Avoid a race condition when accessing guest memory, by reading memory
contents only once.
This has also been applied to _vq_record() in
sys/dev/beri/virtio/virtio.c, as per markj@'s suggestion.
Reported by: Synacktiv
Reviewed by: markj
Security: HYP-10
Sponsored by: The Alpha-Omega Project
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D45735
(cherry picked from commit 869d760cb9)
(cherry picked from commit ed03c30990)
Follow the pattern from iflib_irq_alloc_generic function and use
iflib_fast_intr as a handler for RX only interrupts.
Also remove some intermediate variables and use consistent
way for referencing queue's structures.
Signed-off-by: Krzysztof Galazka <krzysztof.galazka@intel.com>
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D46061
(cherry picked from commit 36a0019238)
Based on sysinit_sub_id, SI_SUB_CLOCKS is after SI_SUB_CONFIGURE.
SI_SUB_CONFIGURE = 0x3800000, /* Configure devices */
At this stage, the variable “cold” will be set to 0.
SI_SUB_CLOCKS = 0x4800000, /* real-time and stat clocks*/
At this stage, the clock configuration will be done, and the real-time
clock can be used.
In the e1000 driver, if the API safe_pause_* are called between
SI_SUB_CONFIGURE and SI_SUB_CLOCKS stages, it will choose the wrong
clock source. The API safe_pause_* uses “cold” the value of which is
updated in SI_SUB_CONFIGURE, to decide if the real-time clock source is
ready. However, the real-time clock is not ready til the SI_SUB_CLOCKS
routines are done.
Obtained from: Juniper Networks
Differential Revision: https://reviews.freebsd.org/D42920
(cherry picked from commit 930a1e6f3d)
It does not handle scripts in /usr/local/etc/rc.d/. Instead, it takes
care of /etc/rc.local and /etc/rc.shutdown.local.
MFC after: 2 weeks
(cherry picked from commit 9dc67a7065)
Order of libraries still matters with GCC toolchains. Moving the
wpapasn library before the wpacommon specification resolves the link
problem.
This issue was not detected by make universe.
Fixes: a90b9d0159
(cherry picked from commit 8880825df1)
Following is a changelog of new features and fixes to wpa:
hostapd:
* Wi-Fi Easy Connect
- add support for DPP release 3
- allow Configurator parameters to be provided during config exchange
* HE/IEEE 802.11ax/Wi-Fi 6
- various fixes
* EHT/IEEE 802.11be/Wi-Fi 7
- add preliminary support
* SAE: add support for fetching the password from a RADIUS server
* support OpenSSL 3.0 API changes
* support background radar detection and CAC with some additional
drivers
* support RADIUS ACL/PSK check during 4-way handshake (wpa_psk_radius=3)
* EAP-SIM/AKA: support IMSI privacy
* improve 4-way handshake operations
- use Secure=1 in message 3 during PTK rekeying
* OCV: do not check Frequency Segment 1 Channel Number for 160 MHz cases
to avoid interoperability issues
* support new SAE AKM suites with variable length keys
* support new AKM for 802.1X/EAP with SHA384
* extend PASN support for secure ranging
* FT: Use SHA256 to derive PMKID for AKM 00-0F-AC:3 (FT-EAP)
- this is based on additional details being added in the IEEE 802.11
standard
- the new implementation is not backwards compatible
* improved ACS to cover additional channel types/bandwidths
* extended Multiple BSSID support
* fix beacon protection with FT protocol (incorrect BIGTK was provided)
* support unsynchronized service discovery (USD)
* add preliminary support for RADIUS/TLS
* add support for explicit SSID protection in 4-way handshake
(a mitigation for CVE-2023-52424; disabled by default for now, can be
enabled with ssid_protection=1)
* fix SAE H2E rejected groups validation to avoid downgrade attacks
* use stricter validation for some RADIUS messages
* a large number of other fixes, cleanup, and extensions
wpa_supplicant:
* Wi-Fi Easy Connect
- add support for DPP release 3
- allow Configurator parameters to be provided during config exchange
* MACsec
- add support for GCM-AES-256 cipher suite
- remove incorrect EAP Session-Id length constraint
- add hardware offload support for additional drivers
* HE/IEEE 802.11ax/Wi-Fi 6
- support BSS color updates
- various fixes
* EHT/IEEE 802.11be/Wi-Fi 7
- add preliminary support
* support OpenSSL 3.0 API changes
* improve EAP-TLS support for TLSv1.3
* EAP-SIM/AKA: support IMSI privacy
* improve mitigation against DoS attacks when PMF is used
* improve 4-way handshake operations
- discard unencrypted EAPOL frames in additional cases
- use Secure=1 in message 2 during PTK rekeying
* OCV: do not check Frequency Segment 1 Channel Number for 160 MHz cases
to avoid interoperability issues
* support new SAE AKM suites with variable length keys
* support new AKM for 802.1X/EAP with SHA384
* improve cross-AKM roaming with driver-based SME/BSS selection
* PASN
- extend support for secure ranging
- allow PASN implementation to be used with external programs for
Wi-Fi Aware
* FT: Use SHA256 to derive PMKID for AKM 00-0F-AC:3 (FT-EAP)
- this is based on additional details being added in the IEEE 802.11
standard
- the new implementation is not backwards compatible, but PMKSA
caching with FT-EAP was, and still is, disabled by default
* support a pregenerated MAC (mac_addr=3) as an alternative mechanism
for using per-network random MAC addresses
* EAP-PEAP: require Phase 2 authentication by default (phase2_auth=1)
to improve security for still unfortunately common invalid
configurations that do not set ca_cert
* extend SCS support for QoS Characteristics
* extend MSCS support
* support unsynchronized service discovery (USD)
* add support for explicit SSID protection in 4-way handshake
(a mitigation for CVE-2023-52424; disabled by default for now, can be
enabled with ssid_protection=1)
- in addition, verify SSID after key setup when beacon protection is
used
* fix SAE H2E rejected groups validation to avoid downgrade attacks
* a large number of other fixes, cleanup, and extensions
Merge commit '6377230b3cf4f238dcd0dc2d76ff25943d3040e5'
(cherry picked from commit a90b9d0159)
This is a fixed version of 888796ade2.
PR: 277783
Reported by: Victor Stinner
Reviewed by: emaste
MFC after: 1 week
(cherry picked from commit 888796ade2)
(cherry picked from commit e77ad954bb)
(cherry picked from commit 34f746cc7f)
(cherry picked from commit dc39004bc6)
Allow a user to change the "ether" address by ifconfig while a VAP is
not UP. Compared to net80211 (given we have no callback) we register
an eventhandler per-vif (a global one would force us to use hacks to
derive if a vap is indeed also a lkpi_80211 vif).
Sponsored by: The FreeBSD Foundation
PR: 277356
Tested by: lwhsu
Differential Revision: https://reviews.freebsd.org/D46121
(cherry picked from commit 4aff4048f5)
In case of an error in a code pattern like
```
uint64_t val;
error = memread(vcpu, gpa, &val, 1, arg);
error = vie_update_register(vcpu, reg, val, size);
```
uninitialized stack data would be used.
Reported by: Synacktiv
Reviewed by: markj
Security: HYP-21
Sponsored by: The Alpha-Omega Project
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D46107
(cherry picked from commit 94693ec7c8)
(cherry picked from commit a03acfa434)
As a consequence now ice_alloc_vsi_qmap() does not fail. Remove unneeded
error checks.
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D45852
(cherry picked from commit 5f97656fa3)
(cherry picked from commit bb8c6f4325)
