<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook XML V5.0-Based Extension//EN"
"../../../share/xml/freebsd50.dtd" [
<!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN" "release.ent">
%release;
<!ENTITY % sponsor PUBLIC "-//FreeBSD//ENTITIES Sponsor Specification//EN" "sponsor.ent">
%sponsor;
<!ENTITY % vendor PUBLIC "-//FreeBSD//ENTITIES Vendor Specification//EN" "vendor.ent">
%vendor;
<!ENTITY security SYSTEM "../../share/xml/security.xml">
<!ENTITY errata SYSTEM "../../share/xml/errata.xml">
]>
<article xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xml:id="top"
version="5.0">
<info>
<title>&os; &release.current; Release Notes</title>
<author>
<orgname>The &os; Project</orgname>
</author>
<pubdate>$FreeBSD$</pubdate>
<!-- Last rev: 288943 -->
<copyright>
<year>2018</year>
<holder role="mailto:doc@FreeBSD.org">The &os; Documentation
Project</holder>
</copyright>
<legalnotice xml:id="trademarks" role="trademarks">
&tm-attrib.freebsd;
&tm-attrib.ibm;
&tm-attrib.ieee;
&tm-attrib.intel;
&tm-attrib.sparc;
&tm-attrib.general;
</legalnotice>
<abstract>
<para>The release notes for &os; &release.current; contain
a summary of the changes made to the &os; base system on the
&release.branch; development line. This document lists
applicable security advisories that were issued since the last
release, as well as significant changes to the &os; kernel and
userland. Some brief remarks on upgrading are also
presented.</para>
</abstract>
</info>
<sect1 xml:id="intro">
<title>Introduction</title>
<para>This document contains the release notes for &os;
&release.current;. It describes recently added, changed, or
deleted features of &os;. It also provides some notes on
upgrading from previous versions of &os;.</para>
<para releasetype="current">The &release.type; distribution to
which these release notes apply represents the latest point
along the &release.branch; development branch since
&release.branch; was created. Information regarding pre-built,
binary &release.type; distributions along this branch can be
found at <uri
xlink:href="&release.url;">&release.url;</uri>.</para>
<para releasetype="snapshot">The &release.type; distribution to
which these release notes apply represents a point along the
&release.branch; development branch between &release.prev; and
the future &release.next;. Information regarding pre-built,
binary &release.type; distributions along this branch can be
found at <uri
xlink:href="&release.url;">&release.url;</uri>.</para>
<para releasetype="release">This distribution of &os;
&release.current; is a &release.type; distribution. It can be
found at <uri xlink:href="&release.url;">&release.url;</uri> or
any of its mirrors. More information on obtaining this (or
other) &release.type; distributions of &os; can be found in the
<link
xlink:href="&url.books.handbook;/mirrors.html"><quote>Obtaining
&os;</quote> appendix</link> to the <link
xlink:href="&url.books.handbook;/">&os;
Handbook</link>.</para>
<para>All users are encouraged to consult the release errata
before installing &os;. The errata document is updated with
<quote>late-breaking</quote> information discovered late in the
release cycle or after the release. Typically, it contains
information on known bugs, security advisories, and corrections
to documentation. An up-to-date copy of the errata for &os;
&release.current; can be found on the &os; Web site.</para>
<para>This document describes the most user-visible new or changed
features in &os; since &release.prev;. In general, changes
described here are unique to the &release.branch; branch unless
specifically marked as &merged; features.</para>
<para>Typical release note items document recent security
advisories issued after &release.prev;, new drivers or hardware
support, new commands or options, major bug fixes, or
contributed software upgrades. They may also list changes to
major ports/packages or release engineering practices. Clearly
the release notes cannot list every single change made to &os;
between releases; this document focuses primarily on security
advisories, user-visible changes, and major architectural
improvements.</para>
</sect1>
<sect1 xml:id="upgrade">
<title>Upgrading from Previous Releases of &os;</title>
