ProHoster > Блог > wararka internetka > FreeBSD 14.0 sii deynta

FreeBSD 14.0 sii deynta

Laba sano iyo badh tan iyo markii la daabacay laanta 13.0, FreeBSD 14.0 waa la sii daayay. Sawirada rakibaadda waxaa loo heli karaa amd64, i386, powerpc, powerpc64, powerpc64le, powerpcspe, armv7, aarch64, iyo riscv64 naqshadaha. Intaa waxaa dheer, dhismooyin ayaa loo diyaariyey nidaamyada wax-ku-oolka ah (QCOW2, VHD, VMDK, cayriin) iyo jawiga daruuraha sida Amazon EC2, Google Compute Engine, iyo Vagrant. FreeBSD 14 waxay noqon doontaa laantii ugu dambeysay ee taageerta aaladaha 32-bit. FreeBSD 15 waxay u hayn doontaa taageerada nidaamyada 64-bit oo keliya, laakiin waxay sii haysan doontaa awoodda lagu dhisayo barnaamijyada 32-bit waxayna adeegsan doontaa habka COMPAT_FREEBSD32 si ay ugu socodsiiso 32-bit oo lagu fulin karo deegaan 64-bit ah.

Isbeddellada ugu waaweyn:

  • Turjubaanka amarka caadiga ah ee isticmaala xididku waa /bin/sh.
  • Aaladaha NVME, darawalka nda waxaa si caadi ah loogu isticmaalaa dhammaan aaladaha. Si aad ugu noqoto darawalka nvd ka weyn, isticmaal "hw.nvme.use_nvd=1" dejinta gudaha loader.conf.
  • Utility cusub, "fwget," ayaa lagu daray. Waxay aqoonsataa qalabka u baahan cusboonaysiinta firmware waxayna ku rakibtaa xirmooyinka firmware-ka ee u dhigma. Hadda, kaliya qalabka PCI iyo firmware ee Intel iyo AMD GPUs ayaa la taageerayaa.
  • Waxaa lagu daray utility base64 cusub oo loogu talagalay codaynta iyo dejinta xogta qaab base64
  • Waxaa lagu daray tcpsso utility, kaas oo kuu ogolaanaya inaad dejiso fursadaha godka ee isku xirka TCP ee jira (tusaale, waxaad bedeli kartaa qaybta xakamaynta ciriiriga ama xirmada TCP).
  • Wakiilka gudbinta boostada ee caadiga ah waxaa lagu bedelay dma (DragonFly Mail Agent) halkii aad diri lahayd. Diritaanka ayaa ku hadhay qaybinta saldhiga waxaana lagu cusboonaysiiyay nooca 8.17.1.
  • KTLS, hirgelinta heerka kernel FreeBSD ee borotokoolka TLS, ayaa ku dartay taageerada dardargelinta qalabka TLS 1.3 dhamaadka helitaanka. Dardargelintan waxaa lagu gaaraa in la raro qaar ka mid ah hawlgallada la xidhiidha habaynta baakadaha sirta ah ee kaarka shabakadda.
  • Dardaaranka ".include" ayaa lagu daray faylka qaabeynta jail.conf, taas oo u oggolaanaysa in lagu daro faylal dheeri ah marka la soo gelinayo qaabeynta, iyadoo la ogol yahay waddooyinka khariidadaha. Badbaadada amniga.bsd.see_jail_proc sysctl waa la balaariyay, taasoo u oggolaanaysa isticmaalayaasha aan la oggolayn ee ku jira deegaan xabsi oo gaar ah si ay uga hortagaan joojinta khasabka ah, isbeddellada mudnaanta leh, iyo khaladka habsocodka.
  • Barnaamijyada pw iyo bsdinstall waxay hadda ku abuuraan isticmaalayaasha buugga "/ guriga" si caadi ah, halkii ay ka ahaan lahaayeen "/ usr/home." Xiriirinta astaanta u ah "/guriga" ee tilmaamaya "/usr/home" lama abuurin.
  • Goobta PROFILE ee dhismaha si caadi ah ayaa loo curyaamiyay - noocyada qaabaysan ee maktabadaha nidaamka lama bixiyo; Aaladaha sifaafinta hardware (hwpmc) waa in la isticmaalaa badalkeeda.
