[Kernel-packages] [Bug 1671760] Re: Xen HVM guests running linux 4.10 fail to boot on Intel hosts

[Launchpad Bug Tracker]

This bug was fixed in the package xen - 4.7.2-0ubuntu1

---------------
xen (4.7.2-0ubuntu1) yakkety; urgency=medium

  * Rebasing to upstream stable release 4.7.2 (LP: #1672767)
    https://www.xenproject.org/downloads/xen-archives/xen-47-series.html
    - Includes fix for booting 4.10 Linux kernels in HVM guests on Intel
      hosts which support the TSC_ADJUST MSR (LP: #1671760)
    - Dropping: d/p/preup-tools-fix-linear-p2m-save.patch which is part
      of the stable update.
    - Additional security relevant changes:
      * XSA-207
        - memory leak when destroying guest without PT devices
    - Replacing the following security fixes with the versions from the
      stable update:
      * CVE-2016-6258 / XSA-182
        - x86: Privilege escalation in PV guests
      * CVE-2016-6259 / XSA-183
        - x86: Missing SMAP whitelisting in 32-bit exception / event delivery
      * CVE-2016-7092 / XSA-185
        - x86: Disallow L3 recursive pagetable for 32-bit PV guests
      * CVE-2016-7093 / XSA-186
        - x86: Mishandling of instruction pointer truncation during emulation
      * CVE-2016-7094 / XSA-187
        - x86 HVM: Overflow of sh_ctxt->seg_reg[]
      * CVE-2016-7777 / XSA-190
        - CR0.TS and CR0.EM not always honored for x86 HVM guests
      * CVE-2016-9386 / XSA-191
        - x86 null segments not always treated as unusable
      * CVE-2016-9382 / XSA-192
        - x86 task switch to VM86 mode mis-handled
      * CVE-2016-9385 / XSA-193
        - x86 segment base write emulation lacking canonical address checks
      * CVE-2016-9384 / XSA-194
        - guest 32-bit ELF symbol table load leaking host data
      * CVE-2016-9383 / XSA-195
        - x86 64-bit bit test instruction emulation broken
      * CVE-2016-9377, CVE-2016-9378 / XSA-196
        - x86 software interrupt injection mis-handled
      * CVE-2016-9379, CVE-2016-9380 / XSA-198
        - delimiter injection vulnerabilities in pygrub
      * CVE-2016-9932 / XSA-200
        - x86 CMPXCHG8B emulation fails to ignore operand size override
      * CVE-2016-9815, CVE-2016-9816, CVE-2016-9817, CVE-2016-9818 / XSA-201
        - ARM guests may induce host asynchronous abort
      * CVE-2016-10024 / XSA-202
        - x86 PV guests may be able to mask interrupts
      * CVE-2016-10025 / XSA-203
        - x86: missing NULL pointer check in VMFUNC emulation
      * CVE-2016-10013 / XSA-204
        - x86: Mishandling of SYSCALL singlestep during emulation
  * Copy contents of debian/build/install-utils_$(ARCH)/usr/sbin into
    debian/build/install-utils_$ARCH/usr/lib/xen-$(VERSION) (LP: #1396670).

 -- Stefan Bader <stefan.ba...@canonical.com>  Tue, 14 Mar 2017 15:45:59
+0100

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1671760

Title:
  Xen HVM guests running linux 4.10 fail to boot on Intel hosts

Status in linux package in Ubuntu:
  Won't Fix
Status in xen package in Ubuntu:
  Fix Released
Status in linux source package in Trusty:
  Invalid
Status in xen source package in Trusty:
  Fix Released
Status in linux source package in Xenial:
  Invalid
Status in xen source package in Xenial:
  Fix Released
Status in linux source package in Yakkety:
  Invalid
Status in xen source package in Yakkety:
  Fix Released
Status in linux source package in Zesty:
  Won't Fix
Status in xen source package in Zesty:
  Fix Released

Bug description:
  Starting with Linux kernel 4.10, the kernel does some sanity checking
  on the TSC_ADJUST MSR. Xen has implemented some support for that MSR
  in the hypervisor (Xen 4.3 and later) for HVM guests. But boot and
  secondary vCPUs are set up inconsistently. This causes the boot of a
  4.10 HVM guest to hang early on boot.

  This was fixed in the hypervisor by:

    commit 98297f09bd07bb63407909aae1d309d8adeb572e
    x86/hvm: do not set msr_tsc_adjust on hvm_set_guest_tsc_fixed

  That fix would be contained in 4.6.5 and 4.7.2 and would be in 4.8.1
  (not released, yet) which mean that Ubuntu 14.04/16.04/16.10 and 17.04
  currently are affected.

  ---

  SRU Justification:

  Impact: Without the TSC_ADJUST MSR fix, 4.10 and later kernels will
  get stuck at boot when running as (PV)HVM guests on Xen 4.3 and later.

  Fix: Above fix either individually applied or as part of Xen stable
  stream (for Xen 4.7.x and 4.6.x) resolves the issue.

  Testcase:
  - Requires Intel based host which supports the TSC_ADJUST MSR
  - Configured as Xen host
  - HVM guest running Zesty/17.04
  - Stuck at boot before, normal booting OS after

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1671760/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to     : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp