Subject: Announcing NetBSD 4.0
To: None <netbsd-announce@NetBSD.org>
From: Geert Hendrickx <ghen@NetBSD.org>
Date: 12/19/2007 14:57:51
Content-Type: text/plain; charset=iso-8859-1
Announcing NetBSD 4.0
The NetBSD Project is pleased to announce that release 4.0 of the
NetBSD operating system is now available. NetBSD is a free, secure,
and highly portable Unix-like Open Source operating system available
for many platforms, from 64-bit Opteron machines and desktop systems
to handheld and embedded devices. Its clean design and advanced
features make it excellent in both production and research
environments, and it is user-supported with complete source. Many
applications are easily available through pkgsrc, the NetBSD Packages
Major achievements in NetBSD 4.0 include support for version 3 of the
Xen virtual machine monitor, Bluetooth, many new device drivers and
embedded platforms based on ARM, PowerPC and MIPS CPUs. New network
services include iSCSI target (server) code and an implementation of
the Common Address Redundancy Protocol. Also, system security was
further enhanced with restrictions of mprotect(2) to enforce W^X
policies, the Kernel Authorization framework, and improvements of the
Veriexec file integrity subsystem, which can be used to harden the
system against trojan horses and virus attacks. Please read below for
a list of changes in NetBSD 4.0.
NetBSD 4.0 runs on 54 different system architectures featuring 17
machine architectures across 17 distinct CPU families, and is being
ported to more. The NetBSD 4.0 release contains complete binary
releases for 51 different machine types, with the platforms amigappc,
bebox and ews4800mips released in source form only. Complete source
and binaries for NetBSD 4.0 are available for download at many sites
around the world. A list of download sites providing FTP, AnonCVS,
SUP, and other services is provided at the end of this announcement;
the latest list of available download sites may also be found at
http://www.NetBSD.org/mirrors/. We encourage users who wish to install
via a CD-ROM ISO image to download via BitTorrent by using the torrent
files supplied in the ISO image area. A list of hashes for the NetBSD
4.0 distribution has been signed with the well-connected PGP key for
the NetBSD Security Officer:
NetBSD is free. All of the code is under non-restrictive licenses, and
may be used without paying royalties to anyone. Free support services
are available via our mailing lists and website. Commercial support is
available from a variety of sources; some are listed at
http://www.NetBSD.org/gallery/consultants.html. More extensive
information on NetBSD is available from our website:
NetBSD 4.0 is dedicated to the memory of Jun-Ichiro "itojun" Hagino,
who died in October 2007. Itojun was a member of the KAME project,
which provided IPv6 and IPsec support; he was also a member of the
NetBSD core team (the technical management for the project), and one
of the Security Officers. Due to Itojun's efforts, NetBSD was the
first open source operating system with a production ready IPv6
networking stack, which was included in the base system before many
people knew what IPv6 was. We are grateful to have known and worked
with Itojun, and we know that he will be missed. This release is
therefore dedicated, with thanks, to his memory.
We would like to remind everyone that the Fundraising Campaign 2007 is
still underway, but it will soon be over with the end of the year.
With this release, we would like to call all NetBSD users to send a
Christmas present to the project. You can help us to improve NetBSD
even more - donate!
