diff --git a/website/content/en/releases/15.0R/relnotes.adoc b/website/content/en/releases/15.0R/relnotes.adoc index 3afbb125f3..aa3189d525 100644 --- a/website/content/en/releases/15.0R/relnotes.adoc +++ b/website/content/en/releases/15.0R/relnotes.adoc @@ -1,445 +1,651 @@ --- title: "FreeBSD 15.0-RELEASE Release Notes" sidenav: download --- :localRel: 15.0 :releaseCurrent: 15.0-RELEASE :releaseBranch: 15-STABLE :releasePrev: 14.0-RELEASE :releaseNext: 15.1-RELEASE :releaseType: "release" include::shared/en/urls.adoc[] = FreeBSD {releaseCurrent} Release Notes :doctype: article :toc: macro :toclevels: 1 :icons: font == Abstract [.abstract-title] The release notes for FreeBSD {releaseCurrent} contain a summary of the changes made to the FreeBSD base system on the {releaseBranch} development line. This document lists applicable security advisories that were issued since the last release, as well as significant changes to the FreeBSD kernel and userland. Some brief remarks on upgrading are also presented. [[intro]] == Introduction This document contains the release notes for FreeBSD {releaseCurrent}. It describes recently added, changed, or deleted features of FreeBSD. It also provides some notes on upgrading from previous versions of FreeBSD. The {releaseType} distribution to which these release notes apply represents the latest point along the {releaseBranch} development branch since {releaseBranch} was created. Information regarding pre-built, binary {releaseType} distributions along this branch can be found at https://www.FreeBSD.org/releases/[]. The {releaseType} distribution to which these release notes apply represents a point along the {releaseBranch} development branch between {releasePrev} and the future {releaseNext}. Information regarding pre-built, binary {releaseType} distributions along this branch can be found at https://www.FreeBSD.org/releases/[]. This distribution of FreeBSD {releaseCurrent} is a {releaseType} distribution. It can be found at https://www.FreeBSD.org/releases/[] or any of its mirrors. More information on obtaining this (or other) {releaseType} distributions of FreeBSD can be found in the link:{handbook}/mirrors[Obtaining FreeBSD appendix] to the link:{handbook}/[FreeBSD Handbook]. All users are encouraged to consult the release errata before installing FreeBSD. The errata document is updated with "late-breaking" information discovered late in the release cycle or after the release. Typically, it contains information on known bugs, security advisories, and corrections to documentation. An up-to-date copy of the errata for FreeBSD {releaseCurrent} can be found on the FreeBSD Web site. This document describes the most user-visible new or changed features in FreeBSD since {releasePrev}. In general, changes described here are unique to the {releaseBranch} branch unless specifically marked as MERGED features. Typical release note items document recent security advisories issued after {releasePrev}, new drivers or hardware support, new commands or options, major bug fixes, or contributed software upgrades. They may also list changes to major ports/packages or release engineering practices. Clearly the release notes cannot list every single change made to FreeBSD between releases; this document focuses primarily on security advisories, user-visible changes, and major architectural improvements. [[upgrade]] == Upgrading from Previous Releases of FreeBSD NOTE: FreeBSD Update is probably not going to exist in {releaseCurrent}! The text below is boilerplate from previous releases and should be replaced with instructions for using pkgbase once those are finalized. Binary upgrades between RELEASE versions (and snapshots of the various security branches) are supported using the man:freebsd-update[8] utility. See the release-specific upgrade procedure, link:../installation/#upgrade-binary[FreeBSD {releaseCurrent} upgrade information], with more details in the FreeBSD handbook link:{handbook}cutting-edge/#freebsdupdate-upgrade[binary upgrade procedure]. This will update unmodified userland utilities, as well as unmodified GENERIC kernels distributed as a part of an official FreeBSD release. The man:freebsd-update[8] utility requires that the host being upgraded have Internet connectivity. Source-based upgrades (those based on recompiling the FreeBSD base system from source code) from previous versions are supported, according to the instructions in [.filename]#/usr/src/UPDATING#. [IMPORTANT] ==== Upgrading FreeBSD should only be attempted after backing up _all_ data and configuration files. ==== [[security-errata]] == Security and Errata This section lists the various Security Advisories and Errata Notices since {releasePrev}. [[security]] === Security Advisories [.informaltable] [cols="1,1,1", frame="none", options="header"] |=== | Advisory | Date | Topic |https://www.freebsd.org/security/advisories/FreeBSD-SA-23:17.pf.asc[FreeBSD-SA-23:17.pf] |05 December 2023 |TCP spoofing vulnerability in man:pf[4] |https://www.freebsd.org/security/advisories/FreeBSD-SA-23:18.nfsclient.asc[FreeBSD-SA-23:18.nfsclient] |12 December 2023 |NFS client data corruption and kernel memory disclosure |https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc[FreeBSD-SA-23:19.openssh] |19 December 2023 |Prefix Truncation Attack in the SSH protocol |https://www.freebsd.org/security/advisories/FreeBSD-SA-24:01.bhyveload.asc[FreeBSD-SA-24:01.bhyveload] |14 February 2024 |man:bhyveload[8] host file access |https://www.freebsd.org/security/advisories/FreeBSD-SA-24:02.tty.asc[FreeBSD-SA-24:02.tty] |14 February 2024 |man:jail[2] information leak |https://www.freebsd.org/security/advisories/FreeBSD-SA-24:03.unbound.asc[FreeBSD-SA-24:03.unbound] |28 March 2024 |Multiple vulnerabilities in unbound + +|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:04.openssh.asc[FreeBSD-SA-24:04.openssh] +|01 July 2024 +|OpenSSH pre-authentication remote code execution + +|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:05.pf.asc[FreeBSD-SA-24:05.pf] +|07 August 2024 +|pf incorrectly matches different ICMPv6 states in the state table + +|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:06.ktrace.asc[FreeBSD-SA-24:06.ktrace] +|07 August 2024 +|man:ktrace[2] fails to detach when executing a setuid binary + +|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:07.nfsclient.asc[FreeBSD-SA-24:07.nfsclient] +|07 August 2024 +|NFS client accepts file names containing path separators + +|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:08.openssh.asc[FreeBSD-SA-24:08.openssh] +|07 August 2024 +|OpenSSH pre-authentication async signal safety issue + +|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:09.libnv.asc[FreeBSD-SA-24:09.libnv] +|04 September 2024 +|Multiple vulnerabilities in libnv + +|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:10.bhyve.asc[FreeBSD-SA-24:10.bhyve] +|04 September 2024 +|man:bhyve[8] privileged guest escape via TPM device passthrough + +|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:11.ctl.asc[FreeBSD-SA-24:11.ctl] +|04 September 2024 +|Multiple issues in man:ctl[4] CAM Target Layer + +|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:12.bhyve.asc[FreeBSD-SA-24:12.bhyve] +|04 September 2024 +|man:bhyve[8] privileged guest escape via USB controller + +|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:13.openssl.asc[FreeBSD-SA-24:13.openssl] +|04 September 2024 +|Possible DoS in X.509 name checks in OpenSSL + +|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:14.umtx.asc[FreeBSD-SA-24:14.umtx] +|04 September 2024 +|umtx Kernel panic or Use-After-Free + +|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:15.bhyve.asc[FreeBSD-SA-24:15.bhyve] +|19 September 2024 +|man:bhyve[8] out-of-bounds read access via XHCI emulation + +|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:16.libnv.asc[FreeBSD-SA-24:16.libnv] +|19 September 2024 +|Integer overflow in libnv + +|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:17.bhyve.asc[FreeBSD-SA-24:17.bhyve] +|29 October 2024 +|Multiple issues in the bhyve hypervisor + +|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:18.ctl.asc[FreeBSD-SA-24:18.ctl] +|29 October 2024 +|Unbounded allocation in man:ctl[4] CAM Target Layer + +|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:19.fetch.asc[FreeBSD-SA-24:19.fetch] +|29 October 2024 +|Certificate revocation list man:fetch[1] option fails |=== [[errata]] === Errata Notices [.informaltable] [cols="1,1,1", frame="none", options="header"] |=== | Errata | Date | Topic |https://www.freebsd.org/security/advisories/FreeBSD-EN-23:15.sanitizer.asc[FreeBSDS-EN-23:15:sanitizer] |01 December 2023 |Clang sanitizer failure with ASLR enabled |https://www.freebsd.org/security/advisories/FreeBSD-EN-23:16.openzfs.asc[FreeBSDS-EN-23:16:openzfs] |01 December 2023 |OpenZFS data corruption |https://www.freebsd.org/security/advisories/FreeBSD-EN-23:17.ossl.asc[FreeBSDS-EN-23:17:ossl] |05 December 2023 |man:ossl[4]'s AES-GCM implementation may give incorrect results |https://www.freebsd.org/security/advisories/FreeBSD-EN-23:18.openzfs.asc[FreeBSDS-EN-23:18:openzfs] |05 December 2023 |High CPU usage by ZFS kernel threads |https://www.freebsd.org/security/advisories/FreeBSD-EN-23:19.pkgbase.asc[FreeBSDS-EN-23:19:pkgbase] |05 December 2023 |Incorrect pkgbase version number for FreeBSD {releasePrev}. |https://www.freebsd.org/security/advisories/FreeBSD-EN-23:20.vm.asc[FreeBSDS-EN-23:20:vm] |05 December 2023 |Incorrect results from the kernel physical memory allocator |https://www.freebsd.org/security/advisories/FreeBSD-EN-23:21.tty.asc[FreeBSDS-EN-23:21:tty] |24 November 2023 |man:tty[4] IUTF8 causes a kernel panic |https://www.freebsd.org/security/advisories/FreeBSD-EN-23:22.vfs.asc[FreeBSDS-EN-23:22:vfs] |05 December 2023 |ZFS snapshot directories not accessible over NFS |https://www.freebsd.org/security/advisories/FreeBSD-EN-24:01.tzdata.asc[FreeBSDS-EN-24:01:tzdata] |14 February 2024 |Timezone database information update |https://www.freebsd.org/security/advisories/FreeBSD-EN-24:02.libutil.asc[FreeBSDS-EN-24:02:libutil] |14 February 2024 |Login class resource limits and CPU mask bypass |https://www.freebsd.org/security/advisories/FreeBSD-EN-24:03.kqueue.asc[FreeBSDS-EN-24:03:kqueue] |14 February 2024 |man:kqueue_close[2] page fault on exit using man:rfork[2] |https://www.freebsd.org/security/advisories/FreeBSD-EN-24:04.ip.asc[FreeBSDS-EN-24:04:ip] |14 February 2024 |Kernel panic triggered by man:bind[2] |https://www.freebsd.org/security/advisories/FreeBSD-EN-24:05.tty.asc[FreeBSDS-EN-24:05:tty] |28 March 2024 |TTY Kernel Panic |https://www.freebsd.org/security/advisories/FreeBSD-EN-24:06.wireguard.asc[FreeBSDS-EN-24:06:wireguard] |28 March 2024 |Insufficient barriers in WireGuard man:if_wg[4] |https://www.freebsd.org/security/advisories/FreeBSD-EN-24:07.clang.asc[FreeBSDS-EN-24:07:clang] |28 March 2024 |Clang crash when certain optimization is enabled |https://www.freebsd.org/security/advisories/FreeBSD-EN-24:08.kerberos.asc[FreeBSDS-EN-24:08:kerberos] |28 March 2024 |Kerberos segfaults when using weak crypto |https://www.freebsd.org/security/advisories/FreeBSD-EN-24:09.zfs.asc[FreeBSDS-EN-24:09:zfs] |24 April 2024 |High CPU usage by kernel threads related to ZFS |=== [[userland]] == Userland This section covers changes and additions to userland applications, contributed software, and system utilities. [[userland-config]] === Userland Configuration Changes A new `kdc_restart` variable is available that manages man:kdc[8] (or `krb5kdc`) under man:daemon[8]. Set `kdc_restart="YES"` in man:rc.conf[5] to auto restart kdc on abnormal termination. Set `kdc_restart_delay="N"` to the number of seconds to delay before restarting the kdc. gitref:abc4b3088941[repository=src] By default, changes shown in email by the man:periodic[8] facility from the `daily` scripts show less context than before to reduce the size of the output. The behavior can be controlled by the `daily_diff_flags` variable in man:periodic.conf[5]. Similarly, the changes shown by the security scripts show less context than previously, controlled by the `security_status_diff_flags` variable in man:periodic.conf[5]. gitref:538994626b9f[repository=src], gitref:37dc394170a5[repository=src], gitref:128e78ffb084[repository=src] [[userland-programs]] === Userland Application Changes The man:adduser[8] utility, used by man:bsdinstall[8], will now create a ZFS dataset for a new user's home directory if the parent directory resides on a ZFS dataset. A command-line option is available to disable use of a separate dataset. ZFS encryption is also available. gitref:516009ce8d38[repository=src] The man:date[1] program now supports nanoseconds. For example: `date -Ins` prints "2024-04-22T12:20:28,763742224+02:00" and `date +%N` prints "415050400". gitref:eeb04a736cb9[repository=src] The man:dtrace[1] utility can now generate machine-readable output in JSON, XML, and HTML using man:libxo[3]. gitref:aef4504139a4[repository=src] (Sponsored by Innovate UK) The man:lastcomm[1] utility now displays timestamps with a precision of seconds. gitref:692c0a2e80c1[repository=src] (Sponsored by DSS Gmbh) The man:ldconfig[8] utility now supports hints files of either byte order. The default format is the native byte-order of the host. gitref:fa7b31166ddb[repository=src] OpenSSH has been upgraded to version 9.7p1. Full release notes are at https://www.openssh.com/txt/release-9.7[] and https://www.openssh.com/txt/release-9.6[] . gitref:a25789646d71[repository=src], gitref:464fa66f639b[repository=src] (Sponsored by The FreeBSD Foundation) The man:usbconfig[8] utility now reads the descriptions of usb vendor and products from [.filename]#/usr/share/misc/usb_vendors# when available, similar to what man:pciconf[8] does. gitref:7b9a772f9f64[repository=src] +An option has been added to change the directory in man:env[1] which closely resembles the feature in the GNU version of env although it does not support long options. +gitref:08e8554c4a39[repository=src] (Sponsored by Klara, Inc.) + [[userland-contrib]] === Contributed Software One True Awk (man:awk[1]) has been updated to 2nd Edition, with new -csv support and UTF-8 support. gitref:daf917daba9c[repository=src] -Clang/LLVM have been upgraded to version 18.1.5. -gitref:90a5e985e5f4[repository=src] - -The man:libarchive[3] library has been upgraded to version 3.7.4. -gitref:8774c92e32b2[repository=src] - The man:sendmail[8] suite has been upgraded to version 8.18.1, addressing CVE-2023-51765. gitref:58ae50f31e95[repository=src] -The man:unbound[8] resolver has been upgraded to version 1.20.0, and addresses "`The DNSBomb`" vulnerability, CVE-2024-33655. -gitref:dcde37c4170b[repository=src] +`bc` has been upgraded to 7.0.2. +gitref:90ea553a0d30[repository=src] -[[userland-deprecated-programs]] -=== Deprecated Applications +`libarchive` has been upgraded to 3.7.7. +gitref:2ae238160f20[repository=src] + +`libcbor` has been upgraded to 0.11.0. +gitref:1755b9daa693[repository=src] (Sponsored by The