INTRng can leak resources when INTx interrupts are re-routed, which is
typically harmless but can be fatal when devices are (repeatedly) hot
plugged into PCI buses on INTRng systems. Re-routing INTx interrupts
is nonetheless still necessary on some systems, and identifying whether
the re-routing should be enabled or disabled seems to be nontrivial.
Add a hw.pci.intx_reroute sysctl/tunable so systems which don't want
legacy PCI interrupt re-routing can turn it off. This is probably not
the best fix but it's something which can be safely included in FreeBSD
14.3.
Co-Authored-by: jhb
Reviewed by: bz, jhb
MFC after: 3 days
Sponsored by: Amazon
Differential Revision: https://reviews.freebsd.org/D49849
(cherry picked from commit 2187ec93ada1c7399f2f3537920f6277bec4a0ef)
Move the necessary extra logics (i.e., noise_remote_enable() and
TAILQ_INSERT_TAIL()) from wg_ioctl_set() to wg_peer_alloc(), and thus
make it easier to be called. Actually, the updated version is more
asymmetric to wg_peer_destroy() and thus less likely to be misused.
Meanwhile, rename it to wg_peer_create() to look more consistent with
wg_peer_destroy().
Reviewed by: aly_aaronly.me (diff), markj
Obtained from: DragonflyBSD 902964ab24ba (with some changes)
(cherry picked from commit 7121e9414f294d116caeadd07ebd969136d3a631)
In general we are working towards making public headers self-contained.
cdefs.h is included for __packed; just assume that types.h includes
cdefs.h as that's a very common assumption.
PR: 285924
Reviewed by: emaste
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D49735
(cherry picked from commit 31d3a94bdda4a9ca4c4d7d4e8e8a0ba1b05c7f18)
There is a somewhat strange case where when writing to a POSIX shm
object, the object is not allowed to grow, and the I/O offset+length
overflows. In that case we simply truncate the I/O to the object size.
Later we write-lock the range [offset, objsize). However, we were not
checking whether offset > objsize, in which case we're writing zero
bytes but locking an invalid range.
Modify the range locking in shm_write() to take this possibility into
account. While here, rename a variable to make its purpose a bit more
clear, and add an assertion against negative offsets (which is supposed
to be enforced by the caller of fo_write for I/O to files that aren't
character devices).
Reported by: syzkaller
Reviewed by: kevans, kib
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D49673
(cherry picked from commit 82d8c609cfb7c6d8a9da8e30efa54240f293359e)
The check for range overlap did not correctly handle negative offests,
as the addition inoff + len is promoted to an unsigned type.
Reported by: syzkaller
Reviewed by: rmacklem
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D49674
(cherry picked from commit 1101d628223d2188c244a4df9b0cb4eaff57e968)
This is more useful and matches the documentation. While here, make it
settable as a tunable and add a sysctl description.
PR: 139425
MFC after: 2 weeks
(cherry picked from commit c5773d366ecc5271b9bd6e5506c00fb3520f19ae)
Future firmwares will report these types to the driver. These
transceivers work already but are misidentified as a different type.
Sponsored by: Chelsio Communications
(cherry picked from commit c22b297062e1440676973a8aa89cbad1571e22f9)
The driver uses bus_reset_child on its parent to reset itself but that
performs an FLR whereas the hardware needs a Conventional Reset[1] for
full re-initialization. Add routines that perform conventional hot
reset and use them instead. The available reset mechanisms are:
* PCIe secondary bus reset (default)
* PCIe link bounce
hw.cxgbe.reset_method can be used to override the default. The internal
PL_RST is also available but is for testing only.
[1] 6.6.1 in PCI Express® Base Specification 5.0 version 1.0
Sponsored by: Chelsio Communications
(cherry picked from commit 011e3d0b8b90a4330f14b2cb7da45ed7b805ed10)
Add a new hw_all_ok() routine and use it to avoid hardware access in the
public control interfaces (ifnet ioctls, ifmedia calls, etc.). Continue
to use hw_off_limits() in the private ioctls/sysctls and other debug
code. Retire adapter_stopped() as it's of no use by itself.
This fixes problems where ifnet slow-path operations would enter a
synch_op just before set_adapter_hwstatus(false) and touch the hardware
when it's not safe to do so.
Sponsored by: Chelsio Communications
(cherry picked from commit e19d84979a183deb37ce6d7e385c3ccf02a3c8c7)
It was always set to PCATCH because the driver tested (INTR_OK) instead
of (flags & INTR_OK). Fit a WITNESS_WARN in a single line while here.
