Solved Nvidia driver is outdated on FreeBSD 12.3

[Voltaire]

The current driver in FreeBSD 12.3 is version 470.103.01 :

FreshPorts -- x11/nvidia-driver-470: NVidia graphics card binary drivers for hardware OpenGL rendering

These are the official NVidia binary drivers for hardware OpenGL rendering in X11, using the GLX extensions. WWW: https://www.nvidia.com/object/unix.html

www.freshports.org

FreshPorts -- x11/linux-nvidia-libs-470: NVidia graphics libraries and programs (Linux version)

These are the Linux versions of common NVidia OpenGL/GLX/EGL/GLES/GLVND libraries and Vulkan ICD.

www.freshports.org

However, this has been the latest version for a while:

Driver Details | NVIDIA

Download the <dd~LanguageName> <dd~Name> for <dd~OSName> systems. Released <dd~ReleaseDateTime>

www.nvidia.com

It is important to update to this latest version as there is a security issue with the specific driver that is now in ports:

NVIDIA Support

nvidia.custhelp.com

SECURITY UPDATES FOR NVIDIA GPU LINUX DISPLAY DRIVER​

The following table lists the NVIDIA software products affected, versions affected, and the updated version available from nvidia.com that includes this security update.
Affected Driver Versions All versions prior to 470.129.06

 

[yuripv79]

You should notify a maintainer/file a bug report about the security issue so that quarterly branch would get an update.

 

[SirDice]

The latest package repository has 510.60.02, so you could switch to that.

But yes, if there's a security issue the version in the quarterly branch should be updated. You should send that security advisory to security@freebsd.org too. They can update the VuXML so pkg-audit(8) will report on it.

 

[Voltaire]

The latest package repository has 510.60.02, so you could switch to that.

Nvidia driver 510 is of no use to most people who use version 470.
Driver version 470 supports certain cards that no longer get game-ready drivers but will still receive security updates for several years.

 

[SirDice]

Nvidia driver 510 is of no use to most people who use version 470.

Oh, right. That's another "cut-off" point in the versions. In quarterly x11/nvidia-driver is still 470.x, while in latest it moved to x11/nvidia-driver-470 and x11/nvidia-driver is at 510.x. This change hasn't landed in quarterly yet.

 

[Voltaire]

Oh, right. That's another "cut-off" point in the versions. In quarterly x11/nvidia-driver is still 470.x, while in latest it moved to x11/nvidia-driver-470 and x11/nvidia-driver is at 510.x. This change hasn't landed in quarterly yet.

What I noticed today is that a mistake was made when rolling out the updates. The driver that is in ports is still https://www.freshports.org/x11/nvidia-driver-470/ and it does not have the security updates of 470.129.06. People who are on the 470 series drivers from Nvidia are not 'by accident' on this series. I mean, they might as well have the standard nvidia-driver package (https://www.freshports.org/x11/nvidia-driver/) installed but they didn't because they needed the 470 series.. In my case, it's because I'm using a GeForce 600 series card, and it's not supported by the standard nvidia-driver package.

When I do the pkg upgrade command today suddenly pkg wants to replace my 470 series driver with the 510 driver. This 510 doesn't support my GPU and I've never asked to switch to a totally different driver series. So if I were to upgrade my system now, I would simply suddenly no longer have a working X-Server because of this huge mistake that was made in package management.

 

[SirDice]

The x11/nvidia-driver-470 port didn't exist until x11/nvidia-driver was updated to 510. You installed the x11/nvidia-driver when it was still at version 470. pkg(8) is simply going to update x11/nvidia-driver because that's the one you have installed. From pkg(8) point of view x11/nvidia-driver-470 is a different package.

 

[mer]

Voltaire I ran into the same thing on a 13.1-RELEASE system, and the explaination by SirDice is the right answer.
I simply pkg delete nvidia-driver and then pkg install nvidia-driver-470. I typically run my upgrades from a console, not anything under X, always do a pkg upgrade -n to see what is going to get updated, mentally mark anything related to drm/kmod/video as "investigate before saying yes".

Nividia, quarterly pkgs, update

Don't know if anyone else has posted about this, but I ran into it the other day. FreeBSD 13.1-RELEASE, using pkgs instead of ports, I did pkg upgrade. I have a system with a GeForce GT740, when installed the pkg "nvidia-driver" installed the latest version at that time 470-something. Well the...

forums.freebsd.org

 

[Voltaire]

The x11/nvidia-driver-470 port didn't exist until x11/nvidia-driver was updated to 510. You installed the x11/nvidia-driver when it was still at version 470. pkg(8) is simply going to update x11/nvidia-driver because that's the one you have installed. From pkg(8) point of view x11/nvidia-driver-470 is a different package.

