release58
DragonFly BSD 5.8
- Version 5.8.0 released 03 03 2020
- Version 5.8.1 released 05 06 2020
- Version 5.8.2 released 09 23 2020
- Version 5.8.3 released 09 24 2020
DragonFly version 5.8 brings a new dsynth utility for building your own binary dports packages, plus significant support work to speed up that build - up to and including the entire collection. Additional progress has been made on GPU and signal support.
The details of all commits between the 5.6 and 5.8 branches are available in the associated commit messages for 5.8.0rc1, 5.8.0, 5.8.1, 5.8.2, and 5.8.3. Also see /usr/src/UPDATING for specific file changes in PAM.
Big-ticket items
dsynth(1)
written and added to base, making it more convenient for users to build their own binary repos for DPorts(7). dsynth is used to build some or all of the DPorts collection, over 25000 third-party packages. It's also working as an informal performance measure, with many of the changes in this release to speed up DragonFly when building multiple dependent packages.Many ports these days seem to assume a greater degree of signal safety for libc function, particularly for
malloc()
. We have implemented a low-overhead signal masking feature that now allows us to makemalloc*()
and other related functions signal-safe.A ton of bug fixes, stability work, and usability work has gone into this release. Many niggling little annoyances, such as Chrome/Chromium stuttering when system memory is low, have been fixed.
DRM (GPU) support continues to improve slowly but steadily.
Significantly improved paging algorithms reduces or eliminates UI/browser glitches in low-memory situations.
Details
Checksums
MD5 (dfly-x86_64-5.8.3_REL.img) = 1269174524c04b79307476dd36c40265
MD5 (dfly-x86_64-5.8.3_REL.iso) = 4b3041c9626db8a3324e76e867ac1ec4
MD5 (dfly-x86_64-5.8.3_REL.img.bz2) = 690e6cc57d178878cdbc7db32c097c92
MD5 (dfly-x86_64-5.8.3_REL.iso.bz2) = 210e6b26836ab80c9e3105937ab135be
Upgrading
If you have an existing 5.x system and are running a generic kernel, the normal upgrade process, described below, will work.
Change your local /usr/src
to 5.8:
cd /usr/src
git fetch origin
git branch DragonFly_RELEASE_5_8 origin/DragonFly_RELEASE_5_8
git checkout DragonFly_RELEASE_5_8
git pull
And then rebuild: (in /usr/src
)
make buildworld
make buildkernel
make installkernel
make installworld
make upgrade
(reboot your system)
make initrd
make initrd
is optional for systems with unencrypted disks, and has been possible for several releases; it's mentioned here for completeness. Look at the initrd(7) man page for details on what it does.
Don't forget to upgrade your existing packages. 5.8 packages have already been built and are immediately available.
pkg update
pkg upgrade
All other changes since prior release
Security Issues
- Fix two minor kernel stack disclosures and a few minor memory leaks.
- Fix a buffer overflow in libfetch (CVS-2020-7450)
- Fix CVE-2019-18218.
- Fix two environment variable vulnerabilities in the telnet client.
- (5.8.3) CVE-2019-1547 and CVE-2019-18408 fixed.
Kernel
- Scaling adjustments to improve performance on high-core-count machines. VM page lookup shortcuts, reduced contention when opening special devices like
/dev/lpmap
, reduced contention foropen(... O_RDWR)
calls, recoded namecache (mp, ncp) mount point lookup cache. - Significantly reduce SMP contention in low-memory situations.
- Significantly improve page selection in the pageout scan. SMP work over the last few years marginalized the page selection algorithm, causing it to often select pages which were actually active. These changes significantly reduce the selection of such pages in favor of inactive pages. The result is the elimination of stuttering in applications like Chrome when system memory is tight.
- Do not shortcut VM faults of INACTIVE pages, require the long-path to ensure that the pages are moved to the ACTIVE queue first. This prevents premature pageout of heavily cached VM pages such as pages from highly-shared libraries.
- Improve pageout daemon pipe-lining by fixing some of the hysteresis code. Also improve the early-termination checks for the pageout daemon to stop paging more quickly when a large amount of memory is suddenly freed up.
- Fixed a rare
wait*()
deadlock. - The
vm.fault_quick
sysctl now supports a burst count, but the default is still 1. We do not expect significant gains in performance until the APIs can be refactored all the way through to the low-level pmap code. - Offset the stathz timer by 50% of the hz timer and change default frequency to (hz + 1). This is intended to reduce sampling errors that were causing phantom 'interrupt' time accumulation in system statistics.
- Refactor the random number generator in the kernel and also as supplied to userland to use per-CPU state. This gets rid of a significant source of SMP contention under heavy loads. Adjust the RDRAND driver to collect entropy on all CPUs, as well as to chain some of the entropy between CPUs. This ensures that no single CPU can accidentally become deficient.
- Reduce excessive RDRAND harvesting. The RDRAND harvesting rate was too high and causing high-core-count Zen CPUs to burn 2-3% of the system CPU at idle. The harvest size has been reduced to compensate. In addition, some of the entropy is chained between CPUs to ensure that entropy collection on one CPU is not only beneficial to that CPU.
- Fix a USB crash on quick plug/detach/plug/detach sequences.
- Add system call support for
realpath(3)
, allowing the kernel to build the path for us instead of having to cycle tons of *stat() calls. - Add system call support for
getrandom(2)
. We already had a sysctl-based mechanism and a device mechanism. - Fix a bug in the (rare)
lockmgr(9)
cancel path. - Fix 'indefinite wait buffer' live-locks related to encrypted disks. The encrypted I/O path had a low-memory deadlock that could prevent paging to encrypted-swap from happening, resulting in a locked up system.
- Reduce mpipe overhead, improving (primarily) encrypted I/O performance a bit.
- Fix a panic in the control messages processing for IPv6.
- Enable keyboard polling in
shutdown -h
to try to keep the keyboard operational at the 'press any key to reboot' message. - Fix a dangling reference on filesystem FIFO vnodes. This could prevent umount from succeeding indefinitely.
- Merge a
m_pulldown()
bug fix (discussed with multiple BSDs). See c24e3890e671. - Enable busmaster operation on bridges (the BIOS might not).
- Make sure the
%fs
selector is properly loaded in the AP bootstrap. Otherwise the selector may be invalid on certain Zen 2 CPUs. - Change the TCP keepalive options from milliseconds to seconds, making the units the same as Linux, in order to improve ports compatibility.
- Fix a rare pmap placemarker timing race that could cause a process to get stuck in the
pvplw
state. - Implement SMAP/SMEP support.
- Fix
vm.swap_size
reporting and add a new sysctlvm.swap_free
. - Fix a minor kernel memory leak related to the
rt_msg_buffer()
API. - Check for deferred interrupts in more
crit_exit*()
paths, undoing some optimizations made in prior years. The checks are necessary to avoid non-deterministic interrupt response times in certain cases. - Get rid of
udev_t
. - Add sysctl support for
CTLTYPE_BIT32
andCTLTYPE_BIT64
, allowing sysctl to directly control the same flags field with separate sysctl elements. - Add
/dev/lpmap
, a per-thread shared user/kernel page. This page allows userland to implement temporary signal blocking on a per-thread basis without having to make any system calls. - Add support for
pthread_get_name_np()
via a new system call,lwp_getname()
. Reimplementlwp_setname()
via the new/dev/lpmap
feature (i.e. make it work without needing a system call). Also,setproctitle()
now usesupmap->proc_title[]
. - Catch infinite parser recursions in broken ACPI.
- Fix a bug in the
lockf(1)
code that could cause a process to hang indefinitely in "lockfz". - Fix multiple
devfs(5)
bitmap races primarily related to PTY allocation and management. - Jails - Rework sysctl configuration variables. See
jail(8)
for more information. - Jails are now allowed to mount nullfs and tmpfs filesystems.
Filesystems
- HAMMER2
- Fix inode & chain limits in order to avoid kmalloc pool assertions on low-memory machines.
