1 Updating Information for FreeBSD current users
3 This file is maintained and copyrighted by M. Warner Losh <imp@freebsd.org>.
4 See end of file for further details. For commonly done items, please see the
5 COMMON ITEMS: section later in the file. These instructions assume that you
6 basically know what you are doing. If not, then please consult the FreeBSD
9 http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/makeworld.html
11 Items affecting the ports and packages system can be found in
12 /usr/ports/UPDATING. Please read that file before running portupgrade.
14 20140605: p8 FreeBSD-SA-14:14.openssl
15 Fix OpenSSL multiple vulnerabilities. [SA-14:14]
17 20140603: p7 FreeBSD-SA-14:11.sendmail
18 FreeBSD-SA-14:12.ktrace
22 Fix sendmail improper close-on-exec flag handling. [SA-14:11]
24 Fix ktrace memory disclosure. [SA-14:12]
26 Fix incorrect error handling in PAM policy parser. [SA-14:13]
28 Fix triple-fault when executing from a threaded process.
31 20140513: p6 FreeBSD-EN-14:03.pkg
32 FreeBSD-EN-14:04.kldxref
35 Add pkg bootstrapping, configuration and public keys. [EN-14:03]
37 Improve build repeatability for kldxref(8). [EN-14:04]
39 Fix data corruption with ciss(4). [EN-14:05]
41 20140430: p5 FreeBSD-SA-14:08.tcp
43 Fix TCP reassembly vulnerability. [SA-14:08]
45 20140408: p4 FreeBSD-SA-14:05.nfsserver
46 FreeBSD-SA-14:06.openssl
47 Fix deadlock in the NFS server. [SA-14:05]
49 Fix for ECDSA Cache Side-channel Attack in OpenSSL. [SA-14:06]
51 20140114: p3 FreeBSD-SA-14:01.bsnmpd
54 FreeBSD-EN-14:01.random
56 Fix bsnmpd remote denial of service vulnerability. [SA-14:01]
58 Fix ntpd distributed reflection Denial of Service
59 vulnerability. [SA-14:02]
61 Fix BIND remote denial of service vulnerability. [SA-14:04]
63 Disable hardware RNGs by default. [EN-14:01]
65 Fix incorrect coalescing of stack entry with mmap. [EN-14:02]
67 20131128: p2 FreeBSD-EN-13:05.freebsd-update
68 Fix error in patch for FreeBSD-EN-13:04.freebsd-update.
70 20131026: p1 FreeBSD-EN-13:04.freebsd-update
71 Fix multiple freebsd-update bugs that break upgrading to
75 hastctl(8)'s `status' command output changed to terse one-liner format.
76 Scripts using this should switch to `list' command or be rewritten.
79 Fix a bug that allowed a tracing process (e.g. gdb) to write
80 to a memory-mapped file in the traced process's address space
81 even if neither the traced process nor the tracing process had
82 write access to that file.
85 Added ZFS TRIM support which is enabled by default. To disable
86 ZFS TRIM support set vfs.zfs.trim.enabled=0 in loader.conf.
88 Creating new ZFS pools and adding new devices to existing pools
89 first performs a full device level TRIM which can take a significant
90 amount of time. The sysctl vfs.zfs.vdev.trim_on_init can be set to 0
91 to disable this behaviour.
93 ZFS TRIM requires the underlying device support BIO_DELETE which
94 is currently provided by methods such as ATA TRIM and SCSI UNMAP
95 via CAM, which are typically supported by SSD's.
97 Stats for ZFS TRIM can be monitored by looking at the sysctl's
98 under kstat.zfs.misc.zio_trim.
101 `list' command has been added to hastctl(8). For now, it is full
102 equivalent of `status' command.
103 WARNING: in the near future the output of hastctl's status command
104 will change to more terse format. If you use `hastctl status'
105 for parsing in your scripts, switch to `hastctl list'.
108 The mergemaster command now uses the default MAKEOBJDIRPREFIX
109 rather than creating it's own in the temporary directory in
110 order allow access to bootstrapped versions of tools such as
111 install and mtree. When upgrading from version of FreeBSD where
112 the install command does not support -l, you will need to
113 install a new mergemaster command if mergemaster -p is required.
114 This can be accomplished with the command (cd src/usr.sbin/mergemaster
117 Due to the use of the new -l option to install(1) during build
118 and install, you must take care not to directly set the INSTALL
119 make variable in your /etc/make.conf, /etc/src.conf, or on the
120 command line. If you wish to use the -C flag for all installs
121 you may be able to add INSTALL+=-C to /etc/make.conf or
125 Fix a bug that allows NFS clients to issue READDIR on files.
128 The install(1) option -M has changed meaning and now takes an
129 argument that is a file or path to append logs to. In the
130 unlikely event that -M was the last option on the command line
131 and the command line contained at least two files and a target
132 directory the first file will have logs appended to it. The -M
133 option served little practical purpose in the last decade so it's
134 used expected to be extremely rare.
137 A new compression method (lz4) has been merged to. Please refer to
138 zpool-features(7) for more information.
140 Please refer to the "ZFS notes" section of this file for information
141 on upgrading boot ZFS pools.
144 The VFS KBI was changed with the merge of several nullfs
145 optimizations and fixes. All filesystem modules must be
149 With the addition of auditdistd(8), a new auditdistd user is now
150 depended on during installworld. "mergemaster -p" can be used to add
151 the user prior to installworld, as documented in the handbook.
157 A new version of ZFS (pool version 5000) has been merged to 9-STABLE.
158 Starting with this version the old system of ZFS pool versioning
159 is superseded by "feature flags". This concept enables forward
160 compatibility against certain future changes in functionality of ZFS
161 pools. The first two read-only compatible "feature flags" for ZFS
162 pools are "com.delphix:async_destroy" and "com.delphix:empty_bpobj".
163 For more information read the new zpool-features(7) manual page.
164 Please refer to the "ZFS notes" section of this file for information
165 on upgrading boot ZFS pools.
168 The commit introducing bsd.compiler.mk breaks the traditional
169 building of kernels before this point. Add -m ${SRC}/share/mk
170 (for the right value of SRC) to your command lines to work
171 around; update your useland to a point after this; or use the
172 buildkernel/installkernel top-level targets. See also 20120829.
175 The IPFIREWALL_FORWARD kernel option has been removed. Its
176 functionality now turned on by default.
179 The random(4) support for the VIA hardware random number
180 generator (`PADLOCK') is no longer enabled unconditionally.
181 Add the PADLOCK_RNG option in the custom kernel config if
182 needed. The GENERIC kernels on i386 and amd64 do include the
183 option, so the change only affects the custom kernel
187 The amd64 kernel now uses xsetbv, xrstor instructions. To compile with
188 the traditional method, you must update your system with an installworld
189 before the kernel will build. The documented make buildkernel/installkernel
190 interfaces (coupled with fresh make kernel-toolchain) continue to work.
193 The sparc64 ZFS loader has been changed to no longer try to auto-
194 detect ZFS providers based on diskN aliases but now requires these
195 to be explicitly listed in the OFW boot-device environment variable.
198 Now unix domain sockets behave "as expected" on nullfs(5). Previously
199 nullfs(5) did not pass through all behaviours to the underlying layer,
200 as a result if we bound to a socket on the lower layer we could connect
201 only to the lower path; if we bound to the upper layer we could connect
202 only to the upper path. The new behavior is one can connect to both the
203 lower and the upper paths regardless what layer path one binds to.
206 The acpi_wmi(4) status device /dev/wmistat has been renamed to
210 A new VOP_ADVISE() was added to support posix_fadvise(2). All
211 filesystem modules must be recompiled.
214 The interface of the VOP_VPTOCNP(9) changed, now the returned
215 vnode shall be referenced, previously it was required to be
216 only held. All in-tree filesystems are converted.
222 The broken amd(4) driver has been replaced with esp(4) in the amd64,
223 i386 and pc98 GENERIC kernel configuration files.
226 This commit modifies vfs_register() so that it uses a hash
227 calculation to set vfc_typenum, which is enabled by default.
228 The first time a system is booted after this change, the
229 vfc_typenum values will change for all file systems. The
230 main effect of this is a change to the NFS server file handles
231 for file systems that use vfc_typenum in their fsid, such as ZFS.
232 It will, however, prevent vfc_typenum from changing when file
233 systems are loaded in a different order for subsequent reboots.
234 To disable this, you can set vfs.typenumhash=0 in /boot/loader.conf
235 until you are ready to remount all NFS clients after a reboot.
238 Bump the shared library version numbers for libraries that
239 do not use symbol versioning, have changed the ABI compared
240 to stable/8 and which shared library version was not bumped.
241 Done as part of 9.0-RELEASE cycle.
244 During the merge of Capsicum features, the fget(9) KPI was modified.
245 This may require the rebuilding of out-of-tree device drivers --
246 issues have been reported specifically with the nVidia device driver.
247 __FreeBSD_version is bumped to 900041.
249 Also, there is a period between 20110811 and 20110814 where the
250 special devices /dev/{stdin,stdout,stderr} did not work correctly.
251 Building world from a kernel during that window may not work.
254 The packet filter (pf) code has been updated to OpenBSD 4.5.
255 You need to update userland tools to be in sync with kernel.
256 This update breaks backward compatibility with earlier pfsync(4)
257 versions. Care must be taken when updating redundant firewall setups.
260 The following sysctls and tunables are retired on x86 platforms:
262 machdep.hlt_logical_cpus
263 The following sysctl is retired:
264 machdep.hyperthreading_allowed
265 The sysctls were supposed to provide a way to dynamically offline and
266 online selected CPUs on x86 platforms, but the implementation has not
267 been reliable especially with SCHED_ULE scheduler.
268 machdep.hyperthreading_allowed tunable is still available to ignore
269 hyperthreading CPUs at OS level.
270 Individual CPUs can be disabled using hint.lapic.X.disabled tunable,
271 where X is an APIC ID of a CPU. Be advised, though, that disabling
272 CPUs in non-uniform fashion will result in non-uniform topology and
273 may lead to sub-optimal system performance with SCHED_ULE, which is
277 cpumask_t type is retired and cpuset_t is used in order to describe
281 Changes to ifconfig(8) for dynamic address family detection mandate
282 that you are running a kernel of 20110525 or later. Make sure to
283 follow the update procedure to boot a new kernel before installing
287 Support for sun4v architecture is officially dropped
290 Several KPI breaking changes have been committed to the mii(4) layer,
291 the PHY drivers and consequently some Ethernet drivers using mii(4).
292 This means that miibus.ko and the modules of the affected Ethernet
293 drivers need to be recompiled.
295 Note to kernel developers: Given that the OUI bit reversion problem
296 was fixed as part of these changes all mii(4) commits related to OUIs,
297 i.e. to sys/dev/mii/miidevs, PHY driver probing and vendor specific
298 handling, no longer can be merged verbatim to stable/8 and previous
302 Users of the Atheros AR71xx SoC code now need to add 'device ar71xx_pci'
303 into their kernel configurations along with 'device pci'.
306 The default NFS client is now the new NFS client, so fstype "newnfs"
307 is now "nfs" and the regular/old NFS client is now fstype "oldnfs".
308 Although mounts via fstype "nfs" will usually work without userland
309 changes, it is recommended that the mount(8) and mount_nfs(8)
310 commands be rebuilt from sources and that a link to mount_nfs called
311 mount_oldnfs be created. The new client is compiled into the
312 kernel with "options NFSCL" and this is needed for diskless root
313 file systems. The GENERIC kernel configs have been changed to use
314 NFSCL and NFSD (the new server) instead of NFSCLIENT and NFSSERVER.
315 To use the regular/old client, you can "mount -t oldnfs ...". For
316 a diskless root file system, you must also include a line like:
318 vfs.root.mountfrom="oldnfs:"
320 in the boot/loader.conf on the root fs on the NFS server to make
321 a diskless root fs use the old client.
324 The GENERIC kernels for all architectures now default to the new
325 CAM-based ATA stack. It means that all legacy ATA drivers were
326 removed and replaced by respective CAM drivers. If you are using
327 ATA device names in /etc/fstab or other places, make sure to update
328 them respectively (adX -> adaY, acdX -> cdY, afdX -> daY, astX -> saY,
329 where 'Y's are the sequential numbers starting from zero for each type
330 in order of detection, unless configured otherwise with tunables,
331 see cam(4)). There will be symbolic links created in /dev/ to map
332 old adX devices to the respective adaY. They should provide basic
333 compatibility for file systems mounting in most cases, but they do
334 not support old user-level APIs and do not have respective providers
335 in GEOM. Consider using updated management tools with new device names.
337 It is possible to load devices ahci, ata, siis and mvs as modules,
338 but option ATA_CAM should remain in kernel configuration to make ata
339 module work as CAM driver supporting legacy ATA controllers. Device ata
340 still can be used in modular fashion (atacore + ...). Modules atadisk
341 and atapi* are not used and won't affect operation in ATA_CAM mode.
342 Note that to use CAM-based ATA kernel should include CAM devices
343 scbus, pass, da (or explicitly ada), cd and optionally others. All of
344 them are parts of the cam module.
346 ataraid(4) functionality is now supported by the RAID GEOM class.
347 To use it you can load geom_raid kernel module and use graid(8) tool
348 for management. Instead of /dev/arX device names, use /dev/raid/rX.
350 No kernel config options or code have been removed, so if a problem
351 arises, please report it and optionally revert to the old ATA stack.
352 In order to do it you can remove from the kernel config:
357 , and instead add back:
358 device atadisk # ATA disk drives
359 device ataraid # ATA RAID drives
360 device atapicd # ATAPI CDROM drives
361 device atapifd # ATAPI floppy drives
362 device atapist # ATAPI tape drives
365 The default NFS server has been changed to the new server, which
366 was referred to as the experimental server. If you need to switch
367 back to the old NFS server, you must now put the "-o" option on
368 both the mountd and nfsd commands. This can be done using the
369 mountd_flags and nfs_server_flags rc.conf variables until an
370 update to the rc scripts is committed, which is coming soon.
373 The GNU Objective-C runtime library (libobjc), and other Objective-C
374 related components have been removed from the base system. If you
375 require an Objective-C library, please use one of the available ports.
378 ath(4) has been split into bus- and device- modules. if_ath contains
379 the HAL, the TX rate control and the network device code. if_ath_pci
380 contains the PCI bus glue. For Atheros MIPS embedded systems, if_ath_ahb
381 contains the AHB glue. Users need to load both if_ath_pci and if_ath
382 in order to use ath on everything else.
384 TO REPEAT: if_ath_ahb is not needed for normal users. Normal users only
385 need to load if_ath and if_ath_pci for ath(4) operation.
388 As part of the replacement of sysinstall, the process of building
389 release media has changed significantly. For details, please re-read
390 release(7), which has been updated to reflect the new build process.
393 GNU binutils 2.17.50 (as of 2007-07-03) has been merged to -HEAD. This
394 is the last available version under GPLv2. It brings a number of new
395 features, such as support for newer x86 CPU's (with SSE-3, SSSE-3, SSE
396 4.1 and SSE 4.2), better support for powerpc64, a number of new
397 directives, and lots of other small improvements. See the ChangeLog
398 file in contrib/binutils for the full details.
401 IPsec's HMAC_SHA256-512 support has been fixed to be RFC4868
402 compliant, and will now use half of hash for authentication.
403 This will break interoperability with all stacks (including all
404 actual FreeBSD versions) who implement
405 draft-ietf-ipsec-ciph-sha-256-00 (they use 96 bits of hash for
407 The only workaround with such peers is to use another HMAC
408 algorithm for IPsec ("phase 2") authentication.
411 Remove the uio_yield prototype and symbol. This function has
412 been misnamed since it was introduced and should not be
413 globally exposed with this name. The equivalent functionality
414 is now available using kern_yield(curthread->td_user_pri).
415 The function remains undocumented.
418 A SYSCTL_[ADD_]UQUAD was added for unsigned uint64_t pointers,
419 symmetric with the existing SYSCTL_[ADD_]QUAD. Type checking
420 for scalar sysctls is defined but disabled. Code that needs
421 UQUAD to pass the type checking that must compile on older
422 systems where the define is not present can check against
423 __FreeBSD_version >= 900030.
