Downloads

Xen Project 4.13.1

We are pleased to announce the release of Xen 4.13.1. This is available immediately from its git repository 

https://xenbits.xenproject.org/gitweb/?p=xen.git;a=shortlog;h=refs/heads/stable-4.13 (tag RELEASE-4.13.1) or from this download page

This release contains the following bug-fixes and improvements in the Xen Project hypervisor:

  • 6278553325: update Xen version to 4.13.1 [Jan Beulich]
  • 9649b83b2a: x86/ucode/intel: Writeback and invalidate caches before updating microcode [Ashok Raj]
  • 68a843a7b0: x86/traps: fix an off-by-one error [Hongyan Xia]
  • 905de40c30: x86/hvm: simplify hvm_physdev_op allowance control [Roger Pau Monné]
  • 71a9ffa433: x86emul: extend x86_insn_is_mem_write() coverage [Jan Beulich]
  • 70ed2d5f0d: x86/CPUID: correct error indicator for max extended leaf [Jan Beulich]
  • 6a1036e282: x86/pass-through: avoid double IRQ unbind during domain cleanup [Jan Beulich]
  • 8b6d4e234b: xen/grants: fix hypercall continuation for GNTTABOP_cache_flush [Juergen Gross]
  • d2aecd86c4: libxc/restore: Fix REC_TYPE_X86_PV_VCPU_XSAVE data auditing (take 2) [Andrew Cooper]
  • 19e6009e5f: tools/libxc: Fix HVM_PARAM_PAE_ENABLED handling in xc_cpuid_apply_policy() [Andrew Cooper]
  • 0e2bbcf8b4: libxc/restore: Fix data auditing in handle_x86_pv_vcpu_blob() [Andrew Cooper]
  • 5932ee1e06: libxc/restore: Fix data auditing in handle_x86_pv_info() [Andrew Cooper]
  • 7b2225078b: libxc/restore: Fix error message for unrecognised stream version [Andrew Cooper]
  • dc5176d0f9: tools/xenstore: fix a use after free problem in xenstored [Juergen Gross]
  • 48f4d695ee: libxl: Fix comment about dcs.sdss [Anthony PERARD]
  • 8b60270731: docs/misc: pvcalls: Verbatim block should be indented with 4 spaces [Julien Grall]
  • 93e762d1e2: tools/python: mismatch between pyxc_methods flags and PyObject definitions [YOUNG, MICHAEL A]
  • b9c93d4e17: docs: Render .md files using pandoc [Andrew Cooper]
  • 003300eed3: docs: document CONTROL command of xenstore protocol [Juergen Gross]
  • 5f3c215eb5: docs: add DIRECTORY_PART specification do xenstore protocol doc [Juergen Gross]
  • e04b94a54f: tools/xentop: Fix calculation of used memory [Sander Eikelenboom]
  • 35b80b2a01: build,xsm: fix multiple call [Anthony PERARD]
  • 85f86ab865: x86: validate VM assist value in arch_set_info_guest() [Jan Beulich]
  • 2e8d8edc1f: x86/HVM: expose VM assist hypercall [Jan Beulich]
  • 682d71ff85: x86: Enumeration for Control-flow Enforcement Technology [Andrew Cooper]
  • c8986e990c: x86/vtd: relax EPT page table sharing check [Roger Pau Monné]
  • 2169029b0e: sched: fix scheduler_disable() with core scheduling [Sergey Dyasli]
  • a319cbb307: sched/core: fix bug when moving a domain between cpupools [Jeff Kubascik]
  • a060e72626: hvmloader: enable MMIO and I/O decode, after all resource allocation [Harsha Shamsundara Havanur]
  • 9729b7eb22: x86/boot: Fix early exception handling with CONFIG_PERF_COUNTERS [Andrew Cooper]
  • d297fdf3d8: x86/EFI: also fill boot_tsc_stamp on the xen.efi boot path [Jan Beulich]
  • b66ce5058e: gnttab: fix GNTTABOP_copy continuation handling [Jan Beulich]
