Xen Project 4.15.5
We are pleased to announce the release of Xen 4.15.5. This is available immediately from its git repository
https://xenbits.xenproject.org/gitweb/?p=xen.git;a=shortlog;h=refs/heads/stable-4.15 (tag RELEASE-4.15.5) or from this download page
This release contains the following bug-fixes and improvements in the Xen Project hypervisor:
- da7f151a63: Update Xen to version 4.15.5 [Andrew Cooper]
- 1c5c12d3b3: x86/spec-ctrl: Mitigate Gather Data Sampling [Andrew Cooper]
- abdfd73286: x86/spec-ctrl: Enumerations for Gather Data Sampling [Andrew Cooper]
- dab61d18df: x86/cpu-policy: Hide CLWB by default on SKX/CLX/CPX [Andrew Cooper]
- b066b60cf0: x86/spec-ctrl: Mitigate Speculative Return Stack Overflow [Andrew Cooper]
- 30de2397d2: x86/spec-ctrl: Enumerations for Speculative Return Stack Overflow [Andrew Cooper]
- 42105f5435: x86/spec-ctrl: Rework ibpb_calculations() [Andrew Cooper]
- a91eebbd60: x86/cpu-policy: Advertise MSR_ARCH_CAPS to guests by default [Andrew Cooper]
- 8550519acc: libxl: allow building with old gcc again [Jan Beulich]
- a5c8d2b3a9: libxl: avoid shadowing of index() [Jan Beulich]
- d7895a7bde: libxl: add support for parsing MSR features [Roger Pau Monne]
- fcd4f8387f: libxl: use the cpuid feature names from cpufeatureset.h [Roger Pau Monne]
- bfcf0def25: libxl: split logic to parse user provided CPUID features [Roger Pau Monne]
- aaa97b4128: libxl: introduce MSR data in libxl_cpuid_policy [Roger Pau Monne]
- 748cb881d8: libxl: change the type of libxl_cpuid_policy_list [Roger Pau Monne]
- bec019cea6: libs/guest: introduce support for setting guest MSRs [Roger Pau Monne]
- 15107a80b2: libxl: don't ignore the return value from xc_cpuid_apply_policy [Roger Pau Monne]
- 6a90287045: x86/cpu-policy: Derive RSBA/RRSBA for guest policies [Andrew Cooper]
- 945db71023: x86/spec-ctrl: Fix up the RSBA/RRSBA bits as appropriate [Andrew Cooper]
- 78a4031ed9: x86/spec-ctrl: Rename retpoline_safe() to retpoline_calculations() [Andrew Cooper]
- 3ac6887c3e: x86/spec-ctrl: Use a taint for CET without MSR_SPEC_CTRL [Andrew Cooper]
- 43f362f6af: x86/spec-ctrl: Fix the rendering of FB_CLEAR [Andrew Cooper]
- ecbb75a6f8: x86/cpu-policy: Rearrange guest_common_default_feature_adjustments() [Andrew Cooper]
- daa4414aeb: x86/spec-ctrl: Update hardware hints [Andrew Cooper]
- ce01f8d153: x86/spec-ctrl: Remove opencoded MSR_ARCH_CAPS check [Andrew Cooper]
- 164d83f4e8: x86/tsx: Remove opencoded MSR_ARCH_CAPS check [Andrew Cooper]
- 290a645bfd: x86/vtx: Remove opencoded MSR_ARCH_CAPS check [Andrew Cooper]
- 541dfe378a: x86/boot: Expose MSR_ARCH_CAPS data in guest max policies [Andrew Cooper]
- 137800ea82: x86/boot: Record MSR_ARCH_CAPS for the Raw and Host CPU policy [Andrew Cooper]
- 31e95de559: x86/cpu-policy: MSR_ARCH_CAPS feature names [Andrew Cooper]
- 6993afc387: x86/cpu-policy: Infrastructure for MSR_ARCH_CAPS [Andrew Cooper]
- 5b0464b0c9: x86/boot: Adjust MSR_ARCH_CAPS handling for the Host policy [Andrew Cooper]
- d1043f381d: x86/boot: Rework dom0 feature configuration [Andrew Cooper]
- af9e2f87bc: x86: Remove temporary {cpuid,msr}_policy defines [Andrew Cooper]
- c68a43c3a2: libx86: Update library API for cpu_policy [Andrew Cooper]
- 3d7662aa2f: tools/fuzz: Rework afl-policy-fuzzer [Andrew Cooper]
- de3fd64b64: x86/emul: Switch x86_emulate_ctxt to cpu_policy [Andrew Cooper]
- dda1a3f13a: x86/boot: Merge CPUID policy initialisation logic into cpu-policy.c [Andrew Cooper]
- f274ccdc4f: x86/boot: Move MSR policy initialisation logic into cpu-policy.c [Andrew Cooper]
- 1d9db6d6a3: x86: Out-of-inline the policy<->featureset convertors [Andrew Cooper]
- 698827b874: x86: Drop struct old_cpu_policy [Andrew Cooper]
- af24f29e78: x86: Merge xc_cpu_policy's cpuid and msr objects [Andrew Cooper]
- ad3ee30bcb: x86: Merge a domain's {cpuid,msr} policy objects [Andrew Cooper]
