When pxeboot gets a 0 as a port number from portmapper (indicating an
error), it currently happily sends NFS packets to the server's port 0
in an endless loop. Change this to instead bail out with a useful
message.
This happens, for example, with recent Linux NFS servers as many
distributions switched to TCP only NFS serving by default. FreeBSD's
pxeboot must have UDP. In this situation pxeboot asks the server's
portmapper for the UDP NFS port and since there is none gets 0.
Also add a hint to the manpage explaining this and how to fix it.
Reviewed by: ziaee, kevans, imp
Add support for automatic suspend/resume as we know it for wireless.
The problem is that the PCI driver which would normally gets the code
is the LinuxKPI PCI framework/Linux wireless driver, which we cannot
ammend or generally add extra suspend/resume code to.
A further problem is that with growing support, the LinuxKPI 802.11
(mac80211) layer also is involved in suspend/resume for WoWLAN (not
yet supported) meaning that we need to hook the suspend/resume
framework into that as well. Unlike Linux we do not have a general
suspend/resume "hook" we can hang into and we need to tie this one
to the hardware so cannot indepedently (after the driver one) run it.
The solution for FreeBSD, in order to not mangle the Linux native
drivers and get extra maintanace overhead, is to add a bus child
which inherits the general framework and thus is 2 lines + #includes
for each driver extra to add to.
The general suspend/resume framework lives in LinuxKPI (linuxkpi_80211_pm)
and imitates the normal suspend/resume path overloading it (there is
a slight code/logic duplication from the PCI code).
Given we are passed the LinuxKPI p(ci)dev, we can go and peel out the
net80211 ic from the native bsddev and that way get access to the
wireless stack. We then call into LinuxKPI 802.11 in order to do
the suspend/resume dance there, and, if needed also call the
official suspend/resume routine from the device driver after
(reverse for resume).
If any in this fails, suspend will be blocked as we will return the
error (no different to any native driver could do).
The LinuxKPI 802.11 suspend/resume code has the initial code for
doing a WoWLAN suspend (one could change the sysctl) but other bits
like access to ifnet flags etc. has to be sorted out before we can
go and support that.
The default code path calles into net80211 to clear everything
like native wireless drivers do. The one thing we need to do in
addition is to remove the vif devices from the firmware and restore
them prior to net80211 resume.
We also check for a possible HW SCAN to still be runinng on resume
and warn as that may cause problems though the scan should be stopped
before suspend (we may still get a callback). You can easily see
these problems if you suspend/resume without stopping the wlan.
Enable the PM framework for iwlwifi in the module Makefile to
be able to use all this; others can follow as tested.
In case anyone has problems with this, they can change the sysctl
back to 0 until we can figure out any further problems.
The linuxkpi_wlan.4 man page got adjusted to document this.
Sponsored by: The FreeBSD Foundation
Tested on: Dell XPS 13 (AX200), Lenovo TP X270 (AX210)
MFC after: 3 days
PR: 263632
When we no longer need a channel context and put it back on the
reserved list, zero it for all but the vif so that we get the same
state as if it was freshly allocated.
Sponsored by: The FreeBSD Foundation
Fixes: e62c92c0a5, 88cb1e17f4
MFC after: 3 days
Taking the address of an OOB array element is UB, even if not
dereferenced.
Reviewed by: des, bz
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D57172
Both tools support controllers from both companies, so document it.
Reviewed by: ziaee (via IRC)
MFC after: immediately
Differential Revision: https://reviews.freebsd.org/D57212
Since the test assumes a 250 ms response time, there is no need to delay
for 3 seconds. Instead, delay for the minimum possible 1 second.
Also, fix some assertions in builtins/read11.0 and builtins/read12.0. If
`set -e` is in effect, `foo` in `foo && bar` is considered tested and
therefore a failure does not cause the shell to exit.
Reviewed by: bdrewery
Differential Revision: https://reviews.freebsd.org/D55191
nvlist_take_string_array(9) takes ownership of the array and its
strings. casper_ttymsg() freed neither, leaking memory on every
F_CONSOLE and F_TTY message. On long-running systems with high
error-rate syslog traffic routed to /dev/console, syslogd.casper grew
to hundreds of MB.
