RE: XSA-468: multiple Windows PV driver vulnerabilities - update now!

@Greg_E Are you moving straight from older Citrix drivers or from XCP-ng drivers? XenClean 9.0.9108 and newer should now keep static IP settings on execution.

Hello all,

Version 9.0.9108 of the new Windows PV drivers has been released.

This release adds improvements to XenClean (keeping static IP on uninstall) as well as better ballooning support.

To download XenClean, click here. The installer downloads also includes a copy of XenClean and XenBootFix. Remember to carefully read XenClean docs before use. You don't need testsign mode to run XenClean/XenBootFix!

Download the release here: https://github.com/xcp-ng/win-pv-drivers/releases/tag/v9.0.9108

Changes since 9.0.9065

• Fixes: XenClean and driver installer now save/restore static IP settings on uninstall.
• Fixes: Ballooned/DMC guests now shows the correct physical memory stats.
• Fixes: Ballooned/DMC guests now correctly apply their memory limits at boot.
• Minor fixes to Xenbus.
• Bump versions of Xenvif and Xennet.

Not a Xen issue.
This seems to be either a configuration issue (knowing /opt/xensource/libexec/xen-cmdline --get-dom0 may help) causing a issue in XAPI (@Team-XAPI-Network).

Maybe crashing in xapi/pciops.ml#L71-L80 or xapi/xapi_pci_helpers.ml#L179-L207.

@Niall-Con Thank you! I'll take a look to that and will ping you to test on real hardware. Just need to find time (in the middle of storm right now), so it'll take one or two weeks most probably.

Hello,

Yes, unfortunately this is a PCIe device and this is also a PCIe capability which is reported in PCI extended configuration space (offset 0x100) and not covered by standard PCI configuration access method. And visibly the driver NEEDS this cap to make the device work.

Actually there's a work in progress (very close to its end) which offers to HVM guests a QEMU emulated Q35 chipset (instead of currently emulated i440fx chipset). This chipset "provide" to guest (amongst other things) an emulated PCI-e bus, which is capable to host PCIe devices and also offers an access to PCI extended configuration space.

When this work is done we will be able to passthrough PCIe devices and provide access to guest to all PCIe caps, so normally no driver would complain about missing that.

AFIAK, "most common" PCIe caps are emulated in this future patchset, but it still will be possible that some of them are not (exotic ones).

For now, i ping @ThierryEscande to see if he can provide to you a beta version of this patches, to see if it solves your problem and if you're agree to do some tests by the same occasion

@bberndt Autoreboot works, but one issue is that you don't have policy-based control over when it reboots (unlike Windows Update). If that's important for you I'd recommend applying the guest agent+driver updates during a dedicated patch window, and setting the VMs to autoreboot only during that window.

I'd very much appreciate having people use the new XCP-ng drivers (which are stable & reliable despite the current lack of Microsoft signatures, and come with a few nice extras) but I get that it's not always possible. Without the necessary Microsoft hardware accounts it's hard to give a concrete timeline, but I'd like to believe it'll happen soon.

@bberndt

1. So there are 2 parts to be aware of:

• The PV I/O drivers which are pulled from/updated by Windows Update;
• The management agent which you get from XenServer. This has its own update platform that you can enable at install time.

Confusingly the XenServer management agent also has an option to install PV I/O drivers by itself without going through Windows Update at all. (This is why they state "Customers using Windows Update for I/O driver updates should not select this option)

2. I'm not sure what you mean by not getting updates? Even our unsigned drivers do get updates, bug fixes etc. and this will continue once a signed version comes out.
   For the final signed version, at the moment we're still waiting for authorization from Microsoft (they work extremely slowly and we've run into all sorts of problems with their developer program)

@andriy.sultanov Setting it above 16 immediately broke Windows for me.