release56
DragonFly BSD 5.6
- Version 5.6.0 released 17 June 2019
- Version 5.6.1 released 19 June 2019
- Version 5.6.2 released 11 August 2019
- Version 5.6.3 released 10 March 2020
DragonFly version 5.6 brings an improved virtual memory system, updates to radeon and ttm, and performance improvements for HAMMER2. 5.6.1 fixes a misconfiguration in sshd and a lockup in ttm. 5.6.2 fixes a number of bugs, and includes a disruptive change to TCP timeouts. 5.6.3 is a final rollup release, capturing all fixes between 5.6.2 and 5.8.
The details of all commits between the 5.4 and 5.6 branches are available in the associated commit messages for 5.6.0rc1, 5.6.0, 5.6.1, 5.6.2, and 5.6.3.
Big-ticket items
Improved VM
- Informal test results showing the changes from 5.4 to 5.6 are available.
- Reduce stalls in the kernel vm_page_alloc*() code (vm_page_list_find*()).
- Improve page allocation algorithm to avoid re-iterating the same queues as the search is widened.
- Add a vm_page_hash*() API that allows the kernel to do heuristical lockless lookups of VM pages.
- Change vm_hold() and vm_unhold() semantics to not require any spin-locks.
- Change vm_page_wakeup() to not require any spin-locks.
- Change wiring vm_page's no longer manipulates the queue the page is on, saving a lot of overhead. Instead, the page will be removed from its queue only if the pageout demon encounters it. This allows pages to enter and leave the buffer cache quickly.
- Refactor the handling of fictitious pages.
- Remove m->md.pv_list entirely. VM pages in mappings no longer allocate pv_entry's, saving an enormous amount of memory when multiple processes utilize large shared memory maps (e.g. postgres database cache).
- Refactor vm_object shadowing, disconnecting the backing linkages from the vm_object itself and instead organizing the linkages in a new structure called vm_map_backing which hangs off the vm_map_entry.
- pmap operations now iterate vm_map_backing structures (rather than spin-locked page lists based on the vm_page and pv_entry's), and will test/match operations against the PTE found in the pmap at the requisite location. This doubles VM fault performance on shared pages and reduces the locking overhead for fault and pmap operations.
- Simplify the collapse code, removing most of the original code and replacing it with simpler per-vm_map_entry optimizations to limit the shadow depth.
- TCP keepalive changed. This will require updating dports that use the network.
DRM
- Major updates to the radeon and ttm (amd support code) drivers. We have not quite gotten the AMD support up to the more modern cards or Ryzen APUs yet, however.
- Improve UEFI framebuffer support.
- A major deadlock has been fixed in the radeon/ttm code.
- Refactor the startup delay designed to avoid conflicts between the i915 driver initialization and X startup.
- Add DRM_IOCTL_GET_PCIINFO to improve mesa/libdrm support.
- Fix excessive wired memory build-ups.
- Fix Linux/DragonFly PAGE_MASK confusion in the DRM code.
- Fix idr_*() API bugs.
HAMMER2
- The filesystem sync code has been rewritten to significantly improve performance.
- Sequential write performance also improved.
- Add simple dependency tracking to prevent directory/file splits during create/rename/remove operations, for better consistency after a crash.
- Refactor the snapshot code to reduce flush latency and to ensure a consistent snapshot.
- Attempt to pipeline the flush code against the frontend, improving flush vs frontend write concurrency.
- Improve umount operation.
- Fix an allocator race that could lead to corruption.
- Numerous other bugs fixed.
- Improve verbosity of CHECK (CRC error) console messages.
Details
Checksums
MD5 (dfly-x86_64-5.6.1_REL.img) = b64ea4f98ae0c9bb26978925bda1f899
MD5 (dfly-x86_64-5.6.1_REL.iso) = 8921dc8bca8b1f8cb44259601b75a608
MD5 (dfly-x86_64-5.6.1_REL.img.bz2) = 10f87055369e168494966982d50b4dba
MD5 (dfly-x86_64-5.6.1_REL.iso.bz2) = 6b3ddc0d663777476f021750d2bd21b4
Upgrading
If you have an existing 5.x system and are running a generic kernel, the normal upgrade process, described below, will work.
Change your local /usr/src
to 5.6:
cd /usr/src
git fetch origin
git branch DragonFly_RELEASE_5_6 origin/DragonFly_RELEASE_5_6
git checkout DragonFly_RELEASE_5_6
git pull
And then rebuild: (in /usr/src
)
make buildworld
make buildkernel
make installkernel
make installworld
make upgrade
(reboot your system)
make initrd
make initrd
is optional for systems with unencrypted disks, and has been possible for several releases; it's mentioned here for completeness. Look at the initrd(7) man page for details on what it does.
Don't forget to upgrade your existing packages. 5.6 packages have already been built and are immediately available.
pkg update
pkg upgrade
All other changes since DragonFly 5.4
Security Issues
- Add MDS mitigation support for the Intel side-channel attack. Must be enabled by the user, and also requires an Intel microcode update to supports it. The mitigation burns around 250ns of additional latency on kernel->user transitions and is set with 'sysctl machdep.mds_mitigation=MD_CLEAR'.
