UPDATING revision 281232
1Updating Information for FreeBSD current users 2 3This file is maintained and copyrighted by M. Warner Losh <imp@freebsd.org>. 4See end of file for further details. For commonly done items, please see the 5COMMON ITEMS: section later in the file. These instructions assume that you 6basically know what you are doing. If not, then please consult the FreeBSD 7handbook: 8 9 http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/makeworld.html 10 11Items affecting the ports and packages system can be found in 12/usr/ports/UPDATING. Please read that file before running portupgrade. 13 14NOTE: FreeBSD has switched from gcc to clang. If you have trouble bootstrapping 15from older versions of FreeBSD, try WITHOUT_CLANG to bootstrap to the tip of 16stable/10, and then rebuild without this option. The bootstrap process from 17older version of current is a bit fragile. 18 1920150407: p9 FreeBSD-SA-15:04.igmp [revised] 20 FreeBSD-SA-15:07.ntp 21 FreeBSD-SA-15:08.bsdinstall 22 FreeBSD-SA-15:09.ipv6 23 24 Improved patch for SA-15:04.igmp. 25 26 Fix multiple vulnerabilities of ntp. [SA-15:07] 27 28 Fix bsdinstall(8) insecure default GELI keyfile permissions. [SA-15:08] 29 30 Fix Denial of Service with IPv6 Router Advertisements. [SA-15:09] 31 3220150320: p8 33 Fix patch for SA-15:06.openssl. 34 3520150319: p7 FreeBSD-SA-15:06.openssl 36 Fix multiple vulnerabilities in OpenSSL. [SA-15:06] 37 3820150225: p6 FreeBSD-SA-15:04.igmp 39 FreeBSD-EN-15:01.vt 40 FreeBSD-EN-15:02.openssl 41 FreeBSD-EN-15:03.freebsd-update 42 43 Fix integer overflow in IGMP protocol. [SA-15:04] 44 45 Fix vt(4) crash with improper ioctl parameters. [EN-15:01] 46 47 Updated base system OpenSSL to 1.0.1l. [EN-15:02] 48 49 Fix freebsd-update libraries update ordering issue. [EN-15:03] 50 5120150127: p5 FreeBSD-SA-15:02.kmem 52 FreeBSD-SA-15:03.sctp 53 54 Fix SCTP SCTP_SS_VALUE kernel memory corruption and disclosure 55 vulnerability. [SA-15:02] 56 57 Fix SCTP stream reset vulnerability. [SA-15:03] 58 5920150114: p4 FreeBSD-SA-15:01.openssl 60 Fix multiple vulnerabilities in OpenSSL. [SA-15:01] 61 6220141223: p3 FreeBSD-SA-14:31.ntp 63 FreeBSD-EN-14:13.freebsd-update 64 65 Fix multiple vulnerabilities in NTP suite. [SA-14:31] 66 Fix directory deletion issue in freebsd-update. [EN-14:13] 67 6820141217: p2 FreeBSD-SA-14:30.unbound 69 Fix unbound remote denial of service vulnerability. 70 7120141210: p1 FreeBSD-SA-14:27.stdio 72 FreeBSD-SA-14:28.file 73 74 Fix buffer overflow in stdio. [SA-14:27] 75 76 Fix multiple vulnerabilities in file(1) and libmagic(3). 77 [SA-14:28] 78 7920140904: 80 The ofwfb driver, used to provide a graphics console on PowerPC when 81 using vt(4), no longer allows mmap() of all of physical memory. This 82 will prevent Xorg on PowerPC with some ATI graphics cards from 83 initializing properly unless x11-servers/xorg-server is updated to 84 1.12.4_8 or newer. 85 8620140831: 87 The libatf-c and libatf-c++ major versions were downgraded to 0 and 88 1 respectively to match the upstream numbers. They were out of 89 sync because, when they were originally added to FreeBSD, the 90 upstream versions were not respected. These libraries are private 91 and not yet built by default, so renumbering them should be a 92 non-issue. However, unclean source trees will yield broken test 93 programs once the operator executes "make delete-old-libs" after a 94 "make installworld". 95 96 Additionally, the atf-sh binary was made private by moving it into 97 /usr/libexec/. Already-built shell test programs will keep the 98 path to the old binary so they will break after "make delete-old" 99 is run. 100 101 If you are using WITH_TESTS=yes (not the default), wipe the object 102 tree and rebuild from scratch to prevent spurious test failures. 103 This is only needed once: the misnumbered libraries and misplaced 104 binaries have been added to OptionalObsoleteFiles.inc so they will 105 be removed during a clean upgrade. 106 10720140814: 108 The ixgbe tunables now match their sysctl counterparts, for example: 109 hw.ixgbe.enable_aim => hw.ix.enable_aim 110 Anyone using ixgbe tunables should ensure they update /boot/loader.conf. 111 11220140801: 113 The NFSv4.1 server committed by r269398 changes the internal 114 function call interfaces used between the NFS and krpc modules. 115 As such, __FreeBSD_version was bumped. 116 11720140729: 118 The default unbound configuration has been modified to address 119 issues with reverse lookups on networks that use private 120 address ranges. If you use the local_unbound service, run 121 "service local_unbound setup" as root to regenerate your 122 configuration, then "service local_unbound reload" to load the 123 new configuration. 124 12520140717: 126 It is no longer necessary to include the dwarf version in your DEBUG 127 options in your kernel config file. The bug that required it to be 128 placed in the config file has bene fixed. DEBUG should now just 129 contain -g. The build system will automatically update things 130 to do the right thing. 131 13220140715: 133 Several ABI breaking changes were merged to CTL and new iSCSI code. 134 All CTL and iSCSI-related tools, such as ctladm, ctld, iscsid and 135 iscsictl need to be rebuilt to work with a new kernel. 136 13720140708: 138 The WITHOUT_VT_SUPPORT kernel config knob has been renamed 139 WITHOUT_VT. (The other _SUPPORT knobs have a consistent meaning 140 which differs from the behaviour controlled by this knob.) 141 14220140608: 143 On i386 and amd64 systems, the onifconsole flag is now set by default 144 in /etc/ttys for ttyu0. This causes ttyu0 to be automatically enabled 145 as a login TTY if it is set in the bootloader as an active kernel 146 console. No changes in behavior should result otherwise. To revert to 147 the previous behavior, set ttyu0 to "off" in /etc/ttys. 148 14920140512: 150 Clang and llvm have been upgraded to 3.4.1 release. 151 15220140321: 153 Clang and llvm have been upgraded to 3.4 release. 154 15520140306: 156 If a Makefile in a tests/ directory was auto-generating a Kyuafile 157 instead of providing an explicit one, this would prevent such 158 Makefile from providing its own Kyuafile in the future during 159 NO_CLEAN builds. This has been fixed in the Makefiles but manual 160 intervention is needed to clean an objdir if you use NO_CLEAN: 161 # find /usr/obj -name Kyuafile | xargs rm -f 162 16320140303: 164 OpenSSH will now ignore errors caused by kernel lacking of Capsicum 165 capability mode support. Please note that enabling the feature in 166 kernel is still highly recommended. 167 16820140227: 169 OpenSSH is now built with sandbox support, and will use sandbox as 170 the default privilege separation method. This requires Capsicum 171 capability mode support in kernel. 172 17320140216: 174 The nve(4) driver for NVIDIA nForce MCP Ethernet adapters has 175 been deprecated and will not be part of FreeBSD 11.0 and later 176 releases. If you use this driver, please consider switching to 177 the nfe(4) driver instead. 178 17920140120: 180 10.0-RELEASE. 181 18220131216: 183 The behavior of gss_pseudo_random() for the krb5 mechanism 184 has changed, for applications requesting a longer random string 185 than produced by the underlying enctype's pseudo-random() function. 186 In particular, the random string produced from a session key of 187 enctype aes256-cts-hmac-sha1-96 or aes256-cts-hmac-sha1-96 will 188 be different at the 17th octet and later, after this change. 189 The counter used in the PRF+ construction is now encoded as a 190 big-endian integer in accordance with RFC 4402. 191 __FreeBSD_version is bumped to 1000701. 192 19320131108: 194 The WITHOUT_ATF build knob has been removed and its functionality 195 has been subsumed into the more generic WITHOUT_TESTS. If you were 196 using the former to disable the build of the ATF libraries, you 197 should change your settings to use the latter. 198 19920131031: 200 The default version of mtree is nmtree which is obtained from 201 NetBSD. The output is generally the same, but may vary 202 slightly. If you found you need identical output adding 203 "-F freebsd9" to the command line should do the trick. For the 204 time being, the old mtree is available as fmtree. 205 20620131014: 207 libbsdyml has been renamed to libyaml and moved to /usr/lib/private. 208 This will break ports-mgmt/pkg. Rebuild the port, or upgrade to pkg 209 1.1.4_8 and verify bsdyml not linked in, before running "make 210 delete-old-libs": 211 # make -C /usr/ports/ports-mgmt/pkg build deinstall install clean 212 or 213 # pkg install pkg; ldd /usr/local/sbin/pkg | grep bsdyml 214 21520131010: 216 The rc.d/jail script has been updated to support jail(8) 217 configuration file. The "jail_<jname>_*" rc.conf(5) variables 218 for per-jail configuration are automatically converted to 219 /var/run/jail.<jname>.conf before the jail(8) utility is invoked. 220 This is transparently backward compatible. See below about some 221 incompatibilities and rc.conf(5) manual page for more details. 222 223 These variables are now deprecated in favor of jail(8) configuration 224 file. One can use "rc.d/jail config <jname>" command to generate 225 a jail(8) configuration file in /var/run/jail.<jname>.conf without 226 running the jail(8) utility. The default pathname of the 227 configuration file is /etc/jail.conf and can be specified by 228 using $jail_conf or $jail_<jname>_conf variables. 229 230 Please note that jail_devfs_ruleset accepts an integer at 231 this moment. Please consider to rewrite the ruleset name 232 with an integer. 233 23420130930: 235 BIND has been removed from the base system. If all you need 236 is a local resolver, simply enable and start the local_unbound 237 service instead. Otherwise, several versions of BIND are 238 available in the ports tree. The dns/bind99 port is one example. 239 240 With this change, nslookup(1) and dig(1) are no longer in the base 241 system. Users should instead use host(1) and drill(1) which are 242 in the base system. Alternatively, nslookup and dig can 243 be obtained by installing the dns/bind-tools port. 244 24520130916: 246 With the addition of unbound(8), a new unbound user is now 247 required during installworld. "mergemaster -p" can be used to 248 add the user prior to installworld, as documented in the handbook. 249 25020130911: 251 OpenSSH is now built with DNSSEC support, and will by default 252 silently trust signed SSHFP records. This can be controlled with 253 the VerifyHostKeyDNS client configuration setting. DNSSEC support 254 can be disabled entirely with the WITHOUT_LDNS option in src.conf. 255 25620130906: 257 The GNU Compiler Collection and C++ standard library (libstdc++) 258 are no longer built by default on platforms where clang is the system 259 compiler. You can enable them with the WITH_GCC and WITH_GNUCXX 260 options in src.conf. 261 26220130905: 263 The PROCDESC kernel option is now part of the GENERIC kernel 264 configuration and is required for the rwhod(8) to work. 265 If you are using custom kernel configuration, you should include 266 'options PROCDESC'. 267 26820130905: 269 The API and ABI related to the Capsicum framework was modified 270 in backward incompatible way. The userland libraries and programs 271 have to be recompiled to work with the new kernel. This includes the 272 following libraries and programs, but the whole buildworld is 273 advised: libc, libprocstat, dhclient, tcpdump, hastd, hastctl, 274 kdump, procstat, rwho, rwhod, uniq. 275 27620130903: 277 AES-NI intrinsic support has been added to gcc. The AES-NI module 278 has been updated to use this support. A new gcc is required to build 279 the aesni module on both i386 and amd64. 280 28120130821: 282 The PADLOCK_RNG and RDRAND_RNG kernel options are now devices. 283 Thus "device padlock_rng" and "device rdrand_rng" should be 284 used instead of "options PADLOCK_RNG" & "options RDRAND_RNG". 285 28620130813: 287 WITH_ICONV has been split into two feature sets. WITH_ICONV now 288 enables just the iconv* functionality and is now on by default. 289 WITH_LIBICONV_COMPAT enables the libiconv api and link time 290 compatability. Set WITHOUT_ICONV to build the old way. 291 If you have been using WITH_ICONV before, you will very likely 292 need to turn on WITH_LIBICONV_COMPAT. 