FreeBSD 8.1-RELEASE Release Notes
The FreeBSD Project
Copyright © 2010 The FreeBSD Documentation Project
$FreeBSD:
stable/8/release/doc/en_US.ISO8859-1/relnotes/article.sgml 210449
2010-07-24 17:44:31Z hrs $
FreeBSD is a registered trademark of the FreeBSD Foundation.
IBM, AIX, EtherJet, Netfinity, OS/2, PowerPC, PS/2, S/390, and ThinkPad are trademarks of International Business Machines Corporation in the United States, other countries, or both.
IEEE, POSIX, and 802 are registered trademarks of Institute of Electrical and Electronics Engineers, Inc. in the United States.
Intel, Celeron, EtherExpress, i386, i486, Itanium, Pentium, and Xeon are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and other countries.
SPARC, SPARC64, SPARCengine, and UltraSPARC are trademarks of SPARC International, Inc in the United States and other countries. SPARC International, Inc owns all of the SPARC trademarks and under licensing agreements allows the proper use of these trademarks by its members.
Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this document, and the FreeBSD Project was aware of the trademark claim, the designations have been followed by the “™” or the “®” symbol.
The release notes for FreeBSD 8.1-RELEASE contain a summary of the changes made to the FreeBSD base system on the 8-STABLE development line. This document lists applicable security advisories that were issued since the last release, as well as significant changes to the FreeBSD kernel and userland. Some brief remarks on upgrading are also presented.
- Table of Contents
- 1 Introduction
- 2 What's New
-
- 2.1 Security Advisories
- 2.2 Kernel Changes
-
- 2.2.1 Boot Loader Changes
- 2.2.2 Hardware Support
- 2.2.3 Network Protocols
- 2.2.4 Disks and Storage
- 2.2.5 File Systems
- 2.3 Userland Changes
-
- 2.3.1 /etc/rc.d Scripts
- 2.4 Contributed Software
- 2.5 Release Engineering and Integration
- 3 Upgrading from previous releases of FreeBSD
1 Introduction
This document contains the release notes for FreeBSD 8.1-RELEASE. It describes recently added, changed, or deleted features of FreeBSD. It also provides some notes on upgrading from previous versions of FreeBSD.
This distribution of FreeBSD 8.1-RELEASE is a release distribution. It can be found at ftp://ftp.FreeBSD.org/ or any of its mirrors. More information on obtaining this (or other) release distributions of FreeBSD can be found in the “Obtaining FreeBSD” appendix to the FreeBSD Handbook.
All users are encouraged to consult the release errata before installing FreeBSD. The errata document is updated with “late-breaking” information discovered late in the release cycle or after the release. Typically, it contains information on known bugs, security advisories, and corrections to documentation. An up-to-date copy of the errata for FreeBSD 8.1-RELEASE can be found on the FreeBSD Web site.
2 What's New
This section describes the most user-visible new or changed features in FreeBSD since 8.0-RELEASE.
Typical release note items document recent security advisories issued after 8.0-RELEASE, new drivers or hardware support, new commands or options, major bug fixes, or contributed software upgrades. They may also list changes to major ports/packages or release engineering practices. Clearly the release notes cannot list every single change made to FreeBSD between releases; this document focuses primarily on security advisories, user-visible changes, and major architectural improvements.
2.1 Security Advisories
Problems described in the following security advisories have been fixed. For more information, consult the individual advisories available from http://security.FreeBSD.org/.
Advisory | Date | Topic |
---|---|---|
SA-09:15.ssl | 3 Dec 2009 |
SSL protocol flaw |
SA-09:16.rtld | 3 Dec 2009 |
Improper environment sanitization in rtld(1) |
SA-09:17.freebsd-update | 3 Dec 2009 |
Inappropriate directory permissions in freebsd-update(8) |
SA-10:01.bind | 6 Jan 2010 |
BIND named(8) cache poisoning with DNSSEC validation |
SA-10:02.ntpd | 6 Jan 2010 |
ntpd mode 7 denial of service |
SA-10:03.zfs | 6 Jan 2010 |
ZFS ZIL playback with insecure permissions |
SA-10:04.jail | 27 May 2010 |
Insufficient environment sanitization in jail(8) |
SA-10:05.opie | 27 May 2010 |
OPIE off-by-one stack overflow |
SA-10:06.nfsclient | 27 May 2010 |
Unvalidated input in nfsclient |
SA-10:07.mbuf | 13 July 2010 |
Lost mbuf flag resulting in data corruption |
2.2 Kernel Changes
The ddb(4) debugger has been improved:
-
It now supports show ifnets and show ifnet struct ifnet * commands to print a list of “ifnet *” of each virtual network stack and fields of specified
fip
, respectively. -
It now supports show all lltables, show lltable struct lltable *, and show llentry struct llentry * commands to print a list of “lltable *” of each virtual network stack, fields of specified structures respectively.