<para arch="amd64,i386">Binary upgrades between RELEASE versions
(and snapshots of the various security branches) are supported
using the &man.freebsd-update.8; utility. The binary upgrade
procedure will update unmodified userland utilities, as well as
unmodified GENERIC kernels distributed as a part of an official
&os; release. The &man.freebsd-update.8; utility requires that
the host being upgraded have Internet connectivity.</para>
<para>Source-based upgrades (those based on recompiling the &os;
base system from source code) from previous versions are
supported, according to the instructions in
<filename>/usr/src/UPDATING</filename>.</para>
<important>
<para>Upgrading &os; should only be attempted after backing up
<emphasis>all</emphasis> data and configuration files.</para>
</important>
</sect1>
<sect1 xml:id="security-errata">
<title>Security and Errata</title>
<para>This section lists the various Security Advisories and
Errata Notices since &release.prev;.</para>
<sect2 xml:id="security">
<title>Security Advisories</title>
&security;
</sect2>
<sect2 xml:id="errata">
<title>Errata Notices</title>
&errata;
</sect2>
</sect1>
<sect1 xml:id="userland">
<title>Userland</title>
<para>This section covers changes and additions to userland
applications, contributed software, and system utilities.</para>
<sect2 xml:id="userland-programs">
<title>Userland Application Changes</title>
<para revision="321092">The &man.ln.1; utility has been updated
to correct the behavior of the <literal>-F</literal> flag by
unlinking an existing directory before creating a symbolic
link.</para>
<para revision="321241">The &man.crontab.1; utility has been
updated to include a new flag, <literal>-f</literal>, which
forces &man.crontab.5; removal when <literal>-r</literal> is
used non-interactively.</para>
<para revision="321262">The &man.newsyslog.8; utility has been
updated to support <acronym>RFC</acronym>5424-compliant
messages when rotating system logs.</para>
<para revision="321287" contrib="sponsor" sponsor="&gandi;">The
&man.sesutil.8; utility has been updated to include
&man.libxo.3; support in output.</para>
<para revision="321927">The &man.diskinfo.8; utility has been
updated to include two new flags, <literal>-s</literal> which
displays the disk identity (usually the serial number), and
<literal>-p</literal> which displays the physical path to the
disk in a storage controller. The <literal>-s</literal> and
<literal>-p</literal> flags are mutually exclusive, and cannot
be used with any other flags.</para>
<para revision="321929">The &man.diskinfo.8; utility has also
been updated to include device model when the
<literal>-s</literal> flag is used.</para>
<para revision="322509">The &man.top.1; utility has been updated
to allow filtering on multiple user names when the
<literal>-U</literal> flag is used.</para>
<para revision="322525">The &man.bsdgrep.1; utility has been
updated to include a <literal>rgrep</literal> hard link to
&man.grep.1;, which when used is equivalent to
<literal>grep -r</literal>.</para>
<para revision="322555">The &man.bsdgrep.1; utility has been
updated to address various issues with pattern matching
behavior.</para>
<para revision="322910">The &man.umount.8; utility has been
updated to include a new flag, <literal>-N</literal>, which
is used to forcefully unmount an <acronym>NFS</acronym>
mounted filesystem.</para>
<para revision="322919">The &man.pw.8; utility has been updated
to properly handle empty secondary group lists as an argument
to the <literal>-G</literal> flag when using the
<literal>usermod</literal> subcommand.</para>
<para revision="324124" contrib="sponsor"
sponsor="&chelsio;">The &man.getconf.1; utility has been
updated to include a new flag, <literal>-a</literal>, which
prints the name and value of all system or path configuration
values to &man.stdout.4; or optionally a file as an argument
to <literal>-a</literal>.</para>
<para revision="324270">The &man.ps.1; utility has been updated
to reflect realtime and idle priorities in state flags.</para>
<para revision="324271">The &man.ps.1; utility has been updated
to display if a process is running with &man.capsicum.4;
capability mode, indicated by <literal>C</literal>.</para>
<para revision="324380">The &man.cpucontrol.8; utility has been
updated to include a new flag, <literal>-n</literal>, that
disables the default microcode update search path when
used.</para>
<para revision="324674">The &man.fsck.ffs.8; utility has been
updated to prevent a filesystem from being reported as
modified when only the timestamp in the superblock is
updated.</para>
<para revision="325003" contrib="sponsor"
sponsor="&spectralogic;">The &man.diskinfo.8; utility has been
updated to display disk rotation rate and if
<acronym>TRIM</acronym>/<acronym>UNMAP</acronym> is supported
by the disk.</para>
<para revision="325473">The &man.rsh.1; utility has been updated
to include a new flag, <literal>-N</literal>, which disables
shutdown of a socket sending path when used.</para>
<para revision="326413">The &man.pfctl.8; utility has been
updated to allow <literal>route-to</literal> to properly
handle network interfaces with multiple <acronym>IP</acronym>
addresses.</para>
<para revision="326778" contrib="sponsor"
sponsor="&spectralogic;">The &man.camcontrol.8; utility has
been updated to include <acronym>ZAC</acronym> (Zoned-device
<acronym>ATA</acronym> command set) information when the
<literal>identify</literal> subcommand is used.</para>
<para revision="326848">The &man.pw.8; utility has been updated
to correct handling of account expiration periods.</para>
<para revision="327592">The &man.mdmfs.8; utility has been
updated to support &man.tmpfs.5;.</para>
<para revision="327837">The &man.lint.1; utility is not longer
built by default. The <literal>WITH_LINT</literal>
&man.src.conf.5; option has been added to enable building and
installing the utility.</para>
<para revision="327871">The &man.cpucontrol.8; utility has been
updated to include a new flag, <literal>-e</literal>, which is
used to re-evaluate reported <acronym>CPU</acronym> features
after applying firmware updates.</para>
<note>
<para>The &man.cpucontrol.8; <literal>-e</literal> flag should
only be used after microcode update have been applied to all
<acronym>CPU</acronym>s in the system, otherwise system
instability may be experienced if processor features are not
identical across the system.</para>
</note>
<para revision="328138">The &man.indent.1; utility has been
updated to respect the <literal>SIMPLE_BACKUP_SUFFIX</literal>
environment variable if set.</para>
<para revision="328139">The &man.du.1; utility has been updated
to include the <literal>--si</literal> long option, which is
used to display output in "human-readable" output in
powers of 1000.</para>
<para revision="328140">The &man.df.1; utility has been updated
to include the <literal>--si</literal> long option, which is
an alias to <literal>-H</literal>.</para>
<para revision="328599">The &man.service.8; utility has been
updated to include a new flag, <literal>-j</literal>, which is
used to interact with services running within a &man.jail.8;.
The argument to <literal>-j</literal> can be either the name
or numeric jail <acronym>ID</acronym>.</para>
<para revision="328604" contrib="sponsor"
sponsor="&dellemc;">The &man.fsck.ffs.8; utility has been
updated to exit with a non-zero status when the filesystem is
not repaired.</para>
<para revision="328668">The &man.nvmecontrol.8; utility has been
updated to print the full 128 bit value for
<acronym>SMART</acronym> data, instead of the hexadecimal
value.</para>
<para revision="328716">The &man.nvmecontrol.8; utility has been
updated to include control options for Western Digital®
HGST drives. The new options are <literal>cap-diag</literal>,
<literal>get-crash-dump</literal>,
<literal>drive-log</literal>, <literal>purge</literal>, and
<literal>purge-monitor</literal>.</para>
<para revision="330692" contrib="sponsor"
sponsor="&dellemc;">The &man.dhclient.8; utility has been
updated to be more compliant with <acronym>RFC</acronym>2131
by setting the source address field in the
<acronym>IP</acronym> header to <literal>0</literal> when
sending a <literal>DHCPREQUEST</literal> message to attempt to
obtain a previously-assigned <literal>IP</literal>
address.</para>
<para revision="330694" contrib="sponsor"
sponsor="&dellemc;">The &man.pw.8; utility has been updated to
allow the <literal>@</literal> and <literal>!</literal>
characters in the <acronym>GECOS</acronym> field.</para>
<para revision="330733" contrib="sponsor"
sponsor="&spectralogic;">The &man.zfsd.8; utility has been
updated to work with any type of <acronym>GEOM</acronym>
provider, including &man.md.4;, &man.geli.8;, &man.glabel.8;,
and &man.gstripe.8;.</para>
<para revision="331471">The &man.ps.1; utility has been updated
to include a <literal>jail</literal> keyword, which when used
will list the name of a &man.jail.8; instead of the numeric
ID.</para>
<para revision="331586" contrib="sponsor"
sponsor="&mellanox;">The &man.mlx5tool.8; utility has been
added, which is used to manage Connect-X 4 and
Connect-X 5 devices supported by &man.mlx5io.4;.</para>
<para revision="331603" contrib="sponsor"
sponsor="&chelsio;">The &man.sysctl.8; utility has been
updated to support setting an array of values to nodes. Prior
to this change, &man.sysctl.8; could only set one value to
a node that may return multiple values when queried.</para>
<para revision="331729">The &man.ifconfig.8; utility has been
updated to include a <literal>random</literal> option, which
when used with the <literal>ether</literal> option, generates
a random <acronym>MAC</acronym> address for an
interface.</para>
<para revision="332126" contrib="sponsor"
sponsor="&netflix;">The &man.efibootmgr.8; utility has been
added, which is used to manipulate the <acronym>EFI</acronym>
boot manager.</para>
<para revision="332947">The &man.etdump.1; utility has been
added, which is used to view El Torito boot catalog
information.</para>
<para revision="322753">The &man.mount.8; utility has been
updated to allow fallback to mount media read-only if an
attempt to mount write-protected media read-write fails. This
behavior is disabled by default, and can be requested with the
new <literal>autoro</literal> option.</para>
<para revision="332460" contrib="sponsor" sponsor="&ff;">The
&man.makefs.8; utility has been updated to default the block
and fragment sizes to match that of &man.newfs.8;, 32K and 4K,
respectively.</para>
<para revision="332929" contrib="sponsor" sponsor="&ff;">The
&man.pwd.mkdb.8; utility has been updated to emit a notice
that legacy database support will be removed effective
&os; 12 when the <literal>-l</literal> flag is
used.</para>
<para revision="334789">The &man.dhclient.8; utility has been
updated to allow the <literal>interface-mtu</literal> option
to be overridden with a <literal>supersede</literal> entry in
&man.dhclient.conf.5;.</para>
</sect2>
<sect2 xml:id="userland-contrib">
<title>Contributed Software</title>
<para revision="321303">The &man.libarchive.3; library has been
updated to version 3.3.2.</para>
<para revision="322442"><application>Subversion</application>
has been updated to version 1.9.7.</para>
<para revision="328495">The &man.dtc.1; utility has been updated
to upstream commit 9ce35ff8.</para>
<para revision="328874">The &man.file.1; utility has been
updated to version 5.32.</para>
<para revision="323136"><application>OpenSSH</application> has
been updated to version 7.5p1.</para>
<para revision="324581">The &man.mandoc.1; utility has been
updated to version 1.14.3.</para>
<para revision="327234">The &man.tcpdump.1; utility has been
updated to version 4.9.2.</para>
<para revision="330106">The <acronym>NTP</acronym> utilities
have been updated to version 4.2.8p11.</para>
<para revision="330570">The &man.less.1; utility has been
updated to upstream version v530.</para>
<para revision="331246">The <application>bmake</application>
utility has been updated to upstream version 20180222.</para>
<para revision="331465">The <acronym>BSD</acronym>-licensed
&man.diff.1; utility has been imported from OpenBSD, which is
installed if <literal>WITHOUT_GNU_DIFF</literal> is set in
&man.src.conf.5;, and otherwise not installed by
default.</para>
<para revision="331638"><application>OpenSSL</application> has
been updated to version 1.0.2o.</para>
<para revision="331838">The <application>clang</application>,
<application>llvm</application>,
<application>lld</application>,
<application>lldb</application>, and
<literal>compiler-rt</literal> utilities as well as
<literal>libc++</literal> have been updated to upstream
version 6.0.0.</para>
<para revision="333312">Timezone data files have been updated to
version 2018e.</para>
<para revision="334458">The &man.libxo.3; library has been
updated to version 0.9.0.</para>
</sect2>
<sect2 xml:id="userland-installer">
<title>Installation and Configuration Tools</title>
<para revision="322254" contrib="sponsor" sponsor="&ff;"
arch="&arch.arm64;">The &man.bsdinstall.8; installer has been
updated to default to <acronym>UEFI</acronym>-only
boot.</para>
</sect2>
</sect1>
<sect1 xml:id="kernel">
<title>Kernel</title>
<para>This section covers changes to kernel configurations, system
tuning, and system control parameters that are not otherwise
categorized.</para>
<sect2 xml:id="kernel-general">
<title>General Kernel Changes</title>
<para revision="321007">The &man.linux.4; <acronym>ABI</acronym>
compaibility layer has been updated to include support for
<literal>musl</literal> consumers.</para>
<para revision="322340">The &man.fdescfs.5; filesystem has been
updated to support &linux;-specific &man.fd.4;
<filename>/dev/fd</filename> and
<filename>/proc/self/fd</filename> behavior.</para>
<para revision="323447">Support for multiple realtime clocks has
been added.</para>
</sect2>
<sect2 xml:id="kernel-bugfix">
<title>Kernel Bug Fixes</title>
<para revision="324175">The &man.ng.iface.4; driver has been
updated to prevent a possible system crash.</para>
<para revision="325730">The &man.ipfw.4; packet filter has been
updated to identify layer-2 and layer-3 packets, fixing
&man.dummynet.4; <acronym>AQM</acronym> packet marking.</para>
<para revision="333166">An issue causing boot issues with
&intel; Apollo Lake™ <acronym>CPU</acronym>s has been
fixed.</para>
</sect2>
<sect2 xml:id="kernel-config">
<title>Kernel Configuration</title>
<para revision="327920">The &man.watchdog.4; facility has been
updated to make <literal>SW_WATCHDOG</literal> dynamic,
enabling the software &man.watchdogd.8; option whenever
a hardware watchdog is not present.</para>
</sect2>
<sect2 xml:id="kernel-sysctl">
<title>System Tuning and Controls</title>
<para revision="326322" contrib="sponsor"
sponsor="&spectralogic;">The
<literal>p1003_1b.aio_listio_max</literal> &man.sysctl.8; has
been changed to a runtime-configurable tunable.</para>
</sect2>
</sect1>
<sect1 xml:id="drivers">
<title>Devices and Drivers</title>
<para>This section covers changes and additions to devices and
device drivers since &release.prev;.</para>
<sect2 xml:id="drivers-device">
<title>Device Drivers</title>
<para revision="330307" contrib="sponsor"
sponsor="&chelsio;">The &man.cxgbe.4; driver has been updated
to firmware version 1.16.63.0 for T4, T5, and T6 network
adapters.</para>
<para revision="331058">The &man.ng.pppoe.4; driver has been
updated to add support for user-supplied
<literal>Host-Uniq</literal> tags.</para>
<para revision="331500">Support for the TAIO
<acronym>USB</acronym> multi-protocol adapter
(<acronym>TUMPA</acronym>) has been added.</para>
<para revision="331586" contrib="sponsor"
sponsor="&mellanox;">The &man.mlx5io.4; driver has been added,
providing an interface to manage supported Connect-X 4
and Connect-X 5 network adapters.</para>
<para revision="331882" contrib="sponsor"
sponsor="&darpa_afrl;">The &man.cm.4; and &man.fpa.4; drivers
have been marked as deprecated, and will be removed in
&os; 12.</para>
<para revision="332040" contrib="sponsor"
sponsor="&broadcom;">The &man.ocs.fc.4; driver has been added,
supporting Emulex 16/8G FC GEN 5
<acronym>HBA</acronym>s LPe15004 and LPe160XX, and
Emulex 32/16G FC GEN 6
<acronym>HBA</acronym>s LPe3100X and LPe3200X.</para>
<para revision="333171">The &man.ixgb.4; driver has been marked
as deprecated, and will be removed in &os; 12.</para>
<para revision="333343" contrib="sponsor"
sponsor="&intelcorp;">The &man.ixl.4; driver has been updated
to version 1.9.9-k.</para>
<para revision="333367">The &man.nxge.4; driver has been marked
as deprecated, and will be removed in &os; 12.</para>
<para revision="333412" contrib="sponsor" sponsor="&ff;">The
&man.lmc.4; driver has been marked as deprecated, and will be
