This is a partial list of the major machine-independent changes
(i.e., these are the changes people ask about most often). Machine
specific changes have also been made, and are sometimes mentioned
in the pages for the specific platforms.
Note: Problems for which patches exist are marked in red.
Work around a transmit hang problem in cdce(4) and make it count dropped packets as input errors.
Initial import of a Sun Cassini gigabit ethernet driver, cas(4).
Make hoststated(8) SSL proxy default to HIGH encryption, disable SSLv2 and disable anonymous DH.
Add support in hoststated(8) to specify the allowed cipher suites and SSL protocols, as well as some other smaller improvements to the SSL and networking code.
Change spamd(8) to include the HELO/EHLO identification string in the tuple key when greylisting.
More endian fixes for acx(4) on big endian systems.
More work on the cdce(4) driver for ARM platforms.
Fix a problem in mg(1) with wrapped incremental searches.
Make fsck_ffs(8) do some extra validation of the superblock, otherwise a corrupt superblock might lead to crashes.
Smarter _INI code to acpi(4), helps with some disappearing devices.
On i386, check the xPTR result of the CPUID test.
Check for some CPUID flags found on newer Intel processors in the amd64 platform code.
Avoid unnecessary resets on fiber based 88E8021/22 msk(4) devices.
Fixes for macppc power management to enable wake on AC loss.
Provide a libc internal interface to get random numbers for malloc without calling getpid().
Fix the hw.vendor/product sysctl(8)s on sparc64, handle the case where banner-name begins with "SUNW," and copy the platform_type buffer before chopping it up.
Fix for sparc64 __fpu_ftox() code.
In bgpd(8), switch address and AS fields in the mrt dump messages so source and destination match the actual traffic flow.
Enable AES on AMD Geode LX CPUs. Used by OpenSSL, but not IPSec.
Fix a crash in ospfd(8) when redistributed routes were removed shortly after startup.
Move to 4.1-beta.
Add HP Proliant NC360T PCI Express Dual Port Gigabit NIC to the list of supported em(4) devices.
Make sure uvm code compiles with "option DEBUG".
Make mount(8) rely on the filesystem information provided by disklabel, and when there is only one usable partition on the selected disk, just mount it without asking.
Add support for fiber on the 88E1112 PHY.
Various fixes for I/O mapping and cache routines on the m88k platforms.
Add Dlink DGE-550T B1 to the list of supported msk(4) devices.
Add preliminary support for Marvell Yukon-II Extreme chips in the msk(4) driver.
Small improvement in i386 interrupt register load/dump.
Fix off-by-one in spamd(8) blacklist memory allocation.
Make readdir buffers depend on file system block size, rounded up to page size in libc and ld.so(1).
Improvements in the luna88k LCD device driver.
Allow pf(4) counters to be reset with DIOCGETRULES, so atomic read and reset counters is possible.
Add more hardware to the list of supported zyd(4) devices.
Plug memory leaks in fsck(8) which can occur when checking multiple file systems in a row.
Prevent vnconfig(8) from asking for a key when unconfiguring or listing devices.
Fixes for ipsec in IPv6.
In pf(4), compute IPv6 pseudo header checksum based on final destination as ip6_dst.
Fix for fsck(8) where a corrupt inode might lead to invalid dir sizes.
Add support for the Quantis USB random number generator.
Add more hardware to the list of supported rum(4) devices.
Fixes for nm(1) memory allocation and deallocation in elf_symload().
Add new "log (updates|all)" configuration option to hoststated(8).
Add -D option to hoststated(8) to define macros on the command line.
Fix for nm(1) so checks for st_name validity also check for overflow.
On macppc, enable arc(4) on GENERIC and RAMDISK kernels.
Better handling of escaped CR-LF in hoststated(8) configuration file.
Fix "Device Busy" error in OpenCVS.
Introduced -Q option to pkg_info(1), shows all packages in $PKG_PATH which match the given query.
Prevent OpenCVS from doing a fatal exit when unexpected files are encountered in the working directory.
Initial version of acpidock(4), a driver for ACPI docking stations.
Improvements for cache handling and flushing on MicroSPARC-1 based CPUs.
Make scp(1) decide if progress meter should be shown by testing if stdout is a tty, not stderr.
Make sftp(1) report error when uploading write fails due to full device.
Make cdce(4) iterate over endpoints looking for appropriate interface descriptors to use. Makes certain adsl modems work.
In the NFS vnops code, do not assume our directory vnode will be flushed out, fixes crash when unmounting nfs volumes.
Add support in OpenCVS admin mode for the -A flag.
