UPDATING revision 284536
1Updating Information for FreeBSD current users 2 3This file is maintained and copyrighted by M. Warner Losh <imp@freebsd.org>. 4See end of file for further details. For commonly done items, please see the 5COMMON ITEMS: section later in the file. These instructions assume that you 6basically know what you are doing. If not, then please consult the FreeBSD 7handbook: 8 9 http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/makeworld.html 10 11Items affecting the ports and packages system can be found in 12/usr/ports/UPDATING. Please read that file before running portupgrade. 13 14NOTE: FreeBSD has switched from gcc to clang. If you have trouble bootstrapping 15from older versions of FreeBSD, try WITHOUT_CLANG to bootstrap to the tip of 16stable/10, and then rebuild without this option. The bootstrap process from 17older version of current is a bit fragile. 18 1920150618: p13 FreeBSD-EN-15:08.sendmail 20 Improvements to sendmail TLS/DH interoperability. [EN-15:08] 21 2220150612: p12 FreeBSD-SA-15:10.openssl 23 Fix multiple vulnerabilities in OpenSSL. [SA-15:10] 24 2520150609: p11 FreeBSD-EN-15:06.file 26 FreeBSD-EN-15:07.zfs 27 28 Updated base system file(1) to 5.22 to address multiple denial 29 of service issues. [EN-15:06] 30 31 Improved reliability of ZFS when TRIM/UNMAP and/or L2ARC is used. 32 [EN-15:07] 33 3420150513: p10 FreeBSD-EN-15:04.freebsd-update 35 FreeBSD-EN-15:05.ufs 36 37 Fix bug with freebsd-update(8) that does not ensure the previous 38 upgrade was completed. [EN-15:04] 39 40 Fix deadlock on reboot with UFS tuned with SU+J. [EN-15:05] 41 4220150407: p9 FreeBSD-SA-15:04.igmp [revised] 43 FreeBSD-SA-15:07.ntp 44 FreeBSD-SA-15:08.bsdinstall 45 FreeBSD-SA-15:09.ipv6 46 47 Improved patch for SA-15:04.igmp. 48 49 Fix multiple vulnerabilities of ntp. [SA-15:07] 50 51 Fix bsdinstall(8) insecure default GELI keyfile permissions. [SA-15:08] 52 53 Fix Denial of Service with IPv6 Router Advertisements. [SA-15:09] 54 5520150320: p8 56 Fix patch for SA-15:06.openssl. 57 5820150319: p7 FreeBSD-SA-15:06.openssl 59 Fix multiple vulnerabilities in OpenSSL. [SA-15:06] 60 6120150225: p6 FreeBSD-SA-15:04.igmp 62 FreeBSD-EN-15:01.vt 63 FreeBSD-EN-15:02.openssl 64 FreeBSD-EN-15:03.freebsd-update 65 66 Fix integer overflow in IGMP protocol. [SA-15:04] 67 68 Fix vt(4) crash with improper ioctl parameters. [EN-15:01] 69 70 Updated base system OpenSSL to 1.0.1l. [EN-15:02] 71 72 Fix freebsd-update libraries update ordering issue. [EN-15:03] 73 7420150127: p5 FreeBSD-SA-15:02.kmem 75 FreeBSD-SA-15:03.sctp 76 77 Fix SCTP SCTP_SS_VALUE kernel memory corruption and disclosure 78 vulnerability. [SA-15:02] 79 80 Fix SCTP stream reset vulnerability. [SA-15:03] 81 8220150114: p4 FreeBSD-SA-15:01.openssl 83 Fix multiple vulnerabilities in OpenSSL. [SA-15:01] 84 8520141223: p3 FreeBSD-SA-14:31.ntp 86 FreeBSD-EN-14:13.freebsd-update 87 88 Fix multiple vulnerabilities in NTP suite. [SA-14:31] 89 Fix directory deletion issue in freebsd-update. [EN-14:13] 90 9120141217: p2 FreeBSD-SA-14:30.unbound 92 Fix unbound remote denial of service vulnerability. 93 9420141210: p1 FreeBSD-SA-14:27.stdio 95 FreeBSD-SA-14:28.file 96 97 Fix buffer overflow in stdio. [SA-14:27] 98 99 Fix multiple vulnerabilities in file(1) and libmagic(3). 100 [SA-14:28] 101 10220140904: 103 The ofwfb driver, used to provide a graphics console on PowerPC when 104 using vt(4), no longer allows mmap() of all of physical memory. This 105 will prevent Xorg on PowerPC with some ATI graphics cards from 106 initializing properly unless x11-servers/xorg-server is updated to 107 1.12.4_8 or newer. 108 10920140831: 110 The libatf-c and libatf-c++ major versions were downgraded to 0 and 111 1 respectively to match the upstream numbers. They were out of 112 sync because, when they were originally added to FreeBSD, the 113 upstream versions were not respected. These libraries are private 114 and not yet built by default, so renumbering them should be a 115 non-issue. However, unclean source trees will yield broken test 116 programs once the operator executes "make delete-old-libs" after a 117 "make installworld". 118 119 Additionally, the atf-sh binary was made private by moving it into 120 /usr/libexec/. Already-built shell test programs will keep the 121 path to the old binary so they will break after "make delete-old" 122 is run. 123 124 If you are using WITH_TESTS=yes (not the default), wipe the object 125 tree and rebuild from scratch to prevent spurious test failures. 126 This is only needed once: the misnumbered libraries and misplaced 127 binaries have been added to OptionalObsoleteFiles.inc so they will 128 be removed during a clean upgrade. 129 13020140814: 131 The ixgbe tunables now match their sysctl counterparts, for example: 132 hw.ixgbe.enable_aim => hw.ix.enable_aim 133 Anyone using ixgbe tunables should ensure they update /boot/loader.conf. 134 13520140801: 136 The NFSv4.1 server committed by r269398 changes the internal 137 function call interfaces used between the NFS and krpc modules. 138 As such, __FreeBSD_version was bumped. 139 14020140729: 141 The default unbound configuration has been modified to address 142 issues with reverse lookups on networks that use private 143 address ranges. If you use the local_unbound service, run 144 "service local_unbound setup" as root to regenerate your 145 configuration, then "service local_unbound reload" to load the 146 new configuration. 147 14820140717: 149 It is no longer necessary to include the dwarf version in your DEBUG 150 options in your kernel config file. The bug that required it to be 151 placed in the config file has bene fixed. DEBUG should now just 152 contain -g. The build system will automatically update things 153 to do the right thing. 154 15520140715: 156 Several ABI breaking changes were merged to CTL and new iSCSI code. 157 All CTL and iSCSI-related tools, such as ctladm, ctld, iscsid and 158 iscsictl need to be rebuilt to work with a new kernel. 159 16020140708: 161 The WITHOUT_VT_SUPPORT kernel config knob has been renamed 162 WITHOUT_VT. (The other _SUPPORT knobs have a consistent meaning 163 which differs from the behaviour controlled by this knob.) 164 16520140608: 166 On i386 and amd64 systems, the onifconsole flag is now set by default 167 in /etc/ttys for ttyu0. This causes ttyu0 to be automatically enabled 168 as a login TTY if it is set in the bootloader as an active kernel 169 console. No changes in behavior should result otherwise. To revert to 170 the previous behavior, set ttyu0 to "off" in /etc/ttys. 171 17220140512: 173 Clang and llvm have been upgraded to 3.4.1 release. 174 17520140321: 176 Clang and llvm have been upgraded to 3.4 release. 177 17820140306: 179 If a Makefile in a tests/ directory was auto-generating a Kyuafile 180 instead of providing an explicit one, this would prevent such 181 Makefile from providing its own Kyuafile in the future during 182 NO_CLEAN builds. This has been fixed in the Makefiles but manual 183 intervention is needed to clean an objdir if you use NO_CLEAN: 184 # find /usr/obj -name Kyuafile | xargs rm -f 185 18620140303: 187 OpenSSH will now ignore errors caused by kernel lacking of Capsicum 188 capability mode support. Please note that enabling the feature in 189 kernel is still highly recommended. 190 19120140227: 192 OpenSSH is now built with sandbox support, and will use sandbox as 193 the default privilege separation method. This requires Capsicum 194 capability mode support in kernel. 195 19620140216: 197 The nve(4) driver for NVIDIA nForce MCP Ethernet adapters has 198 been deprecated and will not be part of FreeBSD 11.0 and later 199 releases. If you use this driver, please consider switching to 200 the nfe(4) driver instead. 201 20220140120: 203 10.0-RELEASE. 204 20520131216: 206 The behavior of gss_pseudo_random() for the krb5 mechanism 207 has changed, for applications requesting a longer random string 208 than produced by the underlying enctype's pseudo-random() function. 209 In particular, the random string produced from a session key of 210 enctype aes256-cts-hmac-sha1-96 or aes256-cts-hmac-sha1-96 will 211 be different at the 17th octet and later, after this change. 212 The counter used in the PRF+ construction is now encoded as a 213 big-endian integer in accordance with RFC 4402. 214 __FreeBSD_version is bumped to 1000701. 215 21620131108: 217 The WITHOUT_ATF build knob has been removed and its functionality 218 has been subsumed into the more generic WITHOUT_TESTS. If you were 219 using the former to disable the build of the ATF libraries, you 220 should change your settings to use the latter. 221 22220131031: 223 The default version of mtree is nmtree which is obtained from 224 NetBSD. The output is generally the same, but may vary 225 slightly. If you found you need identical output adding 226 "-F freebsd9" to the command line should do the trick. For the 227 time being, the old mtree is available as fmtree. 228 22920131014: 230 libbsdyml has been renamed to libyaml and moved to /usr/lib/private. 231 This will break ports-mgmt/pkg. Rebuild the port, or upgrade to pkg 232 1.1.4_8 and verify bsdyml not linked in, before running "make 233 delete-old-libs": 234 # make -C /usr/ports/ports-mgmt/pkg build deinstall install clean 235 or 236 # pkg install pkg; ldd /usr/local/sbin/pkg | grep bsdyml 237 23820131010: 239 The rc.d/jail script has been updated to support jail(8) 240 configuration file. The "jail_<jname>_*" rc.conf(5) variables 241 for per-jail configuration are automatically converted to 242 /var/run/jail.<jname>.conf before the jail(8) utility is invoked. 243 This is transparently backward compatible. See below about some 244 incompatibilities and rc.conf(5) manual page for more details. 245 246 These variables are now deprecated in favor of jail(8) configuration 247 file. One can use "rc.d/jail config <jname>" command to generate 248 a jail(8) configuration file in /var/run/jail.<jname>.conf without 249 running the jail(8) utility. The default pathname of the 250 configuration file is /etc/jail.conf and can be specified by 251 using $jail_conf or $jail_<jname>_conf variables. 252 253 Please note that jail_devfs_ruleset accepts an integer at 254 this moment. Please consider to rewrite the ruleset name 255 with an integer. 256 25720130930: 258 BIND has been removed from the base system. If all you need 259 is a local resolver, simply enable and start the local_unbound 260 service instead. Otherwise, several versions of BIND are 261 available in the ports tree. The dns/bind99 port is one example. 262 263 With this change, nslookup(1) and dig(1) are no longer in the base 264 system. Users should instead use host(1) and drill(1) which are 265 in the base system. Alternatively, nslookup and dig can 266 be obtained by installing the dns/bind-tools port. 267 26820130916: 269 With the addition of unbound(8), a new unbound user is now 270 required during installworld. "mergemaster -p" can be used to 271 add the user prior to installworld, as documented in the handbook. 272 27320130911: 274 OpenSSH is now built with DNSSEC support, and will by default 275 silently trust signed SSHFP records. This can be controlled with 276 the VerifyHostKeyDNS client configuration setting. DNSSEC support 277 can be disabled entirely with the WITHOUT_LDNS option in src.conf. 278 27920130906: 280 The GNU Compiler Collection and C++ standard library (libstdc++) 281 are no longer built by default on platforms where clang is the system 282 compiler. You can enable them with the WITH_GCC and WITH_GNUCXX 283 options in src.conf. 284 28520130905: 286 The PROCDESC kernel option is now part of the GENERIC kernel 287 configuration and is required for the rwhod(8) to work. 288 If you are using custom kernel configuration, you should include 289 'options PROCDESC'. 290 29120130905: 292 The API and ABI related to the Capsicum framework was modified 293 in backward incompatible way. The userland libraries and programs 294 have to be recompiled to work with the new kernel. This includes the 295 following libraries and programs, but the whole buildworld is 296 advised: libc, libprocstat, dhclient, tcpdump, hastd, hastctl, 297 kdump, procstat, rwho, rwhod, uniq. 298 29920130903: 300 AES-NI intrinsic support has been added to gcc. The AES-NI module 301 has been updated to use this support. A new gcc is required to build 302 the aesni module on both i386 and amd64. 