I used to have a GTX 1050 and I used it for a long time on the more difficult Linux systems, and then I also used that card on the FreeBSD 12 installation that I currently use. What I noticed on both Linux and FreeBSD was that my CPU and my limited RAM were usually the bottleneck in just about every modern game, so I couldn't really use this card. Therefore, and because there was a GPU scarcity, I sold this card and switched to the integrated graphics of my Intel CPU. There I noticed that in certain situations, such as opening Telegram for example, a few specific apps often got stuck because the graphics of that older Intel CPU really do not represent anything. Then my sister's friend gave his GTX 650 because he has had a GTX 1060 for a long time and the GTX 650 card would otherwise just go unused. Then I did deep research whether this GTX 650 would get some more years of safety updates or not and I also checked carefully what driver I would need on FreeBSD.

The point I want to make is that I remember vividly that I did type pkg install nvidia-driver-470 and not pkg install nvidia-driver. I dare to put my hand in the fire for that. As far as I can see I did the installation correctly, but a mistake was made by the person who arranges these updates.

 

[SirDice]

The point I want to make is that I remember vividly that I did type pkg install nvidia-driver-470 and not pkg install nvidia-driver.

That's unlikely on the quarterly branch. Because there was no x11/nvidia-driver-470 there. It was available in latest since 4-4 though, but that happened after Q2 was branched off.

https://cgit.freebsd.org/ports/log/x11/nvidia-driver-470

If you had switched to latest and specifically installed x11/nvidia-driver-470 pkg(8) won't magically upgrade it to x11/nvidia-driver. That just doesn't happen. I have several systems using the older legacy version x11/nvidia-driver-390, and none of them have ever suddenly changed to x11/nvidia-driver. I did, at some point in the past, had to change x11/nvidia-driver to x11/nvidia-driver-390 because the newer version of the driver stopped supporting my card.

 

[Voltaire]

That's unlikely on the quarterly branch. Because there was no x11/nvidia-driver-470 there. It was available in latest since 4-4 though, but that happened after Q2 was branched off.

https://cgit.freebsd.org/ports/log/x11/nvidia-driver-470

If you had switched to latest and specifically installed x11/nvidia-driver-470 pkg(8) won't magically upgrade it to x11/nvidia-driver. That just doesn't happen. I have several systems using the older legacy version x11/nvidia-driver-390, and none of them have ever suddenly changed to x11/nvidia-driver. I did, at some point in the past, had to change x11/nvidia-driver to x11/nvidia-driver-390 because the newer version of the driver stopped supporting my card.

I understand it's hard to believe, but as you can see here I'm telling the truth:

View: https://www.youtube.com/watch?v=v0RKq29Ct2U

 

[mer]

What is your pkg configuration pointing to? Are you on 12.3-RELEASE?
I'm asking because as I point out in my other thread, I'm on 13.1-RELEASE, using quarterly for the pkg stuff.
I know I had done pkg install nvidia-driver initially on the system which gave 470.something.
Updating pkg a week ago, after the quarterly had gotten updates, I saw that nvidia-driver installed 510, gave a clear message that my GPU is not supported by 510, so I pkg delete nvidia-driver and then pkg install nvidia-driver-470.

Looking at your video (sorry can't watch again your transparency stuff with the windows makes it hard for my old eyes to actually read), did you ever do the command "pkg info | grep nvidia" to see what package was actually installed on the system? The line you highlighted near the end, I saw exactly the same thing on my system and it means "you initially did pkg install nvidia-driver, the VERSION in the package from the MAKEFILE was 470.something, now upgrading the version in the makefile for the nvidia-driver package is 510.something".

That is exactly what I would have expected when they bump the version in the makefile.
Again it is exactly what I saw when I did my upgrade.

 

[SirDice]

Terrible readability on the video. But you installed x11/nvidia-driver that just happened to be version 470 at that time.

ports - FreeBSD ports tree

cgit.freebsd.org

The package name for this was nvidia-driver-470.86.pkg. The package name of x11/nvidia-driver-470 is nvidia-driver-470-470.103.01.pkg. Notice how that -470 is now part of the package name, not the version?

 

[Voltaire]

Terrible readability on the video. But you installed x11/nvidia-driver that just happened to be version 470 at that time.

ports - FreeBSD ports tree

cgit.freebsd.org

The package name for this was nvidia-driver-470.86.pkg. The package name of x11/nvidia-driver-470 is nvidia-driver-470-470.103.01.pkg. Notice how that -470 is now part of the package name, not the version?

What I did in the video was the command pkg info -lx nvidia because I thought the result meant that I had not installed the standard nvidia-driver package. But I have now noticed that the result on this command says almost nothing about this. Maybe you can make it out from the files of the driver, because you can also see them.

As mentioned before, I was of the opinion that I had not installed the driver via the pkg install nvidia-driver command.

