aboutsummaryrefslogtreecommitdiff
path: root/share/man/man7
diff options
context:
space:
mode:
Diffstat (limited to 'share/man/man7')
-rw-r--r--share/man/man7/Makefile6
-rw-r--r--share/man/man7/arch.7123
-rw-r--r--share/man/man7/ascii.74
-rw-r--r--share/man/man7/build.779
-rw-r--r--share/man/man7/c.7237
-rw-r--r--share/man/man7/development.726
-rw-r--r--share/man/man7/ffs.7328
-rw-r--r--share/man/man7/hier.716
-rw-r--r--share/man/man7/intro.77
-rw-r--r--share/man/man7/mitigations.7177
-rw-r--r--share/man/man7/networking.756
-rw-r--r--share/man/man7/orders.74
-rw-r--r--share/man/man7/ports.716
-rw-r--r--share/man/man7/release.720
-rw-r--r--share/man/man7/security.712
-rw-r--r--share/man/man7/simd.767
-rw-r--r--share/man/man7/tests.713
-rw-r--r--share/man/man7/tracing.797
-rw-r--r--share/man/man7/tuning.731
19 files changed, 754 insertions, 565 deletions
diff --git a/share/man/man7/Makefile b/share/man/man7/Makefile
index f163d4e0a0d8..021bf9251bda 100644
--- a/share/man/man7/Makefile
+++ b/share/man/man7/Makefile
@@ -1,4 +1,3 @@
-
.include <src.opts.mk>
#MISSING: eqnchar.7 ms.7 term.7
@@ -11,7 +10,6 @@ MAN= arch.7 \
crypto.7 \
development.7 \
environ.7 \
- ffs.7 \
firewall.7 \
growfs.7 \
hier.7 \
@@ -32,6 +30,7 @@ MAN= arch.7 \
stdint.7 \
sticky.7 \
tests.7 \
+ tracing.7 \
tuning.7
MLINKS= intro.7 miscellaneous.7
@@ -44,7 +43,8 @@ MLINKS+= c.7 c95.7
MLINKS+= c.7 c99.7
MLINKS+= c.7 c11.7
MLINKS+= c.7 c17.7
-MLINKS+= c.7 c2x.7
+MLINKS+= c.7 c23.7
+MLINKS+= c.7 c2y.7
.if ${MK_INET} != "no"
MAN+= networking.7
diff --git a/share/man/man7/arch.7 b/share/man/man7/arch.7
index 35a7b0246389..91f6953370d9 100644
--- a/share/man/man7/arch.7
+++ b/share/man/man7/arch.7
@@ -24,7 +24,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.Dd September 2, 2023
+.Dd April 12, 2025
.Dt ARCH 7
.Os
.Sh NAME
@@ -42,7 +42,7 @@ documentation.
.Pp
If not explicitly mentioned, sizes are in bytes.
The architecture details in this document apply to
-.Fx 12.0
+.Fx 13.0
and later, unless otherwise noted.
.Pp
.Fx
@@ -87,7 +87,6 @@ release to support each architecture.
.It Sy Architecture Ta Sy Initial Release
.It aarch64 Ta 11.0
.It amd64 Ta 5.1
-.It armv6 Ta 10.0
.It armv7 Ta 12.0
.It i386 Ta 1.0
.It powerpc Ta 6.0
@@ -103,18 +102,19 @@ Discontinued architectures are shown in the following table.
.It alpha Ta 3.2 Ta 6.4
.It arm Ta 6.0 Ta 12.4
.It armeb Ta 8.0 Ta 11.4
+.It armv6 Ta 10.0 Ta 14.x
.It ia64 Ta 5.0 Ta 10.4
-.It mips Ta 8.0 Ta 13.x
-.It mipsel Ta 9.0 Ta 13.x
-.It mipselhf Ta 12.0 Ta 13.x
-.It mipshf Ta 12.0 Ta 13.x
-.It mipsn32 Ta 9.0 Ta 13.x
-.It mips64 Ta 9.0 Ta 13.x
-.It mips64el Ta 9.0 Ta 13.x
-.It mips64elhf Ta 12.0 Ta 13.x
-.It mips64hf Ta 12.0 Ta 13.x
+.It mips Ta 8.0 Ta 13.5
+.It mipsel Ta 9.0 Ta 13.5
+.It mipselhf Ta 12.0 Ta 13.5
+.It mipshf Ta 12.0 Ta 13.5
+.It mipsn32 Ta 9.0 Ta 13.5
+.It mips64 Ta 9.0 Ta 13.5
+.It mips64el Ta 9.0 Ta 13.5
+.It mips64elhf Ta 12.0 Ta 13.5
+.It mips64hf Ta 12.0 Ta 13.5
.It pc98 Ta 2.2 Ta 11.4
-.It riscv64sf Ta 12.0 Ta 13.x
+.It riscv64sf Ta 12.0 Ta 13.5
.It sparc64 Ta 5.0 Ta 12.4
.El
.Ss Type sizes
@@ -156,24 +156,19 @@ Examples are:
.It Sy LP64 Ta Sy ILP32 counterpart
.It Dv amd64 Ta Dv i386
.It Dv powerpc64 Ta Dv powerpc
-.It Dv aarch64 Ta Dv armv6/armv7
+.It Dv aarch64 Ta Dv armv7
.El
.Pp
.Dv aarch64
will support execution of
-.Dv armv6
-or
.Dv armv7
binaries if the CPU implements
.Dv AArch32
-execution state, however older
-.Dv armv4
-and
-.Dv armv5
-binaries aren't supported.
+execution state, however older arm binaries are not supported by
+.Fx .
.Pp
On all supported architectures:
-.Bl -column -offset -indent "long long" "Size"
+.Bl -column -offset indent "long long" "Size"
.It Sy Type Ta Sy Size
.It short Ta 2
.It int Ta 4
@@ -195,7 +190,6 @@ Machine-dependent type sizes:
.It Sy Architecture Ta Sy void * Ta Sy long double Ta Sy time_t
.It aarch64 Ta 8 Ta 16 Ta 8
.It amd64 Ta 8 Ta 16 Ta 8
-.It armv6 Ta 4 Ta 8 Ta 8
.It armv7 Ta 4 Ta 8 Ta 8
.It i386 Ta 4 Ta 12 Ta 4
.It powerpc Ta 4 Ta 8 Ta 8
@@ -212,7 +206,6 @@ is 8 bytes on all supported architectures except i386.
.It Sy Architecture Ta Sy Endianness Ta Sy char Signedness
.It aarch64 Ta little Ta unsigned
.It amd64 Ta little Ta signed
-.It armv6 Ta little Ta unsigned
.It armv7 Ta little Ta unsigned
.It i386 Ta little Ta signed
.It powerpc Ta big Ta unsigned
@@ -224,9 +217,8 @@ is 8 bytes on all supported architectures except i386.
.Ss Page Size
.Bl -column -offset indent "Architecture" "Page Sizes"
.It Sy Architecture Ta Sy Page Sizes
-.It aarch64 Ta 4K, 2M, 1G
+.It aarch64 Ta 4K, 64K, 2M, 1G
.It amd64 Ta 4K, 2M, 1G
-.It armv6 Ta 4K, 1M
.It armv7 Ta 4K, 1M
.It i386 Ta 4K, 2M (PAE), 4M
.It powerpc Ta 4K
@@ -235,12 +227,65 @@ is 8 bytes on all supported architectures except i386.
.It powerpc64le Ta 4K
.It riscv64 Ta 4K, 2M, 1G
.El
+.Ss User Address Space Layout
+.Bl -column -offset indent "riscv64 (Sv48)" "0x0001000000000000" "NNNU"
+.It Sy Architecture Ta Sy Maximum Address Ta Sy Address Space Size
+.It aarch64 Ta 0x0001000000000000 Ta 256TiB
+.It amd64 (LA48) Ta 0x0000800000000000 Ta 128TiB
+.It amd64 (LA57) Ta 0x0100000000000000 Ta 64PiB
+.It armv7 Ta 0xbfc00000 Ta 3GiB
+.It i386 Ta 0xffc00000 Ta 4GiB
+.It powerpc Ta 0xfffff000 Ta 4GiB
+.It powerpcspe Ta 0x7ffff000 Ta 2GiB
+.It powerpc64 Ta 0x000fffffc0000000 Ta 4PiB
+.It powerpc64le Ta 0x000fffffc0000000 Ta 4PiB
+.It riscv64 (Sv39) Ta 0x0000004000000000 Ta 256GiB
+.It riscv64 (Sv48) Ta 0x0000800000000000 Ta 128TiB
+.El
+.Pp
+The layout of a process' address space can be queried via the
+.Dv KERN_PROC_VM_LAYOUT
+.Xr sysctl 3
+MIB.
+.Pp
+Historically, amd64 CPUs were limited to a 48-bit virtual address space.
+Newer CPUs support 5-level page tables, which extend the significant bits of
+addresses to 57 bits (LA57 mode).
+The address space layout is determined by the CPU's support for LA57.
+Setting the
+.Sy vm.pmap.la57
+tunable to 0 forces the system into 4-level paging mode, even on hardware that
+supports 5-level paging.
+In this mode, all processes get a 48-bit address space.
+The
+.Sy vm.pmap.prefer_la48_uva
+tunable determines whether processes running on a LA57 system are limited to
+a 48-bit address space by default.
+Some applications make use of unused upper bits in pointer values to store
+information, and thus implicitly assume they are running in LA48 mode.
+To avoid breaking compatibility, all processes run in LA48 mode by default.
+The
+.Xr elfctl 1
+utility can be used to request LA48 or LA57 mode for specific executables.
