From owner-svn-src-all@FreeBSD.ORG Mon Jul 19 15:26:43 2010 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4642C106564A; Mon, 19 Jul 2010 15:26:43 +0000 (UTC) (envelope-from hrs@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 315AF8FC17; Mon, 19 Jul 2010 15:26:43 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id o6JFQhC6005177; Mon, 19 Jul 2010 15:26:43 GMT (envelope-from hrs@svn.freebsd.org) Received: (from hrs@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id o6JFQhaY005143; Mon, 19 Jul 2010 15:26:43 GMT (envelope-from hrs@svn.freebsd.org) Message-Id: <201007191526.o6JFQhaY005143@svn.freebsd.org> From: Hiroki Sato Date: Mon, 19 Jul 2010 15:26:43 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r210239 - in stable/8/release/doc: en_US.ISO8859-1/errata en_US.ISO8859-1/relnotes share/sgml X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Jul 2010 15:26:43 -0000 Author: hrs Date: Mon Jul 19 15:26:42 2010 New Revision: 210239 URL: http://svn.freebsd.org/changeset/base/210239 Log: - Clean up old contents and bump version numbers. - Add items for security advisories. Modified: stable/8/release/doc/en_US.ISO8859-1/errata/article.sgml stable/8/release/doc/en_US.ISO8859-1/relnotes/article.sgml stable/8/release/doc/share/sgml/release.dsl stable/8/release/doc/share/sgml/release.ent Modified: stable/8/release/doc/en_US.ISO8859-1/errata/article.sgml ============================================================================== --- stable/8/release/doc/en_US.ISO8859-1/errata/article.sgml Mon Jul 19 15:05:35 2010 (r210238) +++ stable/8/release/doc/en_US.ISO8859-1/errata/article.sgml Mon Jul 19 15:26:42 2010 (r210239) @@ -16,7 +16,7 @@ %release; - + ]>
@@ -40,7 +40,7 @@ $FreeBSD$ - 2009 + 2010 The &os; Documentation Project @@ -119,7 +119,6 @@ For a list of all &os; CERT security advisories, see or . - @@ -144,34 +143,74 @@ - SA-09:17.freebsd-update - 03 December 2009 - Inappropriate directory permissions in freebsd-update(8) + SA-09:15.ssl + 3 Dec 2009 + SSL protocol flaw SA-09:16.rtld - 03 December 2009 - Improper environment sanitization in rtld(1) + 3 Dec 2009 + Improper environment sanitization in &man.rtld.1; - SA-09:15.ssl - 03 December 2009 - SSL protocol flaw + SA-09:17.freebsd-update + 3 Dec 2009 + Inappropriate directory permissions in &man.freebsd-update.8; + + + SA-10:01.bind + 6 Jan 2010 + BIND &man.named.8; cache poisoning with DNSSEC validation + + + SA-10:02.ntpd + 6 Jan 2010 + ntpd mode 7 denial of service + + + SA-10:03.zfs + 6 Jan 2010 + ZFS ZIL playback with insecure permissions + + + SA-10:04.jail + 27 May 2010 + Insufficient environment sanitization in &man.jail.8; + + + SA-10:05.opie + 27 May 2010 + OPIE off-by-one stack overflow + + + SA-10:06.nfsclient + 27 May 2010 + Unvalidated input in nfsclient + + + SA-10:07.mbuf + 13 July 2010 + Lost mbuf flag resulting in data corruption - Open Issues No open issues. - @@ -179,5 +218,4 @@ No news. -
Modified: stable/8/release/doc/en_US.ISO8859-1/relnotes/article.sgml ============================================================================== --- stable/8/release/doc/en_US.ISO8859-1/relnotes/article.sgml Mon Jul 19 15:05:35 2010 (r210238) +++ stable/8/release/doc/en_US.ISO8859-1/relnotes/article.sgml Mon Jul 19 15:26:42 2010 (r210239) @@ -15,16 +15,7 @@ $FreeBSD$ - 2000 - 2001 - 2002 - 2003 - 2004 - 2005 - 2006 - 2007 - 2008 - 2009 + 2010 The &os; Documentation Project @@ -106,9 +97,7 @@ What's New This section describes the most user-visible new or changed - features in &os; since &release.prev;, and changes shown in - Release Notes for the previous releases are marked as - [7.1R] and [7.2R]. + features in &os; since &release.prev;. Typical release note items document recent security advisories issued after &release.prev;, new drivers or hardware @@ -142,163 +131,65 @@ - - SA-08:05.openssh - 17 April 2008 - OpenSSH X11-forwarding privilege escalation - - - - SA-08:06.bind - 13 July 2008 - DNS cache poisoning - - - - SA-08:07.amd64 - 3 September 2008 - amd64 swapgs local privilege escalation - - - - SA-08:08.nmount - 3 September 2008 - &man.nmount.2; local arbitrary code execution - - - - SA-08:09.icmp6 - 3 September 2008 - Remote kernel panics on IPv6 connections - - - - SA-08:10.nd6 - 1 October 2008 - IPv6 Neighbor Discovery Protocol routing vulnerability - - - - SA-08:11.arc4random - 24 November 2008 - &man.arc4random.9; predictable sequence vulnerability - - - - SA-08:12.ftpd - 23 December 2008 - Cross-site request forgery in &man.ftpd.8; - - - - SA-08:13.protosw - 23 December 2008 - netgraph / bluetooth privilege escalation - - - - SA-09:01.lukemftpd - 07 January 2009 - Cross-site request forgery in - &man.lukemftpd.8; - - - - SA-09:02.openssl - 07 January 2009 - OpenSSL incorrectly checks for malformed - signatures - - - - SA-09:03.ntpd - 13 January 2009 - ntpd cryptographic signature - bypass - - - - SA-09:04.bind - 13 January 2009 - BIND DNSSEC incorrect checks for - malformed signatures + + SA-09:15.ssl + 3 Dec 2009 + SSL protocol flaw - - - SA-09:05.telnetd - 16 February 2009 - telnetd code execution - vulnerability + + SA-09:16.rtld + 3 Dec 2009 + Improper environment sanitization in &man.rtld.1; - - - SA-09:06.ktimer - 23 March 2009 - Local privilege escalation + + SA-09:17.freebsd-update + 3 Dec 2009 + Inappropriate directory permissions in &man.freebsd-update.8; - - - SA-09:07.libc - 04 April 2009 - Information leak in &man.db.3; + + SA-10:01.bind + 6 Jan 2010 + BIND &man.named.8; cache poisoning with DNSSEC validation - - - SA-09:08.openssl - 22 April 2009 - Remotely exploitable crash in - OpenSSL + + SA-10:02.ntpd + 6 Jan 2010 + ntpd mode 7 denial of service - - - SA-09:09.pipe - 10 June 2009 - Local information disclosure via direct pipe writes + + SA-10:03.zfs + 6 Jan 2010 + ZFS ZIL playback with insecure permissions - - - SA-09:10.ipv6 - 10 June 2009 - Missing permission check on SIOCSIFINFO_IN6 ioctl + + SA-10:04.jail + 27 May 2010 + Insufficient environment sanitization in &man.jail.8; - - - SA-09:11.ntpd - 10 June 2009 - ntpd stack-based buffer-overflow vulnerability + + SA-10:05.opie + 27 May 2010 + OPIE off-by-one stack overflow - - - SA-09:12.bind - 29 July 2009 - BIND &man.named.8; dynamic update message remote DoS + + SA-10:06.nfsclient + 27 May 2010 + Unvalidated input in nfsclient - - SA-09:14.devfs - 2 Oct 2009 - Devfs / VFS NULL pointer race condition + + SA-10:07.mbuf + 13 July 2010 + Lost mbuf flag resulting in data corruption @@ -308,2034 +199,68 @@ Kernel Changes - The &os; GENERIC kernel now - includes Trusted BSD MAC (Mandatory Access Control) support. - No MAC policy module is loaded by default. - - A loader - tunable hw.clflush_disable has been added - to avoid panic (trap 9) - at map_invalidate_cache_range() even if - Intel CPU is used. This tunable can be set - to -1 (default), 0 and - 1. The -1 is same as - the current behavior, which automatically - disables CLFLUSH on Intel CPUs without - CPUID_SS (this should occurr on Xen - only). You can specify 1 when this panic - happens on non-Intel CPUs (such as AMD's). Because disabling - CLFLUSH can reduce performance, you can try - with setting 0 on Intel CPUs - without SS to - use CLFLUSH feature. - - The &man.jail.8; subsystem has been updated. Changes include: - - - - A new virtualization container - named vimage has been implemented. This is - not enabled by default. To enable this, add the following - kernel options to your kernel configuration file and - rebuild the kernel: - - options VIMAGE - - Note that options SCTP in the - GENERIC kernel is not compatible with - options VIMAGE. This limitation will - be fixed in the next release. - - The vimage is a jail with a virtualized instance of - the &os; network stack. It can be created by using - &man.jail.8; command like this: - - &prompt.root; jail -c vnet name=vnet1 host.hostname=vnet1.example.net path=/ persist - - The vimage has own loopback interface and a separated - network stack including the L3 routing tables. Network - interfaces on the system can be moved by using - &man.ifconfig.8; option between the - different vimage jails and outside of them. - - Furthermore, the &man.epair.4; pseudo-interface driver - has been added to help communication between vimage jails. - It emulates a pair of back-to-back connected Ethernet - interfaces. For example, the following commands create an - interface pair of &man.epair.4;: - - &prompt.root; ifconfig epair0 create -epair0a -&prompt.root; ifconfig epair0a -epair0a: flags=8842<BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 - ether 02:c0:64:00:07:0a -&prompt.root; ifconfig epair0b -epair0b: flags=8842<BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 - ether 02:c0:64:00:08:0b - - The &man.epair.4; pseudo-interfaces and any physical - interfaces on the system can be moved between vimage jails - by using &man.ifconfig.8; option as - described above. Even after half of an &man.epair.4; pair - is moved, the back-to-back connection still valid and can - be used for inter-jail communication. - - Note that vimage is still considered as an - experimental feature. - - - - A jail can now have arbitrary named parameters similar - to environmental variables and the fixed jail parameters - in the previous releases have been replaced with them. - The jail name can now be used for identifying the jail in - &man.jexec.8; and &man.killall.1;. - - - - Multiple IPv4 and/or IPv6 addresses per jail are now - supported. It is even possible to have jails without - an IP address at all, which basically gives one a chrooted - environment with restricted process view and no - networking. - - - - SCTP (&man.sctp.4;) with IPv6 in jails has been - implemented. - - - - Specific CPU binding by using &man.cpuset.1; has been - implemented. Note that the current implementation allows - the superuser inside of the jail to change the CPU - bindings specified. - - - - A &man.jail.8; can start with a specific route - FIB now. - - - - The &man.ddb.8; kernel debugger now supports a - show jails subcommand. - - - - Compatibility support which permits 32-bit jail - binaries to be used on 64-bit systems to manage jails has - been added. - - - - Note that both version numbers of - jail and prison in - the &man.jail.8; have been updated for the new - features. - - - - The &man.ksyms.4;, kernel symbol table - interface driver has been added. It creates a character - device /dev/ksyms and provides - read-only access to a snapshot of the kernel symbol - table. - - The &os; Linux emulation - layer has been updated to version 2.6.16 and the default Linux - infrastructure port is - emulators/linux_base-f10 (Fedora - 10). - - The &os;/&arch.arm; now - supports mini dump. - - The &os;/&arch.powerpc; now - supports kernel core dump. - - The &os; virtual memory - subsystem now supports fully transparent use of - superpages for application memory; - application memory pages are dynamically promoted to or - demoted from superpages without any modification to - application code. This change offers the benefit of large - page sizes such as improved virtual memory efficiency and - reduced TLB (translation lookaside buffer) misses without - downsides like application changes and virtual memory - inflexibility. This can be enabled by setting a loader tunable - vm.pmap.pg_ps_enabled to - 1 and is enabled by default on - &arch.amd64;. - - The &man.ddb.8; kernel debugger now supports a - show mount subcommand. - - The &os; DTrace subsystem now supports a probe for - process execution. - - The &os; kernel virtual address - space has been increased to 6GB. This allows subsystems to use - larger virtual memory space than before. For example, the - &man.zfs.8; adaptive replacement cache (ARC) requires large - kernel memory space to cache file system data, so it benefits - from the increased address space. Note that the ceiling on - the kernel map size is now 60% of the size of physical memory - rather than an absolute quantity. - - The &man.kld.4; now supports installing 32-bit - system calls to the &os; syscall translation layer from kernel - modules. - - The &man.ktr.4; now supports a new KTR tracepoint in the - KTR_CALLOUT class to note when a callout - routine finishes executing. - - Types of variables used to track the amount of allocated - System V shared memory have been changed from - int to size_t. This - makes it possible to use more than 2 GB of memory for shared - memory segments on 64-bit architectures. Please note the new - BUGS section in &man.shmctl.2; and - /usr/src/UPDATING for limitations of this - temporary solution. - - The &man.sysctl.3; leaf nodes have a flag to tag - themselves as MPSAFE now. - - The &os; 32-bit system call translation layer now - supports installing 32-bit system calls for - VFS_AIO. - - The &man.clock.gettime.2; and the related system calls now - support a clock ID CLOCK_THREAD_CPUTIME_ID, - as defined in POSIX. - - The &man.cpuset.2; system call has been added. This is an - API for thread to CPU binding and CPU resource grouping and - assignment. - - The DTrace, a comprehensive dynamic tracing framework and - &man.dtrace.1; userland utility have been imported from - OpenSolaris. DTrace provides a powerful infrastructure to - permit administrators, developers, and service personnel to - concisely answer arbitrary questions about the behavior of the - operating system and user programs. - - The &man.ddb.4; kernel debugger now has an output capture - facility. Input and output from &man.ddb.4; can now be captured - to a memory buffer for later inspection using &man.sysctl.8; or - a textdump. The new capture command controls - this feature. - - The &man.ddb.4; debugger now supports a simple scripting - facility, which supports a set of named scripts consisting of a - set of &man.ddb.4; commands. These commands can be managed from - within &man.ddb.4; or with the use of the new &man.ddb.8; - utility. More details can be found in the &man.ddb.4; manual - page. - - The &man.ddb.4; ex command now supports - an mode which interprets and prints the - value at the requested address as a symbol. For example, - ex /S aio_swake - prints the name of the function currently registered in - via aio_swake hook. - - The &man.ddb.4; show conifhk command has - been added. This lists hooks currently waiting for completion - in run_interrupt_driven_config_hooks(). - - The &man.fcntl.2; system call now supports - F_DUP2FD command. This is equivalent to - &man.dup.2;, and compatible with the Sun Solaris and the IBM - AIX. - - The &os;'s &man.linux.4; ABI support now implements - sched_setaffinity() and - sched_getaffinity() using real CPU affinity - setting primitives. - - The &man.procstat.1; utility has been added. This is a - process inspection utility which provides some of the missing - functionality from &man.procfs.5; and new functionality for monitoring - and debugging specific processes. - - The client side functionality of &man.rpc.lockd.8; has been - implemented in the &os; kernel. This implementation provides the - correct semantics for &man.flock.2; style locks which are used - by the &man.lockf.1; command line tool and the &man.pidfile.3; - library. It also implements recovery from server restarts and - ensures that dirty cache blocks are written to the server before - obtaining locks (allowing multiple clients to use file locking - to safely share data). Also, a new kernel option - options NFSLOCKD has been added and enabled - by default. If the kernel support is enabled, &man.rpc.lockd.8; - automatically detects and uses the functionality. - - The &os; kernel now supports a new textdump format of kernel - dumps. A textdump provides higher-level information via - mechanically generated/extracted debugging output, rather than a - simple memory dump. This facility can be used to generate brief - kernel bug reports that are rich in debugging information, but - are not dependent on kernel symbol tables or precisely - synchronized source code. More information can be found in the - &man.textdump.4; manual page. - - The &man.wait4.2; system call now supports - flag to keep the process whose status - is returned in a waitable state and - which is equivalent to . - - The &os; kernel now has - initial support of binding interrupts to CPUs. - - The &man.sched.ule.4; scheduler is now the default - process scheduler in GENERIC - kernels. - - The sysctl - variables kern.features.compat_freebsd[456] - have been added. These are corresponding to the kernel options - COMPAT_FREEBSD[456]. + Boot Loader Changes - The boot0 boot - loader now preserves volume ID at offset - 0x1b8 used in other operating systems - - The &man.boot0cfg.8; utility now supports a - new option to set the volume ID. - - The &man.loader.8; now - supports U-Boot support library. - - The &man.boot.8; now supports 4-byte volume ID that - certain versions of &windows; put into the MBR and invoking - PXE by pressing the F6 key on some supported BIOSes. - - The &man.boot.8; BTX loader has been - improved. This fixes several boot issues on recent machines - reported for 7.1-RELEASE and before. - - The &man.loader.8; is now able to obtain DHCP options - from network boot via &man.kenv.2; variables. - - A bug in the &man.loader.8; has been fixed. Now the - following line works as expected: - - loader_conf_files="foo bar ${variable}" - - The BTX kernel used by the boot - loader has been changed to invoke BIOS routines from real - mode. This change makes it possible to boot &os; from USB - devices. - - A new gptboot boot loader has - been added to support booting from a GPT labeled disk. A - new boot command has been added to - &man.gpt.8;, which makes a GPT disk bootable by writing the - required bits of the boot loader, creating a new boot - partition if required. + Hardware Support - The &os; now includes experimental support - for &arch.mips; platform. - - Support for RTC on Dallas Semiconductor chips - has been improved. The DS133x and DS1553 are now - supported. - - The &os;/&arch.arm; now supports - Feroceon and Sheeva embedded CPU, Marvell Orion (88F5281), - Kirkwood (88F6281), Discovery Innovation (MV-78100) - systems-on-chip CPU. - - The &os;/&arch.powerpc; now - supports SMP machines - - The &os;/&arch.powerpc; now - supports E500 (Book-E) embedded CPU and Freescale - PowerQUICCIII MPC85xx system-on-chip (including single and - dual-core). - - The &man.acpi.4; subsystem now supports the System - Resource Affinity Table (SRAT) used to describe affinity - relationships between CPUs and memory, ACPI 3.0 fields in - the MADT including X2APIC entries and UIDs for local SAPICs, and - ACPI 3.0 flags in the FADT. - - The &man.cpufreq.4; framework now - supports PowerPC G5, along with a skeleton SMU driver in order to slew - CPU voltage during frequency changes. - - The sec(4) driver has been added to provide - support for the integrated security engine found in - Freescale system-on-chip devices. - - The &os; TTY layer has been replaced with a - new one which has better support for SMP and robust resource - handling. A tty now has own mutex and it is expected to - improve scalability when compared to the old implementation - based on the Giant lock. - - The &man.uart.4; driver is now the - default driver for serial port devices in favor of the - &man.sio.4; driver. Note that the device nodes have been - renamed from - /dev/cuadN and - /dev/ttydN to - /dev/cuauN and - /dev/ttyuN. - - - Users who are upgrading will need to change their - kernel configurations and possibly also - /boot/loader.conf