One of the things I can do in terminator is scroll through all the commands that have been executed as a root user via the up arrow. Yesterday I browsed through my entire command history, and what I have seen is that as a root user I have never given the command pkg install nvidia-driver in the last 6 months, and I have installed the nvidia driver much more recently.

According to my command history that I can see in terminator, there are only two possibilities with which I can have the driver installed, and those are:
pkg install nvidia-driver-470.86
pkg install nvidia-driver-470

What I think is that there may be FreeBSD users who are on the GTX 600 series and therefore had the nvidia-driver-470 installed. But when they start updating their system now, they suddenly switch from nvidia-driver-470 to nvidia-driver. They're suddenly not going to have a working X11 server anymore, if my theory is correct.

 

[SirDice]

According to my command history that I can see in terminator, there are only two possibilities with which I can have the driver installed, and those are:
pkg install nvidia-driver-470.86
pkg install nvidia-driver-470

The first would succeed because you can use the pkg install packagename-version syntax, the second however will fail because there was no nvidia-driver-470.pkg package at that time (on quarterly). The first command however installs x11/nvidia-driver that just happens to have version 470.86.

What you are failing to realize here is that the -470 from x11/nvidia-driver-470 is part of the package name. It has nothing to do with the package version. So pkg install nvidia-driver-470 and pkg install nvidia-driver-470-470.103.01 are the same. Notice how the actual version number is after the last dash?

 

[mer]

What I think is that there may be FreeBSD users who are on the GTX 600 series and therefore had the nvidia-driver-470 installed. But when they start updating their system now, they suddenly switch from nvidia-driver-470 to nvidia-driver. They're suddenly not going to have a working X11 server anymore, if my theory is correct.

Yes if they pkg installed nvidia-driver at a time when that was built against 470.something, then do a pkg upgrade to quarterly released I think 1 July 2022, the version installed for the nvidia-driver package will be 510.something.
They are not being switched from a "package named nvidia-driver-470 to a package named nvidia-driver-510".
If they don't pay attention to the messages from package upgrade, then yes they will not have working X.
if you do pkg search nvidia you get a list including:
nvidia-driver-510.60.02 NVidia graphics card binary drivers for hardware OpenGL rendering nvidia-driver-304-304.137_9 NVidia graphics card binary drivers for hardware OpenGL rendering nvidia-driver-340-340.108_3 NVidia graphics card binary drivers for hardware OpenGL rendering nvidia-driver-390-390.151 NVidia graphics card binary drivers for hardware OpenGL rendering nvidia-driver-470-470.103.01 NVidia graphics card binary drivers for hardware OpenGL rendering
It's easiest to think of the package named "nvidia-driver" as a meta package that will install the highest version that has been built, so in this case 510.60.2. Basically when you pkg installed nvidia-driver-470 it was linked to the package named nvidia-driver at that point in time.

As SirDice says, the package names for the others include a "-XYZ" where XYZ is 304, 340,390 and 470.

 

[Voltaire]

The first would succeed because you can use the pkg install packagename-version syntax, the second however will fail because there was no nvidia-driver-470.pkg package at that time (on quarterly). The first command however installs x11/nvidia-driver that just happens to have version 470.86.

What you are failing to realize here is that the -470 from x11/nvidia-driver-470 is part of the package name. It has nothing to do with the package version. So pkg install nvidia-driver-470 and pkg install nvidia-driver-470-470.103.01 are the same. Notice how the actual version number is after the last dash?

I remember there was just a newer driver in freshports eg driver 490/500/510 at the time. I'm not quite sure about this, but that's how I remember it.

When I installed it I searched for the term 'nvidia' and looked at all the options, and it was the nvidia-driver-470 package that I clicked on and I installed this specific version. So how could I have prevented this problem?

The last thing I don't understand is: why do they allow to install the nvidia-driver package via pkg install nvidia-driver-470.86 If this was supposedly the version of the standard driver then it would be smarter to allow it only via pkg install nvidia-driver Then you could have avoided some confusion.

What I did yesterday is uninstalled all four nvidia packages, then updated all packages, and then installed the correct four nvidia packages. I also feel like I didn't make a mistake when installing the previous driver.

 

[SirDice]

I remember there was just a newer driver in freshports eg driver 490/500/510 at the time. I'm not quite sure about this, but that's how I remember it.

Ports tree is the basis for the latest package repository. You have been installing from the quarterly repository.

