Patch-ID# 101592-09
Keywords: security ufs mapsearch corruption frag unlink quota limits
Synopsis: SunOS 4.1.3_U1: UFS File System Patch 
Date: Dec/03/97

Solaris Release: 1.1.1A

SunOS Release: 4.1.3_U1A

Unbundled Product: 

Unbundled Release: 

BugId's fixed with this patch:  1243416 1122110 1198894 1146022 1118195 1121151 1118195 1141100 1104800 1086371 1078771 1115083 1113852 1161351 1178842 1172008 1170918 1183488 1142151 1182440 4034187

Changes incorporated in this version: 4034187          

Relevant Architecture: sparc
    NOTE: sun4 sun4c sun4m

Patches which may conflict with this patch:  

Other patches this accumulates and obsoletes: 101793-01 101445-01 101784-04

Obsoleted by: 

Files included with this patch: 
README 
sun4/rpc.lockd
sun4/rpc.statd
sun4/ufs_lockf.o
sun4/ufs_vnodeops.o
sun4/ufs_dir.o
sun4/quota_ufs.o
sun4c/rpc.lockd
sun4c/rpc.statd
sun4c/ufs_lockf.o
sun4c/ufs_vnodeops.o
sun4c/ufs_dir.o
sun4c/quota_ufs.o
sun4m/rpc.lockd
sun4m/rpc.statd
sun4m/ufs_lockf.o
sun4m/ufs_vnodeops.o
sun4m/ufs_dir.o
sun4m/quota_ufs.o
ufs/lockf.h

Problem Description: 

-09 Rev: 4034187 buffer overflow in statd allows root attack

-08 Rev: 1142151 rpc.lockd may core dump after going through reclaim
         1182440  clients dump core and lockd server hangs

-07 Rev: 1243416 statd security problem

-06 Rev:         Source for sun4 architecture recompiled due to errors 
	         with 101592-04 and -05. 

-05 Rev: 
	1104800: When a user's process has no controlling terminal and
       		 is the cause for the user exceeding his disk quotas,
        	 error messages are sent to the console. The messages now
         	 display the uid of the user and pid of offending process.
 	1183488: The system panics when the application which uses
                 Informix version 5 is running.
        1086371: rpc.lockd does not respond correctly to lock requests
                    from machines in other DNS
        1078771: nfs locking can't crash recover across domains
        1115083: PC client locks not freed on client reboot
        1113852: rpc.lockd dumps core in routine proc_priv_crash()
        1161351: Under a reasonable load the lock daemon deadlocks.
        1178842: Patch 101784-02 causes Assertion failed panic under 4.1.3_U1    
        1172008: 4.1.3_U1 fcntl behaves differently between local and NFS locking
        1170918: file locking on remotely mounted r/o cdrom fails


-04 Rev:
	1141100: Machine panics with irele when doing a unlink

-03, -02 & -01 Rev:
	1198894: System panics (mapsearch freeing free frag) when users hit
            	 quota limits on 4.x.
	1146022: Mandatory locking gets set when it shouldn't.
	1118195: Panic: ifree: freeing free inode.
	1121151: Panic: alloccgblk: can't find blk in cyl.
	1126760: Write() requests which fail due to ENOSPC will 
       		 still set the file size.
	1122110: Fsck fails to fix a corrupted directory after a ufs panic.


Patch Installation Instructions: 

AS ROOT:

1. FOR BOTH NON-DBE AND DBE INSTALLATIONS:

Save FCS version of the file:

mv /sys/`arch -k`/OBJ/ufs_vnodeops.o /sys/`arch -k`/OBJ/ufs_vnodeops.o.FCS
mv /sys/`arch -k`/OBJ/ufs_dir.o      /sys/`arch -k`/OBJ/ufs_dir.o.FCS
mv /sys/`arch -k`/OBJ/ufs_lockf.o    /sys/`arch -k`/OBJ/ufs_lockf.o.FCS
mv /sys/`arch -k`/OBJ/quota_ufs.o    /sys/`arch -k`/OBJ/quota_ufs.o.FCS
mv /usr/etc/rpc.lockd                /usr/etc/rpc.lockd.FCS
mv /usr/etc/rpc.statd                /usr/etc/rpc.statd.FCS
mv /sys/ufs/lockf.h                  /sys/ufs/lockf.h.FCS
mv /usr/include/ufs/lockf.h          /usr/include/ufs/lockf.h.FCS


2. Copy the patched file:

cp ufs/lockf.h   /sys/ufs
cp ufs/lockf.h   /usr/include/ufs
cp `arch -k`/rpc.lockd /usr/etc/rpc.lockd
cp `arch -k`/rpc.statd /usr/etc/rpc.statd
cp `arch -k`/ufs_lockf.o    /sys/`arch -k`/OBJ
cp `arch -k`/ufs_dir.o      /sys/`arch -k`/OBJ
cp `arch -k`/ufs_vnodeops.o /sys/`arch -k`/OBJ
cp `arch -k`/quota_ufs.o    /sys/`arch -k`/OBJ

3. Set proper permissions and ownership:

chmod 755        /usr/etc/rpc.lockd /usr/etc/rpc.statd
chown root.staff /usr/etc/rpc.lockd /usr/etc/rpc.statd

chmod 444        /usr/include/ufs/lockf.h
chown root.staff /usr/include/ufs/lockf.h

chmod 444        /sys/ufs/lockf.h
chown root.staff /sys/ufs/lockf.h

chmod 444        /sys/`arch -k`/OBJ/ufs_*.o
chown root.staff /sys/`arch -k`/OBJ/ufs_*.o

chmod 444        /sys/`arch -k`/OBJ/quota_ufs.o
chown root.staff /sys/`arch -k`/OBJ/quota_ufs.o


3. Rebuild the kernel and reboot the system with the new kernel.

Please refer to the System and Networking Administration Manual
for details on building and installing a custom kernel.
