Using the same random jitter for multiple rate limits allows an
attacker to use one rate limiter to figure out the current jitter
and then use this knowledge to de-randomize the other rate limiters.
This can be mitigated by using a separate randomized jitter for each
rate limiter.
This issue was reported as issue number 10 in Keyu Man et al.:
SCAD: Towards a Universal and Automated Network Side-Channel
Vulnerability Detection
Reviewed by: rrs, Peter Lei, glebius
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D48804
(cherry picked from commit 923c223f27e792e51ca13c476428adbbf6887551)
d82c3e81:
net: if_media for 100BASE-BX
Renumber 1000BASE-BX and add 100BASE-BX sequentially
I added this 1000BASE-BX in 78c63ed260fa20b3500aedfe41dc0dcae9593f51 but
did not connect it to any code yet, appologize for the churn.
7835a4ad:
net: if_media fix syntax/build
Fixes: d82c3e815a5f ("net: if_media for 100BASE-BX")
(cherry picked from commit d82c3e815a5fc0069562b69145ad695f9aa183f9)
(cherry picked from commit 7835a4ad6948290c92ea55c7be34ae72f4e2b0bd)
Change to the C99 version and not the old gcc name.
No functional changes.
Sponsored by: The FreeBSD Foundation
Reviewed by: dumbbell, emaste
Differential Revision: https://reviews.freebsd.org/D48736
(cherry picked from commit 94e6c8d7d19de68b29233e59c85b16c645c1a872)
If people like me having multiple cards in the same system
creating the debugfs dirctory leads to a panic upon attaching
the 2nd card due to the duplicate name.
Rather than using the hard coded driver name, use the device name
(e.g., rtw880, rtw881, rtw882).
This solves two issues: it avoids the duplicate name and we get
individual debugging/statistic information for each card.
Sponsored by: The FreeBSD Foundation
X-Note: ath1[01]k and mt76 likely will need a similar change
(cherry picked from commit b4886c4ece3e692c294aa853da7aec849f8d00a2)
In order to better test HT and VHT support with LinuxKPI add (tunable)
options disabled by default to on-demand enable HT/VHT
and for rtw89 also EHT.
It is expected that we will remove this FreeBSD-specific code again in
the future.
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 7a5b55e3b448744b099c274763992cba2e3ebce5)
Following 07f6575585bf also turn on debugfs support for rtw89.
Sponnsored by: The FreeBSD Foundation
(cherry picked from commit 446eab491e523e3d7586e11cb16448e524297da4)
Remove the =1 from -DCONFIG_* in the conditional cases.
They are not needed.
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 411c857b4ccedd6491dff9a35e952bc49d053053)
Make iwlwifi compile with debugfs after the last updates and turn it on
for both iwlwifi and rtw88 in order to be able to get at least some
useful information on driver/firwmare state.
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 07f6575585bf69ae48dffe87c4578057ae4782d8)
rate_lowest_index() is no longer used anywhere in our code.
Garbage collect it.
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 1b840f09b6b379c0aae5a558ba5a4ed6bb571a85)
Given the channel struct has an extra bool we cannot assign the
information 1:1 to net80211. While the caps where assigned the
suppoerted mcs sets were not. Fix that.
Sponsored by: The FreeBSD Foundation
(cherry picked from commit ecb2e5f9c30a8c0ae491d07b2300e37eb599c298)
Implement the combination of all four functions, the *_vif versions
from mac80211.h as a wrapper to the non-*_vif ones in cfg80211.h.
Put the function pairs next to each other and in the right files
and harmonize argument naming, etc.
Both of them have shown up too often in the todo-tracing to bother
enough to implement them now for a time in the future when we will
support HE/EHT.
Sponsored by: The FreeBSD Foundation
(cherry picked from commit c75a558d0729da87ee3c016b57cc8f5ac4fc65d0)
Let the macro take a format string and arguments and
add __func__, __LINE__ to the output.
