svn commit: r244379 - in stable/9/release/doc: en_US.ISO8859-1/errata en_US.ISO8859-1/relnotes en_US.ISO8859-1/share/xml share/xml
Hiroki Sato
hrs at FreeBSD.org
Tue Dec 18 06:55:14 UTC 2012
Author: hrs
Date: Tue Dec 18 06:55:13 2012
New Revision: 244379
URL: http://svnweb.freebsd.org/changeset/base/244379
Log:
- Trim old entries.
- Update errata items.
- Bump &release.*;
Modified:
stable/9/release/doc/en_US.ISO8859-1/errata/article.xml
stable/9/release/doc/en_US.ISO8859-1/relnotes/article.xml
stable/9/release/doc/en_US.ISO8859-1/share/xml/release.dsl
stable/9/release/doc/share/xml/release.dsl
stable/9/release/doc/share/xml/release.ent
Modified: stable/9/release/doc/en_US.ISO8859-1/errata/article.xml
==============================================================================
--- stable/9/release/doc/en_US.ISO8859-1/errata/article.xml Tue Dec 18 06:37:23 2012 (r244378)
+++ stable/9/release/doc/en_US.ISO8859-1/errata/article.xml Tue Dec 18 06:55:13 2012 (r244379)
@@ -1,22 +1,3 @@
-<?xml version="1.0" encoding="iso-8859-1" standalone="no"?>
-<!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook XML V4.2-Based Extension//EN" [
-<!ENTITY % entities PUBLIC "-//FreeBSD//ENTITIES DocBook FreeBSD Entity Set//EN">
-%entities;
-
-<!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN">
-%release;
-
-<![ %release.type.current [
-<!ENTITY release "&release.current;">
-]]>
-<![ %release.type.snapshot [
-<!ENTITY release "&release.prev;">
-]]>
-<![ %release.type.release [
-<!ENTITY release "&release.current;">
-]]>
-]>
-
<!--
FreeBSD errata document. Unlike some of the other RELNOTESng
files, this file should remain as a single SGML file, so that
@@ -28,10 +9,27 @@
not be the one that received the last change in the document.)
-->
+<?xml version="1.0" encoding="iso-8859-1" standalone="no"?>
+<!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook XML V4.2-Based Extension//EN" [
+<!ENTITY % entities PUBLIC "-//FreeBSD//ENTITIES DocBook FreeBSD Entity Set//EN">
+%entities;
+<!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN">
+%release;
+]>
<article>
<articleinfo>
- <title>&os; &release; Errata </title>
+ <title>&os;
+<![ %release.type.current [
+ &release.current;
+]]>
+<![ %release.type.snapshot [
+ &release.prev;
+]]>
+<![ %release.type.release [
+ &release.current;
+]]>
+ Errata</title>
<corpauthor>
The &os; Project
@@ -132,11 +130,10 @@
<informaltable frame="none" pgwide="1">
<tgroup cols="3">
- <colspec colwidth="1*"/>
- <colspec colwidth="1*"/>
- <colspec colwidth="3*"/>
-
- <thead>
+ <colspec colwidth="1*" />
+ <colspec colwidth="1*" />
+ <colspec colwidth="3*" />
+ <thead>
<row>
<entry>Advisory</entry>
<entry>Date</entry>
@@ -146,194 +143,68 @@
<tbody>
<row>
- <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-11:01.mountd.asc"
- >SA-11:01.mountd</ulink></entry>
- <entry>20 April 2011</entry>
- <entry><para>Network ACL mishandling in &man.mountd.8;</para></entry>
+ <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-12:01.openssl.asc"
+ >SA-12:01.openssl</ulink></entry>
+ <entry>3 May 2012</entry>
+ <entry><para>OpenSSL multiple vulnerabilities</para></entry>
</row>
<row>
- <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-11:02.bind.asc"
- >SA-11:02.bind</ulink></entry>
- <entry>28 May 2011</entry>
- <entry><para>BIND remote DoS with large RRSIG RRsets and negative
- caching</para></entry>
+ <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-12:02.crypt.asc"
+ >SA-12:02.crypt</ulink></entry>
+ <entry>30 May 2012</entry>
+ <entry><para>Incorrect <function>crypt()</function> hashing</para></entry>
</row>
<row>
- <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-11:04.compress.asc"
- >SA-11:04.compress</ulink></entry>
- <entry>28 September 2011</entry>
- <entry><para>Errors handling corrupt compress file in
- &man.compress.1; and &man.gzip.1;</para></entry>
+ <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-12:03.bind.asc"
+ >SA-12:03.bind</ulink></entry>
+ <entry>12 June 2012</entry>
+ <entry><para>Incorrect handling of zero-length RDATA fields in &man.named.8;</para></entry>
</row>
<row>
- <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-11:05.unix.asc"
- >SA-11:05.unix</ulink></entry>
- <entry>28 September 2011</entry>
- <entry><para>Buffer overflow in handling of UNIX socket
- addresses</para></entry>
+ <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-12:04.sysret.asc"
+ >SA-12:04.sysret</ulink></entry>
+ <entry>12 June 2012</entry>
+ <entry><para>Privilege escalation when returning from kernel</para></entry>
</row>
<row>
- <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-11:06.bind.asc"
- >SA-11:06.bind</ulink></entry>
- <entry>23 December 2011</entry>
- <entry><para>Remote packet Denial of Service against &man.named.8;
- servers</para></entry>
+ <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-12:05.bind.asc"
+ >SA-12:05.bind</ulink></entry>
+ <entry>6 August 2012</entry>
+ <entry><para>&man.named.8; DNSSEC validation Denial of Service</para></entry>
</row>
<row>
- <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-11:07.chroot.asc"
- >SA-11:07.chroot</ulink></entry>
- <entry>23 December 2011</entry>
- <entry><para>Code execution via chrooted ftpd</para></entry>
+ <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-12:06.bind.asc"
+ >SA-12:06.bind</ulink></entry>
+ <entry>22 November 2012</entry>
+ <entry><para>Multiple Denial of Service vulnerabilities with &man.named.8;</para></entry>
</row>
<row>
- <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-11:08.telnetd.asc"
- >SA-11:08.telnetd</ulink></entry>
- <entry>23 December 2011</entry>
- <entry><para>telnetd code execution vulnerability</para></entry>
+ <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-12:07.hostapd.asc"
+ >SA-12:07.hostapd</ulink></entry>
+ <entry>22 November 2012</entry>
+ <entry><para>Insufficient message length validation for EAP-TLS messages</para></entry>
</row>
<row>
- <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-11:09.pam_ssh.asc"
- >SA-11:09.pam_ssh</ulink></entry>
- <entry>23 December 2011</entry>
- <entry><para>pam_ssh improperly grants access when user account has
- unencrypted SSH private keys</para></entry>
- </row>
-
- <row>
- <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-11:10.pam.asc"
- >SA-11:10.pam</ulink></entry>
- <entry>23 December 2011</entry>
- <entry><para><function>pam_start()</function> does not validate
- service names</para></entry>
+ <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-12:08.linux.asc"
+ >SA-12:08.linux</ulink></entry>
+ <entry>22 November 2012</entry>
+ <entry><para>Linux compatibility layer input validation error</para></entry>
</row>
</tbody>
</tgroup>
</informaltable>
</sect1>
- <sect1 id="open-issues">
- <title>Open Issues</title>
-
- <itemizedlist>
- <listitem>
- <para>In some releases prior to &release.current;, upgrading
- by using &man.freebsd-update.8; can fail. This issue has
