os/doc
3
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
doc/share/security/advisories/FreeBSD-EN-13:03.mfi.asc
Xin LI b735a9d213 Add two latest advisories: 
Fix an integer overflow in computing the size of a temporary buffer
can result in a buffer which is too small for the requested
operation. [13:09]

Fix a bug that could lead to kernel memory disclosure with
SCTP state cookie. [13:10]

Add latest errata notices:

Fix a data corruption problem with mfi(4) operating on > 2TB
disks in a JBOD. [EN-13:03]
2013-08-22 01:12:09 +00:00

109 lines
3.5 KiB
Text
Raw Blame History

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-EN-13:03.mfi Errata Notice
The FreeBSD Project
Topic: data corruption with mfi(4) JBOD disks > 2TB
Category: contrib
Module: mfi
Announced: 2013-08-22
Credits: Steven Hartland, Doug Ambrisko
Affects: FreeBSD 9.1
Corrected: 2012-12-03 18:37:02 UTC (stable/9, 9.1-STABLE)
2013-08-22 00:51:48 UTC (releng/9.1, 9.1-RELEASE-p6)
For general information regarding FreeBSD Errata Notices and Security
Advisories, including descriptions of the fields above, security
branches, and the following sections, please visit
<URL:http://security.freebsd.org/>.
I. Background
The mfi(4) driver supports LSI's next generation PCI Express SAS RAID
controllers. The driver supports JBOD attachment through /dev/mfisyspd?
device nodes.
Logical block addressing (LBA) is a common scheme used for specifying the
location of sectors on hard drives.
II. Problem Description
The way mfi(4) implements access of "syspd" or also known as JBOD always
uses READ10/WRITE10 commands for underlying disk. When writing over 2^32
sectors, the LBA would wrap and starts writing at the beginning of the
disk.
III. Impact
Writing beyond 2TB to mfi(4) connected JBODs would result in data corruption.
IV. Workaround
No workaround is available, but systems that do not use mfi(4) as a JBOD
HBA or do not have disks with 2^32 or more sectors (2^41 or more bytes with
512-byte logical sector size) are not affected.
V. Solution
Perform one of the following:
1) Upgrade your system to a supported FreeBSD stable or release / security
branch (releng) dated after the correction date.
2) To update your present system via a source code patch:
The following patches have been verified to apply to the applicable
FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
# fetch http://security.FreeBSD.org/patches/EN-13:03/mfi.patch
# fetch http://security.FreeBSD.org/patches/EN-13:03/mfi.patch.asc
# gpg --verify mfi.patch.asc
b) Apply the patch.
# cd /usr/src
# patch < /path/to/patch
c) Recompile your kernel as described in
<URL:http://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
system.
3) To update your system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64
platforms can be updated via the freebsd-update(8) utility:
# freebsd-update fetch
# freebsd-update install
VI. Correction details
The following list contains the revision numbers of each file that was
corrected in FreeBSD.
Branch/path Revision
- -------------------------------------------------------------------------
stable/9/ r243824
releng/9.1/ r254631
- -------------------------------------------------------------------------
VII. References
http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/173291
The latest revision of this Errata Notice is available at
http://security.FreeBSD.org/advisories/FreeBSD-EN-13:03.mfi.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.21 (FreeBSD)
iEYEARECAAYFAlIVY1YACgkQFdaIBMps37IHmwCfZH+1Gi0u7eYMXYevu0KHaG3a
rCwAn2ecdXnLOsaC6D6i2mo4dmI4HLDk
=AwdQ
-----END PGP SIGNATURE-----
Reference in a new issue View git blame Copy permalink