FreeBSD Foundation) + +`libcxxrt` has been upgraded to vendor snapshot 6f2fdfebcd62. +gitref:d0dcee46d971[repository=src] + +`libfido2` has been upgraded to 1.14.0. +gitref:128bace5102e[repository=src] (Sponsored by The FreeBSD Foundation) + +`libpcap` has been upgraded to 1.10.5. +gitref:26f21a6494b4[repository=src] (Sponsored by The FreeBSD Foundation) + +`llvm` has been upgraded to 18.1.6. +gitref:f1e3279983d6[repository=src] + +`openssl` has been upgraded to 3.0.15. +gitref:cc43f991ab3e[repository=src] + +`tcpdump` has been upgraded to 4.99.5. +gitref:ec3da16d8bc1[repository=src] (Sponsored by The FreeBSD Foundation) + +`unbound` has been upgraded to 1.22.0. +gitref:0a096a7b3ae8[repository=src] [[userland-libraries]] === Runtime Libraries and API The man:setusercontext[3] routine in `libutil` will now set the process priority (nice) from the [.filename]#.login.conf# file from the home directory under appropriate conditions, as well as the system man:login.conf[5]. The priority can now have the value `inherit`, indicating that the priority should be unchanged from that of the parent process. Similarly, the umask can have the value `inherit`. gitref:6f6186e19fe5[repository=src], gitref:a8c273b3c97f[repository=src], gitref:d2d66fedc418[repository=src] (Sponsored by Kumacom SAS) Many string and memory operations in the C library now use SIMD (single instruction multiple data) extensions for improved performance when available on amd64 systems; see man:simd[7]. (Sponsored by The FreeBSD Foundation) There is now a much better implementation of the 128-bit `tgammal` function in the math library, man:math[3], on platforms that support it. gitref:8df6c930c151[repository=src] +man:fma[3] now returns correctly-signed zero when provided certain small inputs (as observed in the Python test suite). +gitref:dc39004bc670[repository=src] +(Sponsored by The FreeBSD Foundation) + +The `cap_rights_is_empty` function has been added. +It reports whether a `cap_rights_t` has no rights set. +gitref:e77813f7e4a3[repository=src] +(Sponsored by The FreeBSD Foundation) + +[[userland-deprecated-programs]] +=== Deprecated Applications + +man:fdisk[8] has been deprecated in favor of man:gpart[8] for a long time but has not been removed, running this application will show a warning to migrate to man:gpart[8]. +gitref:3958be5c29da[repository=src] (Sponsored by The FreeBSD Foundation) + +The accuracy of man:asinf[3] and man:acosf[3] has improved. +gitref:33c82f11c267[repository=src] + [[cloud]] == Cloud Support This section covers changes in support for cloud environments. {releaseCurrent} supports cloudinit, including the `nuageinit` startup script and support for a `config-drive` partition. It is compatible with OpenStack and many hosting facilities. See the https://cloud-init.io[cloud-init] web site and the commit messages, gitref:16a6da44e28d[repository=src] gitref:227e7a205edf[repository=src]. (Sponsored by OVHCloud) +The FreeBSD project is now publishing OCI-compatible container images. +gitref:8a688fcc242e[repository=src] + +The FreeBSD project is now publishing Oracle Cloud Infrastructure images. +See the +link:https://cloudmarketplace.oracle.com/marketplace/app/freebsd-release[Oracle Cloud Infrastructure FreeBSD Listing] +for more information. +gitref:77b296a2582b[repository=src] + +The "shutdown" and "reboot" API in the Amazon EC2 cloud now work for arm64 instances. +Older instances upgraded to FreeBSD {releaseCurrent} will need to have `debug.acpi.quirks="8"` set in `/boot/loader.conf`. +gitref:28b881840df7[repository=src] (Sponsored by Amazon) + +The FreeBSD projects now publishes "small" EC2 images; these are the "base" images minus debug symbols, tests, 32-bit libraries, the LLDB debugger, the Amazon SSM Agent, and the AWS CLI. +gitref:953142d6baf3[repository=src] (Sponsored by Amazon) + [[kernel]] == Kernel This section covers changes to kernel configurations, system tuning, and system control parameters that are not otherwise categorized. [[kernel-general]] === General Kernel Changes The `fpu_kern_enter` and `fpu_kern_leave` routines have been implemented for powerpc, allowing the use of man:ossl[4] crypto functions in the kernel that use floating point and vector registers. gitref:91e53779b4fc[repository=src] [[drivers]] == Devices and Drivers This section covers changes and additions to devices and device drivers since {releasePrev}. [[drivers-device]] === Device Drivers A driver is available for man:ice[4] Ethernet network controllers in the Intel E800 series, which support 100 Gb/s operation. -It was upgraded to version 1.39.13-k. -gitref:71d104536b51[repository=src] gitref:f6de0a7c94e9[repository=src] (Sponsored by Intel Corporation) +It was upgraded to version 1.43.2-k. +gitref:38a1655adcb3[repository=src] (Sponsored by Intel Corporation) Numerous stability improvements have been in the man:iwlwifi[4] driver for Intel Wi-Fi devices. (Sponsored by The FreeBSD Foundation) Multiple PCI MCFG regions are now supported on amd64 and i386, allowing PCI configuration space access for domains (segments) other than 0. gitref:4b5f64408804[repository=src] The man:smsc[4] Ethernet driver can now fetch the value of `smsc95xx.macaddr` passed by some Raspberry Pi models and use it for the MAC address. It always uses a stable MAC address even if there is no address in EEPROM. gitref:028e4c6548e4[repository=src] The `snd_clone` framework has been removed from the sound subsystem, including related sysctls, simplifying the system. The per-channel nodes ([.filename]#/dev/dspX.Y#) are no longer created, just the primary device ([.filename]#/dev/dspX#). gitref:e6c51f6db8d7[repository=src] (Sponsored by The FreeBSD Foundation) Audio now supports asynchronous device detach. This greatly simplifies hot plugging and unplugging of things such as USB headsets, and eases use of PulseAudio in cases that require operating system sleep and wake (suspend and resume). gitref:d692c314d29a[repository=src] (Sponsored by The FreeBSD Foundation) +`ena` has been upgraded to 2.8.0. +gitref:6bf02434bd9a[repository=src] (Sponsored by Amazon, Inc.) + +`ice_ddp` has been upgraded to 1.3.41.0. +gitref:a9d78bb714e3[repository=src] (Sponsored by Intel Corporation) + +Tiger Lake-H support has been added to the man:hda[4] driver. +gitref:dbb6f488df6e[repository=src] + +Meteor Lake support has been added to the man:ichsmb[4] driver. +gitref:14c22e28e4ee[repository=src] +(Sponsored by Framework Computer Inc) +(Sponsored by The FreeBSD Foundation) + +Meteor Lake support has been added to the man:ig4[4] driver. +gitref:56f0fc0011c2[repository=src] + +A new wireless driver supporting some Realtek chipsets is available: man:rtw89[4]. +gitref:a2d1e07f6451[repository=src] (Sponsored by The FreeBSD Foundation) + +Support for Realtek 8156/8156B has been moved from from man:cdce[4] to man:ure[4] for improved performance and reliability. +gitref:630077a84186[repository=src] (Sponsored by The FreeBSD Foundation) + +Support for ACPI GPIO _AEI objects has been added. +gitref:1db6ffb2a482[repository=src] (Sponsored by Amazon) + +man:nvme[4] and man:nvmecontrol[8] have been enabled on all architectures. +gitref:24687a65dd7f[repository=src], gitref:aba2d7f89dcf[repository=src] +(Sponsored by Chelsio Communications and Netflix) + [[drivers-removals]] === Deprecated and Removed Drivers +man:agp[4] has been planned for removal in FreeBSD 15.0, and the man page now states that it is deprecated. +gitref:92af7c97e197[repository=src] + +man:syscons[4] has been planned for removal