Just FYI, this botched security patch did not only affect Xen users. It
made it impossible for me to run KeePassX, causing a kernel bug, and
prevented me from safely rebooting my laptop.
Aug 23 12:33:17 kubbie kernel: [ 719.266981] [ cut here
]
Aug 23 12:33:17 kubbie
No problems running amd64 domains inside amd64 Dom0 with the kernel from
Jamie's PPA.
--
linux 2.6.24-28.75 breaks xen flavours (xen kernel bug: 'kernel BUG at
/build/buildd/linux-2.6.24/debian/build/custom-source-xen/mm/memory.c:2704')
https://bugs.launchpad.net/bugs/620994
You received this
The kernel from Jamie's PPA fixes the problems i had with pbs_mom startup.
(amd64 linux-image-2.6.24-28-server)
--
linux 2.6.24-28.75 breaks xen flavours (xen kernel bug: 'kernel BUG at
/build/buildd/linux-2.6.24/debian/build/custom-source-xen/mm/memory.c:2704')
Changes committed to Hardy repo (need to get merged back to master
branch when released)
** Changed in: linux (Ubuntu Hardy)
Status: In Progress = Fix Committed
--
linux 2.6.24-28.75 breaks xen flavours (xen kernel bug: 'kernel BUG at
This bug was fixed in the package linux - 2.6.24-28.77
---
linux (2.6.24-28.77) hardy-security; urgency=low
[Stefan Bader]
* mm: Use helper to find real vma with stack guard page
- LP: #620994
- CVE-2010-2240
* mm: Do not assume ENOMEM when looking at a split stack vma
The xen 2.6.24-28.77~pre6 kernel works for me. All DomUs are booting up
fine, daemons are up and running and I don't see any suspicious messages
in logs. Thanks!
--
linux 2.6.24-28.75 breaks xen flavours (xen kernel bug: 'kernel BUG at
I tested 2.6.24-28.77~pre6 on a few test amd64 machines and both dom0
and domu works fine, domus, are i386 and amd64, I will do more tests on
more servers this weekend.
Thanks Stefan!!!
--
linux 2.6.24-28.75 breaks xen flavours (xen kernel bug: 'kernel BUG at
I have copied 2.6.24-28.77 for hardy to the ubuntu-security-proposed
PPA. Can people affected by this bug please test these packages and
report back how it works for them?
--
linux 2.6.24-28.75 breaks xen flavours (xen kernel bug: 'kernel BUG at
I forgot to mention that this will be available after the next
publishing run, which should be about an hour. Assuming these work ok
for people, they will be the packages pushed to hardy-security.
--
linux 2.6.24-28.75 breaks xen flavours (xen kernel bug: 'kernel BUG at
Unfortunately I made a mistake in copying the kernel to the ubuntu-
security-proposed ppa. For reasons pertaining to Launchpad that I won't
get into here, I have instead copied the 2.6.24-28.77 kernel for hardy
to my PPA at https://launchpad.net/~jdstrand/+archive/ppa. Again,
assuming these work
Stefan has put test kernels in
http://people.canonical.com/~smb/lp620994/. Can people try the xen
2.6.24-28.77~pre6 kernel and report back how it works for them?
--
linux 2.6.24-28.75 breaks xen flavours (xen kernel bug: 'kernel BUG at
I tested i386 with the following, and everything seems to work (with /lib/tls
moved and not moved to /lib/tls.disabled):
- xen-create-image
- xm create
- xm list
- xm console
- installing package via apt-get within a guest
- ssh access into the guest
- xm shutdown
- xm destroy
- save/restore via
So the problem seems to be the following: For the security issue a guard page
has been added. To prevent user-space effects mlock was changed to prevent the
first page on a VM_GROWSDOWN (stack) vma to be excluded from being made present.
What was not expected is that apparently Xen user-space
Test kernels (64bit) are now uploaded to
http://people.canonical.com/~smb/lp620994/ The 32bit versions will
follow soon. Anybody affected by this bug, please test and give feedback
here as soon as possible. Thanks.
** Changed in: linux (Ubuntu Hardy)
Status: Confirmed = In Progress
**
Launchpad deleted 2.6.24-28.73 from
https://launchpad.net/ubuntu/+source/linux/+publishinghistory, so for people
who do not have the earlier kernel anymore, I have made it available in the
ubuntu-security-proposed PPA at:
https://launchpad.net/~ubuntu-security-proposed/+archive/ppa
WARNING:
I did some (very quick) testing of Stefan's 77~pre1 kernel and didn't encounter
the kernel bug.
xend started normally, a DomU could be started without problems.
AFAICT at this time, the problem seems to be fixed.
--
linux 2.6.24-28.75 breaks xen flavours (xen kernel bug: 'kernel BUG at
Looking at some test results provided in IRC, the first approach maybe is not
sufficient. I currently only handle the case when the vma gets split by the
current call to mlock_fixup(). But once a split is done locking within this vma
again would likely be considered as touching the guard page.
I have reproduced the problem on i386 hardy install. Attached is my
trace with the .75 kernel. It is slightly different from the original
reporter's, but similar.
** Attachment added: dmesg for i386 hardy install
So this was uploaded on the evening of the 19th, was reported here the
20th; this didn't get much attention until today (22nd) after a post to
the kernel-team mailing-list.
Given that -xen is in universe, I think this can wait until Monday.
--
linux 2.6.24-28.75 breaks xen flavours (xen kernel
Sorry, it was on the -server list: https://lists.ubuntu.com/archives
/ubuntu-server/2010-August/004579.html
--
linux 2.6.24-28.75 breaks xen flavours (xen kernel bug: 'kernel BUG at
/build/buildd/linux-2.6.24/debian/build/custom-source-xen/mm/memory.c:2704')
I have mailed the uploader, and the security team, asking to comment.
--
linux 2.6.24-28.75 breaks xen flavours (xen kernel bug: 'kernel BUG at
/build/buildd/linux-2.6.24/debian/build/custom-source-xen/mm/memory.c:2704')
https://bugs.launchpad.net/bugs/620994
You received this bug notification
** Changed in: linux (Ubuntu Hardy)
Importance: Critical = High
--
linux 2.6.24-28.75 breaks xen flavours (xen kernel bug: 'kernel BUG at
/build/buildd/linux-2.6.24/debian/build/custom-source-xen/mm/memory.c:2704')
https://bugs.launchpad.net/bugs/620994
You received this bug notification
While the regression is unfortunate, I think this needs to be dealt with on
Monday for the following reasons:
- this kernel flavor is in universe
- staff to properly handle the regression is not on hand but will be in less
than 24 hours (indeed, probably 15)
- the suspect patch is for serious
I left one off:
- xen users have a workaround in that the can boot into the previous kernel
until the proper fix is found
--
linux 2.6.24-28.75 breaks xen flavours (xen kernel bug: 'kernel BUG at
/build/buildd/linux-2.6.24/debian/build/custom-source-xen/mm/memory.c:2704')
how can i go back to version 2.6.24-28.73?
this version is not listed in aptitude
i can't find this kernel in /boot
the older version 2.6.24-27 does not boot domU:
Error: Kernel image does not exist: /boot/vmlinuz-2.6.24-24-xen
server is 8.04, 64bit, xen 3.3
--
linux 2.6.24-28.75 breaks
25 matches
Mail list logo