FreeBSD 11.3-RELEASE Release Notes

The release notes for FreeBSD 11.3-RELEASE contain a summary of the changes made to the FreeBSD base system on the 11.3-STABLE development line. This document lists applicable security advisories that were issued since the last release, as well as significant changes to the FreeBSD kernel and userland. Some brief remarks on upgrading are also presented.

This document contains the release notes for FreeBSD 11.3-RELEASE. It describes recently added, changed, or deleted features of FreeBSD. It also provides some notes on upgrading from previous versions of FreeBSD.

This distribution of FreeBSD 11.3-RELEASE is a release distribution. It can be found at https://www.FreeBSD.org/releases/ or any of its mirrors. More information on obtaining this (or other) release distributions of FreeBSD can be found in the Obtaining FreeBSD' appendix to the FreeBSD Handbook.

All users are encouraged to consult the release errata before installing FreeBSD. The errata document is updated with "late-breaking" information discovered late in the release cycle or after the release. Typically, it contains information on known bugs, security advisories, and corrections to documentation. An up-to-date copy of the errata for FreeBSD 11.3-RELEASE can be found on the FreeBSD Web site.

This document describes the most user-visible new or changed features in FreeBSD since 11.2-RELEASE. In general, changes described here are unique to the 11.3-STABLE branch unless specifically marked as MERGED features.

Typical release note items document recent security advisories issued after 11.2-RELEASE, new drivers or hardware support, new commands or options, major bug fixes, or contributed software upgrades. They may also list changes to major ports/packages or release engineering practices. Clearly the release notes cannot list every single change made to FreeBSD between releases; this document focuses primarily on security advisories, user-visible changes, and major architectural improvements.

[amd64,i386] Binary upgrades between RELEASE versions (and snapshots of the various security branches) are supported using the freebsd-update(8) utility. The binary upgrade procedure will update unmodified userland utilities, as well as unmodified GENERIC kernels distributed as a part of an official FreeBSD release. The freebsd-update(8) utility requires that the host being upgraded have Internet connectivity.

Source-based upgrades (those based on recompiling the FreeBSD base system from source code) from previous versions are supported, according to the instructions in /usr/src/UPDATING.

This section lists the various Security Advisories and Errata Notices since 11.2-RELEASE.

This section covers changes and additions to userland applications, contributed software, and system utilities.

The jail(8) utility has been updated to include a new jail.conf(5) parameter, allow.read_msgbuf, which prevents jailed processes and users from accessing the dmesg(8) buffer. This parameter is set to false by default. (r339446)

The system crontab(5), /etc/crontab, has been updated to set PATH for consistency with the cron(8) daemon. (r342103)

The default devd.conf(5) has been updated to prevent duplicated hostapd(8) and wpa_supplicant(8) startup via devd(8). (r343469)

A new variable, init_exec, has been added to kenv(1), allowing init(8) to run an executable file after opening the console, replacing init(8) as PID 1. (r346479)

The cpuset(1), sockstat(1), ipfw(8), and ugidfw(8) utilities have been updated to support jail(8) names. (r336040)

The newfs_msdos(8) utililty has been updated to include a new flag, -T, which is used to specify the timestamp for build reproducibility. (r336328)

The dd(1) utility has been updated to add a new status`operand, `progress, which reports the current status on a single line every second. (r338364)

The last(1) utility has been updated to include libxo(3) support. (r338451)

The lastlogin(8) utility has been updated to include libxo(3) support. (r338452)

The traceroute(8) utility has been updated to include libcasper(3) support. (r338475)

The diff(1) utility has been updated to implement -B and --ignore-blank-lines support. (r339160)

The makewhatis(1) utility has been updated to prevent operating within read-only directories. (r340963)

The jail(8) utility has been updated to add a new flag, -e, which takes a jail.conf(5) parameter as an argument and prints a list of non-wildcard jails with the specified parameter. (r341790)

