capsicum.4: Add capsicum_helpers and libcasper references
These were present in the SEE ALSO section but were not explicitly
mentioned. Add a brief description of both.
Reviewed by: ziaee
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D50707
libcam: Include nvme opcode and status code routines from nvme_util.c
libcam in userspace also includes nvme_all.c which now depends on
nvme_util.c, so add nvme_util.c to libcam's sources. This requires
exporting the opcode and status code routines in nvme_util.c to
userspace as well as the kernel. In turn, this means nvmecontrol now
depends on libsbuf (which is already present in /lib).
Reported by: viswhin, Jenkins
Fixes: 60159a98a837 ("nvme: Move opcode and status code tables from base CAM to nvme_util.c")
Sponsored by: Chelsio Communications
Update in preparation for 14.3-RELEASE
- Bump BRANCH to RELEASE
- Add the anticipated RELEASE announcement date
- Set a static __FreeBSD_version
Approved by: re (implicit)
Sponsored by: Amazon
mman: Reserve two PROT_ for CHERI use
In CheriBSD we use two bits to control load and store of CHERI
capabilities (pointers). In anticipation of merging CHERI support in
time for FreeBSD 16, reserved these two bits to avoid the (low, but
non-zero) risk of a flag day downstream.
I've used PROT_CHERI0 and PROT_CHERI1 rather than their downstream name
in hopes of avoiding the impression they do something today.
Reviewed by: kevans, adrian
Suggested by: kevans, adrian
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D50621
build: remove the last vestiges of lint support
Commit 1cbb58886a47 (shipped in 12.0.0) removed all lint infrastructure.
A bunch of NO_LINT definitions remained (perhaps as a bootstrapping
measture). Remove them.
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D50704
pseudofs: make dup name an error instead of panic
There are enough cases where the duplicate name is caused by dubious
hardware configuration. Stopping the whole system instead of failing a
driver, or even a diagnostic subsystem in a driver, is more
user-friendly.
Another issue right now is that the check is only present for the
INVARIANTS builds, silently accepting the request to create an entry
with the existing name on production builds.
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D50669
pseudofs: fix typo in comment
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
Differential revision: https://reviews.freebsd.org/D50669
gve: Fix timestamp invalidation for DQO queue formats
We need to invalidate timestamps when a TX queue is cleared so that the
TX timeout detection callout does not mistakenly fire for cleared
packets. When using DQO queue formats, timestamps are set on the pending
packet array whose length is not the same as the length of the
descriptor ring itself. This commit fixes logic which invalidated the
wrong number of pending packets.
Signed-off-by: Jasper Tran O'Leary <jtranoleary at google.com>
Fixes: 3d2957336c7d ("gve: Add callout to detect and handle TX timeouts")
Reviewed by: markj
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D50688
fusefs: delete dead code
These lines have been commented out ever since the first import of fuse.
The intention seems to be for the original developer to experiment with
different error handling strategies, but they're very obsolete by now.
Delete them.
MFC after: 2 weeks
Sponsored by: ConnectWise
fusefs: revert a workaround for a googletest bug
This bug was fixed by googletest back in 2019 and released in googletest
1.10.0, I think. Using GTEST_SKIP from a test environment works now.
https://github.com/google/googletest/issues/2189
MFC after: 2 weeks
Sponsored by: ConnectWise
Fix incorrect syntax in sys/conf/files for nvmf_transport.c
Fixes: a15f7c96a276 ("nvmft: The in-kernel NVMe over Fabrics controller")
Sponsored by: Chelsio Communications
nvme: Use routines from nvme_util.c to decode opcodes and status codes
This reduces the number of duplicate string tables for NVMe opcodes
and status codes.
Adjust the formatting of unknown opcodes and status codes to more
closely match nvme(4).
Reviewed by: imp
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D50652
nvme: Move opcode and status code tables from base CAM to nvme_util.c
This makes it possible to share these tables with the nvme(4) driver
in custom kernels that do not include any CAM support, only nvd(4).
Reviewed by: imp
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D50685
net80211: add the beginning of the extfield information elements (IE ext)
The original list of IEs got expanded from TLV to TLextTV.
If the T matches 255 then we have a second list of IEs where the
meaning of TL stays the same. That means the 1 octet extT is part
of the length and the value starts at ie+3.
