[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] are Xen 3.1.0 kernels CVE-2007-4573 vulnerable

Mark Williamson wrote:
>> I understand that a xen 3.0.3-compiled kernel could be a domU in this
>> setup but not a dom0.  Is this understanding wrong?
> It definitely couldn't be a dom0.
And why is that?
My current testing seems to works OK. Should I expect some bugs to
pop-out later?

> Actually, a 3.0.3 kernel quite possibly wouldn't boot in 32-bit mode on a 
> 64-bit Xen from the 3.1 release.  That's because of a fix that hadn't yet 
> been pushed at release time - when 3.1 came out, your 32-bit compat mode 
> kernel needed to be a recent one or it wouldn't work.  The compatibility for 
> older kernels was added later, so it'll be in xen-unstable and I guess it'll 
> probably be in 3.1.1.

Which changeset are you refering to?
Searching for "32 compat" on
http://xenbits.xensource.com/xen-unstable.hg, I found these comments
which seems relevant :
- [32on64] Copy the right grant table status code back to the guest.
- [32on64 kexec] Add an explicit local branch after re-enabling paging
- 32-on-64: Fix error path where we fail to successfully switch a guest
- 32-on-64: Fix error path from memory_op() hypercall.
- Further fixes for 32on64 bit kexec.
- Fix 32on64 kexec trampoline. This was broken when Xen was modified to

all of which are also in xen-3.1-testing.hg



Xen-users mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.