<html>
  <head>
    <meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
  </head>
  <body text="#000000" bgcolor="#FFFFFF">
    <div class="moz-cite-prefix">On 06/08/2014 08:32 AM, Stefan Priebe -
      Profihost AG wrote:<br>
    </div>
    <blockquote
      cite="mid:6605BA71-5987-4F1A-B579-D2911ED34242@profihost.ag"
      type="cite">
      <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
      <div><br>
      </div>
      <div>Am 07.06.2014 um 11:12 schrieb Kir Kolyshkin &lt;<a
          moz-do-not-send="true" href="mailto:kir@openvz.org">kir@openvz.org</a>&gt;:<br>
        <br>
      </div>
      <blockquote type="cite">
        <div>
          <div class="moz-cite-prefix">On 06/06/2014 09:48 PM, Stefan
            Priebe - Profihost AG wrote:<br>
          </div>
          <blockquote
            cite="mid:5989D079-037A-4BE7-BBFB-403CF421BECE@profihost.ag"
            type="cite">
            <div>Oh sorry. My fault. Yes it's the same with 090.2<br>
            </div>
          </blockquote>
          <br>
          I tried to reproduce it locally on an CentOS x86_64 box with
          the following set of commands,<br>
          (checking that every one of those succeeds):<br>
          <br>
              yum -y update<br>
              yum -u install yum-utils<br>
              rpm --import <a moz-do-not-send="true"
            class="moz-txt-link-freetext"
            href="http://download.openvz.org/RPM-GPG-Key-OpenVZ">http://download.openvz.org/RPM-GPG-Key-OpenVZ</a><br>
              wget <a moz-do-not-send="true"
            class="moz-txt-link-freetext"
href="http://download.openvz.org/kernel/branches/rhel6-2.6.32-testing/042stab090.2/vzkernel-2.6.32-042stab090.2.src.rpm">http://download.openvz.org/kernel/branches/rhel6-2.6.32-testing/042stab090.2/vzkernel-2.6.32-042stab090.2.src.rpm</a><br>
              yum-builddep -y vzkernel-2.6.32-042stab090.2.src.rpm<br>
              rpmbuild --rebuild vzkernel-2.6.32-042stab090.2.src.rpm<br>
          <br>
          The end result is built kernel packages.<br>
          <br>
          So, then I tried building from source+patch:<br>
          <br>
              wget <a moz-do-not-send="true"
            class="moz-txt-link-freetext"
href="http://download.openvz.org/kernel/branches/rhel6-2.6.32-testing/042stab090.2/patches/patch-042stab090.2-combined.gz">http://download.openvz.org/kernel/branches/rhel6-2.6.32-testing/042stab090.2/patches/patch-042stab090.2-combined.gz</a><br>
              wget <a moz-do-not-send="true"
            class="moz-txt-link-freetext"
            href="https://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.32.tar.xz">https://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.32.tar.xz</a><br>
              tar xf linux-2.6.32.tar.xz<br>
              cd linux-2.6.32<br>
              gzip -dc ../patch-042stab090.2-combined.gz | patch -p1<br>
              wget <a moz-do-not-send="true"
            class="moz-txt-link-freetext"
href="http://download.openvz.org/kernel/branches/rhel6-2.6.32-testing/042stab090.2/configs/config-2.6.32-042stab090.2.x86_64">http://download.openvz.org/kernel/branches/rhel6-2.6.32-testing/042stab090.2/configs/config-2.6.32-042stab090.2.x86_64</a><br>
              mv config-2.6.32-042stab090.2.x86_64 .config<br>
              make oldconfig<br>
              make -j16<br>
          <br>
          Same result -- it was built w/o errors.<br>
          <br>
          So, I was not able to reproduce your issue in either way.<br>
          <br>
          *Two questions:*<br>
          <br>
          1. Can you please describe how you build the kernel (including
          the build<br>
          environment description), in a way so I will be able to
          reproduce it locally<br>
          (for example, something similar to the above)?<br>
        </div>
      </blockquote>
      <div><br>
      </div>
      <div>Mhm debian 7.5 using a custom config. But while looking
        through the source code i was not able to der a</div>
      <div>reason why it shouldn't work.</div>
    </blockquote>
    <br>
    I am also building kernels for Debian as well (although I am using
    gcc-4.4.6 from CentOS 6<br>
    and I recommend everyone to do the same -- Red Hat kernels are
    somewhat sensitive to the<br>
    version of gcc being used -- but I think it's not the cause of the
    problem here)<br>
    <br>
    It's probably because of your .config. Is it possible that you share
    it? Alternatively, do a diff<br>
    between your config and ours, maybe something will look suspicious.
    For example, you have<br>
    CONFIG_NETFILTER_XTABLES=m instead of y, it might cause this (not
    tested).<br>
    <br>
    As for the patches you have, I doubt it is the cause, but it might
    be.<br>
    <br>
    Just a general note -- when filing a bug report, it is a good thing
    to provide<br>
    everything that can help to reproduce it. So, instead of just saying
    "I got such error<br>
    compiling such kernel" you can say "I got such error compiling such
    kernel on<br>
    an Ubuntu xx.xx using gcc x.x.x, attached are my .config and the
    patches I apply<br>
    on top of yours". This is in your own interest, if you want the
    issue to be solved.<br>
    <br>
    <blockquote
      cite="mid:6605BA71-5987-4F1A-B579-D2911ED34242@profihost.ag"
      type="cite">
      <div> </div>
      <br>
      <blockquote type="cite">
        <div> 2. (Just curious) What is the reason you are building your
          own kernels<br>
          instead of relying on packaged binaries that we release? Sorry
          if I already<br>
          asked.<br>
        </div>
      </blockquote>
      <div><br>
      </div>
      Needed some tweaks newer intel 10gbe drivers, ISO vfs support
      inside guest</blockquote>
    <br>
    I'd suggest using fuseiso for that. <br>
    <br>
    <blockquote
      cite="mid:6605BA71-5987-4F1A-B579-D2911ED34242@profihost.ag"
      type="cite">, netconsole build inside kernel instead of module...