425 The system dialog(1) has been replaced with a new version previously
426 in ports as devel/cdialog. dialog(1) is mostly command-line compatible
427 with the previous version, but the libdialog associated with it has
428 a largely incompatible API. As such, the original version of libdialog
429 will be kept temporarily as libodialog, until its base system consumers
430 are replaced or updated. Bump __FreeBSD_version to 900030.
433 If you are trying to run make universe on a -stable system, and you get
434 the following warning:
435 "Makefile", line 356: "Target architecture for i386/conf/GENERIC
436 unknown. config(8) likely too old."
437 or something similar to it, then you must upgrade your -stable system
438 to 8.2-Release or newer (really, any time after r210146 7/15/2010 in
439 stable/8) or build the config from the latest stable/8 branch and
440 install it on your system.
442 Prior to this date, building a current universe on 8-stable system from
443 between 7/15/2010 and 1/2/2011 would result in a weird shell parsing
444 error in the first kernel build phase. A new config on those old
445 systems will fix that problem for older versions of -current.
448 The TCP stack has been modified to allow Khelp modules to interact with
449 it via helper hook points and store per-connection data in the TCP
450 control block. Bump __FreeBSD_version to 900029. User space tools that
451 rely on the size of struct tcpcb in tcp_var.h (e.g. sockstat) need to
455 Generic IEEE 802.3 annex 31B full duplex flow control support has been
456 added to mii(4) and bge(4), bce(4), msk(4), nfe(4) and stge(4) along
457 with brgphy(4), e1000phy(4) as well as ip1000phy() have been converted
458 to take advantage of it instead of using custom implementations. This
459 means that these drivers now no longer unconditionally advertise
460 support for flow control but only do so if flow control is a selected
461 media option. This was implemented in the generic support that way in
462 order to allow flow control to be switched on and off via ifconfig(8)
463 with the PHY specific default to typically off in order to protect
464 from unwanted effects. Consequently, if you used flow control with
465 one of the above mentioned drivers you now need to explicitly enable
467 ifconfig bge0 media auto mediaopt flowcontrol
469 Along with the above mentioned changes generic support for setting
470 1000baseT master mode also has been added and brgphy(4), ciphy(4),
471 e1000phy(4) as well as ip1000phy(4) have been converted to take
472 advantage of it. This means that these drivers now no longer take the
473 link0 parameter for selecting master mode but the master media option
474 has to be used instead, for example like in the following:
475 ifconfig bge0 media 1000baseT mediaopt full-duplex,master
477 Selection of master mode now is also available with all other PHY
478 drivers supporting 1000baseT.
481 The TCP stack has received a significant update to add support for
482 modularised congestion control and generally improve the clarity of
483 congestion control decisions. Bump __FreeBSD_version to 900025. User
484 space tools that rely on the size of struct tcpcb in tcp_var.h (e.g.
485 sockstat) need to be recompiled.
488 The man(1) utility has been replaced by a new version that no longer
489 uses /etc/manpath.config. Please consult man.conf(5) for how to
490 migrate local entries to the new format.
493 The copyright strings printed by login(1) and sshd(8) at the time of a
494 new connection have been removed to follow other operating systems and
498 A workaround for a fixed ld bug has been removed in kernel code,
499 so make sure that your system ld is built from sources after
500 revision 210245 from 2010-07-19 (r211583 if building head kernel
501 on stable/8, r211584 for stable/7; both from 2010-08-21).
502 A symptom of incorrect ld version is different addresses for
503 set_pcpu section and __start_set_pcpu symbol in kernel and/or modules.
506 The $ipv6_prefer variable in rc.conf(5) has been split into
507 $ip6addrctl_policy and $ipv6_activate_all_interfaces.
509 The $ip6addrctl_policy is a variable to choose a pre-defined
510 address selection policy set by ip6addrctl(8). A value
511 "ipv4_prefer", "ipv6_prefer" or "AUTO" can be specified. The
514 The $ipv6_activate_all_interfaces specifies whether IFDISABLED
515 flag (see an entry of 20090926) is set on an interface with no
516 corresponding $ifconfig_IF_ipv6 line. The default is "NO" for
517 security reason. If you want IPv6 link-local address on all
518 interfaces by default, set this to "YES".
520 The old ipv6_prefer="YES" is equivalent to
521 ipv6_activate_all_interfaces="YES" and
522 ip6addrctl_policy="ipv6_prefer".
525 DTrace has grown support for userland tracing. Due to this, DTrace is
526 now i386 and amd64 only.
527 dtruss(1) is now installed by default on those systems and a new
528 kernel module is needed for userland tracing: fasttrap.
529 No changes to your kernel config file are necessary to enable
530 userland tracing, but you might consider adding 'STRIP=' and
531 'CFLAGS+=-fno-omit-frame-pointer' to your make.conf if you want
532 to have informative userland stack traces in DTrace (ustack).
535 The acpi_aiboost(4) driver has been removed in favor of the new
536 aibs(4) driver. You should update your kernel configuration file.
539 BSD grep has been imported to the base system and it is built by
540 default. It is completely BSD licensed, highly GNU-compatible, uses
541 less memory than its GNU counterpart and has a small codebase.
542 However, it is slower than its GNU counterpart, which is mostly
543 noticeable for larger searches, for smaller ones it is measurable
544 but not significant. The reason is complex, the most important factor
545 is that we lack a modern and efficient regex library and GNU
546 overcomes this by optimizing the searches internally. Future work
547 on improving the regex performance is planned, for the meantime,
548 users that need better performance, can build GNU grep instead by
549 setting the WITH_GNU_GREP knob.
552 Due to the import of powerpc64 support, all existing powerpc kernel
553 configuration files must be updated with a machine directive like this:
554 machine powerpc powerpc
556 In addition, an updated config(8) is required to build powerpc kernels
560 A new version of ZFS (version 15) has been merged to -HEAD.
561 This version uses a python library for the following subcommands:
562 zfs allow, zfs unallow, zfs groupspace, zfs userspace.
563 For full functionality of these commands the following port must
564 be installed: sysutils/py-zfs
567 'vm_page's are now hashed by physical address to an array of mutexes.
568 Currently this is only used to serialize access to hold_count. Over
569 time the page queue mutex will be peeled away. This changes the size
570 of pmap on every architecture. And requires all callers of vm_page_hold
571 and vm_page_unhold to be updated.
574 WITH_CTF can now be specified in src.conf (not recommended, there
575 are some problems with static executables), make.conf (would also
576 affect ports which do not use GNU make and do not override the
577 compile targets) or in the kernel config (via "makeoptions
579 When WITH_CTF was specified there before this was silently ignored,
580 so make sure that WITH_CTF is not used in places which could lead
581 to unwanted behavior.
584 The kernel option COMPAT_IA32 has been replaced with COMPAT_FREEBSD32
585 to allow 32-bit compatibility on non-x86 platforms. All kernel
586 configurations on amd64 and ia64 platforms using these options must
587 be modified accordingly.
590 The utmp user accounting database has been replaced with utmpx,
591 the user accounting interface standardized by POSIX.
592 Unfortunately the semantics of utmp and utmpx don't match,
593 making it practically impossible to support both interfaces.
594 The user accounting database is used by tools like finger(1),
595 last(1), talk(1), w(1) and ac(8).
597 All applications in the base system use utmpx. This means only
598 local binaries (e.g. from the ports tree) may still use these
599 utmp database files. These applications must be rebuilt to make
602 After the system has been upgraded, it is safe to remove the old
603 log files (/var/run/utmp, /var/log/lastlog and /var/log/wtmp*),
604 assuming their contents is of no importance anymore. Old wtmp
605 databases can only be used by last(1) and ac(8) after they have
606 been converted to the new format using wtmpcvt(1).
609 Introduce the kernel thread "deadlock resolver" (which can be enabled
610 via the DEADLKRES option, see NOTES for more details) and the
611 sleepq_type() function for sleepqueues.
614 The rc.firewall and rc.firewall6 were unified, and
615 rc.firewall6 and rc.d/ip6fw were removed.
616 According to the removal of rc.d/ip6fw, ipv6_firewall_* rc
617 variables are obsoleted. Instead, the following new rc
618 variables are added to rc.d/ipfw:
620 firewall_client_net_ipv6, firewall_simple_iif_ipv6,
621 firewall_simple_inet_ipv6, firewall_simple_oif_ipv6,
622 firewall_simple_onet_ipv6, firewall_trusted_ipv6
624 The meanings correspond to the relevant IPv4 variables.
630 The default terminal emulation for syscons(4) has been changed
631 from cons25 to xterm on all platforms except pc98. This means
632 that the /etc/ttys file needs to be updated to ensure correct
633 operation of applications on the console.
