This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


Re: [Xen-users] are Xen 3.1.0 kernels CVE-2007-4573 vulnerable

Mark Williamson wrote:
>> I understand that a xen 3.0.3-compiled kernel could be a domU in this
>> setup but not a dom0.  Is this understanding wrong?
> It definitely couldn't be a dom0.
And why is that?
My current testing seems to works OK. Should I expect some bugs to
pop-out later?

> Actually, a 3.0.3 kernel quite possibly wouldn't boot in 32-bit mode on a 
> 64-bit Xen from the 3.1 release.  That's because of a fix that hadn't yet 
> been pushed at release time - when 3.1 came out, your 32-bit compat mode 
> kernel needed to be a recent one or it wouldn't work.  The compatibility for 
> older kernels was added later, so it'll be in xen-unstable and I guess it'll 
> probably be in 3.1.1.

Which changeset are you refering to?
Searching for "32 compat" on
http://xenbits.xensource.com/xen-unstable.hg, I found these comments
which seems relevant :
- [32on64] Copy the right grant table status code back to the guest.
- [32on64 kexec] Add an explicit local branch after re-enabling paging
- 32-on-64: Fix error path where we fail to successfully switch a guest
- 32-on-64: Fix error path from memory_op() hypercall.
- Further fixes for 32on64 bit kexec.
- Fix 32on64 kexec trampoline. This was broken when Xen was modified to

all of which are also in xen-3.1-testing.hg



Xen-users mailing list