Several drivers (rtw8x, mt76) do not announce the supported ciphers suites
in the wiphy instance. This means we never populate net80211 ic_cryptocaps
on device creation and thus not announcing any supported hw crypto
offload forcing a fallback to software crypto.
However when the mac80211 (*set_key) succeeds we know we can offload
crypto. At that point the net80211 key flags have IEEE80211_KEY_SWCRYPT
set which we want to clear. Historically the net80211 API does not
allow this though there should be no ill side effects (base on a
quick code inspection). We thus have to DECONST the key argument
for now. It is expected that with MFP support this will need to
become a common operation and the API will need to change as we
will only get the information of some details from the driver on a
per-cipher case when the (*set_key) downcall returns.
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
mt7921 would happily receive traffic (MC/BC) and decrypt it correctly
when hw_crypto was used but TX would only have garbled data in frames.
The problem came from the fact with keys for which we do not have an
address the driver will pick the "sta" information from different places
(driver view of sta or vif).
In the downcall this is signalled by the sta argument being NULL as
the linux keyconf has no address field.
Us passing the sta for first the pairwise key and then also for the
group key likely overwrote the pairwise key on the sta and allowed
the MC/BC RX operations to succeed anyway (the observed behaviour).
Software crypto was fully fine for mt7921 and showed no problems.
Looking some other drivers:
- iwlwifi/mld picks the ap_sta if the sta argument is NULL; thus it
always worked with our previous logic and this went unnoticed.
- rtw88 in rtw_sec_write_cam() decides whether to use the sta address
or a broadcast address.
- rtw89 in rtw89_cam_attach_sec_cam() picks the rtwsta_link if sta is
not NULL and has follow-up logic checking on that.
It is yet unclear if some of the MC problems observed on rtw8x
stem from the same problem.
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
We are not doing MLO yet so set the undefined link bit in the
TX info control message in case a driver checks if the TX would be
link specific.
Sposnored by: The FreeBSD Foundation
MFC after: 3 days
Add print masks for tx status flags and use them in the TX tracing
in order to more easily debug TX problems.
As a result it was easier to determine that some dirver like the mt7921
(or mt76) do not always zero the status bits of the tx status information
(it is a union with the control bits passed on TX) and thus we get bogus
values back (rather than having flags in a different place than we thought).
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
BCM57766 on Apple T2 Macs (Macmini8,1) has no dedicated EEPROM and the
chip firmware handshake fails (the T2 intercepts PCI config space),
leaving the SRAM mailbox unpopulated. All four existing MAC retrieval
paths (SRAM mailbox, NVRAM, EEPROM, firmware stub) fail, causing bge to
abort attach with "failed to read station address".
Work around this with two changes:
1. Tolerate EEPROM read failure on BCM57766. The chip is copper-only
so hwcfg=0 is correct; skip the fatal error that aborts attach
before bge_get_eaddr() is ever called.
2. Implement bge_get_eaddr_fw() to read a "hint.bge.N.mac" string
(e.g. "f0:18:98:f4:1e:2f") from loader(8) tunable / kenv.
This is a workaround until the T2 BCE API is understood well enough to
either poke the chip firmware into completing its handshake or read the
MAC from the T2 directly.
Reviewed by: adrian
Differential Revision: https://reviews.freebsd.org/D57090
asmc_key_dump() used I/O port macros (ASMC_DATAPORT_WRITE/READ,
asmc_command()) unconditionally. On T2 Macs, sc_ioport is NULL
(MMIO backend is used instead), causing a page fault when
ASMC_DEBUG triggers asmc_dumpall() during attach.
Add an MMIO guard at the top of asmc_key_dump(): delegate to
asmc_key_dump_by_index() + asmc_key_read() for MMIO devices,
consistent with the rest of the T2 code paths.
Reviewed by: adrian
Differential Revision: https://reviews.freebsd.org/D56748
Implements a VHCI driver on top of the BCE transport:
- Virtual USB bus registration via usb_controller
- Port discovery and device enumeration
- Control, interrupt, and bulk endpoint support
- Firmware event handling with taskqueue
- Suspend/resume via BCE mailbox
Provides keyboard, trackpad, and Touch Bar access on T2 Macs.
Tested-on: MacBookPro16,2 (A2251), Mac mini 8,1 (A1993)
Reviewed by: adrian
Differential Revision: https://reviews.freebsd.org/D57089
DMA ring transport between the host and the T2 coprocessor.
Provides mailbox handshake, queue setup, and firmware keepalive
for higher-level T2 services (VHCI, audio, etc.).
Tested-on: MacBookPro16,2 (A2251), Mac mini 8,1 (A1993)
Reviewed by: adrian
Differential Revision: https://reviews.freebsd.org/D57088
The -w option checks word boundaries before and after each potential
match by decoding the adjacent character. This was done via the
heavyweight sscanf(3) with "%lc", which goes through the full scanf
parser and locale-aware mbrtowc(3) machinery even for simple ASCII.
Replace with a three-tier fast path:
1. ASCII bytes (< 0x80): simple isalnum(3) / '_' comparison
2. UTF-8 continuation bytes (0x80-0xBF): interior bytes of a multi-byte
character are always word characters -> no further decoding needed
3. Multi-byte start bytes (>= 0xC0): decode with mbrtowc(3) directly
instead of sscanf(3)/%lc, avoiding scanf parser overhead
Benchmark with ministat(1) (10 runs each):
Worst-case ASCII (100k lines of 100 'a' chars, -w 'a'):
Difference at 95.0% confidence: -15.3% +/- 3.1%
Worst-case Unicode (50k lines of 100 accented 'e', -w 'e'):
Difference at 95.0% confidence: -11.2% +/- 4.7%
Normal -w (500k lines, -w 'the'):
Difference at 95.0% confidence: -18.1% +/- 3.6%
French text (100k lines, -w accented 'ete'):
Difference at 95.0% confidence: -18.0% +/- 4.1%
Non -w case shows no regression.
Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D57587
When trying to delete or rename a file, fuse_vnop_lookup must check
whether its parent directory's sticky bit is set. Realistically, the
parent directory's attributes will almost always be cached. But it's
possible that they won't be, and in that case we must send a new
FUSE_GETATTR request to the server. If that request fails for some
reason, then we must fail the lookup. Prior to this change fusefs would
ignore failure of that request.
Reported by: Yuxiang Yang, Yizhou Zhao, Ao Wang, Xuewei Feng, Qi Li,
and Ke Xu of Tsinghua University
MFC after: 2 weeks
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D57588
Do not jump to the resource release path when bus_alloc_resource_any()
fails, since no MMIO resource was allocated. If a10_intr_pic_attach()
fails after the MMIO resource has been allocated, release it before
returning.
Signed-off-by: Haoxiang Li <lihaoxiang@isrc.iscas.ac.cn>
Reviewed-by: vexeduxr
Pull-Request: https://github.com/freebsd/freebsd-src/pull/2253
Add a sysctl entry for the evdev device number (devnum) to allow
libudev-devd to populate the corresponding device information
fields (MAJOR and MINOR) when running in a jail with no input devices
exposed through devfs.
Signed-off-by: Quentin Thébault <quentin.thebault@defenso.fr>
Reviewed by: wulf
Sponsored by: Defenso
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D56968
The amd64 UEFI loader executes in long mode, not protected mode.
Reviewed by: kib
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D57568
Replace the unconditional fflush(stdout) in grep_printline and
procmatches with a periodic timer that flushes at most once every
100ms. This preserves interactive responsiveness (grep | tee,
grep | tail -f) while avoiding 1M+ write(2) syscalls when
processing large inputs.
The flush interval is tracked via clock_gettime(CLOCK_MONOTONIC)
and a static timespec. --line-buffered continues to flush
immediately via setlinebuf(3), as before.
Benchmark on 1M lines (37MB output to file):
unconditional fflush: 1.90s (sys 1.22s)
periodic 100ms timer: 0.49s (sys 0.007s)
Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D57528
The semantic of the flag has the natural march to the code scope that is
protected by the vnode lock.
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D56912
Use the avaliable space to introduce vnode-locked flag v_v2flag.
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D56912
Specifically, do not let vtryrecycle() to recycle a used vnode. It is
possible for a vnode to be vref-ed or vuse-ed lockless after it is held
by vhold_recycle_free(). Then, since vtryrecycle() does not recheck the
hold count, we might end up freeing vused vnode.
Since vget_finish() increments v_usecount after obtaining the vnode
lock, we would observe the hold reference anyway when the parallel
vget() is blocked waiting on the vnode lock.