635 The terminal emulation style can be toggled per window by using
636 vidcontrol(1)'s -T flag. The TEKEN_CONS25 kernel configuration
637 options can be used to change the compile-time default back to
640 To prevent graphical artifacts, make sure the TERM environment
641 variable is set to match the terminal emulation that is being
642 performed by syscons(4).
645 The layout of the structure ieee80211req_scan_result has changed.
646 Applications that require wireless scan results (e.g. ifconfig(8))
647 from net80211 need to be recompiled.
649 Applications such as wpa_supplicant(8) may require a full world
650 build without using NO_CLEAN in order to get synchronized with the
654 The iwn(4) driver has been updated to support the 5000 and 5150 series.
655 There's one kernel module for each firmware. Adding "device iwnfw"
656 to the kernel configuration file means including all three firmware
657 images inside the kernel. If you want to include just the one for
658 your wireless card, use the devices iwn4965fw, iwn5000fw or
662 The rc.d/network_ipv6, IPv6 configuration script has been integrated
663 into rc.d/netif. The changes are the following:
665 1. To use IPv6, simply define $ifconfig_IF_ipv6 like $ifconfig_IF
666 for IPv4. For aliases, $ifconfig_IF_aliasN should be used.
667 Note that both variables need the "inet6" keyword at the head.
669 Do not set $ipv6_network_interfaces manually if you do not
670 understand what you are doing. It is not needed in most cases.
672 $ipv6_ifconfig_IF and $ipv6_ifconfig_IF_aliasN still work, but
675 2. $ipv6_enable is obsolete. Use $ipv6_prefer and
676 "inet6 accept_rtadv" keyword in ifconfig(8) instead.
678 If you define $ipv6_enable=YES, it means $ipv6_prefer=YES and
679 all configured interfaces have "inet6 accept_rtadv" in the
680 $ifconfig_IF_ipv6. These are for backward compatibility.
682 3. A new variable $ipv6_prefer has been added. If NO, IPv6
683 functionality of interfaces with no corresponding
684 $ifconfig_IF_ipv6 is disabled by using "inet6 ifdisabled" flag,
685 and the default address selection policy of ip6addrctl(8)
686 is the IPv4-preferred one (see rc.d/ip6addrctl for more details).
687 Note that if you want to configure IPv6 functionality on the
688 disabled interfaces after boot, first you need to clear the flag by
689 using ifconfig(8) like:
691 ifconfig em0 inet6 -ifdisabled
693 If YES, the default address selection policy is set as
696 The default value of $ipv6_prefer is NO.
698 4. If your system need to receive Router Advertisement messages,
699 define "inet6 accept_rtadv" in $ifconfig_IF_ipv6. The rc(8)
700 scripts automatically invoke rtsol(8) when the interface becomes
701 UP. The Router Advertisement messages are used for SLAAC
702 (State-Less Address AutoConfiguration).
705 802.11s D3.03 support was committed. This is incompatible with the
706 previous code, which was based on D3.0.
709 A sysctl variable net.inet6.ip6.accept_rtadv now sets the default value
710 of a per-interface flag ND6_IFF_ACCEPT_RTADV, not a global knob to
711 control whether accepting Router Advertisement messages or not.
712 Also, a per-interface flag ND6_IFF_AUTO_LINKLOCAL has been added and
713 a sysctl variable net.inet6.ip6.auto_linklocal is its default value.
714 The ifconfig(8) utility now supports these flags.
717 ZFS snapshots are now mounted with MNT_IGNORE flag. Use -v option for
718 mount(8) and -a option for df(1) to see them.
721 The old tunable hw.bus.devctl_disable has been superseded by
722 hw.bus.devctl_queue. hw.bus.devctl_disable=1 in loader.conf should be
723 replaced by hw.bus.devctl_queue=0. The default for this new tunable
727 Remove the option STOP_NMI. The default action is now to use NMI only
728 for KDB via the newly introduced function stop_cpus_hard() and
729 maintain stop_cpus() to just use a normal IPI_STOP on ia32 and amd64.
732 The stable/8 branch created in subversion. This corresponds to the
733 RELENG_8 branch in CVS.
736 Bump the shared library version numbers for all libraries that do not
737 use symbol versioning as part of the 8.0-RELEASE cycle. Bump
738 __FreeBSD_version to 800105.
741 Due to changes in the implementation of virtual network stack support,
742 all network-related kernel modules must be recompiled. As this change
743 breaks the ABI, bump __FreeBSD_version to 800104.
746 The TOE interface to the TCP syncache has been modified to remove
747 struct tcpopt (<netinet/tcp_var.h>) from the ABI of the network stack.
748 The cxgb driver is the only TOE consumer affected by this change, and
749 needs to be recompiled along with the kernel. As this change breaks
750 the ABI, bump __FreeBSD_version to 800103.
753 Padding has been added to struct tcpcb, sackhint and tcpstat in
754 <netinet/tcp_var.h> to facilitate future MFCs and bug fixes whilst
755 maintaining the ABI. However, this change breaks the ABI, so bump
756 __FreeBSD_version to 800102. User space tools that rely on the size of
757 any of these structs (e.g. sockstat) need to be recompiled.
760 The NFS_LEGACYRPC option has been removed along with the old kernel
761 RPC implementation that this option selected. Kernel configurations
762 may need to be adjusted.
765 The network interface device nodes at /dev/net/<interface> have been
766 removed. All ioctl operations can be performed the normal way using
767 routing sockets. The kqueue functionality can generally be replaced
768 with routing sockets.
771 The documentation from the FreeBSD Documentation Project (Handbook,
772 FAQ, etc.) is now installed via packages by sysinstall(8) and under
773 the /usr/local/share/doc/freebsd directory instead of /usr/share/doc.
776 The ABI of various structures related to the SYSV IPC API have been
777 changed. As a result, the COMPAT_FREEBSD[456] and COMPAT_43 kernel
778 options now all require COMPAT_FREEBSD7. Bump __FreeBSD_version to
782 Layout of struct vnet has changed as routing related variables were
783 moved to their own Vimage module. Modules need to be recompiled. Bump
784 __FreeBSD_version to 800099.
787 NGROUPS_MAX and NGROUPS have been increased from 16 to 1023 and 1024
788 respectively. As long as no more than 16 groups per process are used,
789 no changes should be visible. When more than 16 groups are used, old
790 binaries may fail if they call getgroups() or getgrouplist() with
791 statically sized storage. Recompiling will work around this, but
792 applications should be modified to use dynamically allocated storage
793 for group arrays as POSIX.1-2008 does not cap an implementation's
794 number of supported groups at NGROUPS_MAX+1 as previous versions did.
796 NFS and portalfs mounts may also be affected as the list of groups is
797 truncated to 16. Users of NFS who use more than 16 groups, should
798 take care that negative group permissions are not used on the exported
799 file systems as they will not be reliable unless a GSSAPI based
800 authentication method is used.
803 The compiling option ADAPTIVE_LOCKMGRS has been introduced. This
804 option compiles in the support for adaptive spinning for lockmgrs
805 which want to enable it. The lockinit() function now accepts the flag
806 LK_ADAPTIVE in order to make the lock object subject to adaptive
807 spinning when both held in write and read mode.
810 The layout of the structure returned by IEEE80211_IOC_STA_INFO has
811 changed. User applications that use this ioctl need to be rebuilt.
814 The layout of struct thread has changed. Kernel and modules need to
818 The layout of structs ifnet, domain, protosw and vnet_net has changed.
819 Kernel modules need to be rebuilt. Bump __FreeBSD_version to 800097.
822 window(1) has been removed from the base system. It can now be
823 installed from ports. The port is called misc/window.
826 The way we are storing and accessing `routing table' entries has
827 changed. Programs reading the FIB, like netstat, need to be
831 A new netisr implementation has been added for FreeBSD 8. Network
832 file system modules, such as igmp, ipdivert, and others, should be
834 Bump __FreeBSD_version to 800096.
837 Remove the tunable/sysctl debug.mpsafevfs as its initial purpose is no
841 Add VOP_ACCESSX(9). File system modules need to be rebuilt.
842 Bump __FreeBSD_version to 800094.
845 Add mnt_xflag field to 'struct mount'. File system modules need to be
847 Bump __FreeBSD_version to 800093.
850 The compiling option ADAPTIVE_SX has been retired while it has been
851 introduced the option NO_ADAPTIVE_SX which handles the reversed logic.
852 The KPI for sx_init_flags() changes as accepting flags:
853 SX_ADAPTIVESPIN flag has been retired while the SX_NOADAPTIVE flag has
854 been introduced in order to handle the reversed logic.
855 Bump __FreeBSD_version to 800092.
858 Add support for hierarchical jails. Remove global securelevel.
859 Bump __FreeBSD_version to 800091.
862 The layout of struct vnet_net has changed, therefore modules
864 Bump __FreeBSD_version to 800090.
867 The newly imported zic(8) produces a new format in the output. Please
868 run tzsetup(8) to install the newly created data to /etc/localtime.
871 The sysctl tree for the usb stack has renamed from hw.usb2.* to
872 hw.usb.* and is now consistent again with previous releases.
875 802.11 monitor mode support was revised and driver api's were changed.
876 Drivers dependent on net80211 now support DLT_IEEE802_11_RADIO instead
877 of DLT_IEEE802_11. No user-visible data structures were changed but
878 applications that use DLT_IEEE802_11 may require changes.
879 Bump __FreeBSD_version to 800088.
882 The layout of the following structs has changed: sysctl_oid,
883 socket, ifnet, inpcbinfo, tcpcb, syncache_head, vnet_inet,
884 vnet_inet6 and vnet_ipfw. Most modules need to be rebuild or
885 panics may be experienced. World rebuild is required for
886 correctly checking networking state from userland.
887 Bump __FreeBSD_version to 800085.
890 MLDv2 and Source-Specific Multicast (SSM) have been merged
891 to the IPv6 stack. VIMAGE hooks are in but not yet used.
892 The implementation of SSM within FreeBSD's IPv6 stack closely
893 follows the IPv4 implementation.
895 For kernel developers:
897 * The most important changes are that the ip6_output() and
898 ip6_input() paths no longer take the IN6_MULTI_LOCK,
899 and this lock has been downgraded to a non-recursive mutex.
901 * As with the changes to the IPv4 stack to support SSM, filtering
902 of inbound multicast traffic must now be performed by transport
903 protocols within the IPv6 stack. This does not apply to TCP and
904 SCTP, however, it does apply to UDP in IPv6 and raw IPv6.
906 * The KPIs used by IPv6 multicast are similar to those used by
907 the IPv4 stack, with the following differences:
908 * im6o_mc_filter() is analogous to imo_multicast_filter().
909 * The legacy KAME entry points in6_joingroup and in6_leavegroup()
910 are shimmed to in6_mc_join() and in6_mc_leave() respectively.
911 * IN6_LOOKUP_MULTI() has been deprecated and removed.
912 * IPv6 relies on MLD for the DAD mechanism. KAME's internal KPIs
913 for MLDv1 have an additional 'timer' argument which is used to
914 jitter the initial membership report for the solicited-node
915 multicast membership on-link.
916 * This is not strictly needed for MLDv2, which already jitters
917 its report transmissions. However, the 'timer' argument is
918 preserved in case MLDv1 is active on the interface.
920 * The KAME linked-list based IPv6 membership implementation has
921 been refactored to use a vector similar to that used by the IPv4
923 Code which maintains a list of its own multicast memberships
924 internally, e.g. carp, has been updated to reflect the new
927 * There is a known Lock Order Reversal (LOR) due to in6_setscope()
928 acquiring the IF_AFDATA_LOCK and being called within ip6_output().
929 Whilst MLDv2 tries to avoid this otherwise benign LOR, it is an
930 implementation constraint which needs to be addressed in HEAD.
932 For application developers:
934 * The changes are broadly similar to those made for the IPv4
937 * The use of IPv4 and IPv6 multicast socket options on the same
938 socket, using mapped addresses, HAS NOT been tested or supported.
940 * There are a number of issues with the implementation of various
941 IPv6 multicast APIs which need to be resolved in the API surface
942 before the implementation is fully compatible with KAME userland
943 use, and these are mostly to do with interface index treatment.
945 * The literature available discusses the use of either the delta / ASM
946 API with setsockopt(2)/getsockopt(2), or the full-state / ASM API
947 using setsourcefilter(3)/getsourcefilter(3). For more information
948 please refer to RFC 3768, 'Socket Interface Extensions for
949 Multicast Source Filters'.
951 * Applications which use the published RFC 3678 APIs should be fine.
953 For systems administrators:
955 * The mtest(8) utility has been refactored to support IPv6, in
956 addition to IPv4. Interface addresses are no longer accepted
957 as arguments, their names must be used instead. The utility
958 will map the interface name to its first IPv4 address as
959 returned by getifaddrs(3).
961 * The ifmcstat(8) utility has also been updated to print the MLDv2
962 endpoint state and source filter lists via sysctl(3).
964 * The net.inet6.ip6.mcast.loop sysctl may be tuned to 0 to disable
965 loopback of IPv6 multicast datagrams by default; it defaults to 1
966 to preserve the existing behaviour. Disabling multicast loopback is
967 recommended for optimal system performance.
969 * The IPv6 MROUTING code has been changed to examine this sysctl
970 instead of attempting to perform a group lookup before looping
971 back forwarded datagrams.
973 Bump __FreeBSD_version to 800084.
976 Implement low-level Bluetooth HCI API.
977 Bump __FreeBSD_version to 800083.
980 The layout of struct malloc_type, used by modules to register new
981 memory allocation types, has changed. Most modules will need to
982 be rebuilt or panics may be experienced.
983 Bump __FreeBSD_version to 800081.
986 Anticipate overflowing inp_flags - add inp_flags2.
987 This changes most offsets in inpcb, so checking v4 connection
988 state will require a world rebuild.
989 Bump __FreeBSD_version to 800080.
992 Add an llentry to struct route and struct route_in6. Modules
993 embedding a struct route will need to be recompiled.
994 Bump __FreeBSD_version to 800079.
997 The size of rt_metrics_lite and by extension rtentry has changed.
998 Networking administration apps will need to be recompiled.
999 The route command now supports show as an alias for get, weighting
1000 of routes, sticky and nostick flags to alter the behavior of stateful
1002 Bump __FreeBSD_version to 800078.
1005 Do not use Giant for kbdmux(4) locking. This is wrong and
1006 apparently causing more problems than it solves. This will
1007 re-open the issue where interrupt handlers may race with
1008 kbdmux(4) in polling mode. Typical symptoms include (but
1009 not limited to) duplicated and/or missing characters when
1010 low level console functions (such as gets) are used while
1011 interrupts are enabled (for example geli password prompt,
1012 mountroot prompt etc.). Disabling kbdmux(4) may help.
1015 The size of structs vnet_net, vnet_inet and vnet_ipfw has changed;
1016 kernel modules referencing any of the above need to be recompiled.
1017 Bump __FreeBSD_version to 800075.
1020 GEOM_PART has become the default partition slicer for storage devices,
1021 replacing GEOM_MBR, GEOM_BSD, GEOM_PC98 and GEOM_GPT slicers. It
1022 introduces some changes:
1024 MSDOS/EBR: the devices created from MSDOS extended partition entries
1025 (EBR) can be named differently than with GEOM_MBR and are now symlinks
1026 to devices with offset-based names. fstabs may need to be modified.
1028 BSD: the "geometry does not match label" warning is harmless in most
1029 cases but it points to problems in file system misalignment with
1030 disk geometry. The "c" partition is now implicit, covers the whole
1031 top-level drive and cannot be (mis)used by users.
1033 General: Kernel dumps are now not allowed to be written to devices
1034 whose partition types indicate they are meant to be used for file
1035 systems (or, in case of MSDOS partitions, as something else than
1038 Most of these changes date approximately from 200812.
1041 The uscanner(4) driver has been removed from the kernel. This follows
1042 Linux removing theirs in 2.6 and making libusb the default interface
1043 (supported by sane).
1046 The multicast forwarding code has been cleaned up. netstat(1)
1047 only relies on KVM now for printing bandwidth upcall meters.
1048 The IPv4 and IPv6 modules are split into ip_mroute_mod and
1049 ip6_mroute_mod respectively. The config(5) options for statically
1050 compiling this code remain the same, i.e. 'options MROUTING'.
1053 Support for the IFF_NEEDSGIANT network interface flag has been
1054 removed, which means that non-MPSAFE network device drivers are no
1055 longer supported. In particular, if_ar, if_sr, and network device
1056 drivers from the old (legacy) USB stack can no longer be built or
1060 POSIX.1 Native Language Support (NLS) has been enabled in libc and
1061 a bunch of new language catalog files have also been added.
1062 This means that some common libc messages are now localized and
1063 they depend on the LC_MESSAGES environmental variable.
1066 The k8temp(4) driver has been renamed to amdtemp(4) since
1067 support for Family 10 and Family 11 CPU families was added.
1070 IGMPv3 and Source-Specific Multicast (SSM) have been merged
1071 to the IPv4 stack. VIMAGE hooks are in but not yet used.
1073 For kernel developers, the most important changes are that the
1074 ip_output() and ip_input() paths no longer take the IN_MULTI_LOCK(),
1075 and this lock has been downgraded to a non-recursive mutex.
1077 Transport protocols (UDP, Raw IP) are now responsible for filtering
1078 inbound multicast traffic according to group membership and source
1079 filters. The imo_multicast_filter() KPI exists for this purpose.
1080 Transports which do not use multicast (SCTP, TCP) already reject
1081 multicast by default. Forwarding and receive performance may improve
1082 as a mutex acquisition is no longer needed in the ip_input()
1083 low-level input path. in_addmulti() and in_delmulti() are shimmed
1084 to new KPIs which exist to support SSM in-kernel.
1086 For application developers, it is recommended that loopback of
1087 multicast datagrams be disabled for best performance, as this
1088 will still cause the lock to be taken for each looped-back
1089 datagram transmission. The net.inet.ip.mcast.loop sysctl may
1090 be tuned to 0 to disable loopback by default; it defaults to 1
1091 to preserve the existing behaviour.
1093 For systems administrators, to obtain best performance with
1094 multicast reception and multiple groups, it is always recommended
1095 that a card with a suitably precise hash filter is used. Hash
1096 collisions will still result in the lock being taken within the
1097 transport protocol input path to check group membership.
1099 If deploying FreeBSD in an environment with IGMP snooping switches,
1100 it is recommended that the net.inet.igmp.sendlocal sysctl remain
1101 enabled; this forces 224.0.0.0/24 group membership to be announced
1104 The size of 'struct igmpstat' has changed; netstat needs to be
1105 recompiled to reflect this.
1106 Bump __FreeBSD_version to 800070.
1109 libusb20.so.1 is now installed as libusb.so.1 and the ports system
1110 updated to use it. This requires a buildworld/installworld in order to
1111 update the library and dependencies (usbconfig, etc). Its advisable to
1112 rebuild all ports which uses libusb. More specific directions are given
1113 in the ports collection UPDATING file. Any /etc/libmap.conf entries for
1114 libusb are no longer required and can be removed.
1117 A workaround is committed to allow the creation of System V shared
1118 memory segment of size > 2 GB on the 64-bit architectures.
1119 Due to a limitation of the existing ABI, the shm_segsz member
1120 of the struct shmid_ds, returned by shmctl(IPC_STAT) call is
1121 wrong for large segments. Note that limits must be explicitly
1122 raised to allow such segments to be created.
1125 The layout of struct ifnet has changed, requiring a rebuild of all
1126 network device driver modules.
1129 The /dev handling for the new USB stack has changed, a
1130 buildworld/installworld is required for libusb20.
1133 The new USB2 stack has now been permanently moved in and all kernel and
1134 module names reverted to their previous values (eg, usb, ehci, ohci,
1135 ums, ...). The old usb stack can be compiled in by prefixing the name
1136 with the letter 'o', the old usb modules have been removed.
1137 Updating entry 20090216 for xorg and 20090215 for libmap may still
1141 The rc.conf(5) option if_up_delay has been renamed to
1142 defaultroute_delay to better reflect its purpose. If you have
1143 customized this setting in /etc/rc.conf you need to update it to
1147 xorg 7.4 wants to configure its input devices via hald which does not
1148 yet work with USB2. If the keyboard/mouse does not work in xorg then
1150 Option "AllowEmptyInput" "off"
1151 to your ServerLayout section. This will cause X to use the configured
1152 kbd and mouse sections from your xorg.conf.
1155 The GENERIC kernels for all architectures now default to the new USB2
1156 stack. No kernel config options or code have been removed so if a
1157 problem arises please report it and optionally revert to the old USB
1158 stack. If you are loading USB kernel modules or have a custom kernel
1159 that includes GENERIC then ensure that usb names are also changed over,
1160 eg uftdi -> usb2_serial_ftdi.
1162 Older programs linked against the ports libusb 0.1 need to be
1163 redirected to the new stack's libusb20. /etc/libmap.conf can
1165 # Map old usb library to new one for usb2 stack
1166 libusb-0.1.so.8 libusb20.so.1
1169 All USB ethernet devices now attach as interfaces under the name ueN
1170 (eg. ue0). This is to provide a predictable name as vendors often
1171 change usb chipsets in a product without notice.
1174 The ichsmb(4) driver has been changed to require SMBus slave
1175 addresses be left-justified (xxxxxxx0b) rather than right-justified.
1176 All of the other SMBus controller drivers require left-justified
1177 slave addresses, so this change makes all the drivers provide the
1181 INET6 statistics (struct ip6stat) was updated.
1182 netstat(1) needs to be recompiled.
1185 NTFS has been removed from GENERIC kernel on amd64 to match
1186 GENERIC on i386. Should not cause any issues since mount_ntfs(8)
1187 will load ntfs.ko module automatically when NTFS support is
1188 actually needed, unless ntfs.ko is not installed or security
1189 level prohibits loading kernel modules. If either is the case,
1190 "options NTFS" has to be added into kernel config.
1193 TCP Appropriate Byte Counting (RFC 3465) support added to kernel.
1194 New field in struct tcpcb breaks ABI, so bump __FreeBSD_version to
1195 800061. User space tools that rely on the size of struct tcpcb in
1196 tcp_var.h (e.g. sockstat) need to be recompiled.
1199 ng_tty(4) module updated to match the new TTY subsystem.
1200 Due to API change, user-level applications must be updated.
1201 New API support added to mpd5 CVS and expected to be present
1202 in next mpd5.3 release.
1205 With __FreeBSD_version 800060 the makefs tool is part of
1206 the base system (it was a port).
1209 The afdata and ifnet locks have been changed from mutexes to
1210 rwlocks, network modules will need to be re-compiled.
1213 __FreeBSD_version 800059 incorporates the new arp-v2 rewrite.
1214 RTF_CLONING, RTF_LLINFO and RTF_WASCLONED flags are eliminated.
1215 The new code reduced struct rtentry{} by 16 bytes on 32-bit
1216 architecture and 40 bytes on 64-bit architecture. The userland
1217 applications "arp" and "ndp" have been updated accordingly.
1218 The output from "netstat -r" shows only routing entries and
1219 none of the L2 information.
1222 __FreeBSD_version 800057 marks the switchover from the
1223 binary ath hal to source code. Users must add the line:
1225 options AH_SUPPORT_AR5416
1227 to their kernel config files when specifying:
1231 The ath_hal module no longer exists; the code is now compiled
1232 together with the driver in the ath module. It is now
1233 possible to tailor chip support (i.e. reduce the set of chips
1234 and thereby the code size); consult ath_hal(4) for details.
1237 __FreeBSD_version 800054 adds memory barriers to
1238 <machine/atomic.h>, new interfaces to ifnet to facilitate
1239 multiple hardware transmit queues for cards that support
1240 them, and a lock-less ring-buffer implementation to
1241 enable drivers to more efficiently manage queueing of
1245 A new version of ZFS (version 13) has been merged to -HEAD.
1246 This version has zpool attribute "listsnapshots" off by
1247 default, which means "zfs list" does not show snapshots,
1248 and is the same as Solaris behavior.
1251 dummynet(4) ABI has changed. ipfw(8) needs to be recompiled.