-
The show mount command now prints active string mount options.
-
It now supports show vnetrcrs command to dump the whole log of distinctive
curvnet
recursion events. -
It now supports show vnet_sysinit and show vnet_unsysinit commands to print ordered call lists.
A new kernel thread called “deadlock resolver” has been added.
This can be used to detect possible deadlock by using information
of thread state and heuristic analysis. This is not enabled by
default. To enable this, an option option
DEADLKRES
in kernel configuration file and recompilation of
the kernel.
The default devfs(5) rules now expose the upper 256 of pty(4) device nodes.
Two commands to enable/disable read-ahead have been added to fcntl(2) system call:
-
F_READAHEAD
specifies the amount for sequential access. The amount is specified in bytes and is rounded up to nearest block size. -
F_RDAHEAD
is a Darwin compatible version that use 128KB as the sequential access size.
Note that the read-ahead amount is also limited by sysctl
variable vfs.read_max
, which may need
to be raised in order to better utilize this feature.
The lindev(4) driver has been added. This is for supporting various Linux-specific pseudo devices such as /dev/full. Note that this is not included in GENERIC kernel.
A POSIX function pselect(3) has been reimplemented as a system call pselect(2) to eliminate race condition.
A kernel option option
INCLUDE_CONFIG_FILE
has been added to GENERIC kernel by default.
A bug in the sched_4bsd(4) scheduler that the timestamp for the sleeping operation is not cleaned up on the wakeup has been fixed.
A race condition in the sched_4bsd(4) scheduler has been fixed.
A bug in the sched_ule(4) scheduler which prevented process usage (%CPU) from working correctly has been fixed.
New SDT (Statically Defined Tracing) probes such as ones for opencrypto and vnet have been added to FreeBSD dtrace(1) subsystem.
[powerpc] FreeBSD now supports SMP in PowerPC G5 systems. Note that SMP support on FreeBSD/powerpc is disabled by default in GENERIC kernel.
[sparc64] FreeBSD now supports UltraSPARC IV, IV+, and SPARC64 V CPUs.
The
syscons(4) driver has been
improved. The history buffer can be fully saved/restored in the
VESA mode switching via a loader tunable hint.sc.0.vesa_mode
.
A bug in the
tty(4) driver that TIOCSTI
did not work has been fixed. This affects
applications like
mail(1).
[amd64, i386] An x86 real mode emulator based on OpenBSD's x86emu implementation has been added to improve real mode BIOS call support on both i386 and amd64. The atkbdc(4), dpms(4), vesa(4), vga(4) driver now use this emulator and work on the both platforms.
The VIMAGE jail(8) virtualization container can work with sctp(4) now. Note that the VIMAGE is not enabled by default in GENERIC kernel.
The VIMAGE
jail(8) now supports ip4.saddrsel
, ip4.nosaddrsel
, ip6.saddrsel
, and ip6.nosaddrsel
to control whether to use source
address selection or the primary jail address for unbound outgoing
connections. The default value is to use source address
selection.
2.2.1 Boot Loader Changes
[pc98] The boot2 bootcode has been reimplemented based on the i386 counterpart. It now supports ELF binary, UFS2 file system, and larger number of slices.
[ia64] The EFI loader program now
supports a command-line option -dev currdev
to specify the default
value of currdev
. This option can be
set by the EFI boot manager.
[powerpc] The loader(8) program now supports U-Boot storage.
[i386] The algorithm the loader(8) uses has been improved to choose a memory range for its heap when using a range above 1MB. This fixes a symptom that the loader fails to load a kernel.
A kernel environment variable vfs.root.mountfrom
now supports multiple elements
for root file system in a space-separated list. Each list element
will be tried in order and the first available one will be
mounted.
The zfsloader has been added. This is a separate zfs(8) enabled loader. Note that a ZFS bootcode (zfsboot or gptzfsboot) need to be installed to use this new loader.
The zfsboot and gptzfsboot bootcode now fully support 64-bit LBAs for disk addresses. This allows booting from large volumes.
2.2.2 Hardware Support
[powerpc] The adb driver now supports for interpreting taps on ADB touchpads as a button click.
The amdsbwd(4) driver for AMD SB600/SB7xx watchdog timer has been added.
[powerpc] The apt driver for the Apple Touchpad present on MacBook has been added to GENERIC kernel.
[sparc64] The epic(4) driver for the front panel LEDs in Sun Fire V215/V245 has been added.
A bug in the ipmi(4) driver that caused incorrect watchdog timer setting has been fixed.
[sparc64] The pci(4) driver now supports a JBus to PCIe bridge (called as “Fire”) found in the Sun Fire V215/V245 and Sun Ultra 25/45 machines.
[powerpc] The smu(4) driver now provides thermal management and monitoring features. This allows fan control and thermal monitoring on SMU-based Apple G5 machines, as well as an led(4) interface to control the sleep LED.
