Changeset View
Changeset View
Standalone View
Standalone View
website/content/en/releases/13.2R/relnotes.adoc
Show First 20 Lines • Show All 227 Lines • ▼ Show 20 Lines | ||||||||||
=== General Kernel Changes | === General Kernel Changes | |||||||||
The man:bhyve[8] hypervisor and kernel module man:vmm[4] now support more than 16 vCPUs in a guest. | The man:bhyve[8] hypervisor and kernel module man:vmm[4] now support more than 16 vCPUs in a guest. | |||||||||
By default bhyve permits each guest to create the same number of vCPUs as the count of physical CPUs on the host. | By default bhyve permits each guest to create the same number of vCPUs as the count of physical CPUs on the host. | |||||||||
This limit can be adjusted via the loader tunable `hw.vmm.maxcpu`. | This limit can be adjusted via the loader tunable `hw.vmm.maxcpu`. | |||||||||
gitref:3e02f8809aec[repository=src] | gitref:3e02f8809aec[repository=src] | |||||||||
Address Space Layout Randomization (ASLR) is enabled for 64-bit executables by default. | Address Space Layout Randomization (ASLR) is enabled for 64-bit executables by default. | |||||||||
It can be disabled as needed if applications fail unexpectedly, for example with segmentation faults. | ||||||||||
To disable for a single invocation, use the man:proccontrol[1] command: `proccontrol -m aslr -s disable command`. | ||||||||||
To disable ASLR for all invocations of a binary, use the man:elfctl[1] command: `elfctl -e +noaslr file`. | ||||||||||
Problems should be reported via the problem reporting system, https://bugs.freebsd.org[], or posting to the `freebsd-stable@FreeBSD.org` mailing list. | ||||||||||
gitref:10192e77cfac[repository=src] (Sponsored by Stormshield) | gitref:10192e77cfac[repository=src] (Sponsored by Stormshield) | |||||||||
A workaround has been implemented for an apparent hardware page invalidation problem on Intel Alder Lake (twelfth generation) and probably Raptor Lake (thirteenth generation) hybrid CPUs. | A workaround has been implemented for an apparent hardware page invalidation problem on Intel Alder Lake (twelfth generation) and probably Raptor Lake (thirteenth generation) hybrid CPUs. | |||||||||
The bug can lead to file system corruption with UFS and MSDOSFS, and probably other memory corruption. | The bug can lead to file system corruption with UFS and MSDOSFS, and probably other memory corruption. | |||||||||
The slower cores (E-cores) use a slower method of page invalidation with the workaround. | The slower cores (E-cores) automatically use a slower method of page invalidation with the workaround. | |||||||||
gitref:567cc4e6bfd9[repository=src] (Sponsored by The FreeBSD Foundation) | gitref:567cc4e6bfd9[repository=src] (Sponsored by The FreeBSD Foundation) | |||||||||
A new kernel configuration knob is available, `SPLIT_KERNEL_DEBUG`, which controls splitting of kernel and module debug data into separate standalone files. | A new kernel configuration knob is available, `SPLIT_KERNEL_DEBUG`, which controls splitting of kernel and module debug data into separate standalone files. | |||||||||
This interacts with the `WITHOUT_KERNEL_SYMBOLS` option, which operates differently than in 13.0-RELEASE and {releasePrev}, but similarly to prior releases; it now controls only installation of the debug data. | This interacts with the `WITHOUT_KERNEL_SYMBOLS` option, which operates differently than in 13.0-RELEASE and {releasePrev}, but similarly to prior releases; it now controls only installation of the debug data. | |||||||||
The defaults are `WITH_KERNEL_SYMBOLS` and `WITH_SPLIT_KERNEL_DEBUG`, allowing the kernel and modules without debug data to be installed in [.filename]#/boot#, and standalone debugging files to be installed in [.filename]#/usr/lib/debug#, as was done by default in releases before 13.0-RELEASE. | The defaults are `WITH_KERNEL_SYMBOLS` and `WITH_SPLIT_KERNEL_DEBUG`, allowing the kernel and modules without debug data to be installed in [.filename]#/boot#, and standalone debugging files to be installed in [.filename]#/usr/lib/debug#, as was done by default in releases before 13.0-RELEASE. | |||||||||