303 30420130821: 305 The PADLOCK_RNG and RDRAND_RNG kernel options are now devices. 306 Thus "device padlock_rng" and "device rdrand_rng" should be 307 used instead of "options PADLOCK_RNG" & "options RDRAND_RNG". 308 30920130813: 310 WITH_ICONV has been split into two feature sets. WITH_ICONV now 311 enables just the iconv* functionality and is now on by default. 312 WITH_LIBICONV_COMPAT enables the libiconv api and link time 313 compatability. Set WITHOUT_ICONV to build the old way. 314 If you have been using WITH_ICONV before, you will very likely 315 need to turn on WITH_LIBICONV_COMPAT. 316 31720130806: 318 INVARIANTS option now enables DEBUG for code with OpenSolaris and 319 Illumos origin, including ZFS. If you have INVARIANTS in your 320 kernel configuration, then there is no need to set DEBUG or ZFS_DEBUG 321 explicitly. 322 DEBUG used to enable witness(9) tracking of OpenSolaris (mostly ZFS) 323 locks if WITNESS option was set. Because that generated a lot of 324 witness(9) reports and all of them were believed to be false 325 positives, this is no longer done. New option OPENSOLARIS_WITNESS 326 can be used to achieve the previous behavior. 327 32820130806: 329 Timer values in IPv6 data structures now use time_uptime instead 330 of time_second. Although this is not a user-visible functional 331 change, userland utilities which directly use them---ndp(8), 332 rtadvd(8), and rtsold(8) in the base system---need to be updated 333 to r253970 or later. 334 33520130802: 336 find -delete can now delete the pathnames given as arguments, 337 instead of only files found below them or if the pathname did 338 not contain any slashes. Formerly, the following error message 339 would result: 340 341 find: -delete: <path>: relative path potentially not safe 342 343 Deleting the pathnames given as arguments can be prevented 344 without error messages using -mindepth 1 or by changing 345 directory and passing "." as argument to find. This works in the 346 old as well as the new version of find. 347 34820130726: 349 Behavior of devfs rules path matching has been changed. 350 Pattern is now always matched against fully qualified devfs 351 path and slash characters must be explicitly matched by 352 slashes in pattern (FNM_PATHNAME). Rulesets involving devfs 353 subdirectories must be reviewed. 354 35520130716: 356 The default ARM ABI has changed to the ARM EABI. The old ABI is 357 incompatible with the ARM EABI and all programs and modules will 358 need to be rebuilt to work with a new kernel. 359 360 To keep using the old ABI ensure the WITHOUT_ARM_EABI knob is set. 361 362 NOTE: Support for the old ABI will be removed in the future and 363 users are advised to upgrade. 364 36520130709: 366 pkg_install has been disconnected from the build if you really need it 367 you should add WITH_PKGTOOLS in your src.conf(5). 368 36920130709: 370 Most of network statistics structures were changed to be able 371 keep 64-bits counters. Thus all tools, that work with networking 372 statistics, must be rebuilt (netstat(1), bsnmpd(1), etc.) 373 37420130629: 375 Fix targets that run multiple make's to use && rather than ; 376 so that subsequent steps depend on success of previous. 377 378 NOTE: if building 'universe' with -j* on stable/8 or stable/9 379 it would be better to start the build using bmake, to avoid 380 overloading the machine. 381 38220130618: 383 Fix a bug that allowed a tracing process (e.g. gdb) to write 384 to a memory-mapped file in the traced process's address space 385 even if neither the traced process nor the tracing process had 386 write access to that file. 387 38820130615: 389 CVS has been removed from the base system. An exact copy 390 of the code is available from the devel/cvs port. 391 39220130613: 393 Some people report the following error after the switch to bmake: 394 395 make: illegal option -- J 396 usage: make [-BPSXeiknpqrstv] [-C directory] [-D variable] 397 ... 398 *** [buildworld] Error code 2 399 400 this likely due to an old instance of make in 401 ${MAKEPATH} (${MAKEOBJDIRPREFIX}${.CURDIR}/make.${MACHINE}) 402 which src/Makefile will use that blindly, if it exists, so if 403 you see the above error: 404 405 rm -rf `make -V MAKEPATH` 406 407 should resolve it. 408 40920130516: 410 Use bmake by default. 411 Whereas before one could choose to build with bmake via 412 -DWITH_BMAKE one must now use -DWITHOUT_BMAKE to use the old 413 make. The goal is to remove these knobs for 10-RELEASE. 414 415 It is worth noting that bmake (like gmake) treats the command 416 line as the unit of failure, rather than statements within the 417 command line. Thus '(cd some/where && dosomething)' is safer 418 than 'cd some/where; dosomething'. The '()' allows consistent 419 behavior in parallel build. 420 42120130429: 422 Fix a bug that allows NFS clients to issue READDIR on files. 423 42420130426: 425 The WITHOUT_IDEA option has been removed because 426 the IDEA patent expired. 427 42820130426: 429 The sysctl which controls TRIM support under ZFS has been renamed 430 from vfs.zfs.trim_disable -> vfs.zfs.trim.enabled and has been 431 enabled by default. 432 43320130425: 434 The mergemaster command now uses the default MAKEOBJDIRPREFIX 435 rather than creating it's own in the temporary directory in 436 order allow access to bootstrapped versions of tools such as 437 install and mtree. When upgrading from version of FreeBSD where 438 the install command does not support -l, you will need to 439 install a new mergemaster command if mergemaster -p is required. 440 This can be accomplished with the command (cd src/usr.sbin/mergemaster 441 && make install). 442 44320130404: 444 Legacy ATA stack, disabled and replaced by new CAM-based one since 445 FreeBSD 9.0, completely removed from the sources. Kernel modules 446 atadisk and atapi*, user-level tools atacontrol and burncd are 447 removed. Kernel option `options ATA_CAM` is now permanently enabled 448 and removed. 449 45020130319: 451 SOCK_CLOEXEC and SOCK_NONBLOCK flags have been added to socket(2) 452 and socketpair(2). Software, in particular Kerberos, may 453 automatically detect and use these during building. The resulting 454 binaries will not work on older kernels. 455 45620130308: 457 CTL_DISABLE has also been added to the sparc64 GENERIC (for further 458 information, see the respective 20130304 entry). 459 46020130304: 461 Recent commits to callout(9) changed the size of struct callout, 462 so the KBI is probably heavily disturbed. Also, some functions 463 in callout(9)/sleep(9)/sleepqueue(9)/condvar(9) KPIs were replaced 464 by macros. Every kernel module using it won't load, so rebuild 465 is requested. 466 467 The ctl device has been re-enabled in GENERIC for i386 and amd64, 468 but does not initialize by default (because of the new CTL_DISABLE 469 option) to save memory. To re-enable it, remove the CTL_DISABLE 470 option from the kernel config file or set kern.cam.ctl.disable=0 471 in /boot/loader.conf. 472 47320130301: 474 The ctl device has been disabled in GENERIC for i386 and amd64. 475 This was done due to the extra memory being allocated at system 476 initialisation time by the ctl driver which was only used if 477 a CAM target device was created. This makes a FreeBSD system 478 unusable on 128MB or less of RAM. 479 48020130208: 481 A new compression method (lz4) has been merged to -HEAD. Please 482 refer to zpool-features(7) for more information. 483 484 Please refer to the "ZFS notes" section of this file for information 485 on upgrading boot ZFS pools. 486 48720130129: 488 A BSD-licensed patch(1) variant has been added and is installed 489 as bsdpatch, being the GNU version the default patch. 490 To inverse the logic and use the BSD-licensed one as default, 491 while having the GNU version installed as gnupatch, rebuild 492 and install world with the WITH_BSD_PATCH knob set. 493 49420130121: 495 Due to the use of the new -l option to install(1) during build 496 and install, you must take care not to directly set the INSTALL 497 make variable in your /etc/make.conf, /etc/src.conf, or on the 498 command line. If you wish to use the -C flag for all installs 499 you may be able to add INSTALL+=-C to /etc/make.conf or 500 /etc/src.conf. 501 50220130118: 503 The install(1) option -M has changed meaning and now takes an 504 argument that is a file or path to append logs to. In the 505 unlikely event that -M was the last option on the command line 506 and the command line contained at least two files and a target 507 directory the first file will have logs appended to it. The -M 508 option served little practical purpose in the last decade so its 509 use is expected to be extremely rare. 510 51120121223: 512 After switching to Clang as the default compiler some users of ZFS 513 on i386 systems started to experience stack overflow kernel panics. 514 Please consider using 'options KSTACK_PAGES=4' in such configurations. 515 51620121222: 517 GEOM_LABEL now mangles label names read from file system metadata. 518 Mangling affect labels containing spaces, non-printable characters, 519 '%' or '"'. Device names in /etc/fstab and other places may need to 520 be updated. 521 52220121217: 523 By default, only the 10 most recent kernel dumps will be saved. To 524 restore the previous behaviour (no limit on the number of kernel dumps 525 stored in the dump directory) add the following line to /etc/rc.conf: 526 527 savecore_flags="" 528 52920121201: 530 With the addition of auditdistd(8), a new auditdistd user is now 531 required during installworld. "mergemaster -p" can be used to 532 add the user prior to installworld, as documented in the handbook. 533 53420121117: 535 The sin6_scope_id member variable in struct sockaddr_in6 is now 536 filled by the kernel before passing the structure to the userland via 537 sysctl or routing socket. This means the KAME-specific embedded scope 538 id in sin6_addr.s6_addr[2] is always cleared in userland application. 539 This behavior can be controlled by net.inet6.ip6.deembed_scopeid. 540 __FreeBSD_version is bumped to 1000025. 541 54220121105: 543 On i386 and amd64 systems WITH_CLANG_IS_CC is now the default. 544 This means that the world and kernel will be compiled with clang 545 and that clang will be installed as /usr/bin/cc, /usr/bin/c++, 546 and /usr/bin/cpp. To disable this behavior and revert to building 547 with gcc, compile with WITHOUT_CLANG_IS_CC. Really old versions 548 of current may need to bootstrap WITHOUT_CLANG first if the clang 549 build fails (its compatibility window doesn't extend to the 9 stable 550 branch point). 551 55220121102: 553 The IPFIREWALL_FORWARD kernel option has been removed. Its 554 functionality now turned on by default. 555 55620121023: 557 The ZERO_COPY_SOCKET kernel option has been removed and 558 split into SOCKET_SEND_COW and SOCKET_RECV_PFLIP. 559 NB: SOCKET_SEND_COW uses the VM page based copy-on-write 560 mechanism which is not safe and may result in kernel crashes. 561 NB: The SOCKET_RECV_PFLIP mechanism is useless as no current 562 driver supports disposeable external page sized mbuf storage. 563 Proper replacements for both zero-copy mechanisms are under 564 consideration and will eventually lead to complete removal 565 of the two kernel options. 566 56720121023: 568 The IPv4 network stack has been converted to network byte 569 order. The following modules need to be recompiled together 570 with kernel: carp(4), divert(4), gif(4), siftr(4), gre(4), 571 pf(4), ipfw(4), ng_ipfw(4), stf(4). 572 57320121022: 574 Support for non-MPSAFE filesystems was removed from VFS. The 575 VFS_VERSION was bumped, all filesystem modules shall be 576 recompiled. 577 57820121018: 579 All the non-MPSAFE filesystems have been disconnected from 580 the build. The full list includes: codafs, hpfs, ntfs, nwfs, 581 portalfs, smbfs, xfs. 582 58320121016: 584 The interface cloning API and ABI has changed. The following 585 modules need to be recompiled together with kernel: 586 ipfw(4), pfsync(4), pflog(4), usb(4), wlan(4), stf(4), 587 vlan(4), disc(4), edsc(4), if_bridge(4), gif(4), tap(4), 588 faith(4), epair(4), enc(4), tun(4), if_lagg(4), gre(4). 