removed in &os; 12.</para>
<para revision="333417">The &man.smartpqi.4; driver has been
added, providing support for Microsemi®
<acronym>SCSI</acronym> controllers.</para>
<para revision="333738">The &man.vxge.4; driver has been marked
as deprecated, and will be removed in &os; 12.</para>
</sect2>
</sect1>
<sect1 xml:id="hardware">
<title>Hardware Support</title>
<para>This section covers general hardware support for physical
machines, hypervisors, and virtualization environments, as well
as hardware changes and updates that do not otherwise fit in
other sections of this document.</para>
<sect2 xml:id="hardware-virtualization">
<title>Virtualization Support</title>
<para revision="321413">Support for &man.virtio.console.4; has
been added to &man.bhyve.4;.</para>
</sect2>
</sect1>
<sect1 xml:id="storage">
<title>Storage</title>
<para>This section covers changes and additions to file systems
and other storage subsystems, both local and networked.</para>
<sect2 xml:id="storage-geom">
<title><literal>geom(4)</literal></title>
<para revision="332519">The <literal>geom_aes</literal>,
<literal>geom_bsd</literal>, <literal>geom_mbr</literal>,
<literal>geom_sunlabel</literal> &man.geom.4; classes have
been marked as deprecated. They have been replaced by the
<literal>geom_part</literal> class in &os; 7, and removed
from the <literal>GENERIC</literal> kernel configurations in
&os; 8, and will be removed in &os; 12.</para>
</sect2>
</sect1>
<sect1 xml:id="boot">
<title>Boot Loader Changes</title>
<para>This section covers the boot loader, boot menu, and other
boot-related changes.</para>
<sect2 xml:id="boot-loader">
<title>Boot Loader Changes</title>
<para revision="321519">The boot code and &man.loader.8; have
been updated to check for unsupported <acronym>ZFS</acronym>
feature flags. If unsupported features are active, the pool
is not considered as a bootable pool, and a diagnostic message
is printed to the console.</para>
<para revision="329010">The &man.loader.8; has been updated to
improve quotation parsing, distinguishing between single- and
double-quotes, and check for terminating quotes.</para>
<para revision="329114">The length of <acronym>GELI</acronym>
passphrases entered when booting a system with encrypted disks
is now hidden by default. See the configuration options in
&man.geli.8; to restore the previous behavior.</para>
</sect2>
</sect1>
<sect1 xml:id="network">
<title>Networking</title>
<para>This section describes changes that affect networking in
&os;.</para>
<sect2 xml:id="network-general">
<title>General Network Changes</title>
<para revision="329581" contrib="sponsor"
sponsor="&dellemc;">The &man.icmp6.4; protocol has been
updated to fix <acronym>ICMPv6</acronym> redirects.</para>
</sect2>
</sect1>
<sect1 xml:id="ports">
<title>Ports Collection and Package Infrastructure</title>
<para>This section covers changes to the &os; Ports
Collection, package infrastructure, and package maintenance and
installation tools.</para>
<sect2 xml:id="ports-packages ">
<title>Packaging Changes</title>
<para>The &man.pkg.8; utility has been updated to version
1.10.5.</para>
</sect2>
</sect1>
<sect1 xml:id="releng">
<title>Release Engineering and Integration</title>
<para>This section convers changes that are specific to the
&os; Release Engineering processes.</para>
<sect2 xml:id="releng-changes">
<title>Integration Changes</title>
<para revision="326892">Amazon® EC2™ instances now
keep their clocks synchronized using the Amazon Time Sync
Service, the <acronym>NTP</acronym> service internal to the
EC2™ infrastructure.</para>
<para revision="333410" contrib="sponsor" sponsor="&ff;">The
&arch.i386; memory stick image installers have been changed
to use the <acronym>MBR</acronym> partitioning scheme, which
addresses a boot issue from a <acronym>GPT</acronym> partition
scheme in non-<acronym>UEFI</acronym> mode.</para>
<para revision="334444" contrib="sponsor" sponsor="&ff;">The
&arch.amd64; memory stick image installers have been changed
to use the <acronym>MBR</acronym> partitioning scheme, which
addresses a boot issue from a <acronym>GPT</acronym> partition
scheme in non-<acronym>UEFI</acronym> mode.</para>
</sect2>
</sect1>
</article>