1Release notes for FreeBSD 15.0. 2 3This file describes new user-visible features, changes and updates relevant to 4users of binary FreeBSD releases. Each entry should describe the change in no 5more than several sentences and should reference manual pages where an 6interested user can find more information. Entries should wrap after 80 7columns. Each entry should begin with one or more commit IDs on one line, 8specified as a comma separated list and/or range, followed by a colon and a 9newline. Entries should be separated by a newline. 10 11Changes to this file should not be MFCed. 12 13f87bb5967670, e51036fbf3f8: 14 Support for vinum volumes has been removed. 15 168ae6247aa966, cf0ede720391d, 205659c43d87bd, 1ccbdf561f417, 4db1b113b151: 17 The layout of NFS file handles for the tarfs, tmpfs, cd9660, and ext2fs 18 file systems has changed. An NFS server that exports any of these file 19 systems will need its clients to unmount and remount the exports. 20 2107cd69e272da: 22 Add a new -a command line option to mountd(8). 23 If this command line option is specified, when 24 a line in exports(5) has the -alldirs export option, 25 the directory must be a server file system mount point. 26 270e8a36a2ab12: 28 Add a new NFS mount option called "mountport" that may be used 29 to specify the port# for the NFS server's Mount protocol. 30 This permits a NFSv3 mount to be done without running rpcbind(8). 31 32b2f7c53430c3: 33 Kernel TLS is now enabled by default in kernels including KTLS 34 support. KTLS is included in GENERIC kernels for aarch64, 35 amd64, powerpc64, and powerpc64le. 36 37f57efe95cc25: 38 New mididump(1) utility which dumps MIDI 1.0 events in real time. 39 40ddfc6f84f242: 41 Update unicode to 16.0.0 and CLDR to 45.0.0. 42 43b22be3bbb2de: 44 Basic Cloudinit images no longer generate RSA host keys by default for 45 SSH. 46 47000000000000: 48 RSA host keys for SSH are deprecated and will no longer be generated 49 by default in FreeBSD 16. 50 510aabcd75dbc2: 52 EC2 AMIs no longer generate RSA host keys by default for SSH. RSA 53 host key generation can be re-enabled by setting sshd_rsa_enable="YES" 54 in /etc/rc.conf if it is necessary to support very old SSH clients. 55 56a1da7dc1cdad: 57 The SO_SPLICE socket option was added. It allows TCP connections to 58 be spliced together, enabling proxy-like functionality without the 59 need to copy data in and out of user memory. 60 61fc12c191c087: 62 grep(1) no longer follows symbolic links by default for 63 recursive searches. This matches the documented behavior in 64 the manual page. 65 66e962b37bf0ff: 67 When running bhyve(8) guests with a boot ROM, i.e., bhyveload(8) is not 68 used, bhyve now assumes that the boot ROM will enable PCI BAR decoding. 69 This is incompatible with some boot ROMs, particularly outdated builds 70 of edk2-bhyve. To restore the old behavior, add 71 "pci.enable_bars='true'" to your bhyve configuration. 72 73 Note in particular that the uefi-edk2-bhyve package has been renamed 74 to edk2-bhyve. 75 7643caa2e805c2: 77 amd64 bhyve(8)'s "lpc.bootrom" and "lpc.bootvars" options are 78 deprecated. Use the top-level "bootrom" and "bootvars" options 79 instead. 80 81822ca3276345: 82 byacc was updated to 20240109. 83 8421817992b331: 85 ncurses was updated to 6.5. 86 871687d77197c0: 88 Filesystem manual pages have been moved to section four. 89 Please check ports you are maintaining for crossreferences. 90 918aac90f18aef: 92 new MAC/do policy and mdo(1) utility which enables a user to 93 become another user without the requirement of setuid root. 94 957398d1ece5cf: 96 hw.snd.version is removed. 97 98a15f7c96a276,a8089ea5aee5: 99 NVMe over Fabrics controller. The nvmft(4) kernel module adds 100 a new frontend to the CAM target layer which exports ctl(4) 101 LUNs as NVMe namespaces to remote hosts. The nvmfd(8) daemon 102 is responsible for accepting incoming connection requests and 103 handing off connected queue pairs to nvmft(4). 104 105a1eda74167b5,1058c12197ab: 106 NVMe over Fabrics host. New commands added to nvmecontrol(8) 107 to establish connections to remote controllers. Once 108 connections are established they are handed off to the nvmf(4) 109 kernel module which creates nvmeX devices and exports remote 110 namespaces as nda(4) disks. 111 11225723d66369f: 113 As a side-effect of retiring the unit.* code in sound(4), the 114 hw.snd.maxunit loader(8) tunable is also retired. 115 116eeb04a736cb9: 117 date(1) now supports nanoseconds. For example: 118 `date -Ins` prints "2024-04-22T12:20:28,763742224+02:00" and 119 `date +%N` prints "415050400". 120 1216d5ce2bb6344: 122 The default value of the nfs_reserved_port_only rc.conf(5) setting has 123 changed. The FreeBSD NFS server now requires the source port of 124 requests to be in the privileged port range (i.e., <= 1023), which 125 generally requires the client to have elevated privileges on their local 126 system. The previous behavior can be restored by setting 127 nfs_reserved_port_only=NO in rc.conf. 128 129aea973501b19: 130 ktrace(2) will now record detailed information about capability mode 131 violations. The kdump(1) utility has been updated to display such 132 information. 