From nobody Mon Dec 1 14:22:38 2025 X-Original-To: dev-commits-doc-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4dKmML2RDjz6JckV for ; Mon, 01 Dec 2025 14:22:38 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R12" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4dKmML1DnSz3H4v for ; Mon, 01 Dec 2025 14:22:38 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1764598958; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=f0SQ1hWqDgw3kirmHzWT2Kb7zzdAAYVL1dz/EG8jHuE=; b=P4Oz/sUycW5ICzVIMjjm9CGGBD7lf+7jTcHUbp1HzcKmVMMwKYZHwus+Zx/Uqz4ekrdUFm jYP1V96HcExUdosIXsq/3Wge+IUaFlYXpazo/xMfKSAq+D1ZtG8tdhmfrnMCFie32fm0CQ 5Umn0MVWUrV0J8Bvd5frXY2JEStwV0aFRTAjPyDwjwHOQPADGb6dyK6yUurPnHXNe2g7Uv k8iZp9IsAWACiZ0yZewrPUT7y1DXSybelNe5Ci1Y+MXs6jcg/7qkwbsWaNMyh6ZdVuYAQx pycVhAI3KQBImyxCZpRWY9KeiXO0GA/xO6GeFa9NUNOYqz3fa4fkULZZjdlxVg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1764598958; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=f0SQ1hWqDgw3kirmHzWT2Kb7zzdAAYVL1dz/EG8jHuE=; b=QsSzQeOg0eQ5GwTwS0hY/m9dlhSfzI91ijXMQweylc1Uovn2dbz+g7QEhj//GvgKUv/IHb VnBOFDZi2ni1GdYQdTD+uYC4oqKNQwXh/k9Q1yb2PWNcZufBe7CQMbDLQmbJGmcWL4Qj7V rFu8lPsl/jZIqvU+FXohgZ7KDG+OKbQD0tu2vaD/mdlVkf9pAjAR4eNeFI0Qj5fvwOj50G kUPN04ZN4aFLh3mpVDA3HiHOOqjnfW+Tn4P2frvIWxDeOoP8TZh/XYSHxQFSwFPLE2KNTs hy3GEIswtYysSDpjoYjwBqC24kUvpZl6IY14zBiagA2Hvd5Uzd/bCNOvAWL9sw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1764598958; a=rsa-sha256; cv=none; b=aPINiJz/z8cy7rH/nWXI7ZfEMfxxWR8Myz27/YZatYZonR8oAuIDlkHMrEB53KjGcLp8r9 8FKY1Cd7Kk4IkETFRzJIAqHTRXNBOJuaAARZ7RN7tt3XFUmuaKmHN6o+p7Zsegzy44kPHA WUduY4heIPQ4lMzM2qno0nQU7OyCMNSoiD7GkvHEELPUzZmpKl8kDsPKG+LMATMNwXF/kU +yI3rJ6enlmgHTyYRlKKoQ4ZSInLZ6iRXW7vZVfjcCc58evGE6ovmjhtomPpBZXNyYxhFd kg9tm0voymstm3iXPf4eqVqoTge7YNztE7oFyMflWy6UoJ0+usr5CQpAncKLoQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4dKmML0jgdz8tp for ; Mon, 01 Dec 2025 14:22:38 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 2afea by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Mon, 01 Dec 2025 14:22:38 +0000 To: doc-committers@FreeBSD.org, dev-commits-doc-all@FreeBSD.org From: Olivier Certner Subject: git: 7f167fc87f - main - releases/15.0R/relnotes: Add notes for commits mentioning relnotes, batch 3 List-Id: Commit messages for all branches of the doc repository List-Archive: https://lists.freebsd.org/archives/dev-commits-doc-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-doc-all@freebsd.org Sender: owner-dev-commits-doc-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: olce X-Git-Repository: doc X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 7f167fc87f07323782db06b6fc204d134a7860b5 Auto-Submitted: auto-generated Date: Mon, 01 Dec 2025 14:22:38 +0000 Message-Id: <692da4ae.2afea.686bb1fe@gitrepo.freebsd.org> The branch main has been updated by olce: URL: https://cgit.FreeBSD.org/doc/commit/?id=7f167fc87f07323782db06b6fc204d134a7860b5 commit 7f167fc87f07323782db06b6fc204d134a7860b5 Author: Olivier Certner AuthorDate: 2025-12-01 14:12:50 +0000 Commit: Olivier Certner CommitDate: 2025-12-01 14:12:50 +0000 releases/15.0R/relnotes: Add notes for commits mentioning relnotes, batch 3 Add more content coming from RELNOTES. Content in this commit corresponds to stopping at ddfc6f84f242 included. --- website/content/en/releases/15.0R/relnotes.adoc | 149 +++++++++++++++++++++--- 1 file changed, 134 insertions(+), 15 deletions(-) diff --git a/website/content/en/releases/15.0R/relnotes.adoc