FreeBSD 12.0-RELEASE Release Notes

The FreeBSD Project

FreeBSD is a registered trademark of the FreeBSD Foundation.

IBM, AIX, OS/2, PowerPC, PS/2, S/390, and ThinkPad are trademarks of International Business Machines Corporation in the United States, other countries, or both.

IEEE, POSIX, and 802 are registered trademarks of Institute of Electrical and Electronics Engineers, Inc. in the United States.

Intel, Celeron, Centrino, Core, EtherExpress, i386, i486, Itanium, Pentium, and Xeon are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and other countries.

SPARC, SPARC64, and UltraSPARC are trademarks of SPARC International, Inc in the United States and other countries. SPARC International, Inc owns all of the SPARC trademarks and under licensing agreements allows the proper use of these trademarks by its members.

Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this document, and the FreeBSD Project was aware of the trademark claim, the designations have been followed by the or the ® symbol.

Last modified on 2018-12-06 21:20:00 by gjb.
Abstract

The release notes for FreeBSD 12.0-RELEASE contain a summary of the changes made to the FreeBSD base system on the 12-STABLE development line. This document lists applicable security advisories that were issued since the last release, as well as significant changes to the FreeBSD kernel and userland. Some brief remarks on upgrading are also presented.


Table of Contents
1. Introduction
2. Upgrading from Previous Releases of FreeBSD
3. Security and Errata
4. Userland
5. Kernel
6. Devices and Drivers
7. Hardware Support
8. Storage
9. Boot Loader Changes
10. Networking
11. Ports Collection and Package Infrastructure
12. Documentation
13. Release Engineering and Integration

1. Introduction

This document contains the release notes for FreeBSD 12.0-RELEASE. It describes recently added, changed, or deleted features of FreeBSD. It also provides some notes on upgrading from previous versions of FreeBSD.

The snapshot distribution to which these release notes apply represents the latest point along the 12-STABLE development branch since 12-STABLE was created. Information regarding pre-built, binary snapshot distributions along this branch can be found at https://www.FreeBSD.org/snapshots/.

The snapshot distribution to which these release notes apply represents a point along the 12-STABLE development branch between 11.2-RELEASE and the future 13.0-RELEASE. Information regarding pre-built, binary snapshot distributions along this branch can be found at https://www.FreeBSD.org/snapshots/.

This distribution of FreeBSD 12.0-RELEASE is a snapshot distribution. It can be found at https://www.FreeBSD.org/snapshots/ or any of its mirrors. More information on obtaining this (or other) snapshot distributions of FreeBSD can be found in the Obtaining FreeBSD appendix to the FreeBSD Handbook.

All users are encouraged to consult the release errata before installing FreeBSD. The errata document is updated with late-breaking information discovered late in the release cycle or after the release. Typically, it contains information on known bugs, security advisories, and corrections to documentation. An up-to-date copy of the errata for FreeBSD 12.0-RELEASE can be found on the FreeBSD Web site.

This document describes the most user-visible new or changed features in FreeBSD since 11.2-RELEASE. In general, changes described here are unique to the 12-STABLE branch unless specifically marked as MERGED features.

Typical release note items document recent security advisories issued after 11.2-RELEASE, new drivers or hardware support, new commands or options, major bug fixes, or contributed software upgrades. They may also list changes to major ports/packages or release engineering practices. Clearly the release notes cannot list every single change made to FreeBSD between releases; this document focuses primarily on security advisories, user-visible changes, and major architectural improvements.

2. Upgrading from Previous Releases of FreeBSD

Binary upgrades between RELEASE versions (and snapshots of the various security branches) are supported using the freebsd-update(8) utility. The binary upgrade procedure will update unmodified userland utilities, as well as unmodified GENERIC kernels distributed as a part of an official FreeBSD release. The freebsd-update(8) utility requires that the host being upgraded have Internet connectivity.

Source-based upgrades (those based on recompiling the FreeBSD base system from source code) from previous versions are supported, according to the instructions in /usr/src/UPDATING.

Important:

Upgrading FreeBSD should only be attempted after backing up all data and configuration files.

3. Security and Errata

This section lists the various Security Advisories and Errata Notices since 11.2-RELEASE.

3.1. Security Advisories

AdvisoryDateTopic

No advisories.

