From nobody Tue Nov 01 22:21:09 2022 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4N24H95DF5z4gBbF for ; Tue, 1 Nov 2022 22:21:09 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2610:1c1:1:6074::16:84]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4N24H92kYFz3WQq; Tue, 1 Nov 2022 22:21:09 +0000 (UTC) (envelope-from security-advisories@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1667341269; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=Tl8bqFf1oNwIKyo7qFtDkxa7XfVLUJ+RdPIYKSZJYno=; b=Tdc6SqTWpDpSPwLNxDq2ki75j0U690uyYb0S3uor8zC72MFilojOygtgJ0658gblhqVSHw kl5gd1+HTw46xD9/XVctvAWWYlMi9ET/yAkW5FIlflt51R6mjXOpw5ppY3Yw9yJq+qsK+9 EXzj1WWSFp7sMwnmxdYm7c88guRK4xN84p4NvQucmVUmP2ustAASFG1F11O82JnbL1NCpO dzg5uwloAcHxevT5LCU/3+46I3s2r+mdpTZLSzFCxjtLe/z/Csf6btHkAFcceshwXP6JUB AumeUtq0swelK6ztrVWz3Ilm5veKPLPYTz+2IZB+zkiVRyZR+LVwCuljbZEs5A== Received: by freefall.freebsd.org (Postfix, from userid 945) id 4D2C5399E; Tue, 1 Nov 2022 22:21:09 +0000 (UTC) From: FreeBSD Errata Notices To: FreeBSD Errata Notices Subject: FreeBSD Errata Notice FreeBSD-EN-22:26.cam Reply-To: freebsd-stable@freebsd.org Precedence: bulk Message-Id: <20221101222109.4D2C5399E@freefall.freebsd.org> Date: Tue, 1 Nov 2022 22:21:09 +0000 (UTC) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1667341269; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=Tl8bqFf1oNwIKyo7qFtDkxa7XfVLUJ+RdPIYKSZJYno=; b=AdZNpB6+lf+lIlo4J4GLKvDGp9hyc6VwvthlOQSxQUZIOtXqecjriPDCjA+iS0GQVc4Ojb UIbazFpVPYcq4oinLK6u685ezwQ3hcGhTpZtU+AO02lGerxqTi33tBoIkYjQCe3XSAJLtA RKYEHJcXTqyAGBch0UsxwwOjMWS2/SXiu8xVj1fpJSEJuSCf304VjzjCA2ziyTJot2lANo 8rtHfT3h4tHiCXCb48H0ISLz6JWLYLS3r5hZu20E41hZlrxWKdkMt/7tEgTpg3h3bFKguE wusIjSZmc0+0eQo5FcBOwtdFDmG/XIP+B39xoxqaxOJsDdeBO9/kUeY/jU9Jmg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1667341269; a=rsa-sha256; cv=none; b=X/A2X8B2/3YIx+faBBYnvak90mXGJYk6rmFuFxa4Ndv+3589ewrabAw5BGqvvMAGSZZwF/ Fv6Vu1cFpnIls5g5ielk9DAu8i4O7NSSCLGfr4GcMUz028PwYMeUQZe2vzi5PbRQo9uJ6w Jc4SAbGMzxcKvoWCpY7XusxBAPhEsC/u8XIyNqGctmoxAqclJ3oWH5Vohd/Xy7Kxccx4UD ugXOCO3xaszb+95K+AXWR6VT/umpw01SuXmzTuRnQ91uFnzWQoDyBc4gK0gW+0KZ2IM+Ih 7szTLMGJKwE7ceMqGTgHemaxN/BHHAI2+nTqOO6zwo48ETiCtA7QHM4WQfBtHQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-EN-22:26.cam Errata Notice The FreeBSD Project Topic: CAM ioctl(2) compatibility breakage Category: core Module: cam Announced: 2022-11-01 Affects: FreeBSD 13.1 Corrected: 2022-10-13 00:44:16 UTC (stable/13, 13.1-STABLE) 2022-11-01 13:28:11 UTC (releng/13.1, 13.1-RELEASE-p3) For general information regarding FreeBSD Errata Notices and Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background CAM (Common Access Method) is a FreeBSD kernel subsystem which handles various aspects of storage management. Various CAM components expose an ioctl(2) interface to userspace. II. Problem Description A backwards-incompatible change to the CAM ioctl interface was made. Partial compatibility support for the old version of the interface was provided, but it was incomplete. In particular, CAM periph drivers did not handle the old version of the CAMGETPASSTHRU ioctl. III. Impact Software applications which make use of the CAM ioctl(2) interface may fail to work following an upgrade to FreeBSD 13.1. IV. Workaround Affected applications can be recompiled on FreeBSD 13.1. V. Solution Upgrade your system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date and reboot. Perform one of the following: 1) To update your system via a binary patch: Systems running a RELEASE version of FreeBSD on the amd64, i386, or (on FreeBSD 13 and later) arm64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install # shutdown -r +5min "Installing errata update" 2) To update your system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch https://security.FreeBSD.org/patches/EN-22:26/cam.patch # fetch https://security.FreeBSD.org/patches/EN-22:26/cam.patch.asc # gpg --verify cam.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in and reboot the system. VI. Correction details This issue is corrected by the corresponding Git commit hash or Subversion revision number in the following stable and release branches: Branch/path Hash Revision - ------------------------------------------------------------------------- stable/13/ 16d4c1de7b40 stable/13-n252721 releng/13.1/ fff5c5fe911e releng/13.1-n250161 - ------------------------------------------------------------------------- Run the following command to see which files were modified by a particular commit: # git show --stat Or visit the following URL, replacing NNNNNN with the hash: To determine the commit count in a working tree (for comparison against nNNNNNN in the table above), run: # git rev-list --count --first-parent HEAD VII. References The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmNhmLEACgkQ05eS9J6n 5cJRzQ//XtqKLesa2RAQiFgGcWeBjbmSqz+0zriFkfZxHyp4VgORXVwOrqUJrO6M SX4TnZ5a+ElbZd1yulSB7JgHSV7ZWh/ltSTUIIGAg+514YtfwhrzJ8ID3Kt01lA2 KGJMaKZOlyLihbaeIyJm1IvgjFi24QxDRLA479PhtZjjMlrVhm49PLum2TDR7qwr j44pisNGqhxgA6C6YZW4XaNDJ4kISOFjYPmlKLC6qi7i8vsPXJNzgrZq6zJscomh fvk7Th3/1p65+KNSK26aJbmxqvgJDRJHyCXseAYylxyISvuoVmvWrgDFYmwCgfy0 /VNsnxDRPvx+tpGvLyWBGcb5slUg/+j8JxK1pgV5xRUQ30CGP42jQWGMmIna3Lud pv6Q1jhvcZWKC7kuZIdyzj/UgeQPwGw8qLax4DSSvysMU7YDkBwE3l4909eZElkG okitdWuWeHnz//CC6dtJE2mGmgoIFUr/uKro2TMV5a6/97A/1CFULydc8dd4objV YHaXEda1scMzq8GevfDFhji2gqg7tZ4eB7M0VVSgMBjcHkbIldpgtm1wKRNDBXPP rbvi0aKr1GcrBp19Jeuaz6rxGEzvsxEhBC5lW8hIBiYQEaMK6OJrzkJEiUGQCHPl JrynKvzC6dHnFKFhVfZaG1SZ2wS7hXnV0Y1LnNjPwK9zrJJJcgc= =KqXj -----END PGP SIGNATURE-----