3571e53040
patches for easier mirroring, to eliminate a special copy, to make www.freebsd.org/security a full copy of security.freebsd.org and be eventually be the same. For now files are just sitting there. The symlinks are missing. Discussed on: www (repository location) Discussed with: simon (so)
84 lines
3 KiB
Text
84 lines
3 KiB
Text
-----BEGIN PGP SIGNED MESSAGE-----
|
|
Hash: SHA1
|
|
|
|
|
|
FreeBSD-EN-05:01.nfs Errata Notice
|
|
The FreeBSD Project
|
|
|
|
Topic: NFS Server may panic under certain load patterns
|
|
|
|
Category: core
|
|
Module: nfsserver
|
|
Announced: 2005-01-05
|
|
Credits: Robert Watson
|
|
Affects: FreeBSD 5.3-RELEASE
|
|
Corrected: 2005-01-05 03:35:00 UTC
|
|
|
|
I. Background
|
|
|
|
The Network File System (NFS) allows a system to share directories and files
|
|
with others over a network. By using this, users and programs can access
|
|
files on remote systems almost as if they were local files.
|
|
|
|
II. Problem Description
|
|
|
|
Due to a bug in nfsrv_create() a call to nfsrv_access() might be made
|
|
while holding the NFS server mutex, which results in kernel panics under
|
|
certain load patterns.
|
|
|
|
III. Impact
|
|
|
|
NFS servers that encountered the load pattern would crash and reboot.
|
|
|
|
IV. Solution
|
|
|
|
Do one of the following to update the source tree:
|
|
|
|
1) Upgrade your vulnerable system to the RELENG_5_3 errata branch dated
|
|
after the correction date using cvsup(1) or cvs(1). This is the
|
|
preferred method.
|
|
|
|
2) Obtain the updated files using the cvsweb interface. Cvsweb is a
|
|
Web interface to the CVS repository. The URL to the general
|
|
interface is "http://www.freebsd.org/cgi/cvsweb.cgi/". You can
|
|
obtain any of the source files for the RELENG_5_3 branch by going
|
|
to the src directory ("http://www.freebsd.org/cgi/cvsweb.cgi/src")
|
|
and then selecting the "RELENG_5_3" branch tag. With the branch
|
|
tag set navigate to the files listed below in the "Correction
|
|
details" section and download them, making sure you get the correct
|
|
revision numbers. Copy the downloaded files into your /usr/src tree.
|
|
|
|
If using the second procedure you should make sure you have used that
|
|
same procedure to download all previous Errata Notices and Security
|
|
Advisories. We strongly discourage this procedure due to the problems
|
|
that may be caused by not doing that - using the first procedure takes
|
|
care of making sure all updates get applied.
|
|
|
|
Then follow the normal procedures for rebuilding/reinstalling the kernel.
|
|
Details about rebuilding/reinstalling are available here:
|
|
|
|
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/kernelconfig.html
|
|
|
|
V. Correction details
|
|
|
|
The following list contains the revision numbers of each file that was
|
|
corrected in FreeBSD.
|
|
|
|
Branch Revision
|
|
Path
|
|
- --------------------------------------------------------------------------
|
|
RELENG_5_3
|
|
|
|
Revision Changes Path
|
|
1.342.2.13.2.6 +5 -0 src/UPDATING
|
|
1.62.2.15.2.8 +1 -1 src/sys/conf/newvers.sh
|
|
1.147.2.1.2.2 +52 -38 src/sys/nfsserver/nfs_serv.c
|
|
|
|
- --------------------------------------------------------------------------
|
|
-----BEGIN PGP SIGNATURE-----
|
|
Version: GnuPG v1.4.0 (FreeBSD)
|
|
|
|
iD8DBQFB3HLR/G14VSmup/YRAuOXAJwI4YDlIDgLSkf8gTGSGKV+9CJX0wCgmVik
|
|
x/MKtaf+dAelJTDxrUGUfmo=
|
|
=ywyb
|
|
-----END PGP SIGNATURE-----
|