Mageia Bugzilla – Attachment 14498 Details for
Bug 33082
xen new security issues CVE-2024-31142 and CVE-2024-2201
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
Log In
[x]
|
New Account
|
Forgot Password
Commands testing xen
xen test (text/plain), 8.81 KB, created by
katnatek
on 2024-04-14 02:52:25 CEST
(
hide
)
Description:
Commands testing xen
Filename:
MIME Type:
Creator:
katnatek
Created:
2024-04-14 02:52:25 CEST
Size:
8.81 KB
patch
obsolete
>journalctl |grep hvc >abr 13 18:33:56 phoenix kernel: printk: console [hvc0] enabled >abr 13 18:33:56 phoenix systemd[1]: Expecting device dev-hvc0.device... >abr 13 18:33:59 phoenix systemd[1]: Found device dev-hvc0.device. >abr 13 18:34:23 phoenix systemd[1]: Started serial-getty@hvc0.service. > >ls -la /dev/hvc* >crw------- 1 root root 229, 0 abr 13 18:34 /dev/hvc0 >crw------- 1 root root 229, 1 abr 13 18:33 /dev/hvc1 >crw------- 1 root root 229, 2 abr 13 18:33 /dev/hvc2 >crw------- 1 root root 229, 3 abr 13 18:33 /dev/hvc3 >crw------- 1 root root 229, 4 abr 13 18:33 /dev/hvc4 >crw------- 1 root root 229, 5 abr 13 18:33 /dev/hvc5 >crw------- 1 root root 229, 6 abr 13 18:33 /dev/hvc6 >crw------- 1 root root 229, 7 abr 13 18:33 /dev/hvc7 > > >xl list >Name ID Mem VCPUs State Time(s) >Domain-0 0 5790 4 r----- 336.9 > > >xl info >host : phoenix >release : 6.6.22-server-1.mga9 >version : #1 SMP PREEMPT_DYNAMIC Sun Mar 17 20:01:32 UTC 2024 >machine : x86_64 >nr_cpus : 4 >max_cpu_id : 15 >nr_nodes : 1 >cores_per_socket : 2 >threads_per_core : 2 >cpu_mhz : 3191.995 >hw_caps : bfebfbff:029ae3ff:28100800:00000001:00000000:00000000:00000000:00000100 >virt_caps : pv hvm hvm_directio pv_directio hap shadow gnttab-v1 gnttab-v2 >total_memory : 6005 >free_memory : 129 >sharing_freed_memory : 0 >sharing_used_memory : 0 >outstanding_claims : 0 >free_cpus : 0 >xen_major : 4 >xen_minor : 17 >xen_extra : .4 >xen_version : 4.17.4 >xen_caps : xen-3.0-x86_64 xen-3.0-x86_32p hvm-3.0-x86_32 hvm-3.0-x86_32p hvm-3.0-x86_64 >xen_scheduler : credit2 >xen_pagesize : 4096 >platform_params : virt_start=0xffff800000000000 >xen_changeset : >xen_commandline : placeholder >cc_compiler : gcc (Mageia 12.3.0-3.mga9) 12.3.0 >cc_compile_by : iurt >cc_compile_domain : >cc_compile_date : Thu Apr 11 13:24:15 UTC 2024 >build_id : acd60f74726c060bdaeb8b816d80e738a322f4ed >xend_config_format : 4 > > >xl dmesg > Xen 4.17.4 >(XEN) Xen version 4.17.4 (iurt@) (gcc (Mageia 12.3.0-3.mga9) 12.3.0) debug=n Thu Apr 11 13:24:15 UTC 2024 >(XEN) Latest ChangeSet: >(XEN) Bootloader: GRUB 2.06 >(XEN) Command line: placeholder >(XEN) Xen image load base address: 0xcc200000 >(XEN) Video information: >(XEN) VGA is text mode 80x25, font 8x16 >(XEN) VBE/DDC methods: V2; EDID transfer time: 1 seconds >(XEN) Disc information: >(XEN) Found 1 MBR signatures >(XEN) Found 1 EDD information structures >(XEN) Xen-e820 RAM map: >(XEN) [0000000000000000, 000000000009abff] (usable) >(XEN) [000000000009ac00, 