Kamora likhoeli tse 11 tsa nts'etsopele, FreeBSD 13.2 e lokollotsoe. Litšoantšo tsa ho kenya li hlahisoa bakeng sa meralo ea amd64, i386, powerpc, powerpc64, powerpc64le, powerpcspe, armv6, armv7, aarch64 le riscv64. Ho feta moo, likopano li lokiselitsoe lits'ebetso tsa virtualization (QCOW2, VHD, VMDK, e tala) le libaka tsa maru Amazon EC2, Google Compute Engine le Vagrant.
Liphetoho tsa bohlokoa:
- Bokhoni ba ho etsa linepe tsa litsamaiso tsa faele tsa UFS le FFS tse nang le ho rengoa ha lifate (lintlafatso tse bonolo) li kentsoe tšebetsong. E boetse e kenyellelitsoe ts'ehetso ea ho boloka bokamorao ba lithōle (ho tsamaisa thotobolo ka folakha ea "-L") ka litaba tsa sistimi ea faele ea UFS e kentsoeng ha koranta e nolofalitsoe. E 'ngoe ea likarolo tse sa fumaneheng ha u sebelisa ho rema lifate ke ts'ebetso ea morao-rao ea ho hlahloba botšepehi ho sebelisa fsck utility.
- Sebopeho sa motheo se kenyelletsa mokhanni oa wg ea sebetsang boemong ba kernel ka ts'ebetsong ea sebopeho sa marang-rang bakeng sa VPN WireGuard. Ho sebelisa li-algorithms tsa li-cryptographic tse hlokoang ke mokhanni, API ea FreeBSD kernel crypto-subsystem e ile ea atolosoa, eo ho ileng ha eketsoa lehare le lumellang tšebeliso ea li-algorithms ho tloha laebraring ea libsodium e sa tšehetsoeng ho FreeBSD ka crypto-API e tloaelehileng. . Nakong ea ts'ebetso ea nts'etsopele, ts'ebetso e ile ea boela ea etsoa ho leka-lekanya ho leka-lekanya ho tlamaha ha mesebetsi ea pakete le ho hlakoloa ho li-CPU cores, tse ileng tsa fokotsa holimo ha ho sebetsa lipakete tsa WireGuard.
Boiteko ba ho qetela ba ho kenyelletsa WireGuard ho FreeBSD bo entsoe ka 2020, empa bo ile ba qetella ka sekhobo, ka lebaka leo khoutu e seng e kentsoe e ile ea tlosoa ka lebaka la boleng bo tlase, mosebetsi o sa tsotelleng o nang le li-buffers, ts'ebeliso ea li-stubs sebakeng sa licheke, ts'ebetsong e sa phethahalang. ea protocol le tlōlo ea laesense ea GPL. Ts'ebetsong e ncha e hlophisitsoe ka kopanelo ke lihlopha tsa mantlha tsa FreeBSD le WireGuard, ka menehelo e tsoang ho Jason A. Donenfeld, mongoli oa VPN WireGuard, le John H. Baldwin, moqapi ea tummeng oa FreeBSD. Tlhahlobo e felletseng ea liphetoho e entsoe ka tšehetso ea FreeBSD Foundation pele khoutu e ncha e amoheloa.
- Ts'ehetso bakeng sa protocol ea puisano ea Netlink (RFC 3549), e sebelisoang Linux ho hlophisa tšebelisano ea kernel le lits'ebetso sebakeng sa basebelisi, e kentsoe tšebetsong. Morero o lekanyelitsoe ho ts'ehetsa lelapa la ts'ebetso la NETLINK_ROUTE bakeng sa ho laola boemo ba tsamaiso ea marang-rang ka har'a kernel, e lumellang FreeBSD ho sebelisa Linux ip utility ho tswa ho sephutheloana sa iproute2 ho laola marang-rang a marang-rang, ho beha liaterese tsa IP, ho lokisa litsela le ho laola nexthop. dintho tse bolokang data ya mmuso e sebedisoang bakeng sa ho fetisetsa pakete moo e batloang.
- Lisebelisoa tsohle tsa sistimi ea 64-bit li na le Address Space Layout Randomization (ASLR) e lumelletsoeng ka ho sa feleng. Ho thibela ASLR ka boikhethelo, u ka sebelisa litaelo "proccontrol -m aslr -s disable" kapa "elfctl -e +noaslr".
- Ho ipfw, litafole tsa radix li sebelisoa ho sheba liaterese tsa MAC, tse u lumellang hore u thehe litafole tse nang le liaterese tsa MAC le ho li sebelisa ho sefa sephethephethe. Mohlala: tafole ea ipfw 1 theha mofuta oa mac ipfw tafole 1 eketsa 11:22:33:44:55:66/48 ipfw eketsa skipto tablearg src-mac 'tafole(1)' ipfw eketsa hana src-mac 'tafole(1, 100 )' ipfw eketsa hana lookup dst-mac 1
- Kernel modules dpdk_lpm4 le dpdk_lpm6 li kenyelitsoe 'me li fumaneha bakeng sa ho laeloa ka loader.conf ka ts'ebetsong ea DIR-24-8 mokhoa oa ho batla algorithm bakeng sa IPv4/IPv6, e leng se u lumellang hore u ntlafatse mesebetsi ea litsela bakeng sa baeti ba nang le litafole tse kholo haholo tsa litsela ( litekong, keketseho ea lebelo ea 25 e bonoa %). Ho lokisa li-module, mokhoa o tloaelehileng oa litsela o ka sebelisoa (khetho ea FIB_ALGO e kenyelelitsoe).