PR: 281749
Reported and tested by: Steve Peurifoy <ssw01@mathistry.net>, Vladimir Grebenshchikov <vova@zote.me>
Reviewed by: olce
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D57305
Commit 6e7c10c79d fixed a couple of snprintf()s for large
uid/gid numbers above 2Gig. This patch fixes another one.
Reviewed by: rmacklem
Differential Revision: https://reviews.freebsd.org/D57561
[ToolChains][FreeBSD] Set default Linker to LLD for FreeBSD (#190596)
When the linker is specified as ld, toolchain applies special handling
by invoking (triple)-ld instead of resolving ld via standard PATH
lookup. This causes GNU ld installed via the system package manager to
take the precedence (since (triple)-ld appears earlier in the search
path), effectively overriding ld.lld.
As a result, we set the default Linker on FreeBSD to ld.lld to indicate
we want to use lld by default.
PR: 292067
MFC after: 3 days
The extra search for an FEXEC fufh shall be removed, since readdir
is only supposed to be called on a directory opened with FREAD. The
sole exception is NFS, which will call VOP_READDIR with directories that
aren't open at all. fuse already has special code to handle that.
Also remove the fuse_filehandle_get_dir() function, since it's not
used anywhere else.
Signed-off-by: CismonX <admin@cismon.net>
Reviewed by: asomers
MFC after: 2 weeks
Pull Request: https://github.com/freebsd/freebsd-src/pull/1729
In some cases having a src tree in a VM image is convenient
for development or debugging. Add a WITH_SRC variable,
which, when set, will cause the vm-release target to include
FreeBSD-set-src in the list of packages installed in an image.
Signed-off-by: Krzysztof Galazka <krzysztof.galazka@intel.com>
Sponsored by: Intel Corporation
Reviewed by: cperciva
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D57143
_loopback entry in `static_routes` ensures a loopback route
exists in all routing tables.
However, loopback routes may already be added by the kernel.
Therefore, re-adding them triggers an `EEXIST` error on every boot.
This change suppresses those harmless errors.
PR: 259553
MFC after: 1 week
Reviewed by: glebius, jlduran, markj
Differential Revision: https://reviews.freebsd.org/D57470
When interface was connected to a link partner with a cable
type limitting maximum supported speed, e.g. SFP+ cable
in 25G port, driver incorrectly saved a supported speed
as the user configured speed. This prevented interface
from using all supported speeds after switching cable to SFP28.
Link was established at 10G as supported by previously used
SFP+ cable. Don't set user requested speed unless actually
configured by an user, to allow automatic selection of highest
available speed. Only when user sets custom config
using advertise_speed sysctl save it and try
to apply after cable is changed.
Also don't save initial supported speeds if FW supports
reporting default PHY config.
Signed-off-by: Krzysztof Galazka <krzysztof.galazka@intel.com>
Reviewed by: kbowling, erj, mateusz.moga_intel.com
Sponsored by: Intel Corporation
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D53611
When we snl_init_writer() we allocate memory in the struct snl_state in the struct pfctl_handle.
This memory was never released again, leading to a memory leak. We still
had a reference to the memory and would release it on pfctl_close()
(so valgrind did not detect it as a leak), but long-lived users (e.g.
bsnmpd) would eventually run out of memory.
Explicitly reset the snl_state when we're done to prevent this.
MFC after: 2 weeks
Sponsored by: Rubicon Communications, LLC ("Netgate")
Look up the pfctl family id when we open the handle, rather than for
every function call.
This saves us a lot of netlink calls, at the expense of storing one
extra int in the handle.
Sponsored by: Rubicon Communications, LLC ("Netgate")
This change documents the recently introduced changes to -p
that allow users to specify CPU ranges instead of having to
specify each individual mapping.
While we're here, move the -p examples to the EXAMPLES section.
Reviewed by: bcr
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D57480
This particular change didn't come from upstream. It was added locally
in 7a991ecd1 when attempting to enable the fips provider with 3.0.
Given the fact that we no longer build the fips provider and the fips
provider build process (including sources) is very prescribed to
specific build steps and source versions, there's no reason why we need
to continue carrying around this diff anymore.
MFC after: 1 week
Signed-off-by: Enji Cooper <ngie@FreeBSD.org>