aboutsummaryrefslogtreecommitdiff
path: root/website
diff options
context:
space:
mode:
Diffstat (limited to 'website')
-rw-r--r--website/content/en/releases/15.0R/relnotes.adoc374
1 files changed, 357 insertions, 17 deletions
diff --git a/website/content/en/releases/15.0R/relnotes.adoc b/website/content/en/releases/15.0R/relnotes.adoc
index aa3189d525..d4c6675e05 100644
--- a/website/content/en/releases/15.0R/relnotes.adoc
+++ b/website/content/en/releases/15.0R/relnotes.adoc
@@ -174,6 +174,26 @@ This section lists the various Security Advisories and Errata Notices since {rel
|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:19.fetch.asc[FreeBSD-SA-24:19.fetch]
|29 October 2024
|Certificate revocation list man:fetch[1] option fails
+
+| https://www.freebsd.org/security/advisories/FreeBSD-SA-25:01.openssh.asc[FreeBSD-SA-25:01.openssh]
+| 2025-01-29
+| OpenSSH Keystroke Obfuscation Bypass
+
+| https://www.freebsd.org/security/advisories/FreeBSD-SA-25:02.fs.asc[FreeBSD-SA-25:02.fs]
+| 2025-01-29
+| Buffer overflow in some filesystems via NFS
+
+| https://www.freebsd.org/security/advisories/FreeBSD-SA-25:03.etcupdate.asc[FreeBSD-SA-25:03.etcupdate]
+| 2025-01-29
+| Unprivileged access to system files
+
+| https://www.freebsd.org/security/advisories/FreeBSD-SA-25:04.ktrace.asc[FreeBSD-SA-25:04.ktrace]
+| 2025-01-29
+| Uninitialized kernel memory disclosure via man:ktrace[2]
+
+| https://www.freebsd.org/security/advisories/FreeBSD-SA-25:05.openssh.asc[FreeBSD-SA-25:05.openssh]
+| 2025-02-21
+| Multiple vulnerabilities in OpenSSH
|===
[[errata]]
@@ -253,6 +273,70 @@ This section lists the various Security Advisories and Errata Notices since {rel
|https://www.freebsd.org/security/advisories/FreeBSD-EN-24:09.zfs.asc[FreeBSDS-EN-24:09:zfs]
|24 April 2024
|High CPU usage by kernel threads related to ZFS
+
+|https://www.freebsd.org/security/advisories/FreeBSD-EN-24:10.zfs.asc[FreeBSDS-EN-24:10:zfs]
+|19 June 2024
+|Kernel memory leak in ZFS
+
+|https://www.freebsd.org/security/advisories/FreeBSD-EN-24:11.ldns.asc[FreeBSDS-EN-24:11:ldns]
+|19 June 2024
+|LDNS uses nameserver commented out in resolv.conf
+
+|https://www.freebsd.org/security/advisories/FreeBSD-EN-24:12.killpg.asc[FreeBSDS-EN-24:12:killpg]
+|19 June 2024
+|Lock order reversal in killpg causing livelock
+
+|https://www.freebsd.org/security/advisories/FreeBSD-EN-24:13.libc++.asc[FreeBSDS-EN-24:13:libc++]
+|19 June 2024
+|Incorrect size passed to heap allocated std::string delete
+
+|https://www.freebsd.org/security/advisories/FreeBSD-EN-24:14.ifconfig.asc[FreeBSDS-EN-24:14:ifconfig]
+|07 August 2024
+|Incorrect ifconfig netmask assignment
+
+|https://www.freebsd.org/security/advisories/FreeBSD-EN-24:15.calendar.asc[FreeBSDS-EN-24:15:calendar]
+|04 September 2024
+|man:cron[8] / man:periodic[8] session login
+
+|https://www.freebsd.org/security/advisories/FreeBSD-EN-24:16.pf.asc[FreeBSDS-EN-24:16:pf]
+|19 September 2024
+|Incorrect ICMPv6 state handling in pf
+
+|https://www.freebsd.org/security/advisories/FreeBSD-EN-24:17.pam_xdg.asc[FreeBSDS-EN-24:17:pam_xdg]
+|20 October 2024
+|XDG runtime directory's file descriptor leak at login
+
+| https://www.freebsd.org/security/advisories/FreeBSD-EN-25:01.rpc.asc[FreeBSD-EN-25:01.rpc]
+| 2025-01-29
+| NULL pointer dereference in the NFSv4 client
+
+| https://www.freebsd.org/security/advisories/FreeBSD-EN-25:02.audit.asc[FreeBSD-EN-25:02.audit]
+| 2025-01-29
+| System call auditing disabled by DTrace
+
+| https://www.freebsd.org/security/advisories/FreeBSD-EN-25:03.tzdata.asc[FreeBSD-EN-25:03.tzdata]
+| 2025-01-29
+| Timezone database information update
+
+| https://www.freebsd.org/security/advisories/FreeBSD-EN-25:04.tzdata.asc[FreeBSD-EN-25:04.tzdata]
+| 2025-04-10
+| Timezone database information update
+
+| https://www.freebsd.org/security/advisories/FreeBSD-EN-25:05.expat.asc[FreeBSD-EN-25:05.expat]
+| 2025-04-10
+| Update expat to 2.7.1
+
+| https://www.freebsd.org/security/advisories/FreeBSD-EN-25:06.daemon.asc[FreeBSD-EN-25:06.daemon]
+| 2025-04-10
+| man:daemon[8] missing signals
+
+| https://www.freebsd.org/security/advisories/FreeBSD-EN-25:07.openssl.asc[FreeBSD-EN-25:07.openssl]
+| 2025-04-10
+| Update OpenSSL to 3.0.16
+
+| https://www.freebsd.org/security/advisories/FreeBSD-EN-25:08.caroot.asc[FreeBSD-EN-25:08.caroot]
+| 2025-04-10
+| Root certificate bundle update
|===
[[userland]]
@@ -295,16 +379,37 @@ The man:ldconfig[8] utility now supports hints files of either byte order.
The default format is the native byte-order of the host.
gitref:fa7b31166ddb[repository=src]
-OpenSSH has been upgraded to version 9.7p1.
-Full release notes are at https://www.openssh.com/txt/release-9.7[] and https://www.openssh.com/txt/release-9.6[] .
-gitref:a25789646d71[repository=src], gitref:464fa66f639b[repository=src] (Sponsored by The FreeBSD Foundation)
-
The man:usbconfig[8] utility now reads the descriptions of usb vendor and products from [.filename]#/usr/share/misc/usb_vendors# when available, similar to what man:pciconf[8] does.
gitref:7b9a772f9f64[repository=src]
An option has been added to change the directory in man:env[1] which closely resembles the feature in the GNU version of env although it does not support long options.
gitref:08e8554c4a39[repository=src] (Sponsored by Klara, Inc.)
+Fix `-U` flag of man:ps[1] to select processes by real user IDs.
+This is what POSIX mandates for option `-U` and arguably the behavior that most users actually need in most cases.
+Before, `-U` would select processes by their effective user IDs (which is the behavior mandated by POSIX for option `-u`).
+gitref:a2132d91739d[repository=src].
+(Sponsored by The FreeBSD Foundation).
+
+Make '-O' more versatile and predictable for man:ps[1].
+The man:ps[1] display's list of columns is now first built without taking into account the `-O` options.
+In a second step, all columns passed via `-O` are finally inserted after the built-so-far display's first PID column (if it exists, else at start), in their order of appearance as arguments to the `-O` options.
+gitref:1fc8cb547cd4[repository=src].
+(Sponsored by The FreeBSD Foundation).
+
+Remove not-explicitly-requested columns with duplicate data in man:ps[1].
+Before this change, when stacking up more columns in the display through command-line options, if user requested to add some "canned" display (through options `-j`, `-l`, `-u` or `-v`), columns in it that were "duplicates" of already requested ones (meaning that they share the same keyword, regardless of whether their headers have been customized) were in the end omitted.
+gitref:7aa2f4826717[repository=src].
+(Sponsored by The FreeBSD Foundation).
+
+Add flags to filter jail prison and vnet variables in man:sysctl[8] output.
+So users do not have to contact the source code to tell whether a variable is a jail prison / vnet one or not.
+gitref:615c9ce250ee[repository=src].
+
+man:grep[1] no longer follows symbolic links by default for recursive searches.
+This matches the documented behavior in the manual page.