in future releases, and has been noted as deprecated in the man pages to notify users to migrate to man:vt[4]. +gitref:2bc5b1d60512[repository=src] (Sponsored by The FreeBSD Foundation) + [[storage]] == Storage This section covers changes and additions to file systems and other storage subsystems, both local and networked. [[storage-nfs]] === NFS The man:mountd[8] server has been modified to use man:strunvis[3] to decode directory names in man:exports[5] file(s). This allows special characters, such as blanks, to be embedded in the directory name. `vis -M` may be used to encode such directory names; see man:vis[1]. gitref:2c83f1ada435[repository=src] New man:sysctl[8] variables have been added under `kern.rpc.unenc` and `kern.rpc.tls`, which allow an NFS server administrator to determine how much NFS-over-TLS is being used. A large number of failed handshakes might indicate an NFS configuration problem. gitref:b8e137d8d32d[repository=src] [[storage-ufs]] === UFS Soft updates are now enabled by default when creating a new UFS file system with man:newfs[8]. gitref:6b2af2d88ffd[repository=src] [[storage-zfs]] === ZFS -OpenZFS has been upgraded to version 2.2.4. -gitref:78c9d8f1ce65[repository=src] +OpenZFS has been upgraded to version 2.2.6. +gitref:755e773877e9[repository=src] [[storage-general]] === General Storage [[boot]] == Boot Loader Changes This section covers the boot loader, boot menu, and other boot-related changes. [[boot-loader]] === Boot Loader Changes The man:loader[8] now reads local configuration files listed in the variable `local_loader_conf_files` after other configuration files, defaulting to [.filename]#/boot/loader.conf.local#. gitref:a25531db0fc2[repository=src] The man:loader[8] can now be configured to read specific configuration files based on the planar maker, planar product, system product and uboot m_product variables from the SMBIOS. For the moment, the best documentation is the git commit message, gitref:3eb3a802a31b[repository=src]. Console detection in man:loader[8] has been improved on EFI systems. If there is no ConOut variable, ConIn is checked. If multiple devices are found, serial is preferred. gitref:20a6f4779ac6[repository=src] (Sponsored by Netflix) Frame buffer support in man:loader[8] can now use a text-only video driver, resulting in space savings. gitref:57ca2848c0aa[repository=src] (Sponsored by Netflix) The detection of ACPI is now done earlier in man:loader.efi[8] on arm64 systems. The copy of [.filename]#loader.efi# on the EFI partition should be updated on arm64 systems using ACPI. gitref:05cf4dda599a[repository=src] gitref:16c09de80135[repository=src] The LinuxBoot loader can be used to boot FreeBSD from Linux on aarch64 systems as well as amd64. gitref:46010641267[repository=src] (Sponsored by Netflix) +The BIOS boot loader added back support for gzip and bzip2, but removed support for graphics mode (by default) to address size problems. +(The EFI boot loader is unchanged with support for all of those.) +gitref:4d3b05a8530e[repository=src] (Sponsored by Netflix) + [[network]] == Networking This section describes changes that affect networking in FreeBSD. +[[network-protocols]] +=== Network Protocols + +Lots of improvements to the network stack, including performance improvements and bug fixes for the man:sctp[4] stack. + +Descriptors returned by man:sctp_peeloff[2] now inherit capabilities from the parent socket. +gitref:ae3d7e27abc9[repository=src] +(Sponsored by The FreeBSD Foundation) + [[network-general]] === General Network ARP (man:arp[4]) support for 802-standard networks has been restored; it had been accidentally removed with FDDI support. (This is different than the Ethernet standard encapsulation.) gitref:d776dd5fbd48[repository=src] It is