System families supported by NetBSD 4.0
The NetBSD 4.0 release provides supported binary distributions for the
NetBSD/acorn26 Acorn Archimedes, A-series and R-series systems
NetBSD/acorn32 Acorn RiscPC/A7000, VLSI RC7500
NetBSD/algor Algorithmics, Ltd. MIPS evaluation boards
NetBSD/alpha Digital/Compaq Alpha (64-bit)
NetBSD/amd64 AMD family processors like Opteron, Athlon64, and Intel
CPUs with EM64T extension
NetBSD/amiga Commodore Amiga and MacroSystem DraCo
NetBSD/arc MIPS-based machines following the Advanced RISC Computi=
NetBSD/atari Atari TT030, Falcon, Hades
NetBSD/cats Chalice Technology's CATS and Intel's EBSA-285 evaluati=
NetBSD/cesfic CES FIC8234 VME processor board
NetBSD/cobalt Cobalt Networks' MIPS-based Microservers
NetBSD/dreamcast Sega Dreamcast game console
NetBSD/evbarm Various ARM-based evaluation boards and appliances
NetBSD/evbmips Various MIPS-based evaluation boards and appliances
NetBSD/evbppc Various PowerPC-based evaluation boards and appliances
NetBSD/evbsh3 Various Hitachi Super-H SH3 and SH4-based evaluation
boards and appliances
NetBSD/hp300 Hewlett-Packard 9000/300 and 400 series
NetBSD/hp700 Hewlett-Packard 9000 Series 700 workstations
NetBSD/hpcarm StrongARM based Windows CE PDA machines
NetBSD/hpcmips MIPS-based Windows CE PDA machines
NetBSD/hpcsh Hitachi Super-H based Windows CE PDA machines
NetBSD/i386 IBM PCs and PC clones with i386-family processors and up
NetBSD/ibmnws IBM Network Station 1000
NetBSD/iyonix Castle Technology's Iyonix ARM based PCs
NetBSD/landisk SH4 processor based NAS appliances
NetBSD/luna68k OMRON Tateisi Electric's LUNA series
NetBSD/mac68k Apple Macintosh with Motorola 68k CPU
NetBSD/macppc Apple PowerPC-based Macintosh and clones
NetBSD/mipsco MIPS Computer Systems Inc. family of workstations and
NetBSD/mmeye Brains mmEye multimedia server
NetBSD/mvme68k Motorola MVME 68k Single Board Computers
NetBSD/mvmeppc Motorola PowerPC VME Single Board Computers
NetBSD/netwinder StrongARM based NetWinder machines
NetBSD/news68k Sony's 68k-based "NET WORK STATION" series
NetBSD/newsmips Sony's MIPS-based "NET WORK STATION" series
NetBSD/next68k NeXT 68k "black" hardware
NetBSD/ofppc OpenFirmware PowerPC machines
NetBSD/pmax Digital MIPS-based DECstations and DECsystems
NetBSD/pmppc Artesyn's PM/PPC board
NetBSD/prep PReP (PowerPC Reference Platform) and CHRP machines
NetBSD/sandpoint Motorola Sandpoint reference platform
NetBSD/sbmips Broadcom SiByte evaluation boards
NetBSD/sgimips Silicon Graphics' MIPS-based workstations
NetBSD/shark Digital DNARD ("shark")
NetBSD/sparc Sun SPARC (32-bit) and UltraSPARC (in 32-bit mode)
NetBSD/sparc64 Sun UltraSPARC (in native 64-bit mode)
NetBSD/sun2 Sun Microsystems Sun 2 machines with Motorola 68010 CPU
NetBSD/sun3 Motorola 68020 and 030 based Sun 3 and 3x machines
NetBSD/vax Digital VAX
NetBSD/x68k Sharp X680x0 series
NetBSD/xen The Xen virtual machine monitor
Ports available in source form only for this release include the
NetBSD/amigappc PowerPC-based Amiga boards
NetBSD/bebox Be Inc's BeBox
NetBSD/ews4800mips NEC's MIPS-based EWS4800 workstation
Major Changes Between 3.0 and 4.0
The complete list of changes can be found in the CHANGES and
CHANGES-4.0 files in the top level directory of the NetBSD 4.0 release
tree. Some highlights include:
* agr(4): new pseudo-device driver for link level aggregation.
* IPv6 support was extended with an RFC 3542-compliant API and added
for gre(4) tunnels and the tun(4) device.
* An NDIS-wrapper was added to use Windows binary drivers on the
i386 platform, see ndiscvt(8).
* The IPv4 source-address selection policy can be set from a number
of algorithms. See "IPSRCSEL" in options(4) and in_getifa(9).
* Imported wpa_supplicant(8) and wpa_cli(8). Utilities to connect
and handle aspects of 802.11 WPA networks.
* Imported hostapd(8). An authenticator for IEEE 802.11 networks.
* carp(4): imported Common Address Redundancy Protocol to allow
multiple hosts to share a set of IP addresses for high
availability / redundancy, from OpenBSD.
* ALTQ support for the PF packet filter.
* etherip(4): new EtherIP tunneling device. It's able to tunnel
Ethernet traffic over IPv4 and IPv6 using the EtherIP protocol
specified in RFC 3378.
* ftpd(8) can now run in standalone mode, instead of from inetd(8).
* tftp(1) now has support for multicast TFTP operation in open-loop
mode, server is in progress.
* tcp(4): added support for RFC 3465 Appropriate Byte Counting (ABC)
and Explicit Congestion Notification as defined in RFC 3168.
* scan_ffs(8), scan_lfs(8): utilities to find FFSv1/v2 and LFS
partitions to recover lost disklabels on disks and image files.
* tmpfs: added a new memory-based file system aimed at replacing
mfs. Contrary to mfs, it is not based on a disk file system, so it
is more efficient both in overall memory consumption and speed.
* Added UDF support for optical media and block devices, see
mount_udf(8). Read-only for now.
* NFS export list handling was changed to be filesystem independent.
* LFS: lots of stability improvements and new cleaner daemon. It is
now also possible to use LFS as root filesystem.
* vnd(4): the vnode disk driver can be used on filesystems such as
smbfs and tmpfs.
* Support for System V Boot File System was added, see
newfs_sysvbfs(8) and mount_sysvbfs(8).
+ Support for new models on drivers such as Intel ICH8/6300ESB,
NVIDIA nForce 3/4, etc.
+ Added support for AC'97 modems.
+ auich(4): added support to handle the AC'97 modem as audio
device, enabled with the kernel option "AUICH_ATTACH_MODEM".
+ azalia(4): added support for S/PDIF.
* Hardware Monitors:
+ amdpm(4): added support for the i2c bus on the AMD-8111 used
on many Opteron motherboards and for the Analog Devices
ADT7464 hardware monitor chip.
+ adt7467c(4): new driver for Analog Devices ADT7467 and
ADM1030 hardware monitor chips.
+ ipmi(4): new driver for motherboards implementing the
Intelligent Platform Management Interface 1.5 or 2.0, from
+ it(4): new driver for iTE 8705F/8712F and SiS 950 hardware
+ The lm(4) driver was rewritten and support for more chips was
added, for example for Winbond W83627HF, W83627THF, W83627DHG
and Asus AS99127F.
+ owtemp(4): new driver for the 1-Wire temperature sensors.
+ tmp121temp(4): new driver for the Texas Instruments TMP121
+ ug(4): new driver for Abit uGuru hardware monitor found on
newer Abit motherboards.
+ geodewdog(4): new AMD Geode SC1100 Watchdog Timer driver.
+ gscpcib(4): new AMD Geode SC1100 PCI-ISA bridge that provides
support for the GPIO interface.
+ ath(4): updated HALs with support for WiSOC (AR531x) and
+ bge(4): added support for the following chips: BCM5753,
BCM5753M, BCM5715, BCM5754, BCM5755 and BCM5787. Numerous
improvements and bugfixes were made too.
+ kse(4): new driver for Micrel KSZ8842/8841 PCI network cards.
+ msk(4): new driver for Marvell Yukon 2 GigE PCI network
cards, from OpenBSD.
+ nfe(4): new driver for NVIDIA nForce Ethernet network cards,
+ ral(4): new 802.11 driver for PCI/Cardbus Ralink RT2500,
RT2501, RT2600, RT2661 and RT2500 USB chipsets, from OpenBSD.
+ rum(4): new 802.11 driver for USB Ralink RT2501 and RT2601
chipsets, from OpenBSD.
+ sip(4): now works on sparc64.
+ tlp(4): added support for ASIX AX88140A and AX88141.
+ vr(4): added support for the VIA Rhine III.
+ wm(4): added support for i8003, ICH8, ICH9 and others.
Support for IPv6 Rx TCP/UDP Checksum Offloading and more.
+ wpi(4): new driver for Intel PRO/Wireless 3945ABG PCI 802.11
network cards, from OpenBSD.
+ glxsb(4): new driver for the AMD Geode LX AES Security Block
that provides random numbers and AES acceleration, from
* Power Management:
+ Support for Intel Speedstep SMI on PIIX4 PCI-ISA for i386.