589 59020121015: 591 The sdhci driver was split in two parts: sdhci (generic SD Host 592 Controller logic) and sdhci_pci (actual hardware driver). 593 No kernel config modifications are required, but if you 594 load sdhc as a module you must switch to sdhci_pci instead. 595 59620121014: 597 Import the FUSE kernel and userland support into base system. 598 59920121013: 600 The GNU sort(1) program has been removed since the BSD-licensed 601 sort(1) has been the default for quite some time and no serious 602 problems have been reported. The corresponding WITH_GNU_SORT 603 knob has also gone. 604 60520121006: 606 The pfil(9) API/ABI for AF_INET family has been changed. Packet 607 filtering modules: pf(4), ipfw(4), ipfilter(4) need to be recompiled 608 with new kernel. 609 61020121001: 611 The net80211(4) ABI has been changed to allow for improved driver 612 PS-POLL and power-save support. All wireless drivers need to be 613 recompiled to work with the new kernel. 614 61520120913: 616 The random(4) support for the VIA hardware random number 617 generator (`PADLOCK') is no longer enabled unconditionally. 618 Add the padlock_rng device in the custom kernel config if 619 needed. The GENERIC kernels on i386 and amd64 do include the 620 device, so the change only affects the custom kernel 621 configurations. 622 62320120908: 624 The pf(4) packet filter ABI has been changed. pfctl(8) and 625 snmp_pf module need to be recompiled to work with new kernel. 626 62720120828: 628 A new ZFS feature flag "com.delphix:empty_bpobj" has been merged 629 to -HEAD. Pools that have empty_bpobj in active state can not be 630 imported read-write with ZFS implementations that do not support 631 this feature. For more information read the zpool-features(5) 632 manual page. 633 63420120727: 635 The sparc64 ZFS loader has been changed to no longer try to auto- 636 detect ZFS providers based on diskN aliases but now requires these 637 to be explicitly listed in the OFW boot-device environment variable. 638 63920120712: 640 The OpenSSL has been upgraded to 1.0.1c. Any binaries requiring 641 libcrypto.so.6 or libssl.so.6 must be recompiled. Also, there are 642 configuration changes. Make sure to merge /etc/ssl/openssl.cnf. 643 64420120712: 645 The following sysctls and tunables have been renamed for consistency 646 with other variables: 647 kern.cam.da.da_send_ordered -> kern.cam.da.send_ordered 648 kern.cam.ada.ada_send_ordered -> kern.cam.ada.send_ordered 649 65020120628: 651 The sort utility has been replaced with BSD sort. For now, GNU sort 652 is also available as "gnusort" or the default can be set back to 653 GNU sort by setting WITH_GNU_SORT. In this case, BSD sort will be 654 installed as "bsdsort". 655 65620120611: 657 A new version of ZFS (pool version 5000) has been merged to -HEAD. 658 Starting with this version the old system of ZFS pool versioning 659 is superseded by "feature flags". This concept enables forward 660 compatibility against certain future changes in functionality of ZFS 661 pools. The first read-only compatible "feature flag" for ZFS pools 662 is named "com.delphix:async_destroy". For more information 663 read the new zpool-features(5) manual page. 664 Please refer to the "ZFS notes" section of this file for information 665 on upgrading boot ZFS pools. 666 66720120417: 668 The malloc(3) implementation embedded in libc now uses sources imported 669 as contrib/jemalloc. The most disruptive API change is to 670 /etc/malloc.conf. If your system has an old-style /etc/malloc.conf, 671 delete it prior to installworld, and optionally re-create it using the 672 new format after rebooting. See malloc.conf(5) for details 673 (specifically the TUNING section and the "opt.*" entries in the MALLCTL 674 NAMESPACE section). 675 67620120328: 677 Big-endian MIPS TARGET_ARCH values no longer end in "eb". mips64eb 678 is now spelled mips64. mipsn32eb is now spelled mipsn32. mipseb is 679 now spelled mips. This is to aid compatibility with third-party 680 software that expects this naming scheme in uname(3). Little-endian 681 settings are unchanged. If you are updating a big-endian mips64 machine 682 from before this change, you may need to set MACHINE_ARCH=mips64 in 683 your environment before the new build system will recognize your machine. 684 68520120306: 686 Disable by default the option VFS_ALLOW_NONMPSAFE for all supported 687 platforms. 688 68920120229: 690 Now unix domain sockets behave "as expected" on nullfs(5). Previously 691 nullfs(5) did not pass through all behaviours to the underlying layer, 692 as a result if we bound to a socket on the lower layer we could connect 693 only to the lower path; if we bound to the upper layer we could connect 694 only to the upper path. The new behavior is one can connect to both the 695 lower and the upper paths regardless what layer path one binds to. 696 69720120211: 698 The getifaddrs upgrade path broken with 20111215 has been restored. 699 If you have upgraded in between 20111215 and 20120209 you need to 700 recompile libc again with your kernel. You still need to recompile 701 world to be able to configure CARP but this restriction already 702 comes from 20111215. 703 70420120114: 705 The set_rcvar() function has been removed from /etc/rc.subr. All 706 base and ports rc.d scripts have been updated, so if you have a 707 port installed with a script in /usr/local/etc/rc.d you can either 708 hand-edit the rcvar= line, or reinstall the port. 709 710 An easy way to handle the mass-update of /etc/rc.d: 711 rm /etc/rc.d/* && mergemaster -i 712 71320120109: 714 panic(9) now stops other CPUs in the SMP systems, disables interrupts 715 on the current CPU and prevents other threads from running. 716 This behavior can be reverted using the kern.stop_scheduler_on_panic 717 tunable/sysctl. 718 The new behavior can be incompatible with kern.sync_on_panic. 719 72020111215: 721 The carp(4) facility has been changed significantly. Configuration 722 of the CARP protocol via ifconfig(8) has changed, as well as format 723 of CARP events submitted to devd(8) has changed. See manual pages 724 for more information. The arpbalance feature of carp(4) is currently 725 not supported anymore. 726 727 Size of struct in_aliasreq, struct in6_aliasreq has changed. User 728 utilities using SIOCAIFADDR, SIOCAIFADDR_IN6, e.g. ifconfig(8), 729 need to be recompiled. 730 73120111122: 732 The acpi_wmi(4) status device /dev/wmistat has been renamed to 733 /dev/wmistat0. 734 73520111108: 736 The option VFS_ALLOW_NONMPSAFE option has been added in order to 737 explicitely support non-MPSAFE filesystems. 738 It is on by default for all supported platform at this present 739 time. 740 74120111101: 742 The broken amd(4) driver has been replaced with esp(4) in the amd64, 743 i386 and pc98 GENERIC kernel configuration files. 744 74520110930: 746 sysinstall has been removed 747 74820110923: 749 The stable/9 branch created in subversion. This corresponds to the 750 RELENG_9 branch in CVS. 751 75220110913: 753 This commit modifies vfs_register() so that it uses a hash 754 calculation to set vfc_typenum, which is enabled by default. 755 The first time a system is booted after this change, the 756 vfc_typenum values will change for all file systems. The 757 main effect of this is a change to the NFS server file handles 758 for file systems that use vfc_typenum in their fsid, such as ZFS. 759 It will, however, prevent vfc_typenum from changing when file 760 systems are loaded in a different order for subsequent reboots. 761 To disable this, you can set vfs.typenumhash=0 in /boot/loader.conf 762 until you are ready to remount all NFS clients after a reboot. 763 76420110828: 765 Bump the shared library version numbers for libraries that 766 do not use symbol versioning, have changed the ABI compared 767 to stable/8 and which shared library version was not bumped. 768 Done as part of 9.0-RELEASE cycle. 769 77020110815: 771 During the merge of Capsicum features, the fget(9) KPI was modified. 772 This may require the rebuilding of out-of-tree device drivers -- 773 issues have been reported specifically with the nVidia device driver. 774 __FreeBSD_version is bumped to 900041. 775 776 Also, there is a period between 20110811 and 20110814 where the 777 special devices /dev/{stdin,stdout,stderr} did not work correctly. 778 Building world from a kernel during that window may not work. 779 78020110628: 781 The packet filter (pf) code has been updated to OpenBSD 4.5. 782 You need to update userland tools to be in sync with kernel. 783 This update breaks backward compatibility with earlier pfsync(4) 784 versions. Care must be taken when updating redundant firewall setups. 785 78620110608: 787 The following sysctls and tunables are retired on x86 platforms: 788 machdep.hlt_cpus 789 machdep.hlt_logical_cpus 790 The following sysctl is retired: 791 machdep.hyperthreading_allowed 792 The sysctls were supposed to provide a way to dynamically offline and 793 online selected CPUs on x86 platforms, but the implementation has not 794 been reliable especially with SCHED_ULE scheduler. 795 machdep.hyperthreading_allowed tunable is still available to ignore 796 hyperthreading CPUs at OS level. 797 Individual CPUs can be disabled using hint.lapic.X.disabled tunable, 798 where X is an APIC ID of a CPU. Be advised, though, that disabling 799 CPUs in non-uniform fashion will result in non-uniform topology and 800 may lead to sub-optimal system performance with SCHED_ULE, which is 801 a default scheduler. 802 80320110607: 804 cpumask_t type is retired and cpuset_t is used in order to describe 805 a mask of CPUs. 806 80720110531: 808 Changes to ifconfig(8) for dynamic address family detection mandate 809 that you are running a kernel of 20110525 or later. Make sure to 810 follow the update procedure to boot a new kernel before installing 811 world. 812 81320110513: 814 Support for sun4v architecture is officially dropped 815 81620110503: 817 Several KPI breaking changes have been committed to the mii(4) layer, 818 the PHY drivers and consequently some Ethernet drivers using mii(4). 819 This means that miibus.ko and the modules of the affected Ethernet 820 drivers need to be recompiled. 821 822 Note to kernel developers: Given that the OUI bit reversion problem 823 was fixed as part of these changes all mii(4) commits related to OUIs, 824 i.e. to sys/dev/mii/miidevs, PHY driver probing and vendor specific 825 handling, no longer can be merged verbatim to stable/8 and previous 826 branches. 827 82820110430: 829 Users of the Atheros AR71xx SoC code now need to add 'device ar71xx_pci' 830 into their kernel configurations along with 'device pci'. 831 83220110427: 833 The default NFS client is now the new NFS client, so fstype "newnfs" 834 is now "nfs" and the regular/old NFS client is now fstype "oldnfs". 835 Although mounts via fstype "nfs" will usually work without userland 836 changes, it is recommended that the mount(8) and mount_nfs(8) 837 commands be rebuilt from sources and that a link to mount_nfs called 838 mount_oldnfs be created. The new client is compiled into the 839 kernel with "options NFSCL" and this is needed for diskless root 840 file systems. The GENERIC kernel configs have been changed to use 841 NFSCL and NFSD (the new server) instead of NFSCLIENT and NFSSERVER. 842 To use the regular/old client, you can "mount -t oldnfs ...". For 843 a diskless root file system, you must also include a line like: 844 845 vfs.root.mountfrom="oldnfs:" 846 847 in the boot/loader.conf on the root fs on the NFS server to make 848 a diskless root fs use the old client. 849 85020110424: 851 The GENERIC kernels for all architectures now default to the new 852 CAM-based ATA stack. It means that all legacy ATA drivers were 853 removed and replaced by respective CAM drivers. If you are using 854 ATA device names in /etc/fstab or other places, make sure to update 855 them respectively (adX -> adaY, acdX -> cdY, afdX -> daY, astX -> saY, 856 where 'Y's are the sequential numbers starting from zero for each type 857 in order of detection, unless configured otherwise with tunables, 858 see cam(4)). There will be symbolic links created in /dev/ to map 859 old adX devices to the respective adaY. They should provide basic 860 compatibility for file systems mounting in most cases, but they do 861 not support old user-level APIs and do not have respective providers 862 in GEOM. Consider using updated management tools with new device names. 