Using `WITHOUT_KERNEL_SYMBOLS` and `WITH_SPLIT_KERNEL_DEBUG`, standalone debugging files are generated but not installed, as when using `WITHOUT_KERNEL_SYMBOLS` in releases before 13.0-RELEASE. | Using `WITHOUT_KERNEL_SYMBOLS` and `WITH_SPLIT_KERNEL_DEBUG`, standalone debugging files are generated but not installed, as when using `WITHOUT_KERNEL_SYMBOLS` in releases before 13.0-RELEASE. | |||||||||
Finally, using `WITHOUT_KERNEL_SYMBOLS` and `WITHOUT_SPLIT_KERNEL_DEBUG` installs the kernel and modules with built-in debugging information in [.filename]#/boot#, as in {releasePrev} using `WITHOUT_KERNEL_SYMBOLS`. | Finally, using `WITHOUT_KERNEL_SYMBOLS` and `WITHOUT_SPLIT_KERNEL_DEBUG` installs the kernel and modules with built-in debugging information in [.filename]#/boot#, as in {releasePrev} using `WITHOUT_KERNEL_SYMBOLS`. | |||||||||
gitref:0c4d13c521aa[repository=src] (Sponsored by The FreeBSD Foundation) | gitref:0c4d13c521aa[repository=src] (Sponsored by The FreeBSD Foundation) | |||||||||
▲ Show 20 Lines • Show All 105 Lines • ▼ Show 20 Lines | ||||||||||
[[network]] | [[network]] | |||||||||
== Networking | == Networking | |||||||||
This section describes changes that affect networking in FreeBSD. | This section describes changes that affect networking in FreeBSD. | |||||||||
[[network-general]] | [[network-general]] | |||||||||
=== General Network | === General Network | |||||||||
The man:wg[4] WireGuard driver has been added, which provides Virtual Private Network (VPN) interfaces using the WireGuard protocol. | The kernel man:wg[4] WireGuard driver has been reintegrated, which provides Virtual Private Network (VPN) interfaces using the WireGuard protocol. | |||||||||
emaste: One final thought, maybe "has been reintegrated, which..." instead of "has been added".
What's… | ||||||||||
Done Inline ActionsI added Netgate along with the Foundation. We don't usually list individuals, or at least I haven't seen it done. karels: I added Netgate along with the Foundation. We don't usually list individuals, or at least I… | ||||||||||
gitref:5ae69e2f10da[repository=src] (Sponsored by The FreeBSD Foundation) | gitref:5ae69e2f10da[repository=src] (Sponsored by Rubicon Communications, LLC ("Netgate") and The FreeBSD Foundation) | |||||||||
Done Inline Actions
Taste. pauamma_gundo.com: Taste. | ||||||||||
Not Done Inline ActionsWas it previously in a RELEASE? grahamperrin: Was it previously in a `RELEASE`? | ||||||||||
Done Inline ActionsIt looks like wireguard was on releng/13.1 but removed prior to final release. If I'm reading the log correctly, it was not in BETA1. karels: It looks like wireguard was on releng/13.1 but removed prior to final release. If I'm reading… | ||||||||||
KTLS (the kernel TLS implementation) has added receive offload support for TLS 1.3. | KTLS (the kernel TLS implementation) has added receive offload support for TLS 1.3. | |||||||||
Receive offload is now supported for TLS 1.1 through 1.3; send offload is supported for TLS 1.0 through 1.3. | Receive offload is now supported for TLS 1.1 through 1.3; send offload is supported for TLS 1.0 through 1.3. | |||||||||
gitref:1462dc95f796[repository=src] (Sponsored by Netflix) | gitref:1462dc95f796[repository=src] (Sponsored by Netflix) | |||||||||
The man:netlink[4] network configuration protocol is now available. | The man:netlink[4] network configuration protocol is now available. | |||||||||
It is a communication protocol defined in RFC 3549, and uses a raw socket to exchange configuration information between user space and kernel. | It is a communication protocol defined in RFC 3549, and uses a raw socket to exchange configuration information between user space and kernel. | |||||||||
It is used by third-party routing programs and by the man:linux[4] ABI. | It is used by third-party routing programs and by the man:linux[4] ABI. | |||||||||
The man:netlink[4] protocol is not included in the GENERIC configuration in {releaseCurrent}, but is available as a kernel module. | ||||||||||
