134 lines
4.6 KiB
Text
134 lines
4.6 KiB
Text
-----BEGIN PGP SIGNED MESSAGE-----
|
|
Hash: SHA512
|
|
|
|
=============================================================================
|
|
FreeBSD-EN-17:06.hyperv Errata Notice
|
|
The FreeBSD Project
|
|
|
|
Topic: Boot compatibility improvements with Azure VMs
|
|
|
|
Category: core
|
|
Module: hyperv/storvsc
|
|
Announced: 2017-07-12
|
|
Credits: Microsoft OSTC
|
|
Affects: FreeBSD 10.3
|
|
Corrected: 2016-10-19 08:45:19 UTC (stable/10, 10.3-STABLE)
|
|
2017-07-12 08:07:55 UTC (releng/10.3, 10.3-RELEASE-p20)
|
|
|
|
For general information regarding FreeBSD Errata Notices and Security
|
|
Advisories, including descriptions of the fields above, security
|
|
branches, and the following sections, please visit
|
|
<URL:https://security.FreeBSD.org/>.
|
|
|
|
I. Background
|
|
|
|
Hyper-V is a default hypervisor provided on Windows server by Microsoft.
|
|
The ATA driver is the legacy storage driver for FreeBSD on Hyperv; now they
|
|
are replaced by a synthetic driver which has better performance.
|
|
|
|
There are issues when attaching multiple synthetic storage drivers for
|
|
FreeBSD 10.3 on some of Hyper-V hosts.
|
|
|
|
The CD/DVD cannot be detected in some circumstances which causes provisioning
|
|
fail on Azure.
|
|
|
|
II. Problem Description
|
|
|
|
The disk INQUIRY response is not complete for FreeBSD 10.3 on some
|
|
Hyper-V hosts, which will cause the disks to be detached during boot.
|
|
|
|
An interrupt is missing if we allow intr_shuffle_irqs on Hyper-V.
|
|
|
|
III. Impact
|
|
|
|
FreeBSD 10.3 can not be boot properly on a guest system on Hyper-V host.
|
|
|
|
IV. Workaround
|
|
|
|
No workaround is available, however systems not running within Hyper-V or
|
|
Azure are unaffected.
|
|
|
|
V. Solution
|
|
|
|
Perform one of the following:
|
|
|
|
1) Upgrade your system to a supported FreeBSD stable or release / security
|
|
branch (releng) dated after the correction date.
|
|
|
|
A reboot is required.
|
|
|
|
2) To update your system via a binary patch:
|
|
|
|
Systems running a RELEASE version of FreeBSD on the i386 or amd64
|
|
platforms can be updated via the freebsd-update(8) utility:
|
|
|
|
# freebsd-update fetch
|
|
# freebsd-update install
|
|
|
|
A reboot is required.
|
|
|
|
3) To update your system via a source code patch:
|
|
|
|
The following patches have been verified to apply to the applicable
|
|
FreeBSD release branches.
|
|
|
|
a) Download the relevant patch from the location below, and verify the
|
|
detached PGP signature using your PGP utility.
|
|
|
|
# fetch https://security.FreeBSD.org/patches/EN-17:06/hyperv.patch
|
|
# fetch https://security.FreeBSD.org/patches/EN-17:06/hyperv.patch.asc
|
|
# gpg --verify hyperv.patch.asc
|
|
|
|
b) Apply the patch. Execute the following commands as root:
|
|
|
|
# cd /usr/src
|
|
# patch < /path/to/patch
|
|
|
|
c) Recompile your kernel as described in
|
|
<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
|
|
system.
|
|
|
|
VI. Correction details
|
|
|
|
The following list contains the correction revision numbers for each
|
|
affected branch.
|
|
|
|
Branch/path Revision
|
|
- -------------------------------------------------------------------------
|
|
stable/10/ r307623
|
|
releng/10.3/ r320912
|
|
- -------------------------------------------------------------------------
|
|
|
|
To see which files were modified by a particular revision, run the
|
|
following command, replacing NNNNNN with the revision number, on a
|
|
machine with Subversion installed:
|
|
|
|
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
|
|
|
|
Or visit the following URL, replacing NNNNNN with the revision number:
|
|
|
|
<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
|
|
|
|
VII. References
|
|
|
|
<URL:https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=212721>
|
|
|
|
The latest revision of this advisory is available at
|
|
<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-17:06.hyperv.asc>
|
|
-----BEGIN PGP SIGNATURE-----
|
|
Version: GnuPG v2.1.21 (FreeBSD)
|
|
|
|
iQIzBAEBCgAdFiEEHPf/b631yp++G4yy7Wfs1l3PaucFAllmPAEACgkQ7Wfs1l3P
|
|
aucYWA/+MnvacneOAPWlxl5EoZClil8fFLfXvnWocUOxrdKEFdCDR4Kro/a4BvUz
|
|
gyj6H5sKvM1j3laRZGsUDrK8iQyBwtYSmanCZvRHNau7OHNqy2gbbJaeDN6APy/j
|
|
Jyp+GrIQa+o3+m15VuC8gZzbobNkdGwp7IS4gBDRC/u804Rij+DG0RMiUF0uZhxX
|
|
n2JPTmsAKUls1o2H+02gLseDaNGMHkFGv9vGp4s9L6RZHLLcSrw9gYwLZYCb0tFE
|
|
OyJzpZSSzvXjMprjAD+Ay2CIR2WHSqaxfs2jK4pqwbZnE9mIsW6wm+4FaH+ZLbzO
|
|
KeMgP9f6T4WByQQEw66fSYufepC4qVDZnmeRwNph6nvv3bgqlpueceq5M+pZMM7k
|
|
UvEH7I2nNfpAvtM5uzFOqyNNMuMwkLcLm10o/3AXumLKAL2Co5xsiViotryhB/mb
|
|
XP3l9zvt6uwIlYwOJ0r2i0bbtGrtUZml74iBJU5Wu4ItztWOeCRJCosk+dbc2YZW
|
|
uYOGwopo5n0SzypWG3CdZpSlhrvKwJrlEFLK6pHXYzC4gL8Wlqw8b/OMeu/yCvH8
|
|
MLRsitGiRK5sSSAitLjDqfRbxULq0o5F2K/OKRZw3LHL2m0Z+HNI0B68RTfhXp5U
|
|
w3QQk20/7A2Au5Tgv9ihmCE7C7TdOYyNaN6n974kZUfaH6ggsmY=
|
|
=ycJf
|
|
-----END PGP SIGNATURE-----
|