HEADS UP: iwlwifi firmware removed from main (stable/14 to follow), run fwget before updating
On Wed, 19 Mar 2025, Bjoern A. Zeeb wrote: Hi, before updating your system please run fwget(8) or build wifi-firmware-iwlwifi-kmod (or the appropriate flavor) from ports if you are using iwlwifi(4) or iwx(4). You can do it any time as the extra firmware files will do no harm until your next reboot at least. As announced almost a month ago firmware just got removed from the src repository main branch [1]. stable/14 will follow in a few days. If you are using iwlwifi(4) you may get automatically upgraded to HT and VHT support by the tunables the firmware installs along (if you haven't done yourself in the last weeks already). I wrote a summary for testing [2] the other day and the freebsd wireless list is generally a good place to follow and the right place to follow up. The email may also help in case you face problems though I am fervently working on solving open problems currently, so by the time you update they may already be gone.. (famous last words). [1] https://cgit.FreeBSD.org/src/commit/?id=558d638896239f9cd25b9d825ecfce62ec54681e [2] https://lists.freebsd.org/archives/freebsd-wireless/2025-April/003131.html Lots of joy, Bjoern I pushed an update to the iwlwifi firmware port today[1] and with the last release of FreeBSD 13 being out the door, 14.1-Release EoL end of this month passed and the packages for the updated port appearing I'll !!! remove iwlwifi firmware from src.git for main and stable/14 some time early April. !!! * What you need to do? Please run fwget(8) to install the right firmware package for your chipset if you have not already and then pkg upgrades will provide updates as needed. You can do this today already as that won't change the status quo compared to what is in the tree. * Why is this happening? iwlwifi following rtw88 and rtw89 after a request from core to not add more binary blob wireless firmware into src.git (accumulated firmware for a set of modern wireless drivers at that time would have been slightly over 100MB if I remember correctly with the amount increasing). As a result firmware was put into ports, broken down into flavors, added to fwget(8) to automatically install it, updated the port to no longer install kernel modules but firmware files on 14.2-R and later, enhanced the install media to contain firmware so wireless-only laptops could have connectivity with these drivers, and enhanced the installer to have a step to run fwget and install firmware into the new installation. All of this shipped in 14.2-R already. Thanks to everyone who helped along these steps to make it all happen. * What's your bonus? If you have't already tried yourself, the updated port will also turn on HT and VHT by default for iwlwifi chipsets 22000, ax210, and bz (that's AX200 and newer) on both main and stable/14. Reports so far have been encouraging enough from some people who've been testing during the last weeks (the rough edges being sorted step but step now). For more information about how to test, about older chipsets, or other drivers see the wireless mailing list archive[2] of this year and the FreeBSD Foundation Laptop Project on github [3] for links to the postings. Please follow up as appropriate on the wireless list. Lots of health and joy, Bjoern [1] https://cgit.freebsd.org/ports/commit/?id=ef3fa2a325a592baa6573782a72cf0d833589ffa [2] https://lists.freebsd.org/archives/freebsd-wireless/ [3] https://github.com/FreeBSDFoundation/proj-laptop/ -- Bjoern A. Zeeb r15:7
Re: FreeBSD Errata Notice FreeBSD-EN-25:06.daemon
I think the current URL for the the daemon patch is (with the period before patch) https://www.freebsd.org/security/patches/EN-25:06/daemon.patch On 4/10/25 12:34 PM, FreeBSD Errata Notices wrote: = FreeBSD-EN-25:06.daemon Errata Notice The FreeBSD Project Topic: daemon(8) missing signals Category: core Module: daemon Announced: 2025-04-10 Affects: FreeBSD 14.2 and FreeBSD 13.4 Corrected: 2024-12-10 23:05:46 UTC (stable/14, 14.2-STABLE) 2025-04-10 14:57:41 UTC (releng/14.2, 14.2-RELEASE-p3) 2024-12-10 23:06:11 UTC (stable/13, 13.4-STABLE) 2025-04-10 14:59:37 UTC (releng/13.4, 13.4-RELEASE-p5) For general information regarding FreeBSD Errata Notices and Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit https://security.FreeBSD.org/>. I. Background daemon(8) can be sent some signals to control its behavior: SIGHUP to