 

 

3.2. Errata Notices

ErrataDateTopic

No errata notices.

 

 

4. Userland

This section covers changes and additions to userland applications, contributed software, and system utilities.

4.1. Userland Configuration Changes

The default devfs.rules(5) configuration has been updated to allow mount_fusefs(8) with jail(8).

The default PAGER now defaults to less(1) for most commands.

The newsyslog(8) utility has been updated to reject configuration entries that specify setuid(2) or executable log files.

The WITH_REPRODUCIBLE_BUILD src.conf(5) knob has been enabled by default.

LDNS now enables DANE-TA, and GOST has been removed.

A new src.conf(5) knob, WITH_RETPOLINE, has been added to enable the retpoline mitigation for userland builds.

4.2. Userland Application Changes

xlint and the ability to build lint libraries or lint source code has been removed.

The dtrace(1) utility has been updated to support if and else statements.

The legacy gdb(1) utility included in the base system is now installed to /usr/libexec for use with crashinfo(8). The gdbserver and gdbtui utilities are no longer installed. For interactive debugging, lldb(1) or a modern version of gdb(1) from devel/gdb should be used. A new src.conf(5) knob, WITHOUT_GDB_LIBEXEC has been added to disable building gdb(1). The gdb(1) utility is still installed in /usr/bin on sparc64.

The cat(1) utility has been updated to print output aligned the same regardless of if invoked with -ne or -be.

The default bootstrap linker has been changed to ld_lld(1) for amd64.

The dhclient(8) utility has been updated to add a configuration knob to allow superseding the interface-mtu option provided by an incorrectly-configured DHCP server.

The sha224(1) utility has been added.

The default bootstrap linker has been changed to ld_lld(1) for i386.

The default bootstrap linker has been changed to ld_lld(1) for armv7.

The dd(1) utility has been updated to add the status=progress option, which prints the status of its operation on a single line once per second, similar to GNU dd(1).

The date(1) utility has been updated to include a new flag, -I, which prints its output in ISO 8601 formatting.

The bectl(8) utility has been added, providing an administrative interface for managing ZFS boot environments, similar to sysutils/beadm.

The ls(1) utility has been updated to include a new --color=when flag, where when can be one of always, auto (default), or never.

The bhyve(8) utility has been updated to add a new subcommand to the -l and -s flags, help, which when used, prints a list of supported LPC and PCI devices, respectively.

The tftp(1) utility has been updated to change the default transfer mode from ASCII to binary.

The last(1) utility has been updated to include libxo(3) support.

The lastlogin(8) utility has been updated to include libxo(3) support.

The chown(8) utility has been updated to prevent overflow of UID or GID arguments where the argument exceeded UID_MAX or GID_MAX, respectively.

The ctm(1) and related utilities have been marked as deprecated for removal in FreeBSD 13.0.

4.3. Contributed Software

The zstd(1) utility has been updated to version 1.3.4.

The vt(4) Terminus BSD Console font has been updated to version 4.46.

The xz(1) utility has been updated to version 5.2.4.

The clang, llvm, lld, lldb, compiler-rt utilities and libc++ have been updated to version 6.0.1.

The bsnmp utility has been updated to version 1.13.

The WPA utilities have been updated to version 2.6.

The ntpd(8) utility has been updated to allow being run as a non-root user.

Note:

Source-based upgrades from FreeBSD 11.x and earlier require the ntpd UID (123) and GID (123) to exist before the installworld target is run. See the "rebuild everything and install" section of UPDATING for the documented procedure for source-based upgrades for more details.

Support for UDP-lite has been added to dtrace_udplite(4).

The file(1) utility has been updated to version 5.34.

The lua utility has been updated to version 5.3.5.

Support for send, receive, and state-change providers have been added to dtrace_sctp(4).

The ntpd(8) utility has been updated to version 4.2.8p12.

OpenSSH has been updated to version 7.8p1.

The mandoc(1) utility has been updated to version 1.14.4.

Additional capsicum(4) support has been added to sshd(8).

Serf has been updated to version 1.3.9.

ACPICA has been updated to version 20181003.

Unbound has been updated to version 1.8.1.

The timezone database files have been updated to version 2018g.

OpenSSL has been updated to version 1.1.1a.

