From owner-freebsd-security@freebsd.org Fri Jun 22 04:35:00 2018 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 072CA100D68B for ; Fri, 22 Jun 2018 04:35:00 +0000 (UTC) (envelope-from gordon@tetlows.org) Received: from mail-vk0-x236.google.com (mail-vk0-x236.google.com [IPv6:2607:f8b0:400c:c05::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 86A3A7D70E for ; Fri, 22 Jun 2018 04:34:59 +0000 (UTC) (envelope-from gordon@tetlows.org) Received: by mail-vk0-x236.google.com with SMTP id w8-v6so3194059vkh.4 for ; Thu, 21 Jun 2018 21:34:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tetlows.org; s=google; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=+IHDCnre3MYFA9Jz2NCw2fcnovhNBV4xxu6WtuGYzNk=; b=dK3NHCv2/RFEQ5l5e7Hwqlq8AS7vL6/+9C0EXvOs7NUj04e2vg6FAnKMMDv2nqjyu5 d5y9TfsqY4ZSyEYGUxW0c7Qs01yyJTH2PflklAr1DpMOeFCUPRyG3W0R7C4nuJQ75rKq oUu+UrF8p+VjxON0P0sFldu/0yEl4oV66gNPk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=+IHDCnre3MYFA9Jz2NCw2fcnovhNBV4xxu6WtuGYzNk=; b=Ctf7Eg/Kk2xmnv5N8fZABsuZcQNefOmL3p7D7p85qc8/+g7Jc7wZaTkwS0oZfoIlpb RwTTBynksAXUcIsapttJIE8uSHuGkfI634vk21IKUUTe1BrL4XKAskP/zcjZicseEb7Y ZHU0ct0KBViMEODltN/wZ0NR1tbFI0HQfOzuxqTmXygpT8CKec2mC6HcO0MIiCaPqS85 8vvxXUsSy4m3n1CcfwYoFydjjD+TWDxzZzzE+fHWv23VBBLAaHzMXPTd24Fm8EJqTy5L oKlZfPDwzznubJ2U7X9ilyLDOB9kTlnKcTJvZB87KNMMTiPK8d9blatNeE34KqjCHNbx Bt8g== X-Gm-Message-State: APt69E0c4ZFAW2BACQUZS/yb/Wr69R7YSCyZ1kyRO1dbW4krDxQ9Jocn gzRXNOEWwBgFmdxE1eNHep4xIHKTwKJgA6dJiP2jp2E= X-Google-Smtp-Source: ADUXVKIbEmOrbc5uPfNobTtDCOqtt2OginkceBnb8cOHYIi5eMrhjONaQxC6Qdt31GfF+PtWo/TU4AYpcwUEMEdKtAo= X-Received: by 2002:a1f:7f06:: with SMTP id o6-v6mr26283vki.148.1529642098674; Thu, 21 Jun 2018 21:34:58 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:ab0:4546:0:0:0:0:0 with HTTP; Thu, 21 Jun 2018 21:34:58 -0700 (PDT) In-Reply-To: References: From: Gordon Tetlow Date: Thu, 21 Jun 2018 21:34:58 -0700 Message-ID: Subject: Re: Recent security patch cause reboot loop on 11.1 RELEASE To: Denis Polygalov Cc: freebsd-security Content-Type: text/plain; charset="UTF-8" X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 22 Jun 2018 04:35:00 -0000 Hmm. I'm unable to reproduce the error in any of my testing scenarios. I apologize for not being to help further. As kib advised, if you can please post a verbose dmesg from a successful boot along with where you believe the panic occurs on a bad boot. Gordon On Thu, Jun 21, 2018 at 5:13 AM, Denis Polygalov wrote: > Seems like I did not cc my reply to the mailing list. > Doing it now because I found a hint which may > lead to the cause of the reboot loop. > > Removing: > > linux_load="YES" > linprocfs_load="YES" > linsysfs_load="YES" > > prevent the reboot loop in multi-user mode but > leave me without Linux emulation... > > Regards, > Denis. > >> Hi Gordon, >> >> this is real hardware. I found the reason (see below). >> Setting hw.lazy_fpu_switch=1 in /boot/loader.conf makes no difference. >> No panic messages. >> I can tell you when it happen. Here is the boot messages: >> ... skipped ... >> Timecounters tick every 1.000 msec >> nvme cam probe device init >> ugen2.1: at usbus2 >> ugen1.1: at usbus1 >> ugen0.1: at usbus0 >> uhub0: on usbus2 >> uhub1: on usbus0 >> uhub2: on usbus1 >> uhub1: 2 ports with 2 removable, self powered >> uhub2: 2 ports with 2 removable, self powered >> uhub0: 4 ports with 4 removable, self powered >> >> <---- here screen (local monitor) goes black and machine restarted. >> >> ada0 at ata2 bus 0 scbus8 target 0 lun 0 >> ada0: ATA8-ACS SATA 3.x device >> ada0: Serial Number WD-WMC1P0D1KEHJ >> ada0: 150.000MB/s transfers (SATA 1.x, UDMA5, PIO 8192bytes) >> ada0: 1907729MB (3907029168 512 byte sectors) >> da0 at ciss0 bus 0 scbus0 target 0 lun 0 >> da0: Fixed Direct Access SCSI device >> da0: 135.168MB/s transfers >> da0: Command Queueing enabled >> da0: 858293MB (1757784604 512 byte sectors) >> Trying to mount root from ufs:/dev/da0s1a [rw]... >> >> I noticed that I can boot the *patched* kernel in single user mode. >> Removing these 3 lines from the /boot/loader.conf fixed rebooting loop >> problem: >> >> linux_load="YES" >> linprocfs_load="YES" >> linsysfs_load="YES" >> >> This machine is used as a test bench to test stuff >> before deploying on a production server. >> We need Linux emulation support on the production >> server to run closed source software... >> So... maybe this will help someone. >> >> Blaming evil penguins, >> Denis > > > > > On 21/06/2018 4:19 PM, Gordon Tetlow wrote: >> >> On Wed, Jun 20, 2018 at 11:14 PM, Denis Polygalov >> wrote: >>> >>> What I did is following: >>> >>> # uname -a >>> FreeBSD my_host_name 11.1-RELEASE-p10 FreeBSD 11.1-RELEASE-p10 #0: Tue >>> May 8 05:21:56 UTC 2018 >>> root@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC amd64 >>> >>> # freebsd-update fetch >>> Looking up update.FreeBSD.org mirrors... 3 mirrors found. >>> Fetching metadata signature for 11.1-RELEASE from update6.freebsd.org... >>> done. >>> Fetching metadata index... done. >>> Inspecting system... done. >>> Preparing to download files... done. >>> >>> The following files will be updated as part of updating to >>> 11.1-RELEASE-p11: >>> /boot/kernel/kernel >>> >>> Installing this update cause endless reboot loop. >>> >>> # cat /boot/loader.conf >>> kern.maxfiles="32768" >>> zfs_load="YES" >>> linux_load="YES" >>> linprocfs_load="YES" >>> linsysfs_load="YES" >>> >>> # dmesg |grep CPU >>> CPU: Intel(R) Xeon(TM) CPU 3.40GHz (3400.19-MHz K8-class CPU) >>> FreeBSD/SMP: Multiprocessor System Detected: 4 CPUs >>> SMP: AP CPU #1 Launched! >>> SMP: AP CPU #3 Launched! >>> SMP: AP CPU #2 Launched! >>> cpu0: on acpi0 >>> cpu1: on acpi0 >>> cpu2: on acpi0 >>> cpu3: on acpi0 >>> acpi_perf0: on cpu0 >>> est: CPU supports Enhanced Speedstep, but is not recognized. >>> est: CPU supports Enhanced Speedstep, but is not recognized. >>> est: CPU supports Enhanced Speedstep, but is not recognized. >>> >>> The machine is HP ProLiant ML350 >> >> >> Sorry to hear you are having a problem. >> >> Just to confirm, this is running on hardware and not on a Xen >> hypervisor, correct? >> >> Assuming it's running directly on the hardware, can you see if setting: >> hw.lazy_fpu_switch=1 >> in /boot/loader.conf makes any difference? >> >> Is there any panic message? >> >> Thanks, >> Gordon >> > _______________________________________________ > freebsd-security@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"