- been fixed by a change in Errata Notice EN-12:01. For more
- information, see <ulink
- url="http://security.freebsd.org/advisories/FreeBSD-EN-12:01.freebsd-update.asc"></ulink></para>
- </listitem>
-
- <listitem>
- <para arch="amd64,i386">&os; &release.current; includes
- several changes to improve resource management of PCI
- devices. Some x86 machines may not boot or may have devices
- that no longer attach when using ACPI as a result of these
- changes. This can be worked around by setting a
- &man.loader.8; tunable
- <varname>debug.acpi.disabled</varname> to
- <literal>hostres</literal>. To do this, enter the following
- lines at the loader prompt:</para>
-
- <screen>set debug.acpi.disabled="hostres"
-boot</screen>
-
- <para>Or, put the following line into
- <filename>/boot/loader.conf</filename>:</para>
-
- <programlisting>debug.acpi.disabled="hostres"</programlisting>
- </listitem>
-
- <listitem>
- <para>A &man.devctl.4; event upon arrival of a &man.ugen.4;
- device has been changed. The event now includes
- <literal>ugen</literal> and <literal>cdev</literal>
- variables instead of <literal>device-name</literal>. This
- change can prevent the following &man.devd.8; rule which
- worked in a previous releases from working:</para>
-
- <programlisting>attach 0 {
- match "device-name" "ugen[0-9]+.[0-9]+";
- action "/path/to/script /dev/$device-name";
-}</programlisting>
-
- <para>This should be updated to the following:</para>
-
- <programlisting>attach 0 {
- match "subsystem" "DEVICE";
- match "type" "ATTACH";
- match "cdev" "ugen[0-9]+.[0-9]+";
- action "/path/to/script /dev/$cdev";
-}</programlisting>
- </listitem>
-
- <listitem>
- <para>The &os; &release.current; Release Notes should have
- mentioned that SSM (Source-Specific Multicast) MLDv2 now
- uses <literal>ALLOW_NEW_SOURCES</literal> and
- <literal>BLOCK_OLD_SOURCES</literal> record types to signal
- a join or a leave by default. This conforms RFC 4604,
- <quote>Using Internet Group Management Protocol Version 3
- (IGMPv3) and Multicast Listener Discovery Protocol Version 2
- (MLDv2) for Source-Specific Multicast</quote>. A new
- &man.sysctl.8; variable
- <varname>net.inet6.mld.use_allow</varname> which controls
- the behavior has been added. The default value is
- <literal>1</literal> (use
- <literal>ALLOW_NEW_SOURCES</literal> and
- <literal>BLOCK_OLD_SOURCES</literal>).</para>
- </listitem>
-
- <listitem>
- <para>&release.current; fails to configure an interface
- specified in the &man.rc.conf.5; variable
- <varname>ipv6_prefix_<replaceable>IF</replaceable></varname>
- when the interface does not have a corresponding
- <varname>ifconfig_<replaceable>IF</replaceable>_ipv6</varname>
- variable. This problem will be fixed in the future
- releases. To work around this problem on &release.current;,
- add an
- <varname>ifconfig_<replaceable>IF</replaceable>_ipv6</varname>
- line for each interface specified in
- <varname>ipv6_prefix_<replaceable>IF</replaceable></varname>
- as the following:</para>
-
- <programlisting>ipv6_prefix_em0="2001:db8:1:0 2001:db8:2:0"
-ifconfig_em0_ipv6="inet6 auto_linklocal"</programlisting>
- </listitem>
-
- <listitem>
- <para>In &release.current; the &os; USB subsystem supports USB
- 3.0 by the &man.xhci.4; driver. However, a bug that could
- prevent it from working with a USB 3.0 hub has been found
- and fixed after the release date. This means
- &release.current; and prior do not work with a USB 3.0 hub.
