<html>
<head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<div class="moz-cite-prefix">On 06/08/2014 08:32 AM, Stefan Priebe -
Profihost AG wrote:<br>
</div>
<blockquote
cite="mid:6605BA71-5987-4F1A-B579-D2911ED34242@profihost.ag"
type="cite">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<div><br>
</div>
<div>Am 07.06.2014 um 11:12 schrieb Kir Kolyshkin <<a
moz-do-not-send="true" href="mailto:kir@openvz.org">kir@openvz.org</a>>:<br>
<br>
</div>
<blockquote type="cite">
<div>
<div class="moz-cite-prefix">On 06/06/2014 09:48 PM, Stefan
Priebe - Profihost AG wrote:<br>
</div>
<blockquote
cite="mid:5989D079-037A-4BE7-BBFB-403CF421BECE@profihost.ag"
type="cite">
<div>Oh sorry. My fault. Yes it's the same with 090.2<br>
</div>
</blockquote>
<br>
I tried to reproduce it locally on an CentOS x86_64 box with
the following set of commands,<br>
(checking that every one of those succeeds):<br>
<br>
yum -y update<br>
yum -u install yum-utils<br>
rpm --import <a moz-do-not-send="true"
class="moz-txt-link-freetext"
href="http://download.openvz.org/RPM-GPG-Key-OpenVZ">http://download.openvz.org/RPM-GPG-Key-OpenVZ</a><br>
wget <a moz-do-not-send="true"
class="moz-txt-link-freetext"
href="http://download.openvz.org/kernel/branches/rhel6-2.6.32-testing/042stab090.2/vzkernel-2.6.32-042stab090.2.src.rpm">http://download.openvz.org/kernel/branches/rhel6-2.6.32-testing/042stab090.2/vzkernel-2.6.32-042stab090.2.src.rpm</a><br>
yum-builddep -y vzkernel-2.6.32-042stab090.2.src.rpm<br>
rpmbuild --rebuild vzkernel-2.6.32-042stab090.2.src.rpm<br>
<br>
The end result is built kernel packages.<br>
<br>
So, then I tried building from source+patch:<br>
<br>
wget <a moz-do-not-send="true"
class="moz-txt-link-freetext"
href="http://download.openvz.org/kernel/branches/rhel6-2.6.32-testing/042stab090.2/patches/patch-042stab090.2-combined.gz">http://download.openvz.org/kernel/branches/rhel6-2.6.32-testing/042stab090.2/patches/patch-042stab090.2-combined.gz</a><br>
wget <a moz-do-not-send="true"
class="moz-txt-link-freetext"
href="https://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.32.tar.xz">https://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.32.tar.xz</a><br>
tar xf linux-2.6.32.tar.xz<br>
cd linux-2.6.32<br>
gzip -dc ../patch-042stab090.2-combined.gz | patch -p1<br>
wget <a moz-do-not-send="true"
class="moz-txt-link-freetext"
href="http://download.openvz.org/kernel/branches/rhel6-2.6.32-testing/042stab090.2/configs/config-2.6.32-042stab090.2.x86_64">http://download.openvz.org/kernel/branches/rhel6-2.6.32-testing/042stab090.2/configs/config-2.6.32-042stab090.2.x86_64</a><br>
mv config-2.6.32-042stab090.2.x86_64 .config<br>
make oldconfig<br>
make -j16<br>
<br>
Same result -- it was built w/o errors.<br>
<br>
So, I was not able to reproduce your issue in either way.<br>
<br>
*Two questions:*<br>
<br>
1. Can you please describe how you build the kernel (including
the build<br>
environment description), in a way so I will be able to
reproduce it locally<br>
(for example, something similar to the above)?<br>
</div>
</blockquote>
<div><br>
</div>
<div>Mhm debian 7.5 using a custom config. But while looking
through the source code i was not able to der a</div>
<div>reason why it shouldn't work.</div>
</blockquote>
<br>
I am also building kernels for Debian as well (although I am using
gcc-4.4.6 from CentOS 6<br>
and I recommend everyone to do the same -- Red Hat kernels are
somewhat sensitive to the<br>
version of gcc being used -- but I think it's not the cause of the
problem here)<br>
<br>
It's probably because of your .config. Is it possible that you share
it? Alternatively, do a diff<br>
between your config and ours, maybe something will look suspicious.
For example, you have<br>
CONFIG_NETFILTER_XTABLES=m instead of y, it might cause this (not
tested).<br>
<br>
As for the patches you have, I doubt it is the cause, but it might
be.<br>
<br>
Just a general note -- when filing a bug report, it is a good thing
to provide<br>
everything that can help to reproduce it. So, instead of just saying
"I got such error<br>
compiling such kernel" you can say "I got such error compiling such
kernel on<br>
an Ubuntu xx.xx using gcc x.x.x, attached are my .config and the
patches I apply<br>
on top of yours". This is in your own interest, if you want the
issue to be solved.<br>
<br>
<blockquote
cite="mid:6605BA71-5987-4F1A-B579-D2911ED34242@profihost.ag"
type="cite">
<div> </div>
<br>
<blockquote type="cite">
<div> 2. (Just curious) What is the reason you are building your
own kernels<br>
instead of relying on packaged binaries that we release? Sorry
if I already<br>
asked.<br>
</div>
</blockquote>
<div><br>
</div>
Needed some tweaks newer intel 10gbe drivers, ISO vfs support
inside guest</blockquote>
<br>
I'd suggest using fuseiso for that. <br>
<br>
<blockquote
cite="mid:6605BA71-5987-4F1A-B579-D2911ED34242@profihost.ag"
type="cite">, netconsole build inside kernel instead of module...
<div><br>
</div>
<div>Stefan<br>
<div><br>
</div>
<blockquote type="cite">
<div> Kir.<br>
<br>
<blockquote
cite="mid:5989D079-037A-4BE7-BBFB-403CF421BECE@profihost.ag"
type="cite">
<div><br>
Stefan
<div><br>
</div>
<div>Excuse my typo s<span style="font-size: 13pt;">ent
from my mobile phone.</span></div>
</div>
<div><br>
Am 07.06.2014 um 06:23 schrieb Kir Kolyshkin <<a
moz-do-not-send="true" href="mailto:kir@openvz.org">kir@openvz.org</a>>:<br>
<br>
</div>
<blockquote type="cite">
<div> Kostya, can you please take a quick look?<br>
<br>
Stefan,<br>
<br>
Did you have the same problem with 090.2? This release
(090.3) only patches futex code<br>
and has nothing to do with iptables. <br>
<br>
Also, please refrain from using private emails (or
announce@) -- instead use either users@<br>
mailing list or bugzilla. Thanks!<br>
<br>
Kir.<br>
<div class="moz-forward-container"><br>
-------- Original Message --------
<table class="moz-email-headers-table" border="0"
cellpadding="0" cellspacing="0">
<tbody>
<tr>
<th nowrap="nowrap" valign="BASELINE"
align="RIGHT">Subject: </th>
<td>Re: [Announce] [security] Kernel RHEL6
042stab090.3</td>
</tr>
<tr>
<th nowrap="nowrap" valign="BASELINE"
align="RIGHT">Date: </th>
<td>Sat, 7 Jun 2014 00:27:37 +0200</td>
</tr>
<tr>
<th nowrap="nowrap" valign="BASELINE"
align="RIGHT">From: </th>
<td>Stefan Priebe <a moz-do-not-send="true"
class="moz-txt-link-rfc2396E"
href="mailto:s.priebe@profihost.ag"><s.priebe@profihost.ag></a></td>
</tr>
<tr>
<th nowrap="nowrap" valign="BASELINE"
align="RIGHT">To: </th>
<td>Kir Kolyshkin <a moz-do-not-send="true"
class="moz-txt-link-rfc2396E"
href="mailto:kir@openvz.org"><kir@openvz.org></a>,
<a moz-do-not-send="true"
class="moz-txt-link-rfc2396E"
href="mailto:announce@openvz.org">"announce@openvz.org"</a>
<a moz-do-not-send="true"
class="moz-txt-link-rfc2396E"
href="mailto:announce@openvz.org"><announce@openvz.org></a></td>
</tr>
</tbody>
</table>
<br>
<br>
<pre>while compiling i always get:
ERROR: "module_payload_allowed" [net/netfilter/x_tables.ko] undefined!
Stefan
Am 06.06.2014 21:05, schrieb Kir Kolyshkin:
> OpenVZ project released an updated RHEL6 based kernel. Read below for
> more information. Everyone is advised to update.
>
>
> Changes and Download
> ====================
> * Security fix for CVE-2014-3153
>
> <a moz-do-not-send="true" class="moz-txt-link-freetext" href="https://openvz.org/Download/kernel/rhel6/042stab090.3">https://openvz.org/Download/kernel/rhel6/042stab090.3</a>
>
>
> Bug reporting
> =============
> Use <a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://bugzilla.openvz.org/">http://bugzilla.openvz.org/</a> to report any bugs found.
>
>
> Other sources of info on updates
> ================================
> See <a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://wiki.openvz.org/News">http://wiki.openvz.org/News</a> to view all the news (including updates)
> online. There you can also find RSS/Atom feed links.
>
>
> Regards,
> OpenVZ team
>
> _______________________________________________
> Announce mailing list
> <a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:Announce@openvz.org">Announce@openvz.org</a>
> <a moz-do-not-send="true" class="moz-txt-link-freetext" href="https://lists.openvz.org/mailman/listinfo/announce">https://lists.openvz.org/mailman/listinfo/announce</a>
</pre>
<br>
</div>
<br>
</div>
</blockquote>
</blockquote>
<br>
</div>
</blockquote>
</div>
</blockquote>
<br>
</body>
</html>