000000000009ffff] (reserved) >(XEN) [00000000000e0000, 00000000000fffff] (reserved) >(XEN) [0000000000100000, 00000000cf453fff] (usable) >(XEN) [00000000cf454000, 00000000cf496fff] (ACPI NVS) >(XEN) [00000000cf497000, 00000000cf50afff] (reserved) >(XEN) [00000000cf50b000, 00000000cf50cfff] (usable) >(XEN) [00000000cf50d000, 00000000cf612fff] (reserved) >(XEN) [00000000cf613000, 00000000cf613fff] (usable) >(XEN) [00000000cf614000, 00000000cf614fff] (ACPI NVS) >(XEN) [00000000cf615000, 00000000cf61cfff] (ACPI data) >(XEN) [00000000cf61d000, 00000000cf61dfff] (ACPI NVS) >(XEN) [00000000cf61e000, 00000000cf61ffff] (ACPI data) >(XEN) [00000000cf620000, 00000000cf627fff] (ACPI NVS) >(XEN) [00000000cf628000, 00000000cf648fff] (reserved) >(XEN) [00000000cf649000, 00000000cf68bfff] (ACPI NVS) >(XEN) [00000000cf68c000, 00000000cf7fffff] (usable) >(XEN) [00000000e0000000, 00000000e3ffffff] (reserved) >(XEN) [00000000fed1c000, 00000000fed1ffff] (reserved) >(XEN) [00000000ff000000, 00000000ffffffff] (reserved) >(XEN) [0000000100000000, 000000017bffffff] (usable) >(XEN) [000000017c000000, 000000017fffffff] (reserved) >(XEN) [0000000180000000, 00000001abffffff] (usable) >(XEN) ACPI: RSDP 000F0410, 0024 (r2 INTEL) >(XEN) ACPI: XSDT CF61EE18, 005C (r1 INTEL DH55HC 1072009 MSFT 10013) >(XEN) ACPI: FACP CF61CD98, 00F4 (r4 INTEL DH55HC 1072009 MSFT 10013) >(XEN) ACPI: DSDT CF615018, 6B88 (r1 INTEL DH55HC 0 INTL 20051117) >(XEN) ACPI: FACS CF61DE40, 0040 >(XEN) ACPI: APIC CF61CF18, 00CC (r2 INTEL DH55HC 1072009 MSFT 10013) >(XEN) ACPI: SSDT CF61CC18, 0102 (r1 INTEL DH55HC 1 MSFT 3000001) >(XEN) ACPI: MCFG CF61FF18, 003C (r1 INTEL DH55HC 1072009 MSFT 97) >(XEN) ACPI: HPET CF61FE98, 0038 (r1 INTEL DH55HC 1072009 AMI. 3) >(XEN) ACPI: ASF! CF61EC18, 00A0 (r32 INTEL DH55HC 1 TFSM F4240) >(XEN) ACPI: DMAR CF61EB18, 0080 (r1 INTEL DH55HC 1 INTL 1) >(XEN) System RAM: 6005MB (6149524kB) >(XEN) Domain heap initialised >(XEN) ACPI: 32/64X FACS address mismatch in FADT - cf61df40/00000000cf61de40, using 32 >(XEN) IOAPIC[0]: apic_id 0, version 32, address 0xfec00000, GSI 0-23 >(XEN) CPU0: 1200 ... 3200 MHz >(XEN) Speculative mitigation facilities: >(XEN) Hardware hints: >(XEN) Hardware features: >(XEN) Compiled-in support: INDIRECT_THUNK SHADOW_PAGING HARDEN_ARRAY HARDEN_BRANCH HARDEN_GUEST_ACCESS HARDEN_LOCK >(XEN) Xen settings: BTI-Thunk: RETPOLINE, SPEC_CTRL: No, Other: BRANCH_HARDEN >(XEN) L1TF: believed vulnerable, maxphysaddr L1D 44, CPUID 36, Safe address 1000000000 >(XEN) Support for HVM VMs: RSB EAGER_FPU >(XEN) Support for PV VMs: RSB EAGER_FPU >(XEN) XPTI (64-bit PV only): Dom0 enabled, DomU enabled (without PCID) >(XEN) PV L1TF shadowing: Dom0 disabled, DomU enabled >(XEN) Using scheduler: SMP Credit Scheduler rev2 (credit2) >(XEN) Initializing Credit2 scheduler >(XEN) Platform timer is 14.318MHz HPET >(XEN) Detected 3191.995 MHz processor. >(XEN) Intel