+Similarly,
+.Xr proccontrol 1
+can be used to configure the address space layout when executing a process.
+.Pp
+The RISC-V specification permits 3-level (Sv39), 4-level (Sv48), and
+5-level (Sv57) page tables.
+Hardware is only required to implement Sv39; implementations which support
+Sv48 must also support Sv39, and implementations which support Sv57 must also
+support Sv48.
+The
+.Sy vm.pmap.mode
+tunable can be used to select the layout.
+.Fx
+currently supports Sv39 and Sv48 and defaults to using Sv39.
.Ss Floating Point
.Bl -column -offset indent "Architecture" "float, double" "long double"
.It Sy Architecture Ta Sy float, double Ta Sy long double
.It aarch64 Ta hard Ta soft, quad precision
.It amd64 Ta hard Ta hard, 80 bit
-.It armv6 Ta hard Ta hard, double precision
.It armv7 Ta hard Ta hard, double precision
.It i386 Ta hard Ta hard, 80 bit
.It powerpc Ta hard Ta hard, double precision
@@ -257,7 +302,7 @@ as the default compiler on all supported CPU architectures,
LLVM's
.Xr ld.lld 1
as the default linker, and
-ELF Tool Chain binary utilities such as
+LLVM binary utilities such as
.Xr objcopy 1
and
.Xr readelf 1 .
@@ -276,7 +321,7 @@ or similar things like boot sequences.
.It Dv MACHINE Ta Dv MACHINE_CPUARCH Ta Dv MACHINE_ARCH
.It arm64 Ta aarch64 Ta aarch64
.It amd64 Ta amd64 Ta amd64
-.It arm Ta arm Ta armv6, armv7
+.It arm Ta arm Ta armv7
.It i386 Ta i386 Ta i386
.It powerpc Ta powerpc Ta powerpc, powerpcspe, powerpc64, powerpc64le
.It riscv Ta riscv Ta riscv64
@@ -308,7 +353,6 @@ Architecture-specific macros:
.It Sy Architecture Ta Sy Predefined macros
.It aarch64 Ta Dv __aarch64__
.It amd64 Ta Dv __amd64__ , Dv __x86_64__
-.It armv6 Ta Dv __arm__ , Dv __ARM_ARCH >= 6
.It armv7 Ta Dv __arm__ , Dv __ARM_ARCH >= 7
.It i386 Ta Dv __i386__
.It powerpc Ta Dv __powerpc__
@@ -383,15 +427,19 @@ It, along with
defines the ABI used by the system.
Generally, the plain CPU name specifies the most common (or at least
first) variant of the CPU.
-This is why powerpc and powerpc64 imply 'big endian' while 'armv6' and 'armv7'
+This is why powerpc and powerpc64 imply 'big endian' while armv7 and aarch64
imply little endian.
If we ever were to support the so-called x32 ABI (using 32-bit
pointers on the amd64 architecture), it would most likely be encoded
as amd64-x32.
-It is unfortunate that amd64 specifies the 64-bit evolution of the x86
-platform (it matches the 'first rule') as everybody else uses x86_64.
-There is no standard name for the processor: each OS selects its own
-conventions.
+It is unfortunate that amd64 specifies the 64-bit evolution of the x86 platform
+(it matches the 'first rule') as almost everybody else uses x86_64.
+The
+.Fx
+port was so early, it predated processor name standardization after Intel joined
+the market.
+At the time, each OS selected its own conventions.
+Backwards compatibility means it is not easy to change to the consensus name.
.It Dv MACHINE_CPUARCH
Represents the source location for a given
.Dv MACHINE_ARCH .
@@ -420,7 +468,7 @@ in the top level Makefile for cross building.
Unused outside of that scope.
It is not passed down to the rest of the build.
Makefiles outside of the top level should not use it at all (though
-some have their own private copy for hysterical raisons).
+some have their own private copy for historical reasons).
.It Dv TARGET_ARCH
Used to set
.Dv MACHINE_ARCH
@@ -430,6 +478,9 @@ Like
it is unused outside of that scope.
.El
.Sh SEE ALSO
+.Xr elfctl 1 ,
+.Xr proccontrol 1 ,
+.Xr sysctl 3 ,
.Xr src.conf 5 ,
.Xr build 7 ,
.Xr simd 7
diff --git a/share/man/man7/ascii.7 b/share/man/man7/ascii.7
index 3e4693153e99..11f4f63ccb47 100644
--- a/share/man/man7/ascii.7
+++ b/share/man/man7/ascii.7
@@ -25,7 +25,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.Dd November 12, 2022
+.Dd January 4, 2025
.Dt ASCII 7
.Os
.Sh NAME
@@ -192,4 +192,4 @@ ESC ESCape
An
.Nm
manual page appeared in
-.At v2 .
+.At v1 .
diff --git a/share/man/man7/build.7 b/share/man/man7/build.7
index 596c64da0673..0aae2c42ac04 100644
--- a/share/man/man7/build.7
+++ b/share/man/man7/build.7
@@ -1,3 +1,6 @@
+.\"-
+.\" SPDX-License-Identifier: BSD-2-Clause
+.\"
.\" Copyright (c) 2000
.\" Mike W. Meyer
.\"
@@ -22,12 +25,14 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.Dd August 1, 2023
+.Dd March 8, 2025
.Dt BUILD 7
.Os
.Sh NAME
.Nm build
-.Nd General instructions on how to build the system
+.Nd general instructions on how to build the
+.Fx
+system
.Sh DESCRIPTION
The sources for the
.Fx
@@ -396,6 +401,19 @@ Install the kernel to the directory
.Pa ${DISTDIR}/kernel/boot/kernel .
This target is used while building a release; see
.Xr release 7 .
+.It Cm packages
+Create a
+.Xr pkg 7
+repository containing packages that can be used to create or upgrade an
+installation of the base system.
+The output repository is placed in the object directory, under
+.Pa repo/${PKG_ABI}
+where
+.Va PKG_ABI
+is the
+.Xr pkg 7
+ABI for the build target, for example,
+.Pa /usr/obj/${SRCDIR}/repo/FreeBSD:15:amd64 .
.It Cm packagekernel
Archive the results of
.Cm distributekernel ,
@@ -431,6 +449,8 @@ include:
.Bl -tag -width ".Cm delete-old-libs"
.It Cm check-old
Print a list of old files and directories in the system.
+.It Cm check-old-libs
+Print a list of obsolete base system libraries.
.It Cm delete-old
Delete obsolete base system files and directories interactively.
When
@@ -482,6 +502,9 @@ The directory hierarchy prefix where built objects will be installed.
If not set,
.Va DESTDIR
defaults to the empty string.
+If set,
+.Va DESTDIR
+must specify an absolute path.
.It Va MAKEOBJDIRPREFIX
Defines the prefix for directory names in the tree of built objects.
Defaults to
@@ -494,6 +517,8 @@ and not via
or
.Pa /etc/src.conf
or the command line.
+.Va MAKEOBJDIRPREFIX
+must specify an absolute path.
.It Va WITHOUT_WERROR
If defined, compiler warnings will not cause the build to halt,
even if the makefile says otherwise.
@@ -529,6 +554,13 @@ Overrides which kernel to build and install for the various kernel
make targets.
It defaults to
.Cm GENERIC .
+.It Va KERNBUILDDIR
+Overrides the default directory to get all the opt_*.h files for
+building a kernel module.
+Useful for stand-alone modules that depend on
+.Xr config 8
+options.
+Automatically set for modules built with a kernel.
.It Va KERNCONFDIR
Overrides the directory in which
.Va KERNCONF
@@ -610,6 +642,20 @@ If set, this variable supplies a list of additional directories relative to
the root of the source tree to build as part of the
.Cm cross-tools
target.
+.It Va PKG_FORMAT
+Specify a package compression format when building
+.Pa src
+into
+.Cm packages .
+Default:
+.Ql tzst .
+Consider using
+.Ql tar
+to disable compression.
+Accepted options are documented in the
+.Fl f
+description of
+.Xr pkg-create 8 .
.It Va PORTS_MODULES
A list of ports with kernel modules that should be built and installed
as part of the
@@ -617,6 +663,10 @@ as part of the
and
.Cm installkernel
process.
+This is currently incompatible with building
+.Pa src
+into
+.Cm packages .
.Bd -literal -offset indent
make PORTS_MODULES=emulators/virtualbox-ose-kmod kernel
.Ed
@@ -856,6 +906,11 @@ This variable implies
Use external GCC toolchains to build the requested targets.
If the required toolchain package for a supported architecture is not installed,
the build for that architecture is skipped.
+.Pp
+A specific version of GCC can be used by setting the value of this variable
+to the desired version
+.Pq for example, Dq gcc14 ;
+otherwise a default version of GCC is used.
.It Va TARGETS
Only build the listed targets instead of each supported architecture.
.It Va EXTRA_TARGETS
@@ -884,18 +939,14 @@ method of updating your system from the latest sources, please see the
section in
.Pa src/UPDATING .
.Pp
-The following sequence of commands can be used to cross-build the
-system for the armv6 architecture on an amd64 host:
+The following sequence of commands can be used to cross-build the system for
+the arm64 (aarch64) architecture on a different host architecture, such as
+amd64:
.Bd -literal -offset indent
cd /usr/src
-make TARGET_ARCH=armv6 buildworld buildkernel
-make TARGET_ARCH=armv6 DESTDIR=/clients/arm installworld installkernel
+make TARGET=arm64 buildworld buildkernel
+make TARGET=arm64 DESTDIR=/clients/arm64 installworld installkernel
.Ed
-.Sh HISTORY
-The
-.Nm
-manpage first appeared in
-.Fx 4.3 .