863 864 It is possible to load devices ahci, ata, siis and mvs as modules, 865 but option ATA_CAM should remain in kernel configuration to make ata 866 module work as CAM driver supporting legacy ATA controllers. Device ata 867 still can be used in modular fashion (atacore + ...). Modules atadisk 868 and atapi* are not used and won't affect operation in ATA_CAM mode. 869 Note that to use CAM-based ATA kernel should include CAM devices 870 scbus, pass, da (or explicitly ada), cd and optionally others. All of 871 them are parts of the cam module. 872 873 ataraid(4) functionality is now supported by the RAID GEOM class. 874 To use it you can load geom_raid kernel module and use graid(8) tool 875 for management. Instead of /dev/arX device names, use /dev/raid/rX. 876 877 No kernel config options or code have been removed, so if a problem 878 arises, please report it and optionally revert to the old ATA stack. 879 In order to do it you can remove from the kernel config: 880 options ATA_CAM 881 device ahci 882 device mvs 883 device siis 884 , and instead add back: 885 device atadisk # ATA disk drives 886 device ataraid # ATA RAID drives 887 device atapicd # ATAPI CDROM drives 888 device atapifd # ATAPI floppy drives 889 device atapist # ATAPI tape drives 890 89120110423: 892 The default NFS server has been changed to the new server, which 893 was referred to as the experimental server. If you need to switch 894 back to the old NFS server, you must now put the "-o" option on 895 both the mountd and nfsd commands. This can be done using the 896 mountd_flags and nfs_server_flags rc.conf variables until an 897 update to the rc scripts is committed, which is coming soon. 898 89920110418: 900 The GNU Objective-C runtime library (libobjc), and other Objective-C 901 related components have been removed from the base system. If you 902 require an Objective-C library, please use one of the available ports. 903 90420110331: 905 ath(4) has been split into bus- and device- modules. if_ath contains 906 the HAL, the TX rate control and the network device code. if_ath_pci 907 contains the PCI bus glue. For Atheros MIPS embedded systems, if_ath_ahb 908 contains the AHB glue. Users need to load both if_ath_pci and if_ath 909 in order to use ath on everything else. 910 911 TO REPEAT: if_ath_ahb is not needed for normal users. Normal users only 912 need to load if_ath and if_ath_pci for ath(4) operation. 913 91420110314: 915 As part of the replacement of sysinstall, the process of building 916 release media has changed significantly. For details, please re-read 917 release(7), which has been updated to reflect the new build process. 918 91920110218: 920 GNU binutils 2.17.50 (as of 2007-07-03) has been merged to -HEAD. This 921 is the last available version under GPLv2. It brings a number of new 922 features, such as support for newer x86 CPU's (with SSE-3, SSSE-3, SSE 923 4.1 and SSE 4.2), better support for powerpc64, a number of new 924 directives, and lots of other small improvements. See the ChangeLog 925 file in contrib/binutils for the full details. 926 92720110218: 928 IPsec's HMAC_SHA256-512 support has been fixed to be RFC4868 929 compliant, and will now use half of hash for authentication. 930 This will break interoperability with all stacks (including all 931 actual FreeBSD versions) who implement 932 draft-ietf-ipsec-ciph-sha-256-00 (they use 96 bits of hash for 933 authentication). 934 The only workaround with such peers is to use another HMAC 935 algorithm for IPsec ("phase 2") authentication. 936 93720110207: 938 Remove the uio_yield prototype and symbol. This function has 939 been misnamed since it was introduced and should not be 940 globally exposed with this name. The equivalent functionality 941 is now available using kern_yield(curthread->td_user_pri). 942 The function remains undocumented. 943 94420110112: 945 A SYSCTL_[ADD_]UQUAD was added for unsigned uint64_t pointers, 946 symmetric with the existing SYSCTL_[ADD_]QUAD. Type checking 947 for scalar sysctls is defined but disabled. Code that needs 948 UQUAD to pass the type checking that must compile on older 949 systems where the define is not present can check against 950 __FreeBSD_version >= 900030. 951 952 The system dialog(1) has been replaced with a new version previously 953 in ports as devel/cdialog. dialog(1) is mostly command-line compatible 954 with the previous version, but the libdialog associated with it has 955 a largely incompatible API. As such, the original version of libdialog 956 will be kept temporarily as libodialog, until its base system consumers 957 are replaced or updated. Bump __FreeBSD_version to 900030. 958 95920110103: 960 If you are trying to run make universe on a -stable system, and you get 961 the following warning: 962 "Makefile", line 356: "Target architecture for i386/conf/GENERIC 963 unknown. config(8) likely too old." 964 or something similar to it, then you must upgrade your -stable system 965 to 8.2-Release or newer (really, any time after r210146 7/15/2010 in 966 stable/8) or build the config from the latest stable/8 branch and 967 install it on your system. 968 969 Prior to this date, building a current universe on 8-stable system from 970 between 7/15/2010 and 1/2/2011 would result in a weird shell parsing 971 error in the first kernel build phase. A new config on those old 972 systems will fix that problem for older versions of -current. 973 97420101228: 975 The TCP stack has been modified to allow Khelp modules to interact with 976 it via helper hook points and store per-connection data in the TCP 977 control block. Bump __FreeBSD_version to 900029. User space tools that 978 rely on the size of struct tcpcb in tcp_var.h (e.g. sockstat) need to 979 be recompiled. 980 98120101114: 982 Generic IEEE 802.3 annex 31B full duplex flow control support has been 983 added to mii(4) and bge(4), bce(4), msk(4), nfe(4) and stge(4) along 984 with brgphy(4), e1000phy(4) as well as ip1000phy() have been converted 985 to take advantage of it instead of using custom implementations. This 986 means that these drivers now no longer unconditionally advertise 987 support for flow control but only do so if flow control is a selected 988 media option. This was implemented in the generic support that way in 989 order to allow flow control to be switched on and off via ifconfig(8) 990 with the PHY specific default to typically off in order to protect 991 from unwanted effects. Consequently, if you used flow control with 992 one of the above mentioned drivers you now need to explicitly enable 993 it, for example via: 994 ifconfig bge0 media auto mediaopt flowcontrol 995 996 Along with the above mentioned changes generic support for setting 997 1000baseT master mode also has been added and brgphy(4), ciphy(4), 998 e1000phy(4) as well as ip1000phy(4) have been converted to take 999 advantage of it. This means that these drivers now no longer take the 1000 link0 parameter for selecting master mode but the master media option 1001 has to be used instead, for example like in the following: 1002 ifconfig bge0 media 1000baseT mediaopt full-duplex,master 1003 1004 Selection of master mode now is also available with all other PHY 1005 drivers supporting 1000baseT. 1006 100720101111: 1008 The TCP stack has received a significant update to add support for 1009 modularised congestion control and generally improve the clarity of 1010 congestion control decisions. Bump __FreeBSD_version to 900025. User 1011 space tools that rely on the size of struct tcpcb in tcp_var.h (e.g. 1012 sockstat) need to be recompiled. 1013 101420101002: 1015 The man(1) utility has been replaced by a new version that no longer 1016 uses /etc/manpath.config. Please consult man.conf(5) for how to 1017 migrate local entries to the new format. 1018 101920100928: 1020 The copyright strings printed by login(1) and sshd(8) at the time of a 1021 new connection have been removed to follow other operating systems and 1022 upstream sshd. 1023 102420100915: 1025 A workaround for a fixed ld bug has been removed in kernel code, 1026 so make sure that your system ld is built from sources after 1027 revision 210245 from 2010-07-19 (r211583 if building head kernel 1028 on stable/8, r211584 for stable/7; both from 2010-08-21). 1029 A symptom of incorrect ld version is different addresses for 1030 set_pcpu section and __start_set_pcpu symbol in kernel and/or modules. 1031 103220100913: 1033 The $ipv6_prefer variable in rc.conf(5) has been split into 1034 $ip6addrctl_policy and $ipv6_activate_all_interfaces. 1035 1036 The $ip6addrctl_policy is a variable to choose a pre-defined 1037 address selection policy set by ip6addrctl(8). A value 1038 "ipv4_prefer", "ipv6_prefer" or "AUTO" can be specified. The 1039 default is "AUTO". 1040 1041 The $ipv6_activate_all_interfaces specifies whether IFDISABLED 1042 flag (see an entry of 20090926) is set on an interface with no 1043 corresponding $ifconfig_IF_ipv6 line. The default is "NO" for 1044 security reason. If you want IPv6 link-local address on all 1045 interfaces by default, set this to "YES". 1046 1047 The old ipv6_prefer="YES" is equivalent to 1048 ipv6_activate_all_interfaces="YES" and 1049 ip6addrctl_policy="ipv6_prefer". 1050 105120100913: 1052 DTrace has grown support for userland tracing. Due to this, DTrace is 1053 now i386 and amd64 only. 1054 dtruss(1) is now installed by default on those systems and a new 1055 kernel module is needed for userland tracing: fasttrap. 1056 No changes to your kernel config file are necessary to enable 1057 userland tracing, but you might consider adding 'STRIP=' and 1058 'CFLAGS+=-fno-omit-frame-pointer' to your make.conf if you want 1059 to have informative userland stack traces in DTrace (ustack). 1060 106120100725: 1062 The acpi_aiboost(4) driver has been removed in favor of the new 1063 aibs(4) driver. You should update your kernel configuration file. 1064 106520100722: 1066 BSD grep has been imported to the base system and it is built by 1067 default. It is completely BSD licensed, highly GNU-compatible, uses 1068 less memory than its GNU counterpart and has a small codebase. 1069 However, it is slower than its GNU counterpart, which is mostly 1070 noticeable for larger searches, for smaller ones it is measurable 1071 but not significant. The reason is complex, the most important factor 1072 is that we lack a modern and efficient regex library and GNU 1073 overcomes this by optimizing the searches internally. Future work 1074 on improving the regex performance is planned, for the meantime, 1075 users that need better performance, can build GNU grep instead by 1076 setting the WITH_GNU_GREP knob. 1077 107820100713: 1079 Due to the import of powerpc64 support, all existing powerpc kernel 1080 configuration files must be updated with a machine directive like this: 1081 machine powerpc powerpc 1082 1083 In addition, an updated config(8) is required to build powerpc kernels 1084 after this change. 1085 108620100713: 1087 A new version of ZFS (version 15) has been merged to -HEAD. 1088 This version uses a python library for the following subcommands: 1089 zfs allow, zfs unallow, zfs groupspace, zfs userspace. 1090 For full functionality of these commands the following port must 1091 be installed: sysutils/py-zfs 1092 109320100429: 1094 'vm_page's are now hashed by physical address to an array of mutexes. 1095 Currently this is only used to serialize access to hold_count. Over 1096 time the page queue mutex will be peeled away. This changes the size 1097 of pmap on every architecture. And requires all callers of vm_page_hold 1098 and vm_page_unhold to be updated. 1099 110020100402: 1101 WITH_CTF can now be specified in src.conf (not recommended, there 1102 are some problems with static executables), make.conf (would also 1103 affect ports which do not use GNU make and do not override the 1104 compile targets) or in the kernel config (via "makeoptions 1105 WITH_CTF=yes"). 1106 When WITH_CTF was specified there before this was silently ignored, 1107 so make sure that WITH_CTF is not used in places which could lead 1108 to unwanted behavior. 