The name of the base system (platform): | Unix |
Date of the premiere of the system: | 2023/04/11 |
Last Release Date: | 2022/10/05 |
Technology: | OS |
Content |
Main Article: Operating Systems
FreeBSD is a free operating system of the Unix family, a descendant of AT&T Unix via the BSD line created at the University of Berkeley. FreeBSD runs on PC-compatible systems of the Intel x86 (IA-32) family (including Microsoft Xbox), as well as DEC Alpha, Sun UltraSPARC, IA-64, AMD64, PowerPC, NEC PC-98, ARM. Support for the MIPS architecture is being prepared.
FreeBSD is being developed as a holistic operating system. The source code of the kernel, device drivers and basic user programs (the so-called userland), such as command shells, etc., are contained in one source control tree (CVS until May 31, 2008, now SVN). This distinguishes FreeBSD from GNU/Linux - another free UNIX-like operating system - in which the kernel is developed by one development group and a set of user programs by others (for example, the GNU project), and numerous groups collect it all into a single whole and release it as various GNU/Linux distributions.
FreeBSD has proven itself well as a system for building Internet and intranet servers. It provides fairly reliable network services and efficient memory management. FreeBSD is widely represented in the list of web servers with the longest continuous operation time (according to a study by Netcraft).
2024: First ransomware virus to attack FreeBSD computers identified
In early November 2024, it became known that the cybercriminal group Interlock developed the first ransomware virus to attack computers running FreeBSD, a free operating system of the Unix family. The FreeBSD platform is common on critical infrastructure servers, making it an attractive target for attackers. Read more here.
2023: FreeBSD 13.2
On April 11, 2023, it became known that after 11 months of development, the release of FreeBSD 13.2 was published. Installation images are formed for amd64, i386, powerpc, powerpc64, powerpc64le, powerpcspe, armv6, armv7, aarch64 and riscv64 architectures. Additionally, assemblies have been prepared for virtualization systems (QCOW2, VHD, VMDK, raw) and cloud environments Amazon EC2, Google Compute Engine and Vagrant.
As reported, key changes include the following:
- It is possible to create snapshots of UFS and FFS file systems on which logging is enabled (soft updates). Also added support for background dump saving (launching dump with the "-L" flag) with the content of mounted UFS file systems when logging is enabled. Of the features that are not available when using logging, there remains a background integrity check using the fsck utility.
- The main composition takes the wg driver operating at the kernel level with the implementation of the network interface for VPN WireGuard. To use the necessary drivers cryptographic algorithms , the API FreeBSD kernel cryptosystem was expanded, to which binding was added, which allows using API algorithms from the libsodium library through the standard cryptosystem not supported in FreeBSD. During the development process, optimization was also carried out to evenly balance the binding of tasks enciphering and decrypt packets to, which to kernels CPU reduced the overhead when processing WireGuard packets. A past attempt to include WireGuard in FreeBSD was made in 2020, but ended in a scandal, as a result of which the already added code was deleted due to poor quality, careless work with buffers, the use of plugs instead of checks, incomplete implementation of the protocol and violation of the GPL license. The updated implementation was jointly prepared by the main development teams FreeBSD and WireGuard with the participation of Jason A. Donenfeld, author of VPN WireGuard, and John H. Baldwin, a well-known developer of FreeBSD. Before accepting the code, a complete review of the changes was conducted with the support of the FreeBSD Foundation.
- Support for the Netlink communication protocol (RFC 3549), used in Linux to organize kernel interaction with processes in user space, has been implemented. The project is limited to supporting a family of NETLINK_ROUTE operations to manage the state of the network subsystem in the kernel, which allows you to use the ip Linux utility from iproute2 in FreeBSD to manage network interfaces, set IP addresses, configure routing and manipulate nexthop objects that store information about the state used to transfer the packet to the desired destination.
- files Address Space Randomization (ASLR) is enabled by default for all executable base systems on 64-bit platforms. You can use the "proccontrol -m aslr -s disable" or "elfctl -e + noaslr" commands to selectively disable ASLR.
- ipfw uses Radix tables to search for MAC addresses, which allows you to create tables with MAC addresses and use them to filter traffic.
- Added and available for download through loader.conf kernel modules dpdk_lpm4 and dpdk_lpm6 with the implementation algorithm of route search DIR-24-8 for/, IPv4IPv6 which allows you to optimize routing functions for hosts with very large routing tables (tests in there is a speed increase of 25%). To configure the modules, you can use the regular route utility (added option FIB_ALGO).
- The ZFS file system implementation has been upgraded to OpenZFS 2.1.9. The zfskeys start script provides automatic loading of keys stored in the ZFS file system. An RC script zpoolreguid has been added to assign a GUID to one or more zpool (for example, useful for virtualization environments with shared data).
- The Bhyve hypervisor and the vmm module support the attachment of more than 15 virtual CPUs to the guest system (regulated via sysctl hw.vmm.maxcpu). The bhyve utility implements the emulation of the virtio-input device, with which you can substitute keyboard and mouse input events into the guest system.
- KTLS, an implementation of the TLS protocol operating at the FreeBSD kernel level, has added support for TLS 1.3 hardware acceleration through the removal to the network card side of some operations related to the processing of encrypted incoming packets. Previously, a similar feature was available for TLS 1.1 and TLS 1.2.
- In the starting script growfs, when expanding the root file system, it is possible to add a swap partition if such a partition was initially absent (for example, it is useful when installing a ready-made system image on an SD card). To control the size of the page, the growfs_swap_size parameter has been added to rc.conf.
- The hostid start script provides the generation of a random UUID in the absence of the/etc/hostid file and the inability to receive UUID from the hardware. The/etc/machine-id file is also added with a compact representation of the host ID (without hyphens).
- defaultrouter_fibN and ipv6_defaultrouter_fibN variables have been added to rc.conf, through which you can add default routes to non-primary FIB tables.
- Support for SHA-512/224 hashes has been added to the libmd library.
- The pthread library supports the semantics of functions used in Linux.
- Kdump has added support for decoding Linux system calls. Kdump and sysdecode have added support for tracing Linux-style system calls.
- In the killall utility, it became possible to send a signal to processes associated with a specific terminal (for example, "killall -t pts/1").
- The nproc utility has been added to display the number of computation blocks available to the current process.
- Support for decoding ACS (Access Control Services) parameters has been added to the pciconf utility.
- A SPLIT_KERNEL_DEBUG setting has been added to the kernel that allows you to save debug information for the kernel and kernel modules to individual files.
- ABI linux has almost completed the implementation of support for the vDSO (virtual dynamic shared objects) mechanism, which provides a limited set of system calls available in user space without context switching. ABI linux on ARM64 systems has been brought to parity with the implementation for the AMD64 architecture.
- Optimized hardware support. Added hwpmc support for Intel Alder Lake CPU.
- Updated iwlwifi driver for wireless cards with support for Intel chips and standard. 802.11ac Added rtw88 driver for Realtek PCI wireless cards. The linuxkpi layer has been expanded for use in FreeBSD Linux drivers.
- The library OpenSSL has been upgraded to version 1.1.1t, LLVM/Clang to version 14.0.5, and the SSHserver client has been upgraded to OpenSSH 9.2p1 (the previous version used OpenSSH 8.8p1). Also updated versions bc 6.2.4, expat 2.5.0, file 5.43, less 608, libarchive 3.6.2, sendmail 8.17.1, sqlite 3.40.1, unbound 1.17.1, zlib 1.2.13.
Additionally, it announced the transfer to the category of outdated and removal starting from the FreeBSD 14.0 branch of one-time OPIE passwords, ce and cp drivers, drivers for ISA cards, mergemaster and minigzip utilities, ATM components in netgraph (NgATM), telnetd background process and VINUM class in geom[1].
2022
Adding Netlink Protocol Support
The FreeBSD codebase adopted the implementation of the Netlink communication protocol (RFC 3549), used in Linux to organize kernel interaction with processes in user space. The project is limited to supporting a family of NETLINK_ROUTE operations to manage the state of the network subsystem in the kernel. This became known on October 5, 2022.
In the current form, the Netlink support level allows you to use the ip Linux utility from iproute2 in FreeBSD to manage network interfaces, set IP addresses, configure routing and manipulate nexthop objects that store state data used to transfer the packet to the desired destination. After slightly changing the header files, Netlink can be used in the Bird routing packet.
The Netlink implementation for FreeBSD is designed as a downloadable kernel module that, if possible, does not affect other kernel subsystems and creates separate task queues (tasqueue) for processing messages received via the protocol and performing operations in asynchronous mode. The reason for porting Netlink is the lack of a standard mechanism for interacting with kernel subsystems, which leads to the fact that different subsystems and drivers invent their own protocols.
Netlink offers a unified communication layer and extensible message format that can act as an intermediary that automatically combines disparate data from different sources into one request. For example, FreeBSD subsystems such as devd, jail and pfilctl, now using their own ioctl calls, can be transferred to Netlink, which will greatly simplify the creation of applications for working with these subsystems. In addition, using Netlink to modify nexthop objects and groups in the routing stack will allow more efficient interaction with routing processes in user space.
Currently implemented capabilities:
- Gets information about nexthops routes, objects, and groups, network interfaces, addresses, and neighbors (arp/ndp).
- Generate notifications about the appearance and disconnection of network interfaces, setting and deleting addresses, adding and deleting routes.
- Add and remove routes, nexthops objects and groups, gateways, network interfaces.
- Integration with the Rtsock interface to manage the routing table[2] for[3].
FreeBSD 13.1
On May 17, 2021, it became known that after a year of development, the release of FreeBSD 13.1 was published. Installation images are available for amd64, i386, powerpc, powerpc64, powerpc64le, powerpcspe, armv6, armv7, aarch64 and riscv64 architectures. Additionally, assemblies have been prepared for virtualization systems (QCOW2, VHD, VMDK, raw) and cloud environments Amazon EC2, Google Compute Engine and Vagrant.
File:FreeBSD13123.pngAs reported in FreeBSD 13.1:
- Proposed iwlwifi driver for Intel wireless cards with support for chips and 802.11ac standard. The driver is based on the Linux driver and code from the Linux subsystem net80211, which work in FreeBSD using the linuxkpi layer.
- The ZFS file system implementation has been upgraded to OpenZFS 2.1 with dRAID (Distributed Spare RAID) technology and significant performance optimizations.
- An rc script zfskeys has been added, with the help of which you can organize automatic decryption of encrypted ZFS partitions at the loading stage.
- The network stack has changed the behavior for last-zero IPv4 addresses (x.x.x.0), which can now be used as a host and is not broadcast by default. Old behavior can be returned using sysctl net.inet.ip.broadcast_lowest.
- For 64-bit architectures, basic system assembly using PIE (Position Independent Executable) mode is enabled by default. To disable, you can configure the WITHOUT_PIE.
- Added the ability to call chroot by an unprivileged process for which the NO_NEW_PRIVS flag is set. The mode is activated using sysctl security.bsd.unprivileged_chroot. The "-n" option has been added to the chroot utility, setting the NO_NEW_PRIVS flag for the process before isolating it.
- The bsdinstall installer has added the mode of automated editing of disk partitions, which allows for different disk names to connect split scripts that work without user input. The proposed feature optimizes the creation of fully automatic installation media for systems and virtual machines with different disks.
- Changed boot support on UEFI systems. The bootloader enables automatic configuration of the copy_staging parameter depending on the capabilities of the loaded kernel.
- Work was done to optimize the performance of the loader, nvme, rtsold, initialize the pseudo-random number generator and calibrate the timer, which led to a reduction in boot time.
- Added support for NFS over encrypted TLS 1.3-based communication channel. The implementation uses the TLS stack provided by the kernel, which allows you to use hardware acceleration tools. The assembly of the rpc.tlsclntd and rpc.tlsservd processes with the NFS-over-TLS client and server implementation is enabled by default for amd64 and arm64 architectures.
- For NFSv4.1 and 4.2, the nconnect mount option is implemented, which determines the number of TCP connections established with the server. The first connection is used for small RPC messages, and the rest for balancing traffic with transmitted data.
- Added sysctl vfs.nfsd.srvmaxio for NFS Server to change the maximum I/O block size (128Kb by default).
- Optimized hardware support. The igc driver has added support for the Intel I225 Ethernet Controller.
- Optimized support for Big-endian systems. Added mgb driver for Microchip devices Ethernet controller LAN7430 PCIe Gigabit Ethernet
- The ice driver used for Intel E800 Ethernet controllers has been updated to version 1.34.2-k, which introduced support for reflecting firmware events in the system log and added an initial implementation of DCB (Data center bridging) protocol extensions.
- In images for Amazon EC2, boot using UEFI instead of BIOS is enabled by default.
- The bhyve hypervisor has updated the components for emulating NVMe drives, which support the NVMe 1.4 specification. Solved problems with NVMe iovec with intensive I/O.
- The CAM library has been translated to use the realpath call when processing device names, which allows you to use symbolic links to devices in the camcontrol and smartctl utilities. Camcontrol has solved problems with downloading firmware to devices.
- Stopped building the svnlite utility on the underlying system.
- Linux versions of utilities for calculating checksums (md5sum, sha1sum, etc.) have been added, which are implemented by calling the existing BSD utilities (md5, sha1, etc.) with the "-r" option.
- The mpsutil utility has added support for NCQ management and provides display of adapter information.
- In/etc/defaults/rc.conf, the -i option is enabled by default when calling the rtsol and rtsold processes responsible for sending messages ICMPv6 RS (Router Solicitation). This option disables random delay before sending a message.
- For riscv64 and riscv64sf architectures, library assembly is enabled with ASAN (address sanitiser), UBSAN (Undefined Behavior Sanitiser), OpenMP and OFED (Open Fabrics Enterprise Distribution).
- The problems with determining the supported ARMv7 processors and ARM64 hardware acceleration tools for cryptographic operations were solved, which made it possible to optimize the operation of the aes-256-gcm and sha256 algorithms on ARM systems.
- For powerpc architecture, the LLDB debugger developed by the LLVM project is included in the main composition.
- The OpenSSL library has been updated to version 1.1.1o and expanded with assembly optimizations for powerpc, powerpc64 and powerpc64le architectures.
- SSH-server and the client is upgraded to OpenSSH 8.8p1 with disabling support for digital signatures rsa-sha and support two-factor authentication with FIDO/U2F protocol devices. To interact with devices, the ecdsa-sk and ed25519-sk key types, which use algorithms digital signature ECDSA and Ed25519, in combination with the SHA-256 hash, FIDO/U2F added.
- Updated versions of third-party applications included in the base system: awk 20210215 (with patches that disable the use of locales for ranges and optimize compatibility with gawk and mawk), zlib 1.2.12, libarchive 3.6.0[4].
File:FreeBSD 13.1.png
2020: New Code of Conduct for Developers
On June 9, 2020, the FreeBSD project announced the introduction of a new Code of Conduct. It was based on the code.
The former code was called Geek Feminism, it focused heavily on problems of sexual identity, gender discrimination , etc. A survey was conducted among FreeBSD developers (the results were published in June 2020), in which 35% of respondents voted against Geek Feminism, 30% - "yes," and 34% of respondents abstained. Then the developers were asked to choose one of the following codes:
- Geek Feminism.
- Derived from the LLVM code.
- Derived from the Golang community code.
Only 4% voted for the old code. 33% chose Go Golang and 63% chose LLVM. Thus, most of the survey participants chose an option from the LLVM project, which welcomes:
- friendliness and tolerance;
- benevolence;
- mindfulness;
- respectful attitude;
- accuracy in statements;
- a desire to delve into the details of what is happening.
The new code of conduct for developers reports that FreeBSD aims to become a community that welcomes and supports people of any race, gender, culture, national origin, color, social status, sexual orientation, age, growing marital status, political belief, religion or physical ability.
The LLVM code is considered quite specific, it does not contain "water" and unnecessary reasoning. The Golang community code derivative is nearly twice as long as the LLVM and slightly worse structured.
The results of the previous survey of developers were as follows: 94% of developers considered it important to maintain a respectful manner of communication, 89% believed that FreeBSD should welcome the participation of people of any worldview in the project (2% against), 74% considered it necessary to remove toxic people from the community.[5]
2016
FreeBSD 11.0 beta 2
On July 25, 2016, the second beta release of FreeBSD 11.0 became available.
FreeBSD release 11.0-BETA2 prepared for amd64, i386, powerpc, powerpc64, sparc64 and armv6 architecture (BANANAPI, BEAGLEBONE, CUBIEBOARD, CUBIEBOARD2, CUBOX-HUMMINGBOARD, GUMSTIX, RPI-B, RPI2,[6] release])
Additionally, images have been prepared for virtualization systems (QCOW2, VHD, VMDK, raw) and Amazon EC2 cloud environments. FreeBSD 11.0 is scheduled for release on September 2, 2016.
In the second beta release, the freebsd-update utility has the ability to install distribution kits ('* -dbg'), fixes have been made to the assembly tools, WITNESS and INVARIANTS have been disabled for the powerpc/powerpc64 and arm/armv6 architectures, the GENERIC-NODEBUG kernel configuration has been removed, and errors have been worked on.
Microsoft has released its FreeBSD distribution
In June 2016, Microsoft released its own distribution of the open source operating system FreeBSD. Thus, the American corporation continues to develop projects in the field of Open Source. Read more here.
FreeBSD 10.3 Output
On April 4, 2016, the FreeBSD community announced the release of 10.3[7].
Images have been prepared for virtualization systems (QCOW2, VHD, VMDK, raw) and cloud environments Amazon EC2, Google Compute Engine and Hashicorp/Atlas Vagrant. Among the significant changes:
- improved performance on UEFI systems,
- the ability to boot on root partitions from ZFS,
- the function of changing the root PS (reroot) during loading,
- Support for running 64-bit applications in Linux emulation mode
- Add clustering tools to the CAM Target Layer (CTL).
Major changes
- A series of changes related to loading on UEFI systems. The UEFI bootloader has added support for root partitions with ZFS and the ability to use several ZFS boot environments, such as those provided in sysutils/beadm. Improved compatibility with various UEFI implementations. The UEFI bootloader has added the ability to set EFI variables from the bootloader command line, as well as support for the/boot/config and/boot.config configuration files. The efifb framebuffer driver used in the UEFI bootloader has added new gop (Graphics Output Protocol) and uga (Universal Graphics Adapter) commands to diagnose problems or set graphics mode on systems with support for the GOP and UGA protocols (iMac7,1, MacBook3,1). Initial support for terminal emulation has been added to loader.efi. Solved problems with multi-boot and loading, leading to the output of the error "ExitBootServices () returned 0x8000000000000002";
- The bsdinstall installer has added the ability to install ZFS on the root partition on UEFI systems;
- Updated ZFS implementation. By default, support for LZ4 compression is enabled, memory consumption when using L2ARC is reduced by 50%, I/O aggregation is improved, code for proactive data loading is redesigned;
- Added the ability to change the root PS on the fly. Previously, a reboot was required to remount the root partition. Changing the root FS is necessary to work at an early stage of loading temporary images of ram disks initializing an iSCSI session, followed by connecting the root FS over iSCSI;