293 29420130806: 295 INVARIANTS option now enables DEBUG for code with OpenSolaris and 296 Illumos origin, including ZFS. If you have INVARIANTS in your 297 kernel configuration, then there is no need to set DEBUG or ZFS_DEBUG 298 explicitly. 299 DEBUG used to enable witness(9) tracking of OpenSolaris (mostly ZFS) 300 locks if WITNESS option was set. Because that generated a lot of 301 witness(9) reports and all of them were believed to be false 302 positives, this is no longer done. New option OPENSOLARIS_WITNESS 303 can be used to achieve the previous behavior. 304 30520130806: 306 Timer values in IPv6 data structures now use time_uptime instead 307 of time_second. Although this is not a user-visible functional 308 change, userland utilities which directly use them---ndp(8), 309 rtadvd(8), and rtsold(8) in the base system---need to be updated 310 to r253970 or later. 311 31220130802: 313 find -delete can now delete the pathnames given as arguments, 314 instead of only files found below them or if the pathname did 315 not contain any slashes. Formerly, the following error message 316 would result: 317 318 find: -delete: <path>: relative path potentially not safe 319 320 Deleting the pathnames given as arguments can be prevented 321 without error messages using -mindepth 1 or by changing 322 directory and passing "." as argument to find. This works in the 323 old as well as the new version of find. 324 32520130726: 326 Behavior of devfs rules path matching has been changed. 327 Pattern is now always matched against fully qualified devfs 328 path and slash characters must be explicitly matched by 329 slashes in pattern (FNM_PATHNAME). Rulesets involving devfs 330 subdirectories must be reviewed. 331 33220130716: 333 The default ARM ABI has changed to the ARM EABI. The old ABI is 334 incompatible with the ARM EABI and all programs and modules will 335 need to be rebuilt to work with a new kernel. 336 337 To keep using the old ABI ensure the WITHOUT_ARM_EABI knob is set. 338 339 NOTE: Support for the old ABI will be removed in the future and 340 users are advised to upgrade. 341 34220130709: 343 pkg_install has been disconnected from the build if you really need it 344 you should add WITH_PKGTOOLS in your src.conf(5). 345 34620130709: 347 Most of network statistics structures were changed to be able 348 keep 64-bits counters. Thus all tools, that work with networking 349 statistics, must be rebuilt (netstat(1), bsnmpd(1), etc.) 350 35120130629: 352 Fix targets that run multiple make's to use && rather than ; 353 so that subsequent steps depend on success of previous. 354 355 NOTE: if building 'universe' with -j* on stable/8 or stable/9 356 it would be better to start the build using bmake, to avoid 357 overloading the machine. 358 35920130618: 360 Fix a bug that allowed a tracing process (e.g. gdb) to write 361 to a memory-mapped file in the traced process's address space 362 even if neither the traced process nor the tracing process had 363 write access to that file. 364 36520130615: 366 CVS has been removed from the base system. An exact copy 367 of the code is available from the devel/cvs port. 368 36920130613: 370 Some people report the following error after the switch to bmake: 371 372 make: illegal option -- J 373 usage: make [-BPSXeiknpqrstv] [-C directory] [-D variable] 374 ... 375 *** [buildworld] Error code 2 376 377 this likely due to an old instance of make in 378 ${MAKEPATH} (${MAKEOBJDIRPREFIX}${.CURDIR}/make.${MACHINE}) 379 which src/Makefile will use that blindly, if it exists, so if 380 you see the above error: 381 382 rm -rf `make -V MAKEPATH` 383 384 should resolve it. 385 38620130516: 387 Use bmake by default. 388 Whereas before one could choose to build with bmake via 389 -DWITH_BMAKE one must now use -DWITHOUT_BMAKE to use the old 390 make. The goal is to remove these knobs for 10-RELEASE. 391 392 It is worth noting that bmake (like gmake) treats the command 393 line as the unit of failure, rather than statements within the 394 command line. Thus '(cd some/where && dosomething)' is safer 395 than 'cd some/where; dosomething'. The '()' allows consistent 396 behavior in parallel build. 397 39820130429: 399 Fix a bug that allows NFS clients to issue READDIR on files. 400 40120130426: 402 The WITHOUT_IDEA option has been removed because 403 the IDEA patent expired. 404 40520130426: 406 The sysctl which controls TRIM support under ZFS has been renamed 407 from vfs.zfs.trim_disable -> vfs.zfs.trim.enabled and has been 408 enabled by default. 409 41020130425: 411 The mergemaster command now uses the default MAKEOBJDIRPREFIX 412 rather than creating it's own in the temporary directory in 413 order allow access to bootstrapped versions of tools such as 414 install and mtree. When upgrading from version of FreeBSD where 415 the install command does not support -l, you will need to 416 install a new mergemaster command if mergemaster -p is required. 417 This can be accomplished with the command (cd src/usr.sbin/mergemaster 418 && make install). 419 42020130404: 421 Legacy ATA stack, disabled and replaced by new CAM-based one since 422 FreeBSD 9.0, completely removed from the sources. Kernel modules 423 atadisk and atapi*, user-level tools atacontrol and burncd are 424 removed. Kernel option `options ATA_CAM` is now permanently enabled 425 and removed. 426 42720130319: 428 SOCK_CLOEXEC and SOCK_NONBLOCK flags have been added to socket(2) 429 and socketpair(2). Software, in particular Kerberos, may 430 automatically detect and use these during building. The resulting 431 binaries will not work on older kernels. 432 43320130308: 434 CTL_DISABLE has also been added to the sparc64 GENERIC (for further 435 information, see the respective 20130304 entry). 436 43720130304: 438 Recent commits to callout(9) changed the size of struct callout, 439 so the KBI is probably heavily disturbed. Also, some functions 440 in callout(9)/sleep(9)/sleepqueue(9)/condvar(9) KPIs were replaced 441 by macros. Every kernel module using it won't load, so rebuild 442 is requested. 443 444 The ctl device has been re-enabled in GENERIC for i386 and amd64, 445 but does not initialize by default (because of the new CTL_DISABLE 446 option) to save memory. To re-enable it, remove the CTL_DISABLE 447 option from the kernel config file or set kern.cam.ctl.disable=0 448 in /boot/loader.conf. 449 45020130301: 451 The ctl device has been disabled in GENERIC for i386 and amd64. 452 This was done due to the extra memory being allocated at system 453 initialisation time by the ctl driver which was only used if 454 a CAM target device was created. This makes a FreeBSD system 455 unusable on 128MB or less of RAM. 456 45720130208: 458 A new compression method (lz4) has been merged to -HEAD. Please 459 refer to zpool-features(7) for more information. 460 461 Please refer to the "ZFS notes" section of this file for information 462 on upgrading boot ZFS pools. 463 46420130129: 465 A BSD-licensed patch(1) variant has been added and is installed 466 as bsdpatch, being the GNU version the default patch. 467 To inverse the logic and use the BSD-licensed one as default, 468 while having the GNU version installed as gnupatch, rebuild 469 and install world with the WITH_BSD_PATCH knob set. 470 47120130121: 472 Due to the use of the new -l option to install(1) during build 473 and install, you must take care not to directly set the INSTALL 474 make variable in your /etc/make.conf, /etc/src.conf, or on the 475 command line. If you wish to use the -C flag for all installs 476 you may be able to add INSTALL+=-C to /etc/make.conf or 477 /etc/src.conf. 478 47920130118: 480 The install(1) option -M has changed meaning and now takes an 481 argument that is a file or path to append logs to. In the 482 unlikely event that -M was the last option on the command line 483 and the command line contained at least two files and a target 484 directory the first file will have logs appended to it. The -M 485 option served little practical purpose in the last decade so its 486 use is expected to be extremely rare. 487 48820121223: 489 After switching to Clang as the default compiler some users of ZFS 490 on i386 systems started to experience stack overflow kernel panics. 491 Please consider using 'options KSTACK_PAGES=4' in such configurations. 492 49320121222: 494 GEOM_LABEL now mangles label names read from file system metadata. 495 Mangling affect labels containing spaces, non-printable characters, 496 '%' or '"'. Device names in /etc/fstab and other places may need to 497 be updated. 498 49920121217: 500 By default, only the 10 most recent kernel dumps will be saved. To 501 restore the previous behaviour (no limit on the number of kernel dumps 502 stored in the dump directory) add the following line to /etc/rc.conf: 503 504 savecore_flags="" 505 50620121201: 507 With the addition of auditdistd(8), a new auditdistd user is now 508 required during installworld. "mergemaster -p" can be used to 509 add the user prior to installworld, as documented in the handbook. 510 51120121117: 512 The sin6_scope_id member variable in struct sockaddr_in6 is now 513 filled by the kernel before passing the structure to the userland via 514 sysctl or routing socket. This means the KAME-specific embedded scope 515 id in sin6_addr.s6_addr[2] is always cleared in userland application. 516 This behavior can be controlled by net.inet6.ip6.deembed_scopeid. 517 __FreeBSD_version is bumped to 1000025. 518 51920121105: 520 On i386 and amd64 systems WITH_CLANG_IS_CC is now the default. 521 This means that the world and kernel will be compiled with clang 522 and that clang will be installed as /usr/bin/cc, /usr/bin/c++, 523 and /usr/bin/cpp. To disable this behavior and revert to building 524 with gcc, compile with WITHOUT_CLANG_IS_CC. Really old versions 525 of current may need to bootstrap WITHOUT_CLANG first if the clang 526 build fails (its compatibility window doesn't extend to the 9 stable 527 branch point). 528 52920121102: 530 The IPFIREWALL_FORWARD kernel option has been removed. Its 531 functionality now turned on by default. 532 53320121023: 534 The ZERO_COPY_SOCKET kernel option has been removed and 535 split into SOCKET_SEND_COW and SOCKET_RECV_PFLIP. 536 NB: SOCKET_SEND_COW uses the VM page based copy-on-write 537 mechanism which is not safe and may result in kernel crashes. 538 NB: The SOCKET_RECV_PFLIP mechanism is useless as no current 539 driver supports disposeable external page sized mbuf storage. 540 Proper replacements for both zero-copy mechanisms are under 541 consideration and will eventually lead to complete removal 542 of the two kernel options. 543 54420121023: 545 The IPv4 network stack has been converted to network byte 546 order. The following modules need to be recompiled together 547 with kernel: carp(4), divert(4), gif(4), siftr(4), gre(4), 548 pf(4), ipfw(4), ng_ipfw(4), stf(4). 549 55020121022: 551 Support for non-MPSAFE filesystems was removed from VFS. The 552 VFS_VERSION was bumped, all filesystem modules shall be 553 recompiled. 554 55520121018: 556 All the non-MPSAFE filesystems have been disconnected from 557 the build. The full list includes: codafs, hpfs, ntfs, nwfs, 558 portalfs, smbfs, xfs. 559 56020121016: 561 The interface cloning API and ABI has changed. The following 562 modules need to be recompiled together with kernel: 563 ipfw(4), pfsync(4), pflog(4), usb(4), wlan(4), stf(4), 564 vlan(4), disc(4), edsc(4), if_bridge(4), gif(4), tap(4), 565 faith(4), epair(4), enc(4), tun(4), if_lagg(4), gre(4). 566 56720121015: 568 The sdhci driver was split in two parts: sdhci (generic SD Host 569 Controller logic) and sdhci_pci (actual hardware driver). 570 No kernel config modifications are required, but if you 571 load sdhc as a module you must switch to sdhci_pci instead. 572 57320121014: 574 Import the FUSE kernel and userland support into base system. 575 57620121013: 577 The GNU sort(1) program has been removed since the BSD-licensed 578 sort(1) has been the default for quite some time and no serious 579 problems have been reported. The corresponding WITH_GNU_SORT 580 knob has also gone. 581 58220121006: 583 The pfil(9) API/ABI for AF_INET family has been changed. Packet 584 filtering modules: pf(4), ipfw(4), ipfilter(4) need to be recompiled 585 with new kernel. 586 58720121001: 588 The net80211(4) ABI has been changed to allow for improved driver 589 PS-POLL and power-save support. All wireless drivers need to be 590 recompiled to work with the new kernel. 591 59220120913: 593 The random(4) support for the VIA hardware random number 594 generator (`PADLOCK') is no longer enabled unconditionally. 595 Add the padlock_rng device in the custom kernel config if 596 needed. The GENERIC kernels on i386 and amd64 do include the 597 device, so the change only affects the custom kernel 598 configurations. 599 60020120908: 601 The pf(4) packet filter ABI has been changed. pfctl(8) and 602 snmp_pf module need to be recompiled to work with new kernel. 603 60420120828: 605 A new ZFS feature flag "com.delphix:empty_bpobj" has been merged 606 to -HEAD. Pools that have empty_bpobj in active state can not be 607 imported read-write with ZFS implementations that do not support 608 this feature. For more information read the zpool-features(5) 609 manual page. 610 61120120727: 612 The sparc64 ZFS loader has been changed to no longer try to auto- 613 detect ZFS providers based on diskN aliases but now requires these 614 to be explicitly listed in the OFW boot-device environment variable. 615 61620120712: 617 The OpenSSL has been upgraded to 1.0.1c. Any binaries requiring 618 libcrypto.so.6 or libssl.so.6 must be recompiled. Also, there are 619 configuration changes. Make sure to merge /etc/ssl/openssl.cnf. 620 62120120712: 622 The following sysctls and tunables have been renamed for consistency 623 with other variables: 624 kern.cam.da.da_send_ordered -> kern.cam.da.send_ordered 625 kern.cam.ada.ada_send_ordered -> kern.cam.ada.send_ordered 626 62720120628: 628 The sort utility has been replaced with BSD sort. For now, GNU sort 629 is also available as "gnusort" or the default can be set back to 630 GNU sort by setting WITH_GNU_SORT. In this case, BSD sort will be 631 installed as "bsdsort". 632 63320120611: 634 A new version of ZFS (pool version 5000) has been merged to -HEAD. 635 Starting with this version the old system of ZFS pool versioning 636 is superseded by "feature flags". This concept enables forward 637 compatibility against certain future changes in functionality of ZFS 638 pools. The first read-only compatible "feature flag" for ZFS pools 639 is named "com.delphix:async_destroy". For more information 640 read the new zpool-features(5) manual page. 641 Please refer to the "ZFS notes" section of this file for information 642 on upgrading boot ZFS pools. 643 64420120417: 645 The malloc(3) implementation embedded in libc now uses sources imported 646 as contrib/jemalloc. The most disruptive API change is to 647 /etc/malloc.conf. If your system has an old-style /etc/malloc.conf, 648 delete it prior to installworld, and optionally re-create it using the 649 new format after rebooting. See malloc.conf(5) for details 650 (specifically the TUNING section and the "opt.*" entries in the MALLCTL 651 NAMESPACE section). 652 65320120328: 654 Big-endian MIPS TARGET_ARCH values no longer end in "eb". mips64eb 655 is now spelled mips64. mipsn32eb is now spelled mipsn32. mipseb is 656 now spelled mips. This is to aid compatibility with third-party 657 software that expects this naming scheme in uname(3). Little-endian 658 settings are unchanged. If you are updating a big-endian mips64 machine 659 from before this change, you may need to set MACHINE_ARCH=mips64 in 660 your environment before the new build system will recognize your machine. 661 66220120306: 663 Disable by default the option VFS_ALLOW_NONMPSAFE for all supported 664 platforms. 665 66620120229: 667 Now unix domain sockets behave "as expected" on nullfs(5). Previously 668 nullfs(5) did not pass through all behaviours to the underlying layer, 669 as a result if we bound to a socket on the lower layer we could connect 670 only to the lower path; if we bound to the upper layer we could connect 671 only to the upper path. The new behavior is one can connect to both the 672 lower and the upper paths regardless what layer path one binds to. 673 67420120211: 675 The getifaddrs upgrade path broken with 20111215 has been restored. 676 If you have upgraded in between 20111215 and 20120209 you need to 677 recompile libc again with your kernel. You still need to recompile 678 world to be able to configure CARP but this restriction already 679 comes from 20111215. 680 68120120114: 682 The set_rcvar() function has been removed from /etc/rc.subr. All 683 base and ports rc.d scripts have been updated, so if you have a 684 port installed with a script in /usr/local/etc/rc.d you can either 685 hand-edit the rcvar= line, or reinstall the port. 686 687 An easy way to handle the mass-update of /etc/rc.d: 688 rm /etc/rc.d/* && mergemaster -i 689 69020120109: 691 panic(9) now stops other CPUs in the SMP systems, disables interrupts 692 on the current CPU and prevents other threads from running. 693 This behavior can be reverted using the kern.stop_scheduler_on_panic 694 tunable/sysctl. 695 The new behavior can be incompatible with kern.sync_on_panic. 696 69720111215: 698 The carp(4) facility has been changed significantly. Configuration 699 of the CARP protocol via ifconfig(8) has changed, as well as format 700 of CARP events submitted to devd(8) has changed. See manual pages 701 for more information. The arpbalance feature of carp(4) is currently 702 not supported anymore. 703 704 Size of struct in_aliasreq, struct in6_aliasreq has changed. User 705 utilities using SIOCAIFADDR, SIOCAIFADDR_IN6, e.g. ifconfig(8), 706 need to be recompiled. 707 70820111122: 709 The acpi_wmi(4) status device /dev/wmistat has been renamed to 710 /dev/wmistat0. 711 71220111108: 713 The option VFS_ALLOW_NONMPSAFE option has been added in order to 714 explicitely support non-MPSAFE filesystems. 715 It is on by default for all supported platform at this present 716 time. 717 71820111101: 719 The broken amd(4) driver has been replaced with esp(4) in the amd64, 720 i386 and pc98 GENERIC kernel configuration files. 721 72220110930: 723 sysinstall has been removed 724 72520110923: 726 The stable/9 branch created in subversion. This corresponds to the 727 RELENG_9 branch in CVS. 728 72920110913: 730 This commit modifies vfs_register() so that it uses a hash 731 calculation to set vfc_typenum, which is enabled by default. 732 The first time a system is booted after this change, the 733 vfc_typenum values will change for all file systems. The 734 main effect of this is a change to the NFS server file handles 735 for file systems that use vfc_typenum in their fsid, such as ZFS. 736 It will, however, prevent vfc_typenum from changing when file 737 systems are loaded in a different order for subsequent reboots. 738 To disable this, you can set vfs.typenumhash=0 in /boot/loader.conf 739 until you are ready to remount all NFS clients after a reboot. 740 74120110828: 742 Bump the shared library version numbers for libraries that 743 do not use symbol versioning, have changed the ABI compared 744 to stable/8 and which shared library version was not bumped. 745 Done as part of 9.0-RELEASE cycle. 746 74720110815: 748 During the merge of Capsicum features, the fget(9) KPI was modified. 749 This may require the rebuilding of out-of-tree device drivers -- 750 issues have been reported specifically with the nVidia device driver. 751 __FreeBSD_version is bumped to 900041. 752 753 Also, there is a period between 20110811 and 20110814 where the 754 special devices /dev/{stdin,stdout,stderr} did not work correctly. 755 Building world from a kernel during that window may not work. 756 75720110628: 758 The packet filter (pf) code has been updated to OpenBSD 4.5. 759 You need to update userland tools to be in sync with kernel. 760 This update breaks backward compatibility with earlier pfsync(4) 761 versions. Care must be taken when updating redundant firewall setups. 762 76320110608: 764 The following sysctls and tunables are retired on x86 platforms: 765 machdep.hlt_cpus 766 machdep.hlt_logical_cpus 767 The following sysctl is retired: 768 machdep.hyperthreading_allowed 769 The sysctls were supposed to provide a way to dynamically offline and 770 online selected CPUs on x86 platforms, but the implementation has not 771 been reliable especially with SCHED_ULE scheduler. 772 machdep.hyperthreading_allowed tunable is still available to ignore 773 hyperthreading CPUs at OS level. 774 Individual CPUs can be disabled using hint.lapic.X.disabled tunable, 775 where X is an APIC ID of a CPU. Be advised, though, that disabling 776 CPUs in non-uniform fashion will result in non-uniform topology and 777 may lead to sub-optimal system performance with SCHED_ULE, which is 778 a default scheduler. 779 78020110607: 781 cpumask_t type is retired and cpuset_t is used in order to describe 782 a mask of CPUs. 783 78420110531: 785 Changes to ifconfig(8) for dynamic address family detection mandate 786 that you are running a kernel of 20110525 or later. Make sure to 787 follow the update procedure to boot a new kernel before installing 788 world. 789 79020110513: 791 Support for sun4v architecture is officially dropped 792 79320110503: 794 Several KPI breaking changes have been committed to the mii(4) layer, 795 the PHY drivers and consequently some Ethernet drivers using mii(4). 796 This means that miibus.ko and the modules of the affected Ethernet 797 drivers need to be recompiled. 798 799 Note to kernel developers: Given that the OUI bit reversion problem 800 was fixed as part of these changes all mii(4) commits related to OUIs, 801 i.e. to sys/dev/mii/miidevs, PHY driver probing and vendor specific 802 handling, no longer can be merged verbatim to stable/8 and previous 803 branches. 804 80520110430: 806 Users of the Atheros AR71xx SoC code now need to add 'device ar71xx_pci' 807 into their kernel configurations along with 'device pci'. 808 80920110427: 810 The default NFS client is now the new NFS client, so fstype "newnfs" 811 is now "nfs" and the regular/old NFS client is now fstype "oldnfs". 812 Although mounts via fstype "nfs" will usually work without userland 813 changes, it is recommended that the mount(8) and mount_nfs(8) 814 commands be rebuilt from sources and that a link to mount_nfs called 815 mount_oldnfs be created. The new client is compiled into the 816 kernel with "options NFSCL" and this is needed for diskless root 817 file systems. The GENERIC kernel configs have been changed to use 818 NFSCL and NFSD (the new server) instead of NFSCLIENT and NFSSERVER. 819 To use the regular/old client, you can "mount -t oldnfs ...". For 820 a diskless root file system, you must also include a line like: 821 822 vfs.root.mountfrom="oldnfs:" 823 824 in the boot/loader.conf on the root fs on the NFS server to make 825 a diskless root fs use the old client. 826 82720110424: 828 The GENERIC kernels for all architectures now default to the new 829 CAM-based ATA stack. It means that all legacy ATA drivers were 830 removed and replaced by respective CAM drivers. If you are using 831 ATA device names in /etc/fstab or other places, make sure to update 832 them respectively (adX -> adaY, acdX -> cdY, afdX -> daY, astX -> saY, 833 where 'Y's are the sequential numbers starting from zero for each type 834 in order of detection, unless configured otherwise with tunables, 835 see cam(4)). There will be symbolic links created in /dev/ to map 836 old adX devices to the respective adaY. They should provide basic 837 compatibility for file systems mounting in most cases, but they do 838 not support old user-level APIs and do not have respective providers 839 in GEOM. Consider using updated management tools with new device names. 840 841 It is possible to load devices ahci, ata, siis and mvs as modules, 842 but option ATA_CAM should remain in kernel configuration to make ata 843 module work as CAM driver supporting legacy ATA controllers. Device ata 844 still can be used in modular fashion (atacore + ...). Modules atadisk 845 and atapi* are not used and won't affect operation in ATA_CAM mode. 846 Note that to use CAM-based ATA kernel should include CAM devices 847 scbus, pass, da (or explicitly ada), cd and optionally others. All of 848 them are parts of the cam module. 849 850 ataraid(4) functionality is now supported by the RAID GEOM class. 851 To use it you can load geom_raid kernel module and use graid(8) tool 852 for management. Instead of /dev/arX device names, use /dev/raid/rX. 853 854 No kernel config options or code have been removed, so if a problem 855 arises, please report it and optionally revert to the old ATA stack. 856 In order to do it you can remove from the kernel config: 857 options ATA_CAM 858 device ahci 859 device mvs 860 device siis 861 , and instead add back: 862 device atadisk # ATA disk drives 863 device ataraid # ATA RAID drives 864 device atapicd # ATAPI CDROM drives 865 device atapifd # ATAPI floppy drives 866 device atapist # ATAPI tape drives 867 86820110423: 869 The default NFS server has been changed to the new server, which 870 was referred to as the experimental server. If you need to switch 871 back to the old NFS server, you must now put the "-o" option on 872 both the mountd and nfsd commands. This can be done using the 873 mountd_flags and nfs_server_flags rc.conf variables until an 874 update to the rc scripts is committed, which is coming soon. 875 87620110418: 877 The GNU Objective-C runtime library (libobjc), and other Objective-C 878 related components have been removed from the base system. If you 879 require an Objective-C library, please use one of the available ports. 880 88120110331: 882 ath(4) has been split into bus- and device- modules. if_ath contains 883 the HAL, the TX rate control and the network device code. if_ath_pci 884 contains the PCI bus glue. For Atheros MIPS embedded systems, if_ath_ahb 885 contains the AHB glue. Users need to load both if_ath_pci and if_ath 886 in order to use ath on everything else. 887 888 TO REPEAT: if_ath_ahb is not needed for normal users. Normal users only 889 need to load if_ath and if_ath_pci for ath(4) operation. 890 89120110314: 892 As part of the replacement of sysinstall, the process of building 893 release media has changed significantly. For details, please re-read 894 release(7), which has been updated to reflect the new build process. 895 89620110218: 897 GNU binutils 2.17.50 (as of 2007-07-03) has been merged to -HEAD. This 898 is the last available version under GPLv2. It brings a number of new 899 features, such as support for newer x86 CPU's (with SSE-3, SSSE-3, SSE 900 4.1 and SSE 4.2), better support for powerpc64, a number of new 901 directives, and lots of other small improvements. See the ChangeLog 902 file in contrib/binutils for the full details. 903 90420110218: 905 IPsec's HMAC_SHA256-512 support has been fixed to be RFC4868 906 compliant, and will now use half of hash for authentication. 907 This will break interoperability with all stacks (including all 908 actual FreeBSD versions) who implement 909 draft-ietf-ipsec-ciph-sha-256-00 (they use 96 bits of hash for 910 authentication). 911 The only workaround with such peers is to use another HMAC 912 algorithm for IPsec ("phase 2") authentication. 913 91420110207: 915 Remove the uio_yield prototype and symbol. This function has 916 been misnamed since it was introduced and should not be 917 globally exposed with this name. The equivalent functionality 918 is now available using kern_yield(curthread->td_user_pri). 919 The function remains undocumented. 920 92120110112: 922 A SYSCTL_[ADD_]UQUAD was added for unsigned uint64_t pointers, 923 symmetric with the existing SYSCTL_[ADD_]QUAD. Type checking 924 for scalar sysctls is defined but disabled. Code that needs 925 UQUAD to pass the type checking that must compile on older 926 systems where the define is not present can check against 927 __FreeBSD_version >= 900030. 928 929 The system dialog(1) has been replaced with a new version previously 930 in ports as devel/cdialog. dialog(1) is mostly command-line compatible 931 with the previous version, but the libdialog associated with it has 932 a largely incompatible API. As such, the original version of libdialog 933 will be kept temporarily as libodialog, until its base system consumers 934 are replaced or updated. Bump __FreeBSD_version to 900030. 935 93620110103: 937 If you are trying to run make universe on a -stable system, and you get 938 the following warning: 939 "Makefile", line 356: "Target architecture for i386/conf/GENERIC 940 unknown. config(8) likely too old." 941 or something similar to it, then you must upgrade your -stable system 942 to 8.2-Release or newer (really, any time after r210146 7/15/2010 in 943 stable/8) or build the config from the latest stable/8 branch and 944 install it on your system. 945 946 Prior to this date, building a current universe on 8-stable system from 947 between 7/15/2010 and 1/2/2011 would result in a weird shell parsing 948 error in the first kernel build phase. A new config on those old 949 systems will fix that problem for older versions of -current. 950 95120101228: 952 The TCP stack has been modified to allow Khelp modules to interact with 953 it via helper hook points and store per-connection data in the TCP 954 control block. Bump __FreeBSD_version to 900029. User space tools that 955 rely on the size of struct tcpcb in tcp_var.h (e.g. sockstat) need to 956 be recompiled. 957 95820101114: 959 Generic IEEE 802.3 annex 31B full duplex flow control support has been 960 added to mii(4) and bge(4), bce(4), msk(4), nfe(4) and stge(4) along 961 with brgphy(4), e1000phy(4) as well as ip1000phy() have been converted 962 to take advantage of it instead of using custom implementations. This 963 means that these drivers now no longer unconditionally advertise 964 support for flow control but only do so if flow control is a selected 965 media option. This was implemented in the generic support that way in 966 order to allow flow control to be switched on and off via ifconfig(8) 967 with the PHY specific default to typically off in order to protect 968 from unwanted effects. Consequently, if you used flow control with 969 one of the above mentioned drivers you now need to explicitly enable 970 it, for example via: 971 ifconfig bge0 media auto mediaopt flowcontrol 972 973 Along with the above mentioned changes generic support for setting 974 1000baseT master mode also has been added and brgphy(4), ciphy(4), 975 e1000phy(4) as well as ip1000phy(4) have been converted to take 976 advantage of it. This means that these drivers now no longer take the 977 link0 parameter for selecting master mode but the master media option 978 has to be used instead, for example like in the following: 979 ifconfig bge0 media 1000baseT mediaopt full-duplex,master 980 981 Selection of master mode now is also available with all other PHY 982 drivers supporting 1000baseT. 983 98420101111: 985 The TCP stack has received a significant update to add support for 986 modularised congestion control and generally improve the clarity of 987 congestion control decisions. Bump __FreeBSD_version to 900025. User 988 space tools that rely on the size of struct tcpcb in tcp_var.h (e.g. 989 sockstat) need to be recompiled. 990 99120101002: 992 The man(1) utility has been replaced by a new version that no longer 993 uses /etc/manpath.config. Please consult man.conf(5) for how to 994 migrate local entries to the new format. 995 99620100928: 997 The copyright strings printed by login(1) and sshd(8) at the time of a 998 new connection have been removed to follow other operating systems and 999 upstream sshd. 1000 100120100915: 1002 A workaround for a fixed ld bug has been removed in kernel code, 1003 so make sure that your system ld is built from sources after 1004 revision 210245 from 2010-07-19 (r211583 if building head kernel 1005 on stable/8, r211584 for stable/7; both from 2010-08-21). 1006 A symptom of incorrect ld version is different addresses for 1007 set_pcpu section and __start_set_pcpu symbol in kernel and/or modules. 1008 100920100913: 1010 The $ipv6_prefer variable in rc.conf(5) has been split into 1011 $ip6addrctl_policy and $ipv6_activate_all_interfaces. 1012 1013 The $ip6addrctl_policy is a variable to choose a pre-defined 1014 address selection policy set by ip6addrctl(8). A value 1015 "ipv4_prefer", "ipv6_prefer" or "AUTO" can be specified. The 1016 default is "AUTO". 1017 1018 The $ipv6_activate_all_interfaces specifies whether IFDISABLED 1019 flag (see an entry of 20090926) is set on an interface with no 1020 corresponding $ifconfig_IF_ipv6 line. The default is "NO" for 1021 security reason. If you want IPv6 link-local address on all 1022 interfaces by default, set this to "YES". 1023 1024 The old ipv6_prefer="YES" is equivalent to 1025 ipv6_activate_all_interfaces="YES" and 1026 ip6addrctl_policy="ipv6_prefer". 1027 102820100913: 1029 DTrace has grown support for userland tracing. Due to this, DTrace is 1030 now i386 and amd64 only. 1031 dtruss(1) is now installed by default on those systems and a new 1032 kernel module is needed for userland tracing: fasttrap. 1033 No changes to your kernel config file are necessary to enable 1034 userland tracing, but you might consider adding 'STRIP=' and 1035 'CFLAGS+=-fno-omit-frame-pointer' to your make.conf if you want 1036 to have informative userland stack traces in DTrace (ustack). 1037 103820100725: 1039 The acpi_aiboost(4) driver has been removed in favor of the new 1040 aibs(4) driver. You should update your kernel configuration file. 1041 104220100722: 1043 BSD grep has been imported to the base system and it is built by 1044 default. It is completely BSD licensed, highly GNU-compatible, uses 1045 less memory than its GNU counterpart and has a small codebase. 1046 However, it is slower than its GNU counterpart, which is mostly 1047 noticeable for larger searches, for smaller ones it is measurable 1048 but not significant. The reason is complex, the most important factor 1049 is that we lack a modern and efficient regex library and GNU 1050 overcomes this by optimizing the searches internally. Future work 1051 on improving the regex performance is planned, for the meantime, 1052 users that need better performance, can build GNU grep instead by 1053 setting the WITH_GNU_GREP knob. 1054 105520100713: 1056 Due to the import of powerpc64 support, all existing powerpc kernel 1057 configuration files must be updated with a machine directive like this: 1058 machine powerpc powerpc 1059 1060 In addition, an updated config(8) is required to build powerpc kernels 1061 after this change. 1062 106320100713: 1064 A new version of ZFS (version 15) has been merged to -HEAD. 1065 This version uses a python library for the following subcommands: 1066 zfs allow, zfs unallow, zfs groupspace, zfs userspace. 1067 For full functionality of these commands the following port must 1068 be installed: sysutils/py-zfs 1069 107020100429: 1071 'vm_page's are now hashed by physical address to an array of mutexes. 1072 Currently this is only used to serialize access to hold_count. Over 1073 time the page queue mutex will be peeled away. This changes the size 1074 of pmap on every architecture. And requires all callers of vm_page_hold 1075 and vm_page_unhold to be updated. 1076 107720100402: 1078 WITH_CTF can now be specified in src.conf (not recommended, there 1079 are some problems with static executables), make.conf (would also 1080 affect ports which do not use GNU make and do not override the 1081 compile targets) or in the kernel config (via "makeoptions 1082 WITH_CTF=yes"). 1083 When WITH_CTF was specified there before this was silently ignored, 1084 so make sure that WITH_CTF is not used in places which could lead 1085 to unwanted behavior. 1086 108720100311: 1088 The kernel option COMPAT_IA32 has been replaced with COMPAT_FREEBSD32 1089 to allow 32-bit compatibility on non-x86 platforms. All kernel 1090 configurations on amd64 and ia64 platforms using these options must 1091 be modified accordingly. 1092 109320100113: 1094 The utmp user accounting database has been replaced with utmpx, 1095 the user accounting interface standardized by POSIX. 1096 Unfortunately the semantics of utmp and utmpx don't match, 1097 making it practically impossible to support both interfaces. 1098 The user accounting database is used by tools like finger(1), 1099 last(1), talk(1), w(1) and ac(8). 1100 1101 All applications in the base system use utmpx. This means only 1102 local binaries (e.g. from the ports tree) may still use these 1103 utmp database files. These applications must be rebuilt to make 1104 use of utmpx. 1105 1106 After the system has been upgraded, it is safe to remove the old 1107 log files (/var/run/utmp, /var/log/lastlog and /var/log/wtmp*), 1108 assuming their contents is of no importance anymore. Old wtmp 1109 databases can only be used by last(1) and ac(8) after they have 1110 been converted to the new format using wtmpcvt(1). 1111 111220100108: 1113 Introduce the kernel thread "deadlock resolver" (which can be enabled 1114 via the DEADLKRES option, see NOTES for more details) and the 1115 sleepq_type() function for sleepqueues. 1116 111720091202: 1118 The rc.firewall and rc.firewall6 were unified, and 1119 rc.firewall6 and rc.d/ip6fw were removed. 1120 According to the removal of rc.d/ip6fw, ipv6_firewall_* rc 1121 variables are obsoleted. Instead, the following new rc 1122 variables are added to rc.d/ipfw: 1123 1124 firewall_client_net_ipv6, firewall_simple_iif_ipv6, 1125 firewall_simple_inet_ipv6, firewall_simple_oif_ipv6, 1126 firewall_simple_onet_ipv6, firewall_trusted_ipv6 1127 1128 The meanings correspond to the relevant IPv4 variables. 1129 113020091125: 1131 8.0-RELEASE. 1132 113320091113: 1134 The default terminal emulation for syscons(4) has been changed 1135 from cons25 to xterm on all platforms except pc98. This means 1136 that the /etc/ttys file needs to be updated to ensure correct 1137 operation of applications on the console. 1138 1139 The terminal emulation style can be toggled per window by using 1140 vidcontrol(1)'s -T flag. The TEKEN_CONS25 kernel configuration 1141 options can be used to change the compile-time default back to 1142 cons25. 1143 1144 To prevent graphical artifacts, make sure the TERM environment 1145 variable is set to match the terminal emulation that is being 1146 performed by syscons(4). 1147 114820091109: 1149 The layout of the structure ieee80211req_scan_result has changed. 1150 Applications that require wireless scan results (e.g. ifconfig(8)) 1151 from net80211 need to be recompiled. 1152 1153 Applications such as wpa_supplicant(8) may require a full world 1154 build without using NO_CLEAN in order to get synchronized with the 1155 new structure. 1156 115720091025: 1158 The iwn(4) driver has been updated to support the 5000 and 5150 series. 1159 There's one kernel module for each firmware. Adding "device iwnfw" 1160 to the kernel configuration file means including all three firmware 1161 images inside the kernel. If you want to include just the one for 1162 your wireless card, use the devices iwn4965fw, iwn5000fw or 1163 iwn5150fw. 1164 116520090926: 1166 The rc.d/network_ipv6, IPv6 configuration script has been integrated 1167 into rc.d/netif. The changes are the following: 1168 1169 1. To use IPv6, simply define $ifconfig_IF_ipv6 like $ifconfig_IF 1170 for IPv4. For aliases, $ifconfig_IF_aliasN should be used. 1171 Note that both variables need the "inet6" keyword at the head. 1172 1173 Do not set $ipv6_network_interfaces manually if you do not 1174 understand what you are doing. It is not needed in most cases. 1175 1176 $ipv6_ifconfig_IF and $ipv6_ifconfig_IF_aliasN still work, but 1177 they are obsolete. 1178 1179 2. $ipv6_enable is obsolete. Use $ipv6_prefer and 1180 "inet6 accept_rtadv" keyword in ifconfig(8) instead. 1181 1182 If you define $ipv6_enable=YES, it means $ipv6_prefer=YES and 1183 all configured interfaces have "inet6 accept_rtadv" in the 1184 $ifconfig_IF_ipv6. These are for backward compatibility. 1185 1186 3. A new variable $ipv6_prefer has been added. If NO, IPv6 1187 functionality of interfaces with no corresponding 1188 $ifconfig_IF_ipv6 is disabled by using "inet6 ifdisabled" flag, 1189 and the default address selection policy of ip6addrctl(8) 1190 is the IPv4-preferred one (see rc.d/ip6addrctl for more details). 1191 Note that if you want to configure IPv6 functionality on the 1192 disabled interfaces after boot, first you need to clear the flag by 1193 using ifconfig(8) like: 1194 1195 ifconfig em0 inet6 -ifdisabled 1196 1197 If YES, the default address selection policy is set as 1198 IPv6-preferred. 1199 1200 The default value of $ipv6_prefer is NO. 1201 1202 4. If your system need to receive Router Advertisement messages, 1203 define "inet6 accept_rtadv" in $ifconfig_IF_ipv6. The rc(8) 1204 scripts automatically invoke rtsol(8) when the interface becomes 1205 UP. The Router Advertisement messages are used for SLAAC 1206 (State-Less Address AutoConfiguration). 1207 120820090922: 1209 802.11s D3.03 support was committed. This is incompatible with the 1210 previous code, which was based on D3.0. 1211 121220090912: 1213 A sysctl variable net.inet6.ip6.accept_rtadv now sets the default value 1214 of a per-interface flag ND6_IFF_ACCEPT_RTADV, not a global knob to 1215 control whether accepting Router Advertisement messages or not. 1216 Also, a per-interface flag ND6_IFF_AUTO_LINKLOCAL has been added and 1217 a sysctl variable net.inet6.ip6.auto_linklocal is its default value. 1218 The ifconfig(8) utility now supports these flags. 1219 122020090910: 1221 ZFS snapshots are now mounted with MNT_IGNORE flag. Use -v option for 1222 mount(8) and -a option for df(1) to see them. 1223 122420090825: 1225 The old tunable hw.bus.devctl_disable has been superseded by 1226 hw.bus.devctl_queue. hw.bus.devctl_disable=1 in loader.conf should be 1227 replaced by hw.bus.devctl_queue=0. The default for this new tunable 1228 is 1000. 1229 123020090813: 1231 Remove the option STOP_NMI. The default action is now to use NMI only 1232 for KDB via the newly introduced function stop_cpus_hard() and 1233 maintain stop_cpus() to just use a normal IPI_STOP on ia32 and amd64. 1234 123520090803: 1236 The stable/8 branch created in subversion. This corresponds to the 1237 RELENG_8 branch in CVS. 1238 123920090719: 1240 Bump the shared library version numbers for all libraries that do not 1241 use symbol versioning as part of the 8.0-RELEASE cycle. Bump 1242 __FreeBSD_version to 800105. 1243 124420090714: 1245 Due to changes in the implementation of virtual network stack support, 1246 all network-related kernel modules must be recompiled. As this change 1247 breaks the ABI, bump __FreeBSD_version to 800104. 1248 124920090713: 1250 The TOE interface to the TCP syncache has been modified to remove 1251 struct tcpopt (<netinet/tcp_var.h>) from the ABI of the network stack. 1252 The cxgb driver is the only TOE consumer affected by this change, and 1253 needs to be recompiled along with the kernel. As this change breaks 1254 the ABI, bump __FreeBSD_version to 800103. 1255 125620090712: 1257 Padding has been added to struct tcpcb, sackhint and tcpstat in 1258 <netinet/tcp_var.h> to facilitate future MFCs and bug fixes whilst 1259 maintaining the ABI. However, this change breaks the ABI, so bump 1260 __FreeBSD_version to 800102. User space tools that rely on the size of 1261 any of these structs (e.g. sockstat) need to be recompiled. 1262 126320090630: 1264 The NFS_LEGACYRPC option has been removed along with the old kernel 1265 RPC implementation that this option selected. Kernel configurations 1266 may need to be adjusted. 1267 126820090629: 1269 The network interface device nodes at /dev/net/<interface> have been 1270 removed. All ioctl operations can be performed the normal way using 1271 routing sockets. The kqueue functionality can generally be replaced 1272 with routing sockets. 1273 127420090628: 1275 The documentation from the FreeBSD Documentation Project (Handbook, 1276 FAQ, etc.) is now installed via packages by sysinstall(8) and under 1277 the /usr/local/share/doc/freebsd directory instead of /usr/share/doc. 1278 127920090624: 1280 The ABI of various structures related to the SYSV IPC API have been 1281 changed. As a result, the COMPAT_FREEBSD[456] and COMPAT_43 kernel 1282 options now all require COMPAT_FREEBSD7. Bump __FreeBSD_version to 1283 800100. 1284 128520090622: 1286 Layout of struct vnet has changed as routing related variables were 1287 moved to their own Vimage module. Modules need to be recompiled. Bump 1288 __FreeBSD_version to 800099. 1289 129020090619: 1291 NGROUPS_MAX and NGROUPS have been increased from 16 to 1023 and 1024 1292 respectively. As long as no more than 16 groups per process are used, 1293 no changes should be visible. When more than 16 groups are used, old 1294 binaries may fail if they call getgroups() or getgrouplist() with 1295 statically sized storage. Recompiling will work around this, but 1296 applications should be modified to use dynamically allocated storage 1297 for group arrays as POSIX.1-2008 does not cap an implementation's 1298 number of supported groups at NGROUPS_MAX+1 as previous versions did. 1299 1300 NFS and portalfs mounts may also be affected as the list of groups is 1301 truncated to 16. Users of NFS who use more than 16 groups, should 1302 take care that negative group permissions are not used on the exported 1303 file systems as they will not be reliable unless a GSSAPI based 1304 authentication method is used. 1305 130620090616: 1307 The compiling option ADAPTIVE_LOCKMGRS has been introduced. This 1308 option compiles in the support for adaptive spinning for lockmgrs 1309 which want to enable it. The lockinit() function now accepts the flag 1310 LK_ADAPTIVE in order to make the lock object subject to adaptive 1311 spinning when both held in write and read mode. 1312 131320090613: 1314 The layout of the structure returned by IEEE80211_IOC_STA_INFO has 1315 changed. User applications that use this ioctl need to be rebuilt. 1316 131720090611: 1318 The layout of struct thread has changed. Kernel and modules need to 1319 be rebuilt. 1320 132120090608: 1322 The layout of structs ifnet, domain, protosw and vnet_net has changed. 1323 Kernel modules need to be rebuilt. Bump __FreeBSD_version to 800097. 1324 132520090602: 1326 window(1) has been removed from the base system. It can now be 1327 installed from ports. The port is called misc/window. 1328 132920090601: 1330 The way we are storing and accessing `routing table' entries has 1331 changed. Programs reading the FIB, like netstat, need to be 1332 re-compiled. 1333 133420090601: 1335 A new netisr implementation has been added for FreeBSD 8. Network 1336 file system modules, such as igmp, ipdivert, and others, should be 1337 rebuilt. 1338 Bump __FreeBSD_version to 800096. 1339 134020090530: 1341 Remove the tunable/sysctl debug.mpsafevfs as its initial purpose is no 1342 more valid. 1343 134420090530: 1345 Add VOP_ACCESSX(9). File system modules need to be rebuilt. 1346 Bump __FreeBSD_version to 800094. 1347 134820090529: 1349 Add mnt_xflag field to 'struct mount'. File system modules need to be 1350 rebuilt. 1351 Bump __FreeBSD_version to 800093. 1352 135320090528: 1354 The compiling option ADAPTIVE_SX has been retired while it has been 1355 introduced the option NO_ADAPTIVE_SX which handles the reversed logic. 1356 The KPI for sx_init_flags() changes as accepting flags: 1357 SX_ADAPTIVESPIN flag has been retired while the SX_NOADAPTIVE flag has 1358 been introduced in order to handle the reversed logic. 1359 Bump __FreeBSD_version to 800092. 1360 136120090527: 1362 Add support for hierarchical jails. Remove global securelevel. 1363 Bump __FreeBSD_version to 800091. 1364 136520090523: 1366 The layout of struct vnet_net has changed, therefore modules 1367 need to be rebuilt. 1368 Bump __FreeBSD_version to 800090. 1369 137020090523: 1371 The newly imported zic(8) produces a new format in the output. Please 1372 run tzsetup(8) to install the newly created data to /etc/localtime. 1373 137420090520: 1375 The sysctl tree for the usb stack has renamed from hw.usb2.* to 1376 hw.usb.* and is now consistent again with previous releases. 1377 137820090520: 1379 802.11 monitor mode support was revised and driver api's were changed. 1380 Drivers dependent on net80211 now support DLT_IEEE802_11_RADIO instead 1381 of DLT_IEEE802_11. No user-visible data structures were changed but 1382 applications that use DLT_IEEE802_11 may require changes. 1383 Bump __FreeBSD_version to 800088. 1384 138520090430: 1386 The layout of the following structs has changed: sysctl_oid, 1387 socket, ifnet, inpcbinfo, tcpcb, syncache_head, vnet_inet, 1388 vnet_inet6 and vnet_ipfw. Most modules need to be rebuild or 1389 panics may be experienced. World rebuild is required for 1390 correctly checking networking state from userland. 1391 Bump __FreeBSD_version to 800085. 1392 139320090429: 1394 MLDv2 and Source-Specific Multicast (SSM) have been merged 1395 to the IPv6 stack. VIMAGE hooks are in but not yet used. 1396 The implementation of SSM within FreeBSD's IPv6 stack closely 1397 follows the IPv4 implementation. 1398 1399 For kernel developers: 1400 1401 * The most important changes are that the ip6_output() and 1402 ip6_input() paths no longer take the IN6_MULTI_LOCK, 1403 and this lock has been downgraded to a non-recursive mutex. 1404 1405 * As with the changes to the IPv4 stack to support SSM, filtering 1406 of inbound multicast traffic must now be performed by transport 1407 protocols within the IPv6 stack. This does not apply to TCP and 1408 SCTP, however, it does apply to UDP in IPv6 and raw IPv6. 1409 1410 * The KPIs used by IPv6 multicast are similar to those used by 1411 the IPv4 stack, with the following differences: 1412 * im6o_mc_filter() is analogous to imo_multicast_filter(). 1413 * The legacy KAME entry points in6_joingroup and in6_leavegroup() 1414 are shimmed to in6_mc_join() and in6_mc_leave() respectively. 1415 * IN6_LOOKUP_MULTI() has been deprecated and removed. 1416 * IPv6 relies on MLD for the DAD mechanism. KAME's internal KPIs 1417 for MLDv1 have an additional 'timer' argument which is used to 1418 jitter the initial membership report for the solicited-node 1419 multicast membership on-link. 1420 * This is not strictly needed for MLDv2, which already jitters 1421 its report transmissions. However, the 'timer' argument is 1422 preserved in case MLDv1 is active on the interface. 1423 1424 * The KAME linked-list based IPv6 membership implementation has 1425 been refactored to use a vector similar to that used by the IPv4 1426 stack. 1427 Code which maintains a list of its own multicast memberships 1428 internally, e.g. carp, has been updated to reflect the new 1429 semantics. 1430 1431 * There is a known Lock Order Reversal (LOR) due to in6_setscope() 1432 acquiring the IF_AFDATA_LOCK and being called within ip6_output(). 1433 Whilst MLDv2 tries to avoid this otherwise benign LOR, it is an 1434 implementation constraint which needs to be addressed in HEAD. 1435 1436 For application developers: 1437 1438 * The changes are broadly similar to those made for the IPv4 1439 stack. 1440 1441 * The use of IPv4 and IPv6 multicast socket options on the same 1442 socket, using mapped addresses, HAS NOT been tested or supported. 1443 1444 * There are a number of issues with the implementation of various 1445 IPv6 multicast APIs which need to be resolved in the API surface 1446 before the implementation is fully compatible with KAME userland 1447 use, and these are mostly to do with interface index treatment. 1448 1449 * The literature available discusses the use of either the delta / ASM 1450 API with setsockopt(2)/getsockopt(2), or the full-state / ASM API 1451 using setsourcefilter(3)/getsourcefilter(3). For more information 1452 please refer to RFC 3768, 'Socket Interface Extensions for 1453 Multicast Source Filters'. 1454 1455 * Applications which use the published RFC 3678 APIs should be fine. 1456 1457 For systems administrators: 1458 1459 * The mtest(8) utility has been refactored to support IPv6, in 1460 addition to IPv4. Interface addresses are no longer accepted 1461 as arguments, their names must be used instead. The utility 1462 will map the interface name to its first IPv4 address as 1463 returned by getifaddrs(3). 1464 1465 * The ifmcstat(8) utility has also been updated to print the MLDv2 1466 endpoint state and source filter lists via sysctl(3). 1467 1468 * The net.inet6.ip6.mcast.loop sysctl may be tuned to 0 to disable 1469 loopback of IPv6 multicast datagrams by default; it defaults to 1 1470 to preserve the existing behaviour. Disabling multicast loopback is 1471 recommended for optimal system performance. 1472 1473 * The IPv6 MROUTING code has been changed to examine this sysctl 1474 instead of attempting to perform a group lookup before looping 1475 back forwarded datagrams. 1476 1477 Bump __FreeBSD_version to 800084. 1478 147920090422: 1480 Implement low-level Bluetooth HCI API. 1481 Bump __FreeBSD_version to 800083. 1482 148320090419: 1484 The layout of struct malloc_type, used by modules to register new 1485 memory allocation types, has changed. Most modules will need to 1486 be rebuilt or panics may be experienced. 1487 Bump __FreeBSD_version to 800081. 1488 148920090415: 1490 Anticipate overflowing inp_flags - add inp_flags2. 1491 This changes most offsets in inpcb, so checking v4 connection 1492 state will require a world rebuild. 1493 Bump __FreeBSD_version to 800080. 1494 149520090415: 1496 Add an llentry to struct route and struct route_in6. Modules 1497 embedding a struct route will need to be recompiled. 1498 Bump __FreeBSD_version to 800079. 1499 150020090414: 1501 The size of rt_metrics_lite and by extension rtentry has changed. 1502 Networking administration apps will need to be recompiled. 1503 The route command now supports show as an alias for get, weighting 1504 of routes, sticky and nostick flags to alter the behavior of stateful 1505 load balancing. 1506 Bump __FreeBSD_version to 800078. 1507 150820090408: 1509 Do not use Giant for kbdmux(4) locking. This is wrong and 1510 apparently causing more problems than it solves. This will 1511 re-open the issue where interrupt handlers may race with 1512 kbdmux(4) in polling mode. Typical symptoms include (but 1513 not limited to) duplicated and/or missing characters when 1514 low level console functions (such as gets) are used while 1515 interrupts are enabled (for example geli password prompt, 1516 mountroot prompt etc.). Disabling kbdmux(4) may help. 1517 151820090407: 1519 The size of structs vnet_net, vnet_inet and vnet_ipfw has changed; 1520 kernel modules referencing any of the above need to be recompiled. 1521 Bump __FreeBSD_version to 800075. 1522 152320090320: 1524 GEOM_PART has become the default partition slicer for storage devices, 1525 replacing GEOM_MBR, GEOM_BSD, GEOM_PC98 and GEOM_GPT slicers. It 1526 introduces some changes: 1527 1528 MSDOS/EBR: the devices created from MSDOS extended partition entries 1529 (EBR) can be named differently than with GEOM_MBR and are now symlinks 1530 to devices with offset-based names. fstabs may need to be modified. 1531 1532 BSD: the "geometry does not match label" warning is harmless in most 1533 cases but it points to problems in file system misalignment with 1534 disk geometry. The "c" partition is now implicit, covers the whole 1535 top-level drive and cannot be (mis)used by users. 1536 1537 General: Kernel dumps are now not allowed to be written to devices 1538 whose partition types indicate they are meant to be used for file 1539 systems (or, in case of MSDOS partitions, as something else than 1540 the "386BSD" type). 1541 1542 Most of these changes date approximately from 200812. 1543 154420090319: 1545 The uscanner(4) driver has been removed from the kernel. This follows 1546 Linux removing theirs in 2.6 and making libusb the default interface 1547 (supported by sane). 1548 154920090319: 1550 The multicast forwarding code has been cleaned up. netstat(1) 1551 only relies on KVM now for printing bandwidth upcall meters. 1552 The IPv4 and IPv6 modules are split into ip_mroute_mod and 1553 ip6_mroute_mod respectively. The config(5) options for statically 1554 compiling this code remain the same, i.e. 'options MROUTING'. 1555 155620090315: 1557 Support for the IFF_NEEDSGIANT network interface flag has been 1558 removed, which means that non-MPSAFE network device drivers are no 1559 longer supported. In particular, if_ar, if_sr, and network device 1560 drivers from the old (legacy) USB stack can no longer be built or 1561 used. 1562 156320090313: 1564 POSIX.1 Native Language Support (NLS) has been enabled in libc and 1565 a bunch of new language catalog files have also been added. 1566 This means that some common libc messages are now localized and 1567 they depend on the LC_MESSAGES environmental variable. 1568 156920090313: 1570 The k8temp(4) driver has been renamed to amdtemp(4) since 1571 support for Family 10 and Family 11 CPU families was added. 1572 157320090309: 1574 IGMPv3 and Source-Specific Multicast (SSM) have been merged 1575 to the IPv4 stack. VIMAGE hooks are in but not yet used. 1576 1577 For kernel developers, the most important changes are that the 1578 ip_output() and ip_input() paths no longer take the IN_MULTI_LOCK(), 1579 and this lock has been downgraded to a non-recursive mutex. 1580 1581 Transport protocols (UDP, Raw IP) are now responsible for filtering 1582 inbound multicast traffic according to group membership and source 1583 filters. The imo_multicast_filter() KPI exists for this purpose. 1584 Transports which do not use multicast (SCTP, TCP) already reject 1585 multicast by default. Forwarding and receive performance may improve 1586 as a mutex acquisition is no longer needed in the ip_input() 1587 low-level input path. in_addmulti() and in_delmulti() are shimmed 1588 to new KPIs which exist to support SSM in-kernel. 1589 1590 For application developers, it is recommended that loopback of 1591 multicast datagrams be disabled for best performance, as this 1592 will still cause the lock to be taken for each looped-back 1593 datagram transmission. The net.inet.ip.mcast.loop sysctl may 1594 be tuned to 0 to disable loopback by default; it defaults to 1 1595 to preserve the existing behaviour. 1596 1597 For systems administrators, to obtain best performance with 1598 multicast reception and multiple groups, it is always recommended 1599 that a card with a suitably precise hash filter is used. Hash 1600 collisions will still result in the lock being taken within the 1601 transport protocol input path to check group membership. 1602 1603 If deploying FreeBSD in an environment with IGMP snooping switches, 1604 it is recommended that the net.inet.igmp.sendlocal sysctl remain 1605 enabled; this forces 224.0.0.0/24 group membership to be announced 1606 via IGMP. 1607 1608 The size of 'struct igmpstat' has changed; netstat needs to be 1609 recompiled to reflect this. 1610 Bump __FreeBSD_version to 800070. 1611 161220090309: 1613 libusb20.so.1 is now installed as libusb.so.1 and the ports system 1614 updated to use it. This requires a buildworld/installworld in order to 1615 update the library and dependencies (usbconfig, etc). Its advisable to 1616 rebuild all ports which uses libusb. More specific directions are given 1617 in the ports collection UPDATING file. Any /etc/libmap.conf entries for 1618 libusb are no longer required and can be removed. 1619 162020090302: 1621 A workaround is committed to allow the creation of System V shared 1622 memory segment of size > 2 GB on the 64-bit architectures. 1623 Due to a limitation of the existing ABI, the shm_segsz member 1624 of the struct shmid_ds, returned by shmctl(IPC_STAT) call is 1625 wrong for large segments. Note that limits must be explicitly 1626 raised to allow such segments to be created. 1627 162820090301: 1629 The layout of struct ifnet has changed, requiring a rebuild of all 1630 network device driver modules. 1631 163220090227: 1633 The /dev handling for the new USB stack has changed, a 1634 buildworld/installworld is required for libusb20. 1635 163620090223: 1637 The new USB2 stack has now been permanently moved in and all kernel and 1638 module names reverted to their previous values (eg, usb, ehci, ohci, 1639 ums, ...). The old usb stack can be compiled in by prefixing the name 1640 with the letter 'o', the old usb modules have been removed. 1641 Updating entry 20090216 for xorg and 20090215 for libmap may still 1642 apply. 1643 164420090217: 1645 The rc.conf(5) option if_up_delay has been renamed to 1646 defaultroute_delay to better reflect its purpose. If you have 1647 customized this setting in /etc/rc.conf you need to update it to 1648 use the new name. 1649 165020090216: 1651 xorg 7.4 wants to configure its input devices via hald which does not 1652 yet work with USB2. If the keyboard/mouse does not work in xorg then 1653 add 1654 Option "AllowEmptyInput" "off" 1655 to your ServerLayout section. This will cause X to use the configured 1656 kbd and mouse sections from your xorg.conf. 1657 165820090215: 1659 The GENERIC kernels for all architectures now default to the new USB2 1660 stack. No kernel config options or code have been removed so if a 1661 problem arises please report it and optionally revert to the old USB 1662 stack. If you are loading USB kernel modules or have a custom kernel 1663 that includes GENERIC then ensure that usb names are also changed over, 1664 eg uftdi -> usb2_serial_ftdi. 1665 1666 Older programs linked against the ports libusb 0.1 need to be 1667 redirected to the new stack's libusb20. /etc/libmap.conf can 1668 be used for this: 1669 # Map old usb library to new one for usb2 stack 1670 libusb-0.1.so.8 libusb20.so.1 1671 167220090209: 1673 All USB ethernet devices now attach as interfaces under the name ueN 1674 (eg. ue0). This is to provide a predictable name as vendors often 1675 change usb chipsets in a product without notice. 1676 167720090203: 1678 The ichsmb(4) driver has been changed to require SMBus slave 1679 addresses be left-justified (xxxxxxx0b) rather than right-justified. 1680 All of the other SMBus controller drivers require left-justified 1681 slave addresses, so this change makes all the drivers provide the 1682 same interface. 1683 168420090201: 1685 INET6 statistics (struct ip6stat) was updated. 1686 netstat(1) needs to be recompiled. 1687 168820090119: 1689 NTFS has been removed from GENERIC kernel on amd64 to match 1690 GENERIC on i386. Should not cause any issues since mount_ntfs(8) 1691 will load ntfs.ko module automatically when NTFS support is 1692 actually needed, unless ntfs.ko is not installed or security 1693 level prohibits loading kernel modules. If either is the case, 1694 "options NTFS" has to be added into kernel config. 1695 169620090115: 1697 TCP Appropriate Byte Counting (RFC 3465) support added to kernel. 1698 New field in struct tcpcb breaks ABI, so bump __FreeBSD_version to 1699 800061. User space tools that rely on the size of struct tcpcb in 1700 tcp_var.h (e.g. sockstat) need to be recompiled. 1701 170220081225: 1703 ng_tty(4) module updated to match the new TTY subsystem. 1704 Due to API change, user-level applications must be updated. 1705 New API support added to mpd5 CVS and expected to be present 1706 in next mpd5.3 release. 1707 170820081219: 1709 With __FreeBSD_version 800060 the makefs tool is part of 1710 the base system (it was a port). 1711 171220081216: 1713 The afdata and ifnet locks have been changed from mutexes to 1714 rwlocks, network modules will need to be re-compiled. 1715 171620081214: 1717 __FreeBSD_version 800059 incorporates the new arp-v2 rewrite. 1718 RTF_CLONING, RTF_LLINFO and RTF_WASCLONED flags are eliminated. 1719 The new code reduced struct rtentry{} by 16 bytes on 32-bit 1720 architecture and 40 bytes on 64-bit architecture. The userland 1721 applications "arp" and "ndp" have been updated accordingly. 1722 The output from "netstat -r" shows only routing entries and 1723 none of the L2 information. 1724 172520081130: 1726 __FreeBSD_version 800057 marks the switchover from the 1727 binary ath hal to source code. Users must add the line: 1728 1729 options AH_SUPPORT_AR5416 1730 1731 to their kernel config files when specifying: 1732 1733 device ath_hal 1734 1735 The ath_hal module no longer exists; the code is now compiled 1736 together with the driver in the ath module. It is now 1737 possible to tailor chip support (i.e. reduce the set of chips 1738 and thereby the code size); consult ath_hal(4) for details. 1739 174020081121: 1741 __FreeBSD_version 800054 adds memory barriers to 1742 <machine/atomic.h>, new interfaces to ifnet to facilitate 1743 multiple hardware transmit queues for cards that support 1744 them, and a lock-less ring-buffer implementation to 1745 enable drivers to more efficiently manage queueing of 1746 packets. 1747 174820081117: 1749 A new version of ZFS (version 13) has been merged to -HEAD. 1750 This version has zpool attribute "listsnapshots" off by 1751 default, which means "zfs list" does not show snapshots, 1752 and is the same as Solaris behavior. 1753 175420081028: 1755 dummynet(4) ABI has changed. ipfw(8) needs to be recompiled. 1756 175720081009: 1758 The uhci, ohci, ehci and slhci USB Host controller drivers have 1759 been put into separate modules. If you load the usb module 1760 separately through loader.conf you will need to load the 1761 appropriate *hci module as well. E.g. for a UHCI-based USB 2.0 1762 controller add the following to loader.conf: 1763 1764 uhci_load="YES" 1765 ehci_load="YES" 1766 176720081009: 1768 The ABI used by the PMC toolset has changed. Please keep 1769 userland (libpmc(3)) and the kernel module (hwpmc(4)) in 1770 sync. 1771 177220081009: 1773 atapci kernel module now includes only generic PCI ATA 1774 driver. AHCI driver moved to ataahci kernel module. 1775 All vendor-specific code moved into separate kernel modules: 1776 ataacard, ataacerlabs, ataadaptec, ataamd, ataati, atacenatek, 1777 atacypress, atacyrix, atahighpoint, ataintel, ataite, atajmicron, 1778 atamarvell, atamicron, atanational, atanetcell, atanvidia, 1779 atapromise, ataserverworks, atasiliconimage, atasis, atavia 1780 178120080820: 1782 The TTY subsystem of the kernel has been replaced by a new 1783 implementation, which provides better scalability and an 1784 improved driver model. Most common drivers have been migrated to 1785 the new TTY subsystem, while others have not. The following 1786 drivers have not yet been ported to the new TTY layer: 1787 1788 PCI/ISA: 1789 cy, digi, rc, rp, sio 1790 1791 USB: 1792 ubser, ucycom 1793 1794 Line disciplines: 1795 ng_h4, ng_tty, ppp, sl, snp 1796 1797 Adding these drivers to your kernel configuration file shall 1798 cause compilation to fail. 1799 180020080818: 1801 ntpd has been upgraded to 4.2.4p5. 1802 180320080801: 1804 OpenSSH has been upgraded to 5.1p1. 1805 1806 For many years, FreeBSD's version of OpenSSH preferred DSA 1807 over RSA for host and user authentication keys. With this 1808 upgrade, we've switched to the vendor's default of RSA over 1809 DSA. This may cause upgraded clients to warn about unknown 1810 host keys even for previously known hosts. Users should 1811 follow the usual procedure for verifying host keys before 1812 accepting the RSA key. 1813 1814 This can be circumvented by setting the "HostKeyAlgorithms" 1815 option to "ssh-dss,ssh-rsa" in ~/.ssh/config or on the ssh 1816 command line. 1817 1818 Please note that the sequence of keys offered for 1819 authentication has been changed as well. You may want to 1820 specify IdentityFile in a different order to revert this 1821 behavior. 1822 182320080713: 1824 The sio(4) driver has been removed from the i386 and amd64 1825 kernel configuration files. This means uart(4) is now the 1826 default serial port driver on those platforms as well. 1827 1828 To prevent collisions with the sio(4) driver, the uart(4) driver 1829 uses different names for its device nodes. This means the 1830 onboard serial port will now most likely be called "ttyu0" 1831 instead of "ttyd0". You may need to reconfigure applications to 1832 use the new device names. 1833 1834 When using the serial port as a boot console, be sure to update 1835 /boot/device.hints and /etc/ttys before booting the new kernel. 1836 If you forget to do so, you can still manually specify the hints 1837 at the loader prompt: 1838 1839 set hint.uart.0.at="isa" 1840 set hint.uart.0.port="0x3F8" 1841 set hint.uart.0.flags="0x10" 1842 set hint.uart.0.irq="4" 1843 boot -s 1844 184520080609: 1846 The gpt(8) utility has been removed. Use gpart(8) to partition 1847 disks instead. 1848 184920080603: 1850 The version that Linuxulator emulates was changed from 2.4.2 1851 to 2.6.16. If you experience any problems with Linux binaries 1852 please try to set sysctl compat.linux.osrelease to 2.4.2 and 1853 if it fixes the problem contact emulation mailing list. 1854 185520080525: 1856 ISDN4BSD (I4B) was removed from the src tree. You may need to 1857 update a your kernel configuration and remove relevant entries. 1858 185920080509: 1860 I have checked in code to support multiple routing tables. 1861 See the man pages setfib(1) and setfib(2). 1862 This is a hopefully backwards compatible version, 1863 but to make use of it you need to compile your kernel 1864 with options ROUTETABLES=2 (or more up to 16). 1865 186620080420: 1867 The 802.11 wireless support was redone to enable multi-bss 1868 operation on devices that are capable. The underlying device 1869 is no longer used directly but instead wlanX devices are 1870 cloned with ifconfig. This requires changes to rc.conf files. 1871 For example, change: 1872 ifconfig_ath0="WPA DHCP" 1873 to 1874 wlans_ath0=wlan0 1875 ifconfig_wlan0="WPA DHCP" 1876 see rc.conf(5) for more details. In addition, mergemaster of 1877 /etc/rc.d is highly recommended. Simultaneous update of userland 1878 and kernel wouldn't hurt either. 1879 1880 As part of the multi-bss changes the wlan_scan_ap and wlan_scan_sta 1881 modules were merged into the base wlan module. All references 1882 to these modules (e.g. in kernel config files) must be removed. 1883 188420080408: 1885 psm(4) has gained write(2) support in native operation level. 1886 Arbitrary commands can be written to /dev/psm%d and status can 1887 be read back from it. Therefore, an application is responsible 1888 for status validation and error recovery. It is a no-op in 1889 other operation levels. 1890 189120080312: 1892 Support for KSE threading has been removed from the kernel. To 1893 run legacy applications linked against KSE libmap.conf may 1894 be used. The following libmap.conf may be used to ensure 1895 compatibility with any prior release: 1896 1897 libpthread.so.1 libthr.so.1 1898 libpthread.so.2 libthr.so.2 1899 libkse.so.3 libthr.so.3 1900 190120080301: 1902 The layout of struct vmspace has changed. This affects libkvm 1903 and any executables that link against libkvm and use the 1904 kvm_getprocs() function. In particular, but not exclusively, 1905 it affects ps(1), fstat(1), pkill(1), systat(1), top(1) and w(1). 1906 The effects are minimal, but it's advisable to upgrade world 1907 nonetheless. 1908 190920080229: 1910 The latest em driver no longer has support in it for the 1911 82575 adapter, this is now moved to the igb driver. The 1912 split was done to make new features that are incompatible 1913 with older hardware easier to do. 1914 191520080220: 1916 The new geom_lvm(4) geom class has been renamed to geom_linux_lvm(4), 1917 likewise the kernel option is now GEOM_LINUX_LVM. 1918 191920080211: 1920 The default NFS mount mode has changed from UDP to TCP for 1921 increased reliability. If you rely on (insecurely) NFS 1922 mounting across a firewall you may need to update your 1923 firewall rules. 1924 192520080208: 1926 Belatedly note the addition of m_collapse for compacting 1927 mbuf chains. 1928 192920080126: 1930 The fts(3) structures have been changed to use adequate 1931 integer types for their members and so to be able to cope 1932 with huge file trees. The old fts(3) ABI is preserved 1933 through symbol versioning in libc, so third-party binaries 1934 using fts(3) should still work, although they will not take 1935 advantage of the extended types. At the same time, some 1936 third-party software might fail to build after this change 1937 due to unportable assumptions made in its source code about 1938 fts(3) structure members. Such software should be fixed 1939 by its vendor or, in the worst case, in the ports tree. 1940 FreeBSD_version 800015 marks this change for the unlikely 1941 case that a portable fix is impossible. 