From owner-dev-commits-doc-all@freebsd.org Mon Mar 15 23:57:30 2021 Return-Path: Delivered-To: dev-commits-doc-all@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 05AE256C6D3 for ; Mon, 15 Mar 2021 23:57:30 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DztdP5SzXz4dNn; Mon, 15 Mar 2021 23:57:29 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 89A0419AFE; Mon, 15 Mar 2021 23:57:29 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12FNvT4p059508; Mon, 15 Mar 2021 23:57:29 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12FNvTvw059507; Mon, 15 Mar 2021 23:57:29 GMT (envelope-from git) Date: Mon, 15 Mar 2021 23:57:29 GMT Message-Id: <202103152357.12FNvTvw059507@gitrepo.freebsd.org> To: doc-committers@FreeBSD.org, dev-commits-doc-all@FreeBSD.org From: John Baldwin Subject: git: 05314f45e1 - main - Add entries from the stable/13/RELNOTES file. MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: jhb X-Git-Repository: doc X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 05314f45e14b8a1857fdc2512ba8f66589ba80ec Auto-Submitted: auto-generated X-BeenThere: dev-commits-doc-all@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commit messages for all branches of the doc repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 15 Mar 2021 23:57:30 -0000 The branch main has been updated by jhb: URL: https://cgit.FreeBSD.org/doc/commit/?id=05314f45e14b8a1857fdc2512ba8f66589ba80ec commit 05314f45e14b8a1857fdc2512ba8f66589ba80ec Author: John Baldwin AuthorDate: 2021-03-15 23:56:06 +0000 Commit: John Baldwin CommitDate: 2021-03-15 23:57:17 +0000 Add entries from the stable/13/RELNOTES file. This does not include entries for changes that were included in 12.2 release. Reviewed by: emaste (earlier version) Differential Revision: https://reviews.freebsd.org/D29279 --- website/content/en/releases/13.0R/relnotes.adoc | 188 ++++++++++++++++++++++++ 1 file changed, 188 insertions(+) diff --git a/website/content/en/releases/13.0R/relnotes.adoc b/website/content/en/releases/13.0R/relnotes.adoc index 5e20ed70de..9bec84e0de 100644 --- a/website/content/en/releases/13.0R/relnotes.adoc +++ b/website/content/en/releases/13.0R/relnotes.adoc @@ -105,6 +105,26 @@ This section covers changes and additions to userland applications, contributed [[userland-config]] === Userland Configuration Changes +man:rc.subr[8] now honors `${name}_env` in all man:rc[8] scripts. +Previously, environment variables set by a user via `${name}_env` were ignored +if the service defined a custom `*_cmd` variable to control the behavior +of the `run_rc_command` function, for example, `start_cmd`, instead of relying +on variables like `command` and `command_args`. gitref:d15e810db9a5[repository=src] + +man:init[8], man:service[8], and man:cron[8] will now adopt user/class +environment variables by default (excluding `PATH`). +Notably, environment variables for all cron jobs and man:rc[8] services can +now be set via man:login.conf[5]. +gitref:21c1a93c048f[repository=src], gitref:736a5a6d1dbb[repository=src], +gitref:7466dbd68487[repository=src] + +The kernel now supports enforcing a W^X memory mapping policy for user +processes. +The policy is not enforced by default but can be enabled by setting the +`kern.elf32.allow_wx` and `kern.elf64.allow_wx` sysctls to 0. +Individual binaries can be exempted from the policy by man:elfctl[1] via +the `wxneeded` feature. +gitref:2e1c94aa1fd5[repository=src] {{< sponsored "The FreeBSD Foundation" >}} [[userland-programs]] === Userland Application Changes @@ -123,8 +143,13 @@ This permits rotation of the output file via man:newsyslog[8]. gitref:4cd407ec93 The man:daemon[8] utility no longer blocks SIGTERM during the restart delay. gitref:09a3675d961[repository=src] +The man:devd[8] utility now reports a `kernel` system event when the system +resumes from sleep rather than a `kern` system event. gitref:f87655ec7694[repository=src] + The man:diskinfo[8] utility now reports the physical device name GEOM attribute when available. gitref:b5961be1ab7[repository=src] +The man:elf2aout[1] utility has been removed. gitref:dd99ab06f360[repository=src] + The