Thanks for the reply. Sorry for the typo in the earlier mail. I have PV-HVM of CentOS 7 & I need to convert it to PV kernel. Basically here I am trying to see whether my PV_HVM kernel is vulenrable to this issue given in the following link http://seclists.org/oss-sec/2015/q3/212 In the above link, it was mentioned that the PV kernel is not vulnerable to this bug, but HVM is. It didnt say anything about PV-HVM. Can you please help me in this regard? On Wed, Aug 19, 2015 at 10:43 AM, John R Pierce <pierce at hogranch.com> wrote:> On 8/18/2015 9:53 PM, Venkateswara Rao Dokku wrote: > >> I have installed CentOS 7 HVM kernel. I would like to convert it to CentOs >> 7 PV kernel. >> >> When googled about it, I found that this can be done by following commands >> >> yum install xen or yum install kernel-xen >> >> But, when I tried the below commands, I am getting the error *"No package >> kernel-xen available.**"* >> > > what version were those instructions for ? AFAIK, there's no xen > specific kernel in EL7, Red Hat and therefore CentOS supports KVM as their > native virtualization, and the PV drivers for KVM are built in. > > > -- > john r pierce, recycling bits in santa cruz > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos >-- Thanks & Regards, Venkateswara Rao Dokku.
On 8/18/2015 10:37 PM, Venkateswara Rao Dokku wrote:> Thanks for the reply. > Sorry for the typo in the earlier mail. > I have PV-HVM of CentOS 7 & I need to convert it to PV kernel. > > Basically here I am trying to see whether my PV_HVM kernel is vulenrable to > this issue given in the following link > http://seclists.org/oss-sec/2015/q3/212that is talking about a problem with QEMU and emulated cdroms, and as far as I can tell, the bug is in the qemu emulator, not in the VM's. it merely states that if you only use PV VM's you won't trigger the bug, but the correct fix is to update your QEMU so there is no bug.> In the above link, it was mentioned that the PV kernel is not vulnerable to > this bug, but HVM is. It didnt say anything about PV-HVM. > > Can you please help me in this regard?https://access.redhat.com/security/cve/CVE-2015-5154 suggests QEMU has been fixed as of July 27/28, at least for KVM servers, see the 4 RHSA Errata linked there. again, RHEL7 and therefore CentOS 7 is all about KVM not Xen. If you're running someone's xen server, you need to ensure its patched against this bug. -- john r pierce, recycling bits in santa cruz
Thanks for the reply. If we want to have PV kernel for CentOs 7 , are there any guidelines to follow? How we can know before hand itself that this kernel is PV or HVM, without installing kernel? On Wed, Aug 19, 2015 at 11:27 AM, John R Pierce <pierce at hogranch.com> wrote:> On 8/18/2015 10:37 PM, Venkateswara Rao Dokku wrote: > >> Thanks for the reply. >> Sorry for the typo in the earlier mail. >> I have PV-HVM of CentOS 7 & I need to convert it to PV kernel. >> >> Basically here I am trying to see whether my PV_HVM kernel is vulenrable >> to >> this issue given in the following link >> http://seclists.org/oss-sec/2015/q3/212 >> > > > that is talking about a problem with QEMU and emulated cdroms, and as far > as I can tell, the bug is in the qemu emulator, not in the VM's. it > merely states that if you only use PV VM's you won't trigger the bug, but > the correct fix is to update your QEMU so there is no bug. > > > In the above link, it was mentioned that the PV kernel is not vulnerable to >> this bug, but HVM is. It didnt say anything about PV-HVM. >> >> Can you please help me in this regard? >> > > https://access.redhat.com/security/cve/CVE-2015-5154 suggests QEMU has > been fixed as of July 27/28, at least for KVM servers, see the 4 RHSA > Errata linked there. > > again, RHEL7 and therefore CentOS 7 is all about KVM not Xen. > > If you're running someone's xen server, you need to ensure its patched > against this bug. > > > -- > john r pierce, recycling bits in santa cruz > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos >-- Thanks & Regards, Venkateswara Rao Dokku.