Since 5efea30f03 we can possibly lose a state transition which can
cause trouble further down the road.
The reproducer from 643d6dce6c can trigger these for example.
Drivers for firmware based wireless cards have worked around some of
this (and other) problems in the past.
Add an array of tasks rather than a single one as we would simply
get npending > 1 and lose order with other tasks. Try to keep state
changes updated as queued in case we end up with more than one at a
time. While this is not ideal either (call it a hack) it will sort
the problem for now.
We will queue in ieee80211_new_state_locked() and do checks there
and dequeue in ieee80211_newstate_cb().
If we still overrun the (currently) 8 slots we will drop the state
change rather than overwrite the last one.
When dequeing we will update iv_nstate and keep it around for historic
reasons for the moment.
The longer term we should make the callers of
ieee80211_new_state[_locked]() actually use the returned errors
and act appropriately but that will touch a lot more places and
drivers (possibly incl. changed behaviour for ioctls).
rtwn(4) and rum(4) should probably be revisted and net80211 internals
removed (for rum(4) at least the current logic still seems prone to
races).
PR: 271979, 271988, 275255, 263613, 274003
Sponsored by: The FreeBSD Foundation (in 2023)
Reviewed by: cc
Differential Revision: https://reviews.freebsd.org/D43389
(cherry picked from commit 713db49d06)
Given this changes the internal structure of 'struct ieee80211vap',
which gets allocated by the drivers, and we do not have enough
spares, all wireless drivers need to be recompiled.
Given we are forced to do the update, we leave fields in the middle
of the struct and add more spares at the same time.
__FreeBSD_version gets updated to 1303501 to be able to detect
this change.
(cherry picked from commit a890a3a5dd)
Merge vendor sendmail 8.18.1 into HEAD
(cherry picked from commit d39bd2c138)
Add new source file for sendmail 8.18.1
(cherry picked from commit 19d4fb85bf)
New sendmail 8.18.1 cf file
(cherry picked from commit 1b6a5580c1)
Minor change to update these files so new freebsd*.cf files are
generated
(cherry picked from commit 2c191ba6b0)
Belatedly update version and date for sendmail 8.18.1 upgrade
(cherry picked from commit 31fbc98c94)
Add a note about sendmail 8.18.1's stricter SMTP protocol enforcement
(akin to commit 21c1f1deb6 in main)
Update import date for stable/14
Relnotes: Yes
Security: CVE-2023-51765
* Replace hand-rolled input tokenizer with openpam_readlinev() which supports line continuations and has better quoting and escaping.
* Simplify string handling by merging struct clnt_str and struct srvr_str into just struct tac_str.
* Each server entry in the configuration file can now have up to 255 AV pairs which will be appended to the ones returned by the server in response to a successful authorization request.
This allows nss_tacplus(8) to be used with servers which do not provide identity information beyond confirming the existence of the user.
This adds a dependency on libpam, however libtacplus is currently only used by pam_tacplus(8) (which is already always used with libpam) and the very recently added nss_tacplus(8) (which is extremely niche). In the longer term it might be a good idea to split this out into a separate library.
MFC after: 1 week
Sponsored by: Klara, Inc.
Reviewed by: pauamma_gundo.com, markj
Differential Revision: https://reviews.freebsd.org/D40285
Relnotes: yes
(cherry picked from commit 21850106fd)
This is disabled by default since it potentially changes the behavior of
existing filter rule sets. To enable this extra filter for packets being
delivered locally, use:
sysctl net.pf.filter_local=1
service pf restart
PR: 268717
Reviewed-by: kp
MFC-after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D40373
(cherry picked from commit 3a1f834b52)
Instead of providing no /usr/bin/objdump when LLVM_BINUTILS is false.
PR: 267854 [exp-run]
Reviewed by: dim
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D37445
(cherry picked from commit 86edb11e74)
Move pm_message_t from kernel.h to pm.h and remove a private define
in usb.h as well as adjust the implementation in linux_usb.c.
This cleans up what I believe to be a historic shortcut and is
needed for future wireless driver updates.