- Significantly improve the flush pipeline and dirty inode count hysteresis. This fixes a long-standing issue where heavy filesystem activity was not making use of available I/O bandwidth due to a number of
tsleep()
stalls in the flusher loop. This also improves frontend-operation vs backend-flush concurrency. - Fix a bug where a small file less than or equal to 512 bytes that is extended above 512 bytes can sometimes lose data in the first 512 bytes (replaced with
0x00
bytes). - Fix an indefinite stall that could occur when I/O errors are encountered.
- Add an emergency operations mode to allow recovery of
ENOSPC
edge cases. This is a mode which allows snapshots to be destroyed by updating inodes in-place, allowing the removal of a files and directories in situations where the normal block-copy-on-write mechanism does not function due to lack of space. See thehammer2(8)
man page for more details. - Fix a number of issues and significantly improve performance by optimizing how HAMMER2 support threads are dispatched.
- TMPFS
- Reduce low-memory thrashing. Normally TMPFS cycles pages through the VM page cache only and avoids flushing them to backing store (swap). In low-memory conditions, TMPFS now cycles dirtied pages through the buffer cache and bypasses the inactive queue upon completion to avoid interfering with memory pressure caused by processes.
- Enable write-clustering, improving paging performance when under memory pressure. Prior to this fix, physical I/O was limited to 16KB chunks.
- Make
tmpfs_move_pages()
more robust to close potential race conditions. Fix a number of other race conditions as well.
- MSDOSFS - Many fixes and improvements, mostly taken from FreeBSD.
- DEVFS - Fixed a missing lock that could result in a panic during heavy duplicate mount/umount activity.
- NFS - Fix a rare NFS deadlock related to
mmap()
's I/O. - NULLFS - Improve mount/umount performance slightly.
- All filesystems now default to microseconds precision instead of seconds precision. The use of nanoseconds is problematic due to
utimes()
's archaic API.
Networking
- Add support for IPv4 /31 prefixes (RFC 3021).
- tap(4) - Improve
SIOCSIFMTU
ioctl handle to support MTU > 1500. - PF - Fix a number of edge cases, but these fixes have not dealt with all reported PF issues.
- Add support for
SIOCSIFINFO_IN6
. - Refactor the
CMSG_ALIGN
mechanic for network control messages to work properly with modern data types. - Return
EHOSTDOWN
under certain situations in the route lookup code. Don't mark cloned route asRTF_REJECT
orRTM_MISS
. Also separate route messages from creation/lookup. - Ensure that
RTM_IFINFO
is sent first when bringing an interface up or down, as route update messages can overflow the route socket. - Add support for
SO_RERROR
.
Graphics
- Generic drm code has been updated to Linux 4.9 with a few backported Linux 4.12 features in order to improve Wayland support
- the drm/i915 driver has been updated to Linux 4.8.17 with a few backported changes from Linux 5.4 (support for newer Skylake, Coffelake, Amber Lake, Whiskey Lake and Comet Lake GPU models).
- the drm/radeon driver has been updated to Linux 4.9.
- Fix some DMAP issues with the way Linux expects
pmap_change_attr()
to work.
Driver updates
- SOUND/HDA - use driver-specific taskqueue instead of per-CPU taskqueue.
- PSM - Fix memory corruption and panic, add Elantech IC type 15 support (e.g., in ThinkPad L480 laptops).
- AHCI - Add a quirk for the MCP73 AHCI controller.
- AHCI - Add a TPS balancing mode for storage devices, enabled by default. This feature brings write TPS down to match read TPS when both are pending. Normally both read and write I/Os get a few private tags, but because write I/O is heavily buffered by the device even a single tag can destroy read performance.
- AHCI - Enforce a 10-second poll of the chipset when idle to try to catch any potential lost interrupts. This is an attempt to work around a 'lost' timeout issue that we sometimes see.
- u4b/uaudio - Fix a NULL pointer indirection panic.
- IWM - Full sync from FreeBSD, adding iwm-9000 and iwm-9260 support.
- SIO - Refactor some of the code.