b/website/content/en/releases/15.0R/relnotes.adoc index 87d3bfa82b..6d3aeee7a1 100644 --- a/website/content/en/releases/15.0R/relnotes.adoc +++ b/website/content/en/releases/15.0R/relnotes.adoc @@ -414,6 +414,11 @@ The behavior can be controlled by the `daily_diff_flags` variable in man:periodi Similarly, the changes shown by the security scripts show less context than previously, controlled by the `security_status_diff_flags` variable in man:periodic.conf[5]. gitref:538994626b9f[repository=src], gitref:37dc394170a5[repository=src], gitref:128e78ffb084[repository=src] +man:bsnmpd[1] no longer supports legacy UDP transport. +Users, that have not updated their `/etc/snmpd.config` since 12.0-RELEASE or older will need to merge in the new configuration. +In particular, the transport definition shall be changed from begemotSnmpdPortStatus OID to begemotSnmpdTransInetStatus. +gitref:9ba51cce8bbd[repository=src] + [[userland-programs]] === Userland Application Changes @@ -681,12 +686,24 @@ This has been fixed. gitref:47f5f89dbd27[repository=src] {{< sponsored "The FreeBSD Foundation" >}} +The man:readdir_r[3] function is deprecated and may be removed in future releases. +Using it in a program will result in compile-time and link-time warnings. +gitref:2bd157bc732a[repository=src] +{{< sponsored "Klara, Inc." >}} + +The runtime linker man:rtld[1] has grown support for the static linker flag specified by `-z initfirst`. +gitref:78aaab9f1cf359f[repository=src] +{{< sponsored "The FreeBSD Foundation" >}} + [[userland-misc]] -=== Misc +=== Miscellaneous The Gallant font for man:vt[4] has been updated with more than 4300 new glyphs, including support for Greek, Cyrillic, International Phonetic Association Extensions, Extended Latin characters, Zapf Dingbats, Tons of arrows, Tons of mathematical symbols, Letterlike symbols and enclosed alphanumerics, Pixel-perfect box drawing, Currency symbols, More punctuation, Just enough Katakana to say コンニチハ, Powerline glyphs in the Private Use Area at U+e0a0. gitref:9e8c1ab0976c[repository=src] +Unicode support has been updated to 16.0.0 and CLDR to 45.0.0. +gitref:ddfc6f84f242[repository=src] + [[userland-deprecated-programs]] === Deprecated Applications @@ -869,6 +886,17 @@ Code that needs to be portable to both 15.0 and earlier versions can use `cr_gid gitref:be1f7435ef218b1df35[repository=src] {{< sponsored "the FreeBSD Foundation" >}} +[[kernel-architecture-specific]] +=== Architecture-Specific Changes + +On amd64, FreeBSD now supports more than 4TB of RAM on modern machines that have the LA57 CPU feature. +gitref:d390633cf8cf[repository=src] +{{< sponsored "the FreeBSD Foundation" >}} + +On amd64, handling of the `%fsbase`/`%gsbase` registers and tls base were reworked, making it more useful for apps that directly manipulate CPU context. +gitref:68ba38dad3[repository=src] +{{< sponsored "the FreeBSD Foundation" >}} + [[drivers]] == Devices and Drivers @@ -1027,14 +1055,18 @@ The man:udbc[4] driver has been added enabling host side debugging of targets us The man:ufshci[4] driver has been added, supporting Universal Flash Storage (UFS) host controllers. gitref:1349a733cf28[repository=src] {{< sponsored "Samsung Electronics" >}} -The man:qat[4] driver has grown support for the 402xx device with ID 0x4944/0x4945. -gitref:138e36514fe8[repository=src] -{{< sponsored "Intel Corporation" >}} +The man:mlx5[4] driver now supports inline IPSEC offload on Nvidia