The tnt4882(4) driver for IEEE-488 (GPIB) bus now supports National Instruments TNT5004 chip.
The uart(4) driver now supports NetMos NM9865 family of Serial/Parallel ports.
The uep(4) driver for USB onscreen touch panel from eGalax has been added. This driver is supported by x11-drivers/xf86-input-egalax.
A bug in the uftdi(4) driver that can allow to send a zero length packet has been fixed.
The usb(4) subsystem now reports devd(8) notify events with the device properties instead of attach events. The following is an example entry of devd.conf(5) to match a umass(4) device with a SCSI subclass and BBB protocol:
notify 100 { match "system" "USB"; match "subsystem" "INTERFACE"; match "type" "ATTACH"; match "intclass" "0x08"; match "intsubclass" "0x06"; match "intprotocol" "0x50"; action "/path/to/command -flag"; };
2.2.2.1 Multimedia Support
The acpi_video(4) driver now supports LCD brightness control notify handler.
The acpi_sony(4) helper driver now supports default display brightness, wired LAN power, and bass gain.
The agp(4) driver has been improved. It includes a fix for aperture size calculation issue which prevents some graphics cards from working.
The snd_hda(4) driver now allows AD1981HD codecs to use playback mixer.
The snd_hda(4) driver now supports multichannel (4.0 and 7.1) playback support. The 5.1 mode support is disabled now due to unidentified synchronization problem. Devices which supports the 7.1 mode can handle the 5.1 operation via software upmix done by sound(4). Note that stereo stream is no longer duplicated to all ports.
2.2.2.2 Network Interface Support
The ath(4) driver now supports Atheros AR9285-based devices.
A bug in the ath(4) driver which causes a problem of AR5416-based chipsets including AR9285 has been fixed.
The bge(4) driver now supports BCM5761, BCM5784, and BCM57780-based devices.
The bge(4) driver now supports TSO (TCP Segmentation Offloading) on BCM5755 or newer controllers.
A long-standing bug in the bge(4) driver which was related to ASF heartbeat sending has been fixed.
A long-standing stability issue of the bce(4) and bge(4) driver due to a hardware bug in its DMA handling when the system has more than 4GB memory has been fixed. This applies to BCM5714, BCM5715, and BCM5708 controllers.
A bug in the bge(4) driver that incorrectly enabled TSO on BCM5754/BCM5754M controllers has been fixed.
A bug in the if_bridge(4) driver has been fixed. The MTU was set based on the firstly-added member even if the addition failed.
The
if_bridge(4) driver now supports
SIOCSIFMTU
ioctl. For example,
ifconfig bridge0 mtu 1280 can change the
MTU of bridge0 to 1280. Changing the MTU is allowed only when all
members have the same MTU value.
The bwn(4) driver for Broadcom BCM43xx chipsets has been added.
The cxgb(4) driver has been updated to T3 firmware 7.8.0.
The cxgb(4) driver now supports hardware filtering based on inspection of L2/L3/L4 headers. Filtering based on source IP address, destination IP address, source port number, destination port number, 802.1q VLAN frame tag, UDP, TCP, and MAC address is possible. The configuration can be done by the cxgbtool(8) utility. Note that cxgbtool(8) is in src/usr.sbin/cxgbtool but not compiled by default.
The em(4) driver has been updated to version 7.0.5.
The et(4) driver now supports MSI and Tx checksum offloading of IPv4, TCP, and UDP.
The fxp(4) driver now exports the hardware MAC statistics via sysctl variables.
The igb(4) driver has been updated to version 1.9.5.
The iwn(4) driver has been updated. This includes various improvements and bugfixes regarding RF switch, bgscan support, suspend/resume support, locking issue, and more. The line device iwnfw in the kernel configuration file will include all firmware images.
The ixgbe(4) driver has been updated to version 2.2.0.
The msk(4) driver has been improved:
-
It now supports Marvell Yukon 88E8042, 88E8057, 88E8059 (Yukon Optima) devices and DGE-560SX (Yukon XL).
-
A rudimentary interrupt moderation with programmable countdown timer register has been implemented. The default parameter of the holdoff time is 100us and this can be changed via sysctl variable
dev.mskc.0.int_holdoff
. Note that the interrupt moderation is shared resource on a dual-port controllers and it is impossible to use separate interrupt moderation values for each port. -
A stability issue has been fixed. A heavy RX traffic while rebooting is in progress could prevent the system from working.
The mxge(4) driver has been updated to firmware version 1.4.50 from Myricom.
The re(4) driver no longer performs an unnecessary interface up/down during getting IP address via DHCP.
The re(4) driver now uses 2048 as PCIe Maximum Read Request Size. This improves bulk transfer performance.
The run(4) driver for Ralink RT2700U/RT2800U/RT3000U USB 802.11agn devices has been added.
The sge(4) driver for Silicon Integrated Systems SiS190/191 Fast/Gigabit Ethernet has been added. This supports TSO and TSO over VLAN.
The ste(4) driver has been improved:
-
The DMA handling has been improved.
-
Wake-On-LAN is now supported.
-
Unnecessary reinitialization of the interfaces has been eliminated.
-
RX interrupt moderation with single shot timer has been implemented. The default parameter of the moderation time is 150us and this can be changed via sysctl variable
dev.ste.0.int_rx_mod
. Setting it 0 effectively disables the RX interrupt moderation feature.
The tsec(4) driver now supports altq(4).
The u3g(4) driver has been improved and now works with ZTE MF636, Option Gi0322, Globetrotter GE40x, and Novatel MC950D.
The uhso(4) driver for Option HSDPA USB devices has been added. A new uhsoctl(1) userland utility can be used to initiate and close the WAN connection.
The vge(4) driver has been improved:
-
The DMA handling has been improved.
-
Wake-On-LAN is now supported.
-
Unnecessary reinitialization of the interfaces has been eliminated.
-
Hardware MAC statistics are now supported via sysctl variables
dev.vge.0.stats
. -
Interrupt moderation with single shot timer and scheme supported by VT61xx controllers have been implemented. The default parameters are tuned to generate interrupt less than 8k per second, and these parameters can be changed via sysctl variables
dev.vge.0.int_holdoff
,dev.vge.0.rx_coal_pkt
, anddev.vge.0.tx_coal_pkt
. Note that an up/down cycle is needed to make a parameter change take effect.
The urtw(4) driver has been improved and now supports RTL8187B-based devices.
The FreeBSD Xen netfront driver has been improved in stability and performance.
2.2.3 Network Protocols
FreeBSD flowtable now supports IPv6. This is for per-CPU caching
flows as a means of accelerating L3 and L2 lookups as well as
providing stateful load balancing when ECMP (Equal-Cost Multi-Path
routing) is enabled by option
RADIX_MPATH
.
A new capability flag LINKSTATE has
been added to struct
ifnet.if_capabilities
. This indicates if the interface can
check the link state or not. The
ifconfig(8) utility now shows
this flag if supported.
A new event handler iflladdr_event
has been added. This signals that the L2 address on an interface
has changed, and lets stacked interfaces such as
vlan(4) detect that their lower
interface has changed and adjust things in order to keep working.
This fixes an issue of
lagg(4) and
vlan(4) configuration.
IPcomp (IP Payload Compression Protocol defined in RFC 2393)
protocol is now enabled by default. Note that this requires
option IPSEC
in the kernel
configuration file and GENERIC kernel
does not include it. This functionality can be disabled by using a
sysctl variable net.inet.ipcomp.ipcomp_enable
.
The ipfw(4) subsystem including dummynet(4) has been updated to “ipfw3” and various bugs have been fixed:
-
The major enhancement is a completely restructured version of dummynet(4), with support for different packet scheduling algorithms (loadable at runtime), faster queue/pipe lookup, and a much cleaner internal architecture and kernel/userland ABI which simplifies future extensions.
-
All of O(N) sequences in the firewall rule evaluation removed from the kernel critical sections. The worst case is now O(log N).
-
It now supports ipfw0 pseudo interface for logging similar to pflog(4). A sysctl
net.inet.ip.fw.verbose=0
enables logging to ipfw0, andnet.inet.ip.fw.verbose=1
sends logging to syslog(3) as before. -
The me keyword in the ipfw(4) rule now matches any IPv6 addresses configured on an interface as well as IPv4 ones.
-
A bug that keep-alive rule did not work for IPv6 packets has been fixed.
-
The lookup match option has been added.
lookup {dst-ip|src-ip|dst-port|src-port|uid|jail} N
This searches the specified field in table N and sets tablearg accordingly. With dst-ip or src-ip the option replicates two existing options. When used with other arguments, the option can be useful to quickly dispatch traffic based on other fields.
-
A bug in the sysctl(8) variable
ip.fw.one_pass
handling has been fixed. A packet which comes from a pipe without being delayed incorrectly ignored this variable.
A memory alignment issue in the ng_ksocket(4) and ng_ppp(4), Netgraph node drivers have been fixed. This fixes kernel panics due to the misalignment.
The ng_bridge(4) and ng_hub(4) Netgraph node drivers now supports a flag persistent. It disables automatic node shutdown when the last hook gets disconnected. The new control messages NGM_BRIDGE_SET_PERSISTENT and NGM_HUB_SET_PERSISTENT have been added for the flag.
The pf(4) subsystem now supports sloppy keyword to enable a TCP state machine for tracking TCP connections with no sequence number check. This feature is in the latest version of pf.
The pfil(9) framework for packet filtering in FreeBSD kernel now supports separate packet filtering instances like ipfw(4) for each VIMAGE jail.
A bug that proxy ARP entries cannot be added over point-to-point link types has been fixed.
The
tap(4) pseudo interface now
reports the link state properly by updating if_link_state
variable in the kernel.