+gitref:3a2ec5957ea9[repository=src]
+
[[userland-contrib]]
=== Contributed Software
@@ -332,18 +437,38 @@ gitref:128bace5102e[repository=src] (Sponsored by The FreeBSD Foundation)
`libpcap` has been upgraded to 1.10.5.
gitref:26f21a6494b4[repository=src] (Sponsored by The FreeBSD Foundation)
-`llvm` has been upgraded to 18.1.6.
-gitref:f1e3279983d6[repository=src]
-
-`openssl` has been upgraded to 3.0.15.
-gitref:cc43f991ab3e[repository=src]
-
`tcpdump` has been upgraded to 4.99.5.
gitref:ec3da16d8bc1[repository=src] (Sponsored by The FreeBSD Foundation)
`unbound` has been upgraded to 1.22.0.
gitref:0a096a7b3ae8[repository=src]
+`llvm` has been upgraded to 19.1.7-0-gcd708029e0b2.
+gitref:dc3f24ea8a25[repository=src]
+
+
+man:zfs[8]: OpenZFS has been updated to zfs-2.2-release(2.2.7)(gitref:2ec8b6948070[repository=src]).
+
+man:xz[1] has been updated to 5.8.1(gitref:9679eedea94c[repository=src]).
+
+man:less[1] has been updated to v668(gitref:0bb4c188d363[repository=src]).
+
+man:file[1] has been updated to 5.46(gitref:71c92e6b94f0[repository=src]).
+
+man:expat[3] has been updated to 2.7.1(gitref:6f7ee9ac036e[repository=src]).
+
+`tzdata` has been updated to 2025b(gitref:475082194ac8[repository=src]).
+
+OpenSSH has been updated to 9.9p2(gitref:059b786b7db5[repository=src]).
+(Sponsored by The FreeBSD Foundation).
+
+OpenSSL has been updated to 3.0.16(gitref:cb29db243bd0[repository=src]).
+
+`googletest` has been updated from 1.14.0 to 1.15.2(gitref:1d67cec52542[repository=src]).
+One notable change is that GoogleTest 1.15.x now officially requires C++-14 (1.14.x required C++-11).
+
+`spleen` has been updated to Spleen 2.1.0(gitref:26336203d32c[repository=src]).
+
[[userland-libraries]]
=== Runtime Libraries and API
@@ -367,6 +492,8 @@ It reports whether a `cap_rights_t` has no rights set.
gitref:e77813f7e4a3[repository=src]
(Sponsored by The FreeBSD Foundation)
+`libcxxrt` has been updated to upstream 6f2fdfebcd62(gitref:d9901a23bd2f[repository=src]).
+
[[userland-deprecated-programs]]
=== Deprecated Applications
@@ -376,6 +503,20 @@ gitref:3958be5c29da[repository=src] (Sponsored by The FreeBSD Foundation)
The accuracy of man:asinf[3] and man:acosf[3] has improved.
gitref:33c82f11c267[repository=src]
+Update deprecation warning to note that man:gvinum[8] is removed in 15.0(gitref:dec497a9fcbf[repository=src]).
+
+Deprecation notice for man:syscons[4] has been added.
+man:syscons[4] is not compatible with UEFI, does not support UTF-8, and is Giant-locked.
+There is no specific timeline yet for removing it, but support for the Giant lock is expected to go away in one or two major release cycles.
+(gitref:8c922db4f3d9[repository=src]).
+(Sponsored by The FreeBSD Foundation).
+
+OpenSSH plans to remove support for the DSA signature algorithm in early 2025.
+
+man:publickey[5] stuffs has been deprecated.
+This uses DES and it is likely that nobody uses that in 2025.
+(gitref:9197c04a251b[repository=src]).
+
[[cloud]]
== Cloud Support
@@ -413,6 +554,55 @@ This section covers changes to kernel configurations, system tuning, and system
The `fpu_kern_enter` and `fpu_kern_leave` routines have been implemented for powerpc, allowing the use of man:ossl[4] crypto functions in the kernel that use floating point and vector registers.
gitref:91e53779b4fc[repository=src]
+Support legacy PCI hotplug on arm64.
+gitref:355f02cddbf0[repository=src].
+(Sponsored by Arm Ltd).
+
+Define a common 'mac' node for MAC's jail parameters for man:mac[3].
+To be used by man:mac_do[4].
+gitref:66fb52a27279[repository=src].
+(Sponsored by The FreeBSD Foundation).
+
+New `setcred()` system call and associated MAC hooks.
+This new system call allows to set all necessary credentials of a process in one go: Effective, real and saved UIDs, effective, real and saved GIDs, supplementary groups and the MAC label.
+Its advantage over standard credential-setting system calls (such as `setuid()`, `seteuid()`, etc.) is that it enables MAC modules, such as man:mac_do[4], to restrict the set of credentials some process may gain in a fine-grained manner.
+gitref:c1d7552dddb5[repository=src].
+(Sponsored by The FreeBSD Foundation).
+
+Support multiple users and groups as single rule's targets in man:mac_do[4].
+Supporting group targets is a requirement for man:mac_do[4] to be able to enforce a limited set of valid new groups passed to `setgroups()`.
+Additionally, it must be possible for this set of groups to also depend on the target UID, since users and groups are quite tied in UNIX (users are automatically placed in only the groups specified through '/etc/passwd' (primary group) and '/etc/group' (supplementary ones)).
+gitref:83ffc412b2e9[repository=src].
+(Sponsored by The FreeBSD Foundation).
+
+Teach man:sysctl[8] to attach and run itself in a jail.
+This allows the parent jail to retrieve or set kernel state when child does not have man:sysctl[8] installed (for example light weighted OCI containers or slim jails).
+This is especially useful when manipulating jail prison or vnet sysctls.
+For example, `sysctl -j foo -Ja` or `sysctl -j foo net.fibs=2`.
+gitref:8d5d7e2ba3a6[repository=src].
+
+Enable vnet man:sysctl[9] variables to be loader tunable.
+In gitref:3da1cf1e88f8[repository=src], the meaning of the flag `CTLFLAG_TUN` is extended to automatically check if there is a kernel environment variable which shall initialize the `SYSCTL` during early boot.
+It works for all `SYSCTL` types both statically and dynamically created ones, except for the `SYSCTLs` which belong to VNETs.
+Note that the implementation has a limitation.
+It behaves the same way as that of non-vnet loader tunables.
+That is, after the kernel or modules being initialized, any changes (for example via `kenv`) to kernel environment variable will not affect the corresponding vnet variable of subsequently created VNETs.
+To overcome it, `TUNABLE_XXX_FETCH` can be used to fetch the kernel environment variable into those vnet variables during vnet constructing.
+gitref:894efae09de4[repository=src]
+
+man:sound[4]: Allocate vchans on-demand.
+Refactor `pcm_chnalloc()` and merge with parts of `vchan_setnew()` (now removed) and `dsp_open()`’s channel creation into a `new dsp_chn_alloc()` function.
+The function is responsible for either using a free HW channel (if `vchans` are disabled), or allocating a new vchan.
+`hw.snd.vchans_enable` (previously `hw.snd.maxautovchans`) and `dev.pcm.X.{play|rec}.vchans` now work as tunables to only enable/disable `vchans`, as opposed to setting their number and/or (de-)allocating vchans.
+Since these sysctls do not trigger any (de-)allocations anymore, their effect is instantaneous, whereas before it could have frozen the machine (when trying to allocate new vchans) when setting `dev.pcm.X.{play|rec}.vchans` to a very large value.
+gitref:960ee8094913[repository=src].
+(Sponsored by The FreeBSD Foundation).
+
+LinuxKPI: `linux_alloc_pages()` now honors `__GFP_NORETRY`.
+This is to fix slowdowns with drm-kmod that get worse over time as physical memory become more fragmented (and probably also depending on other factors).
+gitref:831e6fb0baf6[repository=src]
+(Sponsored by The FreeBSD Foundation).
+
[[drivers]]
== Devices and Drivers
@@ -473,6 +663,57 @@ man:nvme[4] and man:nvmecontrol[8] have been enabled on all architectures.
gitref:24687a65dd7f[repository=src], gitref:aba2d7f89dcf[repository=src]
(Sponsored by Chelsio Communications and Netflix)
+man:mpi3mr[4] driver version has been updated to 8.14.0.2.0(gitref:e6d4b221ba7c[repository=src]).
