1. Forum
  2. Usenet
  3. COMP.UNIX.BSD.FREEBSD.ANN

  • [FreeBSD-Announce] FreeBSD Errata Notice FreeBSD-EN-19:19.loader

    From FreeBSD Errata Notices@21:1/5 to All on Tue Nov 12 20:00:00 2019
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    ============================================================================= FreeBSD-EN-19:19.loader Errata Notice
    The FreeBSD Project

    Topic: UEFI Loader Memory Fragmentation

    Category: core
    Module: loader
    Announced: 2019-11-12
    Credits: Rebecca Cran
    Affects: FreeBSD 12.0 and later
    Corrected: 2019-09-27 05:12:28 UTC (stable/12, 12.1-STABLE)
    2019-11-12 18:10:26 UTC (releng/12.1, 12.1-RELEASE-p1)
    2019-11-12 18:10:26 UTC (releng/12.0, 12.0-RELEASE-p12)

    For general information regarding FreeBSD Errata Notices and Security Advisories, including descriptions of the fields above, security
    branches, and the following sections, please visit <URL:https://security.FreeBSD.org/>.

    I. Background

    Prior to executing the kernel, the UEFI loader must obtain the final memory
    map from the firmware and pass it to the kernel for consumption.

    II. Problem Description

    Allocating memory to retrieve the memory map may cause further fragmentation
    in the memory map. This fragmentation may cause the memory map to grow
    enough for the previously allocated memory to no longer be sufficient to
    hold the memory map. In this case, the UEFI loader would simply fail to
    boot the kernel instead of reallocating and attempting to fetch the memory
    map again.

    III. Impact

    Some systems may intermittently fail to boot due to this fragmentation, and require a restart.

    IV. Workaround

    No workaround is available. Systems that are not configured to boot via the UEFI loader are not affected, and not all systems that are configured to
    boot via the UEFI loader will exhibit this behavior.

    V. Solution

    Upgrade your system to a supported FreeBSD stable or release / security
    branch (releng) dated after the correction date.

    Perform one of the following:

    1) To update your system via a binary patch:

    Systems running a RELEASE version of FreeBSD on the i386 or amd64
    platforms can be updated via the freebsd-update(8) utility:

    # freebsd-update fetch
    # freebsd-update install

    2) To update your system via a source code patch:

    The following patches have been verified to apply to the applicable
    FreeBSD release branches.

    a) Download the relevant patch from the location below, and verify the
    detached PGP signature using your PGP utility.

    [FreeBSD 12.x]
    # fetch https://security.FreeBSD.org/patches/EN-19:19/loader.patch
    # fetch https://security.FreeBSD.org/patches/EN-19:19/loader.patch.asc
    # gpg --verify loader.patch.asc

    b) Apply the patch. Execute the following commands as root:

    # cd /usr/src
    # patch < /path/to/patch

    c) Recompile the operating system using buildworld and installworld as described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.

    If the system was first installed with FreeBSD 12.0 or later a copy of the
    EFI loader is installed as \EFI\freebsd\loader.efi on the EFI System
    Partition (ESP). In that case mount the ESP and copy /boot/loader.efi to \EFI\freebsd\loader.efi.

    VI. Correction details

    The following list contains the correction revision numbers for each
    affected branch.

    Branch/path Revision
    - ------------------------------------------------------------------------- stable/12/ r352788 releng/12.1/ r354652 releng/12.0/ r354652
    - -------------------------------------------------------------------------

    To see which files were modified by a particular revision, run the
    following command, replacing NNNNNN with the revision number, on a
    machine with Subversion installed:

    # svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base

    Or visit the following URL, replacing NNNNNN with the revision number:

    <URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>

    VII. References

    The latest revision of this advisory is available at <URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-19:19.loader.asc> -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAl3K+jlfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n 5cKo6hAAlrPVQSTQ+PGu9YtAdLG/0NZlIRdFNyjqKekkQDSEQnh35MKzVrZW4mmu 12pM2ELRU3e4HZbZEXi0B98HAqGrbSrlXHKAwosMMmhrkNBXU+fUQcjbxHfEiRoE oXPhYNTQD+7ph3A2CO0mGi5d5aSdMeZqr6ayJvmlEzg/Btd0v/SnB5XWRw0c3xP2 bCfXqS8ne2Nc0LCMzAoC69b/HQr/hi45ukbkexON+vUH0wB8N3QzwtjtZYXNMCoD T7w5FsW6ZnPqTFVNfQfIT9DUZCE0TJ4HD3D2GNX9rs8tvetgWpE7sXbRbRb87MIR zt85nwyriVjovbi24oyMgmjFgIqteRqDBG96XEWWB6YhHrOPoXd76RaOStX2r4yj q01i+lNNb5P0mqTvHQWx7XyDlhzVJsZEK6UyeFKT8WWarrFQ5FzLU3Fdr3G9pRAb 1VZJCW6GgEYlOxMBVHANtUJi3JTCWSG7vw2GNLkpwHfhpPDSV8wSKNVcpTjzHS5K 9u5iLsfNl3RtA1qD2/PPVyz12au045+WjAzlWzR8ioivRF8KwqKuwFdSUpVGcIDm +y5YOanAgT2LxpNLf0ZbHmAZaR5kCtBDGuDFW6+z2zPHaea9opIprutgqERzc9Es XHh3M29OeO457JiU/yTliLraObpf0rEFUG7d30TDO1wywR/ehlM=
    =ayk8
    -----END PGP SIGNATURE-----
    _______________________________________________
    freebsd-announce@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-announce
    To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)