The vlan(4) pseudo interface has been added to GENERIC kernel.
The
vlan(4) pseudo interface now
supports TSO (TCP Segmentation Offloading). The capability flag is
named as IFCAP_VLAN_HWTSO
and it is
separated from IFCAP_VLAN_HWTAGGING
.
The
age(4),
alc(4),
ale(4),
bce(4),
bge(4),
cxgb(4),
jme(4),
re(4), and
mxge(4) driver support this
feature.
The vlan(4) pseudo interface for IEEE 802.1Q VLAN now ignore renaming of the parent's interface name. The configured VLAN interfaces continue to work with the new name while previously the configurations were removed as the renaming happens.
2.2.4 Disks and Storage
The
ada(4) driver now supports
BIO_DELETE
. For SSDs this uses
TRIM feature of DATA
SET MANAGEMENT command, as defined by ACS-2 specification
working draft. For Compact Flash use CFA
ERASE command, same as
ad(4) does. This change realizes
restoring write speed of SSDs which supports TRIM command by doing newfs -E
/dev/ada1, for
example.
The ahci(4) driver now supports SATA part of Marvell 88SE912x controllers.
The ahci(4) driver now supports FIS-based (Frame Information Structure) switching of port multiplier on supported controllers.
The ahd(4) driver now supports three separated error counters for correctable, uncorrectable, and fatal, in sysctl(8) MIB.
A new kernel option option ATA_CAM
has been added. This turns
ata(4) controller drivers into
cam(4) interface modules. When
enabled, this option deprecates all
ata(4) peripheral drivers and
interfaces such as ad and acd, and allows
cam(4) drivers ada, and cd and
interfaces to be natively used instead. Note that this is not
enabled by default in the GENERIC
kernel.
A bug in the ata(4) driver which can lead to interrupt storms and command timeouts has been fixed.
USB mass storage device support in the ata(4) driver has been removed. Note that this was not used in GENERIC kernel and the umass(4) driver supports such devices for a long time.
FreeBSD cam(3) SCSI framework has been improved:
-
SATA and PATA support has been improved and it now recognizes more detail device capabilities. For example, the ahci(4) and siis(4) driver now reports maximum tag number to the framework to optimize the NCQ handling.
-
A loader tunable
kern.cam.boot_delay
has been added. This controls the delay time before cam(3) probes the attached devices. -
SCSI error recovery for devices on buses without automatic sense reporting has been improved. Typical devices are on ATAPI and USB. For example, this allows cam(3) to wait, while CD drive loads disk, instead of immediately return error status.
-
The cam(4) ATA transport layer now supports Power-Up In Stand-by (PUIS). The PUIS is a configuration of SATA or PATA drives to prevent them from automatic spin-up when power is applied. A typical application is staggered spin-up.
-
The cam(4) ATA transport layer now supports negotiating and enabling additional SATA features such as device initiated power management, Automatic Partial to Slumber mode transition, and DMA auto-activation.
A livelock issue of the ciss(4) driver under a high load has been fixed.
A bug in the fdc(4) driver which prevents the kernel module from unloading has been fixed.
The glabel(8) now supports the following sysctl variables for each label type to enable the labeling itself:
kern.geom.label.ext2fs.enable kern.geom.label.iso9660.enable kern.geom.label.msdosfs.enable kern.geom.label.ntfs.enable kern.geom.label.reiserfs.enable kern.geom.label.ufs.enable kern.geom.label.ufsid.enable kern.geom.label.gptid.enable kern.geom.label.gpt.enable
Note that all of them are also loader tunables. They are enabled (set as 1) by default.
geom(8) providers including complex ones such as gconcat(8), gmirror(8), graid3(8), gstripe(8), and some hardware RAID device drivers like twa(4) now inform its optimal access block size to the upper layer.
The
gmirror(8) utility now supports
configure -p
priority command to change
the providers priority.
The balancing mode algorithm load used in the gmirror(8) utility has been changed and it is now the default one instead of split:
-
Instead of measuring last request execution time for each drive and choosing one with smallest time, use averaged number of requests, running on each drive. This information is more accurate and timely. It allows to distribute load between drives in more even and predictable way.
-
For each drive track offset of the last submitted request. If new request offset matches previous one or close for some drive, prefer that drive. It allows to significantly speedup simultaneous sequential reads.
The gmultipath(8) utility now supports destroy, rotate, getactive commands.
A bug in the
graid3(8) which causes a panic
when a large request arrives has been fixed. This happens when
MAXPHYS
is set as larger than
128k.
The default block size of gstripe(8) has been increased from 4k to 64k.
The GEOM_SCHED module has been added. This supports scheduling disk I/O requests in a device independent manner. A supported algorithm is an anticipatory scheduler gsched_rr which gives very nice performance improvements in presence of competing random access patterns. See also gsched(8) manual page for more details.