and - /boot/device.hints. - - - The &os; USB subsystem has been reimplemented - to support modern devices and better SMP scalability. The - new implementation includes Giant-lock-free device drivers, - a Linux compatibility layer, &man.usbconfig.8; utility, full - support for split transaction and isochronous transaction, - and more. Device node names for USB devices are now in a - the form - of /dev/usb/bus.dev.endpoint, - and /dev/usbctl is the master device - node. Note that the &man.ugen.4; driver has nodes for each device as /dev/ugenbus.dev for backward compatibility. - - &os; now supports Ultra SPARC III - (Cheetah) processor family. - - The &man.acpi.4; subsystem now supports a &man.sysctl.8; - variable debug.batt.batt_sleep_ms. On - some laptops with smart batteries, enabling battery - monitoring software causes keystrokes from &man.atkbd.4; to - be lost. This sysctl variable adds a delay in millisecond - to the status checking code as a workaround. - - The &man.acpi.asus.4; driver now supports Asus A8Sr - notebooks. - - Support for the AltiVec, a floating point - and integer SIMD instruction set has been added. - - The &man.cpuctl.4; driver, which provides a special - device /dev/cpuctl as an interface to - the system CPU has been added. The &man.cpuctl.4; - functionality includes the ability to retrieve CPUID - information, read/write machine specific registers (MSR), - and perform CPU firmware updates. - - The &man.cpufreq.4; driver now supports an - hw.est.msr_info loader tunable. When - this is set to 1, it attempts to build a - simple list containing just the high and low frequencies if - it cannot obtain a frequency list from either ACPI or the - static tables. This is disabled by default. - - CPU frequency change notifiers are now - disabled when the TSC is P-state invariant. Also, a new - loader tunable - kern.timecounter.invariant_tsc has been - added to force this behavior by setting it to - non-zero. - - The &man.atkbd.4; driver now disables the interrupt - handler which is called from the keyboard callback function - when polled mode is enabled. This fixes the problem of - duplicated/missing characters at the mountroot prompt on - multi CPU systems while &man.kbdmux.4; is enabled. - - In the &man.pci.4; subsystem INTx is now disabled when - MSI/MSIX is enabled. This change fixes interrupt storm - related issues. - - The schizo(4) driver for Schizo - Fireplane/Safari to PCI 2.1 and Tomatillo JBus to PCI 2.2 - bridges has been added. - - The &man.u3g.4; driver for USB based 3G cards and - dongles including Vodafone Mobile Connect Card 3G, Qualcomm - CDMA MSM, Huawei E220, Novatel U740, Sierra MC875U, and more - has been added. This provides support for the multiple - USB-to-serial interfaces exposed by many 3G USB/PC Card - modems, and the device is accessed through the &man.ucom.4; - driver which makes it behave like a &man.tty.4;. - - The &man.sched.ule.4; scheduler now supports - the loader tunable - machdep.hyperthreading_enabled just like - &man.sched.4bsd.4;. Note that it cannot be modified at - run-time. - - The &man.cmx.4; driver, a driver for Omnikey CardMan 4040 - PCMCIA smartcard readers, has been added. - - The &man.kbdmux.4; driver now - supports &arch.sparc64;. The &man.sunkbd.4; driver now - supports &man.atkbd.4; emulation like &man.ukbd.4;. - - The nvram(4) driver is now - MPSAFE. - - An option of the &man.puc.4; - driver, PUC_FASTINTR, is no longer - supported. - - The &man.psm.4; driver now attempts detection of Synaptics - touchpad before IntelliMouse. Some touchpads will pretend to - be IntelliMouse causing the IntelliMouse probe to work and the - Synaptics detection never to be done. - - The &man.uslcom.4; driver, a driver for Silicon - Laboratories CP2101/CP2102-based USB serial adapters, has been - imported from OpenBSD. + Multimedia Support - The &os; audio subsystem has been improved. - The changes