DragonFly BSD 6.4 released: hardware support for type-2 hypervisors
DragonFly is an operating system and application environment designed as a continuation of the FreeBSD-4.x family. These operating systems and Linux can be classified as the same category, because they are based on UNIX concepts and application programming interface. DragonFly is a branch of this road of development, it can be said, is a BSD to a different from the FreeBSD-5 series of new directions and the development of the opportunity.
DragonFly 6.4 releases.
Changelog:
Security Issues
- Recommend updating all systems, a locally-exploitable kernel vulnerability was fixed for this release.
Kernel
- Fix execvPe()s environment passing.
- Fix ktrace’s handling of ‘long’ system call return values.
- Fix a sysv semaphore panic related to an exit race.
- Fix a namecache bloating issue related to dead entries that could slow systems down over time.
- Fix several namecache eviction issues which were interfering with nlookup*() operation.
- Fix a namecache issues that evicted too many resolved entries, causing unnecessary re-lookups.
- Critical section count mismatch panics are more verbose.
- Fix multiple issues with vnode recyclement which could result in a long-running system slowing down. Generally speaking, there were leaks in vnode state counts which could prevent vnlru from either running or from finding recycleable vnodes.
- Implement mlockall()’s MCL_CURRENT feature and generally match with linux-like expectations.
- Fix a lock order reversal and deadlock in cache_resolve_mp() which can get hit when concurrent path lookups cross mount boundaries.
- Add the gtaskqueue API from FreeBSD.
- nlookup*() now retries lookups on elements which only undergo modification races, and does not retry lookups on elements which are merely locked for access and then unlocked. Improves performance.
- KERN_PROC – Change behavior for process list retrievals to not include pure kernel threads by default.
- Do not panic if an IP packet with a non-atomic header in the first mbuf makes it to ip*_input().
Filesystems
- hammer2 – Fix run-away kernel memory allocations during bulkfree when operating on deep trees.
- hammer2 – Fix chain allocation tracking counter calculation.
- hammer2 – Fix panic related to USB stick pull of mounted H2 filesystem.
- hammer2 – Report critical bulkfree transitions that are not supposed to happen.
- hammer2 – Fix CHECK FAIL paths that might mangle an inode in-memory.
- hammer2 – Validate that inode number on-media against the inode number being looked up.
- hammer2 – FIX CRITICAL BULKFREE BUG when multiple PFSs are mounted that could corrupt a H2 filesystem.
- hammer2 – FIX ISSUE WHERE DELETED FILES SOMETIMES LINGER UNTIL UNMOUNT, which can leak dead inodes (leave them on the media), slowly filling up the filesystem under certain circumstances.
- hammer2 – Lots of syntax cleanups.
- hammer2 – Properly set the read-only flag for read-only mounts of PFSs.
- hammer2 – Fail the mount if the root volume is not specified.
- hammer2 – Fix a panic related to a PFS not being found on-mount.
- tmpfs – Fix heavily threaded readdir() races against deletions.
- tmpfs – Improve the performance if cookie seeks during directory scans. O(n) to n log n.
- msdosfs – Fix a case where a non-dot lookup returns the current directory during a path lookup.
- msdosfs – Generate an error instead of a panic when inusemap is inconsistent.
- msdosfs – Sanity-check sector count from BPB.
- msdosfs – Fix mounting when the device sector size is larger than 512 bytes.
- msdosfs – Add /dev prefix if necessary when looking up mount device.
- ext2fs – Do a more accurate check for the root inode and for directory entries.
Networking
- ipfw – Fix broken mixed network and host IP specifications in ip tables. The network prefix was improperly inherited from prior entries.
- pf – Fix ‘set skip on’ for interface groups.
- pf – Make “:0” (noalias) also ignore link-local IPV6 addresses.
- IPV6_V6ONLY now silently accepts any value for this socketopt, fixing certain bits of third-party code.
- if_bridge – Fix a broadcast issues that could sometimes cause ARPs to be lost.
- if_bridge – Distinguish between interfaces that are part of the same bonded set to allow explicit priorities to be set for backup interfaces. Round-robin operation may not be desired on all interfaces in the bonding set. See the manual page.
- urtwn – Add support for the Edimax EW-7811Un V2 (N150)
- jail – sysctl net_raw_sockets renamed to allow_raw_sockets.
Graphics
- drm – Retry page fault handler on buffer data in-transit, fixing an Xorg crash on certain monitor connect/disconnect events.
- evdev – Make adjustments for better compatibility with the latest X server code.
More…