UPDATING revision 275671
1Updating Information for FreeBSD current users 2 3This file is maintained and copyrighted by M. Warner Losh <imp@freebsd.org>. 4See end of file for further details. For commonly done items, please see the 5COMMON ITEMS: section later in the file. These instructions assume that you 6basically know what you are doing. If not, then please consult the FreeBSD 7handbook: 8 9 http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/makeworld.html 10 11Items affecting the ports and packages system can be found in 12/usr/ports/UPDATING. Please read that file before running portupgrade. 13 14NOTE: FreeBSD has switched from gcc to clang. If you have trouble bootstrapping 15from older versions of FreeBSD, try WITHOUT_CLANG to bootstrap to the tip of 16stable/10, and then rebuild without this option. The bootstrap process from 17older version of current is a bit fragile. 18 1920141210: p13 FreeBSD-SA-14:28.file 20 Fix multiple vulnerabilities in file(1) and libmagic(3). 21 2220141104: p12 FreeBSD-SA-14:24.sshd 23 FreeBSD-SA-14:25.setlogin 24 FreeBSD-SA-14:26.ftp 25 FreeBSD-EN-14:12.zfs 26 27 Fix denial of service attack against sshd(8). [SA-14:24] 28 29 Fix kernel stack disclosure in setlogin(2) / getlogin(2). 30 [SA-14:25] 31 32 Fix remote command execution in ftp(1). [SA-14:26] 33 34 Fix NFSv4 and ZFS cache consistency issue. [EN-14:12] 35 3620141022: p11 FreeBSD-EN-14:10.tzdata 37 38 Time zone data file update. [EN-14:10] 39 4020141021: p10 FreeBSD-SA-14:20.rtsold 41 FreeBSD-SA-14:21.routed 42 FreeBSD-SA-14:22.namei 43 FreeBSD-SA-14:23.openssl 44 45 Fix rtsold(8) remote buffer overflow vulnerability. [SA-14:20] 46 47 Fix routed(8) remote denial of service vulnerability. [SA-14:21] 48 49 Fix memory leak in sandboxed namei lookup. [SA-14:22] 50 51 Fix OpenSSL multiple vulnerabilities. [SA-14:23] 52 5320140916: p9 FreeBSD-SA-14:19.tcp 54 Fix Denial of Service in TCP packet processing. [SA-14:19] 55 5620140909: p8 FreeBSD-SA-14:18.openssl 57 Fix OpenSSL multiple vulnerabilities. [SA-14:18] 58 5920140708: p7 FreeBSD-SA-14:17.kmem 60 Fix kernel memory disclosure in control messages and SCTP 61 notifications. [SA-14:17] 62 6320140624: p6 FreeBSD-SA-14:15.iconv 64 FreeBSD-SA-14:16.file 65 FreeBSD-EN-14:07.pmap 66 67 Fix iconv(3) NULL pointer dereference and out-of-bounds array 68 access. [SA-14:15] 69 70 Fix multiple vulnerabilities in file(1) and libmagic(3). 71 [SA-14:16] 72 73 Worked around bug with PCID implementation. [EN-14:07] 74 7520140605: p5 FreeBSD-SA-14:14.openssl 76 Fix OpenSSL multiple vulnerabilities. [SA-14:14] 77 7820140603: p4 FreeBSD-SA-14:11.sendmail 79 FreeBSD-SA-14:13.pam 80 FreeBSD-EN-14:06.exec 81 82 Fix sendmail improper close-on-exec flag handling. [SA-14:11] 83 84 Fix incorrect error handling in PAM policy parser. [SA-14:13] 85 86 Fix triple-fault when executing from a threaded process. 87 [EN-14:06] 88 8920140513: p3 FreeBSD-SA-14:10.openssl 90 FreeBSD-EN-14:05.ciss 91 92 Fix OpenSSL NULL pointer deference vulnerability. [SA-14:10] 93 94 Fix data corruption with ciss(4). [EN-14:05] 95 9620140430: p2 FreeBSD-SA-14:07.devfs 97 FreeBSD-SA-14:08.tcp 98 FreeBSD-SA-14:09.openssl 99 100 Fix devfs rules not applied by default for jails. [SA-14:07] 101 102 Fix TCP reassembly vulnerability. [SA-14:08] 103 104 Fix OpenSSL use-after-free vulnerability. [SA-14:09] 105 10620140408: p1 FreeBSD-SA-14:05.nfsserver 107 FreeBSD-SA-14:06.openssl 108 Fix deadlock in the NFS server. [SA-14:05] 109 110 Fix multiple vulnerabilities in OpenSSL. [SA-14:06] 111 11220131223: 113 The behavior of gss_pseudo_random() for the krb5 mechanism 114 has changed, for applications requesting a longer random string 115 than produced by the underlying enctype's pseudo-random() function. 116 In particular, the random string produced from a session key of 117 enctype aes256-cts-hmac-sha1-96 or aes256-cts-hmac-sha1-96 will 118 be different at the 17th octet and later, after this change. 119 The counter used in the PRF+ construction is now encoded as a 120 big-endian integer in accordance with RFC 4402. 121 12220131031: 123 The default version of mtree is nmtree which is obtained from 124 NetBSD. The output is generally the same, but may vary 125 slightly. If you found you need identical output adding 126 "-F freebsd9" to the command line should do the trick. For the 127 time being, the old mtree is available as fmtree. 128 12920131014: 130 libbsdyml has been renamed to libyaml and moved to /usr/lib/private. 131 This will break ports-mgmt/pkg. Rebuild the port, or upgrade to pkg 132 1.1.4_8 and verify bsdyml not linked in, before running "make 133 delete-old-libs": 134 # make -C /usr/ports/ports-mgmt/pkg build deinstall install clean 135 or 136 # pkg install pkg; ldd /usr/local/sbin/pkg | grep bsdyml 137 13820131010: 139 The rc.d/jail script has been updated to support jail(8) 140 configuration file. The "jail_<jname>_*" rc.conf(5) variables 141 for per-jail configuration are automatically converted to 142 /var/run/jail.<jname>.conf before the jail(8) utility is invoked. 143 This is transparently backward compatible. See below about some 144 incompatibilities and rc.conf(5) manual page for more details. 145 146 These variables are now deprecated in favor of jail(8) configuration 147 file. One can use "rc.d/jail config <jname>" command to generate 148 a jail(8) configuration file in /var/run/jail.<jname>.conf without 149 running the jail(8) utility. The default pathname of the 150 configuration file is /etc/jail.conf and can be specified by 151 using $jail_conf or $jail_<jname>_conf variables. 152 153 Please note that jail_devfs_ruleset accepts an integer at 154 this moment. Please consider to rewrite the ruleset name 155 with an integer. 156 15720130930: 158 BIND has been removed from the base system. If all you need 159 is a local resolver, simply enable and start the local_unbound 160 service instead. Otherwise, several versions of BIND are 161 available in the ports tree. The dns/bind99 port is one example. 162 163 With this change, nslookup(1) and dig(1) are no longer in the base 164 system. Users should instead use host(1) and drill(1) which are 165 in the base system. Alternatively, nslookup and dig can 166 be obtained by installing the dns/bind-tools port. 167 16820130916: 169 With the addition of unbound(8), a new unbound user is now 170 required during installworld. "mergemaster -p" can be used to 171 add the user prior to installworld, as documented in the handbook. 172 17320130911: 174 OpenSSH is now built with DNSSEC support, and will by default 175 silently trust signed SSHFP records. This can be controlled with 176 the VerifyHostKeyDNS client configuration setting. DNSSEC support 177 can be disabled entirely with the WITHOUT_LDNS option in src.conf. 178 17920130906: 180 The GNU Compiler Collection and C++ standard library (libstdc++) 181 are no longer built by default on platforms where clang is the system 182 compiler. You can enable them with the WITH_GCC and WITH_GNUCXX 183 options in src.conf. 184 18520130905: 186 The PROCDESC kernel option is now part of the GENERIC kernel 187 configuration and is required for the rwhod(8) to work. 188 If you are using custom kernel configuration, you should include 189 'options PROCDESC'. 190 19120130905: 192 The API and ABI related to the Capsicum framework was modified 193 in backward incompatible way. The userland libraries and programs 194 have to be recompiled to work with the new kernel. This includes the 195 following libraries and programs, but the whole buildworld is 196 advised: libc, libprocstat, dhclient, tcpdump, hastd, hastctl, 197 kdump, procstat, rwho, rwhod, uniq. 198 19920130903: 200 AES-NI intrinsic support has been added to gcc. The AES-NI module 201 has been updated to use this support. A new gcc is required to build 202 the aesni module on both i386 and amd64. 203 20420130821: 205 The PADLOCK_RNG and RDRAND_RNG kernel options are now devices. 206 Thus "device padlock_rng" and "device rdrand_rng" should be 207 used instead of "options PADLOCK_RNG" & "options RDRAND_RNG". 208 20920130813: 210 WITH_ICONV has been split into two feature sets. WITH_ICONV now 211 enables just the iconv* functionality and is now on by default. 212 WITH_LIBICONV_COMPAT enables the libiconv api and link time 213 compatability. Set WITHOUT_ICONV to build the old way. 214 If you have been using WITH_ICONV before, you will very likely 215 need to turn on WITH_LIBICONV_COMPAT. 216 21720130806: 218 INVARIANTS option now enables DEBUG for code with OpenSolaris and 219 Illumos origin, including ZFS. If you have INVARIANTS in your 220 kernel configuration, then there is no need to set DEBUG or ZFS_DEBUG 221 explicitly. 222 DEBUG used to enable witness(9) tracking of OpenSolaris (mostly ZFS) 223 locks if WITNESS option was set. Because that generated a lot of 224 witness(9) reports and all of them were believed to be false 225 positives, this is no longer done. New option OPENSOLARIS_WITNESS 226 can be used to achieve the previous behavior. 227 22820130806: 229 Timer values in IPv6 data structures now use time_uptime instead 230 of time_second. Although this is not a user-visible functional 231 change, userland utilities which directly use them---ndp(8), 232 rtadvd(8), and rtsold(8) in the base system---need to be updated 233 to r253970 or later. 234 23520130802: 236 find -delete can now delete the pathnames given as arguments, 237 instead of only files found below them or if the pathname did 238 not contain any slashes. Formerly, the following error message 239 would result: 240 241 find: -delete: <path>: relative path potentially not safe 242 243 Deleting the pathnames given as arguments can be prevented 244 without error messages using -mindepth 1 or by changing 245 directory and passing "." as argument to find. This works in the 246 old as well as the new version of find. 247 24820130726: 249 Behavior of devfs rules path matching has been changed. 250 Pattern is now always matched against fully qualified devfs 251 path and slash characters must be explicitly matched by 252 slashes in pattern (FNM_PATHNAME). Rulesets involving devfs 253 subdirectories must be reviewed. 254 25520130716: 256 The default ARM ABI has changed to the ARM EABI. The old ABI is 257 incompatible with the ARM EABI and all programs and modules will 258 need to be rebuilt to work with a new kernel. 259 260 To keep using the old ABI ensure the WITHOUT_ARM_EABI knob is set. 261 262 NOTE: Support for the old ABI will be removed in the future and 263 users are advised to upgrade. 264 26520130709: 266 pkg_install has been disconnected from the build if you really need it 267 you should add WITH_PKGTOOLS in your src.conf(5). 268 26920130709: 270 Most of network statistics structures were changed to be able 271 keep 64-bits counters. Thus all tools, that work with networking 272 statistics, must be rebuilt (netstat(1), bsnmpd(1), etc.) 273 27420130629: 275 Fix targets that run multiple make's to use && rather than ; 276 so that subsequent steps depend on success of previous. 277 278 NOTE: if building 'universe' with -j* on stable/8 or stable/9 279 it would be better to start the build using bmake, to avoid 280 overloading the machine. 281 28220130618: 283 Fix a bug that allowed a tracing process (e.g. gdb) to write 284 to a memory-mapped file in the traced process's address space 285 even if neither the traced process nor the tracing process had 286 write access to that file. 287 28820130615: 289 CVS has been removed from the base system. An exact copy 290 of the code is available from the devel/cvs port. 291 29220130613: 293 Some people report the following error after the switch to bmake: 294 295 make: illegal option -- J 296 usage: make [-BPSXeiknpqrstv] [-C directory] [-D variable] 297 ... 298 *** [buildworld] Error code 2 299 300 this likely due to an old instance of make in 301 ${MAKEPATH} (${MAKEOBJDIRPREFIX}${.CURDIR}/make.${MACHINE}) 302 which src/Makefile will use that blindly, if it exists, so if 303 you see the above error: 304 305 rm -rf `make -V MAKEPATH` 306 307 should resolve it. 308 30920130516: 310 Use bmake by default. 311 Whereas before one could choose to build with bmake via 312 -DWITH_BMAKE one must now use -DWITHOUT_BMAKE to use the old 313 make. The goal is to remove these knobs for 10-RELEASE. 314 315 It is worth noting that bmake (like gmake) treats the command 316 line as the unit of failure, rather than statements within the 317 command line. Thus '(cd some/where && dosomething)' is safer 318 than 'cd some/where; dosomething'. The '()' allows consistent 319 behavior in parallel build. 320 32120130429: 322 Fix a bug that allows NFS clients to issue READDIR on files. 323 32420130426: 325 The WITHOUT_IDEA option has been removed because 326 the IDEA patent expired. 327 32820130426: 329 The sysctl which controls TRIM support under ZFS has been renamed 330 from vfs.zfs.trim_disable -> vfs.zfs.trim.enabled and has been 331 enabled by default. 332 33320130425: 334 The mergemaster command now uses the default MAKEOBJDIRPREFIX 335 rather than creating it's own in the temporary directory in 336 order allow access to bootstrapped versions of tools such as 337 install and mtree. When upgrading from version of FreeBSD where 338 the install command does not support -l, you will need to 339 install a new mergemaster command if mergemaster -p is required. 340 This can be accomplished with the command (cd src/usr.sbin/mergemaster 341 && make install). 342 34320130404: 344 Legacy ATA stack, disabled and replaced by new CAM-based one since 345 FreeBSD 9.0, completely removed from the sources. Kernel modules 346 atadisk and atapi*, user-level tools atacontrol and burncd are 347 removed. Kernel option `options ATA_CAM` is now permanently enabled 348 and removed. 349 35020130319: 351 SOCK_CLOEXEC and SOCK_NONBLOCK flags have been added to socket(2) 352 and socketpair(2). Software, in particular Kerberos, may 353 automatically detect and use these during building. The resulting 354 binaries will not work on older kernels. 355 35620130308: 357 CTL_DISABLE has also been added to the sparc64 GENERIC (for further 358 information, see the respective 20130304 entry). 359 36020130304: 361 Recent commits to callout(9) changed the size of struct callout, 362 so the KBI is probably heavily disturbed. Also, some functions 363 in callout(9)/sleep(9)/sleepqueue(9)/condvar(9) KPIs were replaced 364 by macros. Every kernel module using it won't load, so rebuild 365 is requested. 366 367 The ctl device has been re-enabled in GENERIC for i386 and amd64, 368 but does not initialize by default (because of the new CTL_DISABLE 369 option) to save memory. To re-enable it, remove the CTL_DISABLE 370 option from the kernel config file or set kern.cam.ctl.disable=0 371 in /boot/loader.conf. 372 37320130301: 374 The ctl device has been disabled in GENERIC for i386 and amd64. 375 This was done due to the extra memory being allocated at system 376 initialisation time by the ctl driver which was only used if 377 a CAM target device was created. This makes a FreeBSD system 378 unusable on 128MB or less of RAM. 379 38020130208: 381 A new compression method (lz4) has been merged to -HEAD. Please 382 refer to zpool-features(7) for more information. 383 384 Please refer to the "ZFS notes" section of this file for information 385 on upgrading boot ZFS pools. 386 38720130129: 388 A BSD-licensed patch(1) variant has been added and is installed 389 as bsdpatch, being the GNU version the default patch. 390 To inverse the logic and use the BSD-licensed one as default, 391 while having the GNU version installed as gnupatch, rebuild 392 and install world with the WITH_BSD_PATCH knob set. 393 39420130121: 395 Due to the use of the new -l option to install(1) during build 396 and install, you must take care not to directly set the INSTALL 397 make variable in your /etc/make.conf, /etc/src.conf, or on the 398 command line. If you wish to use the -C flag for all installs 399 you may be able to add INSTALL+=-C to /etc/make.conf or 400 /etc/src.conf. 401 40220130118: 403 The install(1) option -M has changed meaning and now takes an 404 argument that is a file or path to append logs to. In the 405 unlikely event that -M was the last option on the command line 406 and the command line contained at least two files and a target 407 directory the first file will have logs appended to it. The -M 408 option served little practical purpose in the last decade so its 409 use is expected to be extremely rare. 410 41120121223: 412 After switching to Clang as the default compiler some users of ZFS 413 on i386 systems started to experience stack overflow kernel panics. 414 Please consider using 'options KSTACK_PAGES=4' in such configurations. 415 41620121222: 417 GEOM_LABEL now mangles label names read from file system metadata. 418 Mangling affect labels containing spaces, non-printable characters, 419 '%' or '"'. Device names in /etc/fstab and other places may need to 420 be updated. 421 42220121217: 423 By default, only the 10 most recent kernel dumps will be saved. To 424 restore the previous behaviour (no limit on the number of kernel dumps 425 stored in the dump directory) add the following line to /etc/rc.conf: 426 427 savecore_flags="" 428 42920121201: 430 With the addition of auditdistd(8), a new auditdistd user is now 431 required during installworld. "mergemaster -p" can be used to 432 add the user prior to installworld, as documented in the handbook. 433 43420121117: 435 The sin6_scope_id member variable in struct sockaddr_in6 is now 436 filled by the kernel before passing the structure to the userland via 437 sysctl or routing socket. This means the KAME-specific embedded scope 438 id in sin6_addr.s6_addr[2] is always cleared in userland application. 439 This behavior can be controlled by net.inet6.ip6.deembed_scopeid. 440 __FreeBSD_version is bumped to 1000025. 441 44220121105: 443 On i386 and amd64 systems WITH_CLANG_IS_CC is now the default. 444 This means that the world and kernel will be compiled with clang 445 and that clang will be installed as /usr/bin/cc, /usr/bin/c++, 446 and /usr/bin/cpp. To disable this behavior and revert to building 447 with gcc, compile with WITHOUT_CLANG_IS_CC. Really old versions 448 of current may need to bootstrap WITHOUT_CLANG first if the clang 449 build fails (its compatibility window doesn't extend to the 9 stable 450 branch point). 451 45220121102: 453 The IPFIREWALL_FORWARD kernel option has been removed. Its 454 functionality now turned on by default. 455 45620121023: 457 The ZERO_COPY_SOCKET kernel option has been removed and 458 split into SOCKET_SEND_COW and SOCKET_RECV_PFLIP. 459 NB: SOCKET_SEND_COW uses the VM page based copy-on-write 460 mechanism which is not safe and may result in kernel crashes. 461 NB: The SOCKET_RECV_PFLIP mechanism is useless as no current 462 driver supports disposeable external page sized mbuf storage. 463 Proper replacements for both zero-copy mechanisms are under 464 consideration and will eventually lead to complete removal 465 of the two kernel options. 466 46720121023: 468 The IPv4 network stack has been converted to network byte 469 order. The following modules need to be recompiled together 470 with kernel: carp(4), divert(4), gif(4), siftr(4), gre(4), 471 pf(4), ipfw(4), ng_ipfw(4), stf(4). 472 47320121022: 474 Support for non-MPSAFE filesystems was removed from VFS. The 475 VFS_VERSION was bumped, all filesystem modules shall be 476 recompiled. 477 47820121018: 479 All the non-MPSAFE filesystems have been disconnected from 480 the build. The full list includes: codafs, hpfs, ntfs, nwfs, 481 portalfs, smbfs, xfs. 482 48320121016: 484 The interface cloning API and ABI has changed. The following 485 modules need to be recompiled together with kernel: 486 ipfw(4), pfsync(4), pflog(4), usb(4), wlan(4), stf(4), 487 vlan(4), disc(4), edsc(4), if_bridge(4), gif(4), tap(4), 488 faith(4), epair(4), enc(4), tun(4), if_lagg(4), gre(4). 489 49020121015: 491 The sdhci driver was split in two parts: sdhci (generic SD Host 492 Controller logic) and sdhci_pci (actual hardware driver). 493 No kernel config modifications are required, but if you 494 load sdhc as a module you must switch to sdhci_pci instead. 495 49620121014: 497 Import the FUSE kernel and userland support into base system. 498 49920121013: 500 The GNU sort(1) program has been removed since the BSD-licensed 501 sort(1) has been the default for quite some time and no serious 502 problems have been reported. The corresponding WITH_GNU_SORT 503 knob has also gone. 504 50520121006: 506 The pfil(9) API/ABI for AF_INET family has been changed. Packet 507 filtering modules: pf(4), ipfw(4), ipfilter(4) need to be recompiled 508 with new kernel. 509 51020121001: 511 The net80211(4) ABI has been changed to allow for improved driver 512 PS-POLL and power-save support. All wireless drivers need to be 513 recompiled to work with the new kernel. 514 51520120913: 516 The random(4) support for the VIA hardware random number 517 generator (`PADLOCK') is no longer enabled unconditionally. 518 Add the padlock_rng device in the custom kernel config if 519 needed. The GENERIC kernels on i386 and amd64 do include the 520 device, so the change only affects the custom kernel 521 configurations. 522 52320120908: 524 The pf(4) packet filter ABI has been changed. pfctl(8) and 525 snmp_pf module need to be recompiled to work with new kernel. 526 52720120828: 528 A new ZFS feature flag "com.delphix:empty_bpobj" has been merged 529 to -HEAD. Pools that have empty_bpobj in active state can not be 530 imported read-write with ZFS implementations that do not support 531 this feature. For more information read the zpool-features(5) 532 manual page. 533 53420120727: 535 The sparc64 ZFS loader has been changed to no longer try to auto- 536 detect ZFS providers based on diskN aliases but now requires these 537 to be explicitly listed in the OFW boot-device environment variable. 538 53920120712: 540 The OpenSSL has been upgraded to 1.0.1c. Any binaries requiring 541 libcrypto.so.6 or libssl.so.6 must be recompiled. Also, there are 542 configuration changes. Make sure to merge /etc/ssl/openssl.cnf. 543 54420120712: 545 The following sysctls and tunables have been renamed for consistency 546 with other variables: 547 kern.cam.da.da_send_ordered -> kern.cam.da.send_ordered 548 kern.cam.ada.ada_send_ordered -> kern.cam.ada.send_ordered 549 55020120628: 551 The sort utility has been replaced with BSD sort. For now, GNU sort 552 is also available as "gnusort" or the default can be set back to 553 GNU sort by setting WITH_GNU_SORT. In this case, BSD sort will be 554 installed as "bsdsort". 555 55620120611: 557 A new version of ZFS (pool version 5000) has been merged to -HEAD. 558 Starting with this version the old system of ZFS pool versioning 559 is superseded by "feature flags". This concept enables forward 560 compatibility against certain future changes in functionality of ZFS 561 pools. The first read-only compatible "feature flag" for ZFS pools 562 is named "com.delphix:async_destroy". For more information 563 read the new zpool-features(5) manual page. 564 Please refer to the "ZFS notes" section of this file for information 565 on upgrading boot ZFS pools. 566 56720120417: 568 The malloc(3) implementation embedded in libc now uses sources imported 569 as contrib/jemalloc. The most disruptive API change is to 570 /etc/malloc.conf. If your system has an old-style /etc/malloc.conf, 571 delete it prior to installworld, and optionally re-create it using the 572 new format after rebooting. See malloc.conf(5) for details 573 (specifically the TUNING section and the "opt.*" entries in the MALLCTL 574 NAMESPACE section). 575 57620120328: 577 Big-endian MIPS TARGET_ARCH values no longer end in "eb". mips64eb 578 is now spelled mips64. mipsn32eb is now spelled mipsn32. mipseb is 579 now spelled mips. This is to aid compatibility with third-party 580 software that expects this naming scheme in uname(3). Little-endian 581 settings are unchanged. If you are updating a big-endian mips64 machine 582 from before this change, you may need to set MACHINE_ARCH=mips64 in 583 your environment before the new build system will recognize your machine. 584 58520120306: 586 Disable by default the option VFS_ALLOW_NONMPSAFE for all supported 587 platforms. 588 58920120229: 590 Now unix domain sockets behave "as expected" on nullfs(5). Previously 591 nullfs(5) did not pass through all behaviours to the underlying layer, 592 as a result if we bound to a socket on the lower layer we could connect 593 only to the lower path; if we bound to the upper layer we could connect 594 only to the upper path. The new behavior is one can connect to both the 595 lower and the upper paths regardless what layer path one binds to. 596 59720120211: 598 The getifaddrs upgrade path broken with 20111215 has been restored. 599 If you have upgraded in between 20111215 and 20120209 you need to 600 recompile libc again with your kernel. You still need to recompile 601 world to be able to configure CARP but this restriction already 602 comes from 20111215. 603 60420120114: 605 The set_rcvar() function has been removed from /etc/rc.subr. All 606 base and ports rc.d scripts have been updated, so if you have a 607 port installed with a script in /usr/local/etc/rc.d you can either 608 hand-edit the rcvar= line, or reinstall the port. 609 610 An easy way to handle the mass-update of /etc/rc.d: 611 rm /etc/rc.d/* && mergemaster -i 612 61320120109: 614 panic(9) now stops other CPUs in the SMP systems, disables interrupts 615 on the current CPU and prevents other threads from running. 616 This behavior can be reverted using the kern.stop_scheduler_on_panic 617 tunable/sysctl. 618 The new behavior can be incompatible with kern.sync_on_panic. 619 62020111215: 621 The carp(4) facility has been changed significantly. Configuration 622 of the CARP protocol via ifconfig(8) has changed, as well as format 623 of CARP events submitted to devd(8) has changed. See manual pages 624 for more information. The arpbalance feature of carp(4) is currently 625 not supported anymore. 626 627 Size of struct in_aliasreq, struct in6_aliasreq has changed. User 628 utilities using SIOCAIFADDR, SIOCAIFADDR_IN6, e.g. ifconfig(8), 629 need to be recompiled. 630 63120111122: 632 The acpi_wmi(4) status device /dev/wmistat has been renamed to 633 /dev/wmistat0. 634 63520111108: 636 The option VFS_ALLOW_NONMPSAFE option has been added in order to 637 explicitely support non-MPSAFE filesystems. 638 It is on by default for all supported platform at this present 639 time. 640 64120111101: 642 The broken amd(4) driver has been replaced with esp(4) in the amd64, 643 i386 and pc98 GENERIC kernel configuration files. 644 64520110930: 646 sysinstall has been removed 647 64820110923: 649 The stable/9 branch created in subversion. This corresponds to the 650 RELENG_9 branch in CVS. 651 65220110913: 653 This commit modifies vfs_register() so that it uses a hash 654 calculation to set vfc_typenum, which is enabled by default. 655 The first time a system is booted after this change, the 656 vfc_typenum values will change for all file systems. The 657 main effect of this is a change to the NFS server file handles 658 for file systems that use vfc_typenum in their fsid, such as ZFS. 659 It will, however, prevent vfc_typenum from changing when file 660 systems are loaded in a different order for subsequent reboots. 661 To disable this, you can set vfs.typenumhash=0 in /boot/loader.conf 662 until you are ready to remount all NFS clients after a reboot. 663 66420110828: 665 Bump the shared library version numbers for libraries that 666 do not use symbol versioning, have changed the ABI compared 667 to stable/8 and which shared library version was not bumped. 668 Done as part of 9.0-RELEASE cycle. 669 67020110815: 671 During the merge of Capsicum features, the fget(9) KPI was modified. 672 This may require the rebuilding of out-of-tree device drivers -- 673 issues have been reported specifically with the nVidia device driver. 674 __FreeBSD_version is bumped to 900041. 675 676 Also, there is a period between 20110811 and 20110814 where the 677 special devices /dev/{stdin,stdout,stderr} did not work correctly. 678 Building world from a kernel during that window may not work. 679 68020110628: 681 The packet filter (pf) code has been updated to OpenBSD 4.5. 682 You need to update userland tools to be in sync with kernel. 683 This update breaks backward compatibility with earlier pfsync(4) 684 versions. Care must be taken when updating redundant firewall setups. 685 68620110608: 687 The following sysctls and tunables are retired on x86 platforms: 688 machdep.hlt_cpus 689 machdep.hlt_logical_cpus 690 The following sysctl is retired: 691 machdep.hyperthreading_allowed 692 The sysctls were supposed to provide a way to dynamically offline and 693 online selected CPUs on x86 platforms, but the implementation has not 694 been reliable especially with SCHED_ULE scheduler. 695 machdep.hyperthreading_allowed tunable is still available to ignore 696 hyperthreading CPUs at OS level. 697 Individual CPUs can be disabled using hint.lapic.X.disabled tunable, 698 where X is an APIC ID of a CPU. Be advised, though, that disabling 699 CPUs in non-uniform fashion will result in non-uniform topology and 700 may lead to sub-optimal system performance with SCHED_ULE, which is 701 a default scheduler. 702 70320110607: 704 cpumask_t type is retired and cpuset_t is used in order to describe 705 a mask of CPUs. 706 70720110531: 708 Changes to ifconfig(8) for dynamic address family detection mandate 709 that you are running a kernel of 20110525 or later. Make sure to 710 follow the update procedure to boot a new kernel before installing 711 world. 712 71320110513: 714 Support for sun4v architecture is officially dropped 715 71620110503: 717 Several KPI breaking changes have been committed to the mii(4) layer, 718 the PHY drivers and consequently some Ethernet drivers using mii(4). 719 This means that miibus.ko and the modules of the affected Ethernet 720 drivers need to be recompiled. 721 722 Note to kernel developers: Given that the OUI bit reversion problem 723 was fixed as part of these changes all mii(4) commits related to OUIs, 724 i.e. to sys/dev/mii/miidevs, PHY driver probing and vendor specific 725 handling, no longer can be merged verbatim to stable/8 and previous 726 branches. 727 72820110430: 729 Users of the Atheros AR71xx SoC code now need to add 'device ar71xx_pci' 730 into their kernel configurations along with 'device pci'. 731 73220110427: 733 The default NFS client is now the new NFS client, so fstype "newnfs" 734 is now "nfs" and the regular/old NFS client is now fstype "oldnfs". 735 Although mounts via fstype "nfs" will usually work without userland 736 changes, it is recommended that the mount(8) and mount_nfs(8) 737 commands be rebuilt from sources and that a link to mount_nfs called 738 mount_oldnfs be created. The new client is compiled into the 739 kernel with "options NFSCL" and this is needed for diskless root 740 file systems. The GENERIC kernel configs have been changed to use 741 NFSCL and NFSD (the new server) instead of NFSCLIENT and NFSSERVER. 742 To use the regular/old client, you can "mount -t oldnfs ...". For 743 a diskless root file system, you must also include a line like: 744 745 vfs.root.mountfrom="oldnfs:" 746 747 in the boot/loader.conf on the root fs on the NFS server to make 748 a diskless root fs use the old client. 749 75020110424: 751 The GENERIC kernels for all architectures now default to the new 752 CAM-based ATA stack. It means that all legacy ATA drivers were 753 removed and replaced by respective CAM drivers. If you are using 754 ATA device names in /etc/fstab or other places, make sure to update 755 them respectively (adX -> adaY, acdX -> cdY, afdX -> daY, astX -> saY, 756 where 'Y's are the sequential numbers starting from zero for each type 757 in order of detection, unless configured otherwise with tunables, 758 see cam(4)). There will be symbolic links created in /dev/ to map 759 old adX devices to the respective adaY. They should provide basic 760 compatibility for file systems mounting in most cases, but they do 761 not support old user-level APIs and do not have respective providers 762 in GEOM. Consider using updated management tools with new device names. 763 764 It is possible to load devices ahci, ata, siis and mvs as modules, 765 but option ATA_CAM should remain in kernel configuration to make ata 766 module work as CAM driver supporting legacy ATA controllers. Device ata 767 still can be used in modular fashion (atacore + ...). Modules atadisk 768 and atapi* are not used and won't affect operation in ATA_CAM mode. 769 Note that to use CAM-based ATA kernel should include CAM devices 770 scbus, pass, da (or explicitly ada), cd and optionally others. All of 771 them are parts of the cam module. 772 773 ataraid(4) functionality is now supported by the RAID GEOM class. 774 To use it you can load geom_raid kernel module and use graid(8) tool 775 for management. Instead of /dev/arX device names, use /dev/raid/rX. 776 777 No kernel config options or code have been removed, so if a problem 778 arises, please report it and optionally revert to the old ATA stack. 779 In order to do it you can remove from the kernel config: 780 options ATA_CAM 781 device ahci 782 device mvs 783 device siis 784 , and instead add back: 785 device atadisk # ATA disk drives 786 device ataraid # ATA RAID drives 787 device atapicd # ATAPI CDROM drives 788 device atapifd # ATAPI floppy drives 789 device atapist # ATAPI tape drives 790 79120110423: 792 The default NFS server has been changed to the new server, which 793 was referred to as the experimental server. If you need to switch 794 back to the old NFS server, you must now put the "-o" option on 795 both the mountd and nfsd commands. This can be done using the 796 mountd_flags and nfs_server_flags rc.conf variables until an 797 update to the rc scripts is committed, which is coming soon. 798 79920110418: 800 The GNU Objective-C runtime library (libobjc), and other Objective-C 801 related components have been removed from the base system. If you 802 require an Objective-C library, please use one of the available ports. 803 80420110331: 805 ath(4) has been split into bus- and device- modules. if_ath contains 806 the HAL, the TX rate control and the network device code. if_ath_pci 807 contains the PCI bus glue. For Atheros MIPS embedded systems, if_ath_ahb 808 contains the AHB glue. Users need to load both if_ath_pci and if_ath 809 in order to use ath on everything else. 810 811 TO REPEAT: if_ath_ahb is not needed for normal users. Normal users only 812 need to load if_ath and if_ath_pci for ath(4) operation. 813 81420110314: 815 As part of the replacement of sysinstall, the process of building 816 release media has changed significantly. For details, please re-read 817 release(7), which has been updated to reflect the new build process. 818 81920110218: 820 GNU binutils 2.17.50 (as of 2007-07-03) has been merged to -HEAD. This 821 is the last available version under GPLv2. It brings a number of new 822 features, such as support for newer x86 CPU's (with SSE-3, SSSE-3, SSE 823 4.1 and SSE 4.2), better support for powerpc64, a number of new 824 directives, and lots of other small improvements. See the ChangeLog 825 file in contrib/binutils for the full details. 826 82720110218: 828 IPsec's HMAC_SHA256-512 support has been fixed to be RFC4868 829 compliant, and will now use half of hash for authentication. 830 This will break interoperability with all stacks (including all 831 actual FreeBSD versions) who implement 832 draft-ietf-ipsec-ciph-sha-256-00 (they use 96 bits of hash for 833 authentication). 834 The only workaround with such peers is to use another HMAC 835 algorithm for IPsec ("phase 2") authentication. 836 83720110207: 838 Remove the uio_yield prototype and symbol. This function has 839 been misnamed since it was introduced and should not be 840 globally exposed with this name. The equivalent functionality 841 is now available using kern_yield(curthread->td_user_pri). 842 The function remains undocumented. 843 84420110112: 845 A SYSCTL_[ADD_]UQUAD was added for unsigned uint64_t pointers, 846 symmetric with the existing SYSCTL_[ADD_]QUAD. Type checking 847 for scalar sysctls is defined but disabled. Code that needs 848 UQUAD to pass the type checking that must compile on older 849 systems where the define is not present can check against 850 __FreeBSD_version >= 900030. 851 852 The system dialog(1) has been replaced with a new version previously 853 in ports as devel/cdialog. dialog(1) is mostly command-line compatible 854 with the previous version, but the libdialog associated with it has 855 a largely incompatible API. As such, the original version of libdialog 856 will be kept temporarily as libodialog, until its base system consumers 857 are replaced or updated. Bump __FreeBSD_version to 900030. 858 85920110103: 860 If you are trying to run make universe on a -stable system, and you get 861 the following warning: 862 "Makefile", line 356: "Target architecture for i386/conf/GENERIC 863 unknown. config(8) likely too old." 864 or something similar to it, then you must upgrade your -stable system 865 to 8.2-Release or newer (really, any time after r210146 7/15/2010 in 866 stable/8) or build the config from the latest stable/8 branch and 867 install it on your system. 868 869 Prior to this date, building a current universe on 8-stable system from 870 between 7/15/2010 and 1/2/2011 would result in a weird shell parsing 871 error in the first kernel build phase. A new config on those old 872 systems will fix that problem for older versions of -current. 873 87420101228: 875 The TCP stack has been modified to allow Khelp modules to interact with 876 it via helper hook points and store per-connection data in the TCP 877 control block. Bump __FreeBSD_version to 900029. User space tools that 878 rely on the size of struct tcpcb in tcp_var.h (e.g. sockstat) need to 879 be recompiled. 880 88120101114: 882 Generic IEEE 802.3 annex 31B full duplex flow control support has been 883 added to mii(4) and bge(4), bce(4), msk(4), nfe(4) and stge(4) along 884 with brgphy(4), e1000phy(4) as well as ip1000phy() have been converted 885 to take advantage of it instead of using custom implementations. This 886 means that these drivers now no longer unconditionally advertise 887 support for flow control but only do so if flow control is a selected 888 media option. This was implemented in the generic support that way in 889 order to allow flow control to be switched on and off via ifconfig(8) 890 with the PHY specific default to typically off in order to protect 891 from unwanted effects. Consequently, if you used flow control with 892 one of the above mentioned drivers you now need to explicitly enable 893 it, for example via: 894 ifconfig bge0 media auto mediaopt flowcontrol 895 896 Along with the above mentioned changes generic support for setting 897 1000baseT master mode also has been added and brgphy(4), ciphy(4), 898 e1000phy(4) as well as ip1000phy(4) have been converted to take 899 advantage of it. This means that these drivers now no longer take the 900 link0 parameter for selecting master mode but the master media option 901 has to be used instead, for example like in the following: 902 ifconfig bge0 media 1000baseT mediaopt full-duplex,master 903 904 Selection of master mode now is also available with all other PHY 905 drivers supporting 1000baseT. 906 90720101111: 908 The TCP stack has received a significant update to add support for 909 modularised congestion control and generally improve the clarity of 910 congestion control decisions. Bump __FreeBSD_version to 900025. User 911 space tools that rely on the size of struct tcpcb in tcp_var.h (e.g. 912 sockstat) need to be recompiled. 913 91420101002: 915 The man(1) utility has been replaced by a new version that no longer 916 uses /etc/manpath.config. Please consult man.conf(5) for how to 917 migrate local entries to the new format. 918 91920100928: 920 The copyright strings printed by login(1) and sshd(8) at the time of a 921 new connection have been removed to follow other operating systems and 922 upstream sshd. 923 92420100915: 925 A workaround for a fixed ld bug has been removed in kernel code, 926 so make sure that your system ld is built from sources after 927 revision 210245 from 2010-07-19 (r211583 if building head kernel 928 on stable/8, r211584 for stable/7; both from 2010-08-21). 929 A symptom of incorrect ld version is different addresses for 930 set_pcpu section and __start_set_pcpu symbol in kernel and/or modules. 931 93220100913: 933 The $ipv6_prefer variable in rc.conf(5) has been split into 934 $ip6addrctl_policy and $ipv6_activate_all_interfaces. 935 936 The $ip6addrctl_policy is a variable to choose a pre-defined 937 address selection policy set by ip6addrctl(8). A value 938 "ipv4_prefer", "ipv6_prefer" or "AUTO" can be specified. The 939 default is "AUTO". 940 941 The $ipv6_activate_all_interfaces specifies whether IFDISABLED 942 flag (see an entry of 20090926) is set on an interface with no 943 corresponding $ifconfig_IF_ipv6 line. The default is "NO" for 944 security reason. If you want IPv6 link-local address on all 945 interfaces by default, set this to "YES". 946 947 The old ipv6_prefer="YES" is equivalent to 948 ipv6_activate_all_interfaces="YES" and 949 ip6addrctl_policy="ipv6_prefer". 950 95120100913: 952 DTrace has grown support for userland tracing. Due to this, DTrace is 953 now i386 and amd64 only. 954 dtruss(1) is now installed by default on those systems and a new 955 kernel module is needed for userland tracing: fasttrap. 956 No changes to your kernel config file are necessary to enable 957 userland tracing, but you might consider adding 'STRIP=' and 958 'CFLAGS+=-fno-omit-frame-pointer' to your make.conf if you want 959 to have informative userland stack traces in DTrace (ustack). 960 96120100725: 962 The acpi_aiboost(4) driver has been removed in favor of the new 963 aibs(4) driver. You should update your kernel configuration file. 964 96520100722: 966 BSD grep has been imported to the base system and it is built by 967 default. It is completely BSD licensed, highly GNU-compatible, uses 968 less memory than its GNU counterpart and has a small codebase. 969 However, it is slower than its GNU counterpart, which is mostly 970 noticeable for larger searches, for smaller ones it is measurable 971 but not significant. The reason is complex, the most important factor 972 is that we lack a modern and efficient regex library and GNU 973 overcomes this by optimizing the searches internally. Future work 974 on improving the regex performance is planned, for the meantime, 975 users that need better performance, can build GNU grep instead by 976 setting the WITH_GNU_GREP knob. 977 97820100713: 979 Due to the import of powerpc64 support, all existing powerpc kernel 980 configuration files must be updated with a machine directive like this: 981 machine powerpc powerpc 982 983 In addition, an updated config(8) is required to build powerpc kernels 984 after this change. 985 98620100713: 987 A new version of ZFS (version 15) has been merged to -HEAD. 988 This version uses a python library for the following subcommands: 989 zfs allow, zfs unallow, zfs groupspace, zfs userspace. 990 For full functionality of these commands the following port must 991 be installed: sysutils/py-zfs 992 99320100429: 994 'vm_page's are now hashed by physical address to an array of mutexes. 995 Currently this is only used to serialize access to hold_count. Over 996 time the page queue mutex will be peeled away. This changes the size 997 of pmap on every architecture. And requires all callers of vm_page_hold 998 and vm_page_unhold to be updated. 999 100020100402: 1001 WITH_CTF can now be specified in src.conf (not recommended, there 1002 are some problems with static executables), make.conf (would also 1003 affect ports which do not use GNU make and do not override the 1004 compile targets) or in the kernel config (via "makeoptions 1005 WITH_CTF=yes"). 1006 When WITH_CTF was specified there before this was silently ignored, 1007 so make sure that WITH_CTF is not used in places which could lead 1008 to unwanted behavior. 1009 101020100311: 1011 The kernel option COMPAT_IA32 has been replaced with COMPAT_FREEBSD32 1012 to allow 32-bit compatibility on non-x86 platforms. All kernel 1013 configurations on amd64 and ia64 platforms using these options must 1014 be modified accordingly. 1015 101620100113: 1017 The utmp user accounting database has been replaced with utmpx, 1018 the user accounting interface standardized by POSIX. 1019 Unfortunately the semantics of utmp and utmpx don't match, 1020 making it practically impossible to support both interfaces. 1021 The user accounting database is used by tools like finger(1), 1022 last(1), talk(1), w(1) and ac(8). 1023 1024 All applications in the base system use utmpx. This means only 1025 local binaries (e.g. from the ports tree) may still use these 1026 utmp database files. These applications must be rebuilt to make 1027 use of utmpx. 1028 1029 After the system has been upgraded, it is safe to remove the old 1030 log files (/var/run/utmp, /var/log/lastlog and /var/log/wtmp*), 1031 assuming their contents is of no importance anymore. Old wtmp 1032 databases can only be used by last(1) and ac(8) after they have 1033 been converted to the new format using wtmpcvt(1). 1034 103520100108: 1036 Introduce the kernel thread "deadlock resolver" (which can be enabled 1037 via the DEADLKRES option, see NOTES for more details) and the 1038 sleepq_type() function for sleepqueues. 1039 104020091202: 1041 The rc.firewall and rc.firewall6 were unified, and 1042 rc.firewall6 and rc.d/ip6fw were removed. 1043 According to the removal of rc.d/ip6fw, ipv6_firewall_* rc 1044 variables are obsoleted. Instead, the following new rc 1045 variables are added to rc.d/ipfw: 1046 1047 firewall_client_net_ipv6, firewall_simple_iif_ipv6, 1048 firewall_simple_inet_ipv6, firewall_simple_oif_ipv6, 1049 firewall_simple_onet_ipv6, firewall_trusted_ipv6 1050 1051 The meanings correspond to the relevant IPv4 variables. 1052 105320091125: 1054 8.0-RELEASE. 1055 105620091113: 1057 The default terminal emulation for syscons(4) has been changed 1058 from cons25 to xterm on all platforms except pc98. This means 1059 that the /etc/ttys file needs to be updated to ensure correct 1060 operation of applications on the console. 1061 1062 The terminal emulation style can be toggled per window by using 1063 vidcontrol(1)'s -T flag. The TEKEN_CONS25 kernel configuration 1064 options can be used to change the compile-time default back to 1065 cons25. 1066 1067 To prevent graphical artifacts, make sure the TERM environment 1068 variable is set to match the terminal emulation that is being 1069 performed by syscons(4). 1070 107120091109: 1072 The layout of the structure ieee80211req_scan_result has changed. 1073 Applications that require wireless scan results (e.g. ifconfig(8)) 1074 from net80211 need to be recompiled. 1075 1076 Applications such as wpa_supplicant(8) may require a full world 1077 build without using NO_CLEAN in order to get synchronized with the 1078 new structure. 1079 108020091025: 1081 The iwn(4) driver has been updated to support the 5000 and 5150 series. 1082 There's one kernel module for each firmware. Adding "device iwnfw" 1083 to the kernel configuration file means including all three firmware 1084 images inside the kernel. If you want to include just the one for 1085 your wireless card, use the devices iwn4965fw, iwn5000fw or 1086 iwn5150fw. 1087 108820090926: 1089 The rc.d/network_ipv6, IPv6 configuration script has been integrated 1090 into rc.d/netif. The changes are the following: 1091 1092 1. To use IPv6, simply define $ifconfig_IF_ipv6 like $ifconfig_IF 1093 for IPv4. For aliases, $ifconfig_IF_aliasN should be used. 1094 Note that both variables need the "inet6" keyword at the head. 1095 1096 Do not set $ipv6_network_interfaces manually if you do not 1097 understand what you are doing. It is not needed in most cases. 1098 1099 $ipv6_ifconfig_IF and $ipv6_ifconfig_IF_aliasN still work, but 1100 they are obsolete. 1101 1102 2. $ipv6_enable is obsolete. Use $ipv6_prefer and 1103 "inet6 accept_rtadv" keyword in ifconfig(8) instead. 1104 1105 If you define $ipv6_enable=YES, it means $ipv6_prefer=YES and 1106 all configured interfaces have "inet6 accept_rtadv" in the 1107 $ifconfig_IF_ipv6. These are for backward compatibility. 1108 1109 3. A new variable $ipv6_prefer has been added. If NO, IPv6 1110 functionality of interfaces with no corresponding 1111 $ifconfig_IF_ipv6 is disabled by using "inet6 ifdisabled" flag, 1112 and the default address selection policy of ip6addrctl(8) 1113 is the IPv4-preferred one (see rc.d/ip6addrctl for more details). 1114 Note that if you want to configure IPv6 functionality on the 1115 disabled interfaces after boot, first you need to clear the flag by 1116 using ifconfig(8) like: 1117 1118 ifconfig em0 inet6 -ifdisabled 1119 1120 If YES, the default address selection policy is set as 1121 IPv6-preferred. 1122 1123 The default value of $ipv6_prefer is NO. 1124 1125 4. If your system need to receive Router Advertisement messages, 1126 define "inet6 accept_rtadv" in $ifconfig_IF_ipv6. The rc(8) 1127 scripts automatically invoke rtsol(8) when the interface becomes 1128 UP. The Router Advertisement messages are used for SLAAC 1129 (State-Less Address AutoConfiguration). 1130 113120090922: 1132 802.11s D3.03 support was committed. This is incompatible with the 1133 previous code, which was based on D3.0. 1134 113520090912: 1136 A sysctl variable net.inet6.ip6.accept_rtadv now sets the default value 1137 of a per-interface flag ND6_IFF_ACCEPT_RTADV, not a global knob to 1138 control whether accepting Router Advertisement messages or not. 1139 Also, a per-interface flag ND6_IFF_AUTO_LINKLOCAL has been added and 1140 a sysctl variable net.inet6.ip6.auto_linklocal is its default value. 1141 The ifconfig(8) utility now supports these flags. 1142 114320090910: 1144 ZFS snapshots are now mounted with MNT_IGNORE flag. Use -v option for 1145 mount(8) and -a option for df(1) to see them. 1146 114720090825: 1148 The old tunable hw.bus.devctl_disable has been superseded by 1149 hw.bus.devctl_queue. hw.bus.devctl_disable=1 in loader.conf should be 1150 replaced by hw.bus.devctl_queue=0. The default for this new tunable 1151 is 1000. 1152 115320090813: 1154 Remove the option STOP_NMI. The default action is now to use NMI only 1155 for KDB via the newly introduced function stop_cpus_hard() and 1156 maintain stop_cpus() to just use a normal IPI_STOP on ia32 and amd64. 1157 115820090803: 1159 The stable/8 branch created in subversion. This corresponds to the 1160 RELENG_8 branch in CVS. 1161 116220090719: 1163 Bump the shared library version numbers for all libraries that do not 1164 use symbol versioning as part of the 8.0-RELEASE cycle. Bump 1165 __FreeBSD_version to 800105. 1166 116720090714: 1168 Due to changes in the implementation of virtual network stack support, 1169 all network-related kernel modules must be recompiled. As this change 1170 breaks the ABI, bump __FreeBSD_version to 800104. 1171 117220090713: 1173 The TOE interface to the TCP syncache has been modified to remove 1174 struct tcpopt (<netinet/tcp_var.h>) from the ABI of the network stack. 1175 The cxgb driver is the only TOE consumer affected by this change, and 1176 needs to be recompiled along with the kernel. As this change breaks 1177 the ABI, bump __FreeBSD_version to 800103. 1178 117920090712: 1180 Padding has been added to struct tcpcb, sackhint and tcpstat in 1181 <netinet/tcp_var.h> to facilitate future MFCs and bug fixes whilst 1182 maintaining the ABI. However, this change breaks the ABI, so bump 1183 __FreeBSD_version to 800102. User space tools that rely on the size of 1184 any of these structs (e.g. sockstat) need to be recompiled. 1185 118620090630: 1187 The NFS_LEGACYRPC option has been removed along with the old kernel 1188 RPC implementation that this option selected. Kernel configurations 1189 may need to be adjusted. 1190 119120090629: 1192 The network interface device nodes at /dev/net/<interface> have been 1193 removed. All ioctl operations can be performed the normal way using 1194 routing sockets. The kqueue functionality can generally be replaced 1195 with routing sockets. 1196 119720090628: 1198 The documentation from the FreeBSD Documentation Project (Handbook, 1199 FAQ, etc.) is now installed via packages by sysinstall(8) and under 1200 the /usr/local/share/doc/freebsd directory instead of /usr/share/doc. 1201 120220090624: 1203 The ABI of various structures related to the SYSV IPC API have been 1204 changed. As a result, the COMPAT_FREEBSD[456] and COMPAT_43 kernel 1205 options now all require COMPAT_FREEBSD7. Bump __FreeBSD_version to 1206 800100. 1207 120820090622: 1209 Layout of struct vnet has changed as routing related variables were 1210 moved to their own Vimage module. Modules need to be recompiled. Bump 1211 __FreeBSD_version to 800099. 1212 121320090619: 1214 NGROUPS_MAX and NGROUPS have been increased from 16 to 1023 and 1024 1215 respectively. As long as no more than 16 groups per process are used, 1216 no changes should be visible. When more than 16 groups are used, old 1217 binaries may fail if they call getgroups() or getgrouplist() with 1218 statically sized storage. Recompiling will work around this, but 1219 applications should be modified to use dynamically allocated storage 1220 for group arrays as POSIX.1-2008 does not cap an implementation's 1221 number of supported groups at NGROUPS_MAX+1 as previous versions did. 1222 1223 NFS and portalfs mounts may also be affected as the list of groups is 1224 truncated to 16. Users of NFS who use more than 16 groups, should 1225 take care that negative group permissions are not used on the exported 1226 file systems as they will not be reliable unless a GSSAPI based 1227 authentication method is used. 1228 122920090616: 1230 The compiling option ADAPTIVE_LOCKMGRS has been introduced. This 1231 option compiles in the support for adaptive spinning for lockmgrs 1232 which want to enable it. The lockinit() function now accepts the flag 1233 LK_ADAPTIVE in order to make the lock object subject to adaptive 1234 spinning when both held in write and read mode. 1235 123620090613: 1237 The layout of the structure returned by IEEE80211_IOC_STA_INFO has 1238 changed. User applications that use this ioctl need to be rebuilt. 1239 124020090611: 1241 The layout of struct thread has changed. Kernel and modules need to 1242 be rebuilt. 1243 124420090608: 1245 The layout of structs ifnet, domain, protosw and vnet_net has changed. 1246 Kernel modules need to be rebuilt. Bump __FreeBSD_version to 800097. 1247 124820090602: 1249 window(1) has been removed from the base system. It can now be 1250 installed from ports. The port is called misc/window. 1251 125220090601: 1253 The way we are storing and accessing `routing table' entries has 1254 changed. Programs reading the FIB, like netstat, need to be 1255 re-compiled. 1256 125720090601: 1258 A new netisr implementation has been added for FreeBSD 8. Network 1259 file system modules, such as igmp, ipdivert, and others, should be 1260 rebuilt. 1261 Bump __FreeBSD_version to 800096. 1262 126320090530: 1264 Remove the tunable/sysctl debug.mpsafevfs as its initial purpose is no 1265 more valid. 1266 126720090530: 1268 Add VOP_ACCESSX(9). File system modules need to be rebuilt. 1269 Bump __FreeBSD_version to 800094. 1270 127120090529: 1272 Add mnt_xflag field to 'struct mount'. File system modules need to be 1273 rebuilt. 1274 Bump __FreeBSD_version to 800093. 1275 127620090528: 1277 The compiling option ADAPTIVE_SX has been retired while it has been 1278 introduced the option NO_ADAPTIVE_SX which handles the reversed logic. 1279 The KPI for sx_init_flags() changes as accepting flags: 1280 SX_ADAPTIVESPIN flag has been retired while the SX_NOADAPTIVE flag has 1281 been introduced in order to handle the reversed logic. 1282 Bump __FreeBSD_version to 800092. 1283 128420090527: 1285 Add support for hierarchical jails. Remove global securelevel. 1286 Bump __FreeBSD_version to 800091. 1287 128820090523: 1289 The layout of struct vnet_net has changed, therefore modules 1290 need to be rebuilt. 1291 Bump __FreeBSD_version to 800090. 1292 129320090523: 1294 The newly imported zic(8) produces a new format in the output. Please 1295 run tzsetup(8) to install the newly created data to /etc/localtime. 1296 129720090520: 1298 The sysctl tree for the usb stack has renamed from hw.usb2.* to 1299 hw.usb.* and is now consistent again with previous releases. 1300 130120090520: 1302 802.11 monitor mode support was revised and driver api's were changed. 1303 Drivers dependent on net80211 now support DLT_IEEE802_11_RADIO instead 1304 of DLT_IEEE802_11. No user-visible data structures were changed but 1305 applications that use DLT_IEEE802_11 may require changes. 1306 Bump __FreeBSD_version to 800088. 1307 130820090430: 1309 The layout of the following structs has changed: sysctl_oid, 1310 socket, ifnet, inpcbinfo, tcpcb, syncache_head, vnet_inet, 1311 vnet_inet6 and vnet_ipfw. Most modules need to be rebuild or 1312 panics may be experienced. World rebuild is required for 1313 correctly checking networking state from userland. 1314 Bump __FreeBSD_version to 800085. 1315 131620090429: 1317 MLDv2 and Source-Specific Multicast (SSM) have been merged 1318 to the IPv6 stack. VIMAGE hooks are in but not yet used. 1319 The implementation of SSM within FreeBSD's IPv6 stack closely 1320 follows the IPv4 implementation. 1321 1322 For kernel developers: 1323 1324 * The most important changes are that the ip6_output() and 1325 ip6_input() paths no longer take the IN6_MULTI_LOCK, 1326 and this lock has been downgraded to a non-recursive mutex. 1327 1328 * As with the changes to the IPv4 stack to support SSM, filtering 1329 of inbound multicast traffic must now be performed by transport 1330 protocols within the IPv6 stack. This does not apply to TCP and 1331 SCTP, however, it does apply to UDP in IPv6 and raw IPv6. 1332 1333 * The KPIs used by IPv6 multicast are similar to those used by 1334 the IPv4 stack, with the following differences: 1335 * im6o_mc_filter() is analogous to imo_multicast_filter(). 1336 * The legacy KAME entry points in6_joingroup and in6_leavegroup() 1337 are shimmed to in6_mc_join() and in6_mc_leave() respectively. 1338 * IN6_LOOKUP_MULTI() has been deprecated and removed. 1339 * IPv6 relies on MLD for the DAD mechanism. KAME's internal KPIs 1340 for MLDv1 have an additional 'timer' argument which is used to 1341 jitter the initial membership report for the solicited-node 1342 multicast membership on-link. 1343 * This is not strictly needed for MLDv2, which already jitters 1344 its report transmissions. However, the 'timer' argument is 1345 preserved in case MLDv1 is active on the interface. 1346 1347 * The KAME linked-list based IPv6 membership implementation has 1348 been refactored to use a vector similar to that used by the IPv4 1349 stack. 1350 Code which maintains a list of its own multicast memberships 1351 internally, e.g. carp, has been updated to reflect the new 1352 semantics. 1353 1354 * There is a known Lock Order Reversal (LOR) due to in6_setscope() 1355 acquiring the IF_AFDATA_LOCK and being called within ip6_output(). 1356 Whilst MLDv2 tries to avoid this otherwise benign LOR, it is an 1357 implementation constraint which needs to be addressed in HEAD. 1358 1359 For application developers: 1360 1361 * The changes are broadly similar to those made for the IPv4 1362 stack. 1363 1364 * The use of IPv4 and IPv6 multicast socket options on the same 1365 socket, using mapped addresses, HAS NOT been tested or supported. 1366 1367 * There are a number of issues with the implementation of various 1368 IPv6 multicast APIs which need to be resolved in the API surface 1369 before the implementation is fully compatible with KAME userland 1370 use, and these are mostly to do with interface index treatment. 1371 1372 * The literature available discusses the use of either the delta / ASM 1373 API with setsockopt(2)/getsockopt(2), or the full-state / ASM API 1374 using setsourcefilter(3)/getsourcefilter(3). For more information 1375 please refer to RFC 3768, 'Socket Interface Extensions for 1376 Multicast Source Filters'. 1377 1378 * Applications which use the published RFC 3678 APIs should be fine. 1379 1380 For systems administrators: 1381 1382 * The mtest(8) utility has been refactored to support IPv6, in 1383 addition to IPv4. Interface addresses are no longer accepted 1384 as arguments, their names must be used instead. The utility 1385 will map the interface name to its first IPv4 address as 1386 returned by getifaddrs(3). 1387 1388 * The ifmcstat(8) utility has also been updated to print the MLDv2 1389 endpoint state and source filter lists via sysctl(3). 1390 1391 * The net.inet6.ip6.mcast.loop sysctl may be tuned to 0 to disable 1392 loopback of IPv6 multicast datagrams by default; it defaults to 1 1393 to preserve the existing behaviour. Disabling multicast loopback is 1394 recommended for optimal system performance. 1395 1396 * The IPv6 MROUTING code has been changed to examine this sysctl 1397 instead of attempting to perform a group lookup before looping 1398 back forwarded datagrams. 1399 1400 Bump __FreeBSD_version to 800084. 1401 140220090422: 1403 Implement low-level Bluetooth HCI API. 1404 Bump __FreeBSD_version to 800083. 1405 140620090419: 1407 The layout of struct malloc_type, used by modules to register new 1408 memory allocation types, has changed. Most modules will need to 1409 be rebuilt or panics may be experienced. 1410 Bump __FreeBSD_version to 800081. 1411 141220090415: 1413 Anticipate overflowing inp_flags - add inp_flags2. 1414 This changes most offsets in inpcb, so checking v4 connection 1415 state will require a world rebuild. 1416 Bump __FreeBSD_version to 800080. 1417 141820090415: 1419 Add an llentry to struct route and struct route_in6. Modules 1420 embedding a struct route will need to be recompiled. 1421 Bump __FreeBSD_version to 800079. 1422 142320090414: 1424 The size of rt_metrics_lite and by extension rtentry has changed. 1425 Networking administration apps will need to be recompiled. 1426 The route command now supports show as an alias for get, weighting 1427 of routes, sticky and nostick flags to alter the behavior of stateful 1428 load balancing. 1429 Bump __FreeBSD_version to 800078. 1430 143120090408: 1432 Do not use Giant for kbdmux(4) locking. This is wrong and 1433 apparently causing more problems than it solves. This will 1434 re-open the issue where interrupt handlers may race with 1435 kbdmux(4) in polling mode. Typical symptoms include (but 1436 not limited to) duplicated and/or missing characters when 1437 low level console functions (such as gets) are used while 1438 interrupts are enabled (for example geli password prompt, 1439 mountroot prompt etc.). Disabling kbdmux(4) may help. 1440 144120090407: 1442 The size of structs vnet_net, vnet_inet and vnet_ipfw has changed; 1443 kernel modules referencing any of the above need to be recompiled. 1444 Bump __FreeBSD_version to 800075. 1445 144620090320: 1447 GEOM_PART has become the default partition slicer for storage devices, 1448 replacing GEOM_MBR, GEOM_BSD, GEOM_PC98 and GEOM_GPT slicers. It 1449 introduces some changes: 1450 1451 MSDOS/EBR: the devices created from MSDOS extended partition entries 1452 (EBR) can be named differently than with GEOM_MBR and are now symlinks 1453 to devices with offset-based names. fstabs may need to be modified. 1454 1455 BSD: the "geometry does not match label" warning is harmless in most 1456 cases but it points to problems in file system misalignment with 1457 disk geometry. The "c" partition is now implicit, covers the whole 1458 top-level drive and cannot be (mis)used by users. 1459 1460 General: Kernel dumps are now not allowed to be written to devices 1461 whose partition types indicate they are meant to be used for file 1462 systems (or, in case of MSDOS partitions, as something else than 1463 the "386BSD" type). 1464 1465 Most of these changes date approximately from 200812. 1466 146720090319: 1468 The uscanner(4) driver has been removed from the kernel. This follows 1469 Linux removing theirs in 2.6 and making libusb the default interface 1470 (supported by sane). 1471 147220090319: 1473 The multicast forwarding code has been cleaned up. netstat(1) 1474 only relies on KVM now for printing bandwidth upcall meters. 1475 The IPv4 and IPv6 modules are split into ip_mroute_mod and 1476 ip6_mroute_mod respectively. The config(5) options for statically 1477 compiling this code remain the same, i.e. 'options MROUTING'. 1478 147920090315: 1480 Support for the IFF_NEEDSGIANT network interface flag has been 1481 removed, which means that non-MPSAFE network device drivers are no 1482 longer supported. In particular, if_ar, if_sr, and network device 1483 drivers from the old (legacy) USB stack can no longer be built or 1484 used. 1485 148620090313: 1487 POSIX.1 Native Language Support (NLS) has been enabled in libc and 1488 a bunch of new language catalog files have also been added. 1489 This means that some common libc messages are now localized and 1490 they depend on the LC_MESSAGES environmental variable. 1491 149220090313: 1493 The k8temp(4) driver has been renamed to amdtemp(4) since 1494 support for Family 10 and Family 11 CPU families was added. 1495 149620090309: 1497 IGMPv3 and Source-Specific Multicast (SSM) have been merged 1498 to the IPv4 stack. VIMAGE hooks are in but not yet used. 1499 1500 For kernel developers, the most important changes are that the 1501 ip_output() and ip_input() paths no longer take the IN_MULTI_LOCK(), 1502 and this lock has been downgraded to a non-recursive mutex. 1503 1504 Transport protocols (UDP, Raw IP) are now responsible for filtering 1505 inbound multicast traffic according to group membership and source 1506 filters. The imo_multicast_filter() KPI exists for this purpose. 1507 Transports which do not use multicast (SCTP, TCP) already reject 1508 multicast by default. Forwarding and receive performance may improve 1509 as a mutex acquisition is no longer needed in the ip_input() 1510 low-level input path. in_addmulti() and in_delmulti() are shimmed 1511 to new KPIs which exist to support SSM in-kernel. 1512 1513 For application developers, it is recommended that loopback of 1514 multicast datagrams be disabled for best performance, as this 1515 will still cause the lock to be taken for each looped-back 1516 datagram transmission. The net.inet.ip.mcast.loop sysctl may 1517 be tuned to 0 to disable loopback by default; it defaults to 1 1518 to preserve the existing behaviour. 1519 1520 For systems administrators, to obtain best performance with 1521 multicast reception and multiple groups, it is always recommended 1522 that a card with a suitably precise hash filter is used. Hash 1523 collisions will still result in the lock being taken within the 1524 transport protocol input path to check group membership. 1525 1526 If deploying FreeBSD in an environment with IGMP snooping switches, 1527 it is recommended that the net.inet.igmp.sendlocal sysctl remain 1528 enabled; this forces 224.0.0.0/24 group membership to be announced 1529 via IGMP. 1530 1531 The size of 'struct igmpstat' has changed; netstat needs to be 1532 recompiled to reflect this. 1533 Bump __FreeBSD_version to 800070. 1534 153520090309: 1536 libusb20.so.1 is now installed as libusb.so.1 and the ports system 1537 updated to use it. This requires a buildworld/installworld in order to 1538 update the library and dependencies (usbconfig, etc). Its advisable to 1539 rebuild all ports which uses libusb. More specific directions are given 1540 in the ports collection UPDATING file. Any /etc/libmap.conf entries for 1541 libusb are no longer required and can be removed. 1542 154320090302: 1544 A workaround is committed to allow the creation of System V shared 1545 memory segment of size > 2 GB on the 64-bit architectures. 1546 Due to a limitation of the existing ABI, the shm_segsz member 1547 of the struct shmid_ds, returned by shmctl(IPC_STAT) call is 1548 wrong for large segments. Note that limits must be explicitly 1549 raised to allow such segments to be created. 1550 155120090301: 1552 The layout of struct ifnet has changed, requiring a rebuild of all 1553 network device driver modules. 1554 155520090227: 1556 The /dev handling for the new USB stack has changed, a 1557 buildworld/installworld is required for libusb20. 1558 155920090223: 1560 The new USB2 stack has now been permanently moved in and all kernel and 1561 module names reverted to their previous values (eg, usb, ehci, ohci, 1562 ums, ...). The old usb stack can be compiled in by prefixing the name 1563 with the letter 'o', the old usb modules have been removed. 1564 Updating entry 20090216 for xorg and 20090215 for libmap may still 1565 apply. 1566 156720090217: 1568 The rc.conf(5) option if_up_delay has been renamed to 1569 defaultroute_delay to better reflect its purpose. If you have 1570 customized this setting in /etc/rc.conf you need to update it to 1571 use the new name. 1572 157320090216: 1574 xorg 7.4 wants to configure its input devices via hald which does not 1575 yet work with USB2. If the keyboard/mouse does not work in xorg then 1576 add 1577 Option "AllowEmptyInput" "off" 1578 to your ServerLayout section. This will cause X to use the configured 1579 kbd and mouse sections from your xorg.conf. 1580 158120090215: 1582 The GENERIC kernels for all architectures now default to the new USB2 1583 stack. No kernel config options or code have been removed so if a 1584 problem arises please report it and optionally revert to the old USB 1585 stack. If you are loading USB kernel modules or have a custom kernel 1586 that includes GENERIC then ensure that usb names are also changed over, 1587 eg uftdi -> usb2_serial_ftdi. 1588 1589 Older programs linked against the ports libusb 0.1 need to be 1590 redirected to the new stack's libusb20. /etc/libmap.conf can 1591 be used for this: 1592 # Map old usb library to new one for usb2 stack 1593 libusb-0.1.so.8 libusb20.so.1 1594 159520090209: 1596 All USB ethernet devices now attach as interfaces under the name ueN 1597 (eg. ue0). This is to provide a predictable name as vendors often 1598 change usb chipsets in a product without notice. 1599 160020090203: 1601 The ichsmb(4) driver has been changed to require SMBus slave 1602 addresses be left-justified (xxxxxxx0b) rather than right-justified. 1603 All of the other SMBus controller drivers require left-justified 1604 slave addresses, so this change makes all the drivers provide the 1605 same interface. 1606 160720090201: 1608 INET6 statistics (struct ip6stat) was updated. 1609 netstat(1) needs to be recompiled. 1610 161120090119: 1612 NTFS has been removed from GENERIC kernel on amd64 to match 1613 GENERIC on i386. Should not cause any issues since mount_ntfs(8) 1614 will load ntfs.ko module automatically when NTFS support is 1615 actually needed, unless ntfs.ko is not installed or security 1616 level prohibits loading kernel modules. If either is the case, 1617 "options NTFS" has to be added into kernel config. 1618 161920090115: 1620 TCP Appropriate Byte Counting (RFC 3465) support added to kernel. 1621 New field in struct tcpcb breaks ABI, so bump __FreeBSD_version to 1622 800061. User space tools that rely on the size of struct tcpcb in 1623 tcp_var.h (e.g. sockstat) need to be recompiled. 1624 162520081225: 1626 ng_tty(4) module updated to match the new TTY subsystem. 1627 Due to API change, user-level applications must be updated. 1628 New API support added to mpd5 CVS and expected to be present 1629 in next mpd5.3 release. 1630 163120081219: 1632 With __FreeBSD_version 800060 the makefs tool is part of 1633 the base system (it was a port). 1634 163520081216: 1636 The afdata and ifnet locks have been changed from mutexes to 1637 rwlocks, network modules will need to be re-compiled. 1638 163920081214: 1640 __FreeBSD_version 800059 incorporates the new arp-v2 rewrite. 1641 RTF_CLONING, RTF_LLINFO and RTF_WASCLONED flags are eliminated. 1642 The new code reduced struct rtentry{} by 16 bytes on 32-bit 1643 architecture and 40 bytes on 64-bit architecture. The userland 1644 applications "arp" and "ndp" have been updated accordingly. 1645 The output from "netstat -r" shows only routing entries and 1646 none of the L2 information. 1647 164820081130: 1649 __FreeBSD_version 800057 marks the switchover from the 1650 binary ath hal to source code. Users must add the line: 1651 1652 options AH_SUPPORT_AR5416 1653 1654 to their kernel config files when specifying: 1655 1656 device ath_hal 1657 1658 The ath_hal module no longer exists; the code is now compiled 1659 together with the driver in the ath module. It is now 1660 possible to tailor chip support (i.e. reduce the set of chips 1661 and thereby the code size); consult ath_hal(4) for details. 1662 166320081121: 1664 __FreeBSD_version 800054 adds memory barriers to 1665 <machine/atomic.h>, new interfaces to ifnet to facilitate 1666 multiple hardware transmit queues for cards that support 1667 them, and a lock-less ring-buffer implementation to 1668 enable drivers to more efficiently manage queueing of 1669 packets. 1670 167120081117: 1672 A new version of ZFS (version 13) has been merged to -HEAD. 1673 This version has zpool attribute "listsnapshots" off by 1674 default, which means "zfs list" does not show snapshots, 1675 and is the same as Solaris behavior. 1676 167720081028: 1678 dummynet(4) ABI has changed. ipfw(8) needs to be recompiled. 1679 168020081009: 1681 The uhci, ohci, ehci and slhci USB Host controller drivers have 1682 been put into separate modules. If you load the usb module 1683 separately through loader.conf you will need to load the 1684 appropriate *hci module as well. E.g. for a UHCI-based USB 2.0 1685 controller add the following to loader.conf: 1686 1687 uhci_load="YES" 1688 ehci_load="YES" 1689 169020081009: 1691 The ABI used by the PMC toolset has changed. Please keep 1692 userland (libpmc(3)) and the kernel module (hwpmc(4)) in 1693 sync. 1694 169520081009: 1696 atapci kernel module now includes only generic PCI ATA 1697 driver. AHCI driver moved to ataahci kernel module. 1698 All vendor-specific code moved into separate kernel modules: 1699 ataacard, ataacerlabs, ataadaptec, ataamd, ataati, atacenatek, 1700 atacypress, atacyrix, atahighpoint, ataintel, ataite, atajmicron, 1701 atamarvell, atamicron, atanational, atanetcell, atanvidia, 1702 atapromise, ataserverworks, atasiliconimage, atasis, atavia 1703 170420080820: 1705 The TTY subsystem of the kernel has been replaced by a new 1706 implementation, which provides better scalability and an 1707 improved driver model. Most common drivers have been migrated to 1708 the new TTY subsystem, while others have not. The following 1709 drivers have not yet been ported to the new TTY layer: 1710 1711 PCI/ISA: 1712 cy, digi, rc, rp, sio 1713 1714 USB: 1715 ubser, ucycom 1716 1717 Line disciplines: 1718 ng_h4, ng_tty, ppp, sl, snp 1719 1720 Adding these drivers to your kernel configuration file shall 1721 cause compilation to fail. 1722 172320080818: 1724 ntpd has been upgraded to 4.2.4p5. 1725 172620080801: 1727 OpenSSH has been upgraded to 5.1p1. 1728 1729 For many years, FreeBSD's version of OpenSSH preferred DSA 1730 over RSA for host and user authentication keys. With this 1731 upgrade, we've switched to the vendor's default of RSA over 1732 DSA. This may cause upgraded clients to warn about unknown 1733 host keys even for previously known hosts. Users should 1734 follow the usual procedure for verifying host keys before 1735 accepting the RSA key. 1736 1737 This can be circumvented by setting the "HostKeyAlgorithms" 1738 option to "ssh-dss,ssh-rsa" in ~/.ssh/config or on the ssh 1739 command line. 1740 1741 Please note that the sequence of keys offered for 1742 authentication has been changed as well. You may want to 1743 specify IdentityFile in a different order to revert this 1744 behavior. 1745 174620080713: 1747 The sio(4) driver has been removed from the i386 and amd64 1748 kernel configuration files. This means uart(4) is now the 1749 default serial port driver on those platforms as well. 1750 1751 To prevent collisions with the sio(4) driver, the uart(4) driver 1752 uses different names for its device nodes. This means the 1753 onboard serial port will now most likely be called "ttyu0" 1754 instead of "ttyd0". You may need to reconfigure applications to 1755 use the new device names. 1756 1757 When using the serial port as a boot console, be sure to update 1758 /boot/device.hints and /etc/ttys before booting the new kernel. 1759 If you forget to do so, you can still manually specify the hints 1760 at the loader prompt: 1761 1762 set hint.uart.0.at="isa" 1763 set hint.uart.0.port="0x3F8" 1764 set hint.uart.0.flags="0x10" 1765 set hint.uart.0.irq="4" 1766 boot -s 1767 176820080609: 1769 The gpt(8) utility has been removed. Use gpart(8) to partition 1770 disks instead. 1771 177220080603: 1773 The version that Linuxulator emulates was changed from 2.4.2 1774 to 2.6.16. If you experience any problems with Linux binaries 1775 please try to set sysctl compat.linux.osrelease to 2.4.2 and 1776 if it fixes the problem contact emulation mailing list. 1777 177820080525: 1779 ISDN4BSD (I4B) was removed from the src tree. You may need to 1780 update a your kernel configuration and remove relevant entries. 1781 178220080509: 1783 I have checked in code to support multiple routing tables. 1784 See the man pages setfib(1) and setfib(2). 1785 This is a hopefully backwards compatible version, 1786 but to make use of it you need to compile your kernel 1787 with options ROUTETABLES=2 (or more up to 16). 1788 178920080420: 1790 The 802.11 wireless support was redone to enable multi-bss 1791 operation on devices that are capable. The underlying device 1792 is no longer used directly but instead wlanX devices are 1793 cloned with ifconfig. This requires changes to rc.conf files. 1794 For example, change: 1795 ifconfig_ath0="WPA DHCP" 1796 to 1797 wlans_ath0=wlan0 1798 ifconfig_wlan0="WPA DHCP" 1799 see rc.conf(5) for more details. In addition, mergemaster of 1800 /etc/rc.d is highly recommended. Simultaneous update of userland 1801 and kernel wouldn't hurt either. 1802 1803 As part of the multi-bss changes the wlan_scan_ap and wlan_scan_sta 1804 modules were merged into the base wlan module. All references 1805 to these modules (e.g. in kernel config files) must be removed. 1806 180720080408: 1808 psm(4) has gained write(2) support in native operation level. 1809 Arbitrary commands can be written to /dev/psm%d and status can 1810 be read back from it. Therefore, an application is responsible 1811 for status validation and error recovery. It is a no-op in 1812 other operation levels. 1813 181420080312: 1815 Support for KSE threading has been removed from the kernel. To 1816 run legacy applications linked against KSE libmap.conf may 1817 be used. The following libmap.conf may be used to ensure 1818 compatibility with any prior release: 1819 1820 libpthread.so.1 libthr.so.1 1821 libpthread.so.2 libthr.so.2 1822 libkse.so.3 libthr.so.3 1823 182420080301: 1825 The layout of struct vmspace has changed. This affects libkvm 1826 and any executables that link against libkvm and use the 1827 kvm_getprocs() function. In particular, but not exclusively, 1828 it affects ps(1), fstat(1), pkill(1), systat(1), top(1) and w(1). 1829 The effects are minimal, but it's advisable to upgrade world 1830 nonetheless. 1831 183220080229: 1833 The latest em driver no longer has support in it for the 1834 82575 adapter, this is now moved to the igb driver. The 1835 split was done to make new features that are incompatible 1836 with older hardware easier to do. 1837 183820080220: 1839 The new geom_lvm(4) geom class has been renamed to geom_linux_lvm(4), 1840 likewise the kernel option is now GEOM_LINUX_LVM. 1841 184220080211: 1843 The default NFS mount mode has changed from UDP to TCP for 1844 increased reliability. If you rely on (insecurely) NFS 1845 mounting across a firewall you may need to update your 1846 firewall rules. 1847 184820080208: 1849 Belatedly note the addition of m_collapse for compacting 1850 mbuf chains. 1851 185220080126: 1853 The fts(3) structures have been changed to use adequate 1854 integer types for their members and so to be able to cope 1855 with huge file trees. The old fts(3) ABI is preserved 1856 through symbol versioning in libc, so third-party binaries 1857 using fts(3) should still work, although they will not take 1858 advantage of the extended types. At the same time, some 1859 third-party software might fail to build after this change 1860 due to unportable assumptions made in its source code about 1861 fts(3) structure members. Such software should be fixed 1862 by its vendor or, in the worst case, in the ports tree. 1863 FreeBSD_version 800015 marks this change for the unlikely 1864 case that a portable fix is impossible. 1865 186620080123: 1867 To upgrade to -current after this date, you must be running 1868 FreeBSD not older than 6.0-RELEASE. Upgrading to -current 1869 from 5.x now requires a stop over at RELENG_6 or RELENG_7 systems. 