  • Abuuritaanka faylalka la fulin karo ee 64-bit qaab-dhismeedyada PIE (Position Independent Executable)
  • Hypervisor-ka Bhyve hadda waxa uu taageeraa u gudbinta TPM (Trusted Platform Module) iyo GPU (oo loo geliyo bey'adaha farsamada ee AMD iyo chips-ka Intel).
  • Hirgelinta nidaamka faylka ZFS ayaa loo cusboonaysiiyay OpenZFS 2.2. Taageerada nidaamka faylka ZFS ayaa lagu daray utility makefs. Awoodda lagu abuurayo barkadda ZFS ee la xidhiidha hal disk-ka-muuqaal ah (vdev) ayaa la soo bandhigay.
  • Tirada kombuyuutarrada CPU ee la taageeray (parameter MAXCPU) ee nidaamyada ku salaysan amd64 iyo arm64 qaab dhismeedka ayaa laga kordhiyey 256 ilaa 1024.
  • Gudaha UFS, qaabaynta leh joornaalid (cusbooneysiin jilicsan) ayaa karti u yeeshay hadda hubinta nidaamka faylka asalka ah iyadoo la adeegsanayo sawir-qaadista UFS. Jeegaga xashiishka dheeraadka ah ayaa lagu daray xannibaadyada waaweyn, khariidadaha kooxda dhululubada, iyo inodes si loo ogaado musuqmaasuqa.
  • Waxaa lagu daray nidaamka faylalka tarfs-ka, kaas oo loo isticmaali karo kaydadka daamurka oo lagu cadaadiyo zstd.
  • Waxaa lagu daray qalabka boottrace si loola socdo dhacdooyinka dhacay intii lagu jiray bootinta nidaamka iyo xiritaanka.
  • Halbeegga qaabeynta kernel-ka FIRECRACKER ayaa lagu daray si loo hubiyo in FreeBSD ay ku shaqeyso nidaamka wax-qabadka ee Firecracker, oo loogu talagalay in lagu socodsiiyo mashiinnada farsamada gacanta oo leh wax ka sarreeya. Waqtiga bootinta kernel ee FreeBSD 14 ee hoos yimaada Firecracker ayaa la dhimay ilaa 25 millise seconds, taas oo u oggolaanaysa bey'ada FreeBSD in la bilaabo sida loogu baahan yahay kaabayaasha xisaabinta server-la'aanta.
  • Soodejiyaha, oo ku qoran luqadda Lua, wuxuu fuliyaa taageerada fulinta faylalka lua ee ku yaal tusaha loader_conf_files ee jawiga sanduuqa gaarka ah.
  • Taageerada NFS waa la ballaariyay. Xulasho cusub oo "syskrb5" ah ayaa lagu daray taageerada Kerberos ee NFSv 4.1/4.2, iyo taageerada hawlgalka ExchangeID waa la hirgeliyay. Kartida lagu socodsiiyo nfsd, nfsuserd, mounted, gssd, iyo rpc.tlsservd ee deegaanka shabakada vnet ee go'doon ayaa la hirgaliyay.
  • Qoraalka growfs wuxuu fuliyaa awooda lagu meeleeyo qaybta isdhaafsiga dhamaadka aagga fidinta ee saxanka.
  • Waxaa lagu daray daryeel bixiye cusub oo DTrace kinst ah (dtrace_kinst), kaas oo u oggolaanaya baafinta dhismayaasha kernel-ka.
  • Taageerada XChaCha20-Poly1035 AEAD encryption algorithm ayaa lagu daray kernel crypto subsystem, iyo API ah isticmaalka curve25519 elliptic curve (WireGuard) ayaa lagu daray.
  • Wakhtiga dib u kicinta waa la dhimay Qiyaasta kern.reboot_wait_time sysctl ayaa lagu daray, taasoo kuu ogolaanaysa inaad bedesho daahitaanka ka hor inta aan la bilaabin ka dib marka dhammaan fariimaha ogaanshaha lagu soo saaro console-ka. Sida caadiga ah, daahitaan waa laga saaray
  • Nidaam hoosaadka timerfd ayaa lagu daray kernel-ka, taasoo fududaynaysa soo-dejinta barnaamijyada Linux.
  • Waxaa lagu daray sysctl machdep.mitigations.zenbleed.awood u leh inay xannibaan dayacanka Zenbleed ee soo-saareyaasha AMD Zen2.