1254 The uhci, ohci, ehci and slhci USB Host controller drivers have
1255 been put into separate modules. If you load the usb module
1256 separately through loader.conf you will need to load the
1257 appropriate *hci module as well. E.g. for a UHCI-based USB 2.0
1258 controller add the following to loader.conf:
1264 The ABI used by the PMC toolset has changed. Please keep
1265 userland (libpmc(3)) and the kernel module (hwpmc(4)) in
1269 atapci kernel module now includes only generic PCI ATA
1270 driver. AHCI driver moved to ataahci kernel module.
1271 All vendor-specific code moved into separate kernel modules:
1272 ataacard, ataacerlabs, ataadaptec, ataamd, ataati, atacenatek,
1273 atacypress, atacyrix, atahighpoint, ataintel, ataite, atajmicron,
1274 atamarvell, atamicron, atanational, atanetcell, atanvidia,
1275 atapromise, ataserverworks, atasiliconimage, atasis, atavia
1278 The TTY subsystem of the kernel has been replaced by a new
1279 implementation, which provides better scalability and an
1280 improved driver model. Most common drivers have been migrated to
1281 the new TTY subsystem, while others have not. The following
1282 drivers have not yet been ported to the new TTY layer:
1285 cy, digi, rc, rp, sio
1291 ng_h4, ng_tty, ppp, sl, snp
1293 Adding these drivers to your kernel configuration file shall
1294 cause compilation to fail.
1297 ntpd has been upgraded to 4.2.4p5.
1300 OpenSSH has been upgraded to 5.1p1.
1302 For many years, FreeBSD's version of OpenSSH preferred DSA
1303 over RSA for host and user authentication keys. With this
1304 upgrade, we've switched to the vendor's default of RSA over
1305 DSA. This may cause upgraded clients to warn about unknown
1306 host keys even for previously known hosts. Users should
1307 follow the usual procedure for verifying host keys before
1308 accepting the RSA key.
1310 This can be circumvented by setting the "HostKeyAlgorithms"
1311 option to "ssh-dss,ssh-rsa" in ~/.ssh/config or on the ssh
1314 Please note that the sequence of keys offered for
1315 authentication has been changed as well. You may want to
1316 specify IdentityFile in a different order to revert this
1320 The sio(4) driver has been removed from the i386 and amd64
1321 kernel configuration files. This means uart(4) is now the
1322 default serial port driver on those platforms as well.
1324 To prevent collisions with the sio(4) driver, the uart(4) driver
1325 uses different names for its device nodes. This means the
1326 onboard serial port will now most likely be called "ttyu0"
1327 instead of "ttyd0". You may need to reconfigure applications to
1328 use the new device names.
1330 When using the serial port as a boot console, be sure to update
1331 /boot/device.hints and /etc/ttys before booting the new kernel.
1332 If you forget to do so, you can still manually specify the hints
1333 at the loader prompt:
1335 set hint.uart.0.at="isa"
1336 set hint.uart.0.port="0x3F8"
1337 set hint.uart.0.flags="0x10"
1338 set hint.uart.0.irq="4"
1342 The gpt(8) utility has been removed. Use gpart(8) to partition
1346 The version that Linuxulator emulates was changed from 2.4.2
1347 to 2.6.16. If you experience any problems with Linux binaries
1348 please try to set sysctl compat.linux.osrelease to 2.4.2 and
1349 if it fixes the problem contact emulation mailing list.
1352 ISDN4BSD (I4B) was removed from the src tree. You may need to
1353 update a your kernel configuration and remove relevant entries.
1356 I have checked in code to support multiple routing tables.
1357 See the man pages setfib(1) and setfib(2).
1358 This is a hopefully backwards compatible version,
1359 but to make use of it you need to compile your kernel
1360 with options ROUTETABLES=2 (or more up to 16).
1363 The 802.11 wireless support was redone to enable multi-bss
1364 operation on devices that are capable. The underlying device
1365 is no longer used directly but instead wlanX devices are
1366 cloned with ifconfig. This requires changes to rc.conf files.
1367 For example, change:
1368 ifconfig_ath0="WPA DHCP"
1371 ifconfig_wlan0="WPA DHCP"
1372 see rc.conf(5) for more details. In addition, mergemaster of
1373 /etc/rc.d is highly recommended. Simultaneous update of userland
1374 and kernel wouldn't hurt either.
1376 As part of the multi-bss changes the wlan_scan_ap and wlan_scan_sta
1377 modules were merged into the base wlan module. All references
1378 to these modules (e.g. in kernel config files) must be removed.
1381 psm(4) has gained write(2) support in native operation level.
1382 Arbitrary commands can be written to /dev/psm%d and status can
1383 be read back from it. Therefore, an application is responsible
1384 for status validation and error recovery. It is a no-op in
1385 other operation levels.
1388 Support for KSE threading has been removed from the kernel. To
1389 run legacy applications linked against KSE libmap.conf may
1390 be used. The following libmap.conf may be used to ensure
1391 compatibility with any prior release:
1393 libpthread.so.1 libthr.so.1
1394 libpthread.so.2 libthr.so.2
1395 libkse.so.3 libthr.so.3
1398 The layout of struct vmspace has changed. This affects libkvm
1399 and any executables that link against libkvm and use the
1400 kvm_getprocs() function. In particular, but not exclusively,
1401 it affects ps(1), fstat(1), pkill(1), systat(1), top(1) and w(1).
1402 The effects are minimal, but it's advisable to upgrade world
1406 The latest em driver no longer has support in it for the
1407 82575 adapter, this is now moved to the igb driver. The
1408 split was done to make new features that are incompatible
1409 with older hardware easier to do.
1412 The new geom_lvm(4) geom class has been renamed to geom_linux_lvm(4),
1413 likewise the kernel option is now GEOM_LINUX_LVM.
1416 The default NFS mount mode has changed from UDP to TCP for
1417 increased reliability. If you rely on (insecurely) NFS
1418 mounting across a firewall you may need to update your
1422 Belatedly note the addition of m_collapse for compacting
1426 The fts(3) structures have been changed to use adequate
1427 integer types for their members and so to be able to cope
1428 with huge file trees. The old fts(3) ABI is preserved
1429 through symbol versioning in libc, so third-party binaries
1430 using fts(3) should still work, although they will not take
1431 advantage of the extended types. At the same time, some
1432 third-party software might fail to build after this change
1433 due to unportable assumptions made in its source code about
1434 fts(3) structure members. Such software should be fixed
1435 by its vendor or, in the worst case, in the ports tree.
1436 FreeBSD_version 800015 marks this change for the unlikely
1437 case that a portable fix is impossible.
1440 To upgrade to -current after this date, you must be running
1441 FreeBSD not older than 6.0-RELEASE. Upgrading to -current
1442 from 5.x now requires a stop over at RELENG_6 or RELENG_7 systems.
1445 The ADAPTIVE_GIANT kernel option has been retired because its
1446 functionality is the default now.
1449 The AT keyboard emulation of sunkbd(4) has been turned on
1450 by default. In order to make the special symbols of the Sun
1451 keyboards driven by sunkbd(4) work under X these now have
1452 to be configured the same way as Sun USB keyboards driven
1453 by ukbd(4) (which also does AT keyboard emulation), f.e.:
1455 Option "XkbLayout" "us"
1456 Option "XkbRules" "xorg"
1457 Option "XkbSymbols" "pc(pc105)+sun_vndr/usb(sun_usb)+us"
1460 It has been decided that it is desirable to provide ABI
1461 backwards compatibility to the FreeBSD 4/5/6 versions of the
1462 PCIOCGETCONF, PCIOCREAD and PCIOCWRITE IOCTLs, which was
1463 broken with the introduction of PCI domain support (see the
1464 20070930 entry). Unfortunately, this required the ABI of
1465 PCIOCGETCONF to be broken again in order to be able to
1466 provide backwards compatibility to the old version of that
1467 IOCTL. Thus consumers of PCIOCGETCONF have to be recompiled
1468 again. As for prominent ports this affects neither pciutils
1469 nor xorg-server this time, the hal port needs to be rebuilt
1473 The misnamed kthread_create() and friends have been renamed
1474 to kproc_create() etc. Many of the callers already
1475 used kproc_start()..
1476 I will return kthread_create() and friends in a while
1477 with implementations that actually create threads, not procs.
