On 06/08/2014 08:32 AM, Stefan Priebe - Profihost AG wrote:
Am 07.06.2014 um 11:12 schrieb Kir Kolyshkin <k...@openvz.org
<mailto:k...@openvz.org>>:
On 06/06/2014 09:48 PM, Stefan Priebe - Profihost AG wrote:
Oh sorry. My fault. Yes it's the same with 090.2
I tried to reproduce it locally on an CentOS x86_64 box with the
following set of commands,
(checking that every one of those succeeds):
yum -y update
yum -u install yum-utils
rpm --import http://download.openvz.org/RPM-GPG-Key-OpenVZ
wget
http://download.openvz.org/kernel/branches/rhel6-2.6.32-testing/042stab090.2/vzkernel-2.6.32-042stab090.2.src.rpm
yum-builddep -y vzkernel-2.6.32-042stab090.2.src.rpm
rpmbuild --rebuild vzkernel-2.6.32-042stab090.2.src.rpm
The end result is built kernel packages.
So, then I tried building from source+patch:
wget
http://download.openvz.org/kernel/branches/rhel6-2.6.32-testing/042stab090.2/patches/patch-042stab090.2-combined.gz
wget https://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.32.tar.xz
tar xf linux-2.6.32.tar.xz
cd linux-2.6.32
gzip -dc ../patch-042stab090.2-combined.gz | patch -p1
wget
http://download.openvz.org/kernel/branches/rhel6-2.6.32-testing/042stab090.2/configs/config-2.6.32-042stab090.2.x86_64
mv config-2.6.32-042stab090.2.x86_64 .config
make oldconfig
make -j16
Same result -- it was built w/o errors.
So, I was not able to reproduce your issue in either way.
*Two questions:*
1. Can you please describe how you build the kernel (including the build
environment description), in a way so I will be able to reproduce it
locally
(for example, something similar to the above)?
Mhm debian 7.5 using a custom config. But while looking through the
source code i was not able to der a
reason why it shouldn't work.
I am also building kernels for Debian as well (although I am using
gcc-4.4.6 from CentOS 6
and I recommend everyone to do the same -- Red Hat kernels are somewhat
sensitive to the
version of gcc being used -- but I think it's not the cause of the
problem here)
It's probably because of your .config. Is it possible that you share it?
Alternatively, do a diff
between your config and ours, maybe something will look suspicious. For
example, you have
CONFIG_NETFILTER_XTABLES=m instead of y, it might cause this (not tested).
As for the patches you have, I doubt it is the cause, but it might be.
Just a general note -- when filing a bug report, it is a good thing to
provide
everything that can help to reproduce it. So, instead of just saying "I
got such error
compiling such kernel" you can say "I got such error compiling such
kernel on
an Ubuntu xx.xx using gcc x.x.x, attached are my .config and the patches
I apply
on top of yours". This is in your own interest, if you want the issue to
be solved.
2. (Just curious) What is the reason you are building your own kernels
instead of relying on packaged binaries that we release? Sorry if I
already
asked.
Needed some tweaks newer intel 10gbe drivers, ISO vfs support inside guest
I'd suggest using fuseiso for that.
, netconsole build inside kernel instead of module...
Stefan
Kir.
Stefan
Excuse my typo sent from my mobile phone.
Am 07.06.2014 um 06:23 schrieb Kir Kolyshkin <k...@openvz.org
<mailto:k...@openvz.org>>:
Kostya, can you please take a quick look?
Stefan,
Did you have the same problem with 090.2? This release (090.3) only
patches futex code
and has nothing to do with iptables.
Also, please refrain from using private emails (or announce@) --
instead use either users@
mailing list or bugzilla. Thanks!
Kir.
-------- Original Message --------
Subject: Re: [Announce] [security] Kernel RHEL6 042stab090.3
Date: Sat, 7 Jun 2014 00:27:37 +0200
From: Stefan Priebe <s.pri...@profihost.ag>
To: Kir Kolyshkin <k...@openvz.org>, "annou...@openvz.org"
<annou...@openvz.org>
while compiling i always get:
ERROR: "module_payload_allowed" [net/netfilter/x_tables.ko] undefined!
Stefan
Am 06.06.2014 21:05, schrieb Kir Kolyshkin:
> OpenVZ project released an updated RHEL6 based kernel. Read below for
> more information. Everyone is advised to update.
>
>
> Changes and Download
> ====================
> * Security fix for CVE-2014-3153
>
>https://openvz.org/Download/kernel/rhel6/042stab090.3
>
>
> Bug reporting
> =============
> Usehttp://bugzilla.openvz.org/ to report any bugs found.
>
>
> Other sources of info on updates
> ================================
> Seehttp://wiki.openvz.org/News to view all the news (including updates)
> online. There you can also find RSS/Atom feed links.
>
>
> Regards,
> OpenVZ team
>
> _______________________________________________
> Announce mailing list
>annou...@openvz.org
>https://lists.openvz.org/mailman/listinfo/announce
_______________________________________________
Users mailing list
Users@openvz.org
https://lists.openvz.org/mailman/listinfo/users