Not Done Inline ActionsNot sure about the markup here (what releaseCurrent is); netlink is enabled in GENERIC in main and stable/13, but is not in GENERIC (is a module only) in 13.2. emaste: Not sure about the markup here (what `releaseCurrent` is); netlink is enabled in GENERIC in… | ||||||||||
Done Inline Actions{releaseCurrent} is 13.2. I changed this to use GENERIC explicitly. karels: {releaseCurrent} is 13.2. I changed this to use GENERIC explicitly. | ||||||||||
gitref:6058f6cc48f5[repository=src] | gitref:6058f6cc48f5[repository=src] | |||||||||
Radix tables and lookups are now supported for MAC addresses in man:ipfw[4]. | Radix tables and lookups are now supported for MAC addresses in man:ipfw[4]. | |||||||||
This allows MAC address tables to be constructed and used for filtering. | This allows MAC address tables to be constructed and used for filtering. | |||||||||
gitref:c31f8b7bd895[repository=src] | gitref:c31f8b7bd895[repository=src] | |||||||||
Kernel modules dpdk_lpm4 and dpdk_lpm6 are now available and can be loaded via man:loader.conf[5]. | Kernel modules dpdk_lpm4 and dpdk_lpm6 are now available and can be loaded via man:loader.conf[5]. | |||||||||
They provide optimized routing functions for hosts with a very large amount of routing tables. | They provide optimized routing functions for hosts with a very large amount of routing tables. | |||||||||
They are part of the modular FIB lookup mechanism. | They are part of the modular FIB lookup mechanism. | |||||||||
gitref:0ca122044369[repository=src] | gitref:0ca122044369[repository=src] | |||||||||
There are numerous bug fixes in TCP and SCTP. | There are numerous bug fixes in TCP and SCTP. | |||||||||
[[future-releases]] | [[future-releases]] | |||||||||
== General Notes Regarding Future FreeBSD Releases | == General Notes Regarding Future FreeBSD Releases | |||||||||
`OPIE` has been deprecated and will be removed in FreeBSD 14.0. | `OPIE` has been deprecated and will be removed in FreeBSD 14.0. | |||||||||
The man:ce[4] and man:cp[4] synchronous serial drivers have been deprecated and will be removed in FreeBSD 14.0. | The man:ce[4] and man:cp[4] synchronous serial drivers have been deprecated and will be removed in FreeBSD 14.0. | |||||||||
Drivers for ISA sound cards have been deprecated and will be removed in FreeBSD 14.0. | ||||||||||
gitref:d7620b6ec941[repository=src] (Sponsored by The FreeBSD Foundation) | ||||||||||
The man:mergemaster[8] utility has been deprecated and will be removed in FreeBSD 14.0. | ||||||||||
Its replacement is man:etcupdate[8]. | ||||||||||
The man:minigzip[1] utility has been deprecated and will be removed in FreeBSD 14.0. | The man:minigzip[1] utility has been deprecated and will be removed in FreeBSD 14.0. | |||||||||
The remaining components of ATM in netgraph (NgATM) have been deprecated and will be removed in FreeBSD 14.0. | ||||||||||
Support for ATM NICs was removed previously. | ||||||||||
The Telnet daemon, man:telnetd[8], has been deprecated and will be removed in FreeBSD 14.0. | ||||||||||
The Telnet client is not affected. | ||||||||||
The VINUM class in man:geom[8] has been deprecated and will be removed in a future release. | ||||||||||
Not Done Inline ActionsThis one might bump to 15, also gbde is going in 15. ISA sound cards are deprecated as of: commit d7620b6ec941fc6239bb2600495c2978181cfe28 Author: Ed Maste <emaste@FreeBSD.org> Date: Fri Mar 18 11:50:23 2022 -0400 Add deprecation notices to ISA sound cards ISA sound cards (and ISA itself) are long obsolete. NYCBUG dmesgd has no entries for any of these devices after 2005. Mail to -current and -stable revealed some nostalgic interest, but no offers to test or requests to pospone the deprecation. Add deprecation notices to device attach routines and man pages for: snd_ad1816 Analog Devices AD1816 SoundPort snd_ess Ensoniq ESS snd_gusc Gravis UltraSound (MAX and newer AFAIK) snd_mss Microsoft Sound System snd_sbc Creative Sound Blaster Reviewed by: cy, mav MFC after: 3 days Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D34604 (cherry picked from commit e39ec8933be4d6e74cfb32680fb3e67469e66bb7) emaste: This one might bump to 15, also gbde is going in 15.