1109 111020100311: 1111 The kernel option COMPAT_IA32 has been replaced with COMPAT_FREEBSD32 1112 to allow 32-bit compatibility on non-x86 platforms. All kernel 1113 configurations on amd64 and ia64 platforms using these options must 1114 be modified accordingly. 1115 111620100113: 1117 The utmp user accounting database has been replaced with utmpx, 1118 the user accounting interface standardized by POSIX. 1119 Unfortunately the semantics of utmp and utmpx don't match, 1120 making it practically impossible to support both interfaces. 1121 The user accounting database is used by tools like finger(1), 1122 last(1), talk(1), w(1) and ac(8). 1123 1124 All applications in the base system use utmpx. This means only 1125 local binaries (e.g. from the ports tree) may still use these 1126 utmp database files. These applications must be rebuilt to make 1127 use of utmpx. 1128 1129 After the system has been upgraded, it is safe to remove the old 1130 log files (/var/run/utmp, /var/log/lastlog and /var/log/wtmp*), 1131 assuming their contents is of no importance anymore. Old wtmp 1132 databases can only be used by last(1) and ac(8) after they have 1133 been converted to the new format using wtmpcvt(1). 1134 113520100108: 1136 Introduce the kernel thread "deadlock resolver" (which can be enabled 1137 via the DEADLKRES option, see NOTES for more details) and the 1138 sleepq_type() function for sleepqueues. 1139 114020091202: 1141 The rc.firewall and rc.firewall6 were unified, and 1142 rc.firewall6 and rc.d/ip6fw were removed. 1143 According to the removal of rc.d/ip6fw, ipv6_firewall_* rc 1144 variables are obsoleted. Instead, the following new rc 1145 variables are added to rc.d/ipfw: 1146 1147 firewall_client_net_ipv6, firewall_simple_iif_ipv6, 1148 firewall_simple_inet_ipv6, firewall_simple_oif_ipv6, 1149 firewall_simple_onet_ipv6, firewall_trusted_ipv6 1150 1151 The meanings correspond to the relevant IPv4 variables. 1152 115320091125: 1154 8.0-RELEASE. 1155 115620091113: 1157 The default terminal emulation for syscons(4) has been changed 1158 from cons25 to xterm on all platforms except pc98. This means 1159 that the /etc/ttys file needs to be updated to ensure correct 1160 operation of applications on the console. 1161 1162 The terminal emulation style can be toggled per window by using 1163 vidcontrol(1)'s -T flag. The TEKEN_CONS25 kernel configuration 1164 options can be used to change the compile-time default back to 1165 cons25. 1166 1167 To prevent graphical artifacts, make sure the TERM environment 1168 variable is set to match the terminal emulation that is being 1169 performed by syscons(4). 1170 117120091109: 1172 The layout of the structure ieee80211req_scan_result has changed. 1173 Applications that require wireless scan results (e.g. ifconfig(8)) 1174 from net80211 need to be recompiled. 1175 1176 Applications such as wpa_supplicant(8) may require a full world 1177 build without using NO_CLEAN in order to get synchronized with the 1178 new structure. 1179 118020091025: 1181 The iwn(4) driver has been updated to support the 5000 and 5150 series. 1182 There's one kernel module for each firmware. Adding "device iwnfw" 1183 to the kernel configuration file means including all three firmware 1184 images inside the kernel. If you want to include just the one for 1185 your wireless card, use the devices iwn4965fw, iwn5000fw or 1186 iwn5150fw. 1187 118820090926: 1189 The rc.d/network_ipv6, IPv6 configuration script has been integrated 1190 into rc.d/netif. The changes are the following: 1191 1192 1. To use IPv6, simply define $ifconfig_IF_ipv6 like $ifconfig_IF 1193 for IPv4. For aliases, $ifconfig_IF_aliasN should be used. 1194 Note that both variables need the "inet6" keyword at the head. 1195 1196 Do not set $ipv6_network_interfaces manually if you do not 1197 understand what you are doing. It is not needed in most cases. 1198 1199 $ipv6_ifconfig_IF and $ipv6_ifconfig_IF_aliasN still work, but 1200 they are obsolete. 1201 1202 2. $ipv6_enable is obsolete. Use $ipv6_prefer and 1203 "inet6 accept_rtadv" keyword in ifconfig(8) instead. 1204 1205 If you define $ipv6_enable=YES, it means $ipv6_prefer=YES and 1206 all configured interfaces have "inet6 accept_rtadv" in the 1207 $ifconfig_IF_ipv6. These are for backward compatibility. 1208 1209 3. A new variable $ipv6_prefer has been added. If NO, IPv6 1210 functionality of interfaces with no corresponding 1211 $ifconfig_IF_ipv6 is disabled by using "inet6 ifdisabled" flag, 1212 and the default address selection policy of ip6addrctl(8) 1213 is the IPv4-preferred one (see rc.d/ip6addrctl for more details). 1214 Note that if you want to configure IPv6 functionality on the 1215 disabled interfaces after boot, first you need to clear the flag by 1216 using ifconfig(8) like: 1217 1218 ifconfig em0 inet6 -ifdisabled 1219 1220 If YES, the default address selection policy is set as 1221 IPv6-preferred. 1222 1223 The default value of $ipv6_prefer is NO. 1224 1225 4. If your system need to receive Router Advertisement messages, 1226 define "inet6 accept_rtadv" in $ifconfig_IF_ipv6. The rc(8) 1227 scripts automatically invoke rtsol(8) when the interface becomes 1228 UP. The Router Advertisement messages are used for SLAAC 1229 (State-Less Address AutoConfiguration). 1230 123120090922: 1232 802.11s D3.03 support was committed. This is incompatible with the 1233 previous code, which was based on D3.0. 1234 123520090912: 1236 A sysctl variable net.inet6.ip6.accept_rtadv now sets the default value 1237 of a per-interface flag ND6_IFF_ACCEPT_RTADV, not a global knob to 1238 control whether accepting Router Advertisement messages or not. 1239 Also, a per-interface flag ND6_IFF_AUTO_LINKLOCAL has been added and 1240 a sysctl variable net.inet6.ip6.auto_linklocal is its default value. 1241 The ifconfig(8) utility now supports these flags. 1242 124320090910: 1244 ZFS snapshots are now mounted with MNT_IGNORE flag. Use -v option for 1245 mount(8) and -a option for df(1) to see them. 1246 124720090825: 1248 The old tunable hw.bus.devctl_disable has been superseded by 1249 hw.bus.devctl_queue. hw.bus.devctl_disable=1 in loader.conf should be 1250 replaced by hw.bus.devctl_queue=0. The default for this new tunable 1251 is 1000. 1252 125320090813: 1254 Remove the option STOP_NMI. The default action is now to use NMI only 1255 for KDB via the newly introduced function stop_cpus_hard() and 1256 maintain stop_cpus() to just use a normal IPI_STOP on ia32 and amd64. 1257 125820090803: 1259 The stable/8 branch created in subversion. This corresponds to the 1260 RELENG_8 branch in CVS. 1261 126220090719: 1263 Bump the shared library version numbers for all libraries that do not 1264 use symbol versioning as part of the 8.0-RELEASE cycle. Bump 1265 __FreeBSD_version to 800105. 1266 126720090714: 1268 Due to changes in the implementation of virtual network stack support, 1269 all network-related kernel modules must be recompiled. As this change 1270 breaks the ABI, bump __FreeBSD_version to 800104. 1271 127220090713: 1273 The TOE interface to the TCP syncache has been modified to remove 1274 struct tcpopt (<netinet/tcp_var.h>) from the ABI of the network stack. 1275 The cxgb driver is the only TOE consumer affected by this change, and 1276 needs to be recompiled along with the kernel. As this change breaks 1277 the ABI, bump __FreeBSD_version to 800103. 1278 127920090712: 1280 Padding has been added to struct tcpcb, sackhint and tcpstat in 1281 <netinet/tcp_var.h> to facilitate future MFCs and bug fixes whilst 1282 maintaining the ABI. However, this change breaks the ABI, so bump 1283 __FreeBSD_version to 800102. User space tools that rely on the size of 1284 any of these structs (e.g. sockstat) need to be recompiled. 1285 128620090630: 1287 The NFS_LEGACYRPC option has been removed along with the old kernel 1288 RPC implementation that this option selected. Kernel configurations 1289 may need to be adjusted. 1290 129120090629: 1292 The network interface device nodes at /dev/net/<interface> have been 1293 removed. All ioctl operations can be performed the normal way using 1294 routing sockets. The kqueue functionality can generally be replaced 1295 with routing sockets. 1296 129720090628: 1298 The documentation from the FreeBSD Documentation Project (Handbook, 1299 FAQ, etc.) is now installed via packages by sysinstall(8) and under 1300 the /usr/local/share/doc/freebsd directory instead of /usr/share/doc. 1301 130220090624: 1303 The ABI of various structures related to the SYSV IPC API have been 1304 changed. As a result, the COMPAT_FREEBSD[456] and COMPAT_43 kernel 1305 options now all require COMPAT_FREEBSD7. Bump __FreeBSD_version to 1306 800100. 1307 130820090622: 1309 Layout of struct vnet has changed as routing related variables were 1310 moved to their own Vimage module. Modules need to be recompiled. Bump 1311 __FreeBSD_version to 800099. 1312 131320090619: 1314 NGROUPS_MAX and NGROUPS have been increased from 16 to 1023 and 1024 1315 respectively. As long as no more than 16 groups per process are used, 1316 no changes should be visible. When more than 16 groups are used, old 1317 binaries may fail if they call getgroups() or getgrouplist() with 1318 statically sized storage. Recompiling will work around this, but 1319 applications should be modified to use dynamically allocated storage 1320 for group arrays as POSIX.1-2008 does not cap an implementation's 1321 number of supported groups at NGROUPS_MAX+1 as previous versions did. 1322 1323 NFS and portalfs mounts may also be affected as the list of groups is 1324 truncated to 16. Users of NFS who use more than 16 groups, should 1325 take care that negative group permissions are not used on the exported 1326 file systems as they will not be reliable unless a GSSAPI based 1327 authentication method is used. 1328 132920090616: 1330 The compiling option ADAPTIVE_LOCKMGRS has been introduced. This 1331 option compiles in the support for adaptive spinning for lockmgrs 1332 which want to enable it. The lockinit() function now accepts the flag 1333 LK_ADAPTIVE in order to make the lock object subject to adaptive 1334 spinning when both held in write and read mode. 1335 133620090613: 1337 The layout of the structure returned by IEEE80211_IOC_STA_INFO has 1338 changed. User applications that use this ioctl need to be rebuilt. 1339 134020090611: 1341 The layout of struct thread has changed. Kernel and modules need to 1342 be rebuilt. 1343 134420090608: 1345 The layout of structs ifnet, domain, protosw and vnet_net has changed. 1346 Kernel modules need to be rebuilt. Bump __FreeBSD_version to 800097. 1347 134820090602: 1349 window(1) has been removed from the base system. It can now be 1350 installed from ports. The port is called misc/window. 1351 135220090601: 1353 The way we are storing and accessing `routing table' entries has 1354 changed. Programs reading the FIB, like netstat, need to be 1355 re-compiled. 1356 135720090601: 1358 A new netisr implementation has been added for FreeBSD 8. Network 1359 file system modules, such as igmp, ipdivert, and others, should be 1360 rebuilt. 1361 Bump __FreeBSD_version to 800096. 1362 136320090530: 1364 Remove the tunable/sysctl debug.mpsafevfs as its initial purpose is no 1365 more valid. 1366 136720090530: 1368 Add VOP_ACCESSX(9). File system modules need to be rebuilt. 1369 Bump __FreeBSD_version to 800094. 1370 137120090529: 1372 Add mnt_xflag field to 'struct mount'. File system modules need to be 1373 rebuilt. 1374 Bump __FreeBSD_version to 800093. 1375 137620090528: 1377 The compiling option ADAPTIVE_SX has been retired while it has been 1378 introduced the option NO_ADAPTIVE_SX which handles the reversed logic. 1379 The KPI for sx_init_flags() changes as accepting flags: 1380 SX_ADAPTIVESPIN flag has been retired while the SX_NOADAPTIVE flag has 1381 been introduced in order to handle the reversed logic. 1382 Bump __FreeBSD_version to 800092. 1383 138420090527: 1385 Add support for hierarchical jails. Remove global securelevel. 1386 Bump __FreeBSD_version to 800091. 1387 138820090523: 1389 The layout of struct vnet_net has changed, therefore modules 1390 need to be rebuilt. 1391 Bump __FreeBSD_version to 800090. 