Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. Xen>
  3. Bugs
[Bug 1775] distro package of xen-4.1 breaks system on botting a cm
bugzilla-daemon at lists
Jul 30, 2011, 2:25 AM
Post #1 of 8 (1990 views)
Permalink
http://bugzilla.xensource.com/bugzilla/show_bug.cgi?id=1775


johneed@hotmail.com changed:

What |Removed |Added
----------------------------------------------------------------------------
Severity|normal |major
Summary|distro package of xen-4.1 |distro package of xen-4.1
|breaky system on botting a |breaks system on botting a
|cm |cm




--
Configure bugmail: http://bugzilla.xensource.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

_______________________________________________
Xen-bugs mailing list
Xen-bugs@lists.xensource.com
http://lists.xensource.com/xen-bugs
[Bug 1775] distro package of xen-4.1 breaks system on botting a cm [ In reply to ]
bugzilla-daemon at lists
Jul 30, 2011, 2:36 AM
Post #2 of 8 (2059 views)
Permalink
http://bugzilla.xensource.com/bugzilla/show_bug.cgi?id=1775





------- Comment #1 from johneed@hotmail.com 2011-07-30 02:36 -------
should have mentioned.

idella@gentoo64 ~/bin $ ls /boot/
...........
xen-4.1.0-rc7-pre.gz
xen-4.1.0.gz
........

The xen-4.1.0-rc7-pre.gz is fine
The xen-4.1.0.gz hypervisor is broken.

idella@gentoo64 ~/bin $ emerge xen -pv

These are the packages that would be merged, in order:

Calculating dependencies... done!
[ebuild R ] app-emulation/xen-4.1.0 USE="acm custom-cflags* debug flask
pae xsm" 0 kB

shows the compiled in features. What can trigger this type of system crash?


--
Configure bugmail: http://bugzilla.xensource.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

_______________________________________________
Xen-bugs mailing list
Xen-bugs@lists.xensource.com
http://lists.xensource.com/xen-bugs
[Bug 1775] distro package of xen-4.1 breaks system on botting a cm [ In reply to ]
bugzilla-daemon at lists
Jul 30, 2011, 7:21 AM
Post #3 of 8 (1975 views)
Permalink
http://bugzilla.xensource.com/bugzilla/show_bug.cgi?id=1775





------- Comment #2 from konrad.wilk@oracle.com 2011-07-30 07:21 -------
A bunch of things.. one of them was that the hvmloader (for HVM guests) would
crash b/c the O1 optimization would make it execute at the wrong address.

I need you to compile xen-4.1.1.tar.gz without using Gentoo build system - and
the normal paramters.

Also, when Xen crashes it outputs on the serial prompt (Look for details in
PVOPS Wiki for which ones) - so we can figure that out. If you can't set up a
serial, you can use 'console=vga vga=text-80x50,keep console_to_ring" and the
hypervisor output (and fault) will be piped to the screen. Also
"console_to_ring" to is sometimes usefull.


--
Configure bugmail: http://bugzilla.xensource.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

_______________________________________________
Xen-bugs mailing list
Xen-bugs@lists.xensource.com
http://lists.xensource.com/xen-bugs
[Bug 1775] distro package of xen-4.1 breaks system on botting a cm [ In reply to ]
bugzilla-daemon at lists
Jul 30, 2011, 7:31 AM
Post #4 of 8 (1971 views)
Permalink
http://bugzilla.xensource.com/bugzilla/show_bug.cgi?id=1775





------- Comment #3 from johneed@hotmail.com 2011-07-30 07:31 -------
It seems the cause of this is in gentoo terms the use of the use flags acm and
xsm. See https://bugs.gentoo.org/show_bug.cgi?id=361345.
It seems disabling these flags allows the hypervisor to boot vms.
What I need to know is where this flaw comes from. There is a gentoo package
xsm, but not asm.
asm is a security portion of the source.
Is the flaw in the gentoo package xsm, is it the xensource code, and can you
list the step or steps to sensure xsm and acm directly in the xensource code so
I can replicate it; suspect they are options manually put after make on the
command line.


Timing, you posted within seconds


--
Configure bugmail: http://bugzilla.xensource.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

_______________________________________________
Xen-bugs mailing list
Xen-bugs@lists.xensource.com
http://lists.xensource.com/xen-bugs
[Bug 1775] distro package of xen-4.1 breaks system on botting a cm [ In reply to ]
bugzilla-daemon at lists
Jul 30, 2011, 7:40 AM
Post #5 of 8 (1976 views)
Permalink
http://bugzilla.xensource.com/bugzilla/show_bug.cgi?id=1775





------- Comment #4 from johneed@hotmail.com 2011-07-30 07:40 -------
ok I am doing 4.1.1, but as you may guess I already have xen-4.1-testing.hg.
Does that not suffice?


--
Configure bugmail: http://bugzilla.xensource.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

_______________________________________________
Xen-bugs mailing list
Xen-bugs@lists.xensource.com
http://lists.xensource.com/xen-bugs
[Bug 1775] distro package of xen-4.1 breaks system on botting a cm [ In reply to ]
bugzilla-daemon at lists
Jul 30, 2011, 8:01 AM
Post #6 of 8 (1968 views)
Permalink
http://bugzilla.xensource.com/bugzilla/show_bug.cgi?id=1775





------- Comment #5 from johneed@hotmail.com 2011-07-30 08:01 -------
Aha

from Config.mk

# Enable XSM security module. Enabling XSM requires selection of an
# XSM security module (FLASK_ENABLE or ACM_SECURITY).
XSM_ENABLE ?= n
FLASK_ENABLE ?= n
ACM_SECURITY ?= n

These are the default settings, so it seems the hypervisor I am using does in
fact not have these set.
So why are they turned off, and do they have an unresolved issue?


--
Configure bugmail: http://bugzilla.xensource.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

_______________________________________________
Xen-bugs mailing list
Xen-bugs@lists.xensource.com
http://lists.xensource.com/xen-bugs
[Bug 1775] distro package of xen-4.1 breaks system on botting a cm [ In reply to ]
bugzilla-daemon at lists
Jul 30, 2011, 8:26 AM
Post #7 of 8 (1973 views)
Permalink
http://bugzilla.xensource.com/bugzilla/show_bug.cgi?id=1775





------- Comment #6 from konrad.wilk@oracle.com 2011-07-30 08:26 -------
(In reply to comment #5)
> Aha
>
> from Config.mk
>
> # Enable XSM security module. Enabling XSM requires selection of an
> # XSM security module (FLASK_ENABLE or ACM_SECURITY).
> XSM_ENABLE ?= n
> FLASK_ENABLE ?= n
> ACM_SECURITY ?= n
>
> These are the default settings, so it seems the hypervisor I am using does in
> fact not have these set.
> So why are they turned off, and do they have an unresolved issue?

B/c the maintainer for them is .. gone? I suspect the code is bit-rotten. You
might want to open a Gentoo bug to turn those off until somebody fixes whatever
the issue you have with ACM.

>


--
Configure bugmail: http://bugzilla.xensource.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

_______________________________________________
Xen-bugs mailing list
Xen-bugs@lists.xensource.com
http://lists.xensource.com/xen-bugs
[Bug 1775] distro package of xen-4.1 breaks system on botting a cm [ In reply to ]
bugzilla-daemon at lists
Jul 30, 2011, 8:41 AM
Post #8 of 8 (2049 views)
Permalink
http://bugzilla.xensource.com/bugzilla/show_bug.cgi?id=1775





------- Comment #7 from johneed@hotmail.com 2011-07-30 08:40 -------
Konrad;

thanks. When you say maintainer, do you mean a gentoo maintainer?
If so, then you are talking to the next gentoo maintainer, so I am trying to
figure what is what.
I have figured I know xen more than any gentoo dev. Updating and fixings
things xen will lead to becoming a gentoo dev, and I intend to look after xen
properly, since I will be the only one around who can work it.
Do you imply the poor code is in the ebuild for emerging xen hypervisor,
package xsm, or whatever is supposed to hookup with things ACM_SECURITY in xen.

I have downloaded the 4.4.1. Is it not available via hg?
# hg clone http://xenbits.xensource.com/xen-4.1.1-testing.hg doesn't work.

I can get the use flags withdrawn, but the task at hand is to get them to work.
I can say that change to setting
FLASK_ENABLE ?= y
cause the emerge or build to fail in my gentoo

Thanks for your important help.


--
Configure bugmail: http://bugzilla.xensource.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

_______________________________________________
Xen-bugs mailing list
Xen-bugs@lists.xensource.com
http://lists.xensource.com/xen-bugs

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal