Date: Wed, 7 Mar 2018 15:00:58 +0100 (CET) From: =?ISO-8859-1?Q?Trond_Endrest=F8l?= <Trond.Endrestol@fagskolen.gjovik.no> To: freebsd-security@freebsd.org Subject: Re: [FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-18:02.ntp Message-ID: <alpine.BSF.2.21.1803071453480.97064@mail.fig.ol.no> In-Reply-To: <B400F3D2-CDC0-43DD-B1B7-9DB63EF00270@FreeBSD.org> References: <20180307071008.B1366447B@freefall.freebsd.org> <3E55483F-40C9-478D-8539-B5B6C3C60FEA@FreeBSD.org> <B400F3D2-CDC0-43DD-B1B7-9DB63EF00270@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 7 Mar 2018 14:30+0100, Remko Lodder wrote: > > On 7 Mar 2018, at 12:50, David Chisnall <theraven@FreeBSD.org> wrote: > > > > Were these changes and the kernel changes tested together on Xen? > > After updating to -p7, I get about 10 seconds of uptime on a Xen > > VM before the kernel panics with a double fault and reboots. > > Disabling ntpd results in a stable system. On an AMD system > > without a hypervisor, I don’t see any instability. > > Hi David, > > We have no Xen setup as far as I know so in short; these changes were not tested on Xen as far as I know. > > Cheers > Remko Here's one of my systems, running ntpd on stable/11 r330228 on XenServer 7.3, and there have been no issues so far. Timekeeping is as good as can be expected. The XenServer host has Intel CPUs. $ uname -aKU FreeBSD somehost 11.1-STABLE FreeBSD 11.1-STABLE #0 r330228: Thu Mar 1 10:58:45 CET 2018 root@somehost:/usr/obj/usr/src/sys/XENGUEST amd64 1101511 1101511 $ w | head -1 2:18p.m. up 5 days, 1:23, 1 user, load averages: 0,18 0,20 0,17 Note, I run a custom kernel eliminating most of the unneeded stuff when running as a/an Xen guest, see https://ximalas.info/~trond/create-zfs/canmount/XENGUEST-amd64-stable-11 for details. -- Trond. From owner-freebsd-security@freebsd.org Wed Mar 7 13:29:29 2018 Return-Path: <owner-freebsd-security@freebsd.org> Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B58CBF2BCF1 for <freebsd-security@mailman.ysv.freebsd.org>; Wed, 7 Mar 2018 13:29:29 +0000 (UTC) (envelope-from remko@elvandar.org) Received: from smtp-out.elvandar.org (smtp-out.elvandar.org [IPv6:2a01:7c8:aaba:ae::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 46A127318B; Wed, 7 Mar 2018 13:29:29 +0000 (UTC) (envelope-from remko@elvandar.org) Received: from mail2.jr-hosting.nl (mail-out.elvandar.org [IPv6:2a01:4f8:150:4451::2:25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp-out.elvandar.org (Postfix) with ESMTPS id C1B1E4709A7; Wed, 7 Mar 2018 14:29:26 +0100 (CET) Received: from [172.20.20.62] (unknown [178.22.83.175]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail2.jr-hosting.org (Postfix) with ESMTPSA id B4DC81A6AAA; Wed, 7 Mar 2018 14:29:24 +0100 (CET) From: Remko Lodder <remko@elvandar.org> Message-Id: <E1DB2430-785B-4158-88E8-E72EA995AFC9@elvandar.org> Content-Type: multipart/signed; boundary="Apple-Mail=_0426FA00-4B9E-486B-812A-82755615EBCB"; protocol="application/pgp-signature"; micalg=pgp-sha512 Mime-Version: 1.0 (Mac OS X Mail 11.2 \(3445.5.20\)) Subject: Re: [FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-18:02.ntp Date: Wed, 7 Mar 2018 14:29:23 +0100 In-Reply-To: <3E55483F-40C9-478D-8539-B5B6C3C60FEA@FreeBSD.org> Cc: freebsd-security@freebsd.org To: David Chisnall <theraven@FreeBSD.org> References: <20180307071008.B1366447B@freefall.freebsd.org> <3E55483F-40C9-478D-8539-B5B6C3C60FEA@FreeBSD.org> X-Mailer: Apple Mail (2.3445.5.20) X-Spamd-Result: default: False [-2.51 / 15.00] ARC_NA(0.00)[] HAS_ATTACHMENT(0.00)[] RCVD_VIA_SMTP_AUTH(0.00)[] FROM_EQ_ENVFROM(0.00)[] MX_GOOD(-0.01)[cached: mx1.elvandar.org] MIME_GOOD(-0.20)[multipart/signed,text/plain] RCPT_COUNT_TWO(0.00)[2] DMARC_POLICY_SOFTFAIL(0.10)[elvandar.org : No valid SPF, No valid DKIM,none] ONCE_RECEIVED(0.10)[] RCVD_COUNT_ONE(0.00)[1] BAYES_HAM(-3.00)[100.00%] MV_CASE(0.50)[] R_DKIM_NA(0.00)[] FROM_HAS_DN(0.00)[] TO_DN_SOME(0.00)[] TO_MATCH_ENVRCPT_ALL(0.00)[] MID_RHS_MATCH_FROM(0.00)[] RCVD_TLS_ALL(0.00)[] X-Rspamd-Server: glamredhel.elvandar.org X-Mailman-Approved-At: Wed, 07 Mar 2018 14:31:05 +0000 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: "Security issues \[members-only posting\]" <freebsd-security.freebsd.org> List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-security>, <mailto:freebsd-security-request@freebsd.org?subject=unsubscribe> List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security/>; List-Post: <mailto:freebsd-security@freebsd.org> List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help> List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-security>, <mailto:freebsd-security-request@freebsd.org?subject=subscribe> X-List-Received-Date: Wed, 07 Mar 2018 13:29:30 -0000 --Apple-Mail=_0426FA00-4B9E-486B-812A-82755615EBCB Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 > On 7 Mar 2018, at 12:50, David Chisnall <theraven@FreeBSD.org> wrote: >=20 > Were these changes and the kernel changes tested together on Xen? = After updating to -p7, I get about 10 seconds of uptime on a Xen VM = before the kernel panics with a double fault and reboots. Disabling = ntpd results in a stable system. On an AMD system without a hypervisor, = I don=E2=80=99t see any instability. >=20 > David >=20 >>=20 Hi David, We have no Xen setup as far as I know so in short; these changes were = not tested on Xen as far as I know. Cheers Remko --Apple-Mail=_0426FA00-4B9E-486B-812A-82755615EBCB Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEUZm6tSR1fPPy/V/fqMPbslnzjLAFAlqf6TMACgkQqMPbslnz jLAqGRAAr3dl81D0M/JVIumsz4FemhPKn+zarf6Hf8jZjmj8hp+Bbho1mjwOK5Cg l4ogOFKR06H0aYJb3CROXYA8D9TNsH6aYV8FfvWHofPauS4VzoguIjUg8a/ZVxKr z+9szqVgQcDYCpIkOoMIy9fxzV1dpIp3JBLU+z+aezA+Tvy5Sy/ybtuiUeek+E2E Txbi0K2v2JgLCLxZnJ+BgElEf1SpNvClz6QdNjLxM4MO0R3iv/smdGTm757VgWEe KRN7hvFXzROXe7UMtrcnHQOddi1nHl9WOTy4kas9YVulaBC9I4XmM7tFHKHLLgH6 RC7BpMztjczK/ntxo95zbJsrUngKk0wvVmEzttMTEekCHC6WMNn6jb0PD6pZY8j6 xpeOL/3MJV+N+Sx/bqiWUWJ0gC7U4+Yc4U7YhUeFH3Hsgz4JmfD/N989FFJedJIA L/SayNdZTR39rWfdYCbcGrWpHM6ZDeRjQQ8V8/xXpPncrZpQuh5MjLcgmsl6zqjP gHU8vwcV1nfG82dO5j6qbcerlEVUvDexjlwe9ihYDFbto+lKUzB/aAiMyr4SudXa crT8E/v/NAwOLClTs/Nqdy4d3vxvO13wHIY+aoDff5dSkmxZOJc1DzHUC7CXBNX+ +s02esfTeQrrT5EuWMRn5S4pSy64yuXBX5dO6yVusXFejAosh7A= =YlTy -----END PGP SIGNATURE----- --Apple-Mail=_0426FA00-4B9E-486B-812A-82755615EBCB--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.2.21.1803071453480.97064>