131 lines
4.7 KiB
Text
131 lines
4.7 KiB
Text
-----BEGIN PGP SIGNED MESSAGE-----
|
|
Hash: SHA512
|
|
|
|
=============================================================================
|
|
FreeBSD-EN-16:16.hv_storvsc Errata Notice
|
|
The FreeBSD Project
|
|
|
|
Topic: Fix SCSI INQUIRY checks and error handling
|
|
|
|
Category: core
|
|
Module: hv_storvsc
|
|
Announced: 2016-08-12
|
|
Credits: Microsoft OSTC
|
|
Affects: FreeBSD 10.3
|
|
Corrected: 2016-07-15 02:29:10 UTC (stable/10, 10.2-STABLE)
|
|
2016-08-12 04:01:16 UTC (releng/10.3, 10.3-RELEASE-p7)
|
|
|
|
For general information regarding FreeBSD Errata Notices and Security
|
|
Advisories, including descriptions of the fields above, security
|
|
branches, and the following sections, please visit
|
|
<URL:https://security.FreeBSD.org/>.
|
|
|
|
I. Background
|
|
|
|
The Hyper-V storage driver, hv_storsvc(4), uses the SCSI INQUIRY command to
|
|
detect the presence of SCSI LUNs.
|
|
|
|
II. Problem Description
|
|
|
|
The hv_storsvc(4) driver assumes 36-byte responses to the INQUIRY command,
|
|
which is not always the case. When a shorter response is received, it can
|
|
lead to unexpected behavior.
|
|
|
|
If the host changes the virtual disk capacity, responses from the host to the
|
|
virtual machine guest next command (such as READ CAPACITY or INQUIRY) return
|
|
an error with sense data supplied. The hv_storsvc(4) driver does not check
|
|
the error status properly, so the upper SCSI layer treats the command as being
|
|
successfully executed, resulting in unexpected behavior.
|
|
|
|
III. Impact
|
|
|
|
There are several manifestations of the impact, such as disk hotplug not
|
|
working reliably, SMART checks on the disk with 'smartctl -i /dev/da0' can
|
|
cause the disk to detach and crash the machine, and online resizing not
|
|
working reliably.
|
|
|
|
IV. Workaround
|
|
|
|
No workaround is available, however FreeBSD virtual machines not running in
|
|
Hyper-V or Azure are unaffected.
|
|
|
|
V. Solution
|
|
|
|
Perform one of the following:
|
|
|
|
1) Upgrade your system to a supported FreeBSD stable or release / security
|
|
branch (releng) dated after the correction date. After which, reboot the
|
|
system.
|
|
|
|
2) To update your system via a binary patch:
|
|
|
|
Systems running a RELEASE version of FreeBSD on the i386 or amd64
|
|
platforms can be updated via the freebsd-update(8) utility:
|
|
|
|
# freebsd-update fetch
|
|
# freebsd-update install
|
|
After which, reboot the system.
|
|
|
|
3) To update your system via a source code patch:
|
|
|
|
The following patches have been verified to apply to the applicable
|
|
FreeBSD release branches.
|
|
|
|
a) Download the relevant patch from the location below, and verify the
|
|
detached PGP signature using your PGP utility.
|
|
|
|
# fetch https://security.FreeBSD.org/patches/EN-16:16/hv_storvsc.patch
|
|
# fetch https://security.FreeBSD.org/patches/EN-16:16/hv_storvsc.patch.asc
|
|
# gpg --verify hv_storvsc.patch.asc
|
|
|
|
b) Apply the patch. Execute the following commands as root:
|
|
|
|
# cd /usr/src
|
|
# patch < /path/to/patch
|
|
|
|
c) Recompile your kernel as described in
|
|
<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
|
|
system.
|
|
|
|
VI. Correction details
|
|
|
|
The following list contains the correction revision numbers for each
|
|
affected branch.
|
|
|
|
Branch/path Revision
|
|
- -------------------------------------------------------------------------
|
|
stable/10/ r302863
|
|
releng/10.3/ r303984
|
|
- -------------------------------------------------------------------------
|
|
|
|
To see which files were modified by a particular revision, run the
|
|
following command, replacing NNNNNN with the revision number, on a
|
|
machine with Subversion installed:
|
|
|
|
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
|
|
|
|
Or visit the following URL, replacing NNNNNN with the revision number:
|
|
|
|
<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
|
|
|
|
VII. References
|
|
|
|
The latest revision of this advisory is available at
|
|
<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-16:16.hv_storvsc.asc>
|
|
|
|
-----BEGIN PGP SIGNATURE-----
|
|
|
|
iQIcBAEBCgAGBQJXrUslAAoJEO1n7NZdz2rnoeUP/0dlvrBv/wocTjPu+6K5OjIA
|
|
+GAvrrI+pESdnBQwYcIBfxq/YJIsgzVBAlqnrR1/s2fVOtkvhdcvzJAQSEVlvaYa
|
|
sJI2wn3lcT8KcH/JfNTxm/TgdDS25kPFl9SG1EdxE6ZSQHC4A0mjoEO9z4S7cq9i
|
|
FYS3VjY7AqZDJx6lCvQjW0Th4S/tvW1YZ62Tlnq3IT0JVpvVlxxPP9Qau7Z4DX8I
|
|
Pr+EqmBGdKINfzDXlrJ3TtLJ094mZw2CrhF1exmpdPAiuCUcKlt7xa6jGtm939iX
|
|
Pur9bIxl8pB/+uPB+vRq5wjzmg7s3ld8BWBV/NJjeLXSFb0hRxWcdbuvqcpiolQu
|
|
nIFsyaZ5h3QSxZG4NydB2Cr/A5lPG0aVGs76V9OnRbMy53NUrkyWZtGq0Qoyu9Zj
|
|
XaMDGeiFZcuR7VynrClGtJ9L+oeewQvScPsB5D2cwS+xsey7bTlOrpfT55Zouew2
|
|
4gsuW8kmoxq8zE3pqLn41td+ERrH0mFp1/0Zk4NdB5ylJA/o2DFeMIiJpHZ0OtWE
|
|
T0KJ05Hz2UkjaPx1UUUC1D3GTunETXMHu62XhgsJi9tJltKiHZskWZYS9u2zDP57
|
|
67nDjaORLbPIXUvMcQoOw/o7wFB4JWcnu/NUJdCHHHcSlec49fT+tfDzZvcfycrk
|
|
lTEHTA0GabtHC2G7vc+v
|
|
=3gBz
|
|
-----END PGP SIGNATURE-----
|