ConnectX-6+ network cards, leveraging the new in-kernel IPSEC offload infrastructure. +gitref:e23731db48ef[repository=src] +{{< sponsored "NVIDIA networking" >}} Support for the watchdog timer in Intel 6300ESB I/O controller hub has been included in the man:ichwd[4] driver. This is intended primarily for QEMU users, where that watchdog timer serves as the default and only one for x86 virtual machines. gitref:2b74ff5fceb6623f6[repository=src] +The man:qat[4] driver has grown support for the 402xx device with ID 0x4944/0x4945. +gitref:138e36514fe8[repository=src] +{{< sponsored "Intel Corporation" >}} + [[drivers-removals]] === Deprecated and Removed Drivers @@ -1052,6 +1084,18 @@ This section covers changes and additions to file systems and other storage subs [[storage-nfs]] === NFS +Define a new `-a` command line option man:mountd[8] that prevents exporting a file system with the `-alldirs` flag if the directory path is not a server file system mount point. +gitref:07cd69e272da[repository=src] + +The layout of NFS file handles for the man:tarfs[4], man:tmpfs[4], man:cd9660[4], and man:ext2fs[4] file systems has changed. +An NFS server that exports any of these file systems will need its clients to unmount and remount the exports. +gitref:4db1b113b151[repository=src], +gitref:1ccbdf561f41[repository=src], +gitref:205659c43d87[repository=src], +gitref:cf0ede720391[repository=src], +gitref:8ae6247aa966[repository=src] +{{< sponsored "The FreeBSD Foundation" >}} + The man:mountd[8] server has been modified to use man:strunvis[3] to decode directory names in man:exports[5] file(s). This allows special characters, such as blanks, to be embedded in the directory name. `vis -M` may be used to encode such directory names; see man:vis[1]. @@ -1061,6 +1105,12 @@ New man:sysctl[8] variables have been added under `kern.rpc.unenc` and `kern.rpc A large number of failed handshakes might indicate an NFS configuration problem. gitref:b8e137d8d32d[repository=src] +The utilization of NFSv4.1/4.2 delegations was improved when the `nocto` mount option is used. +This requires an up-to-date NFSv4.1/4.2 server with delegations enabled. +For example, when building a FreeBSD kernel with both `src` and `obj` NFSv4 mounted, the total RPC count drops from 5461286 to 945643, with a 20% drop in elapsed time. +gitref:171f66b0c2ca[repository=src], +gitref:50e733f19b37[repository=src] + New support for the NFSv4.2 Clone operation, which uses block cloning to "copy on write" files on an NFS server. This only works for exported ZFS file systems that have block cloning enabled, at this time. gitref:cce64f2e6851[repository=src] @@ -1071,6 +1121,17 @@ gitref:cce64f2e6851[repository=src] Soft updates are now enabled by default when creating a new UFS file system with man:newfs[8]. gitref:6b2af2d88ffd[repository=src] +Reliability of UFS on volumes with more than 2G of inodes is significantly improved. +The underlying issue was the invalid interpretation of the 32-bit inode number as signed, which got sign-extended into `ino_t`. +gitref:c069ca085bd1[repository=src], +gitref:e36f069ecb47[repository=src] +{{< sponsored "The FreeBSD Foundation" >}} + +Defer the January 19, 2038 date limit in UFS1 filesystems to February 7, 2106. +This affects only filesystems with old UFS1 format. +See the commit message for details. +gitref:1111a44301da[repository=src] + [[storage-zfs]] === ZFS @@ -1080,15 +1141,25 @@ NFSv4.2 also supports it. See `pathconf(2)` and `copy_file_range(2)` for more information. gitref:37b2cb5ecb0f[repository=src] +[[storage-geom]] +=== GEOM + +Support for vinum volumes has been removed. +gitref:f87bb5967670[repository=src], +gitref:e51036fbf3f8[repository=src] + [[storage-general]] === General Storage -Define a new `-a` command line option man:mountd[8]. -When a file system was exported with the `-alldirs` flag, the export succeeded even if the directory path was not a server file system mount point. -gitref:ead3cd3ef628[repository=src] - -Document recent file handle layout changes. -gitref:ca22082c01a7[repository=src] +Add Solaris style extended attributes (called named attributes in NFSv4). +At this time, only ZFS when the ZFS property called xattr=dir and NFSv4 support them. +The attributes are presented in a directory as regular files. +See named_attribute(7) for more information. +gitref:2ec2ba7e232d[repository=src], +gitref:df58e8b1506f[repository=src], +gitref:f61844833ee8[repository=src], +gitref:b1b607bd200f[repository=src], +gitref:ee95e4d02dbd[repository=src] Allow to specify as many groups as configured to be supported by the system in `-maproot` or `-mapall` options in man:exports[5]. Previously, the cap was `NGROUPS_MAX + 1`, where `NGROUPS_MAX` is just the minimum maximum of the number of allowed supplementary groups. @@ -1159,6 +1230,14 @@ Descriptors returned by man:sctp_peeloff[2] now inherit Capsicum capability man: gitref:ae3d7e27abc9[repository=src] {{< sponsored "The FreeBSD Foundation" >}} + +The default value of the sysctl variable `net.inet.tcp.nolocaltimewait` has changed from 1 to 0. +This means that FreeBSD does not skip the `TIME_WAIT` state anymore for endpoints for which the remote address is local. +The new sysctl variable `net.inet.tcp.msl_local` can be used to control the time these endpoints stay in the `TIME_WAIT` state. +The sysctl variable `net.inet.tcp.nolocaltimewait` is deprecated and intended to be removed in FreeBSD 16. +gitref:c3fc0db3bc50[repository=src] +{{< sponsored "Netflix, Inc." >}} + The local stream (AF_UNIX/SOCK_STREAM) and sequenced packet stream (AF_UNIX/SOCK_SEQPACKET) sockets have been improved for better bulk transfer and round trip times. The SOCK_SEQPACKET socket has been brought to the specification and now behaves as a true stream socket, while in previous FreeBSD releases it could exhibit features of a datagram socket. Applications that were using SOCK_SEQPACKET incorrectly and relied on old implementation bugs may need to be adjusted. @@ -1168,7 +1247,7 @@ gitref:d15792780760[repository=src] === General Network The man:ifconfig[8] utility will no longer accept assigning IP addresses to the underlying member interfaces of a man:bridge[4]. -To temporarily bypass this safeguard, use the net.link.bridge.member_ifaddrs man:sysctl[8]. +To temporarily bypass this safeguard, use the `net.link.bridge.member_ifaddrs` man:sysctl[8]. This sysctl is expected to be removed in FreeBSD 16. gitref:b61850c4e6f6[repository=src] @@ -1210,16 +1289,42 @@ If synchronization with an older version of FreeBSD is needed the protocol versi It defaults to 1500 for synchronization between hosts running FreeBSD 15.0. gitref:99475087d63b[repository=src] {{< sponsored "InnoGames GmbH" >}} -Kernel compatibility code supporting man:ipfw[8] binaries from FreeBSD 7 and 8 has been removed. -gitref:660255be1ed9[repository=src] +Kernel TLS support has been added. +The corresponding kernel build option is `KTLS`. +This option is now enabled by default in `GENERIC` (default) kernels for aarch64, amd64, powerpc64, and powerpc64le. +gitref:b2f7c53430c3[repository=src] +{{< sponsored "Chelsio Communications" >}} + +The `net.inet.