ISA sound cards are deprecated as of:
```… | ||||||||||
[[future-releases-cputype]] | [[future-releases-cputype]] | |||||||||
=== Default `CPUTYPE` Change | === Default `CPUTYPE` Change | |||||||||
Starting with FreeBSD-13.0, the default `CPUTYPE` for the i386 architecture will change from `486` to `686`. | Starting with FreeBSD-13.0, the default `CPUTYPE` for the i386 architecture will change from `486` to `686`. | |||||||||
This means that, by default, binaries produced will require a 686-class CPU, including but not limited to binaries provided by the FreeBSD Release Engineering team. | This means that, by default, binaries produced will require a 686-class CPU, including but not limited to binaries provided by the FreeBSD Release Engineering team. | |||||||||
FreeBSD 13.0 will continue to support older CPUs, however users needing this functionality will need to build their own releases for official support. | FreeBSD 13.x will continue to support older CPUs, however users needing this functionality will need to build their own releases for official support. | |||||||||
As the primary use for i486 and i586 CPUs is generally in the embedded market, the general end-user impact is expected to be minimal, as new hardware with these CPU types has long faded, and much of the deployed base of such systems is nearing retirement age, statistically. | As the primary use for i486 and i586 CPUs is generally in the embedded market, the general end-user impact is expected to be minimal, as new hardware with these CPU types has long faded, and much of the deployed base of such systems is nearing retirement age, statistically. | |||||||||
There were several factors taken into account for this change. | There were several factors taken into account for this change. | |||||||||
For example, i486 does not have 64-bit atomics, and while they can be emulated in the kernel, they cannot be emulated in the userland. | For example, i486 does not have 64-bit atomics, and while they can be emulated in the kernel, they cannot be emulated in the userland. | |||||||||
Additionally, the 32-bit amd64 libraries have been i686 since their inception. | Additionally, the 32-bit amd64 libraries have been i686 since their inception. | |||||||||
As the majority of 32-bit testing is done by developers using the lib32 libraries on 64-bit hardware with the `COMPAT_FREEBSD32` option in the kernel, this change ensures better coverage and user experience. | As the majority of 32-bit testing is done by developers using the lib32 libraries on 64-bit hardware with the `COMPAT_FREEBSD32` option in the kernel, this change ensures better coverage and user experience. | |||||||||
This also aligns with what the majority of Linux(R) distributions have been doing for quite some time. | This also aligns with what the majority of Linux(R) distributions have been doing for quite some time. | |||||||||
This is expected to be the final bump of the default `CPUTYPE` in i386. | This is expected to be the final bump of the default `CPUTYPE` in i386. | |||||||||
[IMPORTANT] | [IMPORTANT] | |||||||||
==== | ==== | |||||||||
This change does not affect the FreeBSD 12.x series of releases. | This change does not affect the FreeBSD 12.x series of releases. | |||||||||
==== | ==== |
One final thought, maybe "has been reintegrated, which..." instead of "has been added".
What's in the tree now is a combination of work sponsored by Netgate, kevans, and Foundation-sponsored contractors. The FF sponsored @jhb to rework the crypto to make use of existing kernel primitives where possible and shepherd the module back into the tree.