- This problem has been fixed in HEAD and will be merged into
- the 9-STABLE branch.</para>
- </listitem>
- </itemizedlist>
- </sect1>
-
<sect1 id="late-news">
<title>Late-Breaking News</title>
-<![ %release.type.current [
- <para>No news.</para>
-]]>
-
-<![ %release.type.release [
<para>No news.</para>
-]]>
-
-<![ %release.type.snapshot [
- <para>No news.</para>
-]]>
</sect1>
-
</article>
Modified: stable/9/release/doc/en_US.ISO8859-1/relnotes/article.xml
==============================================================================
--- stable/9/release/doc/en_US.ISO8859-1/relnotes/article.xml Tue Dec 18 06:37:23 2012 (r244378)
+++ stable/9/release/doc/en_US.ISO8859-1/relnotes/article.xml Tue Dec 18 06:55:13 2012 (r244379)
@@ -70,1303 +70,10 @@
</sect1>
<sect1 id="new">
- <title>What's New</title>
+ <title>What's New</title>
- <para>This section describes
- the most user-visible new or changed features in &os;
- since &release.prev;.</para>
-
- <para>Typical release note items
- document recent security advisories issued after
- &release.prev;,
- new drivers or hardware support, new commands or options,
- major bug fixes, or contributed software upgrades. They may also
- list changes to major ports/packages or release engineering
- practices. Clearly the release notes cannot list every single
- change made to &os; between releases; this document focuses
- primarily on security advisories, user-visible changes, and major
- architectural improvements.</para>
-
- <sect2 id="security">
- <title>Security Advisories</title>
-
- <para>Problems described in the following security advisories have
- been fixed. For more information, consult the individual
- advisories available from
- <ulink url="http://security.FreeBSD.org/"></ulink>.</para>
-
- <informaltable frame="none" pgwide="1">
- <tgroup cols="3">
- <colspec colwidth="1*"/>
- <colspec colwidth="1*"/>
- <colspec colwidth="3*"/>
- <thead>
- <row>
- <entry>Advisory</entry>
- <entry>Date</entry>
- <entry>Topic</entry>
- </row>
- </thead>
-
- <tbody>
- <row>
- <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-11:01.mountd.asc"
- >SA-11:01.mountd</ulink></entry>
- <entry>20 April 2011</entry>
- <entry><para>Network ACL mishandling in &man.mountd.8;</para></entry>
- </row>
-
- <row>
- <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-11:02.bind.asc"
- >SA-11:02.bind</ulink></entry>
- <entry>28 May 2011</entry>
- <entry><para>BIND remote DoS with large RRSIG RRsets and negative
- caching</para></entry>
- </row>
-
- <row>
- <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-11:04.compress.asc"
- >SA-11:04.compress</ulink></entry>
- <entry>28 September 2011</entry>
- <entry><para>Errors handling corrupt compress file in
- &man.compress.1; and &man.gzip.1;</para></entry>
- </row>
-
- <row>
- <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-11:05.unix.asc"
- >SA-11:05.unix</ulink></entry>
- <entry>28 September 2011</entry>
- <entry><para>Buffer overflow in handling of UNIX socket
- addresses</para></entry>
- </row>
-
- <row>
- <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-11:06.bind.asc"
- >SA-11:06.bind</ulink></entry>
- <entry>23 December 2011</entry>
- <entry><para>Remote packet Denial of Service against &man.named.8;
- servers</para></entry>
- </row>
-
- <row>
- <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-11:07.chroot.asc"
- >SA-11:07.chroot</ulink></entry>
- <entry>23 December 2011</entry>
- <entry><para>Code execution via chrooted ftpd</para></entry>
- </row>
-
- <row>
- <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-11:08.telnetd.asc"
- >SA-11:08.telnetd</ulink></entry>
- <entry>23 December 2011</entry>
- <entry><para>telnetd code execution vulnerability</para></entry>
- </row>
-
- <row>
- <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-11:09.pam_ssh.asc"
- >SA-11:09.pam_ssh</ulink></entry>
- <entry>23 December 2011</entry>
- <entry><para>pam_ssh improperly grants access when user account has
- unencrypted SSH private keys</para></entry>
- </row>
-
- <row>
- <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-11:10.pam.asc"
- >SA-11:10.pam</ulink></entry>
- <entry>23 December 2011</entry>
- <entry><para><function>pam_start()</function> does not validate
- service names</para></entry>
- </row>
- </tbody>
- </tgroup>
- </informaltable>
- </sect2>
-
- <sect2 id="kernel">
- <title>Kernel Changes</title>
-
- <para revision="219129">The &os; kernel now supports Capsicum
- Capability Mode. Capsicum is a set of features for sandboxing
- support, using a capability model in which the capabilities
- are file descriptors. Two new kernel options
- <literal>CAPABILITIES</literal> and
- <literal>CAPABILITY_MODE</literal> have been added to the
- <filename>GENERIC</filename> kernel. For more information
- about Capsicum, see <ulink
- url="http://www.cl.cam.ac.uk/research/security/capsicum/"></ulink>.</para>
-
- <para revision="219559,219561" arch="amd64,i386">The &os;
- &man.dtrace.1; framework now supports
- <literal>systrace</literal> for system calls of
- <literal>linux32</literal> and <literal>freebsd32</literal> on
- &os;/&arch.amd64;. Two new
- <filename>systrace_linux32</filename> and
- <filename>systrace_freebsd32</filename> kernel modules provide
- support for tracing compat system calls in addition to the native
- system call tracing provided by the
- <filename>systrace</filename> module.</para>
-
- <para revision="217152,217396" arch="amd64,i386,powerpc">The
- &os; ELF image activator now supports the
- <literal>PT_GNU_STACK</literal> program header. This is
- disabled by default. New &man.sysctl.8; variables
- <varname>kern.elf32.nxstack</varname> and
- <varname>kern.elf64.nxstack</varname> allow enabling
- <literal>PT_GNU_STACK</literal> for the specified ABIs
- (e.g. <literal>elf32</literal> for 32-bit ABI).</para>
-
- <para revision="216758,216615">The &man.hhook.9; (Helper Hook)
- and &man.khelp.9; (Kernel Helpers) KPIs have been implemented.
- These are a kind of superset of &man.pfil.9; framework for
- more general use in the kernel. The &man.hhook.9; KPI
- provides a way for kernel subsystems to export hook points
- that &man.khelp.9; modules can hook to provide enhanced or new
- functionality to the kernel. The &man.khelp.9; KPI provides a
- framework for managing &man.khelp.9; modules, which indirectly
- use the &man.hhook.9; KPI to register their hook functions
- with hook points of interest within the kernel. These allow a
- structured way to dynamically extend the kernel at runtime in
- an ABI preserving manner.</para>
-
- <para revision="224516" arch="amd64,i386,pc98">A &man.loader.8;
- tunable <varname>hw.memtest.tests</varname> has been added.
- This controls whether to perform memory testing at boot time
- or not. The default value is <literal>1</literal> (perform a
- memory test).</para>
-
- <para revision="220137">A new resource accounting API has been
- implemented. It can keep per-process, per-jail, and
- per-loginclass resource accounting information. Note that
- this is not built nor installed by default. To build and
- install them, specify <literal>options RACCT</literal> in the
- kernel configuration file and rebuild the base system as
- described in the <ulink
- url="http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/makeworld.html">&os;
- Handbook</ulink>.</para>
-
- <para revision="220163">A new resource-limiting API has been
- implemented. It works in conjunction with the
- <literal>RACCT</literal> resource accounting implementation
- and takes user-configurable actions based on the set of rules
- it maintains and the current resource usage. The &man.rctl.8;
- utility has been added to manage the rules in userland. Note
- that this is not built nor installed by default. To build and
- install them, specify <literal>options RCTL</literal> in the
- kernel configuration file and rebuild the base system as
- described in the <ulink
- url="http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/makeworld.html">&os;
- Handbook</ulink>.</para>
-
- <para revision="220031">The &man.sendmsg.2; and &man.recvmsg.2;
- system calls in the &os; Linux ABI compatibility have been
- improved.</para>
-
- <para revision="219999">The &man.open.2; and &man.fhopen.2;
- system calls now support the <literal>O_CLOEXEC</literal> flag,
- which allows setting the <literal>FD_CLOEXEC</literal> flag for the
- newly created file descriptor. This is standardized in IEEE
- Std 1003.1-2008 (POSIX, Single UNIX Specification Version
- 4).</para>
-
- <para revision="220791">The &man.posix.fallocate.2; system call has
- been implemented. This is a function in POSIX to ensure that
- a part of the storage for regular file data is allocated on the
- file system storage media.</para>
-
- <para revision="219304">Two new system calls
- <function>setloginclass(2)</function> and
- <function>getloginclass(2)</function> have been added. This
- makes it possible for the kernel to track the login class a
- process is assigned to, which is required for the
- <literal>RCTL</literal> resource limiting framework.</para>
-
- <para revision="220238" arch="amd64">&os; now supports executing
- &os; 1/&arch.i386; a.out binaries on &os;/&arch.amd64;. Note
- that this is not built nor installed by default. To build and
- install them, specify <literal>options COMPAT_43</literal> in
- the kernel configuration file and rebuild the base system as
- described in the <ulink
- url="http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/makeworld.html">&os;
- Handbook</ulink>.</para>
-
- <para revision="218485,219028,219029">The following
- &man.sysctl.8; variables have been added to show the availability
- of various kernel features:</para>
-
- <informaltable frame="none" pgwide="1">
- <tgroup cols="2">
- <colspec colwidth="1*"/>
- <colspec colwidth="3*"/>
- <thead>
- <row>
- <entry>&man.sysctl.8; variable name</entry>
- <entry>Description</entry>
- </row>
- </thead>
-
- <tbody>
- <row>
- <entry><varname>kern.features.ufs_acl</varname></entry>
- <entry>ACL (Access Control List) support in UFS</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.ufs_gjournal</varname></entry>
- <entry>journaling support through &man.gjournal.8; for
- UFS</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.ufs_quota</varname></entry>
- <entry>UFS disk quotas support</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.ufs_quota64</varname></entry>
- <entry>64-bit UFS disk quotas support</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.softupdates</varname></entry>
- <entry>FFS soft-updates support</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.ffs_snapshot</varname></entry>
- <entry>FFS snapshot support</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.nfsclient</varname></entry>
- <entry>NFS client (old implementation)</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.nfscl</varname></entry>
- <entry>NFS client (new implementation)</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.nfsserver</varname></entry>
- <entry>NFS server (old implementation)</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.nfsd</varname></entry>
- <entry>NFS server (new implementation)</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.kdtrace_hooks</varname></entry>
- <entry>Kernel DTrace hooks which are required to load
- DTrace kernel modules</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.ktr</varname></entry>
- <entry>Kernel support for KTR kernel tracing facility</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.ktrace</varname></entry>
- <entry>Kernel support for system call tracing</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.hwpmc_hooks</varname></entry>
- <entry>Kernel support for HW PMC</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.sysv_msg</varname></entry>
- <entry>System V message queues support</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.sysv_sem</varname></entry>
- <entry>System V semaphores support</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.p1003_1b_mqueue</varname></entry>
- <entry>POSIX P1003.1B message queues support</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.p1003_1b_semaphores</varname></entry>
- <entry>POSIX P1003.1B semaphores support</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.kposix_priority_scheduling</varname></entry>
- <entry>POSIX P1003.1B real-time extensions</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.stack</varname></entry>
- <entry>Support for capturing the kernel stack</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.sysv_shm</varname></entry>
- <entry>System V shared memory segments support</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.pps_sync</varname></entry>
- <entry>Support usage of external PPS signal by kernel PLL</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.regression</varname></entry>
- <entry>Kernel support for interfaces necessary for
- regression testing</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.invariant_support</varname></entry>
- <entry>Support for modules compiled with the INVARIANTS option</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.zero_copy_sockets</varname></entry>
- <entry>Zero copy sockets support</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.libmchain</varname></entry>
- <entry>mchain library</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.scbus</varname></entry>
- <entry>SCSI devices support</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.mac</varname></entry>
- <entry>Mandatory Access Control Framework support</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.audit</varname></entry>
- <entry>BSM audit support</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.geom_gate</varname></entry>
- <entry>GEOM Gate module</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.geom_uzip</varname></entry>
- <entry>GEOM uzip read-only compressed disks support</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.geom_cache</varname></entry>
- <entry>GEOM cache module</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.geom_mirror</varname></entry>
- <entry>GEOM mirroring support</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.geom_stripe</varname></entry>
- <entry>GEOM striping support</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.geom_concat</varname></entry>
- <entry>GEOM concatenation support</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.geom_raid3</varname></entry>
- <entry>GEOM RAID-3 functionality</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.geom_fox</varname></entry>
- <entry>GEOM FOX redundant path mitigation support</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.geom_multipath</varname></entry>
- <entry>GEOM multipath support</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.g_virstor</varname></entry>
- <entry>GEOM virtual storage support</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.geom_bde</varname></entry>
- <entry>GEOM-based Disk Encryption</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.geom_eli</varname></entry>
- <entry>GEOM crypto module</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.geom_journal</varname></entry>
- <entry>GEOM journaling support</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.geom_shsec</varname></entry>
- <entry>GEOM shared secret device support</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.geom_vol</varname></entry>
- <entry>GEOM support for volume names from UFS superblocks</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.geom_label</varname></entry>
- <entry>GEOM labeling support</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.geom_sunlabel</varname></entry>
- <entry>GEOM Sun/Solaris partitioning support</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.geom_bsd</varname></entry>
- <entry>GEOM BSD disklabels support</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.geom_pc98</varname></entry>
- <entry>GEOM NEC PC9800 partitioning support</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.geom_linux_lvm</varname></entry>
- <entry>GEOM Linux LVM partitioning support</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.geom_part_pc98</varname></entry>
- <entry>GEOM partitioning class for PC-9800 disk partitions</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.geom_part_vtoc8</varname></entry>
- <entry>GEOM partitioning class for SMI VTOC8 disk labels</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.geom_part_bsd</varname></entry>
- <entry>GEOM partitioning class for BSD disklabels</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.geom_part_ebr</varname></entry>
- <entry>GEOM partitioning class for extended boot records support</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.geom_part_ebr_compat</varname></entry>
- <entry>GEOM EBR partitioning class:
- backward-compatible partition names</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.geom_part_gpt</varname></entry>
- <entry>GEOM partitioning class for GPT partitions
- support</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.geom_part_apm</varname></entry>
- <entry>GEOM partitioning class for Apple-style
- partitions</entry>
- </row>
-
- <row>
- <entry><varname>kern.features.geom_part_mbr</varname></entry>
- <entry>GEOM partitioning class for MBR support</entry>
- </row>
- </tbody>
- </tgroup>
- </informaltable>
-
- <sect3 id="boot">
- <title>Boot Loader Changes</title>
-
- <para revision="222417">The default boot loader menu has been
- updated.</para>
-
- <para revision="219541" arch="ia64">The &man.loader.8; loader
- now supports PBVM (Pre-Boot Virtual Memory). This allows
- linking the kernel at a fixed virtual address without having to
- make any assumptions about the physical memory layout. The
- PBVM also allows fine control of the address where the
- kernel and its modules are to be loaded.</para>
- </sect3>
-
- <sect3 id="proc">
- <title>Hardware Support</title>
-
- <para revision="217044" arch="powerpc">&os;/powerpc now
- supports Sony Playstation 3 using the OtherOS feature
- available on firmwares 3.15 and earlier.</para>
-
- <para revision="219473,220577">A new &man.loader.8; tunable
- <varname>machdep.disable_tsc</varname> has been added.
- Setting this to a non-zero value disables use of TSC (Time
- Stamp Counter) by turning off boot-time CPU frequency
- calibration, DELAY(9) with TSC, and using TSC as a CPU
- ticker. Another new &man.loader.8; tunable
- <varname>machdep.disable_tsc_calibration</varname> allows to
- skip the TSC frequency calibration only. This is useful when
- one wants to use the nominal frequency of the chip in Intel
- processors, for example.</para>
-
- <para revision="223098" arch="amd64,i386">The &os; &man.usb.4;
- subsystem now supports USB 3.0 by default.</para>
-
- <para revision="215649">The &os; &man.usb.4; subsystem now
- supports USB packet filter. This allows to capture packets
- which go through each USB host controller. The
- implementation is almost based on &man.bpf.4; code.