1392 139320090523: 1394 The newly imported zic(8) produces a new format in the output. Please 1395 run tzsetup(8) to install the newly created data to /etc/localtime. 1396 139720090520: 1398 The sysctl tree for the usb stack has renamed from hw.usb2.* to 1399 hw.usb.* and is now consistent again with previous releases. 1400 140120090520: 1402 802.11 monitor mode support was revised and driver api's were changed. 1403 Drivers dependent on net80211 now support DLT_IEEE802_11_RADIO instead 1404 of DLT_IEEE802_11. No user-visible data structures were changed but 1405 applications that use DLT_IEEE802_11 may require changes. 1406 Bump __FreeBSD_version to 800088. 1407 140820090430: 1409 The layout of the following structs has changed: sysctl_oid, 1410 socket, ifnet, inpcbinfo, tcpcb, syncache_head, vnet_inet, 1411 vnet_inet6 and vnet_ipfw. Most modules need to be rebuild or 1412 panics may be experienced. World rebuild is required for 1413 correctly checking networking state from userland. 1414 Bump __FreeBSD_version to 800085. 1415 141620090429: 1417 MLDv2 and Source-Specific Multicast (SSM) have been merged 1418 to the IPv6 stack. VIMAGE hooks are in but not yet used. 1419 The implementation of SSM within FreeBSD's IPv6 stack closely 1420 follows the IPv4 implementation. 1421 1422 For kernel developers: 1423 1424 * The most important changes are that the ip6_output() and 1425 ip6_input() paths no longer take the IN6_MULTI_LOCK, 1426 and this lock has been downgraded to a non-recursive mutex. 1427 1428 * As with the changes to the IPv4 stack to support SSM, filtering 1429 of inbound multicast traffic must now be performed by transport 1430 protocols within the IPv6 stack. This does not apply to TCP and 1431 SCTP, however, it does apply to UDP in IPv6 and raw IPv6. 1432 1433 * The KPIs used by IPv6 multicast are similar to those used by 1434 the IPv4 stack, with the following differences: 1435 * im6o_mc_filter() is analogous to imo_multicast_filter(). 1436 * The legacy KAME entry points in6_joingroup and in6_leavegroup() 1437 are shimmed to in6_mc_join() and in6_mc_leave() respectively. 1438 * IN6_LOOKUP_MULTI() has been deprecated and removed. 1439 * IPv6 relies on MLD for the DAD mechanism. KAME's internal KPIs 1440 for MLDv1 have an additional 'timer' argument which is used to 1441 jitter the initial membership report for the solicited-node 1442 multicast membership on-link. 1443 * This is not strictly needed for MLDv2, which already jitters 1444 its report transmissions. However, the 'timer' argument is 1445 preserved in case MLDv1 is active on the interface. 1446 1447 * The KAME linked-list based IPv6 membership implementation has 1448 been refactored to use a vector similar to that used by the IPv4 1449 stack. 1450 Code which maintains a list of its own multicast memberships 1451 internally, e.g. carp, has been updated to reflect the new 1452 semantics. 1453 1454 * There is a known Lock Order Reversal (LOR) due to in6_setscope() 1455 acquiring the IF_AFDATA_LOCK and being called within ip6_output(). 1456 Whilst MLDv2 tries to avoid this otherwise benign LOR, it is an 1457 implementation constraint which needs to be addressed in HEAD. 1458 1459 For application developers: 1460 1461 * The changes are broadly similar to those made for the IPv4 1462 stack. 1463 1464 * The use of IPv4 and IPv6 multicast socket options on the same 1465 socket, using mapped addresses, HAS NOT been tested or supported. 1466 1467 * There are a number of issues with the implementation of various 1468 IPv6 multicast APIs which need to be resolved in the API surface 1469 before the implementation is fully compatible with KAME userland 1470 use, and these are mostly to do with interface index treatment. 1471 1472 * The literature available discusses the use of either the delta / ASM 1473 API with setsockopt(2)/getsockopt(2), or the full-state / ASM API 1474 using setsourcefilter(3)/getsourcefilter(3). For more information 1475 please refer to RFC 3768, 'Socket Interface Extensions for 1476 Multicast Source Filters'. 1477 1478 * Applications which use the published RFC 3678 APIs should be fine. 1479 1480 For systems administrators: 1481 1482 * The mtest(8) utility has been refactored to support IPv6, in 1483 addition to IPv4. Interface addresses are no longer accepted 1484 as arguments, their names must be used instead. The utility 1485 will map the interface name to its first IPv4 address as 1486 returned by getifaddrs(3). 1487 1488 * The ifmcstat(8) utility has also been updated to print the MLDv2 1489 endpoint state and source filter lists via sysctl(3). 1490 1491 * The net.inet6.ip6.mcast.loop sysctl may be tuned to 0 to disable 1492 loopback of IPv6 multicast datagrams by default; it defaults to 1 1493 to preserve the existing behaviour. Disabling multicast loopback is 1494 recommended for optimal system performance. 1495 1496 * The IPv6 MROUTING code has been changed to examine this sysctl 1497 instead of attempting to perform a group lookup before looping 1498 back forwarded datagrams. 1499 1500 Bump __FreeBSD_version to 800084. 1501 150220090422: 1503 Implement low-level Bluetooth HCI API. 1504 Bump __FreeBSD_version to 800083. 1505 150620090419: 1507 The layout of struct malloc_type, used by modules to register new 1508 memory allocation types, has changed. Most modules will need to 1509 be rebuilt or panics may be experienced. 1510 Bump __FreeBSD_version to 800081. 1511 151220090415: 1513 Anticipate overflowing inp_flags - add inp_flags2. 1514 This changes most offsets in inpcb, so checking v4 connection 1515 state will require a world rebuild. 1516 Bump __FreeBSD_version to 800080. 1517 151820090415: 1519 Add an llentry to struct route and struct route_in6. Modules 1520 embedding a struct route will need to be recompiled. 1521 Bump __FreeBSD_version to 800079. 1522 152320090414: 1524 The size of rt_metrics_lite and by extension rtentry has changed. 1525 Networking administration apps will need to be recompiled. 1526 The route command now supports show as an alias for get, weighting 1527 of routes, sticky and nostick flags to alter the behavior of stateful 1528 load balancing. 1529 Bump __FreeBSD_version to 800078. 1530 153120090408: 1532 Do not use Giant for kbdmux(4) locking. This is wrong and 1533 apparently causing more problems than it solves. This will 1534 re-open the issue where interrupt handlers may race with 1535 kbdmux(4) in polling mode. Typical symptoms include (but 1536 not limited to) duplicated and/or missing characters when 1537 low level console functions (such as gets) are used while 1538 interrupts are enabled (for example geli password prompt, 1539 mountroot prompt etc.). Disabling kbdmux(4) may help. 1540 154120090407: 1542 The size of structs vnet_net, vnet_inet and vnet_ipfw has changed; 1543 kernel modules referencing any of the above need to be recompiled. 1544 Bump __FreeBSD_version to 800075. 1545 154620090320: 1547 GEOM_PART has become the default partition slicer for storage devices, 1548 replacing GEOM_MBR, GEOM_BSD, GEOM_PC98 and GEOM_GPT slicers. It 1549 introduces some changes: 1550 1551 MSDOS/EBR: the devices created from MSDOS extended partition entries 1552 (EBR) can be named differently than with GEOM_MBR and are now symlinks 1553 to devices with offset-based names. fstabs may need to be modified. 1554 1555 BSD: the "geometry does not match label" warning is harmless in most 1556 cases but it points to problems in file system misalignment with 1557 disk geometry. The "c" partition is now implicit, covers the whole 1558 top-level drive and cannot be (mis)used by users. 1559 1560 General: Kernel dumps are now not allowed to be written to devices 1561 whose partition types indicate they are meant to be used for file 1562 systems (or, in case of MSDOS partitions, as something else than 1563 the "386BSD" type). 1564 1565 Most of these changes date approximately from 200812. 1566 156720090319: 1568 The uscanner(4) driver has been removed from the kernel. This follows 1569 Linux removing theirs in 2.6 and making libusb the default interface 1570 (supported by sane). 1571 157220090319: 1573 The multicast forwarding code has been cleaned up. netstat(1) 1574 only relies on KVM now for printing bandwidth upcall meters. 1575 The IPv4 and IPv6 modules are split into ip_mroute_mod and 1576 ip6_mroute_mod respectively. The config(5) options for statically 1577 compiling this code remain the same, i.e. 'options MROUTING'. 1578 157920090315: 1580 Support for the IFF_NEEDSGIANT network interface flag has been 1581 removed, which means that non-MPSAFE network device drivers are no 1582 longer supported. In particular, if_ar, if_sr, and network device 1583 drivers from the old (legacy) USB stack can no longer be built or 1584 used. 1585 158620090313: 1587 POSIX.1 Native Language Support (NLS) has been enabled in libc and 1588 a bunch of new language catalog files have also been added. 1589 This means that some common libc messages are now localized and 1590 they depend on the LC_MESSAGES environmental variable. 1591 159220090313: 1593 The k8temp(4) driver has been renamed to amdtemp(4) since 1594 support for Family 10 and Family 11 CPU families was added. 1595 159620090309: 1597 IGMPv3 and Source-Specific Multicast (SSM) have been merged 1598 to the IPv4 stack. VIMAGE hooks are in but not yet used. 1599 1600 For kernel developers, the most important changes are that the 1601 ip_output() and ip_input() paths no longer take the IN_MULTI_LOCK(), 1602 and this lock has been downgraded to a non-recursive mutex. 1603 1604 Transport protocols (UDP, Raw IP) are now responsible for filtering 1605 inbound multicast traffic according to group membership and source 1606 filters. The imo_multicast_filter() KPI exists for this purpose. 1607 Transports which do not use multicast (SCTP, TCP) already reject 1608 multicast by default. Forwarding and receive performance may improve 1609 as a mutex acquisition is no longer needed in the ip_input() 1610 low-level input path. in_addmulti() and in_delmulti() are shimmed 1611 to new KPIs which exist to support SSM in-kernel. 1612 1613 For application developers, it is recommended that loopback of 1614 multicast datagrams be disabled for best performance, as this 1615 will still cause the lock to be taken for each looped-back 1616 datagram transmission. The net.inet.ip.mcast.loop sysctl may 1617 be tuned to 0 to disable loopback by default; it defaults to 1 1618 to preserve the existing behaviour. 1619 1620 For systems administrators, to obtain best performance with 1621 multicast reception and multiple groups, it is always recommended 1622 that a card with a suitably precise hash filter is used. Hash 1623 collisions will still result in the lock being taken within the 1624 transport protocol input path to check group membership. 1625 1626 If deploying FreeBSD in an environment with IGMP snooping switches, 1627 it is recommended that the net.inet.igmp.sendlocal sysctl remain 1628 enabled; this forces 224.0.0.0/24 group membership to be announced 1629 via IGMP. 1630 1631 The size of 'struct igmpstat' has changed; netstat needs to be 1632 recompiled to reflect this. 1633 Bump __FreeBSD_version to 800070. 1634 163520090309: 1636 libusb20.so.1 is now installed as libusb.so.1 and the ports system 1637 updated to use it. This requires a buildworld/installworld in order to 1638 update the library and dependencies (usbconfig, etc). Its advisable to 1639 rebuild all ports which uses libusb. More specific directions are given 1640 in the ports collection UPDATING file. Any /etc/libmap.conf entries for 1641 libusb are no longer required and can be removed. 1642 164320090302: 1644 A workaround is committed to allow the creation of System V shared 1645 memory segment of size > 2 GB on the 64-bit architectures. 1646 Due to a limitation of the existing ABI, the shm_segsz member 1647 of the struct shmid_ds, returned by shmctl(IPC_STAT) call is 1648 wrong for large segments. Note that limits must be explicitly 1649 raised to allow such segments to be created. 1650 165120090301: 1652 The layout of struct ifnet has changed, requiring a rebuild of all 1653 network device driver modules. 1654 165520090227: 1656 The /dev handling for the new USB stack has changed, a 1657 buildworld/installworld is required for libusb20. 