1870 187120071128: 1872 The ADAPTIVE_GIANT kernel option has been retired because its 1873 functionality is the default now. 1874 187520071118: 1876 The AT keyboard emulation of sunkbd(4) has been turned on 1877 by default. In order to make the special symbols of the Sun 1878 keyboards driven by sunkbd(4) work under X these now have 1879 to be configured the same way as Sun USB keyboards driven 1880 by ukbd(4) (which also does AT keyboard emulation), f.e.: 1881 1882 Option "XkbLayout" "us" 1883 Option "XkbRules" "xorg" 1884 Option "XkbSymbols" "pc(pc105)+sun_vndr/usb(sun_usb)+us" 1885 188620071024: 1887 It has been decided that it is desirable to provide ABI 1888 backwards compatibility to the FreeBSD 4/5/6 versions of the 1889 PCIOCGETCONF, PCIOCREAD and PCIOCWRITE IOCTLs, which was 1890 broken with the introduction of PCI domain support (see the 1891 20070930 entry). Unfortunately, this required the ABI of 1892 PCIOCGETCONF to be broken again in order to be able to 1893 provide backwards compatibility to the old version of that 1894 IOCTL. Thus consumers of PCIOCGETCONF have to be recompiled 1895 again. As for prominent ports this affects neither pciutils 1896 nor xorg-server this time, the hal port needs to be rebuilt 1897 however. 1898 189920071020: 1900 The misnamed kthread_create() and friends have been renamed 1901 to kproc_create() etc. Many of the callers already 1902 used kproc_start().. 1903 I will return kthread_create() and friends in a while 1904 with implementations that actually create threads, not procs. 1905 Renaming corresponds with version 800002. 1906 190720071010: 1908 RELENG_7 branched. 1909 1910COMMON ITEMS: 1911 1912 General Notes 1913 ------------- 1914 Avoid using make -j when upgrading. While generally safe, there are 1915 sometimes problems using -j to upgrade. If your upgrade fails with 1916 -j, please try again without -j. From time to time in the past there 1917 have been problems using -j with buildworld and/or installworld. This 1918 is especially true when upgrading between "distant" versions (eg one 1919 that cross a major release boundary or several minor releases, or when 1920 several months have passed on the -current branch). 1921 1922 Sometimes, obscure build problems are the result of environment 1923 poisoning. This can happen because the make utility reads its 1924 environment when searching for values for global variables. To run 1925 your build attempts in an "environmental clean room", prefix all make 1926 commands with 'env -i '. See the env(1) manual page for more details. 1927 1928 When upgrading from one major version to another it is generally best 1929 to upgrade to the latest code in the currently installed branch first, 1930 then do an upgrade to the new branch. This is the best-tested upgrade 1931 path, and has the highest probability of being successful. Please try 1932 this approach before reporting problems with a major version upgrade. 1933 1934 When upgrading a live system, having a root shell around before 1935 installing anything can help undo problems. Not having a root shell 1936 around can lead to problems if pam has changed too much from your 1937 starting point to allow continued authentication after the upgrade. 1938 1939 ZFS notes 1940 --------- 1941 When upgrading the boot ZFS pool to a new version, always follow 1942 these two steps: 1943 1944 1.) recompile and reinstall the ZFS boot loader and boot block 1945 (this is part of "make buildworld" and "make installworld") 1946 1947 2.) update the ZFS boot block on your boot drive 1948 1949 The following example updates the ZFS boot block on the first 1950 partition (freebsd-boot) of a GPT partitioned drive ad0: 1951 "gpart bootcode -p /boot/gptzfsboot -i 1 ad0" 1952 1953 Non-boot pools do not need these updates. 1954 1955 To build a kernel 1956 ----------------- 1957 If you are updating from a prior version of FreeBSD (even one just 1958 a few days old), you should follow this procedure. It is the most 1959 failsafe as it uses a /usr/obj tree with a fresh mini-buildworld, 1960 1961 make kernel-toolchain 1962 make -DALWAYS_CHECK_MAKE buildkernel KERNCONF=YOUR_KERNEL_HERE 1963 make -DALWAYS_CHECK_MAKE installkernel KERNCONF=YOUR_KERNEL_HERE 1964 1965 To test a kernel once 1966 --------------------- 1967 If you just want to boot a kernel once (because you are not sure 1968 if it works, or if you want to boot a known bad kernel to provide 1969 debugging information) run 1970 make installkernel KERNCONF=YOUR_KERNEL_HERE KODIR=/boot/testkernel 1971 nextboot -k testkernel 1972 1973 To just build a kernel when you know that it won't mess you up 1974 -------------------------------------------------------------- 1975 This assumes you are already running a CURRENT system. Replace 1976 ${arch} with the architecture of your machine (e.g. "i386", 1977 "arm", "amd64", "ia64", "pc98", "sparc64", "powerpc", "mips", etc). 1978 1979 cd src/sys/${arch}/conf 1980 config KERNEL_NAME_HERE 1981 cd ../compile/KERNEL_NAME_HERE 1982 make depend 1983 make 1984 make install 1985 1986 If this fails, go to the "To build a kernel" section. 1987 1988 To rebuild everything and install it on the current system. 1989 ----------------------------------------------------------- 1990 # Note: sometimes if you are running current you gotta do more than 1991 # is listed here if you are upgrading from a really old current. 1992 1993 <make sure you have good level 0 dumps> 1994 make buildworld 1995 make kernel KERNCONF=YOUR_KERNEL_HERE 1996 [1] 1997 <reboot in single user> [3] 1998 mergemaster -p [5] 1999 make installworld 2000 mergemaster -i [4] 2001 make delete-old [6] 2002 <reboot> 2003 2004 To cross-install current onto a separate partition 2005 -------------------------------------------------- 2006 # In this approach we use a separate partition to hold 2007 # current's root, 'usr', and 'var' directories. A partition 2008 # holding "/", "/usr" and "/var" should be about 2GB in 2009 # size. 2010 2011 <make sure you have good level 0 dumps> 2012 <boot into -stable> 2013 make buildworld 2014 make buildkernel KERNCONF=YOUR_KERNEL_HERE 2015 <maybe newfs current's root partition> 2016 <mount current's root partition on directory ${CURRENT_ROOT}> 2017 make installworld DESTDIR=${CURRENT_ROOT} 2018 make distribution DESTDIR=${CURRENT_ROOT} # if newfs'd 2019 make installkernel KERNCONF=YOUR_KERNEL_HERE DESTDIR=${CURRENT_ROOT} 2020 cp /etc/fstab ${CURRENT_ROOT}/etc/fstab # if newfs'd 2021 <edit ${CURRENT_ROOT}/etc/fstab to mount "/" from the correct partition> 2022 <reboot into current> 2023 <do a "native" rebuild/install as described in the previous section> 2024 <maybe install compatibility libraries from ports/misc/compat*> 2025 <reboot> 2026 2027 2028 To upgrade in-place from stable to current 2029 ---------------------------------------------- 2030 <make sure you have good level 0 dumps> 2031 make buildworld [9] 2032 make kernel KERNCONF=YOUR_KERNEL_HERE [8] 2033 [1] 2034 <reboot in single user> [3] 2035 mergemaster -p [5] 2036 make installworld 2037 mergemaster -i [4] 2038 make delete-old [6] 2039 <reboot> 2040 2041 Make sure that you've read the UPDATING file to understand the 2042 tweaks to various things you need. At this point in the life 2043 cycle of current, things change often and you are on your own 2044 to cope. The defaults can also change, so please read ALL of 2045 the UPDATING entries. 2046 2047 Also, if you are tracking -current, you must be subscribed to 2048 freebsd-current@freebsd.org. Make sure that before you update 2049 your sources that you have read and understood all the recent 2050 messages there. If in doubt, please track -stable which has 2051 much fewer pitfalls. 2052 2053 [1] If you have third party modules, such as vmware, you 2054 should disable them at this point so they don't crash your 2055 system on reboot. 2056 2057 [3] From the bootblocks, boot -s, and then do 2058 fsck -p 2059 mount -u / 2060 mount -a 2061 cd src 2062 adjkerntz -i # if CMOS is wall time 2063 Also, when doing a major release upgrade, it is required that 2064 you boot into single user mode to do the installworld. 2065 2066 [4] Note: This step is non-optional. Failure to do this step 2067 can result in a significant reduction in the functionality of the 2068 system. Attempting to do it by hand is not recommended and those 2069 that pursue this avenue should read this file carefully, as well 2070 as the archives of freebsd-current and freebsd-hackers mailing lists 2071 for potential gotchas. The -U option is also useful to consider. 2072 See mergemaster(8) for more information. 2073 2074 [5] Usually this step is a noop. However, from time to time 2075 you may need to do this if you get unknown user in the following 2076 step. It never hurts to do it all the time. You may need to 2077 install a new mergemaster (cd src/usr.sbin/mergemaster && make 2078 install) after the buildworld before this step if you last updated 2079 from current before 20130425 or from -stable before 20130430. 2080 2081 [6] This only deletes old files and directories. Old libraries 2082 can be deleted by "make delete-old-libs", but you have to make 2083 sure that no program is using those libraries anymore. 2084 2085 [8] In order to have a kernel that can run the 4.x binaries needed to 2086 do an installworld, you must include the COMPAT_FREEBSD4 option in 2087 your kernel. Failure to do so may leave you with a system that is 2088 hard to boot to recover. A similar kernel option COMPAT_FREEBSD5 is 2089 required to run the 5.x binaries on more recent kernels. And so on 2090 for COMPAT_FREEBSD6 and COMPAT_FREEBSD7. 2091 2092 Make sure that you merge any new devices from GENERIC since the 2093 last time you updated your kernel config file. 2094 2095 [9] When checking out sources, you must include the -P flag to have 2096 cvs prune empty directories. 2097 2098 If CPUTYPE is defined in your /etc/make.conf, make sure to use the 2099 "?=" instead of the "=" assignment operator, so that buildworld can 2100 override the CPUTYPE if it needs to. 2101 2102 MAKEOBJDIRPREFIX must be defined in an environment variable, and 2103 not on the command line, or in /etc/make.conf. buildworld will 2104 warn if it is improperly defined. 2105FORMAT: 2106 2107This file contains a list, in reverse chronological order, of major 2108breakages in tracking -current. It is not guaranteed to be a complete 2109list of such breakages, and only contains entries since October 10, 2007. 2110If you need to see UPDATING entries from before that date, you will need 2111to fetch an UPDATING file from an older FreeBSD release. 2112 2113Copyright information: 2114 2115Copyright 1998-2009 M. Warner Losh. All Rights Reserved. 2116 2117Redistribution, publication, translation and use, with or without 2118modification, in full or in part, in any form or format of this 2119document are permitted without further permission from the author. 2120 2121THIS DOCUMENT IS PROVIDED BY WARNER LOSH ``AS IS'' AND ANY EXPRESS OR 2122IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 2123WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 2124DISCLAIMED. IN NO EVENT SHALL WARNER LOSH BE LIABLE FOR ANY DIRECT, 2125INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 2126(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 2127SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 2128HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 2129STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING 2130IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 2131POSSIBILITY OF SUCH DAMAGE. 2132 2133Contact Warner Losh if you have any questions about your use of 2134this document. 2135 2136$FreeBSD: releng/10.0/UPDATING 275671 2014-12-10 08:36:07Z delphij $ 2137