<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body dir="auto"><div><br></div><div>Am 07.06.2014 um 11:12 schrieb Kir Kolyshkin <<a href="mailto:kir@openvz.org">kir@openvz.org</a>>:<br><br></div><blockquote type="cite"><div>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
<div class="moz-cite-prefix">On 06/06/2014 09:48 PM, Stefan Priebe -
Profihost AG wrote:<br>
</div>
<blockquote cite="mid:5989D079-037A-4BE7-BBFB-403CF421BECE@profihost.ag" type="cite">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<div>Oh sorry. My fault. Yes it's the same with 090.2<br>
</div>
</blockquote>
<br>
I tried to reproduce it locally on an CentOS x86_64 box with the
following set of commands,<br>
(checking that every one of those succeeds):<br>
<br>
yum -y update<br>
yum -u install yum-utils<br>
rpm --import <a class="moz-txt-link-freetext" href="http://download.openvz.org/RPM-GPG-Key-OpenVZ">http://download.openvz.org/RPM-GPG-Key-OpenVZ</a><br>
wget
<a class="moz-txt-link-freetext" href="http://download.openvz.org/kernel/branches/rhel6-2.6.32-testing/042stab090.2/vzkernel-2.6.32-042stab090.2.src.rpm">http://download.openvz.org/kernel/branches/rhel6-2.6.32-testing/042stab090.2/vzkernel-2.6.32-042stab090.2.src.rpm</a><br>
yum-builddep -y vzkernel-2.6.32-042stab090.2.src.rpm<br>
rpmbuild --rebuild vzkernel-2.6.32-042stab090.2.src.rpm<br>
<br>
The end result is built kernel packages.<br>
<br>
So, then I tried building from source+patch:<br>
<br>
wget
<a class="moz-txt-link-freetext" href="http://download.openvz.org/kernel/branches/rhel6-2.6.32-testing/042stab090.2/patches/patch-042stab090.2-combined.gz">http://download.openvz.org/kernel/branches/rhel6-2.6.32-testing/042stab090.2/patches/patch-042stab090.2-combined.gz</a><br>
wget
<a class="moz-txt-link-freetext" href="https://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.32.tar.xz">https://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.32.tar.xz</a><br>
tar xf linux-2.6.32.tar.xz<br>
cd linux-2.6.32<br>
gzip -dc ../patch-042stab090.2-combined.gz | patch -p1<br>
wget
<a class="moz-txt-link-freetext" href="http://download.openvz.org/kernel/branches/rhel6-2.6.32-testing/042stab090.2/configs/config-2.6.32-042stab090.2.x86_64">http://download.openvz.org/kernel/branches/rhel6-2.6.32-testing/042stab090.2/configs/config-2.6.32-042stab090.2.x86_64</a><br>
mv config-2.6.32-042stab090.2.x86_64 .config<br>
make oldconfig<br>
make -j16<br>
<br>
Same result -- it was built w/o errors.<br>
<br>
So, I was not able to reproduce your issue in either way.<br>
<br>
*Two questions:*<br>
<br>
1. Can you please describe how you build the kernel (including the
build<br>
environment description), in a way so I will be able to reproduce it
locally<br>
(for example, something similar to the above)?<br></div></blockquote><div><br></div><div>Mhm debian 7.5 using a custom config. But while looking through the source code i was not able to der a</div><div>reason why it shouldn't work. </div><br><blockquote type="cite"><div>
2. (Just curious) What is the reason you are building your own
kernels<br>
instead of relying on packaged binaries that we release? Sorry if I
already<br>
asked.<br></div></blockquote><div><br></div>Needed some tweaks newer intel 10gbe drivers, ISO vfs support inside guest, netconsole build inside kernel instead of module...<div><br></div><div>Stefan<br><div><br></div><blockquote type="cite"><div>
Kir.<br>
<br>
<blockquote cite="mid:5989D079-037A-4BE7-BBFB-403CF421BECE@profihost.ag" type="cite">
<div><br>
Stefan
<div><br>
</div>
<div>Excuse my typo s<span style="font-size: 13pt;">ent from my
mobile phone.</span></div>
</div>
<div><br>
Am 07.06.2014 um 06:23 schrieb Kir Kolyshkin <<a moz-do-not-send="true" href="mailto:kir@openvz.org">kir@openvz.org</a>>:<br>
<br>
</div>
<blockquote type="cite">
<div> Kostya, can you please take a quick look?<br>
<br>
Stefan,<br>
<br>
Did you have the same problem with 090.2? This release (090.3)
only patches futex code<br>
and has nothing to do with iptables. <br>
<br>
Also, please refrain from using private emails (or announce@)
-- instead use either users@<br>
mailing list or bugzilla. Thanks!<br>
<br>
Kir.<br>
<div class="moz-forward-container"><br>
-------- Original Message --------
<table class="moz-email-headers-table" border="0" cellpadding="0" cellspacing="0">
<tbody>
<tr>
<th align="RIGHT" nowrap="nowrap" valign="BASELINE">Subject:
</th>
<td>Re: [Announce] [security] Kernel RHEL6
042stab090.3</td>
</tr>
<tr>
<th align="RIGHT" nowrap="nowrap" valign="BASELINE">Date:
</th>
<td>Sat, 7 Jun 2014 00:27:37 +0200</td>
</tr>
<tr>
<th align="RIGHT" nowrap="nowrap" valign="BASELINE">From:
</th>
<td>Stefan Priebe <a moz-do-not-send="true" class="moz-txt-link-rfc2396E" href="mailto:s.priebe@profihost.ag"><s.priebe@profihost.ag></a></td>
</tr>
<tr>
<th align="RIGHT" nowrap="nowrap" valign="BASELINE">To:
</th>
<td>Kir Kolyshkin <a moz-do-not-send="true" class="moz-txt-link-rfc2396E" href="mailto:kir@openvz.org"><kir@openvz.org></a>,
<a moz-do-not-send="true" class="moz-txt-link-rfc2396E" href="mailto:announce@openvz.org">"announce@openvz.org"</a>
<a moz-do-not-send="true" class="moz-txt-link-rfc2396E" href="mailto:announce@openvz.org"><announce@openvz.org></a></td>
</tr>
</tbody>
</table>
<br>
<br>
<pre>while compiling i always get:
ERROR: "module_payload_allowed" [net/netfilter/x_tables.ko] undefined!
Stefan
Am 06.06.2014 21:05, schrieb Kir Kolyshkin:
> OpenVZ project released an updated RHEL6 based kernel. Read below for
> more information. Everyone is advised to update.
>
>
> Changes and Download
> ====================
> * Security fix for CVE-2014-3153
>
> <a moz-do-not-send="true" class="moz-txt-link-freetext" href="https://openvz.org/Download/kernel/rhel6/042stab090.3">https://openvz.org/Download/kernel/rhel6/042stab090.3</a>
>
>
> Bug reporting
> =============
> Use <a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://bugzilla.openvz.org/">http://bugzilla.openvz.org/</a> to report any bugs found.
>
>
> Other sources of info on updates
> ================================
> See <a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://wiki.openvz.org/News">http://wiki.openvz.org/News</a> to view all the news (including updates)
> online. There you can also find RSS/Atom feed links.
>
>
> Regards,
> OpenVZ team
>
> _______________________________________________
> Announce mailing list
> <a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:Announce@openvz.org">Announce@openvz.org</a>
> <a moz-do-not-send="true" class="moz-txt-link-freetext" href="https://lists.openvz.org/mailman/listinfo/announce">https://lists.openvz.org/mailman/listinfo/announce</a>
</pre>
<br>
</div>
<br>
</div>
</blockquote>
</blockquote>
<br>
</div></blockquote></div></body></html>