Skip to main content


Xen Project 4.13.4

We are pleased to announce the release of Xen 4.13.4. This is available immediately from its git repository;a=shortlog;h=refs/heads/stable-4.13 (tag RELEASE-4.13.4) or from this download page

This release contains the following bug-fixes and improvements in the Xen Project hypervisor:

  • 6e2fc128eb: update Xen version to 4.13.4 [Jan Beulich]
  • 065fff7af0: x86/PVH: Fix debug build following XSA-378 bugfix [Andrew Cooper]
  • 9c4b19c110: gnttab: deal with status frame mapping race [Jan Beulich]
  • a94d697376: x86/p2m-pt: fix p2m_flags_to_access() [Jan Beulich]
  • 3bac723597: x86/P2M: relax guarding of MMIO entries [Jan Beulich]
  • 8d8b4bde3e: x86/PVH: de-duplicate mappings for first Mb of Dom0 memory [Jan Beulich]
  • 5b853ec2c8: gnttab: avoid triggering assertion in radix_tree_ulong_to_ptr() [Jan Beulich]
  • dd29f4f496: Merge branch ‘staging-4.13’ of into staging-4.13 [Jan Beulich]
  • 523f3ca872: AMD/IOMMU: don’t leave page table mapped when unmapping … [Jan Beulich]
  • b335a5314f: tools/firmware/ovmf: Use OvmfXen platform file is exist [Anthony PERARD]
  • 6dda306223: xen/sched: fix get_cpu_idle_time() for smt=0 suspend/resume [Juergen Gross]
  • 3cdc7b6b35: libxl/x86: check return value of SHADOW_OP_SET_ALLOCATION domctl [Jan Beulich]
  • d1e1921736: VT-d: Tylersburg errata apply to further steppings [Jan Beulich]
  • 32d580902b: xen/arm: bootfdt: Always sort memory banks [Oleksandr Tyshchenko]
  • dd9785568f: credit2: avoid picking a spurious idle unit when caps are used [Dario Faggioli]
  • 41e8d5d47f: arm: Modify type of actlr to register_t [Michal Orzel]
  • 9d53da2e64: xen/lib: Fix strcmp() and strncmp() [Jane Malalane]
  • 27e08cb549: Arm32: MSR to SPSR needs qualification [Jan Beulich]
  • 331cfaeb7f: x86/hvm: Propagate real error information up through hvm_load() [Andrew Cooper]
  • f6f76903e3: xen/arm32: SPSR_hyp/SPSR [Stefano Stabellini]
  • bdb8480940: xen/arm: Restrict the amount of memory that dom0less domU and dom0 can allocate [Julien Grall]
  • 1f27fc448b: x86/tsx: Fix backport of “x86/cpuid: Rework HLE and RTM handling” [Andrew Cooper]
  • 985b3e50cd: gnttab: fix array capacity check in gnttab_get_status_frames() [Jan Beulich]
  • a7de7608da: tools/libxenstat: fix populating vbd.rd_sect [Richard Kojedzinszky]
  • 4d65fe936a: gnttab: replace mapkind() [Jan Beulich]
  • 1540a9a20d: x86/mem-sharing: ensure consistent lock order in get_two_gfns() [Jan Beulich]
  • 9d954c8c1a: gnttab: add preemption check to gnttab_release_mappings() [Jan Beulich]
  • 351c890c4a: IOMMU/PCI: don’t let domain cleanup continue when device de-assignment failed [Jan Beulich]
  • 53e797c042: x86/mm: widen locked region in xenmem_add_to_physmap_one() [Jan Beulich]
  • 3f3ebda3cc: VT-d: don’t lose errors when flushing TLBs on multiple IOMMUs [Jan Beulich]
  • 89d40f0682: x86/p2m: guard (in particular) identity mapping entries [Jan Beulich]
  • 7907ab8a4f: VT-d: clear_fault_bits() should clear all fault bits [Jan Beulich]
  • f762403ed3: x86/p2m: introduce p2m_is_special() [Jan Beulich]
  • ddb3edbc9f: VT-d: adjust domid map updating when unmapping context [Jan Beulich]
  • ebeb9ec0ad: AMD/IOMMU: re-arrange exclusion range and unity map recording [Jan Beulich]
  • e39050c566: VT-d: undo device mappings upon error [Jan Beulich]
  • 2357043846: AMD/IOMMU: re-arrange/complete re-assignment handling [Jan Beulich]
  • 235bfe81f8: libs/foreignmemory: Fix osdep_xenforeignmemory_map prototype [Anthony PERARD]
  • 18fe877620: IOMMU: generalize VT-d’s tracking of mapped RMRR regions [Jan Beulich]
  • 84bc28f8fa: x86/vpt: fully init timers before putting onto list [Jan Beulich]
  • 41200e052a: IOMMU: also pass p2m_access_t to p2m_get_iommu_flags() [Jan Beulich]
  • 9eece400c6: x86/cpuid: Fix HLE and RTM handling (again) [Andrew Cooper]
  • 0ed0cdd17f: AMD/IOMMU: correct device unity map handling [Jan Beulich]
  • 2c9da5f73c: xen: credit2: fix per-entity load tracking when continuing running [Dario Faggioli]