1478 Renaming corresponds with version 800002.
1487 Avoid using make -j when upgrading. While generally safe, there are
1488 sometimes problems using -j to upgrade. If your upgrade fails with
1489 -j, please try again without -j. From time to time in the past there
1490 have been problems using -j with buildworld and/or installworld. This
1491 is especially true when upgrading between "distant" versions (eg one
1492 that cross a major release boundary or several minor releases, or when
1493 several months have passed on the -current branch).
1495 Sometimes, obscure build problems are the result of environment
1496 poisoning. This can happen because the make utility reads its
1497 environment when searching for values for global variables. To run
1498 your build attempts in an "environmental clean room", prefix all make
1499 commands with 'env -i '. See the env(1) manual page for more details.
1501 When upgrading from one major version to another it is generally best
1502 to upgrade to the latest code in the currently installed branch first,
1503 then do an upgrade to the new branch. This is the best-tested upgrade
1504 path, and has the highest probability of being successful. Please try
1505 this approach before reporting problems with a major version upgrade.
1509 When upgrading the boot ZFS pool to a new version, always follow
1512 1.) recompile and reinstall the ZFS boot loader and boot block
1513 (this is part of "make buildworld" and "make installworld")
1515 2.) update the ZFS boot block on your boot drive
1517 The following example updates the ZFS boot block on the first
1518 partition (freebsd-boot) of a GPT partitioned drive ad0:
1519 "gpart bootcode -p /boot/gptzfsboot -i 1 ad0"
1521 Non-boot pools do not need these updates.
1525 If you are updating from a prior version of FreeBSD (even one just
1526 a few days old), you should follow this procedure. It is the most
1527 failsafe as it uses a /usr/obj tree with a fresh mini-buildworld,
1529 make kernel-toolchain
1530 make -DALWAYS_CHECK_MAKE buildkernel KERNCONF=YOUR_KERNEL_HERE
1531 make -DALWAYS_CHECK_MAKE installkernel KERNCONF=YOUR_KERNEL_HERE
1533 To test a kernel once
1534 ---------------------
1535 If you just want to boot a kernel once (because you are not sure
1536 if it works, or if you want to boot a known bad kernel to provide
1537 debugging information) run
1538 make installkernel KERNCONF=YOUR_KERNEL_HERE KODIR=/boot/testkernel
1539 nextboot -k testkernel
1541 To just build a kernel when you know that it won't mess you up
1542 --------------------------------------------------------------
1543 This assumes you are already running a CURRENT system. Replace
1544 ${arch} with the architecture of your machine (e.g. "i386",
1545 "arm", "amd64", "ia64", "pc98", "sparc64", "powerpc", "mips", etc).
1547 cd src/sys/${arch}/conf
1548 config KERNEL_NAME_HERE
1549 cd ../compile/KERNEL_NAME_HERE
1554 If this fails, go to the "To build a kernel" section.
1556 To rebuild everything and install it on the current system.
1557 -----------------------------------------------------------
1558 # Note: sometimes if you are running current you gotta do more than
1559 # is listed here if you are upgrading from a really old current.
1561 <make sure you have good level 0 dumps>
1563 make kernel KERNCONF=YOUR_KERNEL_HERE
1565 <reboot in single user> [3]
1573 To cross-install current onto a separate partition
1574 --------------------------------------------------
1575 # In this approach we use a separate partition to hold
1576 # current's root, 'usr', and 'var' directories. A partition
1577 # holding "/", "/usr" and "/var" should be about 2GB in
1580 <make sure you have good level 0 dumps>
1583 make buildkernel KERNCONF=YOUR_KERNEL_HERE
1584 <maybe newfs current's root partition>
1585 <mount current's root partition on directory ${CURRENT_ROOT}>
1586 make installworld DESTDIR=${CURRENT_ROOT}
1587 make distribution DESTDIR=${CURRENT_ROOT} # if newfs'd
1588 make installkernel KERNCONF=YOUR_KERNEL_HERE DESTDIR=${CURRENT_ROOT}
1589 cp /etc/fstab ${CURRENT_ROOT}/etc/fstab # if newfs'd
1590 <edit ${CURRENT_ROOT}/etc/fstab to mount "/" from the correct partition>
1591 <reboot into current>
1592 <do a "native" rebuild/install as described in the previous section>
1593 <maybe install compatibility libraries from ports/misc/compat*>
1597 To upgrade in-place from stable to current
1598 ----------------------------------------------
1599 <make sure you have good level 0 dumps>
1601 make kernel KERNCONF=YOUR_KERNEL_HERE [8]
1603 <reboot in single user> [3]
1610 Make sure that you've read the UPDATING file to understand the
1611 tweaks to various things you need. At this point in the life
1612 cycle of current, things change often and you are on your own
1613 to cope. The defaults can also change, so please read ALL of
1614 the UPDATING entries.
1616 Also, if you are tracking -current, you must be subscribed to
1617 freebsd-current@freebsd.org. Make sure that before you update
1618 your sources that you have read and understood all the recent
1619 messages there. If in doubt, please track -stable which has
1620 much fewer pitfalls.
1622 [1] If you have third party modules, such as vmware, you
1623 should disable them at this point so they don't crash your
1626 [3] From the bootblocks, boot -s, and then do
1631 adjkerntz -i # if CMOS is wall time
1632 Also, when doing a major release upgrade, it is required that
1633 you boot into single user mode to do the installworld.
1635 [4] Note: This step is non-optional. Failure to do this step
1636 can result in a significant reduction in the functionality of the
1637 system. Attempting to do it by hand is not recommended and those
1638 that pursue this avenue should read this file carefully, as well
1639 as the archives of freebsd-current and freebsd-hackers mailing lists
1640 for potential gotchas. The -U option is also useful to consider.
1641 See mergemaster(8) for more information.
1643 [5] Usually this step is a noop. However, from time to time
1644 you may need to do this if you get unknown user in the following
1645 step. It never hurts to do it all the time. You may need to
1646 install a new mergemaster (cd src/usr.sbin/mergemaster && make
1647 install) after the buildworld before this step if you last updated
1648 from [78]-stable or 9-stable before 20130430.
1650 [6] This only deletes old files and directories. Old libraries
1651 can be deleted by "make delete-old-libs", but you have to make
1652 sure that no program is using those libraries anymore.
1654 [8] In order to have a kernel that can run the 4.x binaries needed to
1655 do an installworld, you must include the COMPAT_FREEBSD4 option in
1656 your kernel. Failure to do so may leave you with a system that is
1657 hard to boot to recover. A similar kernel option COMPAT_FREEBSD5 is
1658 required to run the 5.x binaries on more recent kernels. And so on
1659 for COMPAT_FREEBSD6 and COMPAT_FREEBSD7.
1661 Make sure that you merge any new devices from GENERIC since the
1662 last time you updated your kernel config file.
1664 [9] When checking out sources, you must include the -P flag to have
1665 cvs prune empty directories.
1667 If CPUTYPE is defined in your /etc/make.conf, make sure to use the
1668 "?=" instead of the "=" assignment operator, so that buildworld can
1669 override the CPUTYPE if it needs to.
1671 MAKEOBJDIRPREFIX must be defined in an environment variable, and
1672 not on the command line, or in /etc/make.conf. buildworld will
1673 warn if it is improperly defined.
1676 This file contains a list, in reverse chronological order, of major
1677 breakages in tracking -current. It is not guaranteed to be a complete
1678 list of such breakages, and only contains entries since October 10, 2007.
1679 If you need to see UPDATING entries from before that date, you will need
1680 to fetch an UPDATING file from an older FreeBSD release.
1682 Copyright information:
1684 Copyright 1998-2009 M. Warner Losh. All Rights Reserved.
1686 Redistribution, publication, translation and use, with or without
1687 modification, in full or in part, in any form or format of this
1688 document are permitted without further permission from the author.
1690 THIS DOCUMENT IS PROVIDED BY WARNER LOSH ``AS IS'' AND ANY EXPRESS OR
1691 IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
1692 WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
1693 DISCLAIMED. IN NO EVENT SHALL WARNER LOSH BE LIABLE FOR ANY DIRECT,
1694 INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
1695 (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
1696 SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
1697 HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
1698 STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
1699 IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
1700 POSSIBILITY OF SUCH DAMAGE.
1702 Contact Warner Losh if you have any questions about your use of