[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] are Xen 3.1.0 kernels CVE-2007-4573 vulnerable

> Mark Williamson wrote:
> >> I understand that a xen 3.0.3-compiled kernel could be a domU in this
> >> setup but not a dom0.  Is this understanding wrong?
> >
> > It definitely couldn't be a dom0.
>
> And why is that?
> My current testing seems to works OK. Should I expect some bugs to
> pop-out later?


Hmmm OK.  I *thought* the dom0 interface had changed again between 3.0.3 and 
3.1, which would suggest that at least some things wouldn't work.  Maybe I'm 
mistaken...

> > Actually, a 3.0.3 kernel quite possibly wouldn't boot in 32-bit mode on a
> > 64-bit Xen from the 3.1 release.  That's because of a fix that hadn't yet
> > been pushed at release time - when 3.1 came out, your 32-bit compat mode
> > kernel needed to be a recent one or it wouldn't work.  The compatibility
> > for older kernels was added later, so it'll be in xen-unstable and I
> > guess it'll probably be in 3.1.1.
>
> Which changeset are you refering to?
>
> Searching for "32 compat" on
> http://xenbits.xensource.com/xen-unstable.hg, I found these comments
> which seems relevant :
> - [32on64] Copy the right grant table status code back to the guest.
> - [32on64 kexec] Add an explicit local branch after re-enabling paging
> - 32-on-64: Fix error path where we fail to successfully switch a guest
> - 32-on-64: Fix error path from memory_op() hypercall.
> - Further fixes for 32on64 bit kexec.
> - Fix 32on64 kexec trampoline. This was broken when Xen was modified to

I'm not clear on exact changesets.  I understand the developments were along 
the following lines:

First support for 32-on-64 was added to Xen and XenLinux; now new 32-bit PAE 
XenLinux kernels could run on 64-bit Xen.

Then Xen 3.1 was released.

Then support for older 32-bit PAE XenLinux kernels was added to the tools, 
which previously wouldn't have been able to handle them.

> all of which are also in xen-3.1-testing.hg

The fixes I was referring to may well have gone into xen-3.1-testing.hg and 
would then be going into 3.1.1 when it's released.

Cheers,
Mark

-- 
Dave: Just a question. What use is a unicyle with no seat?  And no pedals!
Mark: To answer a question with a question: What use is a skateboard?
Dave: Skateboards have wheels.
Mark: My wheel has a wheel!

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.