{tcp,udp,raw}.bind_all_fibs` tunables have been added. +They modify socket behavior such that packets not originating from the an interface in the same FIB as the socket are ignored. +TCP and UDP sockets belonging to different FIBs may also be bound to the same address. +The default behavior is unmodified. +gitref:5dc99e9bb985[repository=src], +gitref:08e638c089ab[repository=src], +gitref:4009a98fe80b[repository=src] +{{< sponsored "Klara, Inc." >}} +{{< sponsored "Stormshield" >}} + +Making a connection to `INADDR_ANY`, i.e., using it as an alias for `localhost`, is now disabled by default. +This functionality can be re-enabled by setting the `net.inet.ip.connect_inaddr_wild` sysctl to 1. +gitref:cd240957d7ba[repository=src] {{< sponsored "The FreeBSD Foundation" >}} -man:sockstat[4] will show UDP-Lite endpoints by default. -gitref:978615d7bf7c[repository=src] +New in-kernel inline IPSEC offload infrastructure. +See also the note about the man:mlx5[4] driver supporting it. +gitref:ef2a572bf6[repository=src] +{{< sponsored "NVIDIA networking" >}} A new man:ngctl[8] flag, `-j`, allows it to attach and run inside a jail, making it possible to manipulate netgraph nodes in a jail even if man:ngctl[8] is not installed inside it. gitref:72d01e62b082[repository=src] +man:sockstat[4] will show UDP-Lite endpoints by default. +gitref:978615d7bf7c[repository=src] + +Kernel compatibility code supporting man:ipfw[8] binaries from FreeBSD 7 and 8 has been removed. +gitref:660255be1ed9[repository=src] +{{< sponsored "The FreeBSD Foundation" >}} + [[wireless-networking]] === Wireless Networking @@ -1267,6 +1372,20 @@ Many improvements to the audio stack including support for hot-swapping in man:m gitref:cf9d2fb18433[repository=src] {{< sponsored "The FreeBSD Foundation" >}} gitref:7224e9f2d4af[repository=src] {{< sponsored "The FreeBSD Foundation" >}} +In the audio stack, `hw.snd.maxautovchans` has been retired. +The `hw.snd.vchans_enable` sysctl has been introduced which, along with `dev.pcm.X.{play|rec}.vchans`, from now on work as tunables to only enable/disable vchans, as opposed to setting their number and/or (de-)allocating vchans.* +Since these sysctls do not trigger any (de-)allocations anymore, their effect is instantaneous, whereas before we could have frozen the machine (when trying to allocate new vchans) when setting `dev.pcm.X.{play|rec}.vchans` to a very large value. +gitref:02d4eeabfd73e6a8[repository=src] +{{< sponsored "The FreeBSD Foundation" >}} + +A new utility man:sndctl[8] has been added to concentrate the various +interfaces for viewing and manipulating audio device settings (sysctls, +`/dev/sndstat`), into a single utility with a similar control-driven +interface to that of `mixer(8)`. +gitref:44e5a0150835[repository=src], +gitref:9a37f1024ceb[repository=src] +{{< sponsored "The FreeBSD Foundation" >}} + `virtual_oss` is imported to base. The `audio/virtual_oss` port will stop being built from FreeBSD 15.0 onwards. Regarding user-facing changes, the only practical difference is the installation process. Everything is provided by the base system, except for the following optional components, which can be installed from ports: