Xen project Mailing List

Re: [Xen-users] are Xen 3.1.0 kernels CVE-2007-4573 vulnerable

From: Mark Williamson <mark.williamson@xxxxxxxxxxxx>

Date: Fri, 5 Oct 2007 03:10:35 +0100

Cc: Steven Timm <timm@xxxxxxxx>, "Fajar A. Nugraha" <fajar@xxxxxxxxxxxxx>

Delivery-date: Thu, 04 Oct 2007 19:11:38 -0700

List-id: Xen user discussion <xen-users.lists.xensource.com>

> I guess what I am really trying to get at is the following: > What, if anything, of the Xen code base is built into > the kernel rpms that redhat 5 and friends distribute as kernel-xen > (for instance, kernel-xen-2.6.18-8.1.14.el5, just released > to patch the vulnerability that started this thread). > Is there anything that's version specific? Is there anything > that ties it to xen 3.0.3? How can I look at the kernel config > files and tell the difference, if necessary? For a long time, Xen, dom0's kernel and the dom0 tools had to be compiled from the same source tree in order to work together. Some time after Xen 3.0.3, (the 3.0.4 release if I recall correctly) the dom0 kernel was decoupled from this, so that from that point on you could use any released dom0 kernel with any subsequent version of Xen and the tools. However, you will not necessarily get full functionality unless you use a new enough dom0 kernel. In short: that kernel probably needs to be matched with a 3.0.3 Xen and tools in order for things to work properly. > I went and got the kernels from xensource that were compiled with > xen 3.1.0 because people on this list told me that this was required > to do what I wanted to do, namely 64bit dom0 plus 32bit PAE domU's. I think that was probably me :-) > I understand that a xen 3.0.3-compiled kernel could be a domU in this > setup but not a dom0. Is this understanding wrong? It definitely couldn't be a dom0. Actually, a 3.0.3 kernel quite possibly wouldn't boot in 32-bit mode on a 64-bit Xen from the 3.1 release. That's because of a fix that hadn't yet been pushed at release time - when 3.1 came out, your 32-bit compat mode kernel needed to be a recent one or it wouldn't work. The compatibility for older kernels was added later, so it'll be in xen-unstable and I guess it'll probably be in 3.1.1. Sorry for getting bogged down in a confusing sea of version numbers here. It's partly because the interfaces keep changing, and because which interfaces can change is also changing :-) I'm not sure I'm in a very good state to be coherent, so I'll stop here. If I don't make sense, please ask more questions. Cheers, Mark -- Dave: Just a question. What use is a unicyle with no seat? And no pedals! Mark: To answer a question with a question: What use is a skateboard? Dave: Skateboards have wheels. Mark: My wheel has a wheel! _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.