804981 – when installing from livecd, non-PAE kernel is used even on PAE enabled system

Bug 804981 - when installing from livecd, non-PAE kernel is used even on PAE enabled system

Summary: when installing from livecd, non-PAE kernel is used even on PAE enabled system

Keywords:
Status:	CLOSED WONTFIX
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	anaconda
Sub Component:
Version:	16
Hardware:	i686
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Assignee:	Anaconda Maintenance Team
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2012-03-20 11:30 UTC by Petr Matousek
Modified:	2013-02-14 02:31 UTC (History)
CC List:	6 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2013-02-14 02:31:05 UTC
Type:	---
Dependent Products:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Petr Matousek 2012-03-20 11:30:11 UTC

Description of problem:

When installing from 32-bit livecd, non-PAE kernel is used even on systems that do support PAE. Because harware NX on x86 needs PAE, this effectively disables harware NX support and fallbacks to emulated NX (ExecShield), which is not optimal. Because the default download option is livecd (and i686), this potentially affects a lot of Fedora users.

When installing from DVD (non-live media), Anaconda detects if processor supports PAE and installs PAE kernel if it does.

Version-Release number of selected component (if applicable):

all Fedora releases

How reproducible:

Install Fedora from livecd.

Actual results:

non-PAE kernel is installed even on systems that do support PAE feature.


Expected results:

PAE kernel is installed on systems that do support PAE feature.

Comment 1 Chris Lumens 2012-03-20 12:54:25 UTC

The problem here is that the live installer does not work on a per-package basis.  It takes a single image and blasts it onto the hard drive.  There's no provisions for adding or removing packages.  Thus, we have to use the lowest common denominator kernel here.  It's certainly not an ideal situation at all but given the design of the live installer, there's not really anything we can do.

Comment 2 Petr Matousek 2012-03-20 13:33:06 UTC

(In reply to comment #1)
> The problem here is that the live installer does not work on a per-package
> basis.  It takes a single image and blasts it onto the hard drive.  There's no
> provisions for adding or removing packages.  Thus, we have to use the lowest
> common denominator kernel here.  It's certainly not an ideal situation at all
> but given the design of the live installer, there's not really anything we can
> do.

Aren't there any post-installation steps? Can't we add one more that is invoked on systems with PAE support that will either a) automatically do "yum install kernel-PAE" if there is networking connection and/or b) display a message that users are advised to install kernel-PAE whenever it is suitable for them because not using PAE kernel might have security consequences?

Comment 4 Eugene Teo (Security Response) 2012-03-26 07:18:15 UTC

Chris?

Comment 5 Fedora End Of Life 2013-02-14 02:31:09 UTC

Fedora 16 changed to end-of-life (EOL) status on 2013-02-12. Fedora 16 is 
no longer maintained, which means that it will not receive any further 
security or bug fix updates. As a result we are closing this bug.

If you can reproduce this bug against a currently maintained version of 
Fedora please feel free to reopen this bug against that version.

Thank you for reporting this bug and we are sorry it could not be fixed.

Note You need to log in before you can comment on or make changes to this bug.