man:freebsd-update[8] utility now displays progress for the "Fetching files..." stage. gitref:d6e1e31a0e6[repository=src] The man:freebsd-update[8] utility now supports the `-p` flag, which ensures password db changes are included in [.filename]#/etc/passwd# via man:pwd_mkdb[8]. gitref:9b6591109e8[repository=src] {{< sponsored "The FreeBSD Foundation" >}} @@ -133,6 +158,11 @@ The man:freebsd-update[8] utility now supports the `updatesready` and `showconfi The manual page for the man:freebsd-update[8] utility documents using the `PAGER` environment variable for non-interactive use. gitref:32f4592764d[repository=src] +The obsolete version of the GNU debugger installed to [.filename]#/usr/libexec# for use by man:crashinfo[8] has been removed. +Detailed kernel crash information can be obtained by installing modern GDB +from ports or packages. +gitref:1c0ea326aa6d[repository=src] + The manual page for the man:gstat[8] utility now documents the use of interactive keyboard commands. gitref:cfaa2958dc4[repository=src] The manual page for the man:inetd[8] utility now includes an example of how to use netcat as an HTTP proxy. gitref:a58fc861516[repository=src] @@ -156,6 +186,23 @@ The previous implementation is still available in FreeBSD-13 and can be selected The new man:getlocalbase[3] function in libutil retrieves the LOCALBASE path in a standard way. gitref:30d21d27953[repository=src] +The man:cap_random[3] function has been removed as it has been +superseeded by man:getrandom[2]. gitref:a76f78dc3f43[repository=src] + +A new Linux-compatible man:copy_file_range[2] system call supports efficient +file copies. +In particular, this system call permits the kernel to request that an NFSv4.2 +server perform a copy operation locally on the server. gitref:bbbbeca3e9a3[repository=src] + +The man:regex[3] function no longer accepts redundant escapes for most +ordinary characters. +This will cause applications such as man:sed[1] and man:grep[1] to reject +regular expressions using these escapes. +gitref:adeebf4cd47c[repository=src] + +New man:aio_readv[2] and man:aio_writev[2] system calls provide vectored +analogues of man:aio_read[2] and man:aio_write[2]. gitref:022ca2fc7fe0 + [[kernel]] == Kernel @@ -169,6 +216,46 @@ Notably, if a process had been assigned a numbered cpuset then it will be assign allowed to the attaching process and the jail. Processes belonging to the superuser will implicitly widen their CPU mask as needed if they share no CPUs in common with the jail. +The in-kernel cryptographic framework has been overhauled to better support +modern cryptographic algorithms as well as simplify the interface for both +device drivers and framework consumers. +gitref:c03414326909[repository=src] {{< sponsored "Chelsio Communications" >}} + +Support for Kerberos GSS algorithms deprecated by RFCs 6649 and 8429 has been +removed. +gitref:dee3aa83d1b6[repository=src] {{< sponsored "Chelsio Communications" >}} + +Support for previously-deprecated algorithms in man:geli[4] has +been removed. +gitref:e2b9919398c3[repository=src] {{< sponsored "Chelsio Communications" >}} + +Support for IPsec algorithms deprecated by RFC 8221 as well as Triple DES +has been removed. +gitref:16aabb761c0a[repository=src] {{< sponsored "Chelsio Communications" >}} + +Support for previously-deprecated cryptographic algorithms has been removed +from man:cryptodev[4] and the in-kernel cryptographic framework. +gitref:6c80c319ef88[repository=src] {{< sponsored "Chelsio Communications" >}} + +The amd64 DMAR driver has been refactored to provide a generic I/O MMU +framework which can be used by other architectures. +As part of this, the amd64-specific `ACPI_DMAR` kernel option has been +renamed to `IOMMU`. +gitref:6186bfbd1880[repository=src] {{< sponsored "DARPA" >}} {{< sponsored "AFRL" >}} + +A driver for Arm System Memory Management Unity version 3.2 has been added +to the aarch64 architecture. +The driver is enabled by the `IOMMU` kernel option. +gitref:4cc8701067e1[repository=src] {{< sponsored "DARPA" >}} {{< sponsored "AFRL" >}} {{< sponsored "Innovate UK" >}} + +The GENERIC