  • Taageerada Wi-Fi 6 ayaa lagu daray wpa_supplicant iyo hostapd. Darawalka iwlwifi hadda waxa uu taageeraa chips-yada Intel ee taageera Wi-Fi 6E AX411/AX211/AX210.
  • Kernel-ka nidaamka amd64 wuxuu hadda taageeraa Aaladaha AddressSanitizer iyo MemorySanitizer ee mashruuca LLVM.
  • Qoraallada rc.d, isticmaalka habka xaaladda waa la oggol yahay xitaa haddii qoraalku aanu qeexin magaca procname iyo faylka PID.
  • Heerka wareejinta xogta dekeda taxan ee caadiga ah ee kernel-ka, bootloaders, iyo goobta adeegsadaha ayaa laga kordhiyey 9600 ilaa 115200 bps. Cod dhawaaqa caadiga ah ayaa hadda loo dejiyay 800 Hz. La-qabsiga devd ayaa loo hirgeliyay soo saarista dhawaaqa dhawaaqa iyadoo la adeegsanayo kaadhka codka. Koonsole-ka vt-ga, dhawaaqa dhawaaqa si caadi ah ayaa u naafo ah (si aad awood ugu yeelatid, socodsii amarrada "sysctl kern.vt.enable_bell=1" iyo "kbdcontrol -b normal").
  • Taageerada la wanaajiyay ee NXP DPAA2 (Data Data Acceleration Architecture Gen2) qaab dhismeedka dardargelinta qalabka.
  • Dareewalka igc ee loogu talagalay kontaroolayaasha Intel I225 Ethernet, oo taageeraya xawaaraha 2.5 Gbps.
  • Sida caadiga ah, goobta net.inet.tcp.nolocaltimewait waa la dajiyay, kaas oo curyaaminaya abuurista diiwaanada wakhtiga sugitaanka ee xidhiidhada TCP ee laga joojiyay dhinaca nidaamka deegaanka.
  • Taageerada borotokoolka isgaarsiinta Netlink (RFC 3549), ee loo isticmaalo Linux si loogu wada xiriiro kernel-ka iyo hababka meel-isticmaalka, ayaa la balaariyay oo la awooday si toos ah. Dhowr adeeg oo shabakadeed ayaa loo haajiray si ay u isticmaalaan Netlink.
  • Filterka xirmada pf wuxuu bixiyaa waafaqid habdhaqanka caadiga ah ee xirmada nooca OpenBSD pf. pfsync hadda waxay taageertaa gaadiidka Iv6. Habka xirmada pfsync waa la fidiyay si loo taageero safafka, xirmada caadiga ah, iyo dariiqa loo maro sharciyada.
  • Waxaa lagu daray is-dhexgalka shabakadda if_stf (IPv6 oo ka sarreeya IPv4) Taageerada IPv6 Hawlgal Degdeg ah (RFC 5969). Qaabka IPv6 nodeinfo (RFC 4620) waa la damiyay si caadi ah.
  • Qiyaasta net.inet.tcp.nolocaltimewait sysctl ayaa si toos ah loo dajiyay, taasoo curyaamisay abuurista galitaanka gobolka timesuit ee isku xirka TCP ee gudaha laga joojiyay.
  • Sida caadiga ah, TCP waxay isticmaashaa habka xakamaynta ciriiriga shabakada CUBIC halkii ay ka isticmaali lahayd NewReno, taas oo u oggolaanaysa isticmaalka ballaaran ee la heli karo.
  • Gudaha IPV4, u dirida xirmooyinka baahinta ciwaanka eber-ka hoose waa naafo ilaa ciwaankaas si cad loogu dhawaaqo inuu yahay ciwaanka baahinta. Isbeddelkan wuxuu u oggolaanayaa martigeliyayaasha inay isticmaalaan cinwaannada ku dhammaanaya ".0."
  • Dejinta OpenSSH waa la bedelay: scp hadda waxay isticmaashaa SFTP halkii ay ka isticmaali lahaayeen scp/rcp sida caadiga ah, RSA/SHA-1 taageerada saxeexa waa naafo, VerifyHostKeyDNS iyo X11Xubinta u gudbinta ayaa loo dejiyay "maya", dardaaranka VersionAddendum waa laga saaray, taageerada habaynta HPN waa laga saaray.
  • Adeegga taariikhda waa la cusboonaysiiyay si loogu daro ikhtiyaarka "-z" ee beddelka aagga wakhtiga.