      <div><br>
      </div>
      <div>Stefan<br>
        <div><br>
        </div>
        <blockquote type="cite">
          <div> Kir.<br>
            <br>
            <blockquote
              cite="mid:5989D079-037A-4BE7-BBFB-403CF421BECE@profihost.ag"
              type="cite">
              <div><br>
                Stefan
                <div><br>
                </div>
                <div>Excuse my typo s<span style="font-size: 13pt;">ent
                    from my mobile phone.</span></div>
              </div>
              <div><br>
                Am 07.06.2014 um 06:23 schrieb Kir Kolyshkin &lt;<a
                  moz-do-not-send="true" href="mailto:kir@openvz.org">kir@openvz.org</a>&gt;:<br>
                <br>
              </div>
              <blockquote type="cite">
                <div> Kostya, can you please take a quick look?<br>
                  <br>
                  Stefan,<br>
                  <br>
                  Did you have the same problem with 090.2? This release
                  (090.3) only patches futex code<br>
                  and has nothing to do with iptables. <br>
                  <br>
                  Also, please refrain from using private emails (or
                  announce@) -- instead use either users@<br>
                  mailing list or bugzilla. Thanks!<br>
                  <br>
                  Kir.<br>
                  <div class="moz-forward-container"><br>
                    -------- Original Message --------
                    <table class="moz-email-headers-table" border="0"
                      cellpadding="0" cellspacing="0">
                      <tbody>
                        <tr>
                          <th nowrap="nowrap" valign="BASELINE"
                            align="RIGHT">Subject: </th>
                          <td>Re: [Announce] [security] Kernel RHEL6
                            042stab090.3</td>
                        </tr>
                        <tr>
                          <th nowrap="nowrap" valign="BASELINE"
                            align="RIGHT">Date: </th>
                          <td>Sat, 7 Jun 2014 00:27:37 +0200</td>
                        </tr>
                        <tr>
                          <th nowrap="nowrap" valign="BASELINE"
                            align="RIGHT">From: </th>
                          <td>Stefan Priebe <a moz-do-not-send="true"
                              class="moz-txt-link-rfc2396E"
                              href="mailto:s.priebe@profihost.ag">&lt;s.priebe@profihost.ag&gt;</a></td>
                        </tr>
                        <tr>
                          <th nowrap="nowrap" valign="BASELINE"
                            align="RIGHT">To: </th>
                          <td>Kir Kolyshkin <a moz-do-not-send="true"
                              class="moz-txt-link-rfc2396E"
                              href="mailto:kir@openvz.org">&lt;kir@openvz.org&gt;</a>,
                            <a moz-do-not-send="true"
                              class="moz-txt-link-rfc2396E"
                              href="mailto:announce@openvz.org">"announce@openvz.org"</a>
                            <a moz-do-not-send="true"
                              class="moz-txt-link-rfc2396E"
                              href="mailto:announce@openvz.org">&lt;announce@openvz.org&gt;</a></td>
                        </tr>
                      </tbody>
                    </table>
                    <br>
                    <br>
                    <pre>while compiling i always get:
ERROR: "module_payload_allowed" [net/netfilter/x_tables.ko] undefined!

Stefan
Am 06.06.2014 21:05, schrieb Kir Kolyshkin:
&gt; OpenVZ project released an updated RHEL6 based kernel. Read below for
&gt; more information. Everyone is advised to update.
&gt;
&gt;
&gt; Changes and Download
&gt; ====================
&gt; * Security fix for CVE-2014-3153
&gt;
&gt; <a moz-do-not-send="true" class="moz-txt-link-freetext" href="https://openvz.org/Download/kernel/rhel6/042stab090.3">https://openvz.org/Download/kernel/rhel6/042stab090.3</a>
&gt;
&gt;
&gt; Bug reporting
&gt; =============
&gt; Use <a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://bugzilla.openvz.org/">http://bugzilla.openvz.org/</a>  to report any bugs found.
&gt;
&gt;
&gt; Other sources of info on updates
&gt; ================================
&gt; See <a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://wiki.openvz.org/News">http://wiki.openvz.org/News</a>  to view all the news (including updates)
&gt; online. There you can also find RSS/Atom feed links.
&gt;
&gt;
&gt; Regards,
&gt;    OpenVZ team
&gt;
&gt; _______________________________________________
&gt; Announce mailing list
&gt; <a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:Announce@openvz.org">Announce@openvz.org</a>
&gt; <a moz-do-not-send="true" class="moz-txt-link-freetext" href="https://lists.openvz.org/mailman/listinfo/announce">https://lists.openvz.org/mailman/listinfo/announce</a>
</pre>
                    <br>
                  </div>
                  <br>
                </div>
              </blockquote>
            </blockquote>
            <br>
          </div>
        </blockquote>
      </div>
    </blockquote>
    <br>
  </body>
</html>