net80211: add the specific 802.11-2020 references to VHT IEs
Since I keep needing to find them, just add the references to
the VHT info/operation IEs.
Differential Revision: https://reviews.freebsd.org/D49199
net80211: add AES-GCM to the hostap logic
This is currently an untested diff set for implementing the
AES-GCM negotiation in hostap mode.
* Decode the AES-GCM-128 cipher in the RSN field;
* Add AES-GCM as the first cipher to check when deciding the
unicast cipher type;
* Refactor out the "can we do HT A-MPDU + this cipher" check
for the unicast cipher; and
* .. add AES-GCM-128 to the allowable ciphers.
I haven't tested this yet to make sure I haven't broken the hostapd
path, nor that it actually DOES negotiate AES-GCM-128.
Differential Revision: https://reviews.freebsd.org/D49189
net80211: add initial AES-GCMP crypto support
This adds initial AES-GCMP crypto support. It registers for both
128 and 256 bit support, although the 256 bit support will not work
without extending the net80211/ioctl keylength.
This is not yet enabled by default; drivers will need to opt-in
to supporting it in either hardware or software.
The AES-GCMP code is BSD licenced code from hostapd.git release 2.11.
Differential Revision: https://reviews.freebsd.org/D49161
sound: Remove redundant check in mixer_clone()
PCM_REGISTERED() does this check through PCM_ALIVE().
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
release/vm: force replacement of compressed images
Without this, rebuilding vm images will fail due to the .xz file
existing.
Reviewed by: emaste
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D49321
release/vm: partially support NO_ROOT
For images that don't require QEMU, support NO_ROOT. This entails:
- Passing NO_ROOT down to mk-vmimage.sh (which sets it for
installworld, etc)
- Handling etcupdate bootstrapping
- Adding assorted config file METALOG entries
- Running makefs in the right directory and adding -D for dups
The main gap in basic NO_ROOT support is package installation. Each
image type must also be updated to add METALOG entries for any files it
adds.
Reviewed by: emaste
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D49320
release/vm: add a WITHOUT_QEMU option
This option disables trying to build a qemu-<target>-static and simply
doesn't do any of the operations that rely on it. This disables package
installation which is required by most, but not all image types.
Disable all CLOUDWARE variants that require pkg when WITHOUT_QEMU is set
to avoid broken images.
Reviewed by: emaste
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D49310
linuxkpi: Correct DIV_ROUND_DOWN_ULL
This fixes a black screen issue with the i915 DRM driver from Linux v6.8
Fixes: c4e0746e7d5bd ("LinuxKPI: Add helper macros IS_ALIGNED and DIV_ROUND_DOWN_ULL.")
Pull request: https://github.com/freebsd/freebsd-src/pull/1612
usb: Use bus_detach_children instead of bus_generic_detach
The USB bus performs additional teardown steps in between detaching
child devices and deleting child devices.
Reported by: phk, thj
Tested by: phk
Fixes: e9d3857040a1 ("Use bus_detach_children instead of bus_generic_detach")
mtx: Include the mutex pointer in the panic message for destroyed locks
Reviewed by: olce, kib, markj
Sponsored by: AFRL, DARPA
Differential Revision: https://reviews.freebsd.org/D49315
mtx: Make idle thread assertions more robust
Just print the pointer to the mutex instead of the name in case the
mutex is corrupted.
Reviewed by: olce, kib
Sponsored by: AFRL, DARPA
Differential Revision: https://reviews.freebsd.org/D49314
mtx: Avoid nested panics on lock class mismatch assertions
It is only (somewhat) safe to dereference lo_name if we know the mutex
has a specific lock class that is incorrect, not if just has "some"
incorrect lock class. In particular, in the case of memory
overwritten with 0xdeadc0de, the lock class won't match either mutex
type. However, trying to dereference lo_name via a 0xdeadc0de pointer
triggers a nested panic building the panicstr which then prevents a
crash dump.
Reviewed by: olce, kib, markj
Sponsored by: AFRL, DARPA
Differential Revision: https://reviews.freebsd.org/D49313
depend-cleanup: Add examples for common cases
Reviewed by: andrew
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D48521
mana: refill the rx mbuf in batch
Set the default refill threshod to be one quarter of the rx queue
length. User can change this value with hw.mana.rx_refill_thresh
in loader.conf. It improves the rx completion handling by saving
10% to 15% of overall time with this change.
Tested by: whu
MFC after: 2 weeks
Sponsored by: Microsoft
(cherry picked from commit 9b8701b81f14f0fa0787425eb9761b765d5faab0)
mana: Increase default tx and rx ring size to 1024
Tcp perfomance tests show high number of retries under heave tx
traffic. The numbers of queue stops and wakeups also increase.
Further analysis suggests the FreeBSD network stack tends to send
TSO packets with multiple sg entries, typically ranging from
10 to 16. On mana, every two sgs takes one unit of tx ring.
Therefore, adding up one unit for the head, it takes 6 to 9 units
of tx ring to send a typical TSO packet.
Current default tx ring size is 256, which can get filled up
quickly under heavy load. When tx ring is full, the send queue
is stopped waiting for the ring space to be freed. This could
cause the network stack to drop packets, and lead to tcp
retransmissions.