.Sh SEE ALSO
.Xr cc 1 ,
.Xr install 1 ,
@@ -903,6 +954,7 @@ manpage first appeared in
.Xr make.conf 5 ,
.Xr src.conf 5 ,
.Xr arch 7 ,
+.Xr development 7 ,
.Xr pkg 7 ,
.Xr ports 7 ,
.Xr release 7 ,
@@ -911,5 +963,10 @@ manpage first appeared in
.Xr etcupdate 8 ,
.Xr reboot 8 ,
.Xr shutdown 8
+.Sh HISTORY
+The
+.Nm
+manpage first appeared in
+.Fx 4.3 .
.Sh AUTHORS
.An Mike W. Meyer Aq Mt mwm@mired.org
diff --git a/share/man/man7/c.7 b/share/man/man7/c.7
index 97869fe0f8f2..c95bab1c1f19 100644
--- a/share/man/man7/c.7
+++ b/share/man/man7/c.7
@@ -22,7 +22,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.Dd April 20, 2021
+.Dd November 4, 2024
.Dt C 7
.Os
.Sh NAME
@@ -34,7 +34,8 @@
.Nm c99 ,
.Nm c11 ,
.Nm c17 ,
-.Nm c2x
+.Nm c23 ,
+.Nm c2y
.Nd The C programming language
.Sh DESCRIPTION
C is a general purpose programming language, which has a strong connection
@@ -112,9 +113,12 @@ development of the language did not stop.
.Pp
The ISO C standard was later extended with an amendment as
ISO/IEC 9899/AMD1 in 1995.
-This contained, for example, the wide-character support in <wchar.h> and
-<wctype.h>, and also restricted character set support via diagraphs and
-<iso646.h>.
+This contained, for example, the wide-character support in
+.In wchar.h
+and
+.In wctype.h ,
+and also restricted character set support via diagraphs and
+.In iso646.h .
This amendment is usually referred to as C95.
Two technical corrigenda were also published: Technical Corrigendum 1 as
ISO/IEC 9899/COR1 in 1994 and Technical Corrigendum 2 as ISO/IEC 9899/COR2
@@ -130,18 +134,23 @@ The improvements include (but are not limited to) the following:
.Bl -bullet -offset indent
.It
digraphs, trigraphs, and alternative spellings for the operators that
-use non-ISO646 characters in <iso646.h>
+use non-ISO646 characters in
+.In iso646.h
.It
-extended multibyte and wide character library support in <wchar.h> and
-<wctype.h>
+extended multibyte and wide character library support in
+.In wchar.h
+and
+.In wctype.h
.It
variable length arrays
.It
flexible array members
.It
-complex (and imaginary) number arithmetic support in <complex.h>
+complex (and imaginary) number arithmetic support in
+.In complex.h
.It
-type-generic math macros in <tgmath.h>
+type-generic math macros in
+.In tgmath.h
.It
the long long int type and library functions
.It
@@ -157,15 +166,24 @@ BCPL style single-line comments
.It
allow mixed declarations and code
.It
-the vscanf family of functions in <stdio.h> and <wchar.h>
+the
+.Fn vscanf
+family of functions in
+.In stdio.h
+and
+.In wchar.h
.It
allow trailing comma in enum declaration
.It
inline functions
.It
-the snprintf family of functions in <stdio.h>
+the
+.Fn snprintf
+family of functions in
+.In stdio.h
.It
-boolean type and macros in <stdbool.h>
+boolean type and macros in
+.In stdbool.h
.It
empty macro arguments
.It
@@ -173,7 +191,8 @@ _Pragma preprocessing operator
.It
__func__ predefined identifier
.It
-va_copy macro in <stdarg.h>
+va_copy macro in
+.In stdarg.h
.It
additional strftime conversion specifiers
.El
@@ -185,24 +204,34 @@ and ISO/IEC 9899:1999/COR3:2007.
The improvements include (but are not limited to) the following:
.Bl -bullet -offset indent
.It
-support for multiple threads of execution and atomic operations in <threads.h>
-and <stdatomic.h>
+support for multiple threads of execution and atomic operations in
+.In threads.h
+and
+.In stdatomic.h
.It
-additional floating-point characteristic macros in <float.h>
+additional floating-point characteristic macros in
+.In float.h
.It
-querying and specifying alignment of objects in <stdalign.h> and <stdlib.h>
+querying and specifying alignment of objects in
+.In stdalign.h
+and
+.In stdlib.h
.It
-Unicode character types and functions in <uchar.h>
+Unicode character types and functions in
+.In uchar.h
.It
type-generic expressions
.It
-static assertions in <assert.h>
+static assertions in
+.In assert.h
.It
anonymous structures and unions
.It
-remove the gets function from <stdio.h>
+remove the gets function from
+.In stdio.h
.It
-add the aligned_alloc, at_quick_exit, and quick_exit functions in <stdlib.h>
+add the aligned_alloc, at_quick_exit, and quick_exit functions in
+.In stdlib.h
.El
.Pp
C11 was later superseded by ISO/IEC 9899:2018, also known as C17 which was
@@ -211,17 +240,154 @@ It incorporates the Technical Corrigendum 1 (ISO/IEC 9899:2011/COR1:2012)
which was published in 2012.
It addressed defects and deficiencies in C11 without introducing new features,
only corrections and clarifications.
-Since there were no major changes in C17, the current standard for
-Programming Language C, is still considered C11 \(em ISO/IEC 9899:2011, published
-2011-12-08.
.Pp
-The next standard, the fifth, is currently referred to as C2x and is scheduled
-to be adopted by the end of 2021, with a publication date of 2022.
-When published, it will cancel and replace the fourth edition, ISO/IEC
-9899:2018.
+C23, formally ISO/IEC 9899:2024, is the current standard with significant
+updates that supersede C17 (ISO/IEC 9899:2018).
+The standardization effort began in 2016, informally as C2x, with the first
+WG14 meeting in 2019, and was officially published on October 31, 2024.
+C23 was originally anticipated for an earlier release, but the timeline was
+extended due to COVID-19 pandemic.
+With C23, the value of __STDC_VERSION__ has been updated from 201710L to
+202311L.
+Key changes include (but are not limited to) the following:
+.Bl -bullet -offset indent
+.It
+Add null pointer type nullptr_t and the nullptr keyword
+.It
+Add constexpr keyword as a storage-class specifier for objects
+.It
+Redefine the usage of the auto keyword to support type inference while also
+retaining its previous functionality as a storage-class specifier when used
+with a type
+.It
+Add %b binary conversion specifier to the
+.Fn printf
+and
+.Fn scanf
+function families
+.It
+Add binary conversion support (0b and 0B) to the
+.Fn strtol
+and
+.Fn wcstol
+function families
+.It
+Add the #embed directive for binary resource inclusion and __has_embed to
+check resource availability with preprocessor directives
+.It
+Add the #warning directive for diagnostics
+.It
+Add the #elifdef and #elifndef directives
+.It
+Add the u8 prefix for character literals to represent UTF-8 encoding,
+compatible with C++17
+.It
+Add the char8_t type for UTF-8 encoded data and update the types of u8
+character constants and string literals to char8_t
+.It
+Add functions
+.Fn mbrtoc8
+and
+.Fn c8rtomb
+to convert between narrow multibyte
+characters and UTF-8 encoding
+.It
+Define all char16_t strings and literals as UTF-16 encoded and char32_t
+strings and literals as UTF-32 encoded unless specified otherwise
+.It
+Allow storage-class specifiers within compound literals
+.It
+Support the latest IEEE 754 standard, ISO/IEC 60559:2020, with binary and
+(optional) decimal floating-point arithmetic
+.It
+Add single-argument _Static_assert for compatibility with C++17
+.It
+Add _Decimal32, _Decimal64, _Decimal128 keywords for (optional) decimal
+floating-point arithmetic
+.It
+Add digit separator ' (the single quote character) for literals
+.It
+Enable specification of the underlying type of an enum
+.It
+Standardize the
+.Fn typeof
+operator
+.It
+Add
+.Fn memset_explicit
+in
+.In string.h
+to securely erase sensitive data
+regardless of optimizations
+.It
+Add
+.Fn memccpy
+in
+.In string.h
+for efficient string concatenation
+.It
+Add
+.Fn memalignment
+in
+.In stdlib.h
+to determine pointer alignment
+.It
+Add
+.Fn strdup
+and
+.Fn strndup
+in
+.In string.h
+to allocate string copies
+.It
+Introduce bit utility functions, macros, and types in the new header
+.In stdbit.h
+.It
+Add
+.Fn timegm
+in
+.In time.h
+for converting time structures to calendar time
+values
+.It
+Add __has_include for header availability checking via preprocessor
+directives
+.It
+Add __has_c_attribute to check attribute availability via preprocessor
+directives
+.It
+Add _BitInt(N) and unsigned _BitInt(N) for bit-precise integers, and
+BITINT_MAXWIDTH for maximum bit width
+.It
+Elevate true and false to proper keywords (previously macros from
+.In stdbool.h )
+.It
+Add keywords alignas, alignof, bool, static_assert, thread_local; previously
+defined keywords remain available as alternative spellings
+.It
+Enable zero initialization with {} (including initialization of VLAs)
+.It
+Introduce C++11 style attributes using [[]], with adding [[deprecated]],
+[[fallthrough]], [[maybe_unused]], [[nodiscard]], and [[noreturn]]
+.It
+Deprecate _Noreturn, noreturn, header
+.In stdnoreturn.h
+features introduced
+in C11
+.It
+Remove trigraph support
+.It
+Remove K&R function definitions and declarations
+.It
+Remove non-two's-complement representations for signed integers
+.El
.Pp
-Some useful features have been provided as extensions by some compilers, but
-they cannot be considered as standard features.