Leave a note in UPDATING that drm-kmod users need to update to the
latest version before re-compiling a new kernel to avoid errors
(see PR).
Sponsored by: The FreeBSD Foundation
PR: 264449 (drm-kmod port update, thanks wulf)
Obtained from: bz_git_iwlwifi (Dec 2020) (partly)
Reviewed by: hselasky, imp
Differential Revision: https://reviews.freebsd.org/D35276
(cherry picked from commit 0e981d79b1)
You might not be able to build the kernel if you have an awk between Jul
10th and today. It does not affect all platforms due to the nature of
the bug (so amd64 is unaffected in stable/13 or current, but is affected
in stable/12. i386 seems to be affected everywhere).
Sponsored by: Netflix
Update the UPDATING file for PC Card device removal. Also note that
1300134 is used for the FreeBSD_version since wulf@ just bumped that
in the last few hours.
This is the final half of splitting r358153 in two, in order to avoid a build
system bugs and being able to merge an earlier change to previous releases.
Add a note to UPDATING to avoid people building from very old systems from
having issues with mergemaster
MFC after: 3 days (only 12-stable)
Differential Revision: https://reviews.freebsd.org/D23621
GDB 6.1.1 was released in June 2004 and is long obsolete. It does not
support all of the architectures that FreeBSD does, and imposes
limitations on the FreeBSD kernel build, such as the continued use of
DWARF2 debugging information.
It was kept (in /usr/libexec/) only for use by crashinfo(8), which
extracts some basic information from a kernel core dump after a crash.
Crashinfo already prefers gdb from port/package if installed.
Future work may add kernel debug support to LLDB or find another path
for crashinfo's needs, but in any case we do not want to ship the
excessively outdated GDB in FreeBSD 13.
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D27610
There is now a single ping binary, which chooses to use ICMP or ICMPv4
based on the -4 and -6 options, and the format of the address.
Submitted by: Ján Sučan <sucanjan@gmail.com>
Sponsored by: Google LLC (Google Summer of Code 2019)
MFC after: Never
Differential Revision: https://reviews.freebsd.org/D21377
The goal of the fib support is to provide multiple independent
routing tables, isolated from each other.
net.add_addr_allfibs default tries to shift gears in the opposite
direction, unconditionally inserting all addresses to all of the fibs.
There are use cases when this is necessary, however this is not a
default expected behaviour, especially compared to other implementations.
Provide WARNING message for the setups with multiple fibs to notify
potential users of the feature.
Differential Revision: https://reviews.freebsd.org/D26076
Add a note about always recompiling all modules on every new kernel
change / update. In addition, suggest using /usr/local/sys/modules
so this happens automatically.
freebsd-boot partition is not always the first one.
Following the instructions in UPDATING resulted in my overwriting
the efiboot0 partition on my laptop with ZFS boot blocks, which
had negative effects on the system's bootability.
Reviewed by: allanjude
Differential Revision: https://reviews.freebsd.org/D27002
Move all the data files for the calendar(1) program, except
calendar.freebsd to the calendar-data package. When a file
can't be found, and /usr/local/share/calendar doesn't exist
provide a helpful hint to install this package.
Reviewed by: se@
Differential Revision: https://reviews.freebsd.org/D26926
Now that config(8) has supported include for 19 years, transition to
including the NOTES files. include support didn't exist at the time,
nor did the envvar stuff recently added. Now that it does, eliminate
the building of LINT files by just including everything you need.
Note: This may cause conflicts with updating in some cases.
find sys -name LINT\* -rm
is suggested across this commit to remove the generated LINT
files.
Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D26540
For historical reasons, defining MALLOC_PRODUCTION in /etc/make.conf has
been used to turn off potentially expensive debug checks and statistics
gathering in the implementation of malloc(3).
It seems more consistent to turn this into a regular src.conf(5) option,
e.g. WITH_MALLOC_PRODUCTION / WITHOUT_MALLOC_PRODUCTION. This can then
be toggled similar to any other source build option, and turned on or
off by default for e.g. stable branches.
Reviewed by: imp, #manpages
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D26337