man.dtrace.1;
844 subsystem has been added. This allows inspection of userland
845 software itself and its correlation with the kernel, thus
846 allowing a much better picture of what exactly is going on
847 behind the scenes. The &man.dtruss.1; utility has been added
848 and the <filename>libproc</filename> has been updated to
849 support the facility.</para>
851 <para revision="209362">The &man.du.1; utility now supports a
852 <option>-t <replaceable>threshold</replaceable></option>
853 option to display entries that exceeds the value of
854 <replaceable>threshold</replaceable>. If the value is
855 negative, it displays entries with a value less than the
856 absolute value of <replaceable>threshold</replaceable>.</para>
858 <para revision="215667">The &man.fdisk.8; utility now supports
859 partitions which are provided by &man.gjournal.8; or
860 &man.geli.8; GEOM class.</para>
862 <para revision="210567">The &man.gcore.1; utility now supports an
863 <option>-f</option> flag which forces a full dump of all the
864 segments except for the malformed ones.</para>
866 <para revision="214405">The &man.geli.8; utility now supports
867 <command>resize</command> subcommand to resize encrypted file
868 systems prior to growing it</para>
870 <para revision="214405">The &man.geli.8; utility now supports
871 <command>suspend</command> and <command>resume</command>
872 subcommands. The <command>suspend</command> subcommand makes
873 &man.geli.8; devices wait for all in-flight I/O requests,
874 suspend new I/O requests, remove all &man.geli.8; sensitive
875 data from the kernel memory (like encryption keys) and will
876 wait for either <command>geli resume</command> or
877 <command>geli detach</command> command. For more
878 information, see &man.geli.8; manual page.</para>
880 <para revision="214405">The &man.geli.8; utility now checks the
881 metadata provider size strictly. If the check fails, the
882 provider is not attached. A new option <option>-f</option>
883 can override this behavior.</para>
885 <para revision="214405">The &man.geli.8; utility now supports
886 <option>-J <replaceable>newpassfile</replaceable></option> and
887 <option>-j <replaceable>passfile</replaceable></option>
888 options for loading passphrease from a file.</para>
890 <para revision="211938">The <function>gethost*()</function>,
891 <function>getnet*()</function>, and
892 <function>getproto*()</function> functions now set the errno
893 to <literal>ERANGE</literal> and the NSS backend terminates
894 with <literal>NS_RETURN</literal> when the result buffer size
897 <para revision="209497">The &man.gpart.8; utility now supports
898 <command>resize</command> command to resize partitions for all
899 schemes but EBR.</para>
901 <para revision="215941">The &man.gpart.8; utility now supports
902 <command>backup</command> and <command>restore</command>
903 subcommands to backup partition tables and restore
906 <para revision="213661">The &man.gpart.8; utility now handles
907 given geom/provider names with and without
908 <filename>/dev/</filename> prefix.</para>
910 <para revision="213684">The &man.gpart.8; utility now supports
911 an <option>-F</option> option for <command>force</command>
912 subcommand. This option force destroying of the partition
913 table even if it is not empty.</para>
915 <para revision="213684">The &man.gpart.8; utility now supports a
916 <command>recover</command> subcommand for GPT partition
917 tables. A corrupted GPT is now marked when the following
918 three types of corruption:</para>
922 <para>Primary GPT header or table is corrupted.</para>
926 <para>Secondary GPT header or table is corrupted.</para>
930 <para>Secondary GPT header is not located at the last LBA.</para>
934 <para>Any changes to the corrupted GPT table is not allowed
935 except for <command>destroy</command> and
936 <command>recover</command> subcommands./para>
938 <para revision="213994">The &man.gpart.8; utility now supports
939 <literal>GPT_ENT_ATTR_BOOTME</literal>,
940 <literal>GPT_ENT_ATTR_BOOTONCE</literal>, and
941 <literal>GPT_ENT_ATTR_BOOTFAILED</literal> attributes in GPT.