+The next version of the C Standard, informally named C2y, is anticipated
+to release within the next six years, targeting 2030 at the latest.
+A charter for C2y is still being drafted and discussed, with several
+papers under debate from the January 2024 meeting in Strasbourg, France
+indicating that this new version may address long-standing requests and
+deficiencies noted by the C community, while preserving its core strengths.
.Pp
ISO/IEC JTC1/SC22/WG14 committee is responsible for the ISO/IEC 9899,
C Standard.
@@ -349,6 +515,11 @@ C Standard.
.%A ISO/IEC
.%T 9899:2018 (aka C17)
.Re
+.Pp
+.Rs
+.%A ISO/IEC
+.%T 9899:2024 (aka C23)
+.Re
.Sh HISTORY
This manual page first appeared in
.Fx 9.0 .
@@ -356,8 +527,6 @@ This manual page first appeared in
.An -nosplit
This manual page was originally written by
.An Gabor Kovesdan Aq Mt gabor@FreeBSD.org .
-It was updated for
-.Fx 14.0
-by
+It was updated by
.An Faraz Vahedi Aq Mt kfv@kfv.io
with information about more recent C standards.
diff --git a/share/man/man7/development.7 b/share/man/man7/development.7
index 0eb5377bd07b..1b875fb14bda 100644
--- a/share/man/man7/development.7
+++ b/share/man/man7/development.7
@@ -1,3 +1,6 @@
+.\"-
+.\" SPDX-License-Identifier: BSD-2-Clause
+.\"
.\" Copyright (c) 2018 Edward Tomasz Napierala <trasz@FreeBSD.org>
.\"
.\" Redistribution and use in source and binary forms, with or without
@@ -21,7 +24,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.Dd November 1, 2022
+.Dd January 19, 2025
.Dt DEVELOPMENT 7
.Os
.Sh NAME
@@ -89,7 +92,7 @@ and
.Xr release 7 .
Kernel programming interfaces (KPIs) are documented in section 9
manual pages; use
-.Ql "apropos -s 9 ."
+.Ql apropos -s 9 \&.
for a list.
Regression test suite is described in
.Xr tests 7 .
@@ -116,7 +119,14 @@ build and test status of CURRENT and STABLE branches,
the continuous integration system is at:
.Pp
.Lk https://ci.FreeBSD.org
-.Pp
+.Sh FILES
+.Bl -compact -tag -width "/usr/src/tools/tools/git/git-arc.sh"
+.It Pa /usr/src/CONTRIBUTING.md
+.Fx
+contribution guidelines
+.It Pa /usr/src/tools/tools/git/git-arc.sh
+Phabricator review tooling
+.El
.Sh EXAMPLES
Check out the CURRENT branch, build it, and install, overwriting the current
system:
@@ -142,6 +152,13 @@ cd src/bin/ls
make clean all install
.Ed
.Pp
+Rebuild and reinstall a single loadable kernel module, in this case
+.Xr sound 4 :
+.Bd -literal -offset indent
+cd src/sys/modules/sound
+make all install clean cleandepend KMODDIR=/boot/kernel
+.Ed
+.Pp
Quickly rebuild and reinstall the kernel, only recompiling the files
changed since last build; note that this will only work if the full kernel
build has been completed in the past, not on a fresh source tree:
@@ -187,8 +204,7 @@ The
.Nm
manual page was originally written by
.An Matthew Dillon Aq Mt dillon@FreeBSD.org
-and first appeared
-in
+and first appeared in
.Fx 5.0 ,
December 2002.
It was since extensively modified by
diff --git a/share/man/man7/ffs.7 b/share/man/man7/ffs.7
deleted file mode 100644
index 7d003443f32a..000000000000
--- a/share/man/man7/ffs.7
+++ /dev/null
@@ -1,328 +0,0 @@
-.\" Copyright (c) 2001 Networks Associates Technology, Inc.
-.\" All rights reserved.
-.\"
-.\" This software was developed for the FreeBSD Project by Chris
-.\" Costello at Safeport Network Services and NAI Labs, the Security
-.\" Research Division of Network Associates, Inc. under DARPA/SPAWAR
-.\" contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA CHATS
-.\" research program.
-.\"
-.\" Redistribution and use in source and binary forms, with or without
-.\" modification, are permitted provided that the following conditions
-.\" are met:
-.\" 1. Redistributions of source code must retain the above copyright
-.\" notice, this list of conditions and the following disclaimer.
-.\" 2. Redistributions in binary form must reproduce the above copyright
-.\" notice, this list of conditions and the following disclaimer in the
-.\" documentation and/or other materials provided with the distribution.
-.\"
-.\" THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
-.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
-.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-.\" SUCH DAMAGE.
-.\"
-.Dd May 3, 2020
-.Dt FFS 7
-.Os
-.Sh NAME
-.Nm ffs
-.Nd Berkeley fast file system
-.Sh SYNOPSIS
-In the kernel configuration file:
-.Cd "options FFS"
-.Cd "options QUOTA"
-.Cd "options SOFTUPDATES"
-.Cd "options SUIDDIR"
-.Cd "options UFS_ACL"
-.Cd "options UFS_DIRHASH"
-.Cd "options UFS_EXTATTR"
-.Cd "options UFS_EXTATTR_AUTOSTART"
-.Cd "options UFS_GJOURNAL"
-.Pp
-In
-.Xr fstab 5 :
-.Bd -literal -compact
-/dev/disk0a /mnt ufs rw 1 1
-.Ed
-.Sh DESCRIPTION
-The Berkeley fast file system
-provides facilities to store file system data onto a disk device.
-.Nm
-has been optimized over the years
-for speed and reliability
-and is the default
-.Fx
-file system.
-.Ss Quotas
-.Bl -tag -width 2n
-.It Cd "options QUOTA"
-This option allows system administrators
-to set limits on disk usage
-on a per-user basis.
-Quotas can be used only on file systems
-mounted with the
-.Cm quota
-option;
-see
-.Xr quota 1
-and
-.Xr edquota 8 .
-.El
-.Ss Soft Updates
-.Bl -tag -width 2n
-.It Cd "options SOFTUPDATES"
-The soft updates feature tracks writes to the disk
-and enforces metadata update dependencies
-(e.g., updating free block maps)
-to ensure that the file system remains consistent.
-.Pp
-To create a new file system with the soft updates
-enabled,
-use
-.Xr newfs 8
-command:
-.Pp
-.D1 Nm newfs Fl U Ar fs
-.Pp
-.Ar fs
-can be either a mount point listed in
-.Xr fstab 5
-.Pq e.g. , Pa /usr ,
-or a disk device
-.Pq e.g., Pa /dev/da0a .
-.Pp
-It is possible to enable soft updates on an
-.Em unmounted
-file system by using
-.Xr tunefs 8
-command:
-.Pp
-.D1 Nm tunefs Fl n Cm enable Ar fs
-.Pp
-Soft updates can also add journaling that reduces the time spent by
-.Xr fsck_ffs 8
-cleaning up a filesystem after a crash from several minutes to a few seconds.
-The journal is placed in an inode named
-.Pa .sujournal ,
-and is kept as a circular log of segments containing
-records that describe metadata operations.
-.Pp
-To create a new file system with both the soft updates
-and soft updates journaling enabled,
-use the following command:
-.Pp
-.D1 Nm newfs Fl j Ar fs
-.Pp
-This runs
-.Xr tunefs 8
-command after
-.Xr newfs 8
-command with
-.Fl U
-flag enabled.
-It is possible to enable soft updates journaling on an
-.Em unmounted
-file system by using
-.Xr tunefs 8
-command:
-.Pp
-.D1 Nm tunefs Fl j Cm enable Ar fs
-.Pp
-This flag automatically enables the soft updates feature
-when it is not enabled.
-Note that this
-.Xr tunefs 8
-command will fail if a file
-.Pa .sujournal
-already exists before enabling the soft updates journaling.
-.El
-.Ss File Ownership Inheritance
-.Bl -tag -width 2n
-.It Cd "options SUIDDIR"
-For use in file sharing environments
-on networks including
-.Tn "Microsoft Windows"
-and
-.Tn "Apple Macintosh"
-computers,
-this option allows files on file systems
-mounted with the
-.Cm suiddir
-option
-to inherit the ownership of its directory,
-i.e.,
-.Dq "if it's my directory, it must be my file."
-.El
-.Ss Access Control Lists
-.Bl -tag -width 2n
-.It Cd "options UFS_ACL"
-Access control lists allow the association of
-fine-grained discretionary access control information
-with files and directories.
-This option requires the presence of the
-.Dv UFS_EXTATTR
-option, and it is recommended that
-.Dv UFS_EXTATTR_AUTOSTART
-is included as well,
-so that ACLs are enabled atomically upon mounting the file system.
-.El
-.Pp
-In order to enable support for ACLs,
-two extended attributes must be available in the
-.Dv EXTATTR_NAMESPACE_SYSTEM
-namespace:
-.Pa posix1e.acl_access ,
-which holds the access ACL,
-and
-.Pa posix1e.acl_default ,
-which holds the default ACL for directories.
-If you are using file system extended attributes,
-the following commands may be used to
-allocate space for and create the necessary EA backing files
-for ACLs in the root of each file system.
-In these examples, the root file system is used;
-see
-.Sx "Extended Attributes"
-for more details.
