Skip to main content
search

Downloads

Xen Project 4.16.2

Xen Project 4.16.2

We are pleased to announce the release of Xen 4.16.2. This is available immediately from its git repository

https://xenbits.xenproject.org/gitweb/?p=xen.git;a=shortlog;h=refs/heads/stable-4.16 (tag RELEASE-4.16.2) or from this download page

This release contains the following bug-fixes and improvements in the Xen Project hypervisor:

  • cea5ed49bb: update Xen version to 4.16.2 [Jan Beulich]
  • 2abe83f9d9: PCI: simplify (and thus correct) pci_get_pdev{,_by_domain}() [Jan Beulich]
  • 3fd9a7d595: build/x86: suppress GNU ld 2.39 warning about RWX load segments [Jan Beulich]
  • 9123e60c0b: x86/amd: only call setup_force_cpu_cap for boot CPU [Ross Lagerwall]
  • 940fc00e02: x86/spec-ctrl: Enumeration for PBRSB_NO [Andrew Cooper]
  • e6a760b8b1: tools/libxl: Replace deprecated -sdl option on QEMU command line [Anthony PERARD]
  • 0f7eff5e03: xen/sched: setup dom0 vCPUs affinity only once [Dario Faggioli]
  • 2a362668cb: x86: Expose more MSR_ARCH_CAPS to hwdom [Jason Andryuk]
  • 4e351880f6: x86/spec-ctrl: Use IST RSB protection for !SVM systems [Andrew Cooper]
  • 48b6765174: xen: arm: Don't use stop_cpu() in halt_this_cpu() [Dmytro Semenets]
  • a0b823dca2: xen/arm: Advertise workaround 1 if we apply 3 [Bertrand Marquis]
  • 48e7440ec6: xen/arm: avoid overflow when setting vtimer in context switch [Jiamei Xie]
  • 3050769a17: arm/vgic-v3: fix virq offset in the rank when storing irouter [Hongda Deng]
  • 0d362e5ed3: xen/arm: head: Add missing isb after writing to SCTLR_EL2/HSCTLR [Julien Grall]
  • 6f65040081: xen/arm: traps: Fix reference to invalid erratum ID [Michal Orzel]
  • 048185188f: xen/arm: Avoid overflow using MIDR_IMPLEMENTOR_MASK [Michal Orzel]
  • fe02a5342d: xen/arm: p2m don't fall over on FEAT_LPA enabled hw [Alex Bennée]
  • 271e9e860b: arm/its: enable LPIs before mapping the collection table [Rahul Singh]
  • 89fe6d0ede: x86/msr: fix X2APIC_LAST [Edwin Török]
  • 6689cab2bc: tools/libxl: env variable to signal whether disk/nic backend is trusted [Roger Pau Monné]
  • d77bb6e537: common/memory: Fix ifdefs for ptdom_max_order [Luca Fancellu]
  • 5e3a9b45c7: x86: also suppress use of MMX insns [Jan Beulich]
  • a5361f912c: x86emul: add memory operand low bits checks for ENQCMD{,S} [Jan Beulich]
  • d09c4272de: x86: deal with gcc12 release build issues [Jan Beulich]
  • 9ab8e95d8f: x86/spec-ctrl: correct per-guest-type reporting of MD_CLEAR [Jan Beulich]
  • bfbcae445c: xl: move freemem()'s "credit expired" loop exit [Jan Beulich]
  • 6e542a835d: tools/init-xenstore-domain: fix memory map for PVH stubdom [Juergen Gross]
  • 6f814c377b: xl: relax freemem()'s retry calculation [Jan Beulich]
  • 221f6a97b5: x86/mm: correct TLB flush condition in _get_page_type() [Jan Beulich]
  • 0a5387a011: x86/spec-ctrl: Mitigate Branch Type Confusion when possible [Andrew Cooper]
  • 5457a6870e: x86/spec-ctrl: Enable Zen2 chickenbit [Andrew Cooper]
  • 0826c7596d: x86/cpuid: Enumeration for BTC_NO [Andrew Cooper]
  • 76c5fcee90: x86/spec-ctrl: Support IBPB-on-entry [Andrew Cooper]
  • 2a9e690a0a: x86/spec-ctrl: Rework SPEC_CTRL_ENTRY_FROM_INTR_IST [Andrew Cooper]
  • e7671561c8: x86/spec-ctrl: Rename opt_ibpb to opt_ibpb_ctxt_switch [Andrew Cooper]
  • 31aa2a20bf: x86/spec-ctrl: Rename SCF_ist_wrmsr to SCF_ist_sc_msr [Andrew Cooper]
  • 3a280cbae7: x86/spec-ctrl: Rework spec_ctrl_flags context switching [Andrew Cooper]
  • 744accad1b: libxl: check return value of libxl__xs_directory in name2bdf [Anthony PERARD]
  • 14fd97e3de: tools/helpers: fix build of xen-init-dom0 with -Werror [Anthony PERARD]
  • f066c8bb3e: x86/spec-ctrl: Add fine-grained cmdline suboptions for primitives [Andrew Cooper]
  • eec5b02403: xen/cmdline: Extend parse_boolean() to signal a name match [Andrew Cooper]
  • 61b9c2ceeb: x86/spec-ctrl: Honour spec-ctrl=0 for unpriv-mmio sub-option [Andrew Cooper]
  • cd3d6b4cd4: libxc: fix compilation error with gcc13 [Charles Arnold]