+ Support for AMD PowerNow and Cool'n'Quiet Technology on K7
and K8 CPUs (both in 32 and 64 bit mode), including Athlon
Mobile, Athlon64, Opteron or X2. See options(4) for more
+ Support for more Enhanced Speedstep CPUs, including VIA
C7/Eden and Intel Core Solo/Duo/Duo2. See options(4) for more
+ The Enhanced Speedstep and PowerNow drivers were modified to
be able to be scaled in all CPUs available, saving power on
+ ahcisata(4): new driver for AHCI 1.0 and 1.1 compliant SATA
+ ataraid(4): added support to handle Adaptec HostRAID and VIA
V-Tech software RAID.
+ ciss(4): new driver for HP/Compaq 5th+ generation Smart ARRAY
controllers, from OpenBSD.
+ fdc(4): added support for SBus based sparc64 machines and
fixed formatting on sparc.
+ gcscide(4): new driver for the AMD Geode CS5535 Companion
Device IDE controller.
+ jmide(4): new driver for JMicron Technology JMB36x PCIe to
SATA II/PATA controllers.
+ mfi(4): new driver for LSI Logic and Dell MegaRAID SAS
controllers, from OpenBSD.
+ mpt(4): added support for newer SAS and similar devices.
+ njata(4): new driver for Workbit NinjaATA-32 CardBus IDE
+ pdcsata(4): added support for the Promise PDC20775, PDC20771,
PDC40518, PDC40718 and some bugfixes.
+ piixide(4): added support for some ICH8/ICH8-M/ICH9 IDE and
+ svwsata(4): new driver for Serverworks K2 SATA controllers,
+ viaide(4) added support for the VIA VT8237A SATA controller
and AMD CS5536 Companion Device IDE Controller.
+ ucycom(4): new driver for Cypress microcontroller based
+ uipaq(4): new driver for the iPAQ devices.
+ uslsa(4): new driver for Silicon Labs CP210x series serial
+ utoppy(4): new driver for the Topfield TF5000PVR range of
digital video recorders.
+ Added support for the for Multiboot specification. This means
much improved support for loading the kernel by GRUB,
including passing in parameters to the kernel.
+ Added the unichromefb framebuffer driver that supports the
VIA Unichrome Graphics adapter.
+ vesafb(4): added new framebuffer driver that supports VESA
BIOS (VBE) 2.0 extensions and up.
+ Added ability to boot from the cd9660 file system to the BIOS
bootloader. This adds the ability to load much bigger kernels
and the option of selecting different kernels at boot time.
* evbarm: new platform support for Arcom Viper PXA255-based single
board, Atmark Techno Armadillo-9 and Armadillo-210, Certance
CP-3100, Linksys NSLU2 (a.k.a. "Slug") and I-O DATA HDL-G Giga
LANDISK NAS devices.
* evbmips: added support for Alchemy Au1550 processors, DBAu1550
boards, Alchemy Au15XX PCI host, (OMS-AL400/128) and Atheros
* New port ews4800mips: NEC's MIPS based EWS4800 workstations.
* cobalt: added support for booting off raidframe RAID1 mirrors.
* hpcmips: added the teliosio(4) driver for the Sharp Telios LCD
screen and Battery unit.
* New port landisk: port to the SH4 processor based NAS appliances,
supporting models by I-O DATA (USL-5P, HDL-U, HDL-AV, HDL-W and
HDLM-U series, SuperTank LAN Tank, UHDL-160U and UHDL-300U) and
Plextor PX-EH16L, PX-EH25L and PX-EH40L.
* macppc: this port has gained support to use accelerated wsdisplay
drivers by default (if possible), and uses the appropriate driver
rather than the Generic Open Firmware Framebuffer.
* prep: this port has been modernized, and support for five
additional machines has been added, among them the IBM 7024-E20
and 7025-F30 models and Motorola Powerstack E1. Additionally,
sysinst support was added, and the bootloader process was
improved, allowing easy installation and upgrade to future
* sparc: added support for booting off raidframe RAID1 mirrors.
* Xen: support for Xen3 domU and dom0 (Unprivileged domain and
domain 0), including support for hardware virtualization on CPUs
that support it.
* Improved Firewire (IEEE1394) support imported from FreeBSD.
* The midi(4) framework got a complete overhaul for better support
of Active Sensing and improved handling of tempo and timebase
* Added a Bluetooth protocol stack including:
+ hardware drivers: ubt(4) for USB controllers, and bt3c(4) for
the 3Com Bluetooth PC-Card.
