A release of the Wifibox 0.10 project is available to address the problem with FreeBSD's use of wireless adapters that lack the necessary drivers. Adapters that are problematic for FreeBSD are provided by running a Linux guest, which loads native Linux wireless device drivers.
The installation of the guest system with drivers is automated, and all the necessary components are packaged as a ready-made wifibox package, which is launched at boot using the supplied rc service. Including the transition to sleep mode is correctly processed. The environment can potentially be applied to any WiFi cards supported on Linux, but has been tested primarily on Intel chips. We also tested the correct operation on systems with Qualcomm Atheros and AMD RZ608 (MediaTek MT7921K) wireless chips.
The guest system is launched using the Bhyve hypervisor, which organizes access forwarding to the wireless card. Requires a system that supports hardware virtualization (AMD-Vi or Intel VT-d). The guest system is based on the Alpine Linux distribution, built on the Musl system library and the BusyBox utility set. The image size is about 30MB on disk and consumes about 90MB of RAM.
To connect to a wireless network, the wpa_supplicant package is used, the configuration files for which are synchronized with the settings from the main FreeBSD environment. The control Unix socket created by wpa_supplicant is forwarded to the host environment, which allows you to use the standard FreeBSD utilities for connecting and working with a wireless network, including the wpa_cli and wpa_gui (net/wpa_supplicant_gui) utilities.
In the new release, the mechanism for forwarding WPA to the main environment has been redesigned, which made it possible to work with both wpa_supplicant and hostapd. The amount of memory required for the guest system has been reduced. Dropped support for FreeBSD 13.0-RELEASE.
Additionally, work on improving the drivers for wireless cards based on Intel and Realtek chips, offered in FreeBSD, can be noted. With support from the FreeBSD Foundation, development continues on the new iwlwifi driver included with FreeBSD 13.1. The driver is based on the Linux driver and code from the net80211 Linux subsystem, supports 802.11ac and can be used with new Intel wireless chips. The driver is loaded automatically at boot time when the correct wireless card is found. The components of the Linux wireless stack are powered by the LinuxKPI layer. Previously, the iwm driver was ported to FreeBSD in a similar way.
In parallel, the development of rtw88 and rtw89 drivers for Realtek RTW88 and RTW89 wireless chips began, which are also developed by porting the corresponding drivers from Linux and work using the LinuxKPI layer. The rtw88 driver is ready for initial testing, while the rtw89 driver is still under development.
In addition, we can mention the publication of details and a finished exploit related to the vulnerability (CVE-2022-23088) in the FreeBSD wireless stack, fixed in the April update. The vulnerability allows code to be executed at the kernel level by sending a specially crafted frame when the client is in network scanning mode (at the stage before SSID binding). The problem is caused by a buffer overflow in the ieee80211_parse_beacon() function while parsing the beacon frames transmitted by the access point. The overflow was made possible by the lack of checking that the actual size of the data matches the size specified in the header field. The problem manifests itself in versions of FreeBSD formed since 2009.
Among the recent non-wireless stack changes in FreeBSD: boot time optimizations, which were reduced from 10 seconds to 8 seconds on the test system; implemented GEOM-module gunion to transfer to another disk changes made on top of a disk available in read-only mode; for the kernel crypto API, the XChaCha20-Poly1305 AEAD and curve25519 cryptographic primitives required for the VPN WireGuard driver have been prepared.
Source: opennet.ru