- The kernel is compiled with retpoline support by default under GCC8.
- Implement support for SMAP and SMEP security when available. This prevents accidental accesses to the user-address-space by the kernel. Support is reported in dmesg.
- CVE-2020-7450, CVE-2019-18218 fixed
Kernel
- Add /dev/part-by-label, allowing user-specified labeling of disklabels to show up in /dev.
- Synchronize ACPICA to Intel's version 20190509.
- Fix a probable callout race that could result in stuck processes.
- Increase number of kqueue timers from 4096 to 65536. More apps use them.
- Adjust the blist code to allow more than 2TB of swap to be configured.
- Fix bugs related to the STOP signal that could block threads with locks held.
- Fix a race related to the STOP signal when operating on a multi-threaded program.
- Fix a rare vref() assertion. This typically required extreme loads to reproduce.
- atkbdc - Still attach a PS2 controller even if the FADT says not to.
- All modules now use inlined atomics instead of static function calls.
- Update PCI ids for pciconf output.
- Throw a global lock around udev dictionary ops. Not having them could result in fairly rare corruption (devices aren't added or removing very often), particularly when using the 'vn' device.
- Major cleanup of TSC related code.
- Fix panic in mlock() and munlock().
- Implement the sbrk() system call and remove obsolete brk() support.
- Improve mmap() hinting above RLIMIT_DATA's current value, allowing languages to use it to map data below the 4GB mark if they desire (some languages implement 32-bit interpreters and need this).
- Change how SEM_VALUE_MAX is acquired by userland.
- Change the behavior of MADV_NOSYNC and MAP_NOSYNC for file-backed pages. If the file is no longer memory-mapped the filesystem sync will now flush such pages to the filesystem, avoid a CPU-burning degenerate condition in the pageout and filesystem flush code.
- Rewrite the callout subsystem to utilize a handle and improve debugging. This has been done to improve performance and in particular prevent the callout timer lists from getting corrupted by bugged driver code. This also ensures that the CAM ccb_hdr structure, which is exposed to userland, will no longer be sensitive to changes made to the callout structure.
- Fix info->si_code for waitid(2) support.
- Add support for char and short-sized values.
- Add memcmp() and make bcmp() linux-compatible w/regards to return value.
- Remove vm_map traversal heuristics and the secondary linked list. Just stick with the RB tree.
- Limit kernel spams of swap-full warnings.
- Permanently disable and remove lazy FP register saving for all cases. This fixes a previously known hardware bug on Intel CPUs that we thought was fixed before, but wasn't. Lazy FP switching is no longer supported, period.
- Remove an improper direct user-space access by chroot_kernel() (a privileged system call).
- Change MAP_STACK operation to better match the expectations of third party applications. See commit 4837705ef8e and d6924570fb4. This significantly improves the stability of a number of language ports.
- Isolate more global variables with _readmostly and friends, improving SMP operation.
- Fix bugs in STOP signal handling that could block a thread in the kernel with locks held.
- Refactor nbuf and maxvnodes calculations, generally reducing the limits. Obscene amounts of memory were being unnecessarily devoted to these caches on systems with tons of memory. With BKVABUF, buffers are no longer as expensive as they used to be, and both HAMMER1 and HAMMER2 cache file data and meta-data via the device node (prior to decompression). A large buffer cache would reduce re-decompression but not by much.
- Refactor the scheduler heuristics, with serious testing. This fixes numerous issues which have cropped up due to breaking previous tunings and gets our pgbench results back to normal.
- Improve vmstats synchronization, refactoring vmmeter_neg_slop_cnt to improve SMP performance.
- vkernel - The vkernel uses the TSC by default when possible.
Filesystems
- fuse- Initial support added.
- hammer2 - (see above)
- hammer2 - Refactor the 'info' directive.
- hammer2 - No longer panics if the root inode is corrupt, the mount will fail gracefully instead.
- hammer1 - Fix left-over /var/run/hammer.cleanup lock files.
- tmpfs - Fix cpu inefficiencies related to the syncer.
- autofs - Misc fixes.
- ufs - Expand time_t support to 48-bits to try to head-off the 32-bit time_t overflow issue in older filesystems. In addition, treat the original 32-bit fields as unsigned.
- smbfs - Bring in some string safety and typo fixes.
- nfs - NFS mounts which go bad can now be unmounted.
- nfs - NFS mounts that went bad were not being listed in 'df'. Fixed.
- nfs - Try to ensure a uniform fsid for exports.
Networking
- pf - Improve SMP performance by cpu-localizing most tracking counters.
- wpa_supplicant pkg included in nrelease build for usb install image.
- pkg based wpa_supplicant is preferred over base version.
- Properly bring up/down interface, primarily to support wpa_supplicant.
