[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

AW: Update DomU - Debian 11 - no loader found - Invalid kernel

  • To: "xen-users@xxxxxxxxxxxxxxxxxxxx" <xen-users@xxxxxxxxxxxxxxxxxxxx>
  • From: Ronny Wagner <r.wagner@xxxxxxxxx>
  • Date: Fri, 10 Sep 2021 08:30:42 +0000
  • Accept-language: de-DE, en-US
  • Delivery-date: Fri, 10 Sep 2021 08:31:38 +0000
  • Domainkey-signature: a=rsa-sha1; c=nofws; d=licoho.de; h=from:to:subject :date:message-id:references:in-reply-to:mime-version :content-type; q=dns; s=dkim; b=Og5k3ZMizANc4Zl3gP22Rlr+mn8l5pAk v7H2uRev5Ljag6Gxfoudjx64QpP60b5N81GqSF4APinFw6JYoPT/bfKeaXPdX38d DEeeoPeDzZPHy+VwtWG0FTGnV17MdXgarGWoylUHtt3Kxm7cllyu3VUIsR4B4V+8 cRb6qk6aTUgSETfBebTVQdjyGJCLMum6Ag/IaDuBLnik5F2XHTMjZkpFZ3zV8wVZ kY/h0wXhFplFJ7zto+UUFRHTF5bDFWBnPbkMUrtEy1GQ5QPfhJRpnKoWrzXtAhXt Go5hQC/fvXf7zr0Tahza7SmFFBITi5XwGrRu0yvt1/uJqcsk7FdeTQ==
  • List-id: Xen user discussion <xen-users.lists.xenproject.org>
  • Thread-index: Adekt5lqbqjIFRkOSWeGjbByMf90lgARtKCAAEflHoA=
  • Thread-topic: Update DomU - Debian 11 - no loader found - Invalid kernel
Thank you very very much!!! Thats it, the crossgrade!!!

Greetinx
Ronny

-----Ursprüngliche Nachricht-----
Von: Xen-users <xen-users-bounces@xxxxxxxxxxxxxxxxxxxx> Im Auftrag von Andy 
Smith
Gesendet: Donnerstag, 9. September 2021 02:11
An: xen-users@xxxxxxxxxxxxxxxxxxxx
Betreff: Re: Update DomU - Debian 11 - no loader found - Invalid kernel

Hi Ronny,

On Wed, Sep 08, 2021 at 02:04:08PM +0000, Ronny Wagner wrote:
> I update a Debian (i386) DomU from buster to bullseye with the new kernel 
> 5.10.0-8-686-pae.
> 
> When i reboot the DomU, there is a fail message and the DomU don't start:
> xc: error: panic: xc_dom_core.c:693: xc_dom_find_loader: no loader found: 
> Invalid kernel

As Bastian pointed out, upstream Linux kernel at 5.10 does not
support 32-bit Xen PV guests any more.

I think your least invasive option is to use multiarch and install an
amd64 kernel. You can do that while booted into the working 4.19
kernel.

Follow these instructions only as far as installing and booting the
new amd64 kernel:

    https://wiki.debian.org/CrossGrading

You'll then continue with a 64-bit kernel and 32-bit userland. Your
Debian guest will continue to properly upgrade to later versions of
the amd64 kernel.

Optionally you can also crossgrade entire userland to 64-bit but
this is a major undertaking fraught with difficulty and likely a
reinstall is quicker and safer. Changing only the kernel is
minimally invasive.

The above is a quick fix that gets you working again; longer term
you need to stop using 32-bit guests. I think from hypervisor
version 4.15 they are also unsupported in PV mode, can only work in
PVH or HVM mode (or PV-Shim, which is PV in PVH).

Also do note that since XSA-370 there is no security support in Xen
for 32-bit PV guests:

    https://xenbits.xen.org/xsa/advisory-370.html
    https://github.com/xen-project/xen/blob/master/SUPPORT.md#x86pv

I would also strongly suggest that you move off of pygrub and on to
pvhgrub, though I think you will need to build your own pvhgrub
image from upstream grub sources for this.

At the moment with pygrub you are having your dom0 open the guest
filesystem and search about for a menu.lst file, then parse it and
extract the kernel and initramfs files from the guest. This is
fragile as it relies on pygrub keeping compatibility with actual
grub configuration syntax. It's also a bit of a security worry to be
opening and parsing guest filesystems in dom0 context.

By contrast, pvhgrub is a copy of upstream grub that is booted as
the guest's kernel, so it runs in the guest context and behaves as
grub normally would.

Here are instructions for building a pvhgrub image:

    
https://wiki.xenproject.org/wiki/Xen_4.12_RC_test_instructions#PVH_domU_boot_via_grub2

You then use the resulting image as guest kernel and add "type=pvh"
to guest xl config file.

Good luck!

Cheers,
Andy

Attachment: smime.p7s
Description: S/MIME cryptographic signature

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.