  • ecb4697c50: AMD/IOMMU: correct global exclusion range extending [Jan Beulich]
  • 5aacd077c4: credit2: make sure we pick a runnable unit from the runq if there is one [Dario Faggioli]
  • f50fbddbae: x86/p2m: don’t assert that the passed in MFN matches for a remove [Jan Beulich]
  • 64752a9bda: Un-shimmed 32-bit PV guests are no longer supported [George Dunlap]
  • 75bb9fe846: x86/p2m: don’t ignore p2m_remove_page()’s return value [Jan Beulich]
  • 948b7c859d: there’s no CONFIG_GCC_VERSION [Jan Beulich]
  • 4fa8b13aa6: x86/p2m: fix PoD accounting in guest_physmap_add_entry() [Jan Beulich]
  • 9bd6416528: x86/spec-ctrl: Mitigate TAA after S3 resume [Andrew Cooper]
  • 85dc71b610: x86: work around build issue with GNU ld 2.37 [Jan Beulich]
  • 97af34f9c3: x86/spec-ctrl: Protect against Speculative Code Store Bypass [Andrew Cooper]
  • f7993297b3: AMD/IOMMU: drop command completion timeout [Jan Beulich]
  • 0a3eb9bbc2: AMD/IOMMU: wait for command slot to be available [Jan Beulich]
  • d3d8a298f7: VT-d: eliminate flush related timeouts [Jan Beulich]
  • 83c0f6bbb2: AMD/IOMMU: size command buffer dynamically [Jan Beulich]
  • 9e3c8b1448: VT-d: size qinval queue dynamically [Jan Beulich]
  • def4352113: xen/arm: Boot modules should always be scrubbed if bootscrub={on, idle} [Julien Grall]
  • 95197d46f5: xen/arm: Create dom0less domUs earlier [Julien Grall]
  • ef8b2357d8: x86: fix build race when generating temporary object files (take 2) [Jan Beulich]
  • f17d848c4c: x86/cpuid: Rework HLE and RTM handling [Andrew Cooper]
  • fa5afbbc20: x86: make hypervisor build with gcc11 [Jan Beulich]
  • 4d544141eb: x86emul: fix test harness build for gas 2.36 [Jan Beulich]
  • 287f2292c3: x86/vhpet: fix RTC special casing [Roger Pau Monné]
  • e289ed6707: VT-d: Don’t assume register-based invalidation is always supported [Chao Gao]
  • 2841329389: Document speculative attacks status of non-shim 32-bit PV [Ian Jackson]
  • 33049e3ad9: x86/hpet: Don’t enable legacy replacement mode unconditionally [Jan Beulich]
  • 53f4ce9df0: x86/hpet: Factor hpet_enable_legacy_replacement_mode() out of hpet_setup() [Andrew Cooper]
  • 8113b02f0b: x86/vpt: do not take pt_migrate rwlock in some cases [Boris Ostrovsky]
  • 0e711a0935: fix for_each_cpu() again for NR_CPUS=1 [Jan Beulich]
  • 21e1ae3d2c: VT-d: restore flush hooks when disabling qinval [Jan Beulich]
  • 4352a49dcc: VT-d: re-order register restoring in vtd_resume() [Jan Beulich]
  • e93d278672: VT-d: leave FECTL write to vtd_resume() [Jan Beulich]
  • 231237c12b: VT-d: correct off-by-1 in number-of-IOMMUs check [Jan Beulich]
  • ca06bce94f: x86/timer: Fix boot on Intel systems using ITSSPRC static PIT clock gating [Andrew Cooper]
  • 5aef2c5958: x86emul: fix PINSRW and adjust other {,V}PINSR* [Jan Beulich]
  • 5de1558260: pci: cleanup MSI interrupts before removing device from IOMMU [Roger Pau Monné]
  • e3bcd4db25: update Xen version to 4.13.4-pre [Jan Beulich]

This release also contains changes to qemu-upstream, whose changelogs we do not list here as it contains many changes that are not directly releated to the Xen Project Hypervisor and thus this release. However, you can check;a=shortlog (between tags qemu-xen-4.13.3 and qemu-xen-4.13.4).

This release, which includes source code for qemu-traditional and qemu-upstream, contains the following security fixes.

XSA Xen qemu-traditional qemu-upstream
XSA-357 N/A (Unused Number) N/A N/A
XSA-370 N/A (Version not vulnerable) N/A N/A
XSA-371 N/A (Linux only) N/A N/A
XSA-372 Applied N/A N/A
XSA-373 Applied N/A N/A
XSA-374 N/A (Linux only) N/A N/A
XSA-375 Applied N/A N/A
XSA-377 Applied N/A N/A
XSA-378 Applied N/A N/A
XSA-379 Applied N/A N/A
XSA-380 Applied N/A N/A
XSA-382 Applied N/A N/A
XSA-383 Applied N/A N/A
XSA-384 Applied N/A N/A

See for details related to Xen Project security advisories.

We recommend all users of the 4.13 stable series to update to this latest point release.