- A buffer overflow flaw was found in the Xen hypervisor SCSI subsystem emulation. An unprivileged, local guest user could provide a large number of bytes that are used to zero out a fixed-sized buffer via a SAI READ CAPACITY SCSI command, overwriting memory and causing the guest to crash.
- Prior to this update, the vif-bridge script used a maximum transmission unit (MTU) of 1500 for a new Virtual Interface (VIF). As a result, the MTU of the VIF could differ from that of the target bridge. This update fixes the VIF hot-plug script so that the default MTU for new VIFs will match that of the target Xen hypervisor bridge. In combination with a new enough kernel (RHSA-2011:1386), this enables the use of jumbo frames in Xen hypervisor guests.
- Prior to this update, the network-bridge script set the MTU of the bridge to 1500. As a result, the MTU of the Xen hypervisor bridge could differ from that of the physical interface. This update fixes the network script so the MTU of the bridge can be set higher than 1500, thus also providing support for jumbo frames. Now, the MTU of the Xen hypervisor bridge will match that of the physical interface.
- Red Hat Enterprise Linux 5.6 introduced an optimized migration handling that speeds up the migration of guests with large memory. However, the new migration procedure can theoretically cause data corruption. While no cases were observed in practice, with this update, the xend daemon properly waits for correct device release before the guest is started on a destination machine, thus fixing this bug.
xendservice for managing the
kernel-xenkernel for virtualization on Red Hat Enterprise Linux.
- When an attempt to suspend a virtual guest on a disk without enough free space had been made, the suspend operation failed. As Red Hat Enterprise Linux 5 does not support suspend cancellation, this action sometimes caused unexpected termination. With this update, an additional check for enough free space has been added to the code. Now, the suspend operation is cancelled before it starts in the described scenario.
- Due to limitations in the Red Hat Enterprise Linux 5 Xen hypervisor, Red Hat Enterprise Linux 6 guests running fully-virtualized under Red Hat Enterprise Linux 5 occasionally experience time drift or fails to boot. This issue can be resolved by adding the
clocksource=jiffiesparameters to the kernel command line for the guest. Alternatively, if running under Red Hat Enterprise Linux 5.7 or newer, adding
hpet=0to the guest configuration file also fixes this bug. However, these workarounds had serious impact on performance. A patch has been provided to address this issue and now, performance is mostly unaffected in the described scenario when one of the workarounds described above is used.
- Previously, checking status of xendomains, after starting them without anything to do, led to a failed status and no message was returned. With this update, checking xendomains properly reports the
stoppedstate in the described scenario, thus fixing this bug.
- Due to incorrect rounding in the code, setting the
maxmemparameter on HVM (hardware-assisted virtualization) guests equal to the size of actual memory failed. With this update, a proper rounding method has been provided and attempts to set
maxmemas described now succeed.
- When the user connected to a guest's console more than once at the same time, the output on all connections was broken. With this update, only one connection is allowed to the console, thus preventing this bug.
- When a guest was started via the
libvirtAPI without a serial port specified, the
-serial noneoption was passed to the qemu command line. However, Xen Qemu did not support this option, resulting in an unexpected termination of the guest. With this update, support for the
noneoption has been added to Xen Qemu.
- When resizing memory on a paravirtualized guest, information provided by the
xm list -lcommand included incorrect memory size as it used an incorrect size variable. With this update, memory of the guest is read directly and correct memory size is reported in the described scenario.
- Xen Qemu uses an older protocol and previously, orphan
qemu-dmprocesses were sometimes left in the memory when a guest was destroyed immediately after start. With this update, the protocol output is checked in the described scenario and
qemu-dminstances are properly destroyed after a guest is destroyed, thus fixing this bug.
- Previously, obsolete routing tables were used on the network during a live migration of a HVM guest. Consequently, a guest using a network interface sometimes experienced a short network outage after the migration. With this update, fake packets are sent after a migration is complete to ensure the routing tables are correctly updated, thus fixing this bug.
- To set a large MTU (Maximum Transmission Unit) on a bridge needs to be done in a precise order of script executions. Previously, when trying to set a MTU on a bridge with no interfaces, the MTU was not accepted. With this update, the Xen network scripts have been reorganized in the code and large MTUs are now created correctly in the described scenario.
- An update to Xen in Red Hat Enterprise Linux 5.7 added functionality to unpause a migrating guest before the source copy of the guest was destroyed. However, this could cause problems when removing devices that could be used on both sides of the connection and, in case of block devices, could also corrupt the data. With this update, devices are released before the destination copy of a guest is unpaused, thus fixing this bug.
- When a disk configured as
sda:cdromwas added to an HVM domain, wrong media type was set for such disk. This could change the disk order and result in an unbootable domain. With this update, the
hd_indexparameter is adjusted once and for all disks, thus preventing this bug.
- An update to Xen in Red Hat Enterprise Linux 5.7 optimized guest creation procedure to speed up block device creation. However, this procedure caused that CD-ROM devices failed to disconnect from a guest. This update re-enables the functionality to properly disconnect CD-ROM devices.
- Variable amount of memory overhead is needed for creating a guest. Previously, a guest virtual domain could not be created due to insufficient available memory. This update introduces a new configuration option that sets additional memory to be reserved for guest creation, thus fixing this bug.
- Previously, when a bridge was being created for Xen networking, a wrong MTU was set for the bridge and the MTU was subsequently discarded. As a result, guests could not use jumbo frames when the host was using them. This update applies MTU size from the bridge interface to both the
tapinterfaces, enabling jumbo frames on guests.
- This update adds support for the GPT (GUID Partition Table) partition table, which was introduced in Fedora 16 paravirtualized guests as a replacement for MBR (Master Boot Record).
- Prior to this update, the
debug-keyscommand was only accessible from the serial console. This update adds the
debug-keyscommand to the xm utility.