VT-d iommu 0 supported page sizes: 4kB >(XEN) Intel VT-d iommu 1 supported page sizes: 4kB >(XEN) Intel VT-d Snoop Control not enabled. >(XEN) Intel VT-d Dom0 DMA Passthrough not enabled. >(XEN) Intel VT-d Queued Invalidation not enabled. >(XEN) Intel VT-d Interrupt Remapping not enabled. >(XEN) Intel VT-d Posted Interrupt not enabled. >(XEN) Intel VT-d Shared EPT tables not enabled. >(XEN) I/O virtualisation enabled >(XEN) - Dom0 mode: Relaxed >(XEN) Interrupt remapping disabled >(XEN) Enabled directed EOI with ioapic_ack_old on! >(XEN) Enabling APIC mode. Using 1 I/O APICs >(XEN) ENABLING IO-APIC IRQs >(XEN) -> Using old ACK method >(XEN) Allocated console ring of 16 KiB. >(XEN) VMX: Supported advanced features: >(XEN) - APIC MMIO access virtualisation >(XEN) - APIC TPR shadow >(XEN) - Extended Page Tables (EPT) >(XEN) - Virtual-Processor Identifiers (VPID) >(XEN) - Virtual NMI >(XEN) - MSR direct-access bitmap >(XEN) - Unrestricted Guest >(XEN) HVM: ASIDs enabled. >(XEN) VMX: Disabling executable EPT superpages due to CVE-2018-12207 >(XEN) HVM: VMX enabled >(XEN) HVM: Hardware Assisted Paging (HAP) detected >(XEN) HVM: HAP page sizes: 4kB, 2MB >(XEN) Disabling C-states C3 and C6 due to CPU errata >(XEN) mwait-idle: max C-state 1 reached >(XEN) mwait-idle: max C-state 1 reached >(XEN) mwait-idle: max C-state 1 reached >(XEN) Brought up 4 CPUs >(XEN) Scheduling granularity: cpu, 1 CPU per sched-resource >(XEN) Initializing Credit2 scheduler >(XEN) Dom0 has maximum 648 PIRQs >(XEN) Xen kernel: 64-bit, lsb, compat32 >(XEN) Dom0 kernel: 64-bit, PAE, lsb, paddr 0x1000000 -> 0x362c000 >(XEN) PHYSICAL MEMORY ARRANGEMENT: >(XEN) Dom0 alloc.: 0000000174000000->0000000178000000 (1456145 pages to be allocated) >(XEN) Init. ramdisk: 00000001a9a0f000->00000001abfff33a >(XEN) VIRTUAL MEMORY ARRANGEMENT: >(XEN) Loaded kernel: ffffffff81000000->ffffffff8362c000 >(XEN) Phys-Mach map: 0000008000000000->0000008000b4f010 >(XEN) Start info: ffffffff8362c000->ffffffff8362c4b8 >(XEN) Page tables: ffffffff8362d000->ffffffff8364c000 >(XEN) Boot stack: ffffffff8364c000->ffffffff8364d000 >(XEN) TOTAL: ffffffff80000000->ffffffff83800000 >(XEN) ENTRY ADDRESS: ffffffff82fb3f90 >(XEN) Dom0 has maximum 4 VCPUs >(XEN) Bogus DMIBAR 0xfed18001 on 0000:00:00.0 >(XEN) Initial low memory virq threshold set at 0x4000 pages. >(XEN) Scrubbing Free RAM in background >(XEN) Std. Loglevel: Errors and warnings >(XEN) Guest Loglevel: Nothing (Rate-limited: Errors and warnings) >(XEN) *************************************************** >(XEN) Booted on L1TF-vulnerable hardware with SMT/Hyperthreading >(XEN) enabled. Please assess your configuration and choose an >(XEN) explicit 'smt=<bool>' setting. See XSA-273. >(XEN) *************************************************** >(XEN) Booted on MLPDS/MFBDS-vulnerable hardware with SMT/Hyperthreading >(XEN) enabled. Mitigations will not be fully effective. Please >(XEN) choose an explicit smt=<bool> setting. See XSA-297. >(XEN) *************************************************** >(XEN) 3... 2... 1... >(XEN) *** Serial input to DOM0 (type 'CTRL-a' three times to switch input) >(XEN) Freed 668kB init memory >(XEN) Bogus DMIBAR 0xfed18001 on 0000:00:00.0
journalctl |grep hvc abr 13 18:33:56 phoenix kernel: printk: console [hvc0] enabled abr 13 18:33:56 phoenix systemd[1]: Expecting device dev-hvc0.device... abr 13 18:33:59 phoenix systemd[1]: Found device dev-hvc0.device. abr 13 18:34:23 phoenix systemd[1]: Started serial-getty@hvc0.service. ls -la /dev/hvc* crw------- 1 root root 229, 0 abr 13 18:34 /dev/hvc0 crw------- 1 root root 229, 1 abr 13 18:33 /dev/hvc1 crw------- 1 root root 229, 2 abr 13 18:33 /dev/hvc2 crw------- 1 root root 229, 3 abr 13 18:33 /dev/hvc3 crw------- 1 root root 229, 4 abr 13 18:33 /dev/hvc4 crw------- 1 root root 229, 5 abr 13 18:33 /dev/hvc5 crw------- 1 root root 229, 6 abr 13 18:33 /dev/hvc6 crw------- 1 root root 229, 7 abr 13 18:33 /dev/hvc7 xl list Name ID Mem VCPUs State Time(s) Domain-0 0 5790 4 r----- 336.9 xl info host : phoenix release : 6.6.22-server-1.mga9 version : #1 SMP PREEMPT_DYNAMIC Sun Mar 17 20:01:32 UTC 2024 machine : x86_64 nr_cpus : 4 max_cpu_id : 15 nr_nodes : 1 cores_per_socket : 2 threads_per_core : 2 cpu_mhz : 3191.995 hw_caps : bfebfbff:029ae3ff:28100800:00000001:00000000:00000000:00000000:00000100 virt_caps : pv hvm hvm_directio pv_directio hap shadow gnttab-v1 gnttab-v2 total_memory : 6005 free_memory : 129 sharing_freed_memory : 0 sharing_used_memory : 0 outstanding_claims : 0 free_cpus : 0 xen_major : 4 xen_minor : 17 xen_extra : .4 xen_version : 4.17.4 xen_caps : xen-3.0-x86_64 xen-3.0-x86_32p hvm-3.0-x86_32 hvm-3.0-x86_32p hvm-3.0-x86_64 xen_scheduler : credit2 xen_pagesize : 4096 platform_params : virt_start=0xffff800000000000 xen_changeset : xen_commandline : placeholder cc_compiler : gcc (Mageia 12.3.0-3.mga9) 12.3.0 cc_compile_by : iurt cc_compile_domain : cc_compile_date : Thu Apr 11 13:24:15 UTC 2024 build_id : acd60f74726c060bdaeb8b816d80e738a322f4ed xend_config_format : 4 xl dmesg Xen 4.17.4 (XEN) Xen version 4.17.4 (iurt@) (gcc (Mageia 12.3.0-3.mga9) 12.3.0) debug=n Thu Apr 11 13:24:15 UTC 2024 (XEN) Latest ChangeSet: (XEN) Bootloader: GRUB 2.06 (XEN) Command line: placeholder (XEN) Xen image load base address: 0xcc200000 (XEN) Video information: (XEN) VGA is text mode 80x25, font 8x16 (XEN) VBE/DDC methods: V2; EDID transfer time: 1 seconds (XEN) Disc information: (XEN) Found 1 MBR signatures (XEN) Found 1 EDD information structures (XEN) Xen-e820 RAM map: (XEN) [0000000000000000, 000000000009abff] (usable) (XEN) [000000000009ac00, 000000000009ffff] (reserved) (XEN) [00000000000e0000, 00000000000fffff] (reserved) (XEN) [0000000000100000, 00000000cf453fff] (usable) (XEN) [00000000cf454000, 00000000cf496fff] (ACPI NVS) (XEN) [00000000cf497000, 