  • d91d4fe881: xen/gnttab: Fix error path in map_grant_ref() [Ross Lagerwall]
  • b6a2c42303: xen/rwlock: Add missing memory barrier in the unlock path of rwlock [Julien Grall]
  • ef922bda43: xenoprof: limit consumption of shared buffer data [Jan Beulich]
  • 65b16f3d21: xenoprof: clear buffer intended to be shared with guests [Jan Beulich]
  • 736da59cbe: xen/arm: Sign extend TimerValue when computing the CompareValue [Jeff Kubascik]
  • 460003ef28: xen/arm: remove physical timer offset [Jeff Kubascik]
  • 2e05b8ac6b: xen/arm: during efi boot, improve the check for usable memory [Stefano Stabellini]
  • c0dad816c6: xen/arm: initialize vpl011 flag register [Jeff Kubascik]
  • 436c54e1d2: xen/arm: Handle unimplemented VGICv3 registers as RAZ/WI [Jeff Kubascik]
  • 181614a710: AMD/IOMMU: fix off-by-one in amd_iommu_get_paging_mode() callers [Jan Beulich]
  • 04497b354f: credit2: fix credit reset happening too few times [Dario Faggioli]
  • ad5e611d04: credit2: avoid vCPUs to ever reach lower credits than idle [Dario Faggioli]
  • b3e08a6657: x86/ucode/amd: Fix more potential buffer overruns with microcode parsing [Andrew Cooper]
  • 71b7eadb0b: x86/dom0: fix copy of low 1MB data for PVH [Roger Pau Monné]
  • d5be08064a: x86/HVM: fix AMD ECS handling for Fam10 [Jan Beulich]
  • c7a1e588d8: x86/ucode/amd: Fix potential buffer overrun with equiv table handling [Andrew Cooper]
  • 18d9129f44: libx86/CPUID: fix (not just) leaf 7 processing [Jan Beulich]
  • 16670ad459: SVM: Add union intstat_t for offset 68h in vmcb struct [Pu Wen]
  • 69c8307da2: x86/ucode: Fix error paths in apply_microcode() [Andrew Cooper]
  • e5195730f1: x86/ucode/amd: Fix assertion in compare_patch() [Andrew Cooper]
  • 680356ed13: sched: fix cpu offlining with core scheduling [Juergen Gross]
  • 6a5ebbb1fc: sched: fix onlining cpu with core scheduling active [Juergen Gross]
  • e9fdf6a455: x86/shim: fix ballooning up the guest [Igor Druzhinin]
  • ac75ea8b67: iommu: fix check for autotranslated hardware domain [Roger Pau Monné]
  • a99de9de81: x86/dom0: improve PVH initrd and metadata placement [Roger Pau Monné]
  • e1e24c5e55: sched: fix error path in cpupool_unassign_cpu_start() [Juergen Gross]
  • 0d16bb7e6a: xen: do live patching only from main idle loop [Juergen Gross]
  • 07ac8a9790: xen: make sure stop_machine_run() is always called in a tasklet [Juergen Gross]
  • 431ddeb205: x86/vPMU: don’t blindly assume IA32_PERF_CAPABILITIES MSR exists [Jan Beulich]
  • 5e10699649: x86/amd: Avoid cpu_has_hypervisor evaluating true on native hardware [Andrew Cooper]
  • 655897c949: x86/time: update vtsc_last with cmpxchg and drop vtsc_lock [Igor Druzhinin]
  • a8fbb0f1a3: x86: do not enable global pages when virtualized on AMD or Hygon hardware [Roger Pau Monné]
  • d3f3e44767: x86/msr: Virtualise MSR_PLATFORM_ID properly [Andrew Cooper]
  • 1bfc29fbda: x86: “spec-ctrl=no-xen” should also disable branch hardening [Jan Beulich]
  • 86f0b73bc9: sched: fix get_cpu_idle_time() with core scheduling [Juergen Gross]
  • 994ff5160d: VT-d: check all of an RMRR for being E820-reserved [Jan Beulich]
  • c7409f8e85: x86/time: report correct frequency of Xen PV clocksource [Igor Druzhinin]
