Bug#655385: "Cannot allocate memory" when doing "cat /proc/self/mountinfo" inside a vm
tags 655385 + patch moreinfo
quit
Hi Ola and Christoph,
Christoph Lechleitner wrote:
> There is a patch solving this problem:
> http://forum.openvz.org/index.php?t=msg&th=10493&goto=45496&#msg_45496
>
> Using this patch I was able to solve the problem for us.
Thanks!
Ola, should we apply this patch?
--
To UNSUBSCRIBE, email to debian-kernel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20120523225321.GC20069@burratino">http://lists.debian.org/20120523225321.GC20069@burratino
06-28-2012, 05:18 AM
Ola Lundqvist
Bug#655385: "Cannot allocate memory" when doing "cat /proc/self/mountinfo" inside a vm
Hi
I do not know if there is much point in that. We can do that of course
but as we soon have a new release without those kernels I do not
really see the benefit of doing so.
// Ola
On Wed, May 23, 2012 at 05:53:21PM -0500, Jonathan Nieder wrote:
> tags 655385 + patch moreinfo
> quit
>
> Hi Ola and Christoph,
>
> Christoph Lechleitner wrote:
>
> > There is a patch solving this problem:
> > http://forum.openvz.org/index.php?t=msg&th=10493&goto=45496&#msg_45496
> >
> > Using this patch I was able to solve the problem for us.
>
> Thanks!
>
> Ola, should we apply this patch?
>
--
To UNSUBSCRIBE, email to debian-kernel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20120628051856.GA22404@inguza.net">http://lists.debian.org/20120628051856.GA22404@inguza.net
06-28-2012, 05:24 AM
Jonathan Nieder
Bug#655385: "Cannot allocate memory" when doing "cat /proc/self/mountinfo" inside a vm
Ola Lundqvist wrote:
> I do not know if there is much point in that. We can do that of course
> but as we soon have a new release without those kernels I do not
> really see the benefit of doing so.
Squeeze still has at least a year of support left. But I'm trusting
your judgment about which openvz patches are safe to apply to it (and
I imagine Ben does the same).
Thanks,
Jonathan
--
To UNSUBSCRIBE, email to debian-kernel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: http://lists.debian.org/20120628052443.GC5178@burratino
06-29-2012, 04:46 AM
Ola Lundqvist
Bug#655385: "Cannot allocate memory" when doing "cat /proc/self/mountinfo" inside a vm
Hi Jonathan
Thanks. Yes, but in this case the advice is to use the available
.rpm packages and alienize those to .deb.
// Ola
On Thu, Jun 28, 2012 at 12:24:44AM -0500, Jonathan Nieder wrote:
> Ola Lundqvist wrote:
>
> > I do not know if there is much point in that. We can do that of course
> > but as we soon have a new release without those kernels I do not
> > really see the benefit of doing so.
>
> Squeeze still has at least a year of support left. But I'm trusting
> your judgment about which openvz patches are safe to apply to it (and
> I imagine Ben does the same).
>
> Thanks,
> Jonathan
>
--
To UNSUBSCRIBE, email to debian-kernel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20120629044605.GA26287@inguza.net">http://lists.debian.org/20120629044605.GA26287@inguza.net
06-29-2012, 08:51 AM
Jonathan Nieder
Bug#655385: "Cannot allocate memory" when doing "cat /proc/self/mountinfo" inside a vm
Ola Lundqvist wrote:
> Thanks. Yes, but in this case the advice is to use the available
> .rpm packages and alienize those to .deb.
Oh, dear. Shouldn't we add a NEWS file or something to let existing
users know the package in squeeze is not supported any more, then?
--
To UNSUBSCRIBE, email to debian-kernel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: http://lists.debian.org/20120629085129.GB3430@burratino
06-29-2012, 11:01 AM
Ola Lundqvist
Bug#655385: "Cannot allocate memory" when doing "cat /proc/self/mountinfo" inside a vm
Hi
vzctl and vzquota will still be supported. I will (very soon now)
upload a new version with instructions on how to install the .rpm
kernel and what to do there.
// Ola
Quoting Jonathan Nieder <jrnieder@gmail.com>:
Ola Lundqvist wrote:
Thanks. Yes, but in this case the advice is to use the available
.rpm packages and alienize those to .deb.
Oh, dear. Shouldn't we add a NEWS file or something to let existing
users know the package in squeeze is not supported any more, then?
--
To UNSUBSCRIBE, email to debian-kernel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20120629130153.40393auagj73d8g0@webmail.inguza.net ">http://lists.debian.org/20120629130153.40393auagj73d8g0@webmail.inguza.net
07-02-2012, 02:30 PM
Michael Renner
Bug#655385: "Cannot allocate memory" when doing "cat /proc/self/mountinfo" inside a vm
On Jun 28, 2012, at 7:18 , Ola Lundqvist wrote:
> I do not know if there is much point in that. We can do that of course
> but as we soon have a new release without those kernels I do not
> really see the benefit of doing so.