The HAST (Highly Available STorage) framework has been added:
-
This is a framework to allow transparently storing data on two physically separated machines connected over the TCP/IP network. HAST works in Primary-Secondary (Master-Backup, Master-Slave) configuration, which means that only one of the cluster nodes can be active at any given time. Only Primary node is able to handle I/O requests to HAST-managed devices. Currently HAST is limited to two cluster nodes in total.
-
This operates on block level; it provides disk-like devices in /dev/hast/ directory for use by file systems and/or applications. Working on block level makes it transparent for file systems and applications. There in no difference between using HAST-provided device and raw disk, partition, etc. All of them are just regular geom(8) providers in FreeBSD.
-
The userland part consists of hastd(8), hastctl(8), and hast.conf(5). More details can be found at http://wiki.FreeBSD.org/HAST.
The isp(4) driver has been improved in stability.
The mvs(4) CAM ATA driver for Marvell 88SX50XX/88SX60XX/88SX70XX/SoC SATA controllers has been added. This driver supports same hardware as the ata(4) driver does, but provides many additional features, such as NCQ and PMP.
The
siis(4) driver now enables MSI by
default on SiI3124-based devices. This can be disabled by using a
hint.siis.0.msi
loader tunable.
The Max Read Request Size in the siis(4) driver for PCIe chips has been increased from 512 to 1024 bytes for better performance.
The twa(4) driver has been updated to the latest version from LSI.
2.2.5 File Systems
The msdosfs(5) subsystem is now MP-safe and a race condition when a force unmount happens has been fixed.
FreeBSD NFS subsystem now supports a timeout for the negative
name cache entries in the client. This avoids a bogus negative name
cache entry from persisting forever when another client creates an
entry with the same name within the same NFS server time of day
clock tick. The mount option negnametimeo
can be used to override the default
timeout interval (60 seconds) on a per-mount-point basis. a Setting
negnametimeo
to 0 disables negative name caching for the mount
point.
A race condition in FreeBSD NFS subsystem that occurs when nfsiod(8) threads are being created has been fixed. This also fixes an interoperability issue found in combination of a FreeBSD NFS client and a Linux NFS server.
The inode number handling in ffs(7) file system is now unsigned. Previously some large inode numbers can be treated as negative, and this issue shows up at file systems with the size of more than 16Tb in 16k block case. The newfs(8) utility never create a file system with more than 2^32 inodes by cutting back on the number of inodes per cylinder group if necessary to stay under the limit.
The UFS file system ( ffs(7)) now supports NFSv4 ACL.
FreeBSD
VFS(9) subsystem now supports a
new sysctl variable vfs.vlru_allow_cache_src
. This allow vnlru kernel thread to reclaim of the directory
vnodes that are source of the namecache records. This is not
enabled by default because for typical workload it would make
namecache unusable, but large nested directory tree easily puts any
process that accesses file system into one second wait for
vnlru kernel thread.
The ZFS file system has been improved:
-
It now supports NFSv4 ACL.
-
The L2ARC code has been improved in stability and performance.
-
The zpool version has been updated to version 14. It is now possible to use zpools created on OpenSolaris 2009.06.
-
A sysctl variable
vfs.zfs.txg.write_limit_override
has been added. This can be used for tuning of ZFS write throttling. -
ZFS prefetch statistics has been added as a sysctl variable
kstat.zfs.misc.zfetchstats
. -
The zfs(8) zpool export command now supports
-F
flag. When exporting with this flag, zpool.cache remains untouched. -
A data corruption issue of zfs send/receive between two different platforms has been fixed. Symbolic links could be broken in the previous releases.
-
A possible deadlock of zfs receive has been fixed.
-
Possible panics of zfs destroy and zfs rollback have been fixed.
-
A occasional failure of zfs rename due to a busy state has been fixed.
-
Bugs that zfs snapshot -r fails when the file system is busy, and zfs receive can fail with an E2BIG error, have been fixed.
2.3 Userland Changes
A bug in bsnmpd(1) program which leads to high CPU consumption on a loaded system has been fixed.
A bug in bzip2(1) utility which prevented it from working with multi-session bzip2 files has been fixed.
The
camcontrol(8) utility now
supports a -v
flag in the subcommand
identify. It displays whole of identify
data block.
The
camcontrol(8) utility now
supports -d
and -f
flags in the subcommand cmd. They specify DMA protocol or FPDMA (NCQ)
protocol to be used for ATA command, respectively.
The
chgrp(1) and
chown(8) now support a
-x
flag to make it not traverse across
multiple mount points for the recursive operation.
The
cp(1) now supports a -x
flag to make it not traverse across multiple
mount points for the recursive operation.
The cp(1), find(1), getfacl(1), mv(1), and setfacl(1) utilities now support NFSv4 ACL.
The diskinfo(8) now supports reporting disk stripe size and offset. This helps users to make file systems optimally aligned and tuned for better performance.
