-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

=============================================================================
FreeBSD-EN-14:05.ciss                                           Errata Notice
                                                          The FreeBSD Project

Topic:          data corruption with ciss(4)

Category:       core
Module:         ciss
Announced:      2014-05-13
Credits:        Sean Bruno
Affects:        FreeBSD 10.x and FreeBSD 9.x
Corrected:      2014-04-15 17:52:22 UTC (stable/9, 9.2-STABLE)
                2014-05-13 23:24:14 UTC (releng/9.2, 9.2-RELEASE-p6)
                2014-05-13 23:24:14 UTC (releng/9.1, 9.1-RELEASE-p13)
                2014-04-15 17:49:47 UTC (stable/10, 10.0-STABLE)
                2014-05-13 23:22:28 UTC (releng/10.0, 10.0-RELEASE-p3)

For general information regarding FreeBSD Errata Notices and Security
Advisories, including descriptions of the fields above, security
branches, and the following sections, please visit
<URL:http://security.freebsd.org/>.

I.   Background

The ciss driver supports HP Smart Array line of hardware RAID controllers.

II.  Problem Description

There is a programming error discovered in the ciss(4) driver, where a missing
lock can trigger a failed assertion when the volume state changes, such as
disk failure or a disk rebuild.

III. Impact

Systems using the ciss(4) driver may experience system crashes or data
corruption when the volume state change.

IV.  Workaround

No workaround is available, but systems that do not use ciss(4) devices are
not affected.

V.   Solution

Perform one of the following:

1) Upgrade your system to a supported FreeBSD stable or release / security
branch (releng) dated after the correction date.

2) To update your present system via a source code patch:

The following patches have been verified to apply to the applicable
FreeBSD release branches.

a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.

# fetch http://security.FreeBSD.org/patches/EN-14:05/ciss.patch
# fetch http://security.FreeBSD.org/patches/EN-14:05/ciss.patch.asc
# gpg --verify ciss-10.patch.asc

b) Apply the patch.

# cd /usr/src
# patch < /path/to/patch

c) Recompile your kernel as described in
<URL:http://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
system.

3) To update your system via a binary patch:

Systems running a RELEASE version of FreeBSD on the i386 or amd64
platforms can be updated via the freebsd-update(8) utility:

# freebsd-update fetch
# freebsd-update install

VI.  Correction details

The following list contains the revision numbers of each file that was
corrected in FreeBSD.

Branch/path                                                      Revision
- -------------------------------------------------------------------------
stable/9/                                                         r264511
releng/9.1/                                                       r265988
releng/9.2/                                                       r265988
stable/10/                                                        r264510
releng/10.0/                                                      r265987
- -------------------------------------------------------------------------

To see which files were modified by a particular revision, run the
following command, replacing NNNNNN with the revision number, on a
machine with Subversion installed:

# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base

Or visit the following URL, replacing NNNNNN with the revision number:

<URL:http://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>

VII. References

The latest revision of this Errata Notice is available at
http://security.FreeBSD.org/advisories/FreeBSD-EN-14:05.ciss.asc

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (FreeBSD)

iQIcBAEBCgAGBQJTcq5IAAoJEO1n7NZdz2rnNqAQAJCfdCBubWSDRO/dsSaqK6yT
bnPY4Xly523ABRCQySe0vajSIK1qqfE0bAmhYa/7BTMqyJKz0BRhx819D8SiWNS9
Hdy4yU/hOjBkbT6KAtpBaSUNXX4ODWaNbd78c+uDSvj9UeQgrunAQC7OJR6iYWuq
25fBUXgovSr4g9puNyBs8sH+c7IzbG4HvhoPrjRDwdasEyCBzx6RggpnxusfVsd9
91Eg/WPG3hIJW6kaHOWWeVwz4vCRZjv0u7myeJBcAa7gcwDX/J2DHeDrG60O3BNY
/fZT2UcfDxE0rEVuVnV3Vc0XkIQjuNk7G9SkGjH4Zdx+I34UT05cxU5ZrdpKNiGL
fjbo4H/KBML4agRGAPzeo3KU3rxOUmss+mh7Mu+CVoZP5uQUr1sEUkfQ+FkJjjbv
es47Ij6ZmfGyUPuVKVCW34bXm6Ieyc0QZ10kRv8paOmPsWBA+WYWGibEhvwp5v0p
AHdlGGO/FpOac4h/YEqOh6ryN8QldjCI+SCqkfs38DjeTX5IWecgax586oH7BpJm
RGc/fgx3YSO8tmMaTwKZm5VVlujsld6t95XrA2dGWOhiWcRsoWGs+SaUTNf5Y0Te
k2vD7tMsk37PG4jbp7pk4FH2Mfb9KRHe82ebdOnkOj4C5kWIB8FwYJyMIjDl3C4r
OdXZDrbyKh/swjJZJIuP
=orSF
-----END PGP SIGNATURE-----