4.4. Installation and Configuration Tools

The bsdinstall(8) installer and zfsboot(8) boot code have been updated to allow an UEFI+GELI installation option.

4.5. /etc/rc.d Scripts

The rc(8) subsystem has been updated to support new keywords in rc.conf(5), enable, disable, and delete with rc.d(8) scripts and the service(8) utility. See rc.conf(5) for usage information.

4.6. /etc/periodic Scripts

 

4.7. Runtime Libraries and API

The getrandom(2) system call and getentropy(3) library have been added, compatible with Linux® and OpenBSD implementations.

The arc4random(3) library has been updated to match the OpenBSD version 1.35.

The libarchive(3) library has been updated to version 3.3.3.

4.8. ABI Compatibility

The pthread(3) library has been updated to incorporate POSIX/SUSv4-2018 compliance improvements.

The arc4random(3) library has been updated to remove arc4random_stir() and arc4random_addrandom().

5. Kernel

This section covers changes to kernel configurations, system tuning, and system control parameters that are not otherwise categorized.

5.1. Kernel Bug Fixes

The ACPI subsystem has been updated to implement Device object types for ACPI 6.0 support, required for some Dell, Inc. Poweredge™ AMD® Epyc™ systems.

An issue with IPv6-AH IPSEC padding has been fixed to match RFC4302.

The amdsmn(4) and amdtemp(4) drivers have been updated to attach to AMD® Ryzen 2™ host bridges.

The amdtemp(4) driver has been updated to fix temperature reporting for AMD® 2990WX CPUs.

5.2. Kernel Configuration

The dumpon(8) utility has been updated to add support for compressed kernel crash dumps when the kernel configuration file includes the GZIO option. See rc.conf(5) and dumpon(8) for additional information.

The ext2fs(5) filesystem has been updated to support full read/write support for ext4.

The dumpon(8) utility has been updated to add support for zstd(1)-compressed kernel crash dumps when the kernel configuration file includes the ZSTDIO option. See rc.conf(5) and dumpon(8) for additional information.

A new src.conf(5) knob, WITH_KERNEL_RETPOLINE, has been added to enable the retpoline mitigation for kernel builds.

A new kernel configuration option, KASSERT_PANIC_OPTIONAL, has been added that allows runtime KASSERT(9) behavior changes without necessarily invoking panic(9). The option is disabled by default.

The NUMA option has been enabled by default in the amd64 GENERIC and MINIMAL kernel configurations.

5.3. System Tuning and Controls

 

6. Devices and Drivers

This section covers changes and additions to devices and device drivers since 11.2-RELEASE.

6.1. Device Drivers

The random(4) device has been updated to allow terminating large reads with ^C.

Support for the Microchip® LAN78xx™ USB3-GigE controller has been added.

The random(4) driver has been updated to remove the Yarrow algorithm. The Fortuna algorithm remains the default, and now only, available algorithm.

The netdump(4) driver has been added, providing a facility through which kernel crash dumps can be transmitted to a remote host after a system panic. See netdump(4) and dumpon(8) for more information and configuration details.

The random(4) driver has been updated to fix excessive activity during pseudo-random number generation.

The vt(4) driver has been updated with performance improvements, drawing text at rates ranging from 2- to 6-times faster.

The ichwd(4) driver has been updated to add TCO watchdog timer support for Intel® Lewisburg PCH (C620) chipsets.

6.2. Storage Drivers

 

6.3. Network Drivers

The ixlv(4) driver has been renamed to iavf(4) and updated to use iflib(9). The ixlv(4) kernel module is now a hard link to iavf(4) for backwards compatibility for upgrading from earlier FreeBSD releases.

6.4. Deprecated Drivers

The jedec_ts(4) driver has been marked deprecated in FreeBSD 11, and has been removed in 12.0-RELEASE.

The DRM driver for modern graphics chipsets has been marked deprecated and marked for removal in FreeBSD 13. The DRM kernel modules are available from graphics/drm-stable-kmod or graphics/drm-legacy-kmod in the Ports Collection as well as via pkg(8). Additionally, the kernel modules have been added to the lua loader.conf(5) module_blacklist, as installation from the Ports Collection or pkg(8) is strongly recommended.

