Attachment 246560 Details for Bug 275215 – 275270 EN text

275270 EN text

errata-275270.txt (text/plain), 5.44 KB, created by Dimitry Andric on 2023-11-25 11:03:13 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Dimitry Andric

Created: 2023-11-25 11:03:13 UTC

Size: 5.44 KB

patch

obsolete

>=============================================================================
>FreeBSD-EN-ERRATA_TEMPLATE                                      Errata Notice
>                                                          The FreeBSD Project
>
>Topic:
>
>Category:       contrib
>Module:         compiler-rt
>Announced:      2023-XX-XX
>Credits:
>Affects:        FreeBSD 13.2, FreeBSD 14.0
>Corrected:      2023-XX-XX XX:XX:XX UTC (stable/14, 14.0-STABLE)
>                2023-XX-XX XX:XX:XX UTC (releng/14.0, 14.0-RELEASE-pXX)
>                2023-XX-XX XX:XX:XX UTC (stable/13, 13.2-STABLE)
>                2023-XX-XX XX:XX:XX UTC (releng/13.2, 13.2-RELEASE-pXX)
>
>For general information regarding FreeBSD Errata Notices and Security
>Advisories, including descriptions of the fields above, security
>branches, and the following sections, please visit
><URL:https://security.FreeBSD.org/>.
>
>I.   Background
>
>Compiler-RT is an implementation of various compiler runtime support routines,
>provided by the LLVM project. This library also provides a number of so-called
>Sanitizers, which help to catch buffer overruns, thread data races, and so on:
>AddressSanitizer, ThreadSanitizer, UndefinedBehaviorSanitizer, and more.
>
>II.  Problem Description
>
>Some of the Sanitizers cannot work correctly when ASLR is enabled. Therefore, at
>the initialization of such Sanitizers, ASLR is detected via procctl(2). If ASLR
>is enabled, it is first disabled, and then the main executable containing the
>Sanitizer is re-executed, after printing an appropriate message.
>
>However, the Sanitizers work by intercepting various function calls, and by
>mistake the already-intercepted procctl(2) function was used. This causes an
>internal error, which usually results in a segfault.
>
>III. Impact
>
>Binaries linked to AddressSanitizer (using -fsanitize=address), MemorySanitizer
>(using -fsanitize=memory) or ThreadSanitizer (using -fsanitize=thread) can crash
>at startup with a segfault, if ASLR is enabled. Other binaries are not affected.
>
>IV.  Workaround
>
>If ASLR is enabled system-wide, the problem can be worked around by running the
>specific binary with proccontrol(1), to temporarily disable ASLR for only that
>program. For example:
>
>   proccontrol -m aslr -s disable /path/to/example_program
>
>V.   Solution
>
>Upgrade your system to a supported FreeBSD stable or release / security
>branch (releng) dated after the correction date.
>
>No reboot is necessary, but Sanitized binaries must be re-linked, because the
>Sanitizer libraries are statically linked in.
>
>Perform one of the following:
>
>1) To update your system via a binary patch:
>
>Systems running a RELEASE version of FreeBSD on the amd64 or arm64 platforms,
>or the i386 platform on FreeBSD 13 and earlier, can be updated via
>the freebsd-update(8) utility:
>
># freebsd-update fetch
># freebsd-update install
>
>No reboot is necessary, but Sanitized binaries must be re-linked, because the
>Sanitizer libraries are statically linked in.
>
>2) To update your system via a source code patch:
>
>The following patches have been verified to apply to the applicable
>FreeBSD release branches.
>
>a) Download the relevant patch from the location below, and verify the
>detached PGP signature using your PGP utility.
>
>[FreeBSD 12.4]
># fetch https://security.FreeBSD.org/patches/EN-XX:XX/XXXX.patch
># fetch https://security.FreeBSD.org/patches/EN-XX:XX/XXXX.patch.asc
># gpg --verify XXXX.patch.asc
>
>b) Apply the patch.  Execute the following commands as root:
>
># cd /usr/src
># patch < /path/to/patch
>
><for a userland utility:>
>
>c) Recompile the operating system using buildworld and installworld as
>described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.
>
><for a daemons>
>
>c) Recompile the operating system using buildworld and installworld as
>described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.
>
>Restart the applicable daemons, or reboot the system.
>
><for a common library>
>
>c) Recompile the operating system using buildworld and installworld as
>described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.
>
>Restart all daemons that use the library, or reboot the system.
>
><for a kernel bug:>
>
>c) Recompile your kernel as described in
><URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
>system.
>
>VI.  Correction details
>
>This issue is corrected as of the corresponding Git commit hash or Subversion
>revision number in the following stable and release branches:
>
>Branch/path                             Hash                     Revision
>-------------------------------------------------------------------------
>stable/14/                              XXXXXXXXXXXX    stable/14-nXXXXXX
>releng/14.0/                            XXXXXXXXXXXX  releng/14.0-nXXXXXX
>stable/13/                              XXXXXXXXXXXX    stable/13-nXXXXXX
>releng/13.2/                            XXXXXXXXXXXX  releng/13.2-nXXXXXX
>-------------------------------------------------------------------------
>
>For FreeBSD 13 and later:
>
>Run the following command to see which files were modified by a
>particular commit:
>
># git show --stat <commit hash>
>
>Or visit the following URL, replacing NNNNNN with the hash:
>
><URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>
>
>To determine the commit count in a working tree (for comparison against
>nNNNNNN in the table above), run:
>
># git rev-list --count --first-parent HEAD
>
>VII. References
>
><other info on the problem>
>
><URL:https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=XXXXXX>
>
>The latest revision of this advisory is available at
><URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-XX:XX.XXXXX.asc>

Actions: View

Attachments on bug 275215: 246547 | 246560