- Add ifconfig -n ... to disable automatic module loading.
- dhcpcd will now go into the background immediately by default.
- Implement DHCP flag for ipv6_ifconfig_* in rc.conf.
- Rework wlan_down() and other wlan support in network.subr.
- pf - Fix at least one SMP race related to max-src-nodes and max-src-conn tracking.
- dummynet - Only turn on polling while dummynet is operational. That is, when pipes or flows are present.
- Add kern.ipc.soaccess_reuse and set the default to enabled. This feature fixes a long-standing problem with listen sockets when a daemon goes away but pending or active TCP connections are still present. Previously, the presence of this state prevented daemons from being able to re-bind and listen() without SO_REUSEADDR. They would have to wait existing and pending tcp state to timeout/terminate. SO_REUSEADDR should not be required, and linux does not appear to require it. This fixes the issue.
Driver updates
- if_re - Sync with Realtek's 1.95.
- sound - Add quirk for AC256 sound devices.
- evdev - Bring evdev in from FreeBSD.
- iwm - Fix possible null pointer indirection.
- ena - (amazon AWS) - release MSI-X vectors on probe failure.
- ps/2 - Fix a race that could panic the kernel and corrupt the ps/2 packet buffer. There was a bit of code that was still depending on critical sections to interlock the interrupt, which is obviously no longer protective.
- uhci - Fix panic in the uhci attach error path.
- da/cd - Try to quiet repeated DA/CD probes for removable devices such as SD cards and CD/DVD drives.
- ahci - More generous interrupt rate warning limits to reduce livelock warnings that are more abundant now that fast SSDs exist.
- ahci - Add quirk for MCP73 AHCI Controller
- acpi - Reduce the acpi_ec device timeout from 750ms to 100ms after the first failure. This allows laptops to boot in a reasonable amount of time by default (without having to disable the "ec" sub-module).
- psm - Add Elantech touchpad IC type 15 found on Thinkpad L480 laptops
Userland
- Convert many base utilities to use LibreSSL.
- Update 'script', bringing new options and bug fixes in from FreeBSD.
- Remove groff (and nroff, etc) from base.
- Replace the 'man' implementation.
- Sync zoneinfo database to tzdata2019c (from ftp.iana.org).
- Header file adjustments.
- Detect a common mistake of putting a 'sysctl' prefix in /etc/sysctl.conf and don't spew to the console when it happens.
- rtld-elf can now handle late dynamic relocations for 'relro' sections.
- libc - Now uses sbrk() system call.
- The installer now uses /dev/part-by-label to locate the installation media instead of assuming that it is 'da8'.
- Add a sysctl debug.acpi.silent_all to silence annoying repetitive ACPI messages.
- Remove 'cat*' cached manual pages support. There's no need to do this any longer, just generate the manual pages in real-time.
- buildworld and friends now ensure that /usr/local/bin is NOT in $PATH, preventing the mistaken use of incompatible loaders.
- libc - Add aligned_alloc(),
- libc - Add freezero(), recallocarray(), explicit_bzero() from OPENBSD.
- libc - Add the timing_safe*() functions from OpenBSD.
- libc - Add dup3().
- libc - Refactor shm_open() and implement /var/run/shm (more linux-like).
- build- Add readmostly, readfrequently, and exclusivecacheline from FreeBSD.
- login.conf: Don't dump /COPYRIGHT on users' screens when logging in
Boot, Image
- Rework the initrd build logic to simplify matters.
- nrelease - Install security/ca_root_nss explicitly (non-automatic).
- Reduce the size of /usr/local in various ways.
Various tools have been upgraded in the base system:
- xz - Upgrade to 5.2.4.
- libarchive - Import libarchive-3.3.3
- libressl - Update to version 2.9.1 stable.
- openssh - Update to 8.0p1.
- ldns - Update vendor branch to 1.7.0
- libcipher - Removed.
- gcore - Significantly improved.
- makefs - Bring in from FreeBSD to aid in initrd creation.
- ministat - Import from FreeBSD.
- libfetch - Synchronize with FreeBSD
- libedit - Update to version 2019-03-24.
- sysctl - Don't try to update if the current value matches.
- dd - Rework the time interval calculation.
- dd - Generally sync with FreeBSD.
- gpt - Add "-g" to print the gpt GUID info in the 'show' directive.
- systat - Default to not showing pass*, sg*, and md* as previously intended, probe terminal width.
- iostat - Default to not showing pass*, sg*, and md* as previously intended, probe terminal width.
- telnet - Disable use of OPIE
Compiler status
- gcc-8 is our default compiler. gcc5 is no longer built by default. gcc4.7 remains for emergencies.
- gcc-8 - Add support for -save-temps=objects option.
- gcc-4.7 - Add support for -save-temps=objects option.
- libc - Add reallocarray() from OpenBSD to improve application compatibility.
- buildkernel - Generate a less ambiguous label via gitrev.sh.
Package updates
- A full set of new binary packages has been built for 5.6, available through the pkg tool.