The following drivers have been deprecated in FreeBSD 12.0, and not present in FreeBSD 13.0: ae(4), de(4), ed(4), ep(4), ex(4), fe(4), pcn(4), sf(4), sn(4), tl(4), tx(4), txp(4), vx(4), wb(4), xe(4)

7. Hardware Support

This section covers general hardware support for physical machines, hypervisors, and virtualization environments, as well as hardware changes and updates that do not otherwise fit in other sections of this document.

7.1. Hardware Support

 

7.2. Virtualization Support

Amazon® EC2™ AMI instances now have sysutils/amazon-ssm-agent installed by default, though the service is not enabled by default in rc.conf(5). To enable the service, add:

	>>/etc/rc.conf
	amazon_ssm_agent_enable="YES"

to the EC2™ user-data.

Amazon® EC2™ AMI instances now disable ChallengeResponseAuthentication in sshd_config(5) by default.

Amazon® EC2™ AMI instances now use the Amazon® internal NTP service by default.

A new sysctl(8), security.jail.vmm_allowed, has been added, which when set to 1 allows bhyve(8) use within a jail(8).

Amazon® EC2™ AMI instances now disable the PS/2 keyboard and mouse devices by default, reducing overall boot time by 2.5 seconds.

7.3. ARM Support

The armv6 and armv7 images now default to boot with EFI.

Support has been added for building aarch64 images for the PINE64-LTS system.

Support for capsicum(4) has been enabled on armv6 and armv7 by default.

8. Storage

This section covers changes and additions to file systems and other storage subsystems, both local and networked.

8.1. General Storage

The UFS/FFS filesystem has been updated to support check hashes to cylinder-group maps. Support for check hashes is available only for UFS2.

The default auto_master(5) configuration has been updated to add the noautoro automount(8) flag to the /media mount point (commented by default).

The UFS/FFS filesystem has been updated to consolidate TRIM/BIO_DELETE commands, reducing read/write requests due to fewer TRIM messages being sent simultaneously.

TRIM consolidation support has been enabled by default in the UFS/FFS filesystem. TRIM consolidation can be disabled by setting the vfs.ffs.dotrimcons sysctl(8) to 0, or adding vfs.ffs.dotrimcons=0 to sysctl.conf(5).

The geom(8) utility has been updated to add a new flag, -p, which prints the GEOM class of the specified provider.

The geom(8) utility has been updated to add a new flag, -t, which prints the GEOM hierarchy.

8.2. Networked Storage

 

8.3. ZFS

 

8.4. geom(4)

 

9. Boot Loader Changes

This section covers the boot loader, boot menu, and other boot-related changes.

9.1. Boot Loader Changes

The lua loader(8) has been updated to detect a list of installed kernels to boot.

The init(8) utility has been updated to be able to run an executable written in languages other than sh(1), such as Python, for example.

The loader(8) has been updated to add support for loading Intel® microcode updates early during the boot process.

A new kenv(1) variable, init_exec, has been added to loader(8) which allows init(8) to execute a file after opening the console, replacing init(8) as PID 1.

The default libstand(3) interpreter has been changed to Lua.

The lua loader(8) has been updated to support module blacklists.

The default lua loader.conf(5) has been updated to include the kernels_autodetect option, which defaults to YES, supplementing the loader(8) support to list available kernels to boot introduced in revision 329501.

9.2. Boot Menu Changes

 

10. Networking

This section describes changes that affect networking in FreeBSD.

10.1. General Network

The pf(4) ioctl interface and pfctl(8) now support altq(4) bandwidth parameters of 2^32 bps or greater. The HFSC discipline has been upgraded to operate correctly with bandwidth parameters up to 100 Gbps, and bandwidth parameters supplied to the non-upgraded disciplines will now be saturated at the prior 32-bit limit.

10.2. Network Protocols

 

11. Ports Collection and Package Infrastructure

This section covers changes to the FreeBSD Ports Collection, package infrastructure, and package maintenance and installation tools.

11.1. Infrastructure Changes

 

11.2. Packaging Changes

 

12. Documentation

This section covers changes to the FreeBSD Documentation Project sources and toolchain.

12.1. Documentation Source Changes

The arch(7) manual page has been added, containing details specific to certain architectures.

12.2. Documentation Toolchain Changes

 

13. Release Engineering and Integration

This section convers changes that are specific to the FreeBSD Release Engineering processes.

13.1. Integration Changes