942 The attribute keywords in the command line are
943 <literal>bootme</literal>, <literal>bootonce</literal>, and
944 <literal>bootfailed</literal> respectively.</para>
946 <para revision="215728">An issue in the &man.newfs.8; utility
947 has been fixed. A UFS1 file system created with 64KB
948 blocksize was incorrectly recognized as one with a broken
949 superblock. This is because &os; kernel checks UFS2
950 superblock at 64KB offset in the partition first, and UFS1
951 with 64KB blocksize has an alternative superblock at the same
952 location. For example, a file system created by
953 <command>newfs -U -O 1 -b 65536 -f 8192</command> could lead
954 to this symptom.</para>
956 <para revision="213049">The &man.hastd.8; utility now supports
957 <literal>SIGHUP</literal> for reloading the configuration
958 file. When <literal>SIGTERM</literal> or
959 <literal>SIGINT</literal> is received, the worker processes
962 <para revision="212144">The &man.ifconfig.8; utility now check an
963 invalid CIDR subnet notation more strictly. It wrongly
964 accepted <literal>10.0.0.1/10.0.0.1</literal> as
965 <literal>10.0.0.1/10</literal>.</para>
967 <para revision="215237">An accuracy issue in the &man.jn.3; and
968 &man.jnf.3; functions in <filename>libm</filename> has been
971 <para revision="209284">Incorrect behaviors in stuttering
972 sequences and reverse ranges in the &man.jot.1; utility have
975 <para revision="213667">The <filename>libarchive</filename> and
976 &man.tar.1; utility now support LZMA (Lempel-Ziv-Markov
977 chain-Algorithm) compression format.</para>
979 <para revision="215229">The &man.tar.1; utility now supports a
980 blocksize which is up to <literal>8192</literal> (4MB) in the
981 <option>-b <replaceable>blocksize</replaceable></option>
984 <para revision="214442">A bug in the &man.lpr.1; utility which
985 prevents it from working with some files on a ZFS file system
986 has been fixed.</para>
988 <para revision="213978">The <option>-p</option> option in the
989 &man.mount.8; utility now displays <literal>rw</literal> mount
990 option correctly as in the &man.fstab.5; format.</para>
992 <para revision="213889">The &man.ncal.1; utility has been
993 updated. The option <option>-b</option> has been replaced
994 with <option>-C</option> and <option>-B
995 <replaceable>number</replaceable></option>. Options
996 <option>-3</option> to show previous, this and next month, and
997 <option>-A <replaceable>number</replaceable></option> to show
998 months after this month have been added. The option
999 <option>-m <replaceable>N</replaceable>
1000 <replaceable>YYYY</replaceable></option> now prints only the
1001 month, not the whole year.</para>
1003 <para revision="211699">The &man.newsyslog.8; utility now supports
1004 an <option>-S <replaceable>pidfile</replaceable></option>
1005 option to override the default &man.syslogd.8; PID
1008 <para revision="215622">The &man.newsyslog.8; utility now
1009 supports a special log file name
1010 <literal><include></literal> for processing file
1011 inclusion. Globing in the file name and circular dependency
1012 detection are supported. For more details, see
1013 &man.newsyslog.conf.5; manual page.</para>
1015 <para revision="213980">The &man.ntpd.8; utility is now compiled
1016 with shared memory reference clock driver. For example, GPS
1017 devices can be used as source of precise time via <filename
1018 role="ports">astro/gpsd</filename> in the Ports
1021 <para revision="212848">An off-by-one error in the &man.pax.1;
1022 utility when ustar file name is too long has been
1025 <para revision="209912">The &man.pkill.1; utility now supports
1026 an <option>-l</option> option which the &man.kill.1; utility
1029 <para revision="211098">The &man.pmcstat.8; utility now supports a
1030 file and a network socket as a top source. A new option
1031 <option>-O <replaceable>filename</replaceable></option>
1032 specifies to send log output to
1033 <replaceable>filename</replaceable>, and another new option
1034 <option>-R <replaceable>filename</replaceable></option>
1035 specifies to receive events from
1036 <replaceable>filename</replaceable>. For a socket, the
1037 <replaceable>filename</replaceable> is in a form of
1038 <replaceable>ipaddr:port</replaceable>. This allows top
1039 monitoring over TCP on a system with no local symbols, for
1042 <para revision="210089">The &man.pom.6; utility now
1043 supports a <option>-p</option> flag to print only the
1046 <para revision="212472">The &man.powerd.8; utility now supports
1047 an <option>-m <replaceable>freq</replaceable></option> and
1048 <option>-M <replaceable>freq</replaceable></option> to control
1049 the minimum and maximum frequency, respectively.</para>
1051 <para revision="213825">The &man.ruptime.1; utility now displays
1052 hostnames longer than 12 characters.</para>
1054 <para revision="215066">A behavior of the &man.sh.1; program
1055 when an <option>-u nounset</option> option is specified has
1056 been changed. The special parameters <varname>$@</varname>
1057 and <varname>$*</varname> no longer cause an error when there
1058 are no positional parameters.</para>
1060 <para revision="210616">A bug in the &man.sh.1; program has been
1061 fixed. A <literal>SIGINT</literal> signal is now passed
1062 through from a child process if the shell is interactive and