Increase the default tx and rx ring size to 1024 units. Also
introduce two tuneables allowing users to request tx and rx ring
size in loader.conf:
[14 lines not shown]
Hyper-V: hn: rewrite hn rsc swtich to avoid sysctl hang
Changing the rsc_switch flag using sysctl to turn rsc on or off
could hang. The orignal code sends request to host to get the
mtu setting. Sometimes the host fails to reply, causing
the thread to sleep forever waiting for the host response.
Use existing cached mtu from hn device instead to avoid calling
host.
Reported by: whu
Tested by: whu
MFC after: 1 week
(cherry picked from commit da1deb784d9ad3a4015a3f91fa1a5ce394fd3fdb)
loader.conf: Document boot_verbose
And for the moment, point people to loader.efi(8) for all boot_*
variables.
Sponsored by: Netflix
MFC After: 1 week
(cherry picked from commit 36f1db7a37aed8e831ec385a542ef3377890bfce)
wg.4: Document kernel config option
wg(4) can be compiled into the kernel (device wg), but the wg.4 manpage
does not document this. Adjust it to mention this like other drivers do.
MFC after: 3 days
Reviewed by: carlavilla, kevans, ziaee
Approved by: carlavilla (mentor)
Pull Request: https://github.com/freebsd/freebsd-src/pull/1597
(cherry picked from commit 780a4667bbde0daa90db900bb0f93f6337d6208b)
mlx5: Fix BlueField-4 device description
BlueField-4 will not be based on ConnectX-8. Remove the wrong description
Sponsored by: NVidia networking
MFC after: 1 week
Revert "ntpd: Use the ntpd -u option in preference to the rc su plumbing"
Using the ntpd -u option to set the credentials ntpd is to run under
while still using rc(8) to invoke causes some FreeBSD installs to fail
to load mac_ntp. The fact that that can_run_nonroot() does not
indicate why failures occur leaves people on the mailing lists
guessing as to why there are failures. Let's revert back to using
the rc(8) provided su. The ntpd rc script will be rewritten when
the ntpd chroot will be implemented.
Reported on: freebsd-stable@
This reverts commit 521f66715afb312b356afafc68cbc044a436a753.
(cherry picked from commit 5ca7754519e8c618968d8acbf54d653b6e968829)
Revert "ntpd: Use the ntpd -u option in preference to the rc su plumbing"
Using the ntpd -u option to set the credentials ntpd is to run under
while still using rc(8) to invoke causes some FreeBSD installs to fail
to load mac_ntp. The fact that that can_run_nonroot() does not
indicate why failures occur leaves people on the mailing lists
guessing as to why there are failures. Let's revert back to using
the rc(8) provided su. The ntpd rc script will be rewritten when
the ntpd chroot will be implemented.
Reported on: freebsd-stable@
This reverts commit 521f66715afb312b356afafc68cbc044a436a753.
(cherry picked from commit 5ca7754519e8c618968d8acbf54d653b6e968829)
Revert "ntpd: Use the ntpd -u option in preference to the rc su plumbing"
Using the ntpd -u option to set the credentials ntpd is to run under
while still using rc(8) to invoke causes some FreeBSD installs to fail
to load mac_ntp. The fact that that can_run_nonroot() does not
indicate why failures occur leaves people on the mailing lists
guessing as to why there are failures. Let's revert back to using
the rc(8) provided su. The ntpd rc script will be rewritten when
the ntpd chroot will be implemented.
Reported on: freebsd-stable@
MFC after: immediately
This reverts commit 521f66715afb312b356afafc68cbc044a436a753.
usb: Kill left-over cdefs.h includes
These includes were for __FBSD_RCSID() macro. They weren't formatted
like the rest of the tree so weren't trimmed automatically when that
script was run. Trim them now.
MFC After: 1 week
Sponsored by: Netflix
(cherry picked from commit ca48e43ba9ee73a07cdbad8365117793b01273bb)
ssh: tidy include handling
Centralize optional krb5_config.h handling in ssh.mk. Do not add
headers (that are committed to the src tree) to SRCS as there is no
need.
Reviewed by: imp, jlduran, kevans (all earlier)
MFC after: 1 month
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D34409
(cherry picked from commit 7f916236044d9a733de8b3c47b5dcbf71988cb03)
ssh: Consolidate HAVE_LDNS / LIBWRAP in ssh.mk
Commit 9d63429fa163 ("ssh: move common Makefile boilerplate to a new
ssh.mk") introduced ssh.mk for common OpenSSH paths and flags, as part
of enabling FIDO/U2F. Move duplicated MK_LDNS and MK_TCP_WRAPPERS
handling there.
Reviewed by: kevans
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D31896
(cherry picked from commit d71e7e57fc1472e3ea6d31c44e187c2819d2c71e)
loader.kboot: smbios: Add a comment about v3 entry point being favored
Note that the behavior here is consistent with BIOS and EFI boot.
Reviewed by: imp, markj
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D49293
libsa: smbios_probe(): Strictly obey specified entry point address
When such an address is known, do not search elsewhere, contrary to what
we are doing on non-EFI boot (see SMBIOS_START and SMBIOS_LENGTH).
Reviewed by: markj
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D49291
loader.efi: smbios: Favor the v3 (64-bit) entry point
Be consistent with what we are now doing with non-EFI boot (but with the
difference that EFI runs in 64-bit mode on 64-bit platforms, so there is
no restriction that the v3 entry point should be below 4GB).
While here, move out the EFI smbios detection code in a separate
sub-routine.
Reviewed by: imp, markj
MFC after: 2 weeks
Relnotes: yes
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D49292
