First, this only affects you if you applied the refrag.diff to an
OpenBSD 3.1-stable system.
The bridge refragmentation code that was added in OpenBSD 3.1-current
introduced two new bugs which can lead to the following kind of kernel
panics:
panic: m_copym0: m == 0 and not COPYALL
panic: m_copydata: null muf
These occur only on pf bridges when scrub is enabled. While the bugs
obviously affect stability, it's uncertain whether they can be
exploited.
The relevant code (which was itself a bugfix) was not commited to the
3.1 stable branch (due to its size), but a patch against 3.1-stable
(refrag.diff) was provided and recommended to solve the initial bridge
problem.
The bugs are now fixed in 3.2-current, but if you're running 3.1-stable
with the refrag.diff patch applied, you should revert to 3.1-stable and
apply the updated patch:
To revert the effects of the original refrag.diff
$ cd /usr/src/sys
$ rm netinet/ip_var.h netinet/ip_output.c net/if_bridge.c net/pf.c
$ cvs -d $CVSROOT -q checkout -rOPENBSD_3_1 netinet/ip_var.h
netinet/ip_output.c net/if_bridge.c net/pf.c
To apply the updated refrag.diff:
$ cd /usr/src
$ patch < refrag.diff
Rebuild kernel and reboot.
The updated refrag.diff can be found on
http://www.benzedrine.cx/refrag.diff
MD5 (refrag.diff) = 04bb3ff4fab6e160fb738b22674bfced
PGP keyID 6A3A7409
fingerprint 13 7E 9A F3 36 82 09 FE FD 57 B8 5C 2B 81 7E 1F
-----BEGIN PGP MESSAGE-----
Version: 2.6.3ia
iQCVAwUAPacnEtQ9cYxqOnQJAQENTAP9Hz8JGiih5Ddme1gb8Q31fCP/dAHh3/0L
oq5iyHwlkt20usINvei8aUtevl5oK4QszHYhRJobpI0Vl877jLpqz1JCIbfNtQa1
ME3+4WDBE0Vah1t30VNMgMtrbES6s9PMlA2dxk8u/VIwbJHNm5ZtdAcYss4DHihn
2QM6H8tFeAQ=
=zGj+
-----END PGP MESSAGE-----
Alternatively, you can update to 3.2-current (which I recommend).
I apologize for the inconvenience caused.
Daniel