Add -Wstack-larger-than-X support to alpha gcc(1).
Make the st(4) SCSI Tape midlayer return values when receiving a MTIOCGET ioctl, allows things like Bacula to work much faster.
Prevent sparc64 schizo(4) panics on non-fatal iommu errors.
Move interrupt establishment in bnx(4) till after everything in the softc is set up and allocated. Prevents problems when the bnx(4) device is sharing interrupts with other devices.
Fix for OpenCVS when having CVSROOT on AFS or NFS.
Workaround for DMA HW errata on bge(4) PCI Express chips.
Make sure compress(1) only uses gzip when called with names like "gzip, gunzip, gzcat" and so on.
In pfctl(8), implement "-T expire", so you can expire all entries in a given table that are older than a certain number of seconds.
Allow kernels with TCP_SIGNATURE but without IPSEC to compile.
Add support for remote import in OpenCVS client and server.
Make ciss(4) handle situations where it cannot map physical drives into volumes.
Do not reinitialize sk(4) devices at every media change.
Enable mbg(4) on macppc and sparc64 GENERIC kernels too.
For sensorsd(8), provide dampening on negative events for sensors that flip due to bugs or erroneous readings, and increase polling frequency accordingly to provide same rate of reporting.
Add a workaround for hardware ip4csum-tx on re(4) chips, it would be mangled on IP packets less than 28 bytes.
Make malo(4) work on macppc by adding lots of endian fixes.
Make ftp-proxy(8) handle SIGPIPE, fixes a race where ftp-proxy(8) would silently exit.
In the SCSI layer, add the ability to requeue I/O rejected by a driver using the new NO_CCB result.
Imported a looking glass for bgpd(8) to be used for CGI web interfaces and so on. See bgplg(8) for usage.
In the TCP input code, allow RST with th_seq incremented.
Change sig_atomic_t on alpha from long to int.
In the ppp(8) code, if the remote peer rejects our MRU request, but our request is smaller than what the peer accepts, set the MRU anyway.
Make OpenCVS permit readonly checkouts using -R or the CVSREADONLYFS env. variable.
Make "flags 0" disable si(4) and sw(4) DMA on sparc.
In udcf(4), handle unexpected minute gaps better and restart collecting bits immediately after a parity error.
In ip6_output(), make sure ia is initialized before use.
Add USR5423 to the list of supported zyd(4) devices.
Sparc and sparc64 wscons rework, and vt100 emulation removal. Saves 16KB on kernels.
Make spamd(8) take multiple add/delete arguments, thus making it much easier to do bulk add/deletes without opening and locking the database for each one.
Add support for the Quancom PWDOG1, watchdog timer card.
Sync the amd64 acpi code to i386, also fix interrupt routing for multi-ioapic systems.
Fix for acpiec handler code, fixes deadlocks.
Initial import of X.org 7.2 called xenocara. Not hooked in the build tree yet.
Initial NAND flash support for Zaurus platform, not enabled yet.
Also enable malo(4) devices to have fixed rates set.
Fix for double free panic when detaching interfaces.
Enable automatic rate adaptation on malo(4) devices.
Complete rewrite of the reset routine on bcw(4) devices, clears up the random attach warning on warm boots.
Make sure we zero out the fsid field when copying out a statfs struct to userland in the VFS code.
Add support in pf(4) to tag ipsec traffic belonging to specific IKE-initiated phase 2 traffic. Allows policy-based filtering of encrypted and unencrypted ipsec traffic.
Fix for the STP bridging code, allows to use bridge STP with USB ethernet devices.
On arm platforms, use correct define to detect soft cpu.
Add a lower TX treshold value in em(4) and use this when checking the number of available TX descriptors, in the case that em_encap() has tried to reclaim descriptors.
In grep(1), reset the number of lines of tail context before processing each file, to avoid printing lines from the previous file.
Changed the semantics of ff01::/16 to local interface multicast in the IPv6 stack.
In md5(1), add support for -r and -q options.
Add support for four new radios in zyd(4), AL2210, CGT, Maxim New and Maxim New2. Untested.
All network interface code create empty groups, so the rc scripts can do carp demotion early in the boot process.
Various IPv6 utilities transitioned from RFC2292 to RFC3542 behaviour.
Hook up acpi apic interrupt routing support to generic acpi code.
Fix for infinite loop in malo_tx_intr() for malo(4) devices and enable data packet transmission.
Fix integer promotion on 64 bit arches in udcf(4) code.
Fix for vge(4) when vge_encap fails, would leave an mbuf in the if_snd queue otherwise.
Add rlog and rannotate commands to OpenCVS.
Rework em(3) transmit register handling, required for future chipsets.
Make ipsecctl(8) handle rules with addresses from mismatched address families correctly.
Remove a delay() in malo(4) by actually waiting for the command to finish.
For i386, get rid of magic ISA and EISA bus numbers in mpbios code, paves way for alternative sources for interrupt information.
Make mopd(8) check the correct bits in the control byte.
Fix DMA firmware command interface in malo(4), now can associate successfully with an AP.
Have em(4) pre-allocate TX DMA maps instead of creating and destroying a DMA map per packet sent.
In the nfe(4) driver, defer setting the valid bit in the first TX descriptor until all descriptors have been set up, otherwise hardware may start processing descriptors faster than us.
In ifconfig(8) for wlan settings, allow -nwid to clear the prefered nwid, just like -nwkey clears the key.
Make m88k-base platforms fetch syscall arguments beyond r9 with copyin() from the userland stack, instead of having the userland code put the first three arguments in r10-r12.
Fix set_rpc_maxgrouplist, so mount_nfs(8) -g works again.
Have md5(1) accept both upper case and lower case letters.
Make ipsecctl(8) check both source and destination when grouping SAs.
Fix grouping for SAs in ipsecctl(8), now all combinations of SAs are possible, not only ESP+AH.
Make sure ipsecctl(8) does not count sa, ike and tcpmd5 rules twice.
Introduce reference count in dvmrpd(8) for route_report so it can be shared and freed correctly.
Make ripd(8) clear lists before deleting neighbor.
Let ospfd(8) allow braces to fit on a single line if only one or no argument is used.
In libc, make __dtoa() and strtod() thread safe.
Fix in isakmpd(8) TAILQ usage, preventing crashes.
On amd64 and i386 platforms, make sure swap defaults to partition "b" on the same disk as root, not partition "b" on unit 0.
Make landisk booting more reliable by disabling cache before jumping into the kernel.
In the NFS socket code, make sure nm_srtt and nm_sdrtt arrays are not initialized out of bounds.
In ld.so(1), only mprotect(2) pages during relocation if the library is marked TEXTREL.
In pf.conf(5), add support for anchors loaded inline., enclosed in a brace-delimited block.
On macppc, have gcc(1) make stack executable when doing trampoline code.
On vax, hide hardware cursor on 4 bpp gpx displays.
For sparc machines, blank then screen immediately if the lid is closed during boot.
In ntpd(8), use clock_gettime(CLOCK_MONOTONIC,..) to get a monotonically increasing time, and make ntpd(8) use that to send the next query to an ntp peer.
Make udcf(4) degrade the sensor status to WARNING on first error condition and to CRITICAL if valid time information comes within 15 minutes.
Partially revert some of the macppc PCI range calculations, since it broke some newer machines.
Fix fxp(4) so it will reset the link when you change speed.
Have bgpd(8) store copies of everything needed to remove SAs and flows later. Allows for migration from tcp md5sig to ipsec esp ike with just bgpctl reload on both sides and bgpctl neighbor $foo clear on one side.
Make sure bgpd(8) store SPIs for tcpmd5 outside the conf struct so it can clear old SAs when the session is restarted after a config reload.
Add support for AMD Geode LX security block. Currently only RNG, AES to be added later.
Initial driver for MosChip MCS7703 based USB serial devices. No hardware flow control yet.
Allow pflogd to listen on alternate pflog interfaces.
On sparc64 USIII-based machines, make sure we flush the I-TLB from the primary context and not the secondary.
Allow spamlogd to use an alternate pflog interface.
Fix localhost DoS when using oversized values with crypto devices.
Fix for segfaults in pthreads code in _thread_kern_poll when descriptor is in closing state.
Add code to allow up to 16 pflog interfaces, and add support in pf.conf(5) to specify which interface to log certain lines to.
Make a RAMDISK kernel image for the landisk platform.
Fix RX DMA handling in malo(4) and make sure we reset the RX descriptor ring on ifconfig down/up.
Add new trace function to ddb(4), "machine acpi trace" so users can send useful traces without enabling acpi debug.
Improvements in ntpd(8) when updating from timedelta sensors.
Reworked malloc(3) to keep pginfo and pgfree structs away from application memory by using special allocators for those instead of imalloc. For chunks, return randomly from a short list of recently freed chunk.
Make the pflog interface cloneable.
Add Sundance TC9021 to list of supported stge(4) devices.
Fixes for PCI configuration on old-world macppc machines with non-contiguous PCI memory spaces.
Another fix for the wscons jump scrolling code which can occur if autowrapping is on and certain control characters are encountered.
In the VFS layer, promote certain bdwrite calls to bawrite for some cases so they wont get deferred due to pending softdeps.
Make pciide(4) match the CS5536 IDE controller in AMD Geode LX-800-based system.
Replace ACPI ioctls with APM ioctls, now apmd(8) can be forced to use /dev/acpi.
Various acpi fixes.
In sort(1), remove code that could cause a SEGV if a buffer is realloc()ed, instead allocate two buffers early.
FPU detection fixes for AMD Geode LX-800-based machines.
For the SGI platform, enable ipv6 on the RAMDISK image.
Do not enable Geode watchdog if building small kernels.
On gcc(1) for alpha, do not force -msmall-data for -fpic and -mlarge-data for -fPIC. Makes -fpic and -fPIC equivalent, as was the case with gcc 2.x.
Initial import of ripd(8), a routing daemon for the RIP protocol.
Return ECONNABORTED when a non-blocking socket has been shutdown() for receives instead of returning EWOULDBLOCK, since that misleads applications to think accept() may eventually succeed. Corrects a pthreads deadlock.
Change the way wd(4) calculates the number of cylinders on non-CPU_BIOS architectures.
Disable firmware fastboot feature in bge(4) for 5752/5755 and 5787 ASICS, eliminates firmware timeouts.
Reset fixes for non-SC100 Geode cpus.
Deadlock fixes in libpthread regarding _FD_LOCK.
Make sure i386 and amd64 uses partition 'b' for swap, not just the first partition after root.
Increase max pf(4) tag name size from 16 to 64 characters.
Make sure pf(4) doesn't set 'flags S/SA' on stateless rules.
In re(4), fix for watchdog timeouts experienced with some RealTek adapters.
In ps(1), make the session field 8 chars for 32-bit cpus and 16 chars for 64-bit cpus since it is a pointer. Also, left-justify the state field name to match the state data.
Use 64 bit daddr_t for logical blocks in the file system layer too.
Initial import of malo(4) code, a new driver for the Marvell Libertas chips.
Remove a potential race in ftp-proxy(8) by closing file descriptors before cleaning up events.
For gem(4), get MAC address from VPD, like we do for hme(4).
Add BCM5787 A2 to the list of supported bge(4) devices.
Enable bce(4) on amd64 GENERIC and RAMDISK kernels.
Also add cross-compiling hints to crunchgen to allow for a different obj/ directory.
Fix a potential null dereference, and a memory leak in the pgt(4) error path.
Make sure ssh(1) exits instead of doing a blocking tcp send if we detect a client/server timeout, since the tcp sendqueue might be full of alive requests.
Fixes for SIGCONT, may be sent to any process with the same session ID as the caller, not to any process that is a descendant of the current process.
Always allow read-only opens on (s)vnd devices, despite the type of the first open (svnd vs vnd).
Add mc(4) driver for AMD AM79C940 (MACE) ethernet chip to macppc.
Make sure bufcache calculation on i386 does not take memory above 4g into account since it wont be used anyhow.
Fix for write(1) to handle cases where the utmp file is missing.
Fixes for pci(4) where unit numbers do not match PCI Bus number.
SECURITY FIX: Several problems have been found in OpenSSL. While parsing certain invalid ASN.1 structures an error condition is mishandled, possibly resulting in an infinite loop. A buffer overflow exists in the SSL_get_shared_ciphers function. A NULL pointer may be dereferenced in the SSL version 2 client code. In addition, many applications using OpenSSL do not perform any validation of the lengths of public keys being used. A source code patch is available. [Applied to stable]
Use 64 bit daddr type for physical block numbers in the filesystem code.
In tcpdump(8), enable ESP and AH dissectors over IPv6.
Disable 802.11g mode on AR5211 and 5212 based devices for now.
Fixes for re(4) on cardbus, for kernel faults on halt/reboot.
The macppc platform extended .text and .data segments to 64MB, allowing programs with large .text segments to run.
Re-add Dell PHY LED setup workaround and Jumbo capability flag on bge(4).
Various fixes in the RX path for em(4) devices regarding mbuf cluster allocations, updating status bits in RX descriptors and DMA map unloading on errors.
Re-add re(4) link state check, as a workaround for a link state issue found on 8139C+ chips.
Alignment fixes for em(4) when doing VLAN and jumbo frames together.
Fixes for bge_reset() in bge(4), eliminates firmware timeouts for the BCM5752.
Make rdate(8) ignore ntp responses with ALARM status.
Defer the establishment of interrupts on bge(4) until later during attach. Fixes panic on some systems running non-MP kernels.