-.Bd -literal -offset indent
-mkdir -p /.attribute/system
-cd /.attribute/system
-extattrctl initattr -p / 388 posix1e.acl_access
-extattrctl initattr -p / 388 posix1e.acl_default
-.Ed
-.Pp
-On the next mount of the root file system,
-the attributes will be automatically started if
-.Dv UFS_EXTATTR_AUTOSTART
-is included in the kernel configuration,
-and ACLs will be enabled.
-.Ss Directory Hashing
-.Bl -tag -width 2n
-.It Cd "options UFS_DIRHASH"
-Implements a hash-based lookup scheme for directories
-in order to speed up accesses to very large directories.
-.El
-.Ss Extended Attributes
-.Bl -tag -width 2n
-.It Cd "options UFS_EXTATTR"
-Extended attributes allow the association of
-additional arbitrary metadata with files and directories,
-which can be assigned and retrieved from userland
-as well as from within the kernel; see
-.Xr extattrctl 8 .
-.It Cd "options UFS_EXTATTR_AUTOSTART"
-If this option is defined,
-.Nm
-will search for a
-.Pa .attribute
-subdirectory of the file system root during the mount operation.
-If found, extended attribute support will be
-automatically started for that file system.
-.El
-.Ss GEOM-based Journaling
-.Bl -tag -width 2n
-.It Cd "options UFS_GJOURNAL"
-Implements a block level journaling of a UFS file system,
-which is for both data and metadata.
-To enable this,
-create a
-.Xr gjournal 8
-GEOM provider for a block device by using the
-following command:
-.Pp
-.D1 Nm gjournal label Ar da0
-.Pp
-In this example,
-.Pa /dev/da0
-is used as the target block device,
-and
-.Pa /dev/da0.journal
-is created.
-Then create a new file system by using
-.Xr newfs 8
-with the block level journaling flag and mount it:
-.Pp
-.D1 Nm newfs Fl J Ar /dev/da0.journal
-.D1 Nm mount Fl o Cm async Ar /dev/da0.journal Ar /mnt
-.Pp
-.Cm async
-option is not mandatory but recommended for better performance
-because the journaling guarantees the consistency of an
-.Cm async
-mount.
-.Pp
-It is also possible to enable the block level journaling
-on an existing file system.
-To do so,
-use
-.Xr gjournal 8
-utility to label the underlying block device and
-.Xr tunefs 8
-utility to enable the block level journaling flag:
-.Pp
-.D1 Nm gjournal label Ar da0
-.D1 Nm tunefs Fl J Cm enable Ar /dev/da0.journal
-.D1 Nm mount Fl o Cm async Ar /dev/da0.journal Ar /mnt
-.El
-.Ss Xr sysctl 8 MIBs
-The following
-.Xr sysctl 8
-MIBs are defined for use with
-.Nm :
-.Bl -hang -width ".Va vfs.ffs.doreallocblk"
-.It Va vfs.ffs.doasyncfree
-Asynchronously write out modified i-node and indirect blocks
-upon reallocating file system blocks to be contiguous.
-.Pq Default: 1 .
-.It Va vfs.ffs.doreallocblks
-Enable support for the rearrangement of blocks
-to be contiguous.
-.Pq Default: 1 .
-.El
-.Sh HISTORY
-The
-.Nm
-manual page first appeared in
-.Fx 4.5 .
-.Sh SEE ALSO
-.Xr quota 1 ,
-.Xr acl 3 ,
-.Xr extattr 3 ,
-.Xr edquota 8 ,
-.Xr extattrctl 8 ,
-.Xr fsck_ffs 8 ,
-.Xr sysctl 8 ,
-.Xr tunefs 8
-.Rs
-.%A M. McKusick
-.%A W. Joy
-.%A S. Leffler
-.%A R. Fabry
-.%D August 1984
-.%T "A Fast File System for UNIX"
-.%J "ACM Transactions on Computer Systems"
-.%N 2
-.%V 3
-.%P 181-197
-.Re
-.Rs
-.%A M. McKusick
-.%D June 2000
-.%T "Soft Updates: A Technique for Eliminating Most Synchronous Writes in the Fast Filesystem"
-.%J "Proceedings of the Freenix Track at the 1999 Usenix Annual Technical Conference"
-.%P 71-84
-.Re
-.Rs
-.%A M. McKusick
-.%A J. Roberson
-.%D May 2010
-.%T "Journaled Soft-updates"
-.%J "BSD Canada Conference 2010 (BSDCan)"
-.Re
diff --git a/share/man/man7/hier.7 b/share/man/man7/hier.7
index 7d164b5683d6..1c69b911f53b 100644
--- a/share/man/man7/hier.7
+++ b/share/man/man7/hier.7
@@ -28,7 +28,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.Dd April 18, 2024
+.Dd October 10, 2024
.Dt HIER 7
.Os
.Sh NAME
@@ -128,7 +128,7 @@ compatibility run-time
device nodes and special files; see
.Xr intro 4
and
-.Xr devfs 5
+.Xr devfs 4
.Pp
.Bl -tag -width "loader.conf.d" -compact
.It Pa ada0
@@ -156,6 +156,8 @@ file descriptor files; see
.Xr fd 4
.It Pa fd0
first floppy drive
+.It Pa gpt/
+storage partitions by GPT label
.It Pa mmcsd0
first SD storage device
.It Pa mmcsd0s1
@@ -168,7 +170,7 @@ infinite loop that accepts anything and contains nothing
.It Pa nvd0
first NVMe storage device using NVMe namespaces
.It Pa pts/
-pseduo-terminals; see
+pseudo-terminals; see
.Xr pts 4
.It Pa random
source of weak randomness; see
@@ -365,7 +367,7 @@ that need no home directory; see also
.Pa /var/empty/
.It Pa /proc/
process file system; see
-.Xr procfs 5
+.Xr procfs 4
.It Pa /rescue/
statically linked programs for emergency recovery; see
.Xr rescue 8
@@ -499,9 +501,6 @@ local 32-bit compatability libraries
local utility data files
.It Pa libexec/
utilities executed by local utilities
-.It Pa man/
-local manual pages; see
-.Xr man 1
.It Pa sbin/
local administration utilities
.It Pa share/
@@ -512,6 +511,9 @@ local documentation
articles, books, FAQ, and handbooks available from the
.Fx
project
+.It Pa share/man/
+local manual pages; see
+.Xr man 1
.El
.Pp
.It Pa obj/
diff --git a/share/man/man7/intro.7 b/share/man/man7/intro.7
index a155839bde64..d889c2dd299f 100644
--- a/share/man/man7/intro.7
+++ b/share/man/man7/intro.7
@@ -25,7 +25,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.Dd April 18, 2024
+.Dd June 23, 2025
.Dt INTRO 7
.Os
.Sh NAME
@@ -54,9 +54,6 @@ development introduction to
.Fx
.It Xr environ 7
user environment
-.It Xr ffs 7
-commonly used filesystem in
-.Fx
.It Xr firewall 7
simple firewalls under
.Fx
@@ -84,6 +81,8 @@ statistics utilities available in
introduction to the
.Fx
Test Suite
+.It Xr tracing 7
+introduction to tracing and performance monitoring facilities
.It Xr tuning 7
general advice on tuning
.Fx
diff --git a/share/man/man7/mitigations.7 b/share/man/man7/mitigations.7
index 1cea86e352c5..c3c6ab55c480 100644
--- a/share/man/man7/mitigations.7
+++ b/share/man/man7/mitigations.7
@@ -1,3 +1,6 @@
+.\"-
+.\" SPDX-License-Identifer: BSD-2-Clause
+.\"
.\" Copyright © 2023 The FreeBSD Foundation
.\"
.\" This documentation was written by Ed Maste <emaste@freebsd.org>, and
@@ -25,7 +28,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.Dd October 6, 2023
+.Dd January 29, 2025
.Dt MITIGATIONS 7
.Os
.Sh NAME
@@ -41,6 +44,7 @@ or per-process basis, some are optionally enabled or disabled at compile time,
and some are inherent to the implementation and have no controls.
.Pp
The following vulnerability mitigations are covered in this document:
+.Pp
.Bl -bullet -compact
.It
Address Space Layout Randomization (ASLR)
@@ -54,14 +58,16 @@ Write XOR Execute page protection policy
Relocation Read-Only (RELRO)
.It
Bind Now
-.\".It
-.\"Stack Smashing Protection (SSP)
-.\".It
-.\"Supervisor Mode Memory Protection
.It
-Hardware Vulnerability Mitigation Controls
+Stack Overflow Protection
+.It
+Supervisor Mode Memory Protection
.It
Capsicum
+.It
+Firmware and Microcode
+.It
+Architectural Vulnerability Mitigations
.El
.Pp
Please note that the effectiveness and availability of these mitigations may
@@ -148,7 +154,7 @@ proccontrol
.Ss Position Independent Executable (PIE)
PIE binaries are executable files that do not have a fixed load address.
They can be loaded at an arbitrary memory address by the
-.Xr rtld
+.Xr rtld 1
run-time linker.
With ASLR they are loaded at a random address on each execution.
.\"
@@ -179,17 +185,19 @@ Allow 64-bit processes to map pages simultaneously writable and executable.
.\"
.Ss PROT_MAX
.Dv PROT_MAX
-is a FreeBSD-specific extension to
+is a
+.Fx Ns
+-specific extension to
.Xr mmap 2 .
.Dv PROT_MAX
provides the ability to set the maximum protection of a region allocated by
-.Xr mmap
+.Xr mmap 2
and later altered by
-.Xr mprotect .
+.Xr mprotect 2 .
For example, memory allocated originally with an mmap prot argument of
PROT_MAX(PROT_READ | PROT_WRITE) | PROT_READ
may be made writable by a future
-.Xr mprotect
+.Xr mprotect 2
call, but may not be made executable.