- Expanded the capabilities of the Linux environment emulation infrastructure, which introduced the ability to run 64-bit applications on systems with amd64 architecture (x86_64), added support for 1:1 threads, VDSO and epoll (7) multiplexed I/O APIs. Jail has added support for mounting linprocfs and linsysfs file systems;
- The CAM Target Layer (CTL) subsystem, which provides emulation of disk and processor devices through which the iSCSI server is implemented, has added support for high availability tools. It is supported to create two-node clusters with asynchronous modes access to LUN units (ALUA, Asynchronous LUN Unit Access): Active/Unavailable, Active/Standby, synchronous Active/Active and Active/Active proxy;
- System changes
- Corrections have been made to the initialization code of the pseudo-random number generator, excluding the lack of entropy when loading on some types of systems;
- The kqueue system call has added the ability to handle write events for files larger than 2 GB;
- The implementation of the vnode cache has been redesigned, the code has been optimized for the distribution and cleaning of vnode;
- Support for rebooting the/etc/resolv.conf file has been added to the name resolution library if the modification time has changed;
- The rc.d/network script has added expectations of network interfaces added at the last stage of boot, for example, network adapters with a USB interface;
- firewall In firewall_type="SIMPLE mode, ipfw tables are used to block addresses;
- Added the sysctl variable kern.features.invariants, showing whether or not the INVARIANTS kernel is assembled;
- Tools
- Support for the NTFS file system has been added to the mkimg utility;
- sesutil utility for managing SES (SCSI Environmental Services) devices;
- Timeout utility, which allows you to run a command with a time limit;
- The "-s" flag has been added to the cp utility, which allows you to create symbolic links;
- When starting the jail utility, if you do not explicitly specify an executable default command, the shell now runs. The "-l" option has been added, which guarantees the cleaning of environment variables by analogy with the exec.clean directive, i.e. only the HOME, SHELL, TERM and USER variables are passed to jail, which are set to actual values;
- The ifconfig utility, when using the "-v" flag, provides information about SFP/SFP + optical modules, when using drivers that support the output of this information (cxgbe, ixgbe, mlx5en and sfxge);
- The last utility returned support for the virtual user reboot, accidentally deleted in FreeBSD 9.0, when specified, all records associated with the reboot are shown;
- Updated versions of third-party programs, including file 5.25, xz 5.2.2, ntpd 4.2.8p5, unbound 1.5.7, less v481, OpenSSL 1.0.1s, OpenSSH 7.2p2;
- The GNOME 3.16.2 desktop environment (was 3.14.2) has been updated on ports. X.org Server updated to release 1.17.4 (was 1.14.7);
- Equipment support
- Added ismt driver with support for Intel SMBus 2.0 controllers;
- Added mlx5 driver with support for Ethernet and Infiniband Mellanox ConnectX-4 network cards that support data transfer at speeds up to 100GBit/s. The driver-related mlx5en kernel module is enabled by default in the GENERIC configuration;
- Support for CD-ROM and removable devices has been added to the ctl driver;
- Support for indirect segmented blkif I/O has been added to the xen driver;
- ixgbe (4) driver updated to version 3.1.13-k, which introduced support for X552 and X550T adapters, added support for hw.ix.flow_control and hw.ix.advertise_speed bootloader settings, fixed a large portion of problems;
- Updated isp (4) driver, which introduced support for 16 gigabit Fibre Channel adapters and completed the implementation of Multi-ID (NPIV) functionality;
- Versions 7.6.1 and 2.5.3 have been updated with em (4) and igb (4) drivers, which add support for i219, i219 (2) and i219 (3) chips used in chipsets for Skylake-based processors and newer microarchitectures;
- Removed legacy ata drivers such as ataahci, ataadaptec, and mv_sata that should be replaced by ahci, siis, and mvs;
- The pms driver was removed from the GENERIC kernel due to a conflict with the ahd and mvs drivers.
FreeBSD 10.3 beta release released
In February 2016, the first beta release of FreeBSD 10.3 was introduced. The FreeBSD release is 10.3-BETA1 available for amd64, i386, powerpc, powerpc64, sparc64 and armv6 architectures (BEAGLEBONE, CUBOX-HUMMINGBOARD, GUMSTIX, PANDABOARD, RPI-B, WANDBOARD). Additionally, images have been prepared for virtualization systems (QCOW2, VHD, VMDK, raw) and cloud environments Amazon EC2 and Microsoft Azure. FreeBSD 10.3 is scheduled for release on March 22. FreeBSD 11 is expected to be released on July 27.
The list of changes to FreeBSD 10.3 is at the initial stage of formation. Added features and features:
- NTFS support in the mkimg utility,
- A new sesutil utility for managing SES (SCSI Environmental Services) devices,
- In the kqueue system call, write event processing appeared for files greater than 2 GB,
- The implementation of CTL High Availability has been rewritten,
- The ctl driver has added support for CD-ROM and removable devices,
- The xen driver has added support for indirect segmented I/O blkif,
- Updated ZFS implementation.
2015: FreeBSD 10.2
On August 14, 2015, the developer community officially unveiled the FreeBSD 10.2[8].
