xref: /freebsd/RELNOTES (revision efedac28c7ce4bef9d9b09b7901f1cb35babc2c4) 
1Release notes for FreeBSD 15.0.
2
3This file describes new user-visible features, changes and updates relevant to
4users of binary FreeBSD releases.  Each entry should describe the change in no
5more than several sentences and should reference manual pages where an
6interested user can find more information.  Entries should wrap after 80
7columns.  Each entry should begin with one or more commit IDs on one line,
8specified as a comma separated list and/or range, followed by a colon and a
9newline.  Entries should be separated by a newline.
10
11Changes to this file should not be MFCed.
12
1344e5a0150835, 9a37f1024ceb:
14	A new utility sndctl(8) has been added to concentrate the various
15	interfaces for viewing and manipulating audio device settings (sysctls,
16	/dev/sndstat), into a single utility with a similar control-driven
17	interface to that of mixer(8).
18
1993a94ce731a8:
20	ps(1)'s options '-a' and '-A', when combined with any other one
21	affecting the selection of processes except for '-X' and '-x', would
22	have no effect, in contradiction with the rule that one process is
23	listed as soon as any of the specified options selects it (inclusive
24	OR), which is both mandated by POSIX and arguably a natural expectation.
25	This bug has been fixed.
26
27	As a practical consequence, specifying '-a'/'-A' now causes all
28	processes to be listed regardless of other selection options (except for
29	'-X' and '-x', which still apply).  In particular, to list only
30	processes from specific jails, one must not use '-a' with '-J'.  Option
31	'-J', contrary to its apparent initial intent, never worked as a filter
32	in practice (except by accident with '-a' due to the bug), but instead
33	as any other selection options (e.g., '-U', '-p', '-G', etc.) subject to
34	the "inclusive OR" rule.
35
36995b690d1398:
37	ps(1)'s '-U' option has been changed to select processes by their real
38	user IDs instead of their effective one, in accordance with POSIX and
39	the use case of wanting to list processes launched by some user, which
40	is expected to be more frequent than listing processes having the rights
41	of some user.  This only affects the selection of processes whose real
42	and effective user IDs differ.	After this change, ps(1)'s '-U' flag
43	behaves differently then in other BSDs but identically to that of
44	Linux's procps and illumos.
45
461aabbb25c9f9:
47	ps(1)'s default list of processes now comes from matching its effective
48	user ID instead of its real user ID with the effective user ID of all
49	processes, in accordance with POSIX.  As ps(1) itself is not installed
50	setuid, this only affects processes having different real and effective
51	user IDs that launch ps(1) processes.
52
53f0600c41e754-de701f9bdbe0, bc201841d139:
54	mac_do(4) is now considered production-ready and its functionality has
55	been considerably extended at the price of breaking credentials
56	transition rules' backwards compatibility.  All that could be specified
57	with old rules can also be with new rules.  Migrating old rules is just
58	a matter of adding "uid=" in front of the target part, substituting
59	commas (",") with semi-colons (";") and colons (":") with greater-than
60	signs (">").  Please consult the mac_do(4) manual page for the new rules
61	grammar.
62
6302d4eeabfd73:
64	hw.snd.maxautovchans has been retired. The commit introduced a
65	hw.snd.vchans_enable sysctl, which along with
66	dev.pcm.X.{play|rec}.vchans, from now on work as tunables to only
67	enable/disable vchans, as opposed to setting their number and/or
68	(de-)allocating vchans. Since these sysctls do not trigger any
69	(de-)allocations anymore, their effect is instantaneous, whereas before
70	we could have frozen the machine (when trying to allocate new vchans)
71	when setting dev.pcm.X.{play|rec}.vchans to a very large value.
72
737e7f88001d7d:
74	The definition of pf's struct pfr_tstats and struct pfr_astats has
75	changed, breaking ABI compatibility for 32-bit powerpc (including
76	powerpcspe) and armv7. Users of these platforms should ensure kernel
77	and userspace are updated together.
78
795dc99e9bb985, 08e638c089a, 4009a98fe80:
80	The net.inet.{tcp,udp,raw}.bind_all_fibs tunables have been added.
81	They modify socket behavior such that packets not originating from the
82	same FIB as the socket are ignored.  TCP and UDP sockets belonging to
83	different FIBs may also be bound to the same address.  The default
84	behavior is unmodified.
85
86f87bb5967670, e51036fbf3f8:
87	Support for vinum volumes has been removed.
88
898ae6247aa966, cf0ede720391d, 205659c43d87bd, 1ccbdf561f417, 4db1b113b151:
90	The layout of NFS file handles for the tarfs, tmpfs, cd9660, and ext2fs
91	file systems has changed.  An NFS server that exports any of these file
92	systems will need its clients to unmount and remount the exports.
93
941111a44301da:
95	Defer the January 19, 2038 date limit in UFS1 filesystems to
96	February 7, 2106. This affects only UFS1 format filesystems.
97	See the commit message for details.
98
9907cd69e272da:
100	Add a new -a command line option to mountd(8).
101	If this command line option is specified, when
102	a line in exports(5) has the -alldirs export option,
103	the directory must be a server file system mount point.
104
1050e8a36a2ab12:
106	Add a new NFS mount option called "mountport" that may be used
107	to specify the port# for the NFS server's Mount protocol.
108	This permits a NFSv3 mount to be done without running rpcbind(8).
109
110b2f7c53430c3:
111	Kernel TLS is now enabled by default in kernels including KTLS
112	support.  KTLS is included in GENERIC kernels for aarch64,
113	amd64, powerpc64, and powerpc64le.
114
115f57efe95cc25:
116	New mididump(1) utility which dumps MIDI 1.0 events in real time.
117
118ddfc6f84f242:
119	Update unicode to 16.0.0 and CLDR to 45.0.0.
120
121b22be3bbb2de:
122	Basic Cloudinit images no longer generate RSA host keys by default for
123	SSH.
124
125000000000000:
126	RSA host keys for SSH are deprecated and will no longer be generated
127	by default in FreeBSD 16.
128
1290aabcd75dbc2:
130	EC2 AMIs no longer generate RSA host keys by default for SSH.  RSA
131	host key generation can be re-enabled by setting sshd_rsa_enable="YES"
132	in /etc/rc.conf if it is necessary to support very old SSH clients.
133
134a1da7dc1cdad:
135	The SO_SPLICE socket option was added.  It allows TCP connections to
136	be spliced together, enabling proxy-like functionality without the
137	need to copy data in and out of user memory.
138
139fc12c191c087:
140	grep(1) no longer follows symbolic links by default for
141	recursive searches.  This matches the documented behavior in
142	the manual page.
143
144e962b37bf0ff:
145	When running bhyve(8) guests with a boot ROM, i.e., bhyveload(8) is not
146	used, bhyve now assumes that the boot ROM will enable PCI BAR decoding.
147	This is incompatible with some boot ROMs, particularly outdated builds
148	of edk2-bhyve.  To restore the old behavior, add
149	"pci.enable_bars='true'" to your bhyve configuration.
150
151	Note in particular that the uefi-edk2-bhyve package has been renamed
152	to edk2-bhyve.
153
15443caa2e805c2:
155	amd64 bhyve(8)'s "lpc.bootrom" and "lpc.bootvars" options are
156	deprecated.  Use the top-level "bootrom" and "bootvars" options
157	instead.
158
159822ca3276345:
160	byacc was updated to 20240109.
161
16221817992b331:
163	ncurses was updated to 6.5.
164
1651687d77197c0:
166	Filesystem manual pages have been moved to section four.
167	Please check ports you are maintaining for crossreferences.
168
1698aac90f18aef:
170	new MAC/do policy and mdo(1) utility which enables a user to
171	become another user without the requirement of setuid root.
172
1737398d1ece5cf:
174	hw.snd.version is removed.
175
176a15f7c96a276,a8089ea5aee5:
177	NVMe over Fabrics controller.  The nvmft(4) kernel module adds
178	a new frontend to the CAM target layer which exports ctl(4)
179	LUNs as NVMe namespaces to remote hosts.  The nvmfd(8) daemon
180	is responsible for accepting incoming connection requests and
181	handing off connected queue pairs to nvmft(4).
182
183a1eda74167b5,1058c12197ab:
184	NVMe over Fabrics host.  New commands added to nvmecontrol(8)
185	to establish connections to remote controllers.  Once
186	connections are established they are handed off to the nvmf(4)
187	kernel module which creates nvmeX devices and exports remote
188	namespaces as nda(4) disks.
189
19025723d66369f:
191	As a side-effect of retiring the unit.* code in sound(4), the
192	hw.snd.maxunit loader(8) tunable is also retired.
193
194eeb04a736cb9:
195	date(1) now supports nanoseconds. For example:
196	`date -Ins` prints "2024-04-22T12:20:28,763742224+02:00" and
197	`date +%N` prints "415050400".
198
1996d5ce2bb6344:
200	The default value of the nfs_reserved_port_only rc.conf(5) setting has
201	changed.  The FreeBSD NFS server now requires the source port of
202	requests to be in the privileged port range (i.e., <= 1023), which
203	generally requires the client to have elevated privileges on their local
204	system.  The previous behavior can be restored by setting
205	nfs_reserved_port_only=NO in rc.conf.
206
207aea973501b19:
208	ktrace(2) will now record detailed information about capability mode
209	violations. The kdump(1) utility has been updated to display such
210	information.
211
212f32a6403d346:
213	One True Awk updated to 2nd Edition. See https://awk.dev for details
214	on the additions. Unicode and CSVs (Comma Separated Values) are now
215	supported.
216
217fe86d923f83f:
218	usbconfig(8) now reads the descriptions of the usb vendor and products
219	from usb.ids when available, similarly to what pciconf(8) does.
220
2214347ef60501f:
222	The powerd(8) utility is now enabled in /etc/rc.conf by default on
223	images for the arm64 Raspberry Pi's (arm64-aarch64-RPI img files).
224	This prevents the CPU clock from running slow all the time.
225
2260b49e504a32d:
227	rc.d/jail now supports the legacy variable jail_${jailname}_zfs_dataset
228	to allow unmaintained jail managers like ezjail to make use of this
229	feature (simply rename jail_${jailname}_zfs_datasets in the ezjail
230	config to jail_${jailname}_zfs_dataset.
231
232e0dfe185cbca:
233	jail(8) now support zfs.dataset to add a list of ZFS datasets to a
234        jail.
235
23661174ad88e33:
237	newsyslog(8) now supports specifying a global compression method directly
238	at the beginning of the newsyslog.conf file, which will make newsyslog(8)
239	to behave like the corresponding option was passed to the newly added
240	'-c' option. For example:
241
242	<compress> none
243
244906748d208d3:
245	newsyslog(8) now accepts a new option, '-c' which overrides all historical
246	compression flags by treating their meaning as "treat the file as compressible"
247	rather than "compress the file with that specific method."
248
249	The following choices are available:
250	 * none: Do not compress, regardless of flag.
251	 * legacy: Historical behavior (J=bzip2, X=xz, Y=zstd, Z=gzip).
252	 * bzip2, xz, zstd, gzip: apply the specified compression method.
253
254	We plan to change the default to 'none' in FreeBSD 15.0.
255
2561a878807006c:
257	This commit added some statistics collection to the NFS-over-TLS
258	code in the NFS server so that sysadmins can moditor usage.
259	The statistics are available via the kern.rpc.tls.* sysctls.
260
2617c5146da1286:
262	Mountd has been modified to use strunvis(3) to decode directory
263	names in exports(5) file(s).  This allows special characters,
264	such as blanks, to be embedded in the directory name(s).
265	"vis -M" may be used to encode such directory name(s).
266
267c5359e2af5ab:
268	bhyve(8) has a new network backend, "slirp", which makes use of the
269	libslirp package to provide a userspace network stack.  This backend
270	makes it possible to access the guest network from the host without
271	requiring any extra network configuration on the host.
272
273bb830e346bd5:
274	Set the IUTF8 flag by default in tty(4).
275
276	128f63cedc14 and 9e589b093857 added proper UTF-8 backspacing handling
277	in the tty(4) driver, which is enabled by setting the new IUTF8 flag
278	through stty(1). Since the default locale is UTF-8, enable IUTF8 by
279	default.
280
281ff01d71e48d4:
282	dialog(1) has been replaced by bsddialog(1)
283
28441582f28ddf7:
285	FreeBSD 15.0 will not include support for 32-bit platforms.
286	However, 64-bit systems will still be able to run older 32-bit
287	binaries.
288
289	Support for executing 32-bit binaries on 64-bit platforms via
290	COMPAT_FREEBSD32 will remain supported for at least the
291	stable/15 and stable/16 branches.
292
293	Support for compiling individual 32-bit applications via
294	`cc -m32` will also be supported for at least the stable/15
295	branch which includes suitable headers in /usr/include and
296	libraries in /usr/lib32.
297
298	Support for 32-bit platforms in ports for 15.0 and later
299	releases is also deprecated, and these future releases may not
300	include binary packages for 32-bit platforms or support for
301	building 32-bit applications from ports.
302
303	stable/14 and earlier branches will retain existing 32-bit
304	kernel and world support.  Ports will retain existing support
305	for building ports and packages for 32-bit systems on stable/14
306	and earlier branches as long as those branches are supported
307	by the ports system.  However, all 32-bit platforms are Tier-2
308	or Tier-3 and support for individual ports should be expected
309	to degrade as upstreams deprecate 32-bit platforms.
310
311	With the current support schedule, stable/14 will be EOLed 5
312	years after the release of 14.0.  The EOL of stable/14 would
313	mark the end of support for 32-bit platforms including source
314	releases, pre-built packages, and support for building
315	applications from ports.  Given an estimated release date of
316	October 2023 for 14.0, support for 32-bit platforms would end
317	in October 2028.
318
319	The project may choose to alter this approach when 15.0 is
320	released by extending some level of 32-bit support for one or
321	more platforms in 15.0 or later.  Users should use the
322	stable/14 branch to migrate off of 32-bit platforms.
323