- The userland program &man.usbdump.8; has been added.</para>
-
- <sect4 id="net-if">
- <title>Network Interface Support</title>
-
- <para revision="217649">A bug in the &man.alc.4; driver which
- could make AR8152-based network interfaces stop working
- has been fixed.</para>
-
- <para revision="219647">A bxe(4) driver for Broadcom
- NetXtreme II 10GbE controllers (BCM57710, BCM57711,
- BCM57711E) has been added.</para>
-
- <para revision="220009">The &man.cxgb.4; driver has been
- updated to version 7.11.0.</para>
-
- <para revision="218794">A &man.cxgbe.4; driver for Chelsio
- T4 (Terminator 4) based 10Gb/1Gb adapters has been
- added.</para>
-
- <para revision="218832" arch="i386">The &man.dc.4; driver
- now works correctly in kernels with the
- <option>PAE</option> option.</para>
-
- <para revision="219753">The &man.em.4; driver has been
- updated to version 7.3.2.</para>
-
- <para revision="223350">The &man.igb.4; driver has been
- updated to version 2.2.5.</para>
-
- <para revision="218530">The &man.igb.4; driver now supports
- Intel I350 PCIe Gigabit Ethernet controllers.</para>
-
- <para revision="217593">The &man.ixgbe.4; driver has been
- updated to version 2.3.8.</para>
-
- <para revision="220892">Firmware images in the &man.iwn.4;
- driver for 1000, 5000, 6000, and 6500 series cards have been
- updated.</para>
-
- <para revision="216860">A bug in the &man.msk.4; driver has been
- fixed. It could prevent RX checksum offloading from
- working.</para>
-
- <para revision="217794">A bug in the &man.nfe.4; driver which
- could prevent reinitialization after changing the MTU has
- been fixed.</para>
-
- <para revision="217511">A bug in the &man.ral.4; and &man.run.4;
- drivers which could prevent <literal>hostap</literal> mode
- from working has been fixed.</para>
-
- <para revision="216828">A rdcphy(4) driver for RDC Semiconductor
- R6040 10/100 PHY has been added.</para>
-
- <para revision="217498,218760">The &man.re.4; driver now supports
- RTL8168E/8111E-VL PCIe Gigabit Ethernet controllers and
- RTL8401E PCIe Fast Ethernet controllers.</para>
-
- <para revision="217766">The &man.re.4; driver now supports
- TX interrupt moderation on RTL810xE PCIe Fast Ethernet
- controllers.</para>
-
- <para revision="217902">The &man.re.4; driver now supports
- another mechanism for RX interrupt moderation because of
- performance problems. A &man.sysctl.8; variable
- <varname>dev.re.<replaceable>N</replaceable>.int_rx_mod</varname>
- has been added to control amount of time to delay RX
- interrupt processing, in units of microsecond. Setting it
- to <literal>0</literal> completely disables RX interrupt
- moderation. A &man.loader.8; tunable
- <varname>hw.re.intr_filter</varname> controls whether the
- old mechanism utilizing MSI/MSI-X capability on
- supported controllers is used or not. When set to
- a non-zero value, the &man.re.4; driver uses the old
- mechanism. The default value is <literal>0</literal> and
- this tunable has no effect on controllers without MSI/MSI-X
- capability.</para>
-
- <para revision="217246,217832">The &man.re.4; driver now
- supports TSO (TCP Segmentation Offload) on RealTek
- RTL8168/8111 C or later controllers. Note that this is
- disabled by default because broken frames can be sent
- under certain conditions.</para>
-
- <para revision="217381,218289">The &man.re.4; driver now
- supports enabling TX and/or RX checksum offloading
- independently from each other. Note that TX IP checksum
- is disabled on some RTL8168C-based network interfaces
- because it can generate an incorrect IP checksum when the
- packet contains IP options.</para>
-
- <para revision="217296">A bug in the &man.re.4; driver has
- been fixed. It could cause a panic when receiving a jumbo
- frame on an RTL8169C, 8169D, or 8169E controller-based
- network interface.</para>
-
- <para revision="217911">The &man.re.4; driver now supports
- RTL8105E PCIe Fast Ethernet controllers.</para>
-
- <para revision="217910">The rlphy(4) driver now supports the
- Realtek RTL8201E 10/100 PHY found in RTL8105E
- controllers.</para>
-
- <para revision="217548">A bug in the &man.sis.4; driver has
- been fixed. It could prevent a proper reinitialization
- on DP83815, DP83816, and SiS 900/7016 controllers when the
- configuration of multicast packet handling and/or
- promiscuous mode is changed.</para>
-
- <para revision="216650">A bug in the &man.vlan.4; pseudo interface
- han been fixed. It could have a random interface
- identifier in an automatically configured IPv6 link-local
- address, instead of one generated with the parent
- interface's IEEE 802 48-bit MAC address and an algorithm
- described in RFC 4291.</para>
-
- <para revision="216829">A &man.vte.4; driver for RDC R6040 Fast
- Ethernet controllers, which are commonly found on the Vortex86
- System On a Chip, has been added.</para>
-
- <para revision="221167">A &man.vxge.4; driver for the Neterion
- X3100 10GbE Server/Storage adapter has been added.</para>
-
- <para revision="216824">A bug in the &man.wpi.4; driver has been
- fixed. It could display the following error messages and
- result in the device being unusable:</para>
-
*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
More information about the svn-src-stable-9
mailing list