1658 165920090223: 1660 The new USB2 stack has now been permanently moved in and all kernel and 1661 module names reverted to their previous values (eg, usb, ehci, ohci, 1662 ums, ...). The old usb stack can be compiled in by prefixing the name 1663 with the letter 'o', the old usb modules have been removed. 1664 Updating entry 20090216 for xorg and 20090215 for libmap may still 1665 apply. 1666 166720090217: 1668 The rc.conf(5) option if_up_delay has been renamed to 1669 defaultroute_delay to better reflect its purpose. If you have 1670 customized this setting in /etc/rc.conf you need to update it to 1671 use the new name. 1672 167320090216: 1674 xorg 7.4 wants to configure its input devices via hald which does not 1675 yet work with USB2. If the keyboard/mouse does not work in xorg then 1676 add 1677 Option "AllowEmptyInput" "off" 1678 to your ServerLayout section. This will cause X to use the configured 1679 kbd and mouse sections from your xorg.conf. 1680 168120090215: 1682 The GENERIC kernels for all architectures now default to the new USB2 1683 stack. No kernel config options or code have been removed so if a 1684 problem arises please report it and optionally revert to the old USB 1685 stack. If you are loading USB kernel modules or have a custom kernel 1686 that includes GENERIC then ensure that usb names are also changed over, 1687 eg uftdi -> usb2_serial_ftdi. 1688 1689 Older programs linked against the ports libusb 0.1 need to be 1690 redirected to the new stack's libusb20. /etc/libmap.conf can 1691 be used for this: 1692 # Map old usb library to new one for usb2 stack 1693 libusb-0.1.so.8 libusb20.so.1 1694 169520090209: 1696 All USB ethernet devices now attach as interfaces under the name ueN 1697 (eg. ue0). This is to provide a predictable name as vendors often 1698 change usb chipsets in a product without notice. 1699 170020090203: 1701 The ichsmb(4) driver has been changed to require SMBus slave 1702 addresses be left-justified (xxxxxxx0b) rather than right-justified. 1703 All of the other SMBus controller drivers require left-justified 1704 slave addresses, so this change makes all the drivers provide the 1705 same interface. 1706 170720090201: 1708 INET6 statistics (struct ip6stat) was updated. 1709 netstat(1) needs to be recompiled. 1710 171120090119: 1712 NTFS has been removed from GENERIC kernel on amd64 to match 1713 GENERIC on i386. Should not cause any issues since mount_ntfs(8) 1714 will load ntfs.ko module automatically when NTFS support is 1715 actually needed, unless ntfs.ko is not installed or security 1716 level prohibits loading kernel modules. If either is the case, 1717 "options NTFS" has to be added into kernel config. 1718 171920090115: 1720 TCP Appropriate Byte Counting (RFC 3465) support added to kernel. 1721 New field in struct tcpcb breaks ABI, so bump __FreeBSD_version to 1722 800061. User space tools that rely on the size of struct tcpcb in 1723 tcp_var.h (e.g. sockstat) need to be recompiled. 1724 172520081225: 1726 ng_tty(4) module updated to match the new TTY subsystem. 1727 Due to API change, user-level applications must be updated. 1728 New API support added to mpd5 CVS and expected to be present 1729 in next mpd5.3 release. 1730 173120081219: 1732 With __FreeBSD_version 800060 the makefs tool is part of 1733 the base system (it was a port). 1734 173520081216: 1736 The afdata and ifnet locks have been changed from mutexes to 1737 rwlocks, network modules will need to be re-compiled. 1738 173920081214: 1740 __FreeBSD_version 800059 incorporates the new arp-v2 rewrite. 1741 RTF_CLONING, RTF_LLINFO and RTF_WASCLONED flags are eliminated. 1742 The new code reduced struct rtentry{} by 16 bytes on 32-bit 1743 architecture and 40 bytes on 64-bit architecture. The userland 1744 applications "arp" and "ndp" have been updated accordingly. 1745 The output from "netstat -r" shows only routing entries and 1746 none of the L2 information. 1747 174820081130: 1749 __FreeBSD_version 800057 marks the switchover from the 1750 binary ath hal to source code. Users must add the line: 1751 1752 options AH_SUPPORT_AR5416 1753 1754 to their kernel config files when specifying: 1755 1756 device ath_hal 1757 1758 The ath_hal module no longer exists; the code is now compiled 1759 together with the driver in the ath module. It is now 1760 possible to tailor chip support (i.e. reduce the set of chips 1761 and thereby the code size); consult ath_hal(4) for details. 1762 176320081121: 1764 __FreeBSD_version 800054 adds memory barriers to 1765 <machine/atomic.h>, new interfaces to ifnet to facilitate 1766 multiple hardware transmit queues for cards that support 1767 them, and a lock-less ring-buffer implementation to 1768 enable drivers to more efficiently manage queueing of 1769 packets. 1770 177120081117: 1772 A new version of ZFS (version 13) has been merged to -HEAD. 1773 This version has zpool attribute "listsnapshots" off by 1774 default, which means "zfs list" does not show snapshots, 1775 and is the same as Solaris behavior. 1776 177720081028: 1778 dummynet(4) ABI has changed. ipfw(8) needs to be recompiled. 1779 178020081009: 1781 The uhci, ohci, ehci and slhci USB Host controller drivers have 1782 been put into separate modules. If you load the usb module 1783 separately through loader.conf you will need to load the 1784 appropriate *hci module as well. E.g. for a UHCI-based USB 2.0 1785 controller add the following to loader.conf: 1786 1787 uhci_load="YES" 1788 ehci_load="YES" 1789 179020081009: 1791 The ABI used by the PMC toolset has changed. Please keep 1792 userland (libpmc(3)) and the kernel module (hwpmc(4)) in 1793 sync. 1794 179520081009: 1796 atapci kernel module now includes only generic PCI ATA 1797 driver. AHCI driver moved to ataahci kernel module. 1798 All vendor-specific code moved into separate kernel modules: 1799 ataacard, ataacerlabs, ataadaptec, ataamd, ataati, atacenatek, 1800 atacypress, atacyrix, atahighpoint, ataintel, ataite, atajmicron, 1801 atamarvell, atamicron, atanational, atanetcell, atanvidia, 1802 atapromise, ataserverworks, atasiliconimage, atasis, atavia 1803 180420080820: 1805 The TTY subsystem of the kernel has been replaced by a new 1806 implementation, which provides better scalability and an 1807 improved driver model. Most common drivers have been migrated to 1808 the new TTY subsystem, while others have not. The following 1809 drivers have not yet been ported to the new TTY layer: 1810 1811 PCI/ISA: 1812 cy, digi, rc, rp, sio 1813 1814 USB: 1815 ubser, ucycom 1816 1817 Line disciplines: 1818 ng_h4, ng_tty, ppp, sl, snp 1819 1820 Adding these drivers to your kernel configuration file shall 1821 cause compilation to fail. 1822 182320080818: 1824 ntpd has been upgraded to 4.2.4p5. 1825 182620080801: 1827 OpenSSH has been upgraded to 5.1p1. 1828 1829 For many years, FreeBSD's version of OpenSSH preferred DSA 1830 over RSA for host and user authentication keys. With this 1831 upgrade, we've switched to the vendor's default of RSA over 1832 DSA. This may cause upgraded clients to warn about unknown 1833 host keys even for previously known hosts. Users should 1834 follow the usual procedure for verifying host keys before 1835 accepting the RSA key. 1836 1837 This can be circumvented by setting the "HostKeyAlgorithms" 1838 option to "ssh-dss,ssh-rsa" in ~/.ssh/config or on the ssh 1839 command line. 1840 1841 Please note that the sequence of keys offered for 1842 authentication has been changed as well. You may want to 1843 specify IdentityFile in a different order to revert this 1844 behavior. 1845 184620080713: 1847 The sio(4) driver has been removed from the i386 and amd64 1848 kernel configuration files. This means uart(4) is now the 1849 default serial port driver on those platforms as well. 1850 1851 To prevent collisions with the sio(4) driver, the uart(4) driver 1852 uses different names for its device nodes. This means the 1853 onboard serial port will now most likely be called "ttyu0" 1854 instead of "ttyd0". You may need to reconfigure applications to 1855 use the new device names. 1856 1857 When using the serial port as a boot console, be sure to update 1858 /boot/device.hints and /etc/ttys before booting the new kernel. 1859 If you forget to do so, you can still manually specify the hints 1860 at the loader prompt: 1861 1862 set hint.uart.0.at="isa" 1863 set hint.uart.0.port="0x3F8" 1864 set hint.uart.0.flags="0x10" 1865 set hint.uart.0.irq="4" 1866 boot -s 1867 186820080609: 1869 The gpt(8) utility has been removed. Use gpart(8) to partition 1870 disks instead. 1871 187220080603: 1873 The version that Linuxulator emulates was changed from 2.4.2 1874 to 2.6.16. If you experience any problems with Linux binaries 1875 please try to set sysctl compat.linux.osrelease to 2.4.2 and 1876 if it fixes the problem contact emulation mailing list. 1877 187820080525: 1879 ISDN4BSD (I4B) was removed from the src tree. You may need to 1880 update a your kernel configuration and remove relevant entries. 1881 188220080509: 1883 I have checked in code to support multiple routing tables. 1884 See the man pages setfib(1) and setfib(2). 1885 This is a hopefully backwards compatible version, 1886 but to make use of it you need to compile your kernel 1887 with options ROUTETABLES=2 (or more up to 16). 1888 188920080420: 1890 The 802.11 wireless support was redone to enable multi-bss 1891 operation on devices that are capable. The underlying device 1892 is no longer used directly but instead wlanX devices are 1893 cloned with ifconfig. This requires changes to rc.conf files. 1894 For example, change: 1895 ifconfig_ath0="WPA DHCP" 1896 to 1897 wlans_ath0=wlan0 1898 ifconfig_wlan0="WPA DHCP" 1899 see rc.conf(5) for more details. In addition, mergemaster of 1900 /etc/rc.d is highly recommended. Simultaneous update of userland 1901 and kernel wouldn't hurt either. 1902 1903 As part of the multi-bss changes the wlan_scan_ap and wlan_scan_sta 1904 modules were merged into the base wlan module. All references 1905 to these modules (e.g. in kernel config files) must be removed. 1906 190720080408: 1908 psm(4) has gained write(2) support in native operation level. 1909 Arbitrary commands can be written to /dev/psm%d and status can 1910 be read back from it. Therefore, an application is responsible 1911 for status validation and error recovery. It is a no-op in 1912 other operation levels. 1913 191420080312: 1915 Support for KSE threading has been removed from the kernel. To 1916 run legacy applications linked against KSE libmap.conf may 1917 be used. The following libmap.conf may be used to ensure 1918 compatibility with any prior release: 1919 1920 libpthread.so.1 libthr.so.1 1921 libpthread.so.2 libthr.so.2 1922 libkse.so.3 libthr.so.3 1923 192420080301: 1925 The layout of struct vmspace has changed. This affects libkvm 1926 and any executables that link against libkvm and use the 1927 kvm_getprocs() function. In particular, but not exclusively, 1928 it affects ps(1), fstat(1), pkill(1), systat(1), top(1) and w(1). 1929 The effects are minimal, but it's advisable to upgrade world 1930 nonetheless. 1931 193220080229: 1933 The latest em driver no longer has support in it for the 1934 82575 adapter, this is now moved to the igb driver. The 1935 split was done to make new features that are incompatible 1936 with older hardware easier to do. 1937 193820080220: 1939 The new geom_lvm(4) geom class has been renamed to geom_linux_lvm(4), 1940 likewise the kernel option is now GEOM_LINUX_LVM. 1941 194220080211: 1943 The default NFS mount mode has changed from UDP to TCP for 1944 increased reliability. If you rely on (insecurely) NFS 1945 mounting across a firewall you may need to update your 1946 firewall rules. 1947 194820080208: 1949 Belatedly note the addition of m_collapse for compacting 1950 mbuf chains. 1951 195220080126: 1953 The fts(3) structures have been changed to use adequate 1954 integer types for their members and so to be able to cope 1955 with huge file trees. The old fts(3) ABI is preserved 1956 through symbol versioning in libc, so third-party binaries 1957 using fts(3) should still work, although they will not take 1958 advantage of the extended types. At the same time, some 1959 third-party software might fail to build after this change 1960 due to unportable assumptions made in its source code about 1961 fts(3) structure members. Such software should be fixed 1962 by its vendor or, in the worst case, in the ports tree. 1963 FreeBSD_version 800015 marks this change for the unlikely 1964 case that a portable fix is impossible. 