  • db6ca8176c: x86/spec-ctrl: Knobs for STIBP and PSFD, and follow hardware STIBP hint [Andrew Cooper]
  • 09d533f4c8: x86/spec-ctrl: Only adjust MSR_SPEC_CTRL for idle with legacy IBRS [Andrew Cooper]
  • 81ee3d0835: tools/xenstored: Harden corrupt() [Julien Grall]
  • 5cb8142076: ehci-dbgp: fix selecting n-th ehci controller [Marek Marczykowski-Górecki]
  • 460b08d6c6: IOMMU/x86: work around bogus gcc12 warning in hvm_gsi_eoi() [Jan Beulich]
  • 2e82446cb2: x86/spec-ctrl: Add spec-ctrl=unpriv-mmio [Andrew Cooper]
  • a83108736d: x86/spec-ctrl: Enumeration for MMIO Stale Data controls [Andrew Cooper]
  • 0e80f9f611: x86/spec-ctrl: Make VERW flushing runtime conditional [Andrew Cooper]
  • 0b4e62847c: x86/mm: account for PGT_pae_xen_l2 in recently added assertion [Jan Beulich]
  • dc020d8d1b: x86/pv: Track and flush non-coherent mappings of RAM [Andrew Cooper]
  • c4815be949: x86/amd: Work around CLFLUSH ordering on older parts [Andrew Cooper]
  • 8eafa2d871: x86: Split cache_flush() out of cache_writeback() [Andrew Cooper]
  • 74193f4292: x86: Don't change the cacheability of the directmap [Andrew Cooper]
  • 9cfd796ae0: x86/page: Introduce _PAGE_* constants for memory types [Andrew Cooper]
  • 8dab3f79b1: x86/pv: Fix ABAC cmpxchg() race in _get_page_type() [Andrew Cooper]
  • b152dfbc3a: x86/pv: Clean up _get_page_type() [Andrew Cooper]
  • 8e11ec8fbf: PCI: don't allow "pci-phantom=" to mark real devices as phantom functions [Jan Beulich]
  • f1be0b62a0: ns16550: use poll mode if INTERRUPT_LINE is 0xff [Marek Marczykowski-Górecki]
  • 1bc669a568: build: silence GNU ld warning about executable stacks [Jan Beulich]
  • 4890031d22: build: suppress GNU ld warning about RWX load segments [Jan Beulich]
  • 982a314bd3: xen: io: Fix race between sending an I/O and domain shutdown [Julien Grall]
  • 88b653f739: linker/lld: do not generate quoted section names [Roger Pau Monné]
  • 3754bd128d: kconfig: detect LD implementation [Roger Pau Monné]
  • 9ebe2ba836: x86/msr: handle reads to MSR_P5_MC_{ADDR,TYPE} [Roger Pau Monné]
  • 838f6c211f: IOMMU/x86: disallow device assignment to PoD guests [Jan Beulich]
  • 4cf9a7c7bd: IOMMU: make domctl handler tolerate NULL domain [Jan Beulich]
  • a6c32abd14: xen/iommu: cleanup iommu related domctl handling [Juergen Gross]
  • 15391de8e2: tools/libs/light: don't set errno to a negative value [Juergen Gross]
  • a2cf30eec0: tools/libs/guest: don't set errno to a negative value [Juergen Gross]
  • ba62afdbc3: tools/libs/ctrl: don't set errno to a negative value [Juergen Gross]
  • 13a29f3756: tools/libs/evtchn: don't set errno to negative values [Juergen Gross]
  • 4bb8c34ba4: xen/build: Fix dependency for the MAP rule [Andrew Cooper]
  • 7c003ab4a3: x86/mm: avoid inadvertently degrading a TLB flush to local only [David Vrabel]
  • b378ee56c7: VT-d: refuse to use IOMMU with reserved CAP.ND value [Jan Beulich]
  • 6c6bbfdff9: xen: fix XEN_DOMCTL_gdbsx_guestmemio crash [Juergen Gross]
  • b58fb6e81b: x86/irq: skip unmap_domain_pirq XSM during destruction [Jason Andryuk]
  • 5be9edb482: update Xen version to 4.16.2-pre [Jan Beulich]

This release also contains changes to qemu-upstream, whose changelogs we do not list here as it contains many changes that are not directly releated to the Xen Project Hypervisor and thus this release. However, you can check https://xenbits.xenproject.org/gitweb/?p=qemu-xen.git;a=shortlog (between tags qemu-xen-4.16.1 and qemu-xen-4.16.2).

This release, which includes source code for qemu-traditional and qemu-upstream, contains the following security fixes.

XSA Xen qemu-traditional qemu-upstream
XSA-401 Applied N/A N/A
XSA-402 Applied N/A N/A
XSA-403 Applied N/A N/A
XSA-404 Applied N/A N/A
XSA-405 N/A (Linux only) N/A N/A
XSA-406 N/A (Linux only) N/A N/A
XSA-407 Applied N/A N/A
XSA-408 Applied N/A N/A

See https://xenbits.xenproject.org/xsa/ for details related to Xen Project security advisories.

We recommend all users of the 4.16 stable series to update to this latest point release.

Close Menu