00000000cf50afff] (reserved) (XEN) [00000000cf50b000, 00000000cf50cfff] (usable) (XEN) [00000000cf50d000, 00000000cf612fff] (reserved) (XEN) [00000000cf613000, 00000000cf613fff] (usable) (XEN) [00000000cf614000, 00000000cf614fff] (ACPI NVS) (XEN) [00000000cf615000, 00000000cf61cfff] (ACPI data) (XEN) [00000000cf61d000, 00000000cf61dfff] (ACPI NVS) (XEN) [00000000cf61e000, 00000000cf61ffff] (ACPI data) (XEN) [00000000cf620000, 00000000cf627fff] (ACPI NVS) (XEN) [00000000cf628000, 00000000cf648fff] (reserved) (XEN) [00000000cf649000, 00000000cf68bfff] (ACPI NVS) (XEN) [00000000cf68c000, 00000000cf7fffff] (usable) (XEN) [00000000e0000000, 00000000e3ffffff] (reserved) (XEN) [00000000fed1c000, 00000000fed1ffff] (reserved) (XEN) [00000000ff000000, 00000000ffffffff] (reserved) (XEN) [0000000100000000, 000000017bffffff] (usable) (XEN) [000000017c000000, 000000017fffffff] (reserved) (XEN) [0000000180000000, 00000001abffffff] (usable) (XEN) ACPI: RSDP 000F0410, 0024 (r2 INTEL) (XEN) ACPI: XSDT CF61EE18, 005C (r1 INTEL DH55HC 1072009 MSFT 10013) (XEN) ACPI: FACP CF61CD98, 00F4 (r4 INTEL DH55HC 1072009 MSFT 10013) (XEN) ACPI: DSDT CF615018, 6B88 (r1 INTEL DH55HC 0 INTL 20051117) (XEN) ACPI: FACS CF61DE40, 0040 (XEN) ACPI: APIC CF61CF18, 00CC (r2 INTEL DH55HC 1072009 MSFT 10013) (XEN) ACPI: SSDT CF61CC18, 0102 (r1 INTEL DH55HC 1 MSFT 3000001) (XEN) ACPI: MCFG CF61FF18, 003C (r1 INTEL DH55HC 1072009 MSFT 97) (XEN) ACPI: HPET CF61FE98, 0038 (r1 INTEL DH55HC 1072009 AMI. 3) (XEN) ACPI: ASF! CF61EC18, 00A0 (r32 INTEL DH55HC 1 TFSM F4240) (XEN) ACPI: DMAR CF61EB18, 0080 (r1 INTEL DH55HC 1 INTL 1) (XEN) System RAM: 6005MB (6149524kB) (XEN) Domain heap initialised (XEN) ACPI: 32/64X FACS address mismatch in FADT - cf61df40/00000000cf61de40, using 32 (XEN) IOAPIC[0]: apic_id 0, version 32, address 0xfec00000, GSI 0-23 (XEN) CPU0: 1200 ... 3200 MHz (XEN) Speculative mitigation facilities: (XEN) Hardware hints: (XEN) Hardware features: (XEN) Compiled-in support: INDIRECT_THUNK SHADOW_PAGING HARDEN_ARRAY HARDEN_BRANCH HARDEN_GUEST_ACCESS HARDEN_LOCK (XEN) Xen settings: BTI-Thunk: RETPOLINE, SPEC_CTRL: No, Other: BRANCH_HARDEN (XEN) L1TF: believed vulnerable, maxphysaddr L1D 44, CPUID 36, Safe address 1000000000 (XEN) Support for HVM VMs: RSB EAGER_FPU (XEN) Support for PV VMs: RSB EAGER_FPU (XEN) XPTI (64-bit PV only): Dom0 enabled, DomU enabled (without PCID) (XEN) PV L1TF shadowing: Dom0 disabled, DomU enabled (XEN) Using scheduler: SMP Credit Scheduler rev2 (credit2) (XEN) Initializing Credit2 scheduler (XEN) Platform timer is 14.318MHz HPET (XEN) Detected 3191.995 MHz processor. (XEN) Intel VT-d iommu 0 supported page sizes: 4kB (XEN) Intel VT-d iommu 1 supported page sizes: 4kB (XEN) Intel VT-d Snoop Control not enabled. (XEN) Intel VT-d Dom0 DMA Passthrough not enabled. (XEN) Intel VT-d Queued Invalidation not enabled. (XEN) Intel VT-d Interrupt Remapping not enabled. (XEN) Intel VT-d Posted Interrupt not enabled. (XEN) Intel VT-d Shared EPT tables not enabled. (XEN) I/O virtualisation enabled (XEN) - Dom0 mode: Relaxed (XEN) Interrupt remapping disabled (XEN) Enabled directed EOI with ioapic_ack_old on! (XEN) Enabling APIC mode. Using 1 I/O APICs (XEN) ENABLING IO-APIC IRQs (XEN) -> Using old ACK method (XEN) Allocated console ring of 16 KiB. (XEN) VMX: Supported advanced features: (XEN) - APIC MMIO access virtualisation (XEN) - APIC TPR shadow (XEN) - Extended Page Tables (EPT) (XEN) - Virtual-Processor Identifiers (VPID) (XEN) - Virtual NMI (XEN) - MSR direct-access bitmap (XEN) - Unrestricted Guest (XEN) HVM: ASIDs enabled. (XEN) VMX: Disabling executable EPT superpages due to CVE-2018-12207 (XEN) HVM: VMX enabled (XEN) HVM: Hardware Assisted Paging (HAP) detected (XEN) HVM: HAP page sizes: 4kB, 2MB (XEN) Disabling C-states C3 and C6 due to CPU errata (XEN) mwait-idle: max C-state 1 reached (XEN) mwait-idle: max C-state 1 reached (XEN) mwait-idle: max C-state 1 reached (XEN) Brought up 4 CPUs (XEN) Scheduling granularity: cpu, 1 CPU per sched-resource (XEN) Initializing Credit2 scheduler (XEN) Dom0 has maximum 648 PIRQs (XEN) Xen kernel: 64-bit, lsb, compat32 (XEN) Dom0 kernel: 64-bit, PAE, lsb, paddr 0x1000000 -> 0x362c000 (XEN) PHYSICAL MEMORY ARRANGEMENT: (XEN) Dom0 alloc.: 0000000174000000->0000000178000000 (1456145 pages to be allocated) (XEN) Init. ramdisk: 00000001a9a0f000->00000001abfff33a (XEN) VIRTUAL MEMORY ARRANGEMENT: (XEN) Loaded kernel: ffffffff81000000->ffffffff8362c000 (XEN) Phys-Mach map: 0000008000000000->0000008000b4f010 (XEN) Start info: ffffffff8362c000->ffffffff8362c4b8 (XEN) Page tables: ffffffff8362d000->ffffffff8364c000 (XEN) Boot stack: ffffffff8364c000->ffffffff8364d000 (XEN) TOTAL: ffffffff80000000->ffffffff83800000 (XEN) ENTRY ADDRESS: ffffffff82fb3f90 (XEN) Dom0 has maximum 4 VCPUs (XEN) Bogus DMIBAR 0xfed18001 on 0000:00:00.0 (XEN) Initial low memory virq threshold set at 0x4000 pages. (XEN) Scrubbing Free RAM in background (XEN) Std. Loglevel: Errors and warnings (XEN) Guest Loglevel: Nothing (Rate-limited: Errors and warnings) (XEN) *************************************************** (XEN) Booted on L1TF-vulnerable hardware with SMT/Hyperthreading (XEN) enabled. Please assess your configuration and choose an (XEN) explicit 'smt=<bool>' setting. See XSA-273. (XEN) *************************************************** (XEN) Booted on MLPDS/MFBDS-vulnerable hardware with SMT/Hyperthreading (XEN) enabled. Mitigations will not be fully effective. Please (XEN) choose an explicit smt=<bool> setting. See XSA-297. (XEN) *************************************************** (XEN) 3... 2... 1... (XEN) *** Serial input to DOM0 (type 'CTRL-a' three times to switch input) (XEN) Freed 668kB init memory (XEN) Bogus DMIBAR 0xfed18001 on 0000:00:00.0
View Attachment As Raw
Actions:
View
Attachments on
bug 33082
: 14498