BSDSec

deadsimple BSD Security Advisories and Announcements

FreeBSD Errata Notice FreeBSD-EN-15:05.ufs

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

=============================================================================
FreeBSD-EN-15:05.ufs                                            Errata Notice
                                                          The FreeBSD Project

Topic:          Deadlock on reboot with UFS tuned with SU+J

Category:       core
Module:         ufs
Announced:      2015-05-13
Credits:        Konstantin Belousov
Affects:        FreeBSD 10.1
Corrected:      2015-04-10 02:23:44 UTC (stable/10, 10.1-STABLE)
                2015-05-13 22:52:35 UTC (releng/10.1, 10.1-RELEASE-p10)

For general information regarding FreeBSD Errata Notices and Security
Advisories, including descriptions of the fields above, security
branches, and the following sections, please visit
<URL:https://security.freebsd.org/>.

I.   Background

The Unix File System (UFS) is one of several filesystems available on
FreeBSD.  UFS supports several optimization features, such as soft updates
and journaling, both of which keep track of filesystem metadata to ensure
a consistent state in the event of a crash or power failure.

II.  Problem Description

When the root filesystem is configured with soft updates and journaling
both enabled, which is the default for FreeBSD 10.1-RELEASE installations,
the system may deadlock after a source-based or binary upgrade when the
init(8) binary is replaced.  The deadlock occurs when issuing reboot(8)
or shutdown(8), after which the system becomes unresponsive when syncing
the filesystem.

III. Impact

When the deadlock occurs, a hard system reset or power cycle may be
required.

IV.  Workaround

Systems that do not have soft updates and journaling enabled on a UFS root
filesystem are unaffected.

It is possible to work around the issue by waiting before issuing reboot(8)
or shutdown(8) after upgrading the userland.  It has been observed that
deferring the reboot(8) for a period of 60 seconds to be sufficient.  It is
encouraged to issue several sync(8) commands during this period, to help
ensure the filesystem writes have completed.

Additionally, disabling soft update journaling on the root filesystem can
also work around the issue.

V.   Solution

Perform one of the following:

1) Upgrade your system to a supported FreeBSD stable or release / security
branch (releng) dated after the correction date.

2) To update your present system via a binary patch:

Systems running a RELEASE version of FreeBSD on the i386 or amd64
platforms can be updated via the freebsd-update(8) utility:

# freebsd-update fetch
# freebsd-update install

3) To update your present system via a source code patch:

The following patches have been verified to apply to the applicable
FreeBSD release branches.

a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.

# fetch https://security.FreeBSD.org/patches/EN-15:05/ufs.patch
# fetch https://security.FreeBSD.org/patches/EN-15:05/ufs.patch.asc
# gpg --verify ufs.patch.asc

b) Apply the patch.  Execute the following commands as root:

# cd /usr/src
# patch < /path/to/patch

c) Recompile your kernel as described in
<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
system.

VI.  Correction details

The following list contains the correction revision numbers for each
affected branch.

Branch/path                                                      Revision
- -------------------------------------------------------------------------
stable/10/                                                        r281350
releng/10.1/                                                      r282873
- -------------------------------------------------------------------------

To see which files were modified by a particular revision, run the
following command, replacing NNNNNN with the revision number, on a
machine with Subversion installed:

# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base

Or visit the following URL, replacing NNNNNN with the revision number:

<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>

VII. References

<URL:https://bugs.freebsd.org/195458>

The latest revision of this Errata Notice is available at
https://security.FreeBSD.org/advisories/FreeBSD-EN-15:05.ufs.asc

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.1.2 (FreeBSD)

iQIcBAEBCgAGBQJVU9dbAAoJEO1n7NZdz2rn3JYP/2HeyHsGEAwl+1NCVLu/Eimj
wl/jK7Pl2SMWCEAkynkP8Cs5ibCbtzA4SV1RP8OPCF42yQJmk/kzR0Rmuq+LboFC
QGmus/0Q/JCXqabDEzNx7/tHibeJInveGDf4a4/rg38Q+zO7MYZFmGsWoFEC2RKn
lEWb/kh5AxMagaj5lns4WHmo0TFlyOUFaJijGxXhHu3IFZwuZB60a5cXJ8OjBulk
FO7uIcZ7OTP43y4VvvBsFV6bxeFyoMNF8tgB+dsBzatNQhl7yAxWMMEiDUNBEaqV
mfjKZxHRkB+GGjQwv2Cq4463kNQvwknN9vms536fS7HuecFMITbyD37ySR3pSRoi
KVGopfpDr0NWjn1/N7UyAsY+6CAYqpsilYvq2slBu2J/Aj6jCyDhPUTnjHKz1m91
rdyBjkHod9XkLYqwCkJlWjIxnLxCDlv8vwUjOe2/TjCUFO6FIO6lgvCVkgekIlwG
rPxx+bqfKSarQQSL6a4MWFFYwt79c292A3nodS0sLIL4YRNwQnFvuYVB/qxIWD1x
ecKJmbL0bm3S1T/qWa89Xh55NWFKs0bxVmjQCWu84re/20+oWcaXFg8Oeqnq+xFV
ke4EzbxhoU4KWzvsFbc+U+EZhTVLVlnjbAW073Z6QyykfBs2RhudUGB51T/3XB3I
jAU8LNkMBjZhe7khLFLD
=BTx0
-----END PGP SIGNATURE-----
_______________________________________________
freebsd-announce@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"