Downloads

Xen Project 4.12.1

We are pleased to announce the release of Xen 4.12.1. This is available immediately from its git repository 

https://xenbits.xenproject.org/gitweb/?p=xen.git;a=shortlog;h=refs/heads/stable-4.12 (tag RELEASE-4.12.1) or from this download page

This release contains the following bug-fixes and improvements in the Xen Project hypervisor:

  • ba62d9e360: update Xen version to 4.12.1 [Jan Beulich]
  • dcc0bf5dec: libxl: fix pci device re-assigning after domain reboot [Juergen Gross]
  • 604ee1116d: passthrough/vtd: Don’t DMA to the stack in queue_invalidate_wait() [Andrew Cooper]
  • 57a735da3c: x86/crash: fix kexec transition breakage [Igor Druzhinin]
  • 35c7fbdf67: AMD/IOMMU: process softirqs while dumping IRTs [Jan Beulich]
  • 491edac2cb: AMD/IOMMU: free more memory when cleaning up after error [Jan Beulich]
  • d7aeafe7c8: argo: suppress select logging messages [Nicholas Tsirakis]
  • 46262b87eb: argo: correctly report pending message length [Nicholas Tsirakis]
  • 478a0ecb1a: argo: warn sendv() caller when ring is full [Nicholas Tsirakis]
  • e5122c6c4a: x86/ctxt-switch: Document and improve GDT handling [Andrew Cooper]
  • 122f18afbe: x86: make loading of GDT at context switch more modular [Juergen Gross]
  • 78165d6191: x86/svm: Fix svm_vmcb_dump() when used in current context [Andrew Cooper]
  • d0a7bbe8de: x86/clear_page: Update clear_page_sse2() after dropping 32bit Xen [Andrew Cooper]
  • 125b038ac6: x86/altp2m: cleanup p2m_altp2m_lazy_copy [Tamas K Lengyel]
  • 31f1bab3fe: x86/boot: Don’t leak the module_map allocation in __start_xen() [Andrew Cooper]
  • 09e745bf8b: x86/hvm: Fix altp2m_op hypercall continuations [Andrew Cooper]
  • 3be3d9da40: x86/msr: Fix handling of MSR_AMD_PATCHLEVEL/MSR_IA32_UCODE_REV [Andrew Cooper]
  • 3d7177d270: x86/altp2m: treat view 0 as the hostp2m in p2m_get_mem_access() [Razvan Cojocaru]
  • 658cd63002: tools: re-sync CPUID leaf 7 tables [Jan Beulich]
  • f7f54f39ee: x86/xstate: Don’t special case feature collection [Andrew Cooper]
  • 7f2df4b622: x86/msi: fix loop termination condition in pci_msi_conf_write_intercept() [Paul Durrant]
  • a5680b1904: x86/vvmx: set CR4 before CR0 [Sergey Dyasli]
  • 675ccffbb2: x86/cpuid: leak OSXSAVE only when XSAVE is not clear in policy [Igor Druzhinin]
  • a0ab0db67e: x86/SMP: don’t try to stop already stopped CPUs [Jan Beulich]
  • 353ed67cd6: x86/AMD: limit C1E disable family range [Jan Beulich]
  • 3fa73d4acf: x86/AMD: correct certain Fam17 checks [Jan Beulich]
  • ec3d131d9d: x86/pv: Fix undefined behaviour in check_descriptor() [Andrew Cooper]
  • 4c3eb3a6ba: x86/irq: Fix undefined behaviour in irq_move_cleanup_interrupt() [Andrew Cooper]
  • 8b162b0ffc: x86/spec-ctrl: Knights Landing/Mill are retpoline-safe [Andrew Cooper]
  • 6922d07ada: x86/vhpet: avoid ‘small’ time diff test on resume [Paul Durrant]
  • f41dbf33e7: xen/arm: grant-table: Protect gnttab_clear_flag against guest misbehavior [Julien Grall]
  • f8c866a1a3: xen/arm: Add performance counters in guest atomic helpers [Julien Grall]
  • 497f924b20: xen: Use guest atomics helpers when modifying atomically guest memory [Julien Grall]
  • 0fdad3c474: xen/cmpxchg: Provide helper to safely modify guest memory atomically [Julien Grall]
  • 28d636da7f: xen/bitops: Provide helpers to safely modify guest memory atomically [Julien Grall]
  • 6fabde3aaf: xen/arm: Turn on SILO mode by default on Arm [Julien Grall]
  • ee4fc79513: xen/arm: cmpxchg: Provide a new helper that can timeout [Julien Grall]
  • 9d78383ab4: xen/arm: bitops: Implement a new set of helpers that can timeout [Julien Grall]
  • 4f13fc21c2: xen/arm32: cmpxchg: Simplify the cmpxchg implementation [Julien Grall]
  • 99934ee44d: xen/arm64: cmpxchg: Simplify the cmpxchg implementation [Julien Grall]
  • b44db0b3ba: xen/arm: bitops: Consolidate prototypes in one place [Julien Grall]
  • a18450caab: xen/arm32: bitops: Rewrite bitop helpers in C [Julien Grall]
  • 1625ff3ea8: xen/arm64: bitops: Rewrite bitop helpers in C [Julien Grall]
  • 1cc454114e: xen/grant_table: Rework the prototype of _set_status* for lisibility [Julien Grall]
  • af3c381ca4: xen/arm: Add an isb() before reading CNTPCT_EL0 to prevent re-ordering [Julien Grall]
  • ac839e956b: common: avoid atomic read-modify-write accesses in map_vcpu_info() [Jan Beulich]
  • 427a8bad4b: events: drop arch_evtchn_inject() [Jan Beulich]
  • 967627141b: libacpi: report PCI slots as enabled only for hotpluggable devices [Igor Druzhinin]
