-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
=============================================================================
FreeBSD-EN-16:11.vmbus Errata Notice
The FreeBSD Project
Topic: Avoid using spin locks for channel message locks
Category: core
Module: vmbus
Announced: 2016-08-12
Credits: Microsoft OSTC
Affects: FreeBSD 10.3
Corrected: 2016-06-15 09:52:01 UTC (stable/10, 10.3-STABLE)
2016-08-12 04:01:16 UTC (releng/10.3, 10.3-RELEASE-p7)
For general information regarding FreeBSD Errata Notices and Security
Advisories, including descriptions of the fields above, security
branches, and the following sections, please visit
.
I. Background
The vmbus driver has a global lock hv_vmbus_g_connection.channel_msg_lock,
whose type is MTX_SPIN. The lock is used to protect concurrent access to the
global pending message list hv_vmbus_g_connection.channel_msg_anchor.
II. Problem Description
In some cases, sema_post() is invoked when the spin mutex is held.
III. Impact
Using sema_post() with a held spin mutex may trigger a system panic.
IV. Workaround
No workaround is available, however FreeBSD virtual machines not running in
Hyper-V or Azure are unaffected.
V. Solution
1) Upgrade your system to a supported FreeBSD stable or release / security
branch (releng) dated after the correction date. After which, reboot the
system.
2) To update your system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64
platforms can be updated via the freebsd-update(8) utility:
# freebsd-update fetch
# freebsd-update install
After which, reboot the system.
3) To update your system via a source code patch:
The following patches have been verified to apply to the applicable
FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
# fetch https://security.FreeBSD.org/patches/EN-16:11/vmbus.patch
# fetch https://security.FreeBSD.org/patches/EN-16:11/vmbus.patch.asc
# gpg --verify vmbus.patch.asc
b) Apply the patch. Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
c) Recompile your kernel as described in
and reboot the
system.
VI. Correction details
The following list contains the correction revision numbers for each
affected branch.
Branch/path Revision
- -------------------------------------------------------------------------
stable/10/ r301925
releng/10.3/ r303984
- -------------------------------------------------------------------------
To see which files were modified by a particular revision, run the
following command, replacing NNNNNN with the revision number, on a
machine with Subversion installed:
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
VII. References
The latest revision of this advisory is available at
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJXrUsfAAoJEO1n7NZdz2rnyAgP/3ZQ6JLhVWjdHHQz13XyT32r
NjhZ5VWdL8ZOd4psbLTmqMh79KT4u/bMZ4RackAcpX2agnpPx8sDQL5kaRNypQuj
OC+rTyRy4J/TZTeX6OPA+TSwOS/yczdGFhgexk0AuxoqWN3j8yZ/P+DyTC7y5CmD
8Fc9lcTAyFP/OEwybprWesRsC6wS1hKKhzz32e+i2EONzU5Xk8V3rondLZ2cSC9h
UaeUqJHCbdIogWt7h0zD3WKbcYEwdTmE6MNFJenjWLaIJQkFxqYUfncK9nePm+v7
W/QfVhEMuClKJRQRI6hHC+XJU2BxoXVB7uuJxk4rfLYO+TynvJ8w2iAMpf6liQLM
ChvBsczIDHtha7z1uqMRHouywHgSc/YWXodMrRRbOjDfFFHzsTIE/ZVdAncGqxwQ
/b7VmBS4kZRG5KP0ip/SHRUR+Ououp79gOkIphsT8ikpQKyHQVfG9FL8desSpE8f
nTyAWwlbBuIid7PqLcFwlIZuqbx52eMWG3//bZNKnxrx2b9RILNRDbOOrwbD2VHq
n9mO2EKdEPQg+Fz4omwCcmK2kMhknvotQ9oWUOGFK6i/BqZ6q5PffH4lxTyTS+Jr
oDxHZ3jmSVFb7bcjCqYwqpvxloOXY3ChgfYvnq3OI8Ry5Y7rnI8sGmKFwgqWcSqE
KS1LNBSGT1A7/mpgzld7
=GPUS
-----END PGP SIGNATURE-----