Sponsored by: Chelsio Communications
(cherry picked from commit 04bf43505bae1bb20d315a44e977d97aed3e5733)
There is no need to include private PCI headers in the driver.
Sponsored by: Chelsio Communications
(cherry picked from commit 762d32354a18517c28933ddc29f9d3d855e450b1)
An L2 table entry isn't associated with a particular SMT (Source MAC
Table) entry.
Sponsored by: Chelsio Communications
(cherry picked from commit f79fba05a016d53e054d6f587213889c3e31b4db)
The driver does minimal initialization in this mode and suspend/resume
should ignore resources that aren't setup. This is for debug only.
kenv hw.cxgbe.sos="1"
kldload if_cxgbe
devctl suspend t6nex0
devctl resume t6nex0
Sponsored by: Chelsio Communications
(cherry picked from commit f4ab14044c1de35b1aefad5449bddc5a1272f8d9)
After the pf_state_insert() call we may not use these pointers again.
Explicitly NULL them to ensure we don't.
Also NULL them out if we free the keys directly.
Reviewed by: glebius, markj
MFC after: 3 weeks
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D49553
(cherry picked from commit 592418343348bcf4355c249f53cff89ed90ea1f5)
pf_state_insert() may free the state keys, it's not safe to access these
pointers after the call.
Introduce osrc/odst (similar to osport/odport) to store the original source and
destination addresses. This allows us to undo NAT transformations without having
to access the state keys.
Reviewed by: glebius, markj
MFC after: 3 weeks
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D49551
(cherry picked from commit bdea9cbcf2decafeb4da5a0280313efccc09e1b3)
If we fail to attach the stack key that means we've already attached the wire
key. That means the state could be found by other cores, and given that we then
free it, be used after free.
Fix this by not releasing the ID hashrow lock and key locks until after we've
removed the inserted key again, ensuring the state cannot be found by other
cores.
Reported by: markj
Submitted by: glebius
Reviewed by: glebius, markj
MFC after: 3 weeks
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D49550
(cherry picked from commit 8efd2acf07bc0e1c3ea1f7390e0f1cfb7cf6f86c)
This marks the start of the FreeBSD 14.3 release cycle; the stable/14
tree is now in "code slush".
Developers are encouraged to prioritize fixing bugs (and/or merging bug
fixes from HEAD) over new features at this time. Commit approval from
re@ is not required but if new features introduce problems they may be
removed from the release.
Approved by: re (implicit)
Sponsored by: Amazon
Following the example of rtw88 and rtw89 only ship iwlwifi firmware
from ports/packages. Users are asked to run fwget(8) to install the
firmware needed for their system or build it from ports
(see also UPDATING).
This is the end of a long story adding wireless support to fwget(8),
migrating the firmware for multiple branches into ports, splitting them
up into flavors, and updating some install media and the installer to
provide firmware.
The overall amount for new firmware amongst all drivers would have
added more than 100M of binary blobs to src.git for the first import,
ignoring future updates which (along with some duplication between
multiple drivers) was considered too much.
While maintenance within the src tree certainly would have been
easier in the longer term this seems to be the better solution and
I would like to thank everyone who helped along the path to get there.
The iwlwififw.4 man page is to stay (for now) and will likely point
at the appropriate firmware package flavor in the future as well
so people may find it easier to transition. In the long term this
information is likely not needed anymore.
Sponsored by: The FreeBSD Foundation
Requested by: core (Oct 2022)
Reviewed by: thj, jrm (earlier)
Differential Revision: https://reviews.freebsd.org/D49713
(cherry picked from commit 558d638896239f9cd25b9d825ecfce62ec54681e)
(cherry picked from commit 918783b75aacb051f2f83dd0198ef68bc9fa5326)
We are using an mbuf tag to carry the ni reference in the TX path
from the TX function past the taskq along with the mbuf.
Contrary to initial assumptions we only need the ni and no other data
so attach the ni to m->m_pkthdr.PH_loc.ptr avoiding the extra allcation.
Sponsored by: The FreeBSD Foundation
(cherry picked from commit dbae3dcff72f53abe6874466baea78f552b3a316)
Start collecting rxrate information from the RX statistics which are
passed per packet. Store them in the lsta and upon printing statistics,
if no RX_BIRATE is provided copy them over from the lsta.
This allows us to see rate information in both directions on modern
iwlwifi chipsets, which are doing [tx]rate handling in firmware.