Sponsored by: The FreeBSD Foundation
(cherry picked from commit a4cdb785bbd7e26cc3f2ed0bb4e5cf7ea83c400b)
Add a print mask for use with %b to aid debugging. It is a lot easier
to read names than numbers.
Sponsored by: The FreeBSD Foundation
(cherry picked from commit f1aeb5d850cf26418fb70a16d1304b92c45b5f1d)
This will help us to get minimally better lock coverage in iwlwifi
though not yet against the LinuxKPI implementation which will likely
switch to this in the future. At least the TODO() logging noise is
out of the way.
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 95a7aa8009877ca95d81967f9af568ef832bb565)
Bring in changes missed during the last driver updates to make HT
compile when enabled.
Sponsored by: The FreeBSD Foundation
Fixes: 7b43f4d064195
(cherry picked from commit 943a19c666d67424cdde6cbcd096f28359b2d314)
When trying to sort out a teardown locking problem (downcall in the
driver can sleep) I found that the fan-out tree was getting too big
to fix net80211 locking per-se for this while working on entirely
different problems.
Add IEEE80211_IS_LOCKED() so the driver can check and un-/re-lock as
necessary (as we do in other cases already) to avoid panics on
debug kernels left and right.
Sponsored by: The FreeBSD Foundation
Reviewed by: adrian
Differential Revision: https://reviews.freebsd.org/D48475
(cherry picked from commit 054c5ddf587a7a0c430cf64dbf100b718eafdcc5)
Rather than duplicating the manual logic here and leaving a comment,
use the self-explanatory macros we already have.
No functional changes intended.
Sponsored by: The FreeBSD Foundation
Reviewed by: adrian
Differential Revision: https://reviews.freebsd.org/D48359
(cherry picked from commit 5fdc4824a5e2646a07c0638eca9f5c81b0b85fd5)
We have two arrays, one for 80Mhz and one for 160Mhz. Both were lacking
frequency ranges for more possibly available configurations (the other
bits of what is valid are for regdomain to set right).
Sponsored by: The FreeBSD Foundation
Fixes: 67f4aa3878, 04e7bb08a5
Reviewed by: adrian
Differential Revision: https://reviews.freebsd.org/D48357
(cherry picked from commit 1832eb102e10c7f2891c032ecf7b265b75d3cd50)
No functional changes.
Sposnored by: The FreeBSD Foundation
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D48358
(cherry picked from commit e6d40f90110ad8026f1af3fa68f836463936ea78)
ht_recv_action_ht_txchwidth() can blindly change the channel width to
40 Mhz whether or not that is supported. If 20/40 is not supported
there is nothing to do as the channel width cannot change in that case.
While here mark unused arguments with __unused.
Sponosred by: The FreeBSD Foundation
Reviewed by: adrian
Differential Revision: https://reviews.freebsd.org/D47857
(cherry picked from commit 30e8252353d95cc77f787ef784942a551d3e0567)
The print mask for IEEE80211_AGGR_BITS is missing three fields.
Add them for completness.
Sponsored by: The FreeBSD Foundation
Reviewed by: adrian
Differential Revision: https://reviews.freebsd.org/D47858
(cherry picked from commit 8437d7d6a4d6827ccb78c06341c6e3d847da44dd)
net80211 node ni_chw currently encodes the channel width as Mhz number.
LinuxKPI 802.11 uses enum ieee80211_sta_rx_bw for the same.
Rather than keeping the "20" and "40" throughout the code (eventually
expanded to 80/160/320) switch them over to use the enum throughout.
Once we get to 320Mhz channel widths we would otherwise also need to
extend the uint8_t in struct ieee80211_node; making
enum ieee80211_sta_rx_bw __packed allows us for lots more channel
widths without breaking the KBI.