1942 194320080123: 1944 To upgrade to -current after this date, you must be running 1945 FreeBSD not older than 6.0-RELEASE. Upgrading to -current 1946 from 5.x now requires a stop over at RELENG_6 or RELENG_7 systems. 1947 194820071128: 1949 The ADAPTIVE_GIANT kernel option has been retired because its 1950 functionality is the default now. 1951 195220071118: 1953 The AT keyboard emulation of sunkbd(4) has been turned on 1954 by default. In order to make the special symbols of the Sun 1955 keyboards driven by sunkbd(4) work under X these now have 1956 to be configured the same way as Sun USB keyboards driven 1957 by ukbd(4) (which also does AT keyboard emulation), f.e.: 1958 1959 Option "XkbLayout" "us" 1960 Option "XkbRules" "xorg" 1961 Option "XkbSymbols" "pc(pc105)+sun_vndr/usb(sun_usb)+us" 1962 196320071024: 1964 It has been decided that it is desirable to provide ABI 1965 backwards compatibility to the FreeBSD 4/5/6 versions of the 1966 PCIOCGETCONF, PCIOCREAD and PCIOCWRITE IOCTLs, which was 1967 broken with the introduction of PCI domain support (see the 1968 20070930 entry). Unfortunately, this required the ABI of 1969 PCIOCGETCONF to be broken again in order to be able to 1970 provide backwards compatibility to the old version of that 1971 IOCTL. Thus consumers of PCIOCGETCONF have to be recompiled 1972 again. As for prominent ports this affects neither pciutils 1973 nor xorg-server this time, the hal port needs to be rebuilt 1974 however. 1975 197620071020: 1977 The misnamed kthread_create() and friends have been renamed 1978 to kproc_create() etc. Many of the callers already 1979 used kproc_start().. 1980 I will return kthread_create() and friends in a while 1981 with implementations that actually create threads, not procs. 1982 Renaming corresponds with version 800002. 1983 198420071010: 1985 RELENG_7 branched. 1986 1987COMMON ITEMS: 1988 1989 General Notes 1990 ------------- 1991 Avoid using make -j when upgrading. While generally safe, there are 1992 sometimes problems using -j to upgrade. If your upgrade fails with 1993 -j, please try again without -j. From time to time in the past there 1994 have been problems using -j with buildworld and/or installworld. This 1995 is especially true when upgrading between "distant" versions (eg one 1996 that cross a major release boundary or several minor releases, or when 1997 several months have passed on the -current branch). 1998 1999 Sometimes, obscure build problems are the result of environment 2000 poisoning. This can happen because the make utility reads its 2001 environment when searching for values for global variables. To run 2002 your build attempts in an "environmental clean room", prefix all make 2003 commands with 'env -i '. See the env(1) manual page for more details. 2004 2005 When upgrading from one major version to another it is generally best 2006 to upgrade to the latest code in the currently installed branch first, 2007 then do an upgrade to the new branch. This is the best-tested upgrade 2008 path, and has the highest probability of being successful. Please try 2009 this approach before reporting problems with a major version upgrade. 2010 2011 When upgrading a live system, having a root shell around before 2012 installing anything can help undo problems. Not having a root shell 2013 around can lead to problems if pam has changed too much from your 2014 starting point to allow continued authentication after the upgrade. 2015 2016 ZFS notes 2017 --------- 2018 When upgrading the boot ZFS pool to a new version, always follow 2019 these two steps: 2020 2021 1.) recompile and reinstall the ZFS boot loader and boot block 2022 (this is part of "make buildworld" and "make installworld") 2023 2024 2.) update the ZFS boot block on your boot drive 2025 2026 The following example updates the ZFS boot block on the first 2027 partition (freebsd-boot) of a GPT partitioned drive ad0: 2028 "gpart bootcode -p /boot/gptzfsboot -i 1 ad0" 2029 2030 Non-boot pools do not need these updates. 2031 2032 To build a kernel 2033 ----------------- 2034 If you are updating from a prior version of FreeBSD (even one just 2035 a few days old), you should follow this procedure. It is the most 2036 failsafe as it uses a /usr/obj tree with a fresh mini-buildworld, 2037 2038 make kernel-toolchain 2039 make -DALWAYS_CHECK_MAKE buildkernel KERNCONF=YOUR_KERNEL_HERE 2040 make -DALWAYS_CHECK_MAKE installkernel KERNCONF=YOUR_KERNEL_HERE 2041 2042 To test a kernel once 2043 --------------------- 2044 If you just want to boot a kernel once (because you are not sure 2045 if it works, or if you want to boot a known bad kernel to provide 2046 debugging information) run 2047 make installkernel KERNCONF=YOUR_KERNEL_HERE KODIR=/boot/testkernel 2048 nextboot -k testkernel 2049 2050 To just build a kernel when you know that it won't mess you up 2051 -------------------------------------------------------------- 2052 This assumes you are already running a CURRENT system. Replace 2053 ${arch} with the architecture of your machine (e.g. "i386", 2054 "arm", "amd64", "ia64", "pc98", "sparc64", "powerpc", "mips", etc). 2055 2056 cd src/sys/${arch}/conf 2057 config KERNEL_NAME_HERE 2058 cd ../compile/KERNEL_NAME_HERE 2059 make depend 2060 make 2061 make install 2062 2063 If this fails, go to the "To build a kernel" section. 2064 2065 To rebuild everything and install it on the current system. 2066 ----------------------------------------------------------- 2067 # Note: sometimes if you are running current you gotta do more than 2068 # is listed here if you are upgrading from a really old current. 2069 2070 <make sure you have good level 0 dumps> 2071 make buildworld 2072 make kernel KERNCONF=YOUR_KERNEL_HERE 2073 [1] 2074 <reboot in single user> [3] 2075 mergemaster -p [5] 2076 make installworld 2077 mergemaster -i [4] 2078 make delete-old [6] 2079 <reboot> 2080 2081 To cross-install current onto a separate partition 2082 -------------------------------------------------- 2083 # In this approach we use a separate partition to hold 2084 # current's root, 'usr', and 'var' directories. A partition 2085 # holding "/", "/usr" and "/var" should be about 2GB in 2086 # size. 2087 2088 <make sure you have good level 0 dumps> 2089 <boot into -stable> 2090 make buildworld 2091 make buildkernel KERNCONF=YOUR_KERNEL_HERE 2092 <maybe newfs current's root partition> 2093 <mount current's root partition on directory ${CURRENT_ROOT}> 2094 make installworld DESTDIR=${CURRENT_ROOT} 2095 make distribution DESTDIR=${CURRENT_ROOT} # if newfs'd 2096 make installkernel KERNCONF=YOUR_KERNEL_HERE DESTDIR=${CURRENT_ROOT} 2097 cp /etc/fstab ${CURRENT_ROOT}/etc/fstab # if newfs'd 2098 <edit ${CURRENT_ROOT}/etc/fstab to mount "/" from the correct partition> 2099 <reboot into current> 2100 <do a "native" rebuild/install as described in the previous section> 2101 <maybe install compatibility libraries from ports/misc/compat*> 2102 <reboot> 2103 2104 2105 To upgrade in-place from stable to current 2106 ---------------------------------------------- 2107 <make sure you have good level 0 dumps> 2108 make buildworld [9] 2109 make kernel KERNCONF=YOUR_KERNEL_HERE [8] 2110 [1] 2111 <reboot in single user> [3] 2112 mergemaster -p [5] 2113 make installworld 2114 mergemaster -i [4] 2115 make delete-old [6] 2116 <reboot> 2117 2118 Make sure that you've read the UPDATING file to understand the 2119 tweaks to various things you need. At this point in the life 2120 cycle of current, things change often and you are on your own 2121 to cope. The defaults can also change, so please read ALL of 2122 the UPDATING entries. 2123 2124 Also, if you are tracking -current, you must be subscribed to 2125 freebsd-current@freebsd.org. Make sure that before you update 2126 your sources that you have read and understood all the recent 2127 messages there. If in doubt, please track -stable which has 2128 much fewer pitfalls. 2129 2130 [1] If you have third party modules, such as vmware, you 2131 should disable them at this point so they don't crash your 2132 system on reboot. 2133 2134 [3] From the bootblocks, boot -s, and then do 2135 fsck -p 2136 mount -u / 2137 mount -a 2138 cd src 2139 adjkerntz -i # if CMOS is wall time 2140 Also, when doing a major release upgrade, it is required that 2141 you boot into single user mode to do the installworld. 2142 2143 [4] Note: This step is non-optional. Failure to do this step 2144 can result in a significant reduction in the functionality of the 2145 system. Attempting to do it by hand is not recommended and those 2146 that pursue this avenue should read this file carefully, as well 2147 as the archives of freebsd-current and freebsd-hackers mailing lists 2148 for potential gotchas. The -U option is also useful to consider. 2149 See mergemaster(8) for more information. 2150 2151 [5] Usually this step is a noop. However, from time to time 2152 you may need to do this if you get unknown user in the following 2153 step. It never hurts to do it all the time. You may need to 2154 install a new mergemaster (cd src/usr.sbin/mergemaster && make 2155 install) after the buildworld before this step if you last updated 2156 from current before 20130425 or from -stable before 20130430. 2157 2158 [6] This only deletes old files and directories. Old libraries 2159 can be deleted by "make delete-old-libs", but you have to make 2160 sure that no program is using those libraries anymore. 2161 2162 [8] In order to have a kernel that can run the 4.x binaries needed to 2163 do an installworld, you must include the COMPAT_FREEBSD4 option in 2164 your kernel. Failure to do so may leave you with a system that is 2165 hard to boot to recover. A similar kernel option COMPAT_FREEBSD5 is 2166 required to run the 5.x binaries on more recent kernels. And so on 2167 for COMPAT_FREEBSD6 and COMPAT_FREEBSD7. 2168 2169 Make sure that you merge any new devices from GENERIC since the 2170 last time you updated your kernel config file. 2171 2172 [9] When checking out sources, you must include the -P flag to have 2173 cvs prune empty directories. 2174 2175 If CPUTYPE is defined in your /etc/make.conf, make sure to use the 2176 "?=" instead of the "=" assignment operator, so that buildworld can 2177 override the CPUTYPE if it needs to. 2178 2179 MAKEOBJDIRPREFIX must be defined in an environment variable, and 2180 not on the command line, or in /etc/make.conf. buildworld will 2181 warn if it is improperly defined. 2182FORMAT: 2183 2184This file contains a list, in reverse chronological order, of major 2185breakages in tracking -current. It is not guaranteed to be a complete 2186list of such breakages, and only contains entries since October 10, 2007. 2187If you need to see UPDATING entries from before that date, you will need 2188to fetch an UPDATING file from an older FreeBSD release. 2189 2190Copyright information: 2191 2192Copyright 1998-2009 M. Warner Losh. All Rights Reserved. 2193 2194Redistribution, publication, translation and use, with or without 2195modification, in full or in part, in any form or format of this 2196document are permitted without further permission from the author. 2197 2198THIS DOCUMENT IS PROVIDED BY WARNER LOSH ``AS IS'' AND ANY EXPRESS OR 2199IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 2200WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 2201DISCLAIMED. IN NO EVENT SHALL WARNER LOSH BE LIABLE FOR ANY DIRECT, 2202INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 2203(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 2204SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 2205HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 2206STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING 2207IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 2208POSSIBILITY OF SUCH DAMAGE. 2209 2210Contact Warner Losh if you have any questions about your use of 2211this document. 2212 2213$FreeBSD: releng/10.1/UPDATING 281232 2015-04-07 20:21:01Z delphij $ 2214