- 48d296b57b: x86: Merge the system {cpuid,msr} policy objects [Andrew Cooper]
- cb24798cac: x86: Merge struct msr_policy into struct cpu_policy [Andrew Cooper]
- 8b5a89b503: x86: Rename struct cpuid_policy to struct cpu_policy [Andrew Cooper]
- 5a69f12533: x86: Rename {domctl,sysctl}.cpu_policy.{cpuid,msr}_policy fields [Andrew Cooper]
- 18bd78af8d: x86: Rename struct cpu_policy to struct old_cpuid_policy [Andrew Cooper]
- fc1497c51e: x86/sysctl: Retrofit XEN_SYSCTL_cpu_featureset_{pv,hvm}_max [Andrew Cooper]
- 186ece0292: tools/xen-cpuid: Rework the handling of dynamic featuresets [Andrew Cooper]
- 067a890347: x86/cpuid: Introduce dom0-cpuid command line option [Andrew Cooper]
- 054a7ee1e6: x86/cpuid: Factor common parsing out of parse_xen_cpuid() [Andrew Cooper]
- 11dd3480a8: x86/cpuid: Split dom0 handling out of init_domain_cpuid_policy() [Andrew Cooper]
- e1184eb922: x86/CPUID: move some static masks into .init [Jan Beulich]
- 2e1c9a210c: x86/cpuid: Drop special_features[] [Andrew Cooper]
- e3acf0ab00: x86/msr: Expose MSR_ARCH_CAPS in the raw and host policies [Andrew Cooper]
- 8bd381185b: x86/cpuid: Infrastructure for leaves 7:1{ecx,edx} [Andrew Cooper]
- 68cc80cff6: x86/cpuid: Calculate FEATURESET_NR_ENTRIES more helpfully [Andrew Cooper]
- 87eaa43b30: xen/arm: Add Cortex-A77 erratum 1508412 handling [Luca Fancellu]
- e05a0e65b0: x86/amd: Fix DE_CFG truncation in amd_check_zenbleed() [Andrew Cooper]
- faa4e2b1cf: x86/amd: Mitigations for Zenbleed [Andrew Cooper]
- 87cb0fd875: automation: Remove installation of packages from test scripts [Michal Orzel]
- 7963cdbf91: CI: Remove llvm-8 from the Debian Stretch container [Andrew Cooper]
- 7fa798d861: automation: Remove non-debug x86_32 build jobs [Anthony PERARD]
- c1367de50a: automation: Remove CentOS 7.2 containers and builds [Anthony PERARD]
- 8455998e32: CI: Drop automation/configs/ [Andrew Cooper]
- b11fc96b1e: bump default SeaBIOS version to 1.16.0 [Jan Beulich]
- b461db64b3: build: add –full to version.sh to guess $(XEN_FULLVERSION) [Anthony PERARD]
- e006948dd2: CI: Drop TravisCI [Andrew Cooper]
- 708b0d75e7: tools: Drop gettext as a build dependency [Andrew Cooper]
- 11193e13e5: x86/spec-ctrl: Defer CR4_PV32_RESTORE on the cstar_enter path [Andrew Cooper]
- fc7dfd9443: x86/HVM: serialize pinned cache attribute list manipulation [Jan Beulich]
- 887ba097cf: x86/HVM: bound number of pinned cache attribute regions [Jan Beulich]
- 3a0b7fb38a: x86/shadow: account for log-dirty mode when pre-allocating [Jan Beulich]
- fa875574b7: automation: Remove clang-8 from Debian unstable container [Anthony PERARD]
This release also contains changes to qemu-upstream, whose changelogs we do not list here as it contains many changes that are not directly releated to the Xen Project Hypervisor and thus this release. However, you can check https://xenbits.xenproject.org/gitweb/?p=qemu-xen.git;a=shortlog (between tags qemu-xen-4.15.4 and qemu-xen-4.15.5).
This release, which includes source code for qemu-traditional and qemu-upstream, contains the following security fixes.
XSA | Xen | qemu-traditional | qemu-upstream |
XSA-423 | N/A (Linux only) | N/A | N/A |
XSA-424 | N/A (Linux only) | N/A | N/A |
XSA-425 | N/A (Version not vulnerable) | N/A | N/A |
XSA-426 | N/A (Version not vulnerable) | N/A | N/A |
XSA-427 | Applied | N/A | N/A |
XSA-428 | Applied | N/A | N/A |
XSA-429 | Applied | N/A | N/A |
XSA-430 | N/A (Version not vulnerable) | N/A | N/A |
XSA-431 | N/A (Version not vulnerable) | N/A | N/A |
XSA-432 | N/A (Linux only) | N/A | N/A |
XSA-433 | Applied | N/A | N/A |
XSA-434 | Applied | N/A | N/A |
XSA-435 | Applied | N/A | N/A |
XSA-436 | Applied | N/A | N/A |
See https://xenbits.xenproject.org/xsa/ for details related to Xen Project security advisories.
We recommend all users of the 4.15 stable series to update to this latest point release.