1063 the job control is enabled. For example, aborting
1064 &man.sleep.1; command by Ctrl-C no longer display
1065 <literal>ok</literal> in the following command line:</para>
1067 <screen>&prompt.user; sleep 5; echo ok</screen>
1069 <para revision="210732">The &man.sh.1; program now supports a
1070 <command>bg</command> command consisting solely of
1071 redirections. For example:</para>
1073 <screen>&prompt.user; < /dev/null &</screen>
1075 <para revision="211536">The &man.sleep.1; utility now supports
1076 <literal>SIGINFO</literal> signal and reports the specified
1077 sleep time and the remaining time.</para>
1079 <para revision="213036,213038">The &man.tftp.1; and &man.tftpd.8;
1080 utilities have been improved for better interoperability and
1081 they now supports RFC 1350, 2347, 2348, 2349, and 3617.</para>
1083 <para revision="213899">A bug in <literal>[=]=]</literal>
1084 equivalent class handling in the &man.tr.1; utility has been
1087 <para revision="210566">The &man.uname.1; utility now supports an
1088 <option>-o</option> flag as a synonym for the
1089 <option>-s</option> flag for compatibility with other
1092 <para revision="211060">Bugs in &man.vi.1; utility have been
1093 fixed. They include handling of <literal>^@</literal> and
1094 <literal>^C</literal> in insert mode when reading an ex
1097 <para revision="214345">The &man.watchdogd.8; program now set
1098 <literal>MADV_PROTECT</literal> memory flag onto themselves to
1099 protect from being terminated by the &os; kernel when
1100 available memory becomes short. This kind of process
1101 termination happens in a swap-intensive workload.</para>
1103 <para revision="209870">The <command>set sharenfs</command>
1104 command in the &man.zfs.8; utility now supports
1105 <option>sec</option> option.</para>
1107 <sect3 id="periodic-scripts">
1108 <title><filename>/etc/periodic</filename> Scripts</title>
1110 <para>A periodic script for <command>zfs scrub</command> has
1111 been added. For more details, see &man.periodic.conf.5;
1114 <para>A periodic script which can be used to find installed
1115 ports' files with mismatched checksum has been added. For more
1116 details, see &man.periodic.conf.5;</para>
1120 <sect2 id="contrib">
1121 <title>Contributed Software</title>
1123 <para>The <application>ACPI-CA</application> has been updated to
1126 <para revision="214287">The &man.ee.1; program has been updated
1127 to version 1.5.2.</para>
1129 <para><application>ISC BIND</application> has been updated to
1130 version 9.6-ESV-R4.</para>
1132 <para><application>netcat</application> has been updated to
1135 <para><application>OpenSSL</application> has been updated to
1136 version 0.9.8q.</para>
1138 <para>The timezone database has been updated to the
1139 <application>tzdata2010o</application> release.</para>
1141 <para><application>xz</application> has been updated from
1142 snapshot as of 12 April 2010 to 5.0.0 release</para>
1146 <title>Ports/Packages Collection Infrastructure</title>
1148 <para>The &man.pkg.create.1; utility now supports
1149 <application>xz</application> compression. Note that the
1150 default is still <application>bzip2</application>.</para>
1154 <title>Release Engineering and Integration</title>
1156 <para revision="211007">The &man.sysinstall.8; utility now uses
1157 the following numbers for default and minimum partition sizes:
1158 1GB for <filename>/</filename>, 4GB for
1159 <filename>/var</filename>, and 1GB for
1160 <filename>/tmp</filename>.</para>
1162 <para revision="211009">The &man.sysinstall.8; utility now
1163 attempts to enable &man.getty.8; on a serial port when no VGA
1164 card on the system.</para>
1166 <para>The supported version of
1167 the <application>GNOME</application> desktop environment
1168 (<filename role="package">x11/gnome2</filename>) has been
1169 updated to 2.32.1.</para>
1171 <para>The supported version of
1172 the <application>KDE</application> desktop environment
1173 (<filename role="package">x11/kde4</filename>) has been
1174 updated to 4.5.5.</para>
1178 <sect1 id="upgrade">
1179 <title>Upgrading from previous releases of &os;</title>
1181 <para arch="amd64,i386">Upgrades between RELEASE versions (and
1182 snapshots of the various security branches) are supported using
1183 the &man.freebsd-update.8; utility. The binary upgrade
1184 procedure will update unmodified userland utilities, as well as
1185 unmodified GENERIC kernel distributed as a part of an
1186 official &os; release. The &man.freebsd-update.8; utility
1187 requires that the host being upgraded has Internet
1188 connectivity.</para>
1190 <para>An older form of binary upgrade is supported through the
1191 <command>Upgrade</command> option from the main
1192 &man.sysinstall.8; menu on CDROM distribution media. This type
1193 of binary upgrade may be useful on non-&arch.i386;,
1194 non-&arch.amd64; machines or on systems with no Internet
1195 connectivity.</para>
1197 <para>Source-based upgrades (those based on recompiling the &os;
1198 base system from source code) from previous versions are
1199 supported, according to the instructions in
1200 <filename>/usr/src/UPDATING</filename>.</para>
1203 <para>Upgrading &os; should, of course, only be attempted after
1204 backing up <emphasis>all</emphasis> data and configuration