- AMDSBWD and INTPM - Updated for AMD watchdog, power management on newer chips.
Userland
- Binutils 2.34 added, and 2.25 removed. 2.27 is still the default for now.
- pctrack (
%rip
sampler) - Improved symbol table translation. - Sync
<math.h>
,sincos()
, and other math support from OpenBSD. - Sync
<sys/ttydefaults.h>
from FreeBSD to improve ports compatibility. - Synchronize improvements made to
fsck_msdosfs
from FreeBSD. - Check if the context is invalid in
setcontext()
andswapcontext()
to throw errors earlier in situations where too-small a stack size has been specified. fish(6)
- bug fixes.- Fix
ps(1)
andfstat(1)
when used on kernel cores. vmstat(8)
now pulls 'ncpus' from the kernel core image, when used with a kernel core. Also make the verbose (-v
) option work with (-m
), dumping all memory pools whether they are empty or not.- Adopt a more Linux-friendly
basename()
anddirname()
to improve ports compatibility. - Fix bug in
fparseln()
(taken from NetBSD). - libc/
getaddrinfo()
- Accept numeric servname forAF_INET
/AF_INET6
. Take from FreeBSD. - Update zoneinfo to tzdata2019c.
- Fix an issue when rotating
/var/log/wtmpx
. iostat(8)
- fix column count bug.- libdevstat - Fix a bug in
DS_SELECT_REMOVE
. - libc - Add
sigblockall()
andsigunblockall()
(DragonFly native API), a fast way to mask signals for a short period of time without having to make any system calls. - libc - Make signal safe (primarily for
malloc()
and friends). Numerous ports now assume more expansive signal safety for various libc functions. - libc - Make
strtok()
thread-safe. - libc - Add
TABDLY
,TAB0
, andTAB3
to improve dports support. - libc - Add
__errno_location()
for better ports compatibility, particularly for some languages which need an actual procedure to call rather than a macro for their run-times. - libc - Significant
utmpx
changes, taken from NetBSD and FreeBSD mostly. - Remove
mrouted
and related utilities from the tree. Newer, better versions can be found in dports and ours was getting crufy. - libkvm - Fix mask generation when parsing minidumps. This fixes many of the corrupted dump issues reported.
leave(1)
- Allow up to 99 in the minutes field in + mode. Just like microwaves do.phantasia(6)
- Fix monsters file permissions.du(1)
- Add an option (-t
) to return results based on the file size instead ofst_blkcnt
.- libpthreads - Fix numerous issues.
calendar(1)
- Multiple improvements, mostly taken from FreeBSD and OpenBSD.rcorder(8)
- Importrcorder-visualize.sh
script from FreeBSD- Openresolv upgrade to 3.9.2.
- DHCPCD upgraded to 8.1.3.
Boot, Image
- Sync ACPICA with Intel's version 20200214
- Unbreak the EFI build when
WORLD_LDVER
is overridden. - The installer now chooses a more sane default for the
/build
partition. - EFI - Sync our TianoCore EDK II headers to edk2-stable201911.
- Refactor
malloc_type
in the kernel, which caused an excessive amount of static data in the image. This reduces the image size by 6MB. - Warn when duplicate physical address ranges for free memory are passed in from the BIOS, instead of crashing.
Various tools have been upgraded in the base system:
- The build system is slowly being adapted to allow bootstrap utilities and tools to be compiled on a wide range of operating systems as part of a project to supply a
build.sh
script to be able to build DragonFly BSD on other OSs. This work is not yet complete. - The build system now has a
build-all
andinstall-all
target to conveniently do a full world + kernel build and install in one or two steps as desired. - Multiple cleanups to
kern.pre.mk
andkern.post.mk
. - No longer try to generate embedded newlines in strings, instead use POSIX string concatenation.
- The
nrelease(7)
build now supports abinpkgs
option to allow the use of binary packages, and has received many other fixes and improvements.
Compiler status
- Currently using GCC 8 by default, with GCC 4.7 built but not used as fallback.
Package updates
- A full set of new binary packages has been built for 5.8, available through the
pkg(8)
tool.