As long as the Debian Squeeze kernels are actively maintained serious regressions and/or security issues within OpenVZ should be addressed as well. I don't care about small functionality issues since most of the OpenVZ users are accustomed to them by now, but if something breaks this needs to be addressed.
If you don't do this, please drop the kernels altogether so that people can build an alternate repository and don't get led into the false assumption that Debian is taking care of them. The half-assed approach you propose is hurting more than it helps.
Rationale:
* The bug can lead to easy denial of service attacks from unprivileged users within containers
* The (unverified?) fix for this bug is a 4 line diff.
* Wheezy Puppet includes code that reads /proc/self/mountinfo causing puppet-managed Wheezy containers on Squeeze OpenVZ hosts to exhibit the DoS scenario outlined above.
all the best,
Michael
--
To UNSUBSCRIBE, email to debian-kernel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 5ED9BE0C-8985-421B-82D9-1F97316AB4E9@amd.co.at">http://lists.debian.org/5ED9BE0C-8985-421B-82D9-1F97316AB4E9@amd.co.at
07-10-2012, 02:58 PM
Benjamin Henrion
Bug#655385: "Cannot allocate memory" when doing "cat /proc/self/mountinfo" inside a vm
Michael Renner <michael.renner@amd.co.at> [120702]:
> On Jun 28, 2012, at 7:18 , Ola Lundqvist wrote:
>
> > I do not know if there is much point in that. We can do that of course
> > but as we soon have a new release without those kernels I do not
> > really see the benefit of doing so.
>
>
> As long as the Debian Squeeze kernels are actively maintained serious
> regressions and/or security issues within OpenVZ should be addressed
> as well. I don't care about small functionality issues since most of
> the OpenVZ users are accustomed to them by now, but if something
> breaks this needs to be addressed.
I am affected by that bug, as updatedb crashes inside a VZ:
> If you don't do this, please drop the kernels altogether so that
> people can build an alternate repository and don't get led into the
> false assumption that Debian is taking care of them. The half-assed
> approach you propose is hurting more than it helps.
>
>
> Rationale:
>
> * The bug can lead to easy denial of service attacks from unprivileged
> users within containers
> * The (unverified?) fix for this bug is a 4 line diff.
> * Wheezy Puppet includes code that reads /proc/self/mountinfo causing
> puppet-managed Wheezy containers on Squeeze OpenVZ hosts to exhibit
> the DoS scenario outlined above.
The patch is an attachment to the archives of the openvz users mailing list.
Can someone fix that?
--
Benjamin Henrion <bhenrion@ffii.org>
FFII Brussels - +32-484-566109 - +32-2-4148403
--
To UNSUBSCRIBE, email to debian-kernel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: http://lists.debian.org/20120710145848.GA25265@localhost
07-10-2012, 03:25 PM
Christoph Lechleitner
Bug#655385: "Cannot allocate memory" when doing "cat /proc/self/mountinfo" inside a vm
Am 2012-07-10 16:58, schrieb Benjamin Henrion:
> I am affected by that bug, as updatedb crashes inside a VZ:
>
> Can someone fix that?
Just to be sure, you did notice we from ITEG are providing binary
packages for now?
They are at
http://deb.clazzes.org/debian/pool/squeeze-contrib-1/
resp. available via the deb source
deb http://deb.clazzes.org/debian squeeze-contrib-1 main
See http://deb.clazzes.org for archive keys.
Everything is available via https: too.
Regards Christoph
--
To UNSUBSCRIBE, email to debian-kernel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 4FFC4962.4030106@iteg.at">http://lists.debian.org/4FFC4962.4030106@iteg.at
07-10-2012, 05:12 PM
Michael Renner
Bug#655385: "Cannot allocate memory" when doing "cat /proc/self/mountinfo" inside a vm
On Jul 10, 2012, at 17:25 , Christoph Lechleitner wrote:
> Am 2012-07-10 16:58, schrieb Benjamin Henrion:
>> I am affected by that bug, as updatedb crashes inside a VZ:
>>
>> Can someone fix that?
>
> Just to be sure, you did notice we from ITEG are providing binary
> packages for now?
Thanks - they work fine for me!
Ola, Jonathan: Could you please integrate the fix or at least comment on this? Thanks.
best,
Michael
--
To UNSUBSCRIBE, email to debian-kernel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: C0507225-6B45-47FA-93FE-5CD3991A3479@amd.co.at">http://lists.debian.org/C0507225-6B45-47FA-93FE-5CD3991A3479@amd.co.at
Bug#655385: "Cannot allocate memory" when doing "cat /proc/self/mountinfo" inside a vm