1965 196620080123: 1967 To upgrade to -current after this date, you must be running 1968 FreeBSD not older than 6.0-RELEASE. Upgrading to -current 1969 from 5.x now requires a stop over at RELENG_6 or RELENG_7 systems. 1970 197120071128: 1972 The ADAPTIVE_GIANT kernel option has been retired because its 1973 functionality is the default now. 1974 197520071118: 1976 The AT keyboard emulation of sunkbd(4) has been turned on 1977 by default. In order to make the special symbols of the Sun 1978 keyboards driven by sunkbd(4) work under X these now have 1979 to be configured the same way as Sun USB keyboards driven 1980 by ukbd(4) (which also does AT keyboard emulation), f.e.: 1981 1982 Option "XkbLayout" "us" 1983 Option "XkbRules" "xorg" 1984 Option "XkbSymbols" "pc(pc105)+sun_vndr/usb(sun_usb)+us" 1985 198620071024: 1987 It has been decided that it is desirable to provide ABI 1988 backwards compatibility to the FreeBSD 4/5/6 versions of the 1989 PCIOCGETCONF, PCIOCREAD and PCIOCWRITE IOCTLs, which was 1990 broken with the introduction of PCI domain support (see the 1991 20070930 entry). Unfortunately, this required the ABI of 1992 PCIOCGETCONF to be broken again in order to be able to 1993 provide backwards compatibility to the old version of that 1994 IOCTL. Thus consumers of PCIOCGETCONF have to be recompiled 1995 again. As for prominent ports this affects neither pciutils 1996 nor xorg-server this time, the hal port needs to be rebuilt 1997 however. 1998 199920071020: 2000 The misnamed kthread_create() and friends have been renamed 2001 to kproc_create() etc. Many of the callers already 2002 used kproc_start().. 2003 I will return kthread_create() and friends in a while 2004 with implementations that actually create threads, not procs. 2005 Renaming corresponds with version 800002. 2006 200720071010: 2008 RELENG_7 branched. 2009 2010COMMON ITEMS: 2011 2012 General Notes 2013 ------------- 2014 Avoid using make -j when upgrading. While generally safe, there are 2015 sometimes problems using -j to upgrade. If your upgrade fails with 2016 -j, please try again without -j. From time to time in the past there 2017 have been problems using -j with buildworld and/or installworld. This 2018 is especially true when upgrading between "distant" versions (eg one 2019 that cross a major release boundary or several minor releases, or when 2020 several months have passed on the -current branch). 2021 2022 Sometimes, obscure build problems are the result of environment 2023 poisoning. This can happen because the make utility reads its 2024 environment when searching for values for global variables. To run 2025 your build attempts in an "environmental clean room", prefix all make 2026 commands with 'env -i '. See the env(1) manual page for more details. 2027 2028 When upgrading from one major version to another it is generally best 2029 to upgrade to the latest code in the currently installed branch first, 2030 then do an upgrade to the new branch. This is the best-tested upgrade 2031 path, and has the highest probability of being successful. Please try 2032 this approach before reporting problems with a major version upgrade. 2033 2034 When upgrading a live system, having a root shell around before 2035 installing anything can help undo problems. Not having a root shell 2036 around can lead to problems if pam has changed too much from your 2037 starting point to allow continued authentication after the upgrade. 2038 2039 ZFS notes 2040 --------- 2041 When upgrading the boot ZFS pool to a new version, always follow 2042 these two steps: 2043 2044 1.) recompile and reinstall the ZFS boot loader and boot block 2045 (this is part of "make buildworld" and "make installworld") 2046 2047 2.) update the ZFS boot block on your boot drive 2048 2049 The following example updates the ZFS boot block on the first 2050 partition (freebsd-boot) of a GPT partitioned drive ad0: 2051 "gpart bootcode -p /boot/gptzfsboot -i 1 ad0" 2052 2053 Non-boot pools do not need these updates. 2054 2055 To build a kernel 2056 ----------------- 2057 If you are updating from a prior version of FreeBSD (even one just 2058 a few days old), you should follow this procedure. It is the most 2059 failsafe as it uses a /usr/obj tree with a fresh mini-buildworld, 2060 2061 make kernel-toolchain 2062 make -DALWAYS_CHECK_MAKE buildkernel KERNCONF=YOUR_KERNEL_HERE 2063 make -DALWAYS_CHECK_MAKE installkernel KERNCONF=YOUR_KERNEL_HERE 2064 2065 To test a kernel once 2066 --------------------- 2067 If you just want to boot a kernel once (because you are not sure 2068 if it works, or if you want to boot a known bad kernel to provide 2069 debugging information) run 2070 make installkernel KERNCONF=YOUR_KERNEL_HERE KODIR=/boot/testkernel 2071 nextboot -k testkernel 2072 2073 To just build a kernel when you know that it won't mess you up 2074 -------------------------------------------------------------- 2075 This assumes you are already running a CURRENT system. Replace 2076 ${arch} with the architecture of your machine (e.g. "i386", 2077 "arm", "amd64", "ia64", "pc98", "sparc64", "powerpc", "mips", etc). 2078 2079 cd src/sys/${arch}/conf 2080 config KERNEL_NAME_HERE 2081 cd ../compile/KERNEL_NAME_HERE 2082 make depend 2083 make 2084 make install 2085 2086 If this fails, go to the "To build a kernel" section. 2087 2088 To rebuild everything and install it on the current system. 2089 ----------------------------------------------------------- 2090 # Note: sometimes if you are running current you gotta do more than 2091 # is listed here if you are upgrading from a really old current. 2092 2093 <make sure you have good level 0 dumps> 2094 make buildworld 2095 make kernel KERNCONF=YOUR_KERNEL_HERE 2096 [1] 2097 <reboot in single user> [3] 2098 mergemaster -p [5] 2099 make installworld 2100 mergemaster -i [4] 2101 make delete-old [6] 2102 <reboot> 2103 2104 To cross-install current onto a separate partition 2105 -------------------------------------------------- 2106 # In this approach we use a separate partition to hold 2107 # current's root, 'usr', and 'var' directories. A partition 2108 # holding "/", "/usr" and "/var" should be about 2GB in 2109 # size. 2110 2111 <make sure you have good level 0 dumps> 2112 <boot into -stable> 2113 make buildworld 2114 make buildkernel KERNCONF=YOUR_KERNEL_HERE 2115 <maybe newfs current's root partition> 2116 <mount current's root partition on directory ${CURRENT_ROOT}> 2117 make installworld DESTDIR=${CURRENT_ROOT} 2118 make distribution DESTDIR=${CURRENT_ROOT} # if newfs'd 2119 make installkernel KERNCONF=YOUR_KERNEL_HERE DESTDIR=${CURRENT_ROOT} 2120 cp /etc/fstab ${CURRENT_ROOT}/etc/fstab # if newfs'd 2121 <edit ${CURRENT_ROOT}/etc/fstab to mount "/" from the correct partition> 2122 <reboot into current> 2123 <do a "native" rebuild/install as described in the previous section> 2124 <maybe install compatibility libraries from ports/misc/compat*> 2125 <reboot> 2126 2127 2128 To upgrade in-place from stable to current 2129 ---------------------------------------------- 2130 <make sure you have good level 0 dumps> 2131 make buildworld [9] 2132 make kernel KERNCONF=YOUR_KERNEL_HERE [8] 2133 [1] 2134 <reboot in single user> [3] 2135 mergemaster -p [5] 2136 make installworld 2137 mergemaster -i [4] 2138 make delete-old [6] 2139 <reboot> 2140 2141 Make sure that you've read the UPDATING file to understand the 2142 tweaks to various things you need. At this point in the life 2143 cycle of current, things change often and you are on your own 2144 to cope. The defaults can also change, so please read ALL of 2145 the UPDATING entries. 2146 2147 Also, if you are tracking -current, you must be subscribed to 2148 freebsd-current@freebsd.org. Make sure that before you update 2149 your sources that you have read and understood all the recent 2150 messages there. If in doubt, please track -stable which has 2151 much fewer pitfalls. 2152 2153 [1] If you have third party modules, such as vmware, you 2154 should disable them at this point so they don't crash your 2155 system on reboot. 2156 2157 [3] From the bootblocks, boot -s, and then do 2158 fsck -p 2159 mount -u / 2160 mount -a 2161 cd src 2162 adjkerntz -i # if CMOS is wall time 2163 Also, when doing a major release upgrade, it is required that 2164 you boot into single user mode to do the installworld. 2165 2166 [4] Note: This step is non-optional. Failure to do this step 2167 can result in a significant reduction in the functionality of the 2168 system. Attempting to do it by hand is not recommended and those 2169 that pursue this avenue should read this file carefully, as well 2170 as the archives of freebsd-current and freebsd-hackers mailing lists 2171 for potential gotchas. The -U option is also useful to consider. 2172 See mergemaster(8) for more information. 2173 2174 [5] Usually this step is a noop. However, from time to time 2175 you may need to do this if you get unknown user in the following 2176 step. It never hurts to do it all the time. You may need to 2177 install a new mergemaster (cd src/usr.sbin/mergemaster && make 2178 install) after the buildworld before this step if you last updated 2179 from current before 20130425 or from -stable before 20130430. 2180 2181 [6] This only deletes old files and directories. Old libraries 2182 can be deleted by "make delete-old-libs", but you have to make 2183 sure that no program is using those libraries anymore. 2184 2185 [8] In order to have a kernel that can run the 4.x binaries needed to 2186 do an installworld, you must include the COMPAT_FREEBSD4 option in 2187 your kernel. Failure to do so may leave you with a system that is 2188 hard to boot to recover. A similar kernel option COMPAT_FREEBSD5 is 2189 required to run the 5.x binaries on more recent kernels. And so on 2190 for COMPAT_FREEBSD6 and COMPAT_FREEBSD7. 2191 2192 Make sure that you merge any new devices from GENERIC since the 2193 last time you updated your kernel config file. 2194 2195 [9] When checking out sources, you must include the -P flag to have 2196 cvs prune empty directories. 2197 2198 If CPUTYPE is defined in your /etc/make.conf, make sure to use the 2199 "?=" instead of the "=" assignment operator, so that buildworld can 2200 override the CPUTYPE if it needs to. 2201 2202 MAKEOBJDIRPREFIX must be defined in an environment variable, and 2203 not on the command line, or in /etc/make.conf. buildworld will 2204 warn if it is improperly defined. 2205FORMAT: 2206 2207This file contains a list, in reverse chronological order, of major 2208breakages in tracking -current. It is not guaranteed to be a complete 2209list of such breakages, and only contains entries since October 10, 2007. 2210If you need to see UPDATING entries from before that date, you will need 2211to fetch an UPDATING file from an older FreeBSD release. 2212 2213Copyright information: 2214 2215Copyright 1998-2009 M. Warner Losh. All Rights Reserved. 2216 2217Redistribution, publication, translation and use, with or without 2218modification, in full or in part, in any form or format of this 2219document are permitted without further permission from the author. 2220 2221THIS DOCUMENT IS PROVIDED BY WARNER LOSH ``AS IS'' AND ANY EXPRESS OR 2222IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 2223WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 2224DISCLAIMED. IN NO EVENT SHALL WARNER LOSH BE LIABLE FOR ANY DIRECT, 2225INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 2226(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 2227SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 2228HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 2229STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING 2230IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 2231POSSIBILITY OF SUCH DAMAGE. 2232 2233Contact Warner Losh if you have any questions about your use of 2234this document. 2235 2236$FreeBSD: releng/10.1/UPDATING 284536 2015-06-18 05:36:45Z delphij $ 2237