Skip to main content


Xen Project 4.14.5

We are pleased to announce the release of Xen 4.14.5. This is available immediately from its git repository;a=shortlog;h=refs/heads/stable-4.14 (tag RELEASE-4.14.5) or from this download page

This release contains the following bug-fixes and improvements in the Xen Project hypervisor:

  • 17848dfed4: update Xen version to 4.14.5 [Jan Beulich]
  • eeaf24cced: livepatch: avoid relocations referencing ignored section symbols [Roger Pau Monné]
  • 97258d8819: livepatch: do not ignore sections with 0 size [Roger Pau Monné]
  • 019e56a052: vPCI: replace %pp [Jan Beulich]
  • 9c4d3fbf1a: x86/cpuid: Clobber CPUID leaves 0x800000{1d..20} in policies [Andrew Cooper]
  • 140a95dd06: VT-d: avoid infinite recursion on domain_context_mapping_one() error path [Jan Beulich]
  • 78630ac4be: VT-d: avoid NULL deref on domain_context_mapping_one() error paths [Jan Beulich]
  • d3568578ba: VT-d: don’t needlessly look up DID [Jan Beulich]
  • d7b22226b5: tools/firmware: do not add a section [Roger Pau Monné]
  • 87faac2c5e: tools/firmware: force -fcf-protection=none [Roger Pau Monné]
  • 3f48134e31: libxl: Re-scope usage [Jason Andryuk]
  • 3486d599f7: libxl: Don’t segfault on soft-reset failure [Jason Andryuk]
  • 294d12c842: xl: Fix global pci options [Jason Andryuk]
  • 47188b2fdc: vpci/msix: fix PBA accesses [Roger Pau Monné]
  • a3b6ec391c: xz: validate the value before assigning it to an enum variable [Lasse Collin]
  • a220fe8768: xz: avoid overlapping memcpy() with invalid input with in-place decompression [Lasse Collin]
  • f21d287506: tools/libxl: don’t allow IOMMU usage with PoD [Roger Pau Monné]
  • a2f7300559: x86/console: process softirqs between warning prints [Roger Pau Monné]
  • cc06d95c41: x86emul: fix VPBLENDMW with mask and memory operand [Jan Beulich]
  • 8369474709: build: fix exported variable name CFLAGS_stack_boundary [Anthony PERARD]
  • a58f5fdc1b: tools/libs/light: set video_mem for PVH guests [Juergen Gross]
  • 67f52a2e2d: tools/libxl: Correctly align the ACPI tables [Kevin Stefanov]
  • 576d4697cd: update Xen version to 4.14.5-pre [Jan Beulich]
  • faed81ff39: IOMMU/x86: use per-device page tables for quarantining [Jan Beulich]
  • 3e4c94da53: AMD/IOMMU: abstract maximum number of page table levels [Jan Beulich]
  • bdea7e425c: IOMMU/x86: drop TLB flushes from quarantine_init() hooks [Jan Beulich]
  • 27b89fdd09: IOMMU/x86: maintain a per-device pseudo domain ID [Jan Beulich]
  • 77c1cb2ae4: VT-d: prepare for per-device quarantine page tables (part II) [Jan Beulich]
  • 680517b6e3: VT-d: prepare for per-device quarantine page tables (part I) [Jan Beulich]
  • 037d360f57: AMD/IOMMU: re-assign devices directly [Jan Beulich]
  • 8a9a21b1ad: VT-d: re-assign devices directly [Jan Beulich]
  • bff4c690b2: VT-d: drop ownership checking from domain_context_mapping_one() [Jan Beulich]
  • 419a09377d: VT-d: fix add/remove ordering when RMRRs are in use [Jan Beulich]
  • b382b7d2ff: VT-d: fix (de)assign ordering when RMRRs are in use [Jan Beulich]
  • 9d7046b644: VT-d: correct ordering of operations in cleanup_domid_map() [Jan Beulich]
  • abfa80967b: x86/hap: do not switch on log dirty for VRAM tracking [Roger Pau Monné]
  • 57cd4b1c52: livepatch: account for patch offset when applying NOP patch [Jan Beulich]
  • 1e595d9c2b: livepatch: resolve old address before function verification [Bjoern Doebel]
  • 10b09aa254: x86/cet: Remove XEN_SHSTK’s dependency on EXPERT [Andrew Cooper]
  • 72a75b9c2c: xen/x86: Livepatch: support patching CET-enhanced functions [Bjoern Doebel]
  • 6db6418770: x86/cet: Remove writeable mapping of the BSPs shadow stack [Andrew Cooper]
  • c843a3030b: x86/cet: Clear IST supervisor token busy bits on S3 resume [Andrew Cooper]
  • 37e594c58f: x86/kexec: Fix kexec-reboot with CET active [Andrew Cooper]
  • 631d8408bb: x86/spec-ctrl: Disable retpolines with CET-IBT [Andrew Cooper]