kernels for amd64 and i386 now include man:aesni[4] to support +accelerated software cryptography for man:geli[4] by default. +gitref:074a91f746bd[repository=src] + +The GENERIC kernel for aarch64 now includes man:armv8crypto[4] to support +accelerated software cryptography for man:geli[4] by default. +gitref:074a91f746bd[repository=src] + [[drivers]] == Devices and Drivers @@ -177,12 +264,43 @@ This section covers changes and additions to devices and device drivers since {r [[drivers-device]] === Device Drivers +Several network drivers for obsolete Ethernet adapters have been removed: + +* man:bm[4] BMAC gitref:9e774e53407b[repository=src] +* man:cs[4] Crystal Semiconductor CS8900/CS8920 gitref:e1edf1240b33[repository=src] +* man:de[4] DEC DC21x4x gitref:08ac01a92c88[repository=src] +* man:ed[4] NE-2000 and WD-80x3 gitref:05aa6e583be3[repository=src] +* man:ep[4] 3Com Etherlink III (3c5x9) ISA gitref:e153ee663af1[repository=src] +* man:ex[4] Intel EtherExpress Pro/10 and Pro/10+ gitref:3ee01a13855b[repository=src] +* man:fe[4] Fujitsu MB86960A/MB86965A gitref:dd262716a1e0[repository=src] +* man:hme[4] Sun Microelectronics STP2002-STQ gitref:9ee99cec1f36[repository=src] +* man:pcn[4] AMD PCnet gitref:607790d10fdb[repository=src] +* man:sf[4] Starfire gitref:3b70dd81f56f[repository=src] +* man:sn[4] SMC 91Cxx gitref:90089841deba[repository=src] +* man:tl[4] Texas Instruments ThunderLAN gitref:7c897ca91fe1[repository=src] +* man:tx[4] SMC 83c17x gitref:b1b1c2fe385c[repository=src] +* man:txp[4] 3Com 3XP Typhoon/Sidewinder (3CR990) gitref:be345ff023d9[repository=src] +* man:vx[4] 3Com EtherLink III / Fast EtherLink III (3c59x) PCI gitref:e8504bf9e7a0[repository=src] +* man:wb[4] Winbond W89C840F gitref:02fae06a11b4[repository=src] +* man:xe[4] Xircom PCMCIA gitref:7a582e5374c8[repository=src] + +A new man:safexcel[4] driver supports cryptographic requests via the EIP-97 +packet processing module found on the ESPRESSObin. gitref:b356ddf07671[repository=src] {{< sponsored "Rubicon Communications, LLC" >}} + A new man:usbhid[4] driver uses drivers from the man:hid[4] framework for USB HID devices instead of man:ukbd[4], man:ums[4], and man:uhid[4]. man:usbhid[4] is enabled by adding `hw.usb.usbhid.enable=1` to [.filename]#/boot/loader.conf# and adding `usbhid` to `kld_list=""` in [.filename]#/etc/rc.conf#. gitref:b62f6dfaed3d[repository=src] The suite of VirtIO device drivers now support the VirtIO V1 spec. This improves FreeBSD's compatibility as a guest operating system with various hypervisors and emulators including the ability to run on the link:https://wiki.qemu.org/images/4/4e/Q35.pdf[Q35 chipset] under QEMU. +The man:armv8crypto[4] driver which supports software cryptography on +ARMv8 CPUs now supports AES-XTS which is used by man:geli[4]. +gitref:4979620ece98[repository=src] + +The man:armv8crypto[4] driver now supports AES-GCM which is used by IPsec +and kernel TLS. +gitref:f76393a6305b6[repository=src] {{< sponsored "Ampere Computing" >}} + [[storage]] == Storage @@ -192,6 +310,43 @@ For man:iscsi[4] and man:ctld[8], support for specifying network QoS in the form The man:ctld[8] utility now supports the `-f` flag to test the validity of configuration files. gitref:7fcbecd004f[repository=src] +The man:nand[4] device framework and man:nandfs[5] filesystem and associated +utilities have been removed. gitref:f5a95d9a0794[repository=src] + +man:gnop[8] can now apply configurable delays to read and write requests to +simulate a slow disk. gitref:4f80c85519d5[repository=src] + +The kernel now provides a default implementation for the `SEEK_DATA` and +`SEEK_HOLE` man:ioctl[2]'s for filesystems which do not support +sparse files. gitref:2e1b32c0e3fc[repository=src] + +The NFS client and server now support NFSv4.2 (RFC 7862) and Extended +Attributes (RFC 8276). gitref:c057a378180e[repository=src] + +Attempts to read a directory fail with `EISDIR` by default. +The `-d skip` flags can be passed to man:grep[1] to suppress errors in stderr +when non-recursively grepping a list that includes directories. +gitref:dcef4f65ae39[repository=src] + +The NFS server