- Ts'ebetso ea sistimi ea faele ea ZFS e ntlafalitsoe ho lokolla OpenZFS 2.1.9. Sengoloa sa ho qala sa zfskeys se fana ka ho kenya linotlolo tse bolokiloeng ho sistimi ea faele ea ZFS. E kentse script zpoolreguid e ncha ea RC ho abela GUID ho zpools e le 'ngoe kapa ho feta (mohlala, e na le thuso bakeng sa tikoloho ea ts'ebeliso ea data e arolelanoeng).
- The Bhyve hypervisor le tšehetso ea module ea vmm e hokelang li-CPU tse fetang 15 ho sistimi ea baeti (e laoloang ka sysctl hw.vmm.maxcpu). The bhyve utility e sebelisa mohlala oa sesebelisoa sa virtio-input, seo ka sona u ka kenyang liketsahalo tsa keyboard le mouse ho sistimi ea baeti.
- KTLS, ts'ebetsong ea protocol ea TLS e sebetsang boemong ba kernel ea FreeBSD, ts'ehetso ea ho potlakisa lisebelisoa tsa TLS 1.3 e ekelitsoe ka ho theola lits'ebetso tse ling tse amanang le ho sebetsana le lipakete tse kenang tse kentsoeng kareteng ea marang-rang. Pejana, tšobotsi e tšoanang e ne e fumaneha bakeng sa TLS 1.1 le TLS 1.2.
- Ho script ea ho qala ea growfs, ha o holisa sistimi ea faele ea motso, hoa khoneha ho eketsa karohano ea phetoho haeba karohano e joalo e ne e le sieo qalong (mohlala, e thusa ha o kenya setšoantšo sa sistimi se lokiselitsoeng kareteng ea SD). Ho laola boholo ba swap, paramethara e ncha growfs_swap_size e kentsoe ho rc.conf.
- Sengoloa sa ho qala sa hostid se netefatsa hore UUID e sa sebetseng e hlahisoa haeba file ea /etc/hostid e le sieo mme UUID e ke ke ea fumanoa ho Hardware. E boetse e kentse faele ea /etc/machine-id e nang le setšoantšo se kopaneng sa ID ea moamoheli (ha ho li-hyphens).
- Mefuta e fapaneng ea defaultrouter_fibN le ipv6_defaultrouter_fibN e kentsoe ho rc.conf, eo ka eona u ka eketsang litsela tsa kamehla ho litafole tsa FIB ntle le tsa mantlha.
- Ts'ehetso ea li-hashes tsa SHA-512/224 e kentsoe laeboraring ea libmd.
- Laeborari ea pthread e fana ka tšehetso bakeng sa semantics ea mesebetsi e sebelisoang Linux.
- Ts'ehetso e ekelitsoeng bakeng sa decoding Linux system call to kdump. Ts'ehetso e ekelitsoeng bakeng sa mokhoa oa Linux oa ho batla mohala ho kdump le sysdecode.
- Sesebelisoa sa killall se na le bokhoni ba ho romella lets'oao lits'ebetsong tse tlamelletsoeng ho terminal e itseng (mohlala, "killall -t pts/1").
- Ts'ebeliso ea nproc e kenyellelitsoe ho bonts'a palo ea li-blocks tse fumanehang ts'ebetsong ea hajoale.
- Ts'ehetso ea ho etsa li-parameter tsa ACS (Access Control Services) e kentsoe ts'ebelisong ea pciconf.
- Litlhophiso tsa SPLIT_KERNEL_DEBUG li kentsoe kernel, e u lumellang hore u boloke tlhaiso-leseling ea ho lokisa li-module tsa kernel le kernel lifaeleng tse arohaneng.
- Linux ABI e batla e phethehile ka ts'ehetso ea mochine oa vDSO (virtual dynamic shared objects), o fanang ka mehala e lekanyelitsoeng ea mehala e fumanehang sebakeng sa mosebelisi ntle le phetoho ea maemo. Linux ABI ho litsamaiso tsa ARM64 e tlisitsoe tumellanong le ts'ebetsong ea meralo ea AMD64.
- Tšehetso ea hardware e ntlafalitsoeng. Ts'ehetso e kenyellelitsoeng ea ts'ebetso ea ts'ebetso (hwpmc) bakeng sa li-CPU tsa Intel Alder Lake. Mokhanni oa iwlwifi oa likarete tsa Intel tse se nang mohala o ntlafalitsoe ka tšehetso bakeng sa lichifi tse ncha le maemo a 802.11ac. E kentse mokhanni oa rtw88 bakeng sa likarete tse se nang mohala tsa Realtek tse nang le sebopeho sa PCI. Bokhoni ba "linuxkpi layer" bo atolositsoe hore bo sebelisoe le bakhanni ba Linux ho FreeBSD.
- Laeborari ea OpenSSL e ntlafalitsoe hore e be mofuta oa 1.1.1t, LLVM/Сlang ho mofuta oa 14.0.5, 'me seva sa SSH le moreki li nchafalitsoe ho OpenSSH 9.2p1 (mofuta o fetileng o sebelisitse OpenSSH 8.8p1). Hape ke liphetolelo tse ntlafalitsoeng bc 6.2.4, expat 2.5.0, file 5.43, less 608, libarchive 3.6.2, sendmail 8.17.1, sqlite 3.40.1, unbound 1.17.1, zlib 1.2.13.
Ho feta moo, ho phatlalalitsoe hore, ho qala ka lekala la FreeBSD 14.0, li-password tsa nako e le 'ngoe OPIE, bakhanni ba ce le cp, bakhanni ba likarete tsa ISA, lisebelisoa tsa mergemaster le minigzip, likarolo tsa ATM ho netgraph (NgATM), ts'ebetso ea morao-rao ea telnetd le VINUM sehlopha sa geom.
Source: opennet.ru