Use nvlist_get_string_array(9) to borrow the array instead. Update
casper_wallmsg() similarly.
Approved by: src (des)
Closes: https://github.com/freebsd/freebsd-src/pull/2222
Fixes: 61a29eca55 ("syslogd: Log messages using libcasper")
MFC after: 3 days
MFC to: stable/15
PR: 295488
Reported by: Pat Maddox <pat@patmaddox.com>
Reviewed by: markj
Tested by: dch
Regenerating the configure script is optional and can introduce noise
if the installed versions of autoconf, automake, and libtool do not
match those used upstream. Tweak our script slightly so it will skip
this step if libtoolize is not found.
When using SW KTLS, we must account for the headers in sf_iodone()
in terms of either freeing or enqueuing them for TLS work.
Not doing so can lead to a situation where we enqueue only
the payload, and not the header, for encryption. Rather than
leaking the header, the socket is left "hung" with the header marked
M_NOTREADY.
Sponsored by: Netflix
Reviewed by: glebius, kib
Differential Revision: https://reviews.freebsd.org/D57134
MFC After: 14 days
Since this manual describes the mdoc syntax throughout the ecosystem,
I had to blend what we had before with what upstream is doing now.
Thanks: adrian
MFC after: 3 days (we shipped this doc in 15.0/14.4)
Reviewed by: ivy, mhorne, des, adrian
Discussed with: arch@
Differential Revision: https://reviews.freebsd.org/D56153
The first argument is always the function name, for which we can simply
use __func__. This leaves only the optional return value, so we can use
a single variadic macro instead of two nearly-identical copies.
MFC after: 1 week
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D57076
In send_[rw]rq(), we were using strlcpy() to avoid overflowing our
packet buffer, then failing to check the result and blithely advancing
our pointer by the full length.
Luckily, this code is only ever used by tftp(1), not tftpd(8).
MFC after: 1 week
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D57075
This adds a test case that passes a very long URL on the command line,
which would previously have resulted in a benign buffer overflow in
urihandling(), detectable only by compiling tftp with ASAN enabled.
MFC after: 1 week
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D57074
Also, delete the file we created if receiving it failed.
MFC after: 1 week
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D57071
* No need to copy our argument into a new buffer; it is writeable and
will not be reused after we return.
* Instead of constructing the string "get path" and then splitting it
into an argument vector, just construct the vector directly. This
avoid potentially overrunning the buffer.
* Call settftpmode() just once, with either the default mode or the
user-provided value we already validated.
* Use errx() instead of fprintf(stderr) + exit().
Reported by: Moyao, Minghao Fu
MFC after: 1 week
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D57070
The RETURN VALUES section used "instr" to describe the fts_set()
argument, while the SYNOPSIS and all other references use "options".
Fix the inconsistency.
MFC after: 1 week
Sponsored by: Google LLC (GSoC 2026)
Reviewed by: asomers
Pull Request: https://github.com/freebsd/freebsd-src/pull/2213
This file implements a set of EL2 hypercall handlers and is used to
switch between guests and the host kernel when VHE is not in use. There
is no SSP runtime available there.
Reported by: Jenkins
Fixes: 8deebce931 ("kernel: Enable -fstack-protector-strong by default")
This extends stack canary use to all functions which define arrays on
the stack, not just those which operate on byte buffers. This option
would have made it harder to exploit SA-26:18.setcred and
SA-26:08.rpcsec_gss.
The change bloats the amd64 kernel text by about 350KB and increases the
number of covered functions from ~1500 to ~9000 (within the kernel
itself, i.e., not counting kernel modules).
Reviewed by: olce, olivier, emaste
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D56870
This has been stable in my testing, and enabling parallelism speeds up
test runs considerably. In particular, with -v parallelism=16 in a
16-vcpu bhyve VM my test runs go from ~50m to ~40m; the exact numbers
depend on the kernel config in use.
Reviewed by: pouria
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D57094
Even though it is not dereferenced, it is UB to take the address of an
out of bounds array element.
Reviewed by: pouria, bz, des, adrian
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D57158