A bug in ee(1) utility which can crash the program has been fixed.
A bug in factor(6) utility which leads to performance degradation has been fixed.
The fetch(1) utility now supports HTTP digest authentication.
A bug in
fetch(1) utility which
incorrectly evaluates a variable NO_PROXY
has been fixed.
A bug in
find(1) utility has been fixed.
An option -newerXB
was interpreted as
the same as -newerXm
.
A bug in the
fnmatch(3) function has been
fixed. The flag FNM_PERIOD
did not
work correctly when * characters were
included in the string and FNM_PATHNAME
was specified.
A bug in the fsck_ffs(8) utility which causes the last cylinder group of a UFS1 file system is always reported as broken even after it is fixed.
The gcore(1) utility now recognizes threads in the process and handles dumps on a thread scope.
The ifconfig(8) utility now supports manipulation of NDP flags handled by ndp(8).
The ifconfig(8) utility now supports a description value command to add a description value to the specified interface.
The
indent(1) utility now supports a
-ta
flag to treat all _t-suffixed identifiers as types.
The liblzma library for LZMA2 lossless data compression algorithm and the userland utilities xz(1), xzdec(1), lzma(1), and lzmainfo(1). has been imported. When the old system is upgraded to 8.1-RELEASE, deinstalling a version found in the Ports Collection (archivers/xz) and recompilation of the packages which depend on it may be required.
[amd64, i386] The libz library has been improved in performance. For FreeBSD/i386, note that this improvement uses instructions only on i686-class CPU and they are disabled by default. Specifying CPUTYPE=pentium4 in /etc/make.conf enables them.
The
ln(1) utility now reports an
error correctly when a -f
flag and two
same file entries were specified in the command line option. It
removed the file first and then reported a “not found” error.
The ln(1) utility now removes trailing slash characters when creating a link to a directory. The following command sequence reported an error in the previous releases:
% mkdir test1 test2 % ln -s ../test2/ test1
The mount_nfs(8) utility now supports [ipaddr]:path notation in addition to the existing one. This allows IPv6 address in the address field, and a path including “:” to be mounted.
A bug in the netstat(1) utility that prevents netstat -f netgraph from working has been fixed.
The
netstat(1) utility now supports
ARP information in statistics shown by the -s
flag.
The
netstat(1) utility now supports a
-q number
option to specify the
number of outputs. This is used in conjunction with -w
option.
The newfs_msdos(8) utility now uses NO_NAME as the default volume label and BSD4.4 as the OEM String.
The
newsyslog(8) utility does not
consider non-existence of a PID file as an error now. A new flag
-P
reverts it to the old behavior.
The ntpd(8) program no longer tries to bind to an IPv6 anycast address.
The
pam_krb5(8) PAM module now
supports no_user_check
option. This
allows to authorize a user not known to the local system.
The
pathchk(1) utility now supports a
-P
flag defined in POSIX-1.2008. This
checks for empty pathnames and components starting with “-”.
A variable daily_clean_tmps_ignore
which is used in the
periodic(8) daily script now has
/tmp/.snap. This prevents /tmp/.snap from being removed.
The
procstat(1) utility now supports
two new flags -i
and -j
to display information about signal disposition
and pending/blocked status for signals.
The pwait(1) utility has been added. This is similar to the Solaris utility of the same name, and waits for any process to terminate.
A bug in the
restore(8) utility which caused
short reads when a option -P
was used
has been fixed.
The
rtsold(8) -a
flag now excludes the interfaces which IPv6 or
accepting ICMPv6 Router Advertisement message is disabled from the
auto-probed interface list.
The scandir(3) and alphasort(3) functions has been updated to conform POSIX.1-2008 (IEEE Std 1003.1-2008).
The
sed(1) utility now supports a
-r
flag which means exactly the same as
a -E
flag. This is for compatibility
with the GNU version.
The service name database services(5) (usually in /etc/services) now also supports a db(3) style database for better lookup performance. The following entry in /etc/nsswitch.conf enables use of the binary database file:
services: db
Note that the db(3) style database can be created by services_mkdb(8) at /var/db/service.db.
The
sighold(2),
sigignore(2),
sigpause(2),
sigrelse(2), and
sigset(2) functions have been
implemented for making porting software from System V-like systems
easy. Note that these are defined in POSIX.1-2008 XSI (IEEE Std
1003.1-2008, X/Open System Interface) but now obsolete. Since
FreeBSD already has another sigpause(3)
function derived from 4.2BSD, a
version of the XSI interface is implemented as xsi_sigpause()
.
The sshd(8), cron(8), inetd(8), and syslogd(8) programs now set MADV_PROTECT memory flag onto themselves to protect from being terminated by the FreeBSD kernel when available memory becomes short. This kind of process termination happens in a swap-intensive workload.
The stat(1) utility now supports %Sf output specifier to display the file flags symbolically.
The strsignal(3) function is now thread-safe.