  • fbb17c4075: x86/shim: suspend and resume platform time correctly [Igor Druzhinin]
  • 80dd5038aa: x86/smp: reset x2apic_enabled in smp_send_stop() [David Woodhouse]
  • e6854fe547: xen/pvh: Fix segment selector ABI [Andrew Cooper]
  • 9e779d1865: xmalloc: guard against integer overflow [Jan Beulich]
  • 0518c168ee: EFI: don’t leak heap contents through XEN_EFI_get_next_variable_name [Jan Beulich]
  • ef5961d010: EFI: re-check {get,set}-variable name strings after copying in [Jan Beulich]
  • 1482807605: xen/x86: domctl: Don’t leak data via XEN_DOMCTL_gethvmcontext [Julien Grall]
  • 8a717bd998: x86/HVM: relinquish resources also from hvm_domain_destroy() [Jan Beulich]
  • c0d0b4ee2b: x86/suspend: disable watchdog before calling console_start_sync() [Igor Druzhinin]
  • c080e5b43d: x86/apic: fix disabling LVT0 in disconnect_bsp_APIC [Roger Pau Monné]
  • 7f11b1c775: VT-d: don’t pass bridge devices to domain_context_mapping_one() [Jan Beulich]
  • 95d43cdf6e: build: fix dependency file generation with ENFORCE_UNIQUE_SYMBOLS=y [Jan Beulich]
  • 328dd238da: x86/sm{e, a}p: do not enable SMEP/SMAP in PV shim by default on AMD [Igor Druzhinin]
  • e312149348: x86/time: update TSC stamp on restore from deep C-state [Igor Druzhinin]
  • 659efd4fed: IRQ: u16 is too narrow for an event channel number [Jan Beulich]
  • 721f2c323c: x86: clear per cpu stub page information in cpu_smpboot_free() [Juergen Gross]
  • 3baeeedc9f: sched: fix resuming from S3 with smt=0 [Juergen Gross]
  • 01acc256eb: x86/tlbflush: do not toggle the PGE CR4 bit unless necessary [Roger Pau Monné]
  • fe0496eab8: x86: avoid HPET use on certain Intel platforms [Jan Beulich]
  • 55ca8abe77: gnttab: make sure grant map operations don’t skip their IOMMU part [Jan Beulich]
  • cb071e4719: xen/x86: vpmu: Unmap per-vCPU PMU page when the domain is destroyed [Julien Grall]
  • efb9c68244: xen/arm: Place a speculation barrier sequence following an eret instruction [Julien Grall]
  • 6a10d046b0: README: Fix slightly botched ascii-art [Ian Jackson]
  • 492be8e897: MAINTAINERS: Add stable branch maintainer info [Ian Jackson]
  • c1264bf801: xen/Makefile: Bump version for ongoing 4.13 branch [Ian Jackson]

In addition, this release also contains the following fixes to qemu-traditional:

This release also contains changes to qemu-upstream, whose changelogs we do not list here as it contains many changes that are not directly releated to the Xen Project Hypervisor and thus this release. However, you can check https://xenbits.xenproject.org/gitweb/?p=qemu-xen.git;a=shortlog (between tags qemu-xen-4.13.0 and qemu-xen-4.13.1).

This release, which includes source code for qemu-traditional and qemu-upstream, contains the following security fixes. 

XSA Xen qemu-traditional qemu-upstream 
XSA-312 Applied N/A N/A
XSA-313 Applied N/A N/A
XSA-314 Applied N/A N/A
XSA-315 Advisory only
XSA-316 Applied N/A N/A
XSA-318 Applied N/A N/A

See https://xenbits.xenproject.org/xsa/ for details related to Xen Project security advisories.

We recommend all users of the 4.13 stable series to update to this latest point release.