Hi,
In some instances, we have found that where softdep has been placed on
file systems that are used as part of the KARL process, incomplete
writes have occurred (not committed to storage correctly) prior to
reboot. Files affected have been /bsd,
/usr/share/compile/GENERIC/relink.log and /var/db/kernel.SHA256. This
has lead to failed reboots (not being able to get to the remote host due
to malformed kernel), host complaints during boot because of mismatched
SHA256 sums and truncated logs of null after reboot.
I don't believe this is a bug, more of an unexpected consequence of
using softdep. Users should be recommended to use it [softdep] only on
file systems that would benefit from its features and not blindly apply
it to every file system.
Below are patches to applicable documentation recommending not to enable
softdep on file systems containing the files above. After significant
testing, not enabling softdep on these file systems fixed our problems
for reboots and after syspatch. The only time I could error messages now
is executing a reboot immediately after the login prompt became active
on the console, however none of the above files were affected.
Raw patch files:
https://dnld.ar18.org/pub/OpenBSD/wip/mount.8.patch
https://dnld.ar18.org/pub/OpenBSD/wip/faq14.patch
Cheers,
Jason.
Index: sbin/mount/mount.8
===================================================================
RCS file: /cvs/src/sbin/mount/mount.8,v
retrieving revision 1.89
diff -u -p -u -r1.89 mount.8
--- sbin/mount/mount.8 18 Jan 2018 08:57:12 -0000 1.89
+++ sbin/mount/mount.8 18 Feb 2018 00:37:55 -0000
@@ -229,6 +229,11 @@ This option is ignored when using the
.Fl u
flag and a file system is already mounted read/write.
.Pp
+It is recommended not to use
+.Ic softdep
+on file systems that are part of the Kernel Address Randomized Link (KARL)
+process such as /, /usr/share/compile and /var/db.
+.Pp
The options
.Ic async
and
Index: faq/faq14.html
===================================================================
RCS file: /cvs/www/faq/faq14.html,v
retrieving revision 1.375
diff -u -p -u -r1.375 faq14.html
--- faq/faq14.html 5 Feb 2018 00:41:27 -0000 1.375
+++ faq/faq14.html 18 Feb 2018 00:25:02 -0000
@@ -321,6 +321,13 @@ with soft updates.
<blockquote><pre>
/dev/sd0a / ffs rw,softdep 1 1
</pre></blockquote>
+<p>
+It is suggested that soft updates are not enabled on file systems that
+are used as part of the Kernel Address Randomized Link (KARL) process.
+These include root (/), /usr/share/compile and /var/db. Incomplete
+write commits to these file systems prior to reboot have been observed
+in some use cases, causing the system to hang on reboot and manual
+remediation required via the system console.
<h2 id="altroot">Root partition backup (/altroot)</h2>