Sponsored by: The FreeBSD Foundation
Reviewed by: adrian
Differential Revision: https://reviews.freebsd.org/D47891
(cherry picked from commit ca389486a9599768e0ba69dca13c208020623083)
(cherry picked from commit 2c8b0d6205f6f98855773e3a82640b50abb2f2f6)
Add IEEE80211_FVHT_STBC_(TX|RX) flags to allow userspace to manage
if STBC will be allowed for VHT RX/TX.
For RX this will only allow us to turn it off but no fine grained
control of the number of supported spatial streams.
Introduce IEEE80211_FVHT_CHANWIDTH_MASK as a helper to make the
spelling out of the IEEE80211_FVHT_MASK more readable.
Update ifconfig to allow setting of these flags.
Sponsored by: The FreeBSD Foundation
Reviewed by: adrian
Differential Revision: https://reviews.freebsd.org/D47838
(cherry picked from commit 243f6925bf818a64f3c996c6a89fec6c8a6ff058)
IEEE80211_VHTCAP_SUPP_CHAN_WIDTH_NONE is confusing as the field does
indicate that the STA does not support 160 (or 80+80) Mhz.
[802.11ac: Table 8-183v-Subfields of the VHT Capabilities Info field]
All the other bits are related to the support of 160Mhz so make it
clear that it does not mean that we do not support any VHT CHAN WIDTH
but merely do not support the optional 160/80+80.
Sponsored by: The FreeBSD Foundation
Reviewed by: adrian
Differential Revision: https://reviews.freebsd.org/D47837
(cherry picked from commit 116102101a566ec8924b397c1523d362008fb35c)
Sponsored by: The FreeBSD Foundation
Reviewed by: adrian
Differential Revision: https://reviews.freebsd.org/D47836
(cherry picked from commit 4294f1cac15300046369d7e464ce96363839757c)
Given we have the support in main and stable/14 to load plain firmware
files from /boot/firmware/ make use of that. Switch the order to
try the original unmangled filename and path first before trying any
replacements.
This reduces time and console noise (especially under bootverbose).
Sponsored by: The FreeBSD Foundation
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D47682
(cherry picked from commit 30d2f84ef2cba12c67c62a9fe4e1d8e22cf27bf9)
This adds support for the Realtek 8922AE PCI
wireless network (Wi-Fi 7) adapter.
This version is based on
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
98f7e32f20d28ec452afb208f9cffc08448a2652 ( tag: v6.11 ).
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 6d67aabd63555ab62a2f2b7f52a75ef100a2fe75)
This version is based on
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
98f7e32f20d28ec452afb208f9cffc08448a2652 ( tag: v6.11 ).
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 11c53278a8a3e86e14377f09bbaa7bad193d3713)
For certain users or chipsets (reports were for CNVi devices but
we are not sure if this is limited or specific to them) loading
if_iwlwifi hangs.
The reason for this is that a SYSINIT (module_load_order()) has not
yet run in this case and the Linux driver tries to load the
chipsets-specific module. On FreeBSD all supported sub-modules are
part of if_iwlwifi so we do not have to load them separately but
calling into kern_kldload via LinuxKPI request_module while loading
the module gives us a hard hang.
iwlwifi calls request_module_nowait() so we can simply skip over this
and continue and the SYSINIT will do the job later if no other
dependencies fail.
Sponsored by: The FreeBSD Foundation
PR: 282789
Tested by: Ruslan Makhmatkhanov, Pete Wright
Differential Revision: https://reviews.freebsd.org/D47994
(cherry picked from commit 87e140a5c6f89eea7ea6320d1ae34566492abfc0)
(cherry picked from commit 5d09d1070737c43738e433b547af1a90c0f10bf1)
This version is based on
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
98f7e32f20d28ec452afb208f9cffc08448a2652 ( tag: v6.11 ).
Sponsored by: The FreeBSD Foundation
(cherry picked from commit a4128aad8503277614f2d214011ef60a19447b83)
Bring in the LinuxKPI 802.11 compat bits which are altering
the mac80211 KPI.
