1. Forum
  2. Usenet
  3. COMP.UNIX.BSD.FREEBSD.ANN

  • FreeBSD Errata Notice FreeBSD-EN-23:06.loader

    From FreeBSD Errata Notices@21:1/5 to All on Wed Jun 21 07:00:09 2023
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    ============================================================================= FreeBSD-EN-23:06.loader Errata Notice
    The FreeBSD Project

    Topic: x86 kernel console configuration

    Category: core
    Module: loader
    Announced: 2023-06-21
    Affects: FreeBSD 13.x
    Corrected: 2023-04-26 17:30:19 UTC (stable/13, 13.2-STABLE)
    2023-06-21 05:05:15 UTC (releng/13.2, 13.2-RELEASE-p1)
    2023-06-21 05:05:51 UTC (releng/13.1, 13.1-RELEASE-p8)

    For general information regarding FreeBSD Errata Notices and Security Advisories, including descriptions of the fields above, security
    branches, and the following sections, please visit <URL:https://security.FreeBSD.org/>.

    I. Background

    The x86 loader's "comconsole" driver drives an ns16550-like uart for the loader output, and it also generates a console specification for the kernel to use.

    II. Problem Description

    comconsole will unconditionally clear the hw.uart.console environment variable, whether the system is configured to use comconsole or not.

    III. Impact

    Systems with uart hardware that the kernel supports but loader doesn't cannot be
    configured to use this uart for console output if comconsole clears the hw.uart.console variable even when it's not in use.

    IV. Workaround

    No workaround is available, but non-x86 machines and x86 machines using UEFI to boot are not affected.

    V. Solution

    Upgrade your system to a supported FreeBSD stable or release / security
    branch (releng) dated after the correction date. A reboot will be required to get console output.

    Perform one of the following:

    1) To update your system via a binary patch:

    Systems running a RELEASE version of FreeBSD on the amd64, i386, or
    (on FreeBSD 13 and later) arm64 platforms can be updated via the freebsd-update(8) utility:

    # freebsd-update fetch
    # freebsd-update install
    # reboot

    2) To update your system via a source code patch:

    The following patches have been verified to apply to the applicable
    FreeBSD release branches.

    a) Download the relevant patch from the location below, and verify the
    detached PGP signature using your PGP utility.

    # fetch https://security.FreeBSD.org/patches/EN-23:06/loader.patch
    # fetch https://security.FreeBSD.org/patches/EN-23:06/loader.patch.asc
    # gpg --verify loader.patch.asc

    b) Apply the patch. Execute the following commands as root:

    # cd /usr/src
    # patch < /path/to/patch

    c) Recompile the operating system using buildworld and installworld as described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.

    Reboot the system to use the new /boot/loader.

    VI. Correction details

    This issue is corrected by the corresponding Git commit hash or Subversion revision number in the following stable and release branches:

    Branch/path Hash Revision
    - ------------------------------------------------------------------------- stable/13/ 362677cae8e9 stable/13-n255172 releng/13.2/ 525ac1948af8 releng/13.2-n254618 releng/13.1/ 5d2bbb9db2d2 releng/13.1-n250184
    - -------------------------------------------------------------------------

    Run the following command to see which files were modified by a
    particular commit:

    # git show --stat <commit hash>

    Or visit the following URL, replacing NNNNNN with the hash:

    <URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>

    To determine the commit count in a working tree (for comparison against
    nNNNNNN in the table above), run:

    # git rev-list --count --first-parent HEAD

    VII. References

    The latest revision of this advisory is available at <URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-23:06.loader.asc> -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEthUnfoEIffdcgYM7bljekB8AGu8FAmSSkjkACgkQbljekB8A Gu/4HQ//WJFI/SehPJhbpyGKsePYJSecIA6FYS3/pEYmffxEHCxAlWIovYfZwEsl 7UrqQfCOFIEtF2Au4GAhI2srH7+ecEFYyHzMfrWANLRMnHlqqLUqCdgmY6FKSM+v L0kIOh2ygMCU4s1nNjXDT5rwjLhS8rl+oaVbDvSHBIcwyNL0FdouuMnQR2GcHW1q nu+iYXCG0OAS7DAJ1hmPG5f85iXvt8dRfC9i/EH7sQSLJ8wZQIgQXOGbwwpMbPDW dsPP3mvxZ2h2i3WAMd2bidby+ImbDynpiabT8BuTg7vOo6P6pf+bREKKnHOQrN4C sZGzpPDGPKo0rAJ94R5qAS2QgzGX5gS/p0vporpwnvKZWL18AoioHp/Bh9TXFWfW 8aQn2LcIEjd/vhU1B1Erg1ctavD71W6A5ZTxU5BocNot3ZIts2VTuF2LajUJ8bSp y2DBP3FmpFZi3CHvDV3NmJvUyasHb12EipYhamzAWpvUxRC0YP1zLaYbFRusSlFA D6rjrRh0sd9AGip6gZ0ZSLd0v7kuebpqCh8nTEd1Betyg1pa00SGLTp++RsPcgow D6ty5KWjItqbS1UGibFAexXRTc0PPW+/Jd+UmgoAWA6HYuw4HwznxIdfBGy4qMsN V30TjUxl7ulInD3Ts92TOU5FpHiS2yGNFLBkeT/RClbnaXHIC0Y=
    =gAQK
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)