re-open its output file, or SIGTERM to cleanly terminate the child and shutdown. II. Problem Description Following a change to use kqueue(2) to manage signals, daemon(8) would lose signal events that occur while it waits to restart the supervised process. III. Impact The most notable impact is that daemon(8) may hang if a SIGTERM is sent to it after the child has gone away, and before it is restarted. Note that FreeBSD 13.5 is not affected. FreeBSD 13.5-PRERELEASE and later builds of stable/13 include the fix. IV. Workaround No workaround is available. daemon(8) invocations that do not use -r are not affected, with a larger -R argument being specified making it more likely to hit the problematic window. V. Solution Upgrade your system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date, and restart any daemon(8) processes that may be affected or reboot the system. Perform one of the following: 1) To update your system via a binary patch: Systems running a RELEASE version of FreeBSD on the amd64 or arm64 platforms, or the i386 platform on FreeBSD 13, can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install 2) To update your system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch https://security.FreeBSD.org/patches/EN-25:06/daemonpatch # fetch https://security.FreeBSD.org/patches/EN-25:06/daemonpatch.asc # gpg --verify daemon.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile the operating system using buildworld and installworld as described in https://www.FreeBSD.org/handbook/makeworld.html>. Restart the applicable daemons, or reboot the system. VI. Correction details This issue is corrected as of the corresponding Git commit hash in the following stable and release branches: Branch/path Hash Revision - stable/14/ 7ea2874eadf9 stable/14-n269895 releng/14.2/ 4651d400f100 releng/14.2-n269521 stable/13/ 4bb1a558a281 stable/13-n258848 releng/13.4/ a1f4a530dea3 releng/13.4-n258282 - Run the following command to see which files were modified by a particular commit: # git show --stat Or visit the following URL, replacing NN with the hash: https://cgit.freebsd.org/src/commit/?id=NN> To determine the commit count in a working tree (for comparison against nNN in the table above), run: # git rev-list --count --first-parent HEAD VII. References https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=277959> The latest revision of this advisory is available at https://security.FreeBSD.org/advisories/FreeBSD-EN-25:06.daemon.asc> -- Lucas Holt l...@foolishgames.com MidnightBSD.org (Free OS) JustJournal.com (Free blogging)
Missing security update emails?
Are security announcements getting clogged up again? Until a message
from a few minutes ago, I saw nothing regarding security issues
EN-25:{04.tzdata,05.expat,06.daemon,07.openssl,08.caroot}. Since
another user managed to post a reply to FreeBSD-EN-25:06.daemon,
obviously some people are getting them (and I received the just-
mentioned reply). Help! -- George
OpenPGP_signature.asc
Description: OpenPGP digital signature
Typo in EN-25:06 URL (was: Re: FreeBSD Errata Notice FreeBSD-EN-25:06.daemon)
On 2025-04-11 02:30:35 (+0800), Lucas Holt wrote: I think the current URL for the the daemon patch is (with the period before patch) https://www.freebsd.org/security/patches/EN-25:06/daemon.patch Good catch! Git blame awards the pointy hat to me. :) We'll put a revised advisory on https://www.freebsd.org/security/. Thanks for reporting this. Philip
Re: 14.2-RELEASE kernel hangs on Thinkpad T400
Hi, I wanted to provide an update to the mailing list as this bug appears to be getting more interesting. There's one other confirmed case of a different Thinkpad T400 with this same issue, and kern.smp.disabled=1 allowing it to boot. There's also a completely different piece of hardware, a Jingsha B85M-I which won't boot on 14.2-RELEASE without disabling SMP: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=284275 (Maybe related, maybe not?) Also, further testing has found that disabling SMP can cause issues with i915_kms and possibly more: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=286018 Here's the original bug report about the T400 so you don't have to dig too far, if you are curious: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=285867 Would appreciate any help you can offer. Something must have broken between 14.1 and 14.2 that only manifests on certain hardware. Thank you! -Henrich