The last thing I don't understand is: why do they allow to install the nvidia-driver package via pkg install nvidia-driver-470.86

Because these are all valid:

     pkg install [--{automatic,force,no-scripts,ignore-missing}]
                 [--{dry-run,fetch-only,quiet,recursive,no-repo-update,yes}]
                 [--repository reponame]
                 [--{case-sensitive,glob,case-insensitive,regex}]
                 <pkg-origin|pkg-name|pkg-name-version> ...

pkg install mypackage # pkg-name
pkg install category/mypackage # pkg-origin
pkg install mypackage-1.0 # pkg-name-version

 

[mer]

I also feel like I didn't make a mistake when installing the previous driver.

You didn't, but what SirDice points out, there are nuances to what you did and how it installed "nvidia-driver".
Think of how you can have mulitple names for an IP address in /etc/hosts. Use of any one of those aliases gets you to the single IP address.
That's what happens behind the scene.

 

[Voltaire]

Ports tree is the basis for the latest package repository. You have been installing from the quarterly repository.

Do you mean that the versions and package names I see via https://www.freshports.org/ are sometimes more recent or different than the packages I can install via pkg by default?
That would explain the situation.
Basically for important drivers I should then use the command line to see which specific packages are available to me via pkg, and I should rely less on https://www.freshports.org/?

 

[SirDice]

Open a specific port on Freshports. It's been changed some time ago. Ports now show the versions and availability of that port, there's a neat table showing the versions from both latest and quarterly repository.

As of today the differences between quarterly and latest are minimal because a new quarterly branch (2022Q3) was recently made. The quarterly branch is branched off from main (aka latest) once every three months. In that three month period the quarterly branch only gets security or brake-fix updates.

 

[mer]

Basically for important drivers I should then use the command line to see which specific packages are available to me via pkg,

I typically do
pkg upgrade -n

It will evaluate your system against the configured package repo and give you a list of things it can update.
I look at that list for anything that I have mentally marked as important, then have the chance to investigate a bit more. Then when I'm ready I do
pkg upgrade -y

to upgrade everything without being asked.

For me, Freshports is nice to see what may become available, but the definitive source is always going to be the pkg repo you are pulling from.

 

[Voltaire]

Open a specific port on Freshports. It's been changed some time ago. Ports now show the versions and availability of that port, there's a neat table showing the versions from both latest and quarterly repository.

As of today the differences between quarterly and latest are minimal because a new quarterly branch (2022Q3) was recently made. The quarterly branch is branched off from main (aka latest) once every three months. In that three month period the quarterly branch only gets security or brake-fix updates.

I don't see any differences now between latest and quarterly for FreeBSD:12:amd64 for most packages but if there used to be bigger differences a few weeks ago it may explain why I installed the wrong nvidia driver.

I look at that list for anything that I have mentally marked as important, then have the chance to investigate a bit more. Then when I'm ready I do
pkg upgrade -y

to upgrade everything without being asked.

I'm going to start using that from now on because with just pkg upgrade it asks again somewhere in the middle for confirmation so it can sometimes feel like you are updating your system twice.

So I think I had the problem with the nvidia driver because I may have used wrong info about the drivers. Thanks for the help.

 

[SirDice]

I don't see any differences now between latest and quarterly for FreeBSD:12:amd64 for most packages but if there used to be bigger differences a few weeks ago it may explain why I installed the wrong nvidia driver.

A new quarterly was branched off less than a week ago. So latest and quarterly are pretty much the same right now. Just before a new quarterly is made the differences can be quite big though.

it may explain why I installed the wrong nvidia driver.

You didn't install the wrong nvidia driver. The change that created x11/nvidia-driver-470 and moved x11/nvidia-driver from 470.x to version 510.x (and up) just hadn't landed in the quarterly branch (2022Q2) yet.

 

[Voltaire]

You didn't install the wrong nvidia driver. The change that created x11/nvidia-driver-470 and moved x11/nvidia-driver from 470.x to version 510.x (and up) just hadn't landed in the quarterly branch (2022Q2) yet.

AMD cards might be better in this area because I think drm-kmod works on all AMD GPUs. Then you may never encounter a similar situation. The AMD driver isn't special in size, so why isn't nvidia making one driver for all their GPUs? If I interpret all correctly, you also have the advantage with AMD that the community can continue to update your drivers, while Nvidia makes your card unsuitable after so many years. My next card will definitely be Intel or AMD.

I am of the opinion that graphic driver installation is something that can be automated in all operating systems, such as for example in Manjaro. For all systems that have a gpu, is anyone going to be angry that their gpu driver has been installed automatically? I think 99.9% will be mostly satisfied that they don't lose time on this. The same goes for processor microcode. I don't think systems like Debian and FreeBSD install this automatically, and many users don't know that they need to install it to have a safe PC. This makes many Linux/BSD desktops likely to be more vulnerable to processor exploits.

These aren't things I consider 'the most important part' of an operating system anyway, otherwise I would have chosen Manjaro or Ubuntu, but the choices that Debian and FreeBSD make in this area probably won't be beneficial to most people.