Sponsored by: The FreeBSD Foundation
(cherry picked from commit a1adefb139b3c8f95e5255c67705fb92f4d9fc04)
Now that we are doing VHT it is possible to overflow the mbufqs
we use in the TX and RX paths. Check the return code of mbufq_enqueue()
deal with any error accordingly and propagate it.
Sponsored by: The FreeBSD Foundation
(cherry picked from commit c816f64e66a0d21196ede35da3eca19e54b59a03)
In case we fail to allocate the mbuf or mtag in the RX path or fail
for other reasons report it as ic_ierrors for better diagnostics
and more correct statistics.
Also do what the comment had indicated and mandate that mtag allocation
succeeds or otherwise drop the packet. There may be room for future
improvements in a follow-up commit here.
Sponsored by: The FreeBSD Foundation
(cherry picked from commit c013f810ecb615289c2bd69a10f4317a3a867d50)
Rename lkpi_ic_raw_xmit() to lkpi_xmit() as we need a wrapper to add
an extra argument as (*ic_raw_xmit) and (*ic_transmit) have different
invariants. Based on the caller free the mbuf in the error case or
not to satisfy the requirements of the caller. For more information
see the comment in the code.
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 9a45c3ca850110c5871742fadbf7355c1085c725)
Increase the mbufq lengths we use in the RX and TX path to decouple
the lower and upper parts (currently using taskqs which likely need
to be replaced as well now -- was asked not to add more sophisticated
concepts 2-ish years ago).
The old values of IFQ_MAXLEN (50) are a tad too small so bump them
to 32 * NAPI_POLL_WEIGHT (32 * 64) which seems to be mostly enough
now not to drop mbufs anymore (by not overflowing the queues).
As a side effect TCP became a lot happier as well growing throughput
towards where UDP is already. There is more fish to fry but we
are also doing ~750 Mbits/sec TX and 400 Mbit/s RX TCP at VHT160 now.
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 832b8e986c68a43ecf2d6b4af805aaf37087f7d9)
Let the hardware handle fragmentation itself and tell net80211 to
save itself from it. We already call the (*set_frag_threshold)
mac80211 function.
This should be a NOP for all currently enabled LinuxKPI based WiFi
drivers.
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 63578bf225df37944b78febfb177e8c1c81f54e4)
There are cases when net80211 calls into crypto updates with the
ic lock held (not (just) the nt lock). We have to unlock that as
well and track the unlock like we do for the nt to avoid panics
when we later can sleep (on the wiphy [sx] lock).
Sponsored by: The FreeBSD Foundation
Reported by: rm
Tested by: rm
PR: 285729
Fixes: b8dfc3ecf703
Differential Revision: https://reviews.freebsd.org/D49791
(cherry picked from commit a6165709e3c8ba4a0bee18aead6ca8ea2b033933)
Especially on 2.4Ghz everything may indicate that we can use HT40
but we are stuck on a 20Mhz channel. Adjust the logic in
lkpi_sta_sync_ht_from_ni() to also check the channel width before
setting the sta bandwidth to 40.
Further check that the sta bw is not larger than the channel width
after the 'sync from ni' for HT and VHT and if it is, then update
the chanctx accordingly.
Firmware crashes we have seen with
iwlwifi0: 0x00010000 | umac data1
iwlwifi0: 0x00000000 | umac data2
iwlwifi0: 0xDEADBEEF | umac data3
iwlwifi0: 0xXXXX050F | last host cmd
likely indicate this problem.
Sponsored by: The FreeBSD Foundation
Reported by: Jonathan Vasquez (jon xyinn.org)
Reported by: Michael Butler (imb protected-networks.net)
Reported by: bapt
Reported by: William D Pool (rotaechojunk gmail.com)
Reported by: Eirik Øverby (ltning-freebsd-wireless anduin.net)
Reported by: likely others before
Tested by: Eirik Øverby (ltning-freebsd-wireless anduin.net)
Tested by: lwhsu
Tested by: Michael Butler (imb protected-networks.net)
Differential Revision: https://reviews.freebsd.org/D49761
(cherry picked from commit 62d51a43825bb632f542f4e89d57f3dbdb08095f)
Replace the LKPI_80211_LHW_LOCK (lhw->sx) with the wiphy lock (which
is a Linux mutex, so also an sx lock). Apart from two places the
change was mostly mechanically.
Further remove the now recursive lock acquisitions.
This lays the ground for us to use more Linux(KPI) 802.11 internal
locking as well as more rcu equivalents, e.g., for the chanctx,
and live better to the synchronisation expectations of the drivers.
[I wish there would be more assertions in the drivers themselves,
especially in the mac80211 ops and the iteration callbacks.]
Sponsored by: The FreeBSD Foundation
PR: 280546
Tested by: Oleksandr Kryvulia (shuriku shurik.kiev.ua)
Tested by: Oleg Nauman (oleg.nauman gmail.com) [rtw88]
Differential Revision: https://reviews.freebsd.org/D49734
(cherry picked from commit cd0fcf9f12114df542d4b080202abb1fe5f1aec8)
In case we are not announcing any changes there is no need to do a
downcall into the driver. Catch that with an early return.
Sponsored by: The FreeBSD Foundation
(cherry picked from commit ae8c3b6509c66d03cb68dc6f8bbad43acbc8c977)
While we are currently only supporting a single VAP (vif) it is
less of a trouble but in order to get locking and rcu accesses
[from drivers] more right add a list for all chanctx_conf we have
for one hw. Use that list in the iterator function to avoid
having to lock the vif but not protecting the chanctx list
(against a parallel removal) due to different locking.
Sponsored by: The FreeBSD Foundation
PR: 280546
Tested by: Oleksandr Kryvulia (shuriku shurik.kiev.ua)
Tested by: Oleg Nauman (oleg.nauman gmail.com) [rtw88]
Differential Revision: https://reviews.freebsd.org/D49734
(cherry picked from commit a8a47a41775b0320606f90b3ac2048bc23494615)
Adjust the init and lkpi_sta_scan_to_auth() chanctx_conf accesses to
use rcu functions as needed.
linuxkpi_ieee80211_iterate_chan_contexts() which is
ieee80211_iter_chan_contexts_atomic() needs further work to get rid
of the vif locks by keeping all chanctx_conf on a list in lhw.
This will be done in a follow-up commit.
Sponsored by: The FreeBSD Foundation
PR: 280546
Tested by: Oleksandr Kryvulia (shuriku shurik.kiev.ua)
Tested by: Oleg Nauman (oleg.nauman gmail.com) [rtw88]
Differential Revision: https://reviews.freebsd.org/D49734
(cherry picked from commit 560708cbb0468bf1fd1834f4894a1326e88ff10e)
We have multiple reports for iwlwifi firmware crashes where net80211
logged:
ieee80211_sta_join: BSS xx:xx:xx:xx:xx:xx: 2GHz channel, VHT info; ignoring
Make sure when we sync from net80211 or set state that we only do
VHT if we are on the 5Ghz band. This change is likely helpful
whether it fixes the originally reported problems or not.
Sponsored by: The FreeBSD Foundation
Reported by: Jonathan Vasquez (jon xyinn.org)
Reported by: Michael Butler (imb protected-networks.net)
Reported by: others (fw crash w/o net80211 logging)
Tested by: Eirik Øverby (ltning-freebsd-wireless anduin.net)
Tested by: lwhsu
Tested by: Michael Butler (imb protected-networks.net)
Differential Revision: https://reviews.freebsd.org/D49761
(cherry picked from commit 5393cd34854e1fe23ab214e9f741879fa6bf1193)
With the adjusted locking as a first step and the single code path
into lkpi_80211_mo_unassign_vif_chanctx() we also move the "setting
chnactx to NULL" into the caller to simplify the code.
Before we can adjust the other places touching vif->bss_conf.chanctx
we need to adjust the overall locking in LinuxKPI 802.11.
Sponsored by: The FreeBSD Foundation
PR: 280546
Tested by: Oleksandr Kryvulia (shuriku shurik.kiev.ua)
Tested by: Oleg Nauman (oleg.nauman gmail.com) [rtw88]
Differential Revision: https://reviews.freebsd.org/D49734
(cherry picked from commit 231168c7e77777f69a323bcd80a7956527d34548)
csa_active, color_change_active, mu_mimo_owner also moved from
vif to bss_conf; we already have the fields in bss_conf (adjust type
for one) so all we have to do is remove the old relics in vif.
Sponsored by: The FreeBSD Foundation
Tested by: Oleksandr Kryvulia (shuriku shurik.kiev.ua)
Tested by: Oleg Nauman (oleg.nauman gmail.com) [rtw88]
Differential Revision: https://reviews.freebsd.org/D49734
(cherry picked from commit 5321cf2b15d7bff1b01182cfc4897ac978c63fe7)
In preparations for MLD support chanctx_conf was moved from vif to
the bss_conf as it will be per-link later. Follow accordingly.
Sponsored by: The FreeBSD Foundation
PR: 280546
Tested by: Oleksandr Kryvulia (shuriku shurik.kiev.ua)
Tested by: Oleg Nauman (oleg.nauman gmail.com) [rtw88]
Differential Revision: https://reviews.freebsd.org/D49734
(cherry picked from commit 11604b2a1659fd6da9bbfdc6acf9758884cb2b36)
We have the same code three times, so factor it out into its own
function to make it easier to maintain.
Sponsored by: The FreeBSD Foundation
PR: 280546
Tested by: Oleksandr Kryvulia (shuriku shurik.kiev.ua)
Tested by: Oleg Nauman (oleg.nauman gmail.com) [rtw88]
Differential Revision: https://reviews.freebsd.org/D49734
(cherry picked from commit 50d826be664ef35065e8c4c4966252f2dfde9cb9)
Sort out some (though not yet all) changes needed for CONFIG_PM_SLEEP
and respectively WoWLAN support (so we can compile it in). This is
just one further step towards proper suspend/resume support.
Sponsored by: The FreeBSD Foundation
(cherry picked from commit b42c339c59fd00f2d97f6854b17b54b340019d0c)
Define the last missing PN length and for consistency use them
in struct ieee80211_key_seq (even though a 6 is a 6 is a 6).
Sponsored by: The FreeBSD Foundation
(cherry picked from commit c8a6676eb652b59fee545dc3e24ffec21bd0cd8d)
iwlwifi was the only driver we care about which "used" cipher_scheme
and it was removed from there too. Remove given it is no longer
used anywhere.
Sponsored by: The FreeBSD Foundation
(cherry picked from commit cdef9a9f91e2eee00e8f6f1ed743a8d8bd0bdc14)
net80211 ieee80211_node_get_txrate_dot11rate() does not yet support
VHT and that means we get a lot of log lines when doing VHT for a
debugging statement even if it's not active.
Remove the calls to ieee80211_node_get_txrate_dot11rate() as with
hw/fw based rate control (modern iwlwifi) they are pointless anyway
as they are currently.
Sponsored by: The FreeBSD Foundation
Reported by: J.R. Oldroyd (jr opal.com)
Fixes: 706745001093 (I should have noticed during review)
(cherry picked from commit d1a37f280be46a707b42c3eca5f8b6a38ecf726b)
Apply a temporary fix to FreeBSD only to allow AX101 to proceed
further. While this fix results in a debug error message if
firmware debugging is on we currently take this for the version
we have. A proper fix will eventually show up in future versions
of iwlwifi.
Sponsored by: The FreeBSD Foundation
Reported by: bapt
Tested by: bapt
(cherry picked from commit 97ddb6371b7206c622de40745927e98f0dfd2e85)
Use %b with IEEE80211_KEY_BITS for the debug logging in
ieee80211_crypto.c rather than just printing the hex value, which
makes some of the messages more obvious and avoids having the header
file next to one at all times.
Sponsored by: The FreeBSD Foundation
Reviewed by: adrian
Differential Revision: https://reviews.freebsd.org/D49369
(cherry picked from commit 7513a0afe5fb26d30dbcae0347e43728e3511d3e)
Instead of passing -1 to the function in ieee80211_crypto_demic(),
use the defined IEEE80211_KEYIX_NONE.
net80211 uses ieee80211_keyix not u_int as type for the key index
internally. Use that. This also helps when printing the -1 unsigned
as it stays within the expected numerical scope and makes the debug
message more readable.
Sponsored by: The FreeBSD Foundation
Reviewed by: adrian
Differential Revision: https://reviews.freebsd.org/D49368
(cherry picked from commit db8ceb8e59487d1d6b2e019efab3eef40688731c)
Not only are some of the bits missing, \4 and following were also
off-by-one. Correct that so we can use them instead of reading
hex numbers.
Sponsored by: The FreeBSD Foundation
Reviewed by: adrian
Differential Revision: https://reviews.freebsd.org/D49366
(cherry picked from commit 0461600deaa227050fbff60274ba72ab3a407bcc)
Move the implementation of print_hex_dump() into linux_compat.c as
lkpi_hex_dump() taking an extra function pointer and argument.
Add two internal wrappers for printf and sbuf_printf to get a common
function definition (sbuf_printf takes the extra argument).
Use these to implement print_hex_dump() and the newly added
seq_hex_dump().
This allows us to re-use the same implementation of print_hex_dump()
for both functions without duplicating the code.
Initial implementation: D49381 by dumbbell
Sponsored by: The FreeBSD Foundation
Reviewed by: dumbbell
Differential Revision: https://reviews.freebsd.org/D49637
(cherry picked from commit 4359672e656af5e6758d0aae147212e58f445f5b)
