[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Xen i386 support on Debian wheezy-LTS

On Mon, Jun 20, 2016 at 05:38:33PM +1000, Brian May wrote:
> According to Bastian Blank the the fix for XSA 173 breaks i386
> support. The HVM domains die immediately due to a triple fault.  His
> working theory is that invalid bits slip into the initial page table of
> the domain. He is recommending that we drop support for i386 in order
> that we can continue patching Xen in wheezy with the latest security
> updates.

I forgot the provide further findings.

Each HVM domain immediately dies with a triple fault:

| (XEN) hvm.c:1134:d1 Triple fault on VCPU0 - invoking HVM system reset.
| (XEN) *** Dumping Dom1 vcpu#0 state: ***
| (XEN) ----[ Xen-4.1.6.1  x86_32p  debug=n  Not tainted ]----
| (XEN) CPU:    1
| (XEN) EIP:    0000:[<00101520>]
| (XEN) EFLAGS: 00000002   CONTEXT: hvm guest
| (XEN) eax: 00000000   ebx: 00000000   ecx: 00000000   edx: 00000000
| (XEN) esi: 00000000   edi: 00000000   ebp: 00000000   esp: 00000000
| (XEN) cr0: 00000011   cr4: 00000000   cr3: 00000000   cr2: 00101520
| (XEN) ds: 0000   es: 0000   fs: 0000   gs: 0000   ss: 0000   cs: 0000

CR0 shows the system is in a pretty early state: it is already in
protected mode but nothing else.  It dies during access of the the page
fault handler specified in CR2.

A domain in this state can't be dumped.

Regards,
Bastian

-- 
Lots of people drink from the wrong bottle sometimes.
		-- Edith Keeler, "The City on the Edge of Forever",
		   stardate unknown
Reply to: