136 lines
4.8 KiB
Text
136 lines
4.8 KiB
Text
-----BEGIN PGP SIGNED MESSAGE-----
|
|
Hash: SHA512
|
|
|
|
=============================================================================
|
|
FreeBSD-EN-20:14.linuxkpi Errata Notice
|
|
The FreeBSD Project
|
|
|
|
Topic: Kernel panic in LinuxKPI subsystem
|
|
|
|
Category: core
|
|
Module: linuxkpi
|
|
Announced: 2020-07-08
|
|
Affects: FreeBSD 12.1 and 11.3
|
|
Corrected: 2020-01-22 00:30:27 UTC (stable/12, 12.1-STABLE)
|
|
2020-07-08 19:57:24 UTC (releng/12.1, 12.1-RELEASE-p7)
|
|
2020-01-22 15:51:24 UTC (stable/11, 11.3-STABLE)
|
|
2020-07-08 19:57:24 UTC (releng/11.3, 11.3-RELEASE-p11)
|
|
|
|
Note: FreeBSD 11.4 was branched after the original commit to the stable/11
|
|
branch and already includes this erratum.
|
|
|
|
For general information regarding FreeBSD Errata Notices and Security
|
|
Advisories, including descriptions of the fields above, security
|
|
branches, and the following sections, please visit
|
|
<URL:https://security.FreeBSD.org/>.
|
|
|
|
0. Revision history
|
|
|
|
v1.0 Initial release.
|
|
v1.1 Correct typo in patch URL.
|
|
|
|
I. Background
|
|
|
|
The LinuxKPI subsystem allows kernel code ported from Linux to run in the
|
|
FreeBSD kernel without extensive modification. Some graphics drivers make
|
|
use of this subsystem.
|
|
|
|
II. Problem Description
|
|
|
|
A bug in one of the LinuxKPI subroutines could cause a kernel panic.
|
|
|
|
III. Impact
|
|
|
|
Certain graphical applications may trigger a kernel panic. This is most
|
|
often observed when using X11 forwarding to run an application remotely.
|
|
|
|
IV. Workaround
|
|
|
|
No workaround is available.
|
|
|
|
V. Solution
|
|
|
|
Upgrade your system to a supported FreeBSD stable or release / security
|
|
branch (releng) dated after the correction date and reboot.
|
|
|
|
Perform one of the following:
|
|
|
|
1) To update your system via a binary patch:
|
|
|
|
Systems running a RELEASE version of FreeBSD on the i386 or amd64
|
|
platforms can be updated via the freebsd-update(8) utility:
|
|
|
|
# freebsd-update fetch
|
|
# freebsd-update install
|
|
# shutdown -r +10min "Rebooting for errata update"
|
|
|
|
2) To update your system via a source code patch:
|
|
|
|
The following patches have been verified to apply to the applicable
|
|
FreeBSD release branches.
|
|
|
|
a) Download the relevant patch from the location below, and verify the
|
|
detached PGP signature using your PGP utility.
|
|
|
|
# fetch https://security.FreeBSD.org/patches/EN-20:14/linuxkpi.patch
|
|
# fetch https://security.FreeBSD.org/patches/EN-20:14/linuxkpi.patch.asc
|
|
# gpg --verify linuxkpi.patch.asc
|
|
|
|
b) Apply the patch. Execute the following commands as root:
|
|
|
|
# cd /usr/src
|
|
# patch < /path/to/patch
|
|
|
|
c) Recompile your kernel as described in
|
|
<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
|
|
system.
|
|
|
|
VI. Correction details
|
|
|
|
The following list contains the correction revision numbers for each
|
|
affected branch.
|
|
|
|
Branch/path Revision
|
|
- -------------------------------------------------------------------------
|
|
stable/12/ r356953
|
|
releng/12.1/ r363023
|
|
stable/11/ r356987
|
|
releng/11.3/ r363023
|
|
- -------------------------------------------------------------------------
|
|
|
|
To see which files were modified by a particular revision, run the
|
|
following command, replacing NNNNNN with the revision number, on a
|
|
machine with Subversion installed:
|
|
|
|
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
|
|
|
|
Or visit the following URL, replacing NNNNNN with the revision number:
|
|
|
|
<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
|
|
|
|
VII. References
|
|
|
|
<other info on the problem>
|
|
|
|
<URL:https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=242913>
|
|
|
|
The latest revision of this advisory is available at
|
|
<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-20:14.linuxkpi.asc>
|
|
-----BEGIN PGP SIGNATURE-----
|
|
|
|
iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAl8HMxlfFIAAAAAALgAo
|
|
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
|
|
MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
|
|
5cJDsw/+PR1IEm7ZgK7zdSLfUzWlioBCyE+V/qV+IZjfAvAg8CMJwVwF9MCAOm/M
|
|
ON/9GRlkN6SawFL6zdGjRTXvOq+WPI+oGQtQXIFKWx/yUl67UI1ZnlxscQjme0LU
|
|
a6TBqyZhua71lYwRMVC08eacoD0v55WUjFOdGMN4ZxRxe5XMOXIC9DY5dizNGtfH
|
|
CeWaSdG2Q2JNMVrCyIewcER1QP1VvXkCm1axV85fyVBUvX5VBo+5bd9hhIqTmH/D
|
|
06lQF4wEbeCQ4ES62neDXgwLnkNunsKwbOUAQ45uvXZYKMG9ysScCBsjNP6bsMqD
|
|
0ktY9Srfah6UblZ9mVW/q+Vz8ur5PKlfpagIkoKqXdYvl2ehjzxCFmbAGW5lEusy
|
|
d/X7BsL65R2OaFrYq25FQ026bCPJ5+SfrO/kmZM+tQLNMqcS6DvmvZWrNRcksC4G
|
|
0TrUq4TbI/ZKLqFtttNZdpWsrjxaxi35yRTNVL0lQiJvawOG8nEWKCujKvAmsRtk
|
|
roq2SJ051qKGE5h2wz6YiNNngmkyPSjohygekEO+jRLImZECFvqlh9F5v0Gqy4tq
|
|
j16au8CdApKLCxgWzR23oOgvkaJvzV0z4mKflUYoODu5ic830rMgNq3TYVgU+lTM
|
|
1AW6lm0osrvda2+KazzvBWmio81bzxX18jfITRphCBGCQejdkNU=
|
|
=H/7U
|
|
-----END PGP SIGNATURE-----
|