include volume per channel, high quality - fixed-point band-limited SINC sampling rate converter, - bit-perfect mode, transparent/adaptive virtual channel, - and exclusive stream. For more details, see the - &man.snd.4; manual page. - - The &man.agp.4; driver now supports Intel G4X series - graphics chipsets. - - The Direct Rendering Manager - (DRM), a kernel module that - gives direct hardware access to DRI clients, has been - updated. Support for AMD/ATI r500, r600, r700, and IGP - based chips, XGI V3XE/V5/V8, and Intel i915 chipsets has - been improved. - - A new loader tunable hw.drm.msi has - been added to control if DRM uses MSI or not. This is set - to 1 (enabled) by default. - - The snd_au88x0(4) driver for Aureal Vortex - 1/2/Advantage PCI has been removed because it has been - broken for a long time. - - The &man.snd.hda.4; driver has been updated. These - changes include support for multiple codecs per HDA bus, - multiple functional groups per codec, multiple audio - devices per functional group, digital (SPDIF/HDMI) audio - input/output, suspend/resume, and part of multichannel - audio. - - Note that due to added HDMI audio and - logical audio devices support, the updated driver often - provides several PCM devices. This means that in some - cases the system default audio device no longer - corresponds to the users's habitual audio connectors. In - such cases the default device can be specified in audio - applications' setup or defined globally via - hw.snd.default_unit sysctl variable, as - described in the &man.sound.4; manual page. - - The &man.agp.4; driver now supports the - Intel G33 and G45. - - The dpms(4) driver has - been added to use the VESA BIOS for DPMS during suspend and - resume. - - The DRM kernel driver now - supports i915 GME devices. + Network Interface Support - The &man.bwi.4; driver has been added to - provide support for Broadcom BCM43xx IEEE 802.11b/g wireless - network interfaces. - - The &man.cas.4; driver has - been added to provide support for Sun Cassini/Cassini+ and - National Semiconductor DP83065 Saturn Gigabit Ethernet - devices. - - The &man.cxgbtool.8; now supports an - interactive mode for scripting of repeatedly performed - tasks. - - The &man.fxp.4; driver has been improved. Changes include: - - - - The multicast filter re-programming - is now more robust. - - - - The checksum offload feature can be controlled by - &man.ifconfig.8; now. - - - - Rx checksum offload support for 82559 or later - controllers has been added. - - - - TSO (TCP Segmentation Offload) support for 82550 - and 82551 controllers has been added. - - - - WoL (Wake on LAN) support for 82550, 82551, 82558, - and 82559-based controllers has been added. Note that - ICH based controllers are treated as 82559, and 82557, - earlier revisions of 82558, and 82559ER have no WoL - capability. - - - - VLAN hardware tag insertion/stripping support and - Tx/Rx checksum offload for VLAN frames support has - been added. Note that the VLAN hardware assistance is - available only on 82550 or 82551-based - controllers. - - - - The mge(4) driver has - been added to provide support for Marvell Gigabit Ethernet - controllers found on ARM-based SOCs (Orion, Kirkwood, - Discovery), as well as on system controllers for PowerPC - processors (MV64430, MV6446x). - - The &man.miibus.4; driver now supports - the Marvell 88E3016. - - The &man.msk.4; driver now supports Yukon - FE+ A0 including 88E8040, 88E8040T, 88E8048 and - 88E8070. - - The &man.mwl.4; driver has been added to - provide support for Marvell 88W8363 IEEE 802.11n wireless - network devices. - - The &man.mxge.4; driver now supports some newer - revisions and 10GBASE-LRM and 10GBASE-Twinax media - types. The firmware version has been updated to 1.4.43. - - The &man.nge.4; driver has been improved and - now works on all platforms. *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***