  • 1bb2a88f0c: x86/CET: Fix S3 resume with shadow stacks active [Andrew Cooper]
  • e56827aa68: x86: Enable CET Indirect Branch Tracking [Andrew Cooper]
  • cc080e630f: x86/EFI: Disable CET-IBT around Runtime Services calls [Andrew Cooper]
  • 9bdbbf1b46: x86/setup: Rework MSR_S_CET handling for CET-IBT [Andrew Cooper]
  • 3e010879f3: x86/entry: Make IDT entrypoints CET-IBT compatible [Andrew Cooper]
  • ae18093e20: x86/entry: Make syscall/sysenter entrypoints CET-IBT compatible [Andrew Cooper]
  • 56bf74df51: x86/emul: Update emulation stubs to be CET-IBT compatible [Andrew Cooper]
  • fbc882c026: x86: Introduce helpers/checks for endbr64 instructions [Andrew Cooper]
  • 334120359d: x86/traps: Rework write_stub_trampoline() to not hardcode the jmp [Andrew Cooper]
  • 5e7db069bd: x86/alternatives: Clear CR4.CET when clearing CR0.WP [Andrew Cooper]
  • 6c932a788c: x86/setup: Read CR4 earlier in __start_xen() [Andrew Cooper]
  • d220178b3c: x86: Introduce support for CET-IBT [Andrew Cooper]
  • ca304edd3b: x86/spec-ctrl: Cease using thunk=lfence on AMD [Andrew Cooper]
  • 7cebd77c80: xen/arm: Allow to discover and use SMCCC_ARCH_WORKAROUND_3 [Bertrand Marquis]
  • fc56dd212e: xen/arm: Add Spectre BHB handling [Rahul Singh]
  • ee4b53ae1b: xen/arm: Add ECBHB and CLEARBHB ID fields [Bertrand Marquis]
  • 6da7a845fb: xen/arm: move errata CSV2 check earlier [Bertrand Marquis]
  • 021466aa73: xen/arm: Introduce new Arm processors [Bertrand Marquis]
  • 496fb0be93: x86/spec-ctrl: Support Intel PSFD for guests [Andrew Cooper]
  • 90565c9e5d: x86/cpuid: Infrastructure for cpuid word 7:2.edx [Andrew Cooper]
  • 96e94760ae: x86/tsx: Cope with TSX deprecation on WHL-R/CFL-R [Andrew Cooper]
  • 366d442477: x86/tsx: Move has_rtm_always_abort to an outer scope [Andrew Cooper]
  • 89eede6122: x86/spec-ctrl: Clean up MSR_MCU_OPT_CTRL handling [Andrew Cooper]
  • 08ec8c11d6: x86/cpuid: Infrastructure for leaf 7:1.ebx [Jan Beulich]
  • 6af894521e: x86/cpuid: Disentangle logic for new feature leaves [Andrew Cooper]
  • f2eaa78606: x86/cpuid: Enable MSR_SPEC_CTRL in SVM guests by default [Andrew Cooper]
  • 29ea3b4540: x86/msr: AMD MSR_SPEC_CTRL infrastructure [Andrew Cooper]
  • 15bb12ed36: x86/svm: VMEntry/Exit logic for MSR_SPEC_CTRL [Andrew Cooper]
  • 6468c20920: x86/spec-ctrl: Use common MSR_SPEC_CTRL logic for AMD [Andrew Cooper]
  • 5170ac955b: x86/spec-ctrl: Record the last write to MSR_SPEC_CTRL [Andrew Cooper]
  • fc86553008: x86/spec-ctrl: Don’t use spec_ctrl_{enter,exit}_idle() for S3 [Andrew Cooper]
  • 1a52e3946d: x86/spec-ctrl: Introduce new has_spec_ctrl boolean [Andrew Cooper]
  • 35d0ea6726: x86/spec-ctrl: Drop use_spec_ctrl boolean [Andrew Cooper]
  • 92dc2dad83: x86/cpuid: Advertise SSB_NO to guests by default [Andrew Cooper]
  • ae0cdc8fac: x86/msr: Fix migration compatibility issue with MSR_SPEC_CTRL [Andrew Cooper]
  • 2c234462f3: x86/vmx: Drop spec_ctrl load in VMEntry path [Andrew Cooper]
  • 1a914256dc: x86/cpuid: support LFENCE always serialising CPUID bit [Roger Pau Monné]
  • 219542eab0: x86/amd: split LFENCE dispatch serializing setup logic into helper [Roger Pau Monné]

This release also contains changes to qemu-upstream, whose changelogs we do not list here as it contains many changes that are not directly releated to the Xen Project Hypervisor and thus this release. However, you can check;a=shortlog (between tags qemu-xen-4.14.4 and qemu-xen-4.14.5).

This release, which includes source code for qemu-traditional and qemu-upstream, contains the following security fixes.

XSA Xen qemu-traditional qemu-upstream
XSA-396 N/A (Linux only) N/A N/A
XSA-397 Applied N/A N/A
XSA-398 Applied N/A N/A
XSA-399 Applied N/A N/A
XSA-400 Applied N/A N/A

See for details related to Xen Project security advisories.

We recommend all users of the 4.14 stable series to update to this latest point release.