.\"
.Ss Relocation Read-Only (RELRO)
@@ -232,22 +240,121 @@ preventing attacks on the relocation table.
Note that this results in a nonstandard Application Binary Interface (ABI),
and it is possible that some applications may not function correctly.
.\"
-.\".Ss Stack Smashing Protection (SSP)
-.\"
-.\".Ss Supervisor mode memory protection
+.Ss Stack Overflow Protection
+.Fx
+supports stack overflow protection using the Stack Smashing Protector
+.Pq SSP
+compiler feature.
+Stack clash protection is also enabled,
+if supported by the compiler for the given architecture.
+In userland, SSP adds a per-process randomized canary at the end of every stack
+frame which is checked for corruption upon return from the function,
+and stack probing in
+.Dv PAGE_SIZE
+chunks.
+In the kernel, a single randomized canary is used globally except on aarch64,
+which has a
+.Dv PERTHREAD_SSP
+.Xr config 8
+option to enable per-thread randomized canaries.
+If stack corruption is detected, then the process aborts to avoid potentially
+malicious execution as a result of the corruption.
+SSP may be enabled or disabled when building
+.Fx
+base with the
+.Xr src.conf 5
+SSP knob.
+.Pp
+When
+.Va WITH_SSP
+is enabled, which is the default, world is built with the
+.Fl fstack-protector-strong
+and
+.Fl fstack-clash-protection
+compiler options.
+The kernel is built with the
+.Fl fstack-protector
+option.
+.Pp
+In addition to SSP, a
+.Dq FORTIFY_SOURCE
+implementation is supported up to level 2 by defining
+.Va _FORTIFY_SOURCE
+to
+.Dv 1
+or
+.Dv 2
+before including any
+.Fx
+headers.
+.Fx
+world builds can set
+.Va FORTIFY_SOURCE
+in the environment or
+.Pa /etc/src-env.conf
+to provide a default value for
+.Va _FORTIFY_SOURCE .
+When enabled,
+.Dq FORTIFY_SOURCE
+enables extra bounds checking in various functions that accept buffers to be
+written into.
+These functions currently have extra bounds checking support:
+.Bl -column -offset indent "snprintf()" "memmove()" "strncpy()" "vsnprintf()" "readlink()"
+.It Fn bcopy Ta Fn bzero Ta Fn fgets Ta Fn getcwd Ta Fn gets
+.It Fn memcpy Ta Fn memmove Ta Fn memset Ta Fn read Ta Fn readlink
+.It Fn snprintf Ta Fn sprintf Ta Fn stpcpy Ta Fn stpncpy Ta Fn strcat
+.It Fn strcpy Ta Fn strncat Ta Fn strncpy Ta Fn vsnprintf Ta Fn vsprintf
+.El
+.Pp
+.Dq FORTIFY_SOURCE
+requires compiler support from
+.Xr clang 1
+or
+.Xr gcc 1 ,
+which provide the
+.Xr __builtin_object_size 3
+function that is used to determine the bounds of an object.
+This feature works best at optimization levels
+.Fl O1
+and above, as some object sizes may be less obvious without some data that the
+compiler would collect in an optimization pass.
+.Pp
+Similar to SSP, violating the bounds of an object will cause the program to
+abort in an effort to avoid malicious execution.
+This effectively provides finer-grained protection than SSP for some class of
+function and system calls, along with some protection for buffers allocated as
+part of the program data.
.\"
-.Ss Hardware vulnerability controls
-See
-.Xr security 7
-for more information.
+.Ss Supervisor mode memory protection
+Certain processors include features that prevent unintended access to memory
+pages accessible to userspace (non-privileged) code, while in a privileged
+mode.
+One feature prevents execution, intended to mitigate exploitation of kernel
+vulnerabilities from userland.
+Another feature prevents unintended reads from or writes to user space memory
+from the kernel.
+This also provides effective protection against NULL pointer dereferences from
+kernel.
+.Bl -column -offset indent "Architecture" "Feature" "Access Type Prevented"
+.It Sy Architecture Ta Sy Feature Ta Sy Access Type Prevented
+.It amd64 Ta SMAP Ta Read / Write
+.It amd64 Ta SMEP Ta Execute
+.It arm64 Ta PAN Ta Read / Write
+.It arm64 Ta PXN Ta Execute
+.It riscv Ta SUM Ta Read / Write
+.It riscv Ta - Ta Execute
+.El
+.Pp
+These features are automatically used by the kernel.
+There is no user-facing configuration.
.\"
.Ss Capsicum
Capsicum is a lightweight OS capability and sandbox framework.
See
.Xr capsicum 4
for more information.
-.Pp
.Sh HARDWARE VULNERABILITY MITIGATIONS
+.Ss Firmware and Microcode
Recent years have seen an unending stream of new hardware vulnerabilities,
notably CPU ones generally caused by detectable microarchitectural side-effects
of speculative execution which leak private data from some other thread or
@@ -255,18 +362,36 @@ process or sometimes even internal CPU state that is normally inaccessible.
Hardware vendors usually address these vulnerabilities as they are discovered by
releasing microcode updates, which may then be bundled into platform firmware
updates
-.Pq historically called BIOS updates for PCs .
+.Pq historically called BIOS updates for PCs
+or packages to be updated by the operating system at boot time.
+.Pp
+Platform firmware updates, if available from the manufacturer,
+are the best defense as they provide coverage during early boot.
+Install them with
+.Pa sysutils/flashrom
+from the
+.Fx
+Ports Collection.
+.Pp
+If platform firmware updates are no longer available,
+packaged microcode is available for installation at
+.Pa sysutils/cpu-microcode
+and can be loaded at runtime using
+.Xr loader.conf 5 ,
+see the package message for more details.
.Pp
The best defense overall against hardware vulnerabilities is to timely apply
-these updates when available and to disable the affected hardware's problematic
-functionalities when possible (e.g., CPU Simultaneous Multi-Threading).
+these updates when available, as early as possible in the boot process,
+and to disable the affected hardware's problematic functionalities when possible
+(e.g., CPU Simultaneous Multi-Threading).
Software mitigations are only partial substitutes for these, but they can be
helpful on out-of-support hardware or as complements for just-discovered
vulnerabilities not yet addressed by vendors.
Some software mitigations depend on hardware capabilities provided by a
microcode update.
-.Pp
-FreeBSD's usual policy is to apply by default all OS-level mitigations that do
+.Ss Architectural Vulnerability Mitigations
+.Fx Ap s
+usual policy is to apply by default all OS-level mitigations that do
not require recompilation, except those the particular hardware it is running on
is known not to be vulnerable to
.Pq which sometimes requires firmware updates ,
@@ -355,6 +480,10 @@ should be considered when configuring and deploying them in a
.Fx
system.
.Pp
+Additional mitigation knobs are listed in the
+.Sx KNOBS AND TWEAKS
+section of
+.Xr security 7 .
.Sh SEE ALSO
.Xr elfctl 1 ,
.Xr proccontrol 1 ,
diff --git a/share/man/man7/networking.7 b/share/man/man7/networking.7
index 869812c05a9b..2174577eb6a3 100644
--- a/share/man/man7/networking.7
+++ b/share/man/man7/networking.7
@@ -1,54 +1,51 @@
-.\"-
-.\" SPDX-License-Identifier: BSD-2-Clause
.\"
-.\" Copyright (c) 2024 Alexander Ziaee <concussious@runbox.com>
+.\" Copyright (c) 2024 Alexander Ziaee. Ohio.
+.\"
+.\" SPDX-License-Identifier: BSD-2-Clause
.\"
-.Dd April 17, 2024
-.Dt "NETWORKING" 7
+.Dd March 21, 2025
+.Dt NETWORKING 7
.Os
.Sh NAME
.Nm networking ,
.Nm wifi
.Nd quickstart guide to connecting to a network
.Sh DESCRIPTION
-In the following examples, it is assumed that we are connecting to Ethernet
-with the first interface found by the
-.Xr em 4
+In the following examples, it is assumed that
+we are connecting to Ethernet with the first interface found by the
+.Xr ix 4
driver, and Wi-Fi with the first interface found by the
-.Xr iwn 4
+.Xr iwlwifi 4
driver, though your hardware will vary.
.Sh EXAMPLES
.Bl -tag -width 0n
-.It Sy Connecting to an Ethernet network with DHCP:
-.Bd -literal -offset 2n
-.Ic # dhclient em0
-.Ed
-.It Sy Connecting to a cellular network with USB tethering:
+.It Sy Example 1: Connecting to an Ethernet network with DHCP
.Pp
-Load the USB tethering driver,
-.Xr urndis 4 :
+Ask for a DHCP lease on the first Intel 10Gb Ethernet interface:
.Bd -literal -offset 2n
-.Ic # kldload urndis
+.Ic # dhclient ix0
.Ed
+.It Sy Example 2: Connecting to a cellular network with USB tethering
.Pp
-Ask for a DHCP lease on the USB tethering interface:
+Ask for a DHCP lease on the first USB tethering interface:
.Bd -literal -offset 2n
.Ic # dhclient ue0
.Ed
-.It Sy Connecting to a Wi-Fi network:
+.It Sy Example 3: Connecting to a Wi-Fi network
.Pp
Identify your Wi-Fi hardware:
.Bd -literal -offset 2n
.Ic % sysctl net.wlan.devices
.Ed
.Pp
-Configure your Wi-Fi hardware as wlan0 interface:
-.Ed
+Create the
+.Sy wlan0
+interface with the first Intel Wi-Fi adapter:
.Bd -literal -offset 2n
-.Ic # sysrc wlans_iwn0="wlan0"
+.Ic # sysrc wlans_iwlwifi0="wlan0"
.Ed
.Pp
-Set that interface to negotiate a DHCP lease with
+Set that interface to ask for a DHCP lease with
.Xr wpa_supplicant 8 :
.Bd -literal -offset 2n
.Ic # sysrc ifconfig_wlan0="WPA SYNCDHCP"
@@ -56,6 +53,7 @@ Set that interface to negotiate a DHCP lease with
.Pp
Enter the details of the Wi-Fi network:
.Bd -literal -offset 2n
+.Ic # cd /etc/
.Ic # wpa_passphrase \(dqmyssid\(dq \(dqmypassphrase\(dq >> wpa_supplicant.conf
.Ed
.Pp
@@ -63,12 +61,11 @@ Restart the network interface daemon:
.Bd -literal -offset 2n
.Ic # service netif restart
.Ed
-.Pp
-.It Sy Scanning for Wi-Fi networks:
+.It Sy Example 4: Scanning for Wi-Fi networks
.Bd -literal -offset 2n
.Ic % ifconfig wlan0 scan
.Ed
-.It Sy Airplane mode:
+.It Sy Example 5: Airplane mode
.Bd -literal -offset 2n
.Ic # service netif stop
.Ed
@@ -93,9 +90,4 @@ commonly using
.Ql \e ,
see the manual page for your shell for more details.
.Pp
-Currently
-.Ql Ic service netif restart
-does not restart routing.
-A common workaround is to issue
-.Ql Ic service netif restart && service routing restart
-instead.
+Stopping the network interface service also stops internal networking.
diff --git a/share/man/man7/orders.7 b/share/man/man7/orders.7
index aef44adde125..c1c2c1200e42 100644
--- a/share/man/man7/orders.7
+++ b/share/man/man7/orders.7
@@ -47,8 +47,8 @@ The following table lists common multiples of bytes.
.It Zettabyte Ta ZB Ta 2^70 Ta 10^21
.It Yottabyte Ta YB Ta 2^80 Ta 10^24
.It Ronnabyte Ta RB Ta 2^90 Ta 10^27
-.It Quettabyte Ta QB Ta 2^100 Ta 10^30.
-El
+.It Quettabyte Ta QB Ta 2^100 Ta 10^30
+.El
.Pp
The following table lists common bit rates as a power of ten.
.Bl -column -offset 2n \
diff --git a/share/man/man7/ports.7 b/share/man/man7/ports.7
index 911135a8b631..b681a326f407 100644
--- a/share/man/man7/ports.7
+++ b/share/man/man7/ports.7
@@ -1,4 +1,6 @@
.\"
+.\" SPDX-License-Identifier: BSD-2-Clause
+.\"
.\" Copyright (c) 1997 David E. O'Brien
.\"
.\" All rights reserved.
@@ -23,7 +25,7 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd September 24, 2023
+.Dd March 21, 2025
.Dt PORTS 7
.Os
.Sh NAME
@@ -163,7 +165,7 @@ target.
Configure
.Va OPTIONS
for this port using
-.Xr dialog4ports 1 .
+.Xr portconfig 1 Pq Pa ports/ports-mgmt/portconfig .
.It Cm fetch
Fetch all of the files needed to build this port from the sites
listed in
@@ -245,7 +247,7 @@ configured.
Configure
.Va OPTIONS
for this port and all its dependencies using
-.Xr dialog4ports 1 .
+.Xr portconfig 1 Pq Pa ports/ports-mgmt/portconfig .
.It Cm fetch-list
Show the list of files to fetch in order to build the port (but not its
dependencies).
@@ -737,16 +739,16 @@ Additional user documentation:
.It
.Xr pkg 8
.It
-.Lk "https://www.FreeBSD.org/ports" "Searchable index of all ports"
+.Lk "https://ports.FreeBSD.org" "Searchable index of all ports"
.El
.Sh HISTORY
The Ports Collection
appeared in
.Fx 1.0 .
It has since spread to
-.Nx
-and
-.Ox .
+.Nx ,
+.Ox ,
+and macOS.
.Sh AUTHORS
.An -nosplit
This manual page was originated by
diff --git a/share/man/man7/release.7 b/share/man/man7/release.7
index 0a56f0762591..36c14afe0bf1 100644
--- a/share/man/man7/release.7
+++ b/share/man/man7/release.7
@@ -22,7 +22,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.Dd August 6, 2023
+.Dd May 20, 2025
.Dt RELEASE 7
.Os
.Sh NAME
@@ -150,7 +150,7 @@ The
.Xr git 1
host used to check out the various trees.
Defaults to
-.Pa https://git.FreeeBSD.org .
+.Pa https://git.FreeBSD.org .
.It Va SRCBRANCH
The
.Li src/
@@ -282,6 +282,10 @@ within the
This is intended for use only when
.Fa /usr/ports
is expected to exist by alternative means.
+.It Va PKGBASE
+Include base system packages for use with
+.Xr pkg 8
+on the install media, instead of legacy tarball distribution sets.
.El
.Sh EMBEDDED BUILDS
The following
@@ -443,6 +447,18 @@ values, run:
cd /usr/src
make -C release list-cloudware
.Ed
+.Sh OCI IMAGES
+The
+.Fx
+release build tools have experimental support for building
+Open Container Initiative (OCI) format container base images.
+This is enabled using a
+.Fa release.conf
+variable:
+.Bl -tag -width Ev
+.It Va WITH_OCIIMAGES
+Set to a non-null value to build OCI base images.
+.El
.Sh MAKEFILE TARGETS
The release makefile
.Pq Pa src/release/Makefile
diff --git a/share/man/man7/security.7 b/share/man/man7/security.7
index ccbeeb4575ce..cdb4d066d3e6 100644
--- a/share/man/man7/security.7
+++ b/share/man/man7/security.7
@@ -1,5 +1,5 @@
.\" Copyright (C) 1998 Matthew Dillon. All rights reserved.
-.\" Copyright (c) 2019 The FreeBSD Foundation, Inc.
+.\" Copyright (c) 2019 The FreeBSD Foundation
.\"
.\" Parts of this documentation were written by
.\" Konstantin Belousov <kib@FreeBSD.org> under sponsorship
@@ -26,13 +26,21 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.Dd October 5, 2023
+.Dd June 1, 2024
.Dt SECURITY 7
.Os
.Sh NAME
.Nm security
.Nd introduction to security under FreeBSD
.Sh DESCRIPTION
+See
+.Xr mitigations 7
+for a description of vulnerability mitigations in
+.Fx .
+This man page documents other
+.Fx
+security related topics.
+.Pp
Security is a function that begins and ends with the system administrator.
While all
.Bx
diff --git a/share/man/man7/simd.7 b/share/man/man7/simd.7
index fd9485524aef..d5092348d9b3 100644
--- a/share/man/man7/simd.7
+++ b/share/man/man7/simd.7
@@ -24,7 +24,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE
.
-.Dd December 6, 2023
+.Dd November 18, 2024
.Dt SIMD 7
.Os
.Sh NAME
@@ -51,43 +51,43 @@ can be used to override this mechanism.
Enhanced functions are present for the following architectures:
.Bl -column FUNCTION_________ aarch64_ arm_ amd64_ i386_ ppc64_ -offset indent
.It Em FUNCTION Ta Em AARCH64 Ta Em ARM Ta Em AMD64 Ta Em I386 Ta Em PPC64
-.It bcmp Ta Ta Ta S1 Ta S
-.It bcopy Ta Ta S Ta S Ta S Ta SV
-.It bzero Ta Ta S Ta S Ta S
+.It bcmp Ta A Ta Ta S1 Ta S
+.It bcopy Ta A Ta S Ta S Ta S Ta SV
+.It bzero Ta A Ta S Ta S Ta S
.It div Ta Ta Ta S Ta S
-.It index Ta S Ta Ta S1
+.It index Ta A Ta Ta S1
.It ldiv Ta Ta Ta S Ta S
.It lldiv Ta Ta Ta S
-.It memchr Ta S Ta Ta S1
-.It memcmp Ta S Ta S Ta S1 Ta S
-.It memccpy Ta Ta Ta S1
-.It memcpy Ta S Ta S Ta S Ta S Ta SV
-.It memmove Ta S Ta S Ta S Ta S Ta SV
-.It memrchr Ta Ta Ta S1
-.It memset Ta S Ta S Ta S Ta S
-.It rindex Ta S Ta Ta S1 Ta S
-.It stpcpy Ta S Ta Ta S1
+.It memchr Ta A Ta Ta S1
+.It memcmp Ta A Ta S Ta S1 Ta S
+.It memccpy Ta A Ta Ta S1
+.It memcpy Ta A Ta S Ta S Ta S Ta SV
+.It memmove Ta A Ta S Ta S Ta S Ta SV
+.It memrchr Ta A Ta Ta S1
+.It memset Ta A Ta S Ta S Ta S
+.It rindex Ta A Ta Ta S1 Ta S
+.It stpcpy Ta A Ta Ta S1
.It stpncpy Ta Ta Ta S1
-.It strcat Ta Ta Ta S1 Ta S
-.It strchr Ta S Ta Ta S1 Ta S
-.It strchrnul Ta S Ta Ta S1
-.It strcmp Ta S Ta S Ta S1 Ta S
-.It strcpy Ta S Ta Ta S1 Ta S Ta S2
-.It strcspn Ta Ta Ta S2
-.It strlcat Ta Ta Ta S1
-.It strlcpy Ta Ta Ta S1
-.It strlen Ta S Ta S Ta S1
-.It strncat Ta Ta Ta S1
-.It strncmp Ta S Ta S Ta S1 Ta S
+.It strcat Ta A Ta Ta S1 Ta S
+.It strchr Ta A Ta Ta S1 Ta S
+.It strchrnul Ta A Ta Ta S1
+.It strcmp Ta A Ta S Ta S1 Ta S
+.It strcpy Ta A Ta Ta S1 Ta S Ta S2
+.It strcspn Ta S Ta Ta S2
+.It strlcat Ta A Ta Ta S1
+.It strlcpy Ta A Ta Ta S1
+.It strlen Ta A Ta S Ta S1
+.It strncat Ta A Ta Ta S1
+.It strncmp Ta A Ta S Ta S1 Ta S
.It strncpy Ta Ta Ta S1 Ta Ta S2
-.It strnlen Ta S Ta Ta S1
-.It strrchr Ta S Ta Ta S1 Ta S
-.It strpbrk Ta Ta Ta S2
-.It strsep Ta Ta Ta S2
-.It strspn Ta Ta Ta S2
+.It strnlen Ta A Ta Ta S1
+.It strrchr Ta A Ta Ta S1 Ta S
+.It strpbrk Ta S Ta Ta S2
+.It strsep Ta S Ta Ta S2
+.It strspn Ta S Ta Ta S2
.It swab Ta Ta Ta Ta S
-.It timingsafe_bcmp Ta Ta Ta S1
-.It timingsafe_memcmp Ta Ta Ta S
+.It timingsafe_bcmp Ta A Ta Ta S1
+.It timingsafe_memcmp Ta S Ta Ta S
.It wcschr Ta Ta Ta Ta S
.It wcscmp Ta Ta Ta Ta S
.It wcslen Ta Ta Ta Ta S
@@ -100,7 +100,8 @@ Enhanced functions are present for the following architectures:
or PowerPC\ 2.05,
.Sy 3 Ns :\ x86-64-v3,
.Sy 4 Ns :\ x86-64-v4,
-.Sy V Ns :\ PowerPC\ VSX.