+ socket based access to the HCI, L2CAP, RFCOMM and SCO
+ pseudo drivers for integrating services on remote Bluetooth
devices such as Keyboards, Mice and SCO Audio into the NetBSD
See bluetooth(4), bthset(1) and btpin(1).
* Imported the bio(4) framework from OpenBSD, to query/control block
hardware RAID device controllers. Currently supporting the mfi(4)
* Kernel uses stateful read-ahead algorithm.
* dkctl(8) can be used to switch buffer queuing strategies on the
fly on wd(4) disks, see also bufq(9).
* fileassoc(9) is used by Veriexec, it adds in-kernel and
file-system independent file meta-data association interface.
* firmload(9): an API for loading firmware images used by various
* gpio(4): imported General Purpose I/O framework from OpenBSD.
* onewire(4): imported Dallas Semiconductor 1-wire bus framework
* The proplib(3) protocol was added for sending property lists
to/from the kernel using ioctls.
* spi(4): new SPI (Serial Peripherial Interface) framework.
* timecounter(9) adds a new time-keeping infrastructure along with
NTP API 4 nanokernel implementation. Almost all platforms were
changed to support this API.
* Start of 32bit-Linux-emulation for amd64 (COMPAT_LINUX32).
* wscons(4) console driver supports splash screens, scrolling,
progress bar for kernel and boot messages.
Kernel interfaces have continued to be refined, and more subsystems
and device drivers are shared among the different ports. You can look
for this trend to continue.
* The FAST_IPSEC IPsec implementation was extended to use hardware
acceleration for IPv6, in addition to the hardware accelerated
IPv4 that was available before. See fast_ipsec(4) for more
* mprotect(2) got restrictions to enforce W^X policies, from PaX.
See options(4), sysctl(3), and paxctl(1).
* GCC 4's support for stack smashing protection (SSP) was enabled by
adding libssp, see security(8).
* The kernel authorization framework kauth(9) was added, replacing
the traditional BSD credential management and privileged operation
access control with an abstract layer, allowing the implementation
of various security models either as part of the NetBSD
distribution or as third-party LKMs.
NetBSD's kernel authorization is a hybrid clean-room
implementation of a similar interface developed by Apple,
extending its capabilities and combining concepts of credential
* 3rd party software updates:
+ BIND 9.4.1-P1
+ OpenSSL 0.9.8e
+ CVS 1.11.22
+ OpenSSH 4.4
+ gettext 0.14.4
+ PF from OpenBSD 3.7
+ (n)awk 20050424
+ Postfix 2.4.5
+ am-utils 6.1.3
+ file 4.21
+ zlib 1.2.3
+ GNU binutils 2.16.1
+ GNU groff 1.19.2
+ IPFilter 4.1.23
+ GNU gcc 4.1.2 prerelease
+ GNU gdb 6.5 (some architectures)
+ NTP 4.2.4p2
+ pppd 2.4.4
* cdplay(1): added digital transfer mode support.
* cksum(1) can now verify checksums.
* csplit(1): new utility that splits a file into pieces. From
* identd(1): added support for forwarding ident queries and
receiving of proxied ident queries.
* getent(1): added support for the ethers database.
* gkermit(1): new program for transferring files using the Kermit
* mail(1): added support for Mime and multi-character set handling,
command line editing and completion.
* utoppya(1): new utility to interface to the utoppy(4) driver.
* init(8): added support for running multi-user in a chroot()
environment. Allows / file system on e.g., cgd(4), vnd(4) or
* gpt(8): new GUID partition table maintenance utility, from
* iSCSI target (server) code added, see iscsi-target(8); Initiator
(client) code is underway.
* lockstat(8): new command to display a summary of kernel locking
events recorded over the lifetime of a called program.
* ofctl(8): new command to display the OpenPROM or OpenFirmware
device tree for the macppc, shark and sparc64.
* Various utilities to support Bluetooth were added:
+ btconfig(8) for controller configuration.
+ btdevctl(8) to manage pseudo devices relating to remote
+ bthcid(8) and btpin(1) for authenticating radio connections.
+ sdpd(8) for providing service discovery to remote devices.
+ sdpquery(1) for querying services on remote devices.