133 134f32a6403d346: 135 One True Awk updated to 2nd Edition. See https://awk.dev for details 136 on the additions. Unicode and CSVs (Comma Separated Values) are now 137 supported. 138 139fe86d923f83f: 140 usbconfig(8) now reads the descriptions of the usb vendor and products 141 from usb.ids when available, similarly to what pciconf(8) does. 142 1434347ef60501f: 144 The powerd(8) utility is now enabled in /etc/rc.conf by default on 145 images for the arm64 Raspberry Pi's (arm64-aarch64-RPI img files). 146 This prevents the CPU clock from running slow all the time. 147 1480b49e504a32d: 149 rc.d/jail now supports the legacy variable jail_${jailname}_zfs_dataset 150 to allow unmaintained jail managers like ezjail to make use of this 151 feature (simply rename jail_${jailname}_zfs_datasets in the ezjail 152 config to jail_${jailname}_zfs_dataset. 153 154e0dfe185cbca: 155 jail(8) now support zfs.dataset to add a list of ZFS datasets to a 156 jail. 157 15861174ad88e33: 159 newsyslog(8) now supports specifying a global compression method directly 160 at the beginning of the newsyslog.conf file, which will make newsyslog(8) 161 to behave like the corresponding option was passed to the newly added 162 '-c' option. For example: 163 164 <compress> none 165 166906748d208d3: 167 newsyslog(8) now accepts a new option, '-c' which overrides all historical 168 compression flags by treating their meaning as "treat the file as compressible" 169 rather than "compress the file with that specific method." 170 171 The following choices are available: 172 * none: Do not compress, regardless of flag. 173 * legacy: Historical behavior (J=bzip2, X=xz, Y=zstd, Z=gzip). 174 * bzip2, xz, zstd, gzip: apply the specified compression method. 175 176 We plan to change the default to 'none' in FreeBSD 15.0. 177 1781a878807006c: 179 This commit added some statistics collection to the NFS-over-TLS 180 code in the NFS server so that sysadmins can moditor usage. 181 The statistics are available via the kern.rpc.tls.* sysctls. 182 1837c5146da1286: 184 Mountd has been modified to use strunvis(3) to decode directory 185 names in exports(5) file(s). This allows special characters, 186 such as blanks, to be embedded in the directory name(s). 187 "vis -M" may be used to encode such directory name(s). 188 189c5359e2af5ab: 190 bhyve(8) has a new network backend, "slirp", which makes use of the 191 libslirp package to provide a userspace network stack. This backend 192 makes it possible to access the guest network from the host without 193 requiring any extra network configuration on the host. 194 195bb830e346bd5: 196 Set the IUTF8 flag by default in tty(4). 197 198 128f63cedc14 and 9e589b093857 added proper UTF-8 backspacing handling 199 in the tty(4) driver, which is enabled by setting the new IUTF8 flag 200 through stty(1). Since the default locale is UTF-8, enable IUTF8 by 201 default. 202 203ff01d71e48d4: 204 dialog(1) has been replaced by bsddialog(1) 205 20641582f28ddf7: 207 FreeBSD 15.0 will not include support for 32-bit platforms. 208 However, 64-bit systems will still be able to run older 32-bit 209 binaries. 210 211 Support for executing 32-bit binaries on 64-bit platforms via 212 COMPAT_FREEBSD32 will remain supported for at least the 213 stable/15 and stable/16 branches. 214 215 Support for compiling individual 32-bit applications via 216 `cc -m32` will also be supported for at least the stable/15 217 branch which includes suitable headers in /usr/include and 218 libraries in /usr/lib32. 219 220 Support for 32-bit platforms in ports for 15.0 and later 221 releases is also deprecated, and these future releases may not 222 include binary packages for 32-bit platforms or support for 223 building 32-bit applications from ports. 224 225 stable/14 and earlier branches will retain existing 32-bit 226 kernel and world support. Ports will retain existing support 227 for building ports and packages for 32-bit systems on stable/14 228 and earlier branches as long as those branches are supported 229 by the ports system. However, all 32-bit platforms are Tier-2 230 or Tier-3 and support for individual ports should be expected 231 to degrade as upstreams deprecate 32-bit platforms. 232 233 With the current support schedule, stable/14 will be EOLed 5 234 years after the release of 14.0. The EOL of stable/14 would 235 mark the end of support for 32-bit platforms including source 236 releases, pre-built packages, and support for building 237 applications from ports. Given an estimated release date of 238 October 2023 for 14.0, support for 32-bit platforms would end 239 in October 2028. 240 241 The project may choose to alter this approach when 15.0 is 242 released by extending some level of 32-bit support for one or 243 more platforms in 15.0 or later. Users should use the 244 stable/14 branch to migrate off of 32-bit platforms. 245