4.209. xen

Updated xen packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 5.
The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link associated with the description below.
The xen packages contain administration tools and the xend service for managing the kernel-xen kernel for virtualization on Red Hat Enterprise Linux.

Security Fix

A buffer overflow flaw was found in the Xen hypervisor SCSI subsystem emulation. An unprivileged, local guest user could provide a large number of bytes that are used to zero out a fixed-sized buffer via a SAI READ CAPACITY SCSI command, overwriting memory and causing the guest to crash.

Bug Fixes

Prior to this update, the vif-bridge script used a maximum transmission unit (MTU) of 1500 for a new Virtual Interface (VIF). As a result, the MTU of the VIF could differ from that of the target bridge. This update fixes the VIF hot-plug script so that the default MTU for new VIFs will match that of the target Xen hypervisor bridge. In combination with a new enough kernel (RHSA-2011:1386), this enables the use of jumbo frames in Xen hypervisor guests.
Prior to this update, the network-bridge script set the MTU of the bridge to 1500. As a result, the MTU of the Xen hypervisor bridge could differ from that of the physical interface. This update fixes the network script so the MTU of the bridge can be set higher than 1500, thus also providing support for jumbo frames. Now, the MTU of the Xen hypervisor bridge will match that of the physical interface.
Red Hat Enterprise Linux 5.6 introduced an optimized migration handling that speeds up the migration of guests with large memory. However, the new migration procedure can theoretically cause data corruption. While no cases were observed in practice, with this update, the xend daemon properly waits for correct device release before the guest is started on a destination machine, thus fixing this bug.


Before a guest is using a new enough kernel (RHSA-2011:1386), the MTU of the VIF will drop back to 1500 (if it was set higher) after migration.
All xen users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the xend service must be restarted for this update to take effect.
Updated xen packages that fix several bugs and add several enhancements are now available for Red Hat Enterprise Linux 5.
The xen packages contain administration tools and the xend service for managing the kernel-xen kernel for virtualization on Red Hat Enterprise Linux.

Bug Fixes

When an attempt to suspend a virtual guest on a disk without enough free space had been made, the suspend operation failed. As Red Hat Enterprise Linux 5 does not support suspend cancellation, this action sometimes caused unexpected termination. With this update, an additional check for enough free space has been added to the code. Now, the suspend operation is cancelled before it starts in the described scenario.
Due to limitations in the Red Hat Enterprise Linux 5 Xen hypervisor, Red Hat Enterprise Linux 6 guests running fully-virtualized under Red Hat Enterprise Linux 5 occasionally experience time drift or fails to boot. This issue can be resolved by adding the clocksource=acpi_pm or clocksource=jiffies parameters to the kernel command line for the guest. Alternatively, if running under Red Hat Enterprise Linux 5.7 or newer, adding hpet=0 to the guest configuration file also fixes this bug. However, these workarounds had serious impact on performance. A patch has been provided to address this issue and now, performance is mostly unaffected in the described scenario when one of the workarounds described above is used.
Previously, checking status of xendomains, after starting them without anything to do, led to a failed status and no message was returned. With this update, checking xendomains properly reports the stopped state in the described scenario, thus fixing this bug.
Due to incorrect rounding in the code, setting the maxmem parameter on HVM (hardware-assisted virtualization) guests equal to the size of actual memory failed. With this update, a proper rounding method has been provided and attempts to set maxmem as described now succeed.
When the user connected to a guest's console more than once at the same time, the output on all connections was broken. With this update, only one connection is allowed to the console, thus preventing this bug.
When a guest was started via the libvirt API without a serial port specified, the -serial none option was passed to the qemu command line. However, Xen Qemu did not support this option, resulting in an unexpected termination of the guest. With this update, support for the none option has been added to Xen Qemu.
When resizing memory on a paravirtualized guest, information provided by the xm list -l command included incorrect memory size as it used an incorrect size variable. With this update, memory of the guest is read directly and correct memory size is reported in the described scenario.
Xen Qemu uses an older protocol and previously, orphan qemu-dm processes were sometimes left in the memory when a guest was destroyed immediately after start. With this update, the protocol output is checked in the described scenario and qemu-dm instances are properly destroyed after a guest is destroyed, thus fixing this bug.
Previously, obsolete routing tables were used on the network during a live migration of a HVM guest. Consequently, a guest using a network interface sometimes experienced a short network outage after the migration. With this update, fake packets are sent after a migration is complete to ensure the routing tables are correctly updated, thus fixing this bug.
To set a large MTU (Maximum Transmission Unit) on a bridge needs to be done in a precise order of script executions. Previously, when trying to set a MTU on a bridge with no interfaces, the MTU was not accepted. With this update, the Xen network scripts have been reorganized in the code and large MTUs are now created correctly in the described scenario.
An update to Xen in Red Hat Enterprise Linux 5.7 added functionality to unpause a migrating guest before the source copy of the guest was destroyed. However, this could cause problems when removing devices that could be used on both sides of the connection and, in case of block devices, could also corrupt the data. With this update, devices are released before the destination copy of a guest is unpaused, thus fixing this bug.
When a disk configured as sda:cdrom was added to an HVM domain, wrong media type was set for such disk. This could change the disk order and result in an unbootable domain. With this update, the hd_index parameter is adjusted once and for all disks, thus preventing this bug.
An update to Xen in Red Hat Enterprise Linux 5.7 optimized guest creation procedure to speed up block device creation. However, this procedure caused that CD-ROM devices failed to disconnect from a guest. This update re-enables the functionality to properly disconnect CD-ROM devices.


Variable amount of memory overhead is needed for creating a guest. Previously, a guest virtual domain could not be created due to insufficient available memory. This update introduces a new configuration option that sets additional memory to be reserved for guest creation, thus fixing this bug.
Previously, when a bridge was being created for Xen networking, a wrong MTU was set for the bridge and the MTU was subsequently discarded. As a result, guests could not use jumbo frames when the host was using them. This update applies MTU size from the bridge interface to both the netback and tap interfaces, enabling jumbo frames on guests.
This update adds support for the GPT (GUID Partition Table) partition table, which was introduced in Fedora 16 paravirtualized guests as a replacement for MBR (Master Boot Record).
Prior to this update, the debug-keys command was only accessible from the serial console. This update adds the debug-keys command to the xm utility.
All xen users are advised to upgrade to these updated packages, which fix these bugs and add these enhancements.