The
sysctl(8) utility now supports a
-i
flag to ignore failures while
retrieving individual OIDs. This allows the same list of OIDs to be
passed to
sysctl(8) across different
systems where particular OIDs may not exist, and still get as much
information as possible from them.
The traceroute(8) utility now performs source address selection correctly even in a VIMAGE jail(8) environment.
The
unifdef(1) utility has been
updated to version 1.188. It now supports a new -B
flag to compress blank lines around a deleted
section to prevent blank lines around paragraphs of code from
getting doubled.
The unzip(1) utility now supports the rename query when a file with the same name as the one about to be extracted already exists.
The
unzip(1) utility now supports
-C
, -c
,
-f
, -p
, and
-v
flags which are compatible with
Info-ZIP.
The
usbconfig(8) utility now supports
a new flag -d
to specify the
ugen(4) device, and add_quirk and remove_quirk
commands.
The
whois(1) utility now supports
searching IPv6 addresses just like IPv4 without specifying the ARIN
server. A -d
flag has been removed
because it is now obsolete.
A new errno ENOTCAPABLE
has been
added. This is to be returned when a process requests an operation
on a file descriptor that is not authorized by the descriptor's
capability flags.
The
zfs(8) command now supports a new
flag receive -u
to specify that the
received ZFS should not be mounted automatically.
2.3.1 /etc/rc.d Scripts
The service(8) command has been added. This provides an easy command-line interface to the rc.d system.
The rc.d/ipfw script and /etc/rc.firewall now supports IPv6 and rc.d/ip6fw script and /etc/rc.firewall6 are obsolete. Note that
ipv6_firewall_*
variables in
rc.conf(5) are replaced with
firewall_client_net_ipv6
, firewall_simple_iif_ipv6
, firewall_simple_inet_ipv6
, firewall_simple_oif_ipv6
, firewall_simple_onet_ipv6
.
A new rc.d script rc.d/rtsold has been added. This handles rtsold(8) daemon.
A new rc.d script rc.d/static_arp has been added. This allows the administrator to statically define mappings of MAC address to IPv4 at boot time. See also the rc.conf(5) manual page for more details.
The rc.d/tmp script now uses a unique directory name prefixed with /tmp/.diskless instead of /tmp/.diskless itself. This fixes an issue when /tmp/.diskless exists before the script runs.
A new rc.d script rc.d/ubthidhci has been added. This small script calls usbconfig(8) to change a USB Bluetooth controller from HID mode to HCI mode.
The
rc.conf(5) now supports a
firewall_coscripts
variable. This
should contain a list of commands which should be executed after
firewall starts or stops.
The
rc.conf(5) now supports
configuring
vlan(4) interfaces as child
devices similar to
wlan(4) interfaces.
vlan(4) interfaces are listed via
a new vlans_IF
variable. If a VLAN interface
is a number, then that number is treated as the VLAN tag for the
interface and the interface will be named IF.tag
. Otherwise, the VLAN tag must
be provided via a VLAN parameter in a create_args_IF
variable.
2.4 Contributed Software
The ACPI-CA has been updated to 20100304.
The awk has been updated from the 23 October 2007 release to the 26 November 2009 release.
ISC BIND has been updated to version 9.6.2-P2.
netcat has been updated to version 4.7.
OpenSSH has been updated from version 5.1p1 to version 5.4p1.
OpenSSL has been updated to version 0.9.8n.
sendmail has been updated to version 8.14.4.
The timezone database has been updated to the tzdata2010j release.
2.5 Release Engineering and Integration
The filename of ISO images for FreeBSD releases now has a FreeBSD- at the beginning.
The supported version of the GNOME desktop environment (x11/gnome2) has been updated to 2.28.2.
The supported version of the KDE desktop environment (x11/kde4) has been updated to 4.4.3.
3 Upgrading from previous releases of FreeBSD
[amd64, i386] Upgrades between RELEASE versions (and snapshots of the various security branches) are supported using the freebsd-update(8) utility. The binary upgrade procedure will update unmodified userland utilities, as well as unmodified GENERIC kernel distributed as a part of an official FreeBSD release. The freebsd-update(8) utility requires that the host being upgraded has Internet connectivity.
An older form of binary upgrade is supported through the Upgrade option from the main sysinstall(8) menu on CDROM distribution media. This type of binary upgrade may be useful on non-i386, non-amd64 machines or on systems with no Internet connectivity.
Source-based upgrades (those based on recompiling the FreeBSD base system from source code) from previous versions are supported, according to the instructions in /usr/src/UPDATING.
Important: Upgrading FreeBSD should, of course, only be attempted after backing up all data and configuration files.
This file, and other release-related documents, can be downloaded from ftp://ftp.FreeBSD.org/.
For questions about FreeBSD, read the documentation before contacting <questions@FreeBSD.org>.
For questions about this documentation, e-mail <doc@FreeBSD.org>.