+ rfcomm_sppd(1) to access remote services over RFCOMM via
stdio or pty.
+ bthset(1) for making connections to Bluetooth headsets.
Besides this list, there have also been innumerable bug fixes and
other miscellaneous enhancements of course.
Components removed from NetBSD
In this release of NetBSD, some software components known from
previous releases were removed from the system. In some cases those
were components that are not useful anymore or their utility does not
justify maintenance overhead. Other components were not working
properly and there was lack of interest in fixing them.
* Sushi was removed from the base system due to lack of interest and
maintenance. If you really want it, it is available in the CVS
repository at othersrc/usr.sbin/sushi. However, be warned that it
is unmaintained and is most likely out of date.
* Vinum was removed due to lack of interest and maintenance. At the
time of removal, it had several known serious issues (including
not being compilable). RAIDframe provides similar functionality.
If you were using Vinum you will need to back up your data, delete
the Vinum partitions, create RAIDframe partitions, and restore
your data to them. Details about RAIDframe can be found in
raid(4), raidctl(8), and the NetBSD Guide.
* Sendmail was removed. Postfix is the MTA and provides the
sendmail(1) command line tool. Postfix has been included with
NetBSD since NetBSD 1.5 was released in December 2005. Details
about Postfix can be found in the NetBSD Guide. For those who need
Sendmail, it is available from pkgsrc in the mail/sendmail and
* NETCCITT and NETNS were removed due to lack of interest and
maintenance. They had known serious issues (including being out of
date with respect to other network code) and there were no known
users at the time of their removal. Unfortunately, there is no
replacement or option for them.
* UUCP was removed. The NetBSD improvements were merged into the
pkgsrc version. For those who use UUCP tools, they are available
from pkgsrc in the net/uucp package. The cu(1) command is
available as a frontend to tip(1).
* The Fortran 77 compiler (g77) has been removed with the transition
from GCC 3 to GCC 4, which does not include it. For those who need
it, it is available from pkgsrc in the lang/gcc3-f77 package.
* The evbsh5 port has been removed from NetBSD due to lack of
interest, compounded by a lack of available SH5 hardware.
The NetBSD Foundation would like to thank all those who have
contributed code, hardware, documentation, funds, colocation for our
servers, web pages and other documentation, release engineering, and
other resources over the years. More information on the people who
make NetBSD happen is available at:
We would like to especially thank the University of California at
Berkeley and the GNU Project for particularly large subsets of code
that we use. We would also like to thank the Internet Systems
Consortium Inc., the Network Security Lab at Columbia University's
Computer Science Department, and Ludd (Lule=E5 Academic Computer
Society) computer society at Lule=E5 University of Technology for
current colocation services.
About the NetBSD Foundation
The NetBSD Foundation was chartered in 1995, with the task of
overseeing core NetBSD project services, promoting the project within
industry and the open source community, and holding intellectual
property rights on much of the NetBSD code base. Day-to-day operations
of the project are handled by volunteers.
As a non-profit organization with no commercial backing, The NetBSD
Foundation depends on donations from its users, and we would like to
ask you to consider making a donation to the NetBSD Foundation in
support of continuing production of our fine operating system. Your
generous donation would be particularly welcome assistance with
ongoing upgrades and maintenance, as well as with operating expenses
for The NetBSD Foundation.
Donations can be done via PayPal to <paypal@NetBSD.org> and are fully
tax-deductible in the US. If you would prefer not to use PayPal, or
would like to make other arrangements, please contact
NetBSD mirror sites
Please use a mirror site close to you.
* FTP - http://www.NetBSD.org/mirrors/#ftp
* ISO images - http://www.NetBSD.org/mirrors/#iso
* Anonymous CVS - http://www.NetBSD.org/mirrors/#anoncvs
* BitTorrent - http://www.NetBSD.org/mirrors/#bittorrent
* SUP - http://www.NetBSD.org/mirrors/#sup
* CVSup - http://www.NetBSD.org/mirrors/#cvsup
* rsync - http://www.NetBSD.org/mirrors/#rsync
* AFS - http://www.NetBSD.org/mirrors/#afs
Please also note our list of CD-ROM vendors.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (NetBSD)
-----END PGP SIGNATURE-----