now permits credentials specified via `-maproot` or `-mapall` +in man:exports[5] to include more than 16 groups. +gitref:cc5efdde94bf[repository=src] + +The NFS client and server now support NFS over TLS. +The additional userland daemons are not built by default but can be +enabled by building a new world that includes a KTLS-enabled OpenSSL +via the `WITH_OPENSSL_KTLS` option. +gitref:6e4b6ff88fde[repository=src], gitref:2c76eebca71b[repository=src], +gitref:59f6f5e23c1a[repository=src] + +A new `nfsv4_server_only` variable can be set to `YES` in [.filename]#/etc/rc.conf# to only enable support for NFSv4. +This avoids the need to run man:rpcbind[8] on an NFS server. +gitref:4389a5661034[repository=src] + +The man:fusefs[5] protocol has been updated to 7.28 along with adding support +for `FUSE_COPY_FILE_RANGE` and `FUSE_LSEEK`. +gitref:92bbfe1f0d1f[repository=src] + [[storage-general]] === General Storage @@ -224,6 +379,24 @@ If the man:efibootmgr[8] utility is used to customize the boot environment, this This section describes changes that affect networking in FreeBSD. +A new type of man:mbuf[9] (network data buffer) can represent multiple, +unmapped physical pages as a single buffer. +This improves the performance of man:sendfile[2] by reducing the length of +mbuf linked lists in socket buffers. gitref:82334850ea45[repository=src], gitref:cec06a3edc52[repository=src] {{< sponsored "Netflix" >}} + +The kernel now supports in-kernel framing and encryption of Transport +Layer Security (TLS) data on TCP sockets for TLS versions 1.0 through 1.3. +Transmit offload via in-kernel crypto drivers is supported for +MtE cipher suites using AES-CBC as well as AEAD cipher suites using +AES-GCM. +Receive offload via in-kernel crypto drivers is supported for AES-GCM +cipher suites for TLS 1.2. +Using KTLS requires the use of a KTLS-aware userland SSL library. +The OpenSSL library included in the base system does not enable KTLS +support by default, +but support can be enabled by building with the `WITH_OPENSSL_KTLS` option. +gitref:b2e60773c6b0[repository=src], gitref:6554362c6640[repository=src], gitref:f1f934754638[repository=src], gitref:3c0e56850511[repository=src], gitref:c1c52cd57e88[repository=src] {{< sponsored "Netflix" >}} {{< sponsored "Chelsio Communications" >}} + man:tcp[4] now supports Proportional Rate Reduction (as described by RFC6937) to improve SACK loss recovery during burst loss and ACK thinning scenarios. This feature is enabled by default. A new man:sysctl[8], `net.inet.tcp.do_prr`, can be set to `0` to restore the prior behavior. @@ -243,6 +416,10 @@ The man:ping[8] and man:ping6[8] utilities have been merged. man:ping[8] supports both IPv4 and IPv6. A legacy man:ping6[8] is retained for backwards compatibility. gitref:3cde9171d2d5[repository=src] +SCTP support is now available as a new [.filename]#sctp.ko# kernel module +and is no longer compiled into GENERIC by default. +gitref:e64080e79c53[repository=src] {{< sponsored "The FreeBSD Foundation" >}} + [[network-general]] === General Network @@ -258,6 +435,12 @@ The amd64 architecture now supports Hygon Dhyana Family 18h processors. gitref: The amd64 architecture now supports 57-bit virtual addresses (LA57) on supported CPUs. This permits user processes to use up to 56 bits of virtual address space. This also includes support for five layer nested page tables used by bhyve. gitref:9ce875d9b59d[repository=src] {{< sponsored "The FreeBSD Foundation" >}} [[ARM-ARM64]] +=== ARMv5 + +Support for version 5 of the 32-bit ARM architecture has been removed. +Building for `TARGET=arm` now defaults to a `TARGET_ARCH` of `armv7`. +gitref:eb4977bd0fb2[repository=src] + === Allwinner The aw_gpio driver now suppots GPIO interrupts. gitref:0fe5379c6a9[repository=src] @@ -284,6 +467,11 @@ if_dwc now supports flow control. gitref:2b4a66ed171[repository=src] if_dwc now supports checksum offloading. gitref:98ea5a7b9a1[repository=src] +=== Sparc + +Support for the `sparc64` architecture (SPARC 9) has been removed. +gitref:58aa35d42975[repository=src] + [[hardware-virtualization]] === Virtualization Support