Skip site navigation (1)Skip section navigation (2)
Date:      Wed,  5 Nov 2014 01:42:31 +0100 (CET)
From:      FreeBSD Errata Notices <errata-notices@freebsd.org>
To:        FreeBSD Errata Notices <errata-notices@freebsd.org>
Subject:   [FreeBSD-Announce] FreeBSD Errata Notice FreeBSD-EN-14:12.zfs
Message-ID:  <20141105004231.902AE10E5@nine.des.no>

next in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

=============================================================================
FreeBSD-EN-14:12.zfs                                            Errata Notice
                                                          The FreeBSD Project

Topic:          NFSv4 and ZFS cache consistency issue

Category:       contrib
Module:         zfs
Announced:      2011-11-04
Credits:        Bart Hsiao, Marcelo Araujo, Kevin Buhr
Affects:        All supported versions of FreeBSD.
Corrected:      2014-10-07 06:00:09 UTC (stable/10, 10.0-STABLE)
                2014-10-15 06:31:08 UTC (releng/10.1, 10.1-RC2)
                2014-11-04 23:31:17 UTC (releng/10.0, 10.0-RELEASE-p12)
                2014-10-07 06:00:32 UTC (stable/9, 9.3-STABLE)
                2014-11-04 23:33:46 UTC (releng/9.3, 9.3-RELEASE-p5)
                2014-11-04 23:33:17 UTC (releng/9.2, 9.2-RELEASE-p15)
                2014-11-04 23:32:45 UTC (releng/9.1, 9.1-RELEASE-p22)
                2014-11-04 23:30:23 UTC (stable/8, 8.4-STABLE)
                2014-11-04 23:32:15 UTC (releng/8.4, 8.4-RELEASE-p19)

For general information regarding FreeBSD Errata Notices and Security
Advisories, including descriptions of the fields above, security
branches, and the following sections, please visit
<URL:http://security.freebsd.org/>.

I.   Background

The Network File System (NFS) allows a host to export some or all of
its file systems that can be any kind of file systems such like UFS, ZFS
etcetera, so that other hosts can access them over the network and mount
them as if they were on local disks.

II.  Problem Description

In a configuration where two or more clients mount a ZFS file system over
NFSv4 from a FreeBSD server, if client1 caches a directory listing and a
file in the directory is renamed on client2, then client1 can end up in
a state where the cached but incorrect directory contents persists indefinitely
and is never updated.

III. Impact

When client2 renames a file or directory, client1 does not receive the
changed attributes and never does a READDIR to get the updated contents.
This could result in a client that has incorrect information about the
actual content of the mounted file system.

IV.  Workaround

No workaround is available.

V.   Solution

Perform one of the following:

1) Upgrade your system to a supported FreeBSD stable or release / security
branch (releng) dated after the correction date.

2) To update your system via a binary patch:

Systems running a RELEASE version of FreeBSD on the i386 or amd64
platforms can be updated via the freebsd-update(8) utility:

# freebsd-update fetch
# freebsd-update install

3) To update your present system via a source code patch:

The following patches have been verified to apply to the applicable
FreeBSD release branches.

a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.

# fetch http://security.FreeBSD.org/patches/EN-14:12/zfs.patch
# fetch http://security.FreeBSD.org/patches/EN-14:12/zfs.patch.asc
# gpg --verify zfs.patch.asc

b) Apply the patch.  Execute the following commands as root:

# cd /usr/src
# patch < /path/to/zfs.patch

c) Recompile your kernel as described in
<URL:http://www.FreeBSD.org/handbook/kernelconfig.html>; and reboot the
system.

VI.  Correction details

The following list contains the revision numbers of each file that was
corrected in FreeBSD.

Branch/path                                                      Revision
- -------------------------------------------------------------------------
stable/8/                                                         r274108
releng/8.4/                                                       r274111
stable/9/                                                         r272677
releng/9.1/                                                       r274112
releng/9.2/                                                       r274113
releng/9.3/                                                       r274114
stable/10/                                                        r272676
releng/10.0/                                                      r274110
releng/10.1/                                                      r273122
- -------------------------------------------------------------------------

To see which files were modified by a particular revision, run the
following command, replacing NNNNNN with the revision number, on a
machine with Subversion installed:

# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base

Or visit the following URL, replacing NNNNNN with the revision number:

<URL:http://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>;

VII. References

The latest revision of this Errata Notice is available at
http://security.FreeBSD.org/advisories/FreeBSD-EN-14:12.zfs.asc
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJUWWUOAAoJEO1n7NZdz2rn9KsQAIw7xhRYGUQ+SwIl6E8Tzodd
bx/VkTLOgcDrGSNqREzkgNeTtWXOXRwibZpBVXl8sglf+WPtZsnGcCALze9CiS14
boesjajpl7znqJ8zDpIU3qMdFsEOB5Ky3KDTQgCMEygAJrOxASGv6TCOT/3e1hRr
Ez0+32dnqooxNRJjHA0t+t+gBszFFLV1PbstpaCOOAsZpmNMtJGbhsydF/aKcK17
dcNaOKjMPB4SDGMx+dcZqS8bToEXfe0lwOGiEDAavVCyMx5zyie2bGfUWEI2bpu5
1VcOtnMxpKlgJdEOIbFI0RXdj4CujLbfwNBnDGLELcCZsPtoWJQZHDmDXK5pkEof
6aOHqqmZrFsI9V81ymVbQYYSHF67ZeRZB3CotC8trQn+tnxK1l0s6KF0FzSHQigU
y1Q1vErOKuzPEcrD7sp7xTS3VAQ1a7/uGY6KcTSrJu7xwrJe8KRNvufokgnzU3D4
X/O/L7TxvjTmTu1T2882mMIrtpALf/tjGwW32ksUnXo6RiwByvaalO9ObEBPYzGQ
C9xG3ggfqhyHDlw21VhCjZF5hQ7xUnBKHjT60LbGMB5llaN1DUN6HRT9rCbeN4gP
5eJalL2x1NLT1XVCBYlq1IhE6vTcnTdVVcGRBJQbPnfqivrDzBfIFzhy/4tc1J7K
IkJAwk+aThuF3j3xnt+z
=lQAP
-----END PGP SIGNATURE-----



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20141105004231.902AE10E5>