The ktrdump(8) utility has been updated to include the -l flag which enables "live" mode when specified. (r342706)

The trim(8) utility has been added, which deletes content for blocks on flash-based storage devices that use wear-leveling algorithms. (r343118)

The gzip(1) utility has been updated to add -l support for xz(1) files. (r343251)

The newfs(8) and tunefs(8) utilities have been updated to allow underscores in label names. (r343538) (Sponsored by Netflix)

The pfctl(8) utility has been updated to provide clearer output and reference the net.pf.request_maxcount sysctl(8) if a defined table is too large. (r344020)

The newfs(8) and tunefs(8) utilities have been updated to allow dashes in label names. (r344052)

The fdisk(8) utility has been updated to support sectors larger than 2048 bytes. (r344490)

The sh(1) utility has been updated to add the pipefail option which simplifies checking the exit status of all commands in a pipeline. (r345561)

The patch(1) utility has been updated to exit successfully if the input patch file is zero-length. (r345878)

The spi(8) utility has been added, which is used to communicate with devices on an SPI bus through the userland. (r346518)

The xz(1) utility has been updated to version 5.2.4. (r334607)

The file(1) utility has been updated to version 5.34. (r337827)

The ELF Tool Chain has been updated to version r3614. (r338414) (Sponsored by The FreeBSD Foundation)

The lld utility has been updated to add -z interpose, marking the object file as an interposer. (r339100) (Sponsored by The FreeBSD Foundation)

The file(1) utility has been updated to fix incorrect date reporting for dump(8) files. (r343079)

The LUA loader(8) has been merged. (r344220)

The ntpd(8) utilities have been updated to version 4.2.8p13. (r344884)

The clang, llvm, lld, lldb, and compiler-rt utilities as well as libc++ have been updated to upstream version 8.0.0. (r346296)

The WPA utilities have been updated to version 2.8. (r346981)

OpenSSL has been updated to version 1.0.2s. (r348343)

The libarchive(3) library has been updated to version 3.3.3, with additional fixes from upstream. (r348607)

OpenPAM has been updated to the latest upstream version. (r348980)

Support for auxiliary RAM has been added to /etc/rc.initdiskless. (r340611)

The rcorder(8) utility has been updated to add support for /etc/rc.resume. (r340966)

The jail_conf definition, which defaults to /etc/jail.conf, has been moved from the jail(8) rc(8) script to /etc/defaults/rc.conf. (r341792)

The rc_service variable has been added to rc.subr(8), which defaults to the path of the service being executed in case the service needs to re-invoke itself. (r343046)

Timezone data files have been updated to version 2019b. (r349620)

The periodic(8) weekly 340.noid script has been updated to prevent decending into the root directory of jails. (r341794)

The pcap(3) library has been updated to version 1.9.0 (pre-release). (r335640)

The setproctitle_fast(3) function has been added, which is optimized for high-frequency process title updates. (r336449)

The kqueue(2) system call has been updated to allow updating EVFILT_TIMER. (r337418) (Sponsored by Dell EMC)

The pthread_get_name_np(3) function has been added, which is used to retrieve the function name associated with a thread. (r338405)

The pthread(3) library has been updated to improve POSIX compliance. (r338707)

This section covers changes to kernel configurations, system tuning, and system control parameters that are not otherwise categorized.

The ddb(4) debugging utility has been updated to print command-line arguments to a process. (r339857) (Sponsored by Panzura)

The number of MSI IRQs have been converted from a constant to a tunable. The default remains at 512, which can now be changed during boot with the machdep.num_msi_irqs sysctl(8). (r342656)

The kernel will now log the jail(8) ID when logging a process exit. The jail(8) ID 0 represents processes that are not jailed. (r343084) (Sponsored by Modirum MDPay)

Warnings for features deprecated in future releases will now be printed on all FreeBSD versions. (r348753)

This section covers changes and additions to devices and device drivers since 11.2-RELEASE.

The ichwd(4) driver has been updated to include support for TCO watchdog timers in the Lewisburg PCH (C620) chipset. (r340182) (Sponsored by Panzura)

The random(4) driver has been updated to improve performance during expensive reseeding. (r345981)

The ae(4), bm(4), cs(4), de(4), dme(4), ed(4), ep(4), ex(4), fe(4), pcn(4), sf(4), sn(4), tl(4), tx(4), txp(4), vx(4), wb(4), and xe(4) drivers have been marked as deprecated, and are not present in FreeBSD 13.0. (r347962)

The oce(4) driver has been updated to version 11.0.50.0. (r338938)

The TP-Link TL-WN321G™ network adapter now uses the run(4) driver instead of the rum(4) driver. (r340369)

The mlx4en(4) and mlx5en(4) drivers have been updated to version 3.5.0. (r341987) (Sponsored by Mellanox Technologies)

The lagg(4) driver has been updated to allow changing the MTU without requiring destroying and recreating the interface. (r342206) (Sponsored by iXsystems)

The ccr(4) driver has been added, providing support for Chelsio T6™ cryptography accelerators. (r345040) (Sponsored by Chelsio Communications)

The cxgbe(4) driver has been updated to include support for hash filters, NAT offloading, and SMAC/DMAC swapping filters. (r346855) (Sponsored by Chelsio Communications)

The cxgbe(4) T4, T5, and T6 firmware has been updated to version 1.23.0.0. (r346940) (Sponsored by Chelsio Communications)

The ixl(4) driver has been updated version 1.11.9. (r349181) (Sponsored by Intel Corporation)

The ixlv(4) driver has been updated version 1.5.8. (r349181) (Sponsored by Intel Corporation)

This section covers general hardware support for physical machines, hypervisors, and virtualization environments, as well as hardware changes and updates that do not otherwise fit in other sections of this document.

The vt(4) keyboard mapping has been updated to include uk.macbook.kbd support. (r342254)

Support for PS/2 scan codes for NumLock, ScrollLock, and numerical keypad keys has been added to bhyve(8). (r341758) (Sponsored by iXsystems)

This section covers changes and additions to file systems and other storage subsystems, both local and networked.

Deprecation warnings have been added for weaker algorithms when creating geli(8) providers. (r348588)

An issue that could result in a system hang during ZFS vnode reclamation has been fixed. (r341828) (Sponsored by Klara Systems)

The ZFS filesystem has been updated to implement parallel mounting. (r346690) (Sponsored by Gandi.net)

This section covers the boot loader, boot menu, and other boot-related changes.

The functionality provided by zfsloader has been added to loader(8). Once the system boot blocks have been updated following UPDATING, zfsloader is no longer needed. A hard link to loader(8) has been added to ease in the transition. (r344399)

The loader(8) has been updated to extend geli(8) support to all architectures. (r344399)

The UEFI boot loader(8) has been updated to better determine the system console type and device if not defined in loader.conf(5). (r344403)

This section describes changes that affect networking in FreeBSD.

The ipfw(8) firewall has been updated to include new rule options, record-state, set-limit, and defer-action. (r337461)

Support for NAT64 CLAT has been added, as defined in RFC6877. (r346212) (Sponsored by Yandex LLC)

Warnings have been added for IPSec algorithms deprecated in RFC 8221. (r348482)

This section covers changes to the FreeBSD Ports Collection, package infrastructure, and package maintenance and installation tools.

The pkg(8) utility has been updated to version 1.10.5.

The KDE desktop environment has been updated to version 5.15.3.

The GNOME desktop environment has been updated to version 3.28.

This section convers changes that are specific to the FreeBSD Release Engineering processes.

The default size of virtual machine disk images has been reduced from 30GB to 3GB. The raw disk images may be resized with truncate(1), after which the growfs rc(8) script will resize the filesystem within the virtual machine. Other disk image formats should be resized with the appropriate tool provided by the hypervisor being used. (r347037) (Sponsored by The FreeBSD Foundation)