  • c6ac10c8c4: x86/IO-APIC: fix build with gcc9 [Jan Beulich]
  • a324e9c460: xen/sched: fix csched2_deinit_pdata() [Juergen Gross]
  • b89fe9fdbc: x86emul: add support for missing {,V}PMADDWD insns [Jan Beulich]
  • 1e6ab8e2d4: x86/IRQ: avoid UB (or worse) in trace_irq_mask() [Jan Beulich]
  • 69325e736d: x86/boot: Fix latent memory corruption with early_boot_opts_t [Andrew Cooper]
  • 136d10fe4d: x86/svm: Fix handling of ICEBP intercepts [Andrew Cooper]
  • 86a2e13cbe: drivers/video: drop framebuffer size constraints [Marek Marczykowski-Górecki]
  • 33f128df08: bitmap: fix bitmap_fill with zero-sized bitmap [Marek Marczykowski-Górecki]
  • 0f4974e5be: x86/vmx: correctly gather gs_shadow value for current vCPU [Tamas K Lengyel]
  • d0d1dfb481: x86/mtrr: recalculate P2M type for domains with iocaps [Igor Druzhinin]
  • b02bca1543: AMD/IOMMU: disable previously enabled IOMMUs upon init failure [Jan Beulich]
  • 0dcd945a67: trace: fix build with gcc9 [Jan Beulich]
  • b4f291b0ca: xl: handle PVH type in apply_global_affinity_masks again [Wei Liu]
  • c59579d831: tools/xl: use libxl_domain_info to get domain type for vcpu-pin [Igor Druzhinin]
  • 4ed6c8b95c: x86: fix build race when generating temporary object files [Jan Beulich]
  • fa9d5b8beb: VT-d: posted interrupts require interrupt remapping [Jan Beulich]
  • 8457c15b98: x86/vmx: Fixup removals of MSR load/save list entries [Igor Druzhinin]
  • 0bd5e03cb7: xen/timers: Fix memory leak with cpu unplug/plug [Andrew Cooper]
  • 8e18dca58a: x86emul: don’t read mask register on AVX512F-incapable platforms [Jan Beulich]
  • 9d2a3128dc: vm_event: fix XEN_VM_EVENT_RESUME domctl [Petre Pircalabu]
  • 11ffc5a3c5: x86emul: suppress general register update upon AVX gather failures [Jan Beulich]
  • b8ed146895: xen/sched: fix credit2 smt idle handling [Juergen Gross]
  • 714207b3fa: x86/spec-ctrl: Introduce options to control VERW flushing [Andrew Cooper]
  • 45d570e301: x86/spec-ctrl: Infrastructure to use VERW to flush pipeline buffers [Andrew Cooper]
  • 0a317c5162: x86/spec-ctrl: CPUID/MSR definitions for Microarchitectural Data Sampling [Andrew Cooper]
  • fe1ba9dea4: x86/spec-ctrl: Misc non-functional cleanup [Andrew Cooper]
  • 6d8f5e3521: x86/boot: Detect the firmware SMT setting correctly on Intel hardware [Andrew Cooper]
  • 944b400dc4: x86/msr: Definitions for MSR_INTEL_CORE_THREAD_COUNT [Andrew Cooper]
  • 143712dc2b: x86/spec-ctrl: Reposition the XPTI command line parsing logic [Andrew Cooper]
  • fd2a34c965: x86/spec-ctrl: Extend repoline safey calcuations for eIBRS and Atom parts [Andrew Cooper]
  • e25d1338e1: x86/msr: Shorten ARCH_CAPABILITIES_* constants [Andrew Cooper]
  • 7cf6fbc635: x86/hvm: finish IOREQs correctly on completion path [Igor Druzhinin]
  • 7f53be2ab5: x86/hvm: split all linear reads and writes at page boundary [Igor Druzhinin]
  • eb905217d1: x86/e820: fix build with gcc9 [Jan Beulich]
  • c75d5fe57f: x86/pv: Fix construction of 32bit dom0’s [Andrew Cooper]
  • e3a1ebee98: x86/tsx: Implement controls for RTM force-abort mode [Andrew Cooper]
  • 70d613d8b9: x86/vtd: Don’t include control register state in the table pointers [Andrew Cooper]
  • 8593e79d76: x86/HVM: don’t crash guest in hvmemul_find_mmio_cache() [Jan Beulich]
  • a6c708dc22: iommu: leave IOMMU enabled by default during kexec crash transition [Igor Druzhinin]
  • 36f04634ce: Arm/atomic: correct asm() constraints in build_add_sized() [Jan Beulich]
  • c4b1a75d7c: SUPPORT.md: Fix release notes link [Ian Jackson]
  • 18f6fb990c: xen/Makefile: Set version to 4.12.1-pre for stable branch [Ian Jackson]

In addition, this release contains no fixes to qemu-traditional. However, this release contains numerous changes to qemu-upstream, whose changelogs we do not list here as it contains many changes that are not directly releated to the Xen Project Hypervisor and thus this release. However, you can check https://xenbits.xenproject.org/gitweb/?p=qemu-xen.git;a=shortlog (between tags qemu-xen-4.12.0 and qemu-xen-4.12.1).

This release, which includes source code for qemu-traditional and qemu-upstream, contains the following security fixes. 

XSA Xen qemu-traditional qemu-upstream 
XSA-295 Applied
XSA-297 Applied
XSA-300 Linux only

See https://xenbits.xenproject.org/xsa/ for details related to Xen Project security advisories.

We recommend all users of the 4.12 stable series to update to this latest point release.