Hi, Avi. On Tuesday, 10 November 2009 12:04:40 +0200, Avi Kivity wrote: >> I'm using KVM-88 compiled by myself from the source code provided by the >> official site of the project. >> >> Is this version of KVM vulnerable to the mentioned thing in the >> DSA-1907-1 [1]? > Yes. >> In such case, there is some published patch that can be >> applied or some new version that solves this? > I recommend to use distro-provided modules (or kernel.org kernels within > their support period) for production use. This ensures you get security > and stability fixes. kvm-89 will fix these issues, but as it's a > development snapshot, may introduce new issues. Minutes ago I've downloaded of kernel.org the source code of Linux 2.6.32 because I wanted to test with KSM, that it seems to me a very interesting aggregate. As you said above, surely the modules of 2.6.32 are going to be newer than the compiled ones with KVM-88 with security fixes like the one of the DSA-1907-1. Then, I imagine that only it would be necessary to compile the userspace. The steps that I habitually followed are the mentioned ones in the section 'Unpacking and configuring kvm components' of this [1] document, but I suppose that to only compile userspace it will be necessary to follow a different procedure. Is there some document that you can indicate to me where are mentioned these steps? Very interesting the replies in this thread. It drew attention powerfully to me which Michael Tokarev said that KVM never was and never will be for production. Personally I'm using KVM-88 with 2.6.30 and it works wonderfully well. Thanks for your reply. Regards, Daniel [1] http://www.linux-kvm.org/page/HOWTO1 -- Fingerprint: BFB3 08D6 B4D1 31B2 72B9 29CE 6696 BF1B 14E6 1D37 Powered by Debian GNU/Linux Squeeze - Linux user #188.598
Attachment:
signature.asc
Description: Digital signature