The system is available for AMD64, I386, IA64, PowerPC, PowerPC64, Sparc64, and ARMv6 architecture. Additionally, images have been prepared for virtualization systems (QCOW2, VMDK, raw) and cloud environments Amazon EC2, Google Compute Engine and Microsoft Azure.
Major changes
- A new uefisign utility has been added to generate digital signatures for EFI files used for download in UEFI Secure Boot configurations. The EFI bootloader includes bzipfs;
- A new rc-script growfs is presented, designed to perform an operation to change the size of the root file during the first boot (if the/firstboot file is created), allowing the root file to automatically occupy all unallocated disk space. The operation of the script is controlled through the growfs_enable option in rc.conf. The script can also be executed manually ("/etc/rc.d/growfs onestart "), and not at the reboot stage;
- The environment emulation infrastructure supported in FreeBSD Linux has been updated to CentOS 6.6 (emulators/linux-c6 port). Emulator-related ports are adapted to use CentOS 6.6, which is now offered by default instead of packets based on. Fedora 10 The Linux kernel compatibility layer now references release 2.6.18;
- The drm driver code for graphics cards is synchronized with the Linux 3.8.13 kernel, which allowed the implementation of ioctl calls to setmaster/dropmaster to solve the problem of starting several X servers at the same time;
- The capabilities of the FreeBSD/arm port have been expanded. Added support for Exynos 5420 Octa systems and Toradex Apalis i.MX6 boards. A bcm2835_cpufreq driver has been added to control the CPU frequency and voltage on the Raspberry Pi. SMP support is enabled for all Exynos 5 systems. Added audio drivers with support for AUDMUXM (Digital Audio Multiplexer), SDMA (Smart Direct Memory Access Controller) and SSI (Synchronous Serial Interface). The correct shutdown tools have been implemented on BeagleBone Black boards;
- A FreeBSD/i386 setting has been added to the PAE_TABLES kernel, in which pmap enables the use of PAE format when working with memory page tabs in 32-bit physical addressing conditions. In this mode, memory mapping in "no execute" mode is possible, which allows you to increase the security of the system from some types of attacks. In addition, unlike PAE mode, PAE_TABLES mode retains binary interface (KBI) compatibility with non-PAE cores, allowing the use of modules and drivers assembled for them. When PAE_TABLES mode is turned on, the kernel limits are configured for a RAM size of 4 GB;
- Added vxlan driver to create virtual extensible LANs (Virtual Extensible LANs) used to tunnel Layer 2 virtualized networks over Layer 3 networks. VXLAN allows you to bypass the restriction of 4096 VLANs by using 24-bit identifiers;
- Updated bhyve hypervisor: added support for AMD processors with hardware extensions SVM and AMD-V, added support for the DSM TRIM command for AHCI virtual disks;
- The autofs subsystem implements a new type of "-media" mappings, which allows you to automatically mount embedded drives such as CDs and USB Flash. Also added is the type "-noauto" similar to the use of the noauto flag in fstab;
- Support for multiqueue has been added to the em network driver. Activation is made through the EM_MULTIQUEUE kernel option;
- The GENERIC kernel by default includes support for RACCT and RCTL, subsystems for accounting and resource limitation;
- For ZFS, a vfs.zfs.spa_slop_shift setting has been added that allows you to change the default reserved disk space;
- The ctl subsystem (CAM Target Layer) has been updated, in which the limit on the number of ports has been increased from 128 to 256, and from 256 to 1024 to the number of LUNs;
- The bootloader has added support for entering a password for GELI encryption at the stage before loading the kernel;
- The gre driver has been significantly redesigned, which is now divided into two separate modules gre and me;
- A virtio_console driver has been added that provides an interface for throwing console VirtIO devices through the tty device;
- Solved problems when using jail in conjunction with gif- and gre-tunnels;
- GENERIC kernel includes nvd and nvme drivers with support for NVM Express disk controllers by default;
- The psm driver adds support for Synaptics touchpads and ClickPad mice used in the new Lenovo laptop models;
- Support for RT5390 and RT5392 chips has been added to the ral driver;
- The mount_nfs utility has support for the timeo, actimeo, noac and proto options;
- In the TCP stack, the PLPMTUD (Packetization Layer Path MTU Discovery, RFC 4821) definition is disabled by default. Use sysctl net.inet.tcp.pmtud_blackhole_detection, net.inet.tcp.pmtud_blackhole_mss and net.inet.tcp.v6pmtud_blackhole_mss to enable;
- The basic system includes a new utility dpv, which clearly shows the progress of data transmission for one or more streams;
- The fstyp utility has been added to determine the type of file system on the specified partition;
- Added the figpar library, which provides an API for parsing configuration files;
- The gpart utility has added support for partition schemes in MBR apple-boot, apple-hfs and apple-ufs;
- The mkimg utility has added support for MBR EFI partitions and implemented the "-c" flag to set the minimum virtual size of the final image;
- The -R flag has been added to the netstat utility, when specified, information about RSS/flow is displayed;
- The date utility for improving compatibility with GNU date implements the display of the file modification time specified through the "-r" flag;
- bsdinstall adds the ability to select a disk partition scheme when installed on UFS. Support for aligning partitions along the border of 1 MB is implemented when determining such a need. A workaround has been added to boot on various laptops and motherboards that previously experienced boot problems from GPT drive partitions;
- Freebsd-update added protection against downloading new binary patches if the past update is not yet completed;
- The resolvconf utility has been updated to openresolv 3.7.0, notable for adding the ability to set the privacy flag for interfaces in resolv.conf, which allows you to use these interfaces only to resolve domains according to the mask explicitly specified in resolv.conf (domain/search);
- Third-party versions have been updated, including ntp 4.2.8p3, acpi 20150515, file 5.23, unbound 1.5.3, sendmail 8.15.2, OpenSSL 1.0.1p.
- The desktop environment offered from ports has been updated: GNOME 3.14.2 and KDE 4.14.3. Updated graphics stack (x11-servers/xorg-server 1.14.7_5, x11/xorg 7.7_2).
2014: FreeBSD 10.0
January 20, 2014 it became known about the release of the latest release of FreeBSD 10.0. Release 10.0 is available for several architectures, including x86, Power PC and Sparc.
Description
The new implementation of the system was transferred to the default use of the Clang compiler. The BHyVe hypervisor is integrated into the system, the BIND DNS server is replaced by Unbound, the CARP protocol is again implemented, the FUSE subsystem is integrated, the pkg packet manager operates by default.
Integrated unmapped VMIO support to improve I/O performance by eliminating buffer mapping in the TLB cache, reducing overhead on multiprocessor systems.
The bsdinstall system installer has been updated and support for full system installation on ZFS partitions has been added to it. In this case, all settings are made from the menu, including creating partitions, selecting the ZFS RAID level, configuring encryption using GELI, choosing the pool name, etc. The previous sysinstall installer has been removed from the base system, instead of it you should use bsdinstall and bsdconfig. The bsdconfig utility implements an interface for configuring various system parameters, providing functionality similar to the Configure menu from sysinstall.
Integration of the FUSE subsystem is implemented - for the operation of file systems implemented at the user level. Most FUSE modules are supported, including sshfs, ntfs-3g and ext4fuse.
Support for increasing the size of UFS partitions is enabled using the growfs utility on the fly, without unmounting the partition.
Enable performance optimization for UFS/FFS file systems. Accelerated fsck execution for new UFS partitions;
Upgrading ZFS subsystem components to the latest version of ZFS pools with support for LZ4 compression and L2ARC, asynchronous data set destruction, ZIO NOP-write optimizations, support for TRIM operation for SSDs.
The network subsystem has integrated the developments of the CARP2 project. Within its framework, there is a new implementation of the CARP (Common Address Redundancy Protocol) protocol for FreeBSD. CARP, acting as an open alternative to HSRP (Hot Standby Router Protocol) and VRRP (Virtual Router Redundancy Protocol), makes it possible to organize the sharing of an IP address between several servers in a local network, which can be used for load balancing or to create fault-tolerant systems.
Replaced the BIND DNS server with a bundle from the Unbound caching DNS server and the LDNS library. Unbound is distributed under the BSD license, has a modular structure, supports the operation of the name resolution mechanism in recursive and caching mode. Also provides validation of DNSSEC signatures. Instead of the dig utility, drill is now used. As a reason for leaving BIND, the developers mention a problem with the length of the support cycle for releasing updates for BIND, which do not fit into the support cycle for FreeBSD releases.
The BHyVe hypervisor created by NetApp has been integrated. You will need a system with an Intel processor that supports VT-x virtualization hardware and Extended Page Tables (EPT). Support for BHyVe is still limited to the amd64 architecture.
Added device drivers, video cards, tools for manipulating large memory pages.
Gleb Smirnov - What's new in FreeBSD 10.0
2012
Hyper-V supports FreeBSD
On May 14, 2012, at BSDCan 2012, Microsoft, together with its partners NetApp and Citrix, announced that the FreeBSD operating system would be supported by the Hyper-V hypervisor. Appropriate drivers to enable the operating system to run efficiently in a Windows Server 2008 R2 Hyper-V virtual environment, including BSD licensed source code, will be available in early summer 2012 for FreeBSD versions 8.2 and 8.3.
The development of the VMBUS driver, which connects the guest operating system with the Windows Server Hyper-V hypervisor, was carried out by Microsoft in conjunction with Insight Global. In the future, it is planned that this driver will become part of FreeBSD.
FreeBSD 9
Among the improvements, two graphic environments should be noted at once, which are offered to users to choose from. Recently, Linux has often been criticized for the shortcomings of the graphics environment that are inherent in both GNOME 3 and Ubuntu Unity.
The developers of FreeBSD 9.0 decided to bypass this obstacle, inviting users to choose between the friendly and familiar GNOME 2.32 environment and the aesthetically pleasing KDE 4.7 interface.
Other significant extensions to FreeBSD 9.0 include a new installer, compatibility with PowerPC processors used in Sony PlayStation 3 game consoles, many updated drivers, and support for USB 3.0 and High Performance SSH.
FreeBSD 9.0, the release of which its developers dedicated to the memory of the pioneer of the computer industry, the creator of Unix and the C programming language Dennis Ritchie, currently runs on AMD64, i386, ia64, PowerPC, PowerPC64 and SPARC64 architectures. All necessary links and installation instructions are available on the official FreeBSD website.
2010: FreeBSD 8.1
The FreeBSD developer community announced in August 2010 the release operating system of the kernel-based version 8.1 of the same name. Linux Among the key changes in the new product, the developers name improved hardware support and the modernization of the software components of the system. FreeBSD 8.1 has expanded and updated the driver base, optimized platform code, and fixed previously discovered flaws. Great attention was paid to wireless communication tools, Wi-Fi network components, tools virtualizations and platform optimization for modern multi-core processors when developing a new version of FreeBSD.
Other innovations in FreeBSD 8.1 include GNOME 2.30.1 and KDE 4.4.5 working environments, updated OpenSSH tools for organizing secure network connections, Sendmail mail server 8.14.4, support for UltraSPARC IV/IV + architectures, SPARC64 V and other innovations. A lot of attention was paid to the safety and reliability of the product.
The new version of the platform is recommended by developers for industrial implementation; users of previous editions of FreeBSD can update the OS using the freebsd-update utility and explanatory instructions published on the official product website page.
2009: FreeBSD 8.0
As of November 26, 2009, the current FreeBSD release is numbered 8.0.
After the release of releases, additional development branches are created to support them, but only the most necessary changes are made to them, fixing serious errors or system security problems. Before the fourth version of FreeBSD, the stable and current branches had the same senior version number. Then the current branch was assigned the number 5, and the stable one remained the number 4. Currently, the stable version is numbered 8, and the current version is 9. There is also a 7-STABLE branch to support those users who have not yet updated FreeBSD to version 8.
FreeBSD 5 includes several new features, including security-related features. In order to improve the security of FreeBSD, the TrustedBSD project was formed, within the framework of which the following were developed: an extensible MAC forced access control system, ACL access lists for file systems and a new UFS2 file system. Some TrustedBSD features have also been integrated into NetBSD and OpenBSD operating systems. FreeBSD 5 also supports encryption of file systems through the GBDE (Geom Based Disk Encryption) system, which was written by Paul-Henning Kamp, one of the leading developers. Other important features of FreeBSD 5 include in-core interlocks to improve performance on multiprocessor SMP systems and multithreading implemented by the KSE system, which has been the default streaming library since version 5.3. libkse was later replaced by libpthread in this capacity, but is still supported in -STABLE.
8.0-RELEASE has made several significant innovations: virtualization of the network stack (vimage), allowing the use of several network stacks, support for working in the Xen guest domain (domU), redesigned USB stack, ZFS version 13, RPCSEC_GSS authentication for NFS, support for NAT-traversal (RFC 3948) in IPSEC, enabled by default anti-overflow stack protection system ProPolice SSP, improved code for isolated environments (JFC) routing (equilibrium 2992
1993: FreeBSD Development Start
The development of FreeBSD began in 1993 at a high speed, the source code of the 386BSD was taken as the starting point. However, for reasons of the legality of using the 386BSD source code, the FreeBSD development team redesigned most of the system by the time FreeBSD 2.0 was released in January 1995 using 4.4BSD-Lite.
FreeBSD Development Model
There are about 4,000 developers who work on a voluntary basis. All of them can read the repository tree. But they cannot make changes. Instead, the developer turns to the committer, who has the right to make changes to the code. There are about 400 committers. The developer can grow through the social ladder of the project and become a committer and then a member of the main team. The new committer is elected by other committers. The main team is the core of the project and consists of 9 people who are selected for 2 years. The main team solves conflicts between committers.
Project participants are developing two branches "CURRENT" and "STABLE."
The new code for testing is placed in the CURRENT branch (unstable, test). New features added to CURRENT may remain in the system or may be abandoned if the implementation fails. Sometimes this version may be in an unusable state. STABLE (stable or production) version contains only those innovations that have been tested in CURRENT. However, this version is also intended mainly for developers. It is not recommended to upgrade responsible work servers to STABLE without testing it. On the basis of STABLE, carefully tested RELEASES developers are regularly created.
Notes
- ↑ FreeBSD 13.2 release with support for Netnetd and WireGulink
- ↑ [https://www.opennet.ru/opennews/art.shtml?num=57873 FreeBSD has added support
- ↑ the Netlink protocol used in the Linux kernel]
- ↑ FreeBSD release 13.1
- ↑ FreeBSD Adopts A New Code of Conduct Based On The LLVM CoC
- ↑ [http://www.opennet.ru/opennews/art.shtml?num=44847 PANDABOARD 11.0 FREE BOARD
- ↑ FreeBSD 10.3
- ↑ FreeBSD 10.2 release