  • Utility diff hadda wuxuu leeyahay ikhtiyaar "--color" si loo arko isbeddellada midabka.
  • Utility hurdada hadda waxay taageertaa halbeegyada cabbirka aan ka ahayn ilbiriqsiyo (tusaale, waxaad qeexi kartaa "hurdo 1h 30m").
  • Qalabka madaxa iyo dabada hadda waxay taageeraan xulashooyinka "-q" iyo "-h", oo hadda waxay taageeraan qeexida qiyamka SI-dabayaal. Tirada ugu badan ee xariiqyada madaxa waa laga saaray (2^31).
  • Utility systat wuxuu hadda leeyahay amar "iolat" si uu u muujiyo macluumaadka daahitaanka I/O ee uu xisaabiyay jadwalka CAM.
  • Maktabaddii libcursesw waxa loo kala qaybiyay laba maktabadood, libtinfow iyo libcursesw. Taageerada isticmaalka xogta terminfo ee ncurses, ma aha oo kaliya termin, ayaa lagu daray.
  • Qaab dhismeedka aarch64 (arm64), ikhtiyaarka dhismaha COMPAT_LIB32 waa la hirgeliyay oo karti loo siiyay si caadi ah, iyadoo la hubinayo isu imaatinka maktabadaha 32-bit ee nidaamyada ARM64, taasoo u oggolaanaysa fulinta faylalka la fulin karo ee loo dhisay madal armv7.
  • Taageerada daruuraha waa la hagaajiyay. Dhisidda tijaabada ah ee nidaamka xididka ZFS iyo Cloud-init ayaa lagu daray AWS EC2. Sawirada dhismaha arm64 iyo amd64 ayaa hadda diyaar u ah Azure, oo leh doorashada UFS ama ZFS. Darawalka Google Virtual NIC (gve) kaadhka shabakada farsamada ayaa lagu daray.
  • Nidaamka ACPI waa la cusboonaysiiyay si uu u taageero marinka _CR3, kaas oo kuu ogolaanaya inaad dejiso heerkulka nidaamka lagu ridi doono qaabka hurdada (S3).
  • Codsiyada qolo saddexaad ee soo socota iyo maktabadaha ku jira nidaamka aasaasiga ah waa la cusboonaysiiyay: OpenSSH 9.5p1, OpenSSL 3.0.12 (horay laanta 1.1.1 ayaa la isticmaali jiray), awk 2021072, bc 6.6.0, libbsdxml 2.4.7, libfido.3mp, 1.9.9 libpcap 1.10.4, xz 5.4.3, zlib 1.3, zstd 1.5.2. Hirgelinta utility objdump waxaa lagu bedelay lvm-objump. Isku-duwaha Clang ayaa loo cusboonaysiiyay laanta 16.
  • Nidaamyada duugoobay ayaa la nadiifiyay:
    • Taageerada ereyada sirta ah ee OPIE ee hal mar ah ayaa laga saaray nidaamka saldhigga (dekedda amniga / opie ayaa lagu rakibi karaa si dib loogu bilaabo isticmaalka).
    • Darawallada kaadhadhka dhawaaqa leh ee leh interface ISA waa la saaray.
    • fmtree iyo minigzip utility waa la saaray
    • Qaybaha ATM-ka ee laga saaray netgraph (NgATM).
    • Habka telnetd-ka asalka ah ee meesha laga saaray (dekedda net/freebsd-telnetd waa la isticmaali karaa).
    • Laga saaray fasalka VINUM ee joom.
    • Dareewalada duugoobay ee meesha laga saaray amr, iscsi_initiator, iir, mn, mly, nlmrsa iyo twa.
    • Halbeegga VESA ayaa laga saaray kernel GUUD iyo UGU YAR.
    • Taageerada hawlgallada cryptographic asymmetric-ga ayaa laga saaray qaab-dhismeedka cryptographic-heer-kernel OCF (Furran Framework).
    • Utility mergemaster waa la gooyay oo iwm waa in la isticmaalo beddelkeeda.
    • Utility portsnap waa laga saaray (si loo soo saaro dekedaha, isticmaal "git clone https://git.FreeBSD.org/ports.git/usr/ports").
    • Jiilka shirarka dhismaha armv6 waa la joojiyay.
    • Taageerada dhismaha MIPS waa la saaray.

Source: opennet.ru

Add a comment