+
+man:mpi3mr[4] MPI Header has been updated to Version 36.
+This aligns with the latest MPI specification.
+This includes updated structures, field definitions, and constants required for compatibility with updated firmware.
+(gitref:60cf1576501d[repository=src]).
+
+The man:mpi3mr[4] driver is now in GENERIC (gitref:e2b8fb2202c2[repository=src]).
+
+man:rtw88[4]: Merge Realtek's rtw88 driver based on Linux v6.14 (gitref:8ef442451791[repository=src]).
+(Sponsored by The FreeBSD Foundation).
+
+man:rtw89[4]: Merge Realtek's rtw89 driver based on Linux v6.14 (gitref:b6e8b845aeab[repository=src]).
+(Sponsored by The FreeBSD Foundation).
+
+man:iwmbtfw[4]: Add support for 9260/9560 bluetooth adaptors (gitref:8e62ae9693bd[repository=src]).
+Required firmware files are already included in to package:comms/iwmbt-firmware[] port.
+
+man:ena[4] driver version has been updated to v2.8.1 (gitref:a1685d25601e[repository=src]).
+(Sponsored by Amazon, Inc.)
+
+man:ix[4]: Add support for 1000BASE-BX SFP modules x550(gitref:24491b4acce5[repository=src]).
+
+man:bnxt[4]: Enable NPAR support on BCM57504 10/25GbE NICs.
+(gitref:54f842ed8897[repository=src]).
+
+man:bnxt[4]: Add 5760X (Thor2) PCI IDs support.
+Add Thor2 PCI IDs.
+(gitref:45e161020c2d[repository=src]).
+
+man:bnxt[4]: Add support for 400G speed modules (gitref:32fdad17f060[repository=src]).
+
+man:ix[4]: Add support for 1000BASE-BX SFP modules.
+Add support for 1Gbit BiDi modules.
+(gitref:c34817d9aef7[repository=src]).
+
+man:igc[4]: Fix attach for I226-K and LMVP devices.
+The device IDs for these were in the driver's list of PCI ids to attach to, but `igc_set_mac_type()` had never been setup to set the correct mac type for these devices.
+Fix this by adding these IDs to the switch block in order for them to be recognized by the driver instead of returning an error.
+This fixes the man:igc[4] attach for the I226-K LOM on the ASRock Z790 PG-ITX/TB4 motherboard, allowing it to be recognized and used.
+gitref:f034ddd2fa38[repository=src].
+
+Remove old itr sysctl handler from man:em[4].
+This implementation had various bugs. The unit conversion/scaling was wrong, and it also did not handle 82574L or man:igb[4] devices correctly.
+With the new AIM code, it is expected most users will not need to manually tune this.
+gitref:edf50670e215[repository=src]
+(Sponsored by BBOX.io).
+
+Added support for Brainboxes USB-to-Serial adapters in man:uftdi[4].
+(gitref:47db906375b5[repository=src])
+
[[drivers-removals]]
=== Deprecated and Removed Drivers
@@ -508,19 +749,27 @@ gitref:6b2af2d88ffd[repository=src]
[[storage-zfs]]
=== ZFS
-OpenZFS has been upgraded to version 2.2.6.
-gitref:755e773877e9[repository=src]
-
[[storage-general]]
=== General Storage
-[[boot]]
-== Boot Loader Changes
+Define a new `-a` command line option man:mountd[8].
+When a file system was exported with the `-alldirs` flag, the export succeeded even if the directory path was not a server file system mount point.
+gitref:ead3cd3ef628[repository=src]
-This section covers the boot loader, boot menu, and other boot-related changes.
+Document recent file handle layout changes.
+gitref:ca22082c01a7[repository=src]
+
+Allow to pass `{NGROUPS_MAX} + 1` groups in man:mountd[8].
+`NGROUPS_MAX` is just the minimum maximum of the number of allowed supplementary groups.
+The actual runtime value may be greater.
+Allow more groups to be specified accordingly (now that, a few commits ago, man:nmount[2] has been changed similarly).
+gitref:ca9614d8f64a[repository=src]
+(Sponsored by The FreeBSD Foundation).
[[boot-loader]]
-=== Boot Loader Changes
+== Boot Loader Changes
+
+This section covers the boot loader, boot menu, and other boot-related changes.
The man:loader[8] now reads local configuration files listed in the variable `local_loader_conf_files` after other configuration files, defaulting to [.filename]#/boot/loader.conf.local#.
gitref:a25531db0fc2[repository=src]
@@ -548,6 +797,30 @@ The BIOS boot loader added back support for gzip and bzip2, but removed support
(The EFI boot loader is unchanged with support for all of those.)
gitref:4d3b05a8530e[repository=src] (Sponsored by Netflix)
+man:loader.efi[8]: Favor the v3 (64-bit) entry point in man:smbios[4].
+Be consistent with what is done with non-EFI boot (but with the difference that EFI runs in 64-bit mode on 64-bit platforms, so there is no restriction that the v3 entry point should be below 4GB).
+gitref:807d51be8040[repository=src].
+(Sponsored by The FreeBSD Foundation).
+
+man:libsa[3]: Favor the v3 (64-bit) entry point on non-EFI boot in man:smbios[4].
+When both the 32-bit and 64-bit entry points are present, the SMBIOS specification says that the 64-bit entry point always has at least all the structures the 32-bit entry point refers.
+In other words, the 32-bit entry point is provided for compatibility, so it is assumed the 64-bit one has more chances to be filled with adequate values.
+gitref:93af0db0d529[repository=src]
+(Sponsored by The FreeBSD Foundation).
+
+man:libsa[3]: Use 64-bit entry point if table below 4GB on non-EFI boot in man:smbios[4].
+On amd64, boot blocks and the non-EFI loader are 32-bit compiled as clients of BTX, so cannot access addresses beyond 4GB.
+However, the 64-bit entry point may refer to a structure table below 4GB, which can be used if the BIOS does not provide a 32-bit entry point.
+The situation is similar for powerpc64.
+gitref:7b0350b376c0[repository=src].
+(Sponsored by The FreeBSD Foundation).
+
+Search for v3 (64-bit) entry point first on BIOS boot in man:smbios[4].
+When booted from BIOS (i.e., not EFI), also search for a 64-bit version of the SMBIOS Entry Point.
+This allows to detect and report the proper SMBIOS version with BIOSes that only provide the v3 table, as happens on Hetzner virtual machines.
+For machines that provide both, leverage the v3 table in priority consistently with the EFI case.
+gitref:145ef4af15f0[repository=src].
+(Sponsored by The FreeBSD Foundation).
[[network]]
== Networking
@@ -581,11 +854,24 @@ gitref:472a0ccf847a[repository=src] (Sponsored by Rubicon Communications, LLC ("
This feature has also been added to the man:lem[4], man:em[4] and man:igb[4] drivers. A major regression in UDP performance introduced in FreeBSD 12.0, including NFS over UDP, is believed to be fixed with this change.
gitref:49f12d5b38f6[repository=src] (Sponsored by Rubicon Communications, LLC ("Netgate") and BBOX.io)
+Teach man:ip6addrctl[8] to attach and run itself in a jail.
+This will make it easier to manage address selection policies of vnet jails, especially for those light weighted OCI containers or slim jails.
+gitref:b709f7b38cc4[repository=src]
+
+Convert `PF_DEFAULT_TO_DROP` into a vnet loader tunable 'net.pf.default_to_drop' for man:pf[4].
+gitref:7f7ef494f11d[repository=src] introduced a compile time option `PF_DEFAULT_TO_DROP` to make the man:pf[4] default rule to drop.
+While this change exposes a vnet loader tunable 'net.pf.default_to_drop' so that users can change the default rule without re-compiling the man:pf[4] module.
+gitref:3965be101c43[repository=src]
+
[[wireless-networking]]
=== Wireless Networking
The LinuxKPI 802.11 comapt layer man:linuxkpi_wlan[4] gained support for the Galois/Counter Mode Protocol (GCMP) from man:wlan_gcmp[4]. (Sponsored by The FreeBSD Foundation)
+The man:rtw88[4] driver was made to work (associate) again and a memory leak got resolved. (Sponsored by The FreeBSD Foundation)
+
+Following other drivers man:iwlwififw[4] firmware was removed from the base system in favor of the ports based solution and man:fwget[8] support. (Sponsored by The FreeBSD Foundation)
+
[[hardware]]
== Hardware Support
@@ -605,6 +891,9 @@ gitref:f9e09dc5b1d5[repository=src]
Under Hyper-V, TLB flushes are now performed using hypercalls rather than IPIs, providing up to a 40% improvement in TLB performance.
gitref:7ece5993b787[repository=src] (Sponsored by Microsoft)
+Several bug fixes and configuration changes collectively allow device hotplug on both x86 and arm64 ("Graviton") EC2 instances.
+Users upgrading EC2 instances from earlier FreeBSD releases should set `hw.pci.intx_reroute=0` and `debug.acpi.quirks="56"` in `/boot/loader.conf`.
+
[[linuxulator]]
=== Linux Binary Compatibility
@@ -630,11 +919,62 @@ This section covers changes to manual (man:man[1]) pages and other documentation
A new man:networking[7] manual page provides a quickstart guide to connecting the system to networks including Wi-Fi, and links to other manual pages and the handbook.
gitref:39f92a4c4c49[repository=src]
+Refer to man:graid[8] and man:zfs[8] instead of man:gvinum[8] in man:ccdconfig[8]).
+(gitref:55cb3a33d920[repository=src]).
+
+man:ps[1]: Document change in behavior for `-a`/`-A`.
+Document the practical consequence of change gitref:93a94ce731a8[repository=src] that specifying `-a`/`-A` leads to printing all processes regardless of the presence of other process selection options (except for `-x`/`-X`, which command a filter).
+gitref:eed005b57895[repository=src].
+(Sponsored by The FreeBSD Foundation).
+
+man:ps[1]: Change in behavior for option `-U`.
+gitref:4e4739dd0745[repository=src]
+(Sponsored by The FreeBSD Foundation).
+
+man:ps[1]: Change of how current user's processes are matched.
+gitref:7219648f60d1[repository=src].
+(Sponsored by The FreeBSD Foundation).
+
+man:ps[1]: Match current user's processes using effective UID.
+This puts man:ps[1] of FreeBSD in conformance with POSIX.
+gitref:1e8dc267ca91[repository=src].
+(Sponsored by The FreeBSD Foundation).
+
+man:mac_do[4]: Change of rules syntax; Provide hints and pointers.
+gitref:0c3357dfa18f[repository=src].
+(Sponsored by The FreeBSD Foundation).
+
+man:firewire[4]: Add deprecation notice.
+This was originally discussed as part of FreeBSD 15 planning, but did not happen in time.
+Add the deprecation notice now, with an expectation that it will be removed before FreeBSD 16.
+gitref:fc889167c319[repository=src].
+(Sponsored by The FreeBSD Foundation).
+
+The ethernet switch controllers, man:mtkswitch[4], man:ip17x[4], man:ar40xx[4], and man:e6000sw[4] have gained initial manual pages.
+
+man:mount[8] has gained an example for remounting all filesystems read/write in single-user mode.
+
+Manual pages for the lua man:loader[8] modules have had their desctiptions reworded to optimize man:apropos[1] results.
+
+The manual pages style guide, man:style.mdoc[5], has gained a section for listing supported hardware.
+When listed this way, the supported hardware will be listed in link:https://www.freebsd.org/releases/{localRel}R/hardware[the supported hardware notes].
+Many manuals have had this section added or reworded in this release.
+
+Much work has gone into adding man:sysctl[8]s and environment variables to the manual.
+Try searching for them with `apropos Va=here.is.the.sysctl` or `apropos Ev=here_is_the_environment_variable`.
+
+The man:intro[5] to the File Formats manual has been revised, incorporating improvements from OpenBSD.
+
[[ports]]
== Ports Collection and Package Infrastructure
This section covers changes to the FreeBSD Ports Collection, package infrastructure, and package maintenance and installation tools.
+
+A new `FreeBSD-kmods` repository is included in the default `/etc/pkg/FreeBSD.conf` man:pkg[8] configuration file.
+This repository contains kernel modules compiled specifically for {releaseCurrent} rather than for the {releaseBranch} branch.
+Installing kernel modules from this repository allows drivers with unstable kernel interfaces, in particular graphics drivers, to work even when the main {releaseBranch} repository has packages build on a previous release. (gitref:a47542f71511[repository=src]).
+
[[Installer]]
=== Installer