+.Sy V Ns :\ PowerPC\ VSX,
+.Sy A Ns :\ Arm\ ASIMD (NEON).
.
.Sh ENVIRONMENT
.Bl -tag
diff --git a/share/man/man7/tests.7 b/share/man/man7/tests.7
index 1fbaad7d42a0..61b0789b9149 100644
--- a/share/man/man7/tests.7
+++ b/share/man/man7/tests.7
@@ -25,7 +25,7 @@
.\" OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
.\" IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd August 19, 2020
+.Dd April 1, 2025
.Dt TESTS 7
.Os
.Sh NAME
@@ -157,7 +157,7 @@ The following configuration variables are available in the
.Fx
Test Suite:
.Bl -tag -width "allow_sysctl_side_effects"
-.It allow_devfs_side_effects
+.It Va allow_devfs_side_effects
If defined, enables tests that may destroy and recreate semipermanent device
nodes, like disk devices.
Without this variable, tests may still create and destroy devices nodes that
@@ -166,16 +166,19 @@ them up afterwards.
However, tests that require this variable have a relaxed cleanup requirement;
they must recreate any devices that they destroyed, but not necessarily with
the same devnames.
-.It allow_sysctl_side_effects
+.It Va allow_sysctl_side_effects
Enables tests that change globally significant
.Xr sysctl 8
variables.
The tests will undo any changes in their cleanup phases.
-.It disks
+.It Va allow_network_access
+Enables tests that need to access the network the test host is connected to.
+Such tests may require properly configured Internet access.
+.It Va disks
Must be set to a space delimited list of disk device nodes.
Tests that need destructive access to disks must use these devices.
Tests are not required to preserve any data present on these disks.
-.It fibs
+.It Va fibs
Must be set to a space delimited list of FIBs (routing tables).
Tests that need to modify a routing table may use any of these.
Tests will cleanup any new routes that they create.
diff --git a/share/man/man7/tracing.7 b/share/man/man7/tracing.7
new file mode 100644
index 000000000000..0bd64f197084
--- /dev/null
+++ b/share/man/man7/tracing.7
@@ -0,0 +1,97 @@
+.\"
+.\" SPDX-License-Identifier: BSD-2-Clause
+.\"
+.\" Copyright (c) 2025 Mateusz Piotrowski <0mp@FreeBSD.org>
+.\"
+.Dd June 19, 2025
+.Dt TRACING 7
+.Os
+.Sh NAME
+.Nm tracing
+.Nd introduction to tracing and performance monitoring facilities
+.Sh DESCRIPTION
+.Fx
+features a large variety of tracing and performance monitoring facilities.
+Use them to measure performance and
+troubleshoot kernel and userland problems both during
+.Xr development 7
+and potentially on production systems.
+The facilities differ in scope, ease of use, overhead, design, and limitations.
+.Ss DTrace
+.Xr dtrace 1
+is the most versatile tracing framework available on
+.Fx
+and is capable of tracing throughout the
+.Fx
+software stack from the kernel to the applications running in userland.
+Refer to
+.Xr dtrace 1
+and
+.Xr SDT 9
+for more details.
+.Pp
+.Xr dwatch 1
+is a user-friendly wrapper for DTrace.
+It simplifies common DTrace usage patterns and requires less expert knowledge
+to operate.
+.Pp
+.Ss Userland Tracing
+.Xr truss 1
+traces system calls.
+It uses
+.Xr sysdecode 3
+to pretty-print system call arguments and
+.Xr ptrace 2
+to trace processes.
+.Pp
+.Xr ktrace 1
+is useful for debugging user programs.
+It enables kernel trace logging for specified processes.
+Like
+.Xr truss 1 ,
+it mainly traces system calls, but instead of using
+.Xr ptrace 2 ,
+it asynchronously logs entries to a trace file configured with
+.Xr ktrace 2
+(typically
+.Pa ktrace.out ) ,
+and it can log other types of kernel events, such as page faults and name lookups
+.Po refer to
+.Fl t
+in
+.Xr ktrace 1
+.Pc .
+Also, programs can log to a
+.Xr ktrace 1
+stream using the
+.Xr utrace 2
+system call.
+.Ss Kernel Tracing
+.Xr ktr 4
+is a facility for logging strings in the kernel.
+It comes in handy for some niche purposes during kernel development.
+It lets kernel programmers log events to a global ring buffer,
+which can later be dumped using
+.Xr ktrdump 8 .
+.Ss Hardware Counters
+.Pp
+.Xr pmcstat 8 ,
+and its kernel counterpart,
+.Xr hwmpc 4 ,
+is the
+.Fx
+facility for conducting performance measurements with hardware counters.
+.Ss Boot-Time And Shutdown Tracing
+.Xr boottrace 4
+is a facility for tracing events at boot and shutdown.
+Its target audience are system administrators.
+.Pp
+.Xr tslog 4
+is a developer-oriented tool for tracing boot-time events.
+.Sh HISTORY
+The
+.Nm
+manual page was written by
+.An Mateusz Piotrowski Aq Mt 0mp@FreeBSD.org .
+It first appeared in
+.Fx 15.0 .
diff --git a/share/man/man7/tuning.7 b/share/man/man7/tuning.7
index f04500d0f0dc..ebba551f65d0 100644
--- a/share/man/man7/tuning.7
+++ b/share/man/man7/tuning.7
@@ -22,7 +22,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.Dd November 17, 2023
+.Dd January 23, 2025
.Dt TUNING 7
.Os
.Sh NAME
@@ -151,8 +151,7 @@ Striping can also improve
the performance of a file system by splitting I/O operations across two
or more disks.
The
-.Xr gstripe 8 ,
-.Xr gvinum 8 ,
+.Xr gstripe 8
and
.Xr ccdconfig 8
utilities may be used to create simple striped file systems.
@@ -504,29 +503,6 @@ The read-only
.Va kern.openfiles
sysctl may be interrogated to determine the current number of open files
on the system.
-.Pp
-The
-.Va vm.swap_idle_enabled
-sysctl is useful in large multi-user systems where you have lots of users
-entering and leaving the system and lots of idle processes.
-Such systems
-tend to generate a great deal of continuous pressure on free memory reserves.
-Turning this feature on and adjusting the swapout hysteresis (in idle
-seconds) via
-.Va vm.swap_idle_threshold1
-and
-.Va vm.swap_idle_threshold2
-allows you to depress the priority of pages associated with idle processes
-more quickly then the normal pageout algorithm.
-This gives a helping hand
-to the pageout daemon.
-Do not turn this option on unless you need it,
-because the tradeoff you are making is to essentially pre-page memory sooner
-rather than later, eating more swap and disk bandwidth.
-In a small system
-this option will have a detrimental effect but in a large system that is
-already doing moderate paging this option allows the VM system to stage
-whole processes into and out of memory more easily.
.Sh LOADER TUNABLES
Some aspects of the system behavior may not be tunable at runtime because
memory allocations they perform must occur early in the boot process.
@@ -695,10 +671,10 @@ over services you export from your box (web services, email).
.Xr ata 4 ,
.Xr dummynet 4 ,
.Xr eventtimers 4 ,
+.Xr ffs 4 ,
.Xr login.conf 5 ,
.Xr rc.conf 5 ,
.Xr sysctl.conf 5 ,
-.Xr ffs 7 ,
.Xr firewall 7 ,
.Xr hier 7 ,
.Xr ports 7 ,
@@ -710,7 +686,6 @@ over services you export from your box (web services, email).
.Xr gjournal 8 ,
.Xr gpart 8 ,
.Xr gstripe 8 ,
-.Xr gvinum 8 ,
.Xr ifconfig 8 ,
.Xr ipfw 8 ,
.Xr loader 8 ,
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-06 23:21:02 +0000