possible to build a kernel with IPv6 support (INET6) without IPv4 (INET). gitref:6df9fa1c6b83[repository=src] and others The netgraph man:ng_ipfw[4] module no longer truncates cookies to 16 bits, allowing a full 32 bits. gitref:dadf64c5586e[repository=src] +AIM(Adaptive Interrupt Moderation) support has been added to the man:igc[4] driver. +gitref:472a0ccf847a[repository=src] (Sponsored by Rubicon Communications, LLC ("Netgate") and BBOX.io) + +This feature has also been added to the man:lem[4], man:em[4] and man:igb[4] drivers. A major regression in UDP performance introduced in FreeBSD 12.0, including NFS over UDP, is believed to be fixed with this change. +gitref:49f12d5b38f6[repository=src] (Sponsored by Rubicon Communications, LLC ("Netgate") and BBOX.io) + [[wireless-networking]] === Wireless Networking The LinuxKPI 802.11 comapt layer man:linuxkpi_wlan[4] gained support for the Galois/Counter Mode Protocol (GCMP) from man:wlan_gcmp[4]. (Sponsored by The FreeBSD Foundation) [[hardware]] == Hardware Support This section covers general hardware support for physical machines, hypervisors, and virtualization environments, as well as hardware changes and updates that do not otherwise fit in other sections of this document. Please see link:https://www.freebsd.org/releases/{localRel}R/hardware[the list of hardware] supported by {releaseCurrent}, as well as link:https://www.freebsd.org/platforms/[the platforms page] for the complete list of supported CPU architectures. [[hardware-virtualization]] === Virtualization Support +The NVMM hypervisor is now detected. +gitref:34f40baca641[repository=src] + +The VNC server in man:bhyve[8] will now show the correct colors when using the package:www/novnc[] client. +gitref:f9e09dc5b1d5[repository=src] + +Under Hyper-V, TLB flushes are now performed using hypercalls rather than IPIs, providing up to a 40% improvement in TLB performance. +gitref:7ece5993b787[repository=src] (Sponsored by Microsoft) + +[[linuxulator]] +=== Linux Binary Compatibility + +The `AT_NO_AUTOMOUNT` flag is now ignored for all Linuxulator stat() variants (as the behavior specified by the flag already matches FreeBSD's), improving Linux application compatibility. +gitref:99d3ce80ba07[repository=src] +(Sponsored by The FreeBSD Foundation) + +[[multimedia]] +== Multimedia + +Many improvements to the audio stack including support for hot-swapping in man:mixer[8], and the addition of man:mididump[1]. +gitref:cf9d2fb18433[repository=src] (Sponsored by The FreeBSD Foundation) +gitref:7224e9f2d4af[repository=src] (Sponsored by The FreeBSD Foundation) + [[documentation]] == Documentation This section covers changes to manual (man:man[1]) pages and other documentation shipped with the base system. [[man-pages]] === Man Pages A new man:networking[7] manual page provides a quickstart guide to connecting the system to networks including Wi-Fi, and links to other manual pages and the handbook. gitref:39f92a4c4c49[repository=src] [[ports]] == Ports Collection and Package Infrastructure This section covers changes to the FreeBSD Ports Collection, package infrastructure, and package maintenance and installation tools. +[[Installer]] +=== Installer + +The FreeBSD installer, man:bsdinstall[8], now supports downloading and installing firmware packages after the FreeBSD base system installation is complete. +gitref:03c07bdc8b31[repository=src] (Sponsored by The FreeBSD Foundation) + [[ports-packages]] === Packaging Changes +The package:net/wifi-firmware-kmod@release[] package has been added to the DVD package set in order to provide necessary firmware for wifi drivers. +gitref:8c6df7ead19c[repository=src] (Sponsored by The FreeBSD Foundation) + [[future-releases]] == General Notes Regarding Future FreeBSD Releases