* In struct ieee80211_bss_conf chandef -> chanreq.
* Various struct ieee80211_ops gained a link_id arguemnt,
stop gained a suspend flag.
* Various functions gained a link_id argument.
* ieee80211_tx_status() was renamed to ieee80211_tx_status_skb()
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 7b43f4d064195bcf66816cb9fe350a1392fe24ce)
Using MPASS in libkern breaks buildworld. Replace MPASS with KASSERT
in three places.
(cherry picked from commit 08f6f78f81e21b21dd002a9389436b0333cb3488)
Replace is_power_of_2(length) with power2(length). When length != 0, as in
this case, they produce the same result. This will allow an implementation
of is_power_of_two to be dropped.
Reviewed by: alc, markj
Differential Revision: https://reviews.freebsd.org/D45536
(cherry picked from commit a94ed493b50752cee09245fc312c63b00331f217)
order_base_2(n) is implemented with a variable, which keeps it from
being used at file scope. Implement it instead as ilog2(2*n-1), which
produces a different result when 2*n overflows, which appears unlikely
in practice.
Reviewed by: bz
Differential Revision: https://reviews.freebsd.org/D46826
(cherry picked from commit b7cbf741d55468ba34305a14ac3acc1c286af034)
Linux has a header file that defines an ilog2 function and some simple
functions/macros that use it: roundup_pow_of_two, is_power_of_2,
rounddown_pow_of_two, and order_base_2. This change moves three of
those simple functions (all but is_power_of_2) from linuxkpi to
libkern. It also deletes a few implementations of these functions
that have previously been copied into code for various device drivers,
so that they can use the libkern version. The is_power_of_2 macro was
not moved because powerof2 in param.h provides almost the same service
already (except that they disagree about whether 0 is a power of two).
Since the linux definitions of these functions were copied into
FreeBSD 11 years ago, linux has improved them, and this change
provides those improvements. In particular, a giant table of log
values for evaluating ilog2 for constant values is no longer
necessary.
Reviewed by: alc, markj (previous version)
Differential Revision: https://reviews.freebsd.org/D45536
(cherry picked from commit c8b0c33b03ac072413b27bed2bdae2ae27426f3a)
The kernel source contains several definitions of an ilog2 function;
some are slower than necessary, and one of them is incorrect.
Elimininate them all and define an ilog2 macro in libkern to replace
them, in a way that is fast, correct for all argument types, and, in a
GENERIC kernel, includes a check for an invalid zero parameter.
Folks at Microsoft have verified that having a correct ilog2
definition for their MANA driver doesn't break it.
Reviewed by: alc, markj, mhorne (older version), jhibbits (older version)
Differential Revision: https://reviews.freebsd.org/D45170
Differential Revision: https://reviews.freebsd.org/D45235
(cherry picked from commit b0056b31e90029553894d17c441cbb2c06d31412)
Add additional messages that allow for secure simple pairing.
PR: 265066
Sponsored by: The FreeBSD Foundation (review and commit)
(cherry picked from commit 4ae0fa8a2f8bff9a5e96dbfd862b03172c88e697)
In 4cc5d081d8c23, a change was introduced that manipulated
drv_ioctl_data->reqcap using IFCAP2 bits. This was noticed
when creating a mixed lagg with mce0 and ixl0 caused the
interfaces' txcsum caps to be disabled.
Fixes: 4cc5d081d8c23
Reviewed by: glebius
Sponsored by: Netflix
MFC After: 7 days
(cherry picked from commit 36fdc42c6a4c828d334471438c4f852e4b5a25e2)
I didn't notice this during testing because invariants-enabled kernels
implicitly include asan.h via kassert.h.
Reported by: Lexi Winter <lexi@le-Fay.org>
Fixes: 800da341bc4a ("thread: Simplify sanitizer integration with thread creation")
(cherry picked from commit 7a7063cc54274a44192fb65c71360a5e72c171b9)
fork() may allocate a new thread in one of two ways: from UMA, or cached
in a freed proc that was just allocated from UMA. In either case, KASAN
and KMSAN need to initialize some state; in particular they need to
initialize the shadow mapping of the new thread's stack.
This is done differently between KASAN and KMSAN, which is confusing.
This patch improves things a bit:
- Add a new thread_recycle() function, which moves all kernel stack
handling out of kern_fork.c, since it doesn't really belong there.
- Then, thread_alloc_stack() has only one local caller, so just inline
it.
- Avoid redundant shadow stack initialization: thread_alloc()
initializes the KMSAN shadow stack (via kmsan_thread_alloc()) even
through vm_thread_new() already did that.
- Add kasan_thread_alloc(), for consistency with kmsan_thread_alloc().
No functional change intended.
Reviewed by: khng
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D44891
(cherry picked from commit 800da341bc4a35f4b4d82d104b130825d9a42ffa)
ELECOM EDC-QUA3C is a USB3.1 Gen1 Type-A/C 2.5GBASE-T network adapter.
This also works as a cdce(4) device by:
usbconfig -d X.Y set_config 1
or
usbconfig -d X.Y set_config 2
Signed-off-by: FUKAUMI Naoki <naoki@radxa.com>
MFC after: 2 weeks
Pull Request: https://github.com/freebsd/freebsd-src/pull/1578
(cherry picked from commit dc273058cb0b6bef075e77272afc66f1a1fd3889)
This eases porting of DTrace to CHERI, where uintptr_t and size_t aren't
interchangeable.
No functional change intended.
Reviewed by: Domagoj Stolfa <domagoj.stolfa@gmail.com>
MFC after: 2 weeks
Sponsored by: Innovate UK
Differential Revision: https://reviews.freebsd.org/D48625
(cherry picked from commit ba9cff7aa2eb62d84bead503cd606d1586ea8388)
In 886653492945f we added checks for packets to only go out if the
station is known to the firmware (amongst others) as there are
implications in drivers.
Unfortunately rtw88 does not support the mac80211 (*sta_state)() KPI
but only the fallback (*sta_add/remove)() in which case the station is
only added to firmware when going from AUTH to ASSOC. That means we
had no chance to get authenticated anymore.
PR: 283142, 274382
Fixes: 886653492945f (make sure we can send DISASSOC or DEAUTH frames)
Tested by: imb protected-networks.net, oleg.nauman gmail.com
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D48161
(cherry picked from commit 2372f8cc640c2f4ab82831e6ac0e27ab6c18321a)
Standardize the definition of a UFS dinode
Differential Revision: https://reviews.freebsd.org/D48472
(cherry picked from commit 1111a44301da39d7b7459c784230e1405e8980f8)
(cherry picked from commit aa90fbed151de512ab6e59f75df009533a15751f)
(cherry picked from commit 256389eaf158acaf67f0530764be8af68edee78c)
(cherry picked from commit 6cd973d903c8f214d84daf91eb75047631bf1618)
(cherry picked from commit e1ebda4458bbaf7d85fb803e20f3afc5441f24d9)
When an interface is moving to/from a vnet jail, it may still have BPF
descriptors attached. The userland (e.g. tcpdump) does not get noticed
that the interface is departing and still opens BPF descriptors thus
may result in leaking sensitive traffic (e.g. an interface is moved
back to parent jail but a user is still sniffing traffic over it in
the child jail).
Detach BPF descriptors so that the userland will be signaled.
Reviewed by: ae
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D45727
(cherry picked from commit 1ed9b381d4701fc9f66741256e93b96e22273217)
ifnet: Fix build without BPF
The newly introduced function bpf_ifdetach() is only available when
device bpf is enabled.
Fixes: 1ed9b381d470 ifnet: Detach BPF descriptors on interface vmove event
(cherry picked from commit d8413a1c3ba235a79ae6b8cc35767a861855c7e2)