Start populating the list with IEEE802.11-2020 and 802.11ax-2021
values.
They will be initially used to start decoding some of the announced IEs
for ifconfig [-v] list (scan|sta). That should help users with
AX-enabled APs to see this (rather than no or UNKNOWN_ELEMID_255 and
make debugging easier once we implement 11ax.
Sposored by: The FreeBSD Foundation
MFC after: 3 days
Reviewed by: adrian
Differential Revision: https://reviews.freebsd.org/D50674
net80211: update IE list for 802.11-2020
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D50673
net80211: add more information elements (IEs) definitions
Annotate a few which are obsolete (gone).
Naming as usual is questionable and I contemplated using the names
from wpa with a different prefix but then we end up with another mix.
While updating the reference to the newer standard I haven't made
a full pass again and I cannot say which version I used in 2020.
The motivation for this is to get rid of unknown IEs displayed in
ifconfig and elsewhere.
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
Fixes: 50982d26e45ba (MMIC -> MGMT_MIC)
Reviewed by: adrian
Differential Revision: https://reviews.freebsd.org/D50671
LinuxKPI: 802.11: make synching from HT more resilient
During testing I hit a case where htcap->mcs.rx_mask[0,1] were zero.
This should not happen as that would mean we are not supporting HT.
After adding extra caution for debugging I could no longer reproduce
the case.
So just to deal with the eventuality make synching from HT more
resilient by checking that we have nss > 0 or otherwise disable
HT operations.
Move setting the bandwidth below this check to not alter it in
case of the now early return.
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
LinuxKPI: 802.11: add support for GCMP hw crypto offload
For iwlwifi, rtw88, and rtw89 we can treat GCMP the same way as we
treat CCMP which allows us to re-use the CCMP code for now.
Add the missing case statements and factor out some common code.
Allow IEEE80211_CRYPTO_AES_GCM_128 through our filter of supported
cipher suites to announce it to net80211.
Sponsored by; The FreeBSD Foundation
MFC after: 3 days
LinuxKPI: 802.11: WEP noise
While we decided that we will not provide WEP support for the LinuxKPI
802.11 compat code, some of it is in there already (also because drivers
still support it). Put proper keylen checks in place as net80211 only
knows about WEP while LinuxKPI has WEP40 and WEP104.
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
route: fix rtentry double free
add_route_flags() frees the rtentry on error when called with the RTM_F_CREATE
flag. Don't free the rtentry a second time.
Reviewed by: ae
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D50665
krb5: Apply patches to build under FreeBSD
These patches fix the MIT KRB5 on FreeBSD. Some are obtained from
ports/security/krb5-121.
Sponsored by: The FreeBSD Foundation
pam-krb5: Import/add pam-krb5 from eyeire.org
From https://www.eyrie.org/~eagle/software/pam-krb5/:
pam-krb5 provides a Kerberos PAM module that supports authentication,
user ticket cache handling, simple authorization (via .k5login or
checking Kerberos principals against local usernames), and password
changing. It can be configured through either options in the PAM
configuration itself or through entries in the system krb5.conf file,
and it tries to work around PAM implementation flaws in commonly-used
PAM-enabled applications such as OpenSSH and xdm. It supports both
PKINIT and FAST to the extent that the underlying Kerberos libraries
support these features.
The reason for this import is to provide an MIT KRB5 compatible
pam_krb5 PAM module. The existing pam_krb5 in FreeBS only works
with Heimdal.
The Makefiles to hook this software into the build willl come later.
[8 lines not shown]
share/mk: Add MIT KRB5 build knob
This is the first in a series of commits to replace Heimdal with
MIT KRB5. This first commit adds the WITH_MITKRB5/MK_MITKRB5 knob
to src.opts.mk and its corresponding documentation in
tools/build/options. The default is off.
This change of and by itself is of no consequence as MIT KRB5 has
yet to be imported in to HEAD. But it does insulate the build from
inremental change until the last patch is committed when WITH_MITKRB5
will build MIT KRB5 1.21.3 instead of Heimdal.
The affords us the opportunity to review smaller commits.
This is the first of many commits.
Reviewed by: imp, jhb, brooks, markj
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D50684
