Skip to main content

Downloads

Xen Project 4.17.1

We are pleased to announce the release of Xen 4.17.1. This is available immediately from its git repository

https://xenbits.xenproject.org/gitweb/?p=xen.git;a=shortlog;h=refs/heads/stable-4.17 (tag RELEASE-4.17.1) or from this download page

This release contains the following bug-fixes and improvements in the Xen Project hypervisor:

  • 0880df6f5f: update Xen version to 4.17.1 [Jan Beulich]
  • 8b5be1fe93: x86/shadow: restore dropped check in sh_unshadow_for_p2m_change() [Roger Pau Monné]
  • 208dd44299: automation: Remove installation of packages from test scripts [Michal Orzel]
  • aa80e0afaa: xen/ELF: Fix ELF32 PRI formatters [Andrew Cooper]
  • 55d24a7ad6: x86/livepatch: Fix livepatch application when CET is active [Andrew Cooper]
  • fa3b9c2aa8: x86/hvm: Disallow disabling paging in 64bit mode [Andrew Cooper]
  • c4b0556a55: x86emul: pull permission check ahead for REP INS/OUTS [Jan Beulich]
  • bc5ecfbbc2: tools/xenstore: fix quota check in transaction_fix_domains() [Juergen Gross]
  • e4a5fb9227: CI: Remove llvm-8 from the Debian Stretch container [Andrew Cooper]
  • 435a1e5e8f: automation: Remove non-debug x86_32 build jobs [Anthony PERARD]
  • 8c414bab30: automation: Remove CentOS 7.2 containers and builds [Anthony PERARD]
  • e3b23da4a1: automation: Switch arm32 cross builds to run on arm64 [Michal Orzel]
  • 4c0d792675: CI: Drop automation/configs/ [Andrew Cooper]
  • 7758cd57e0: ns16550: correct name/value pair parsing for PCI port/bridge [Jan Beulich]
  • 85100ed78c: vpci/msix: handle accesses adjacent to the MSI-X table [Roger Pau Monné]
  • 3506935824: include: don't mention stub headers more than once in a make rule [Jan Beulich]
  • 7f55774489: x86/ucode: Fix error paths control_thread_fn() [Andrew Cooper]
  • f6a3e93b37: x86/vmx: Don't spuriously crash the domain when INIT is received [Andrew Cooper]
  • 11c8ef59b9: x86/shadow: Fix build with no PG_log_dirty [Andrew Cooper]
  • 00aa5c93d1: x86/nospec: Fix evaluate_nospec() code generation under Clang [Andrew Cooper]
  • 6f2d89d681: x86/shadow: fix and improve sh_page_has_multiple_shadows() [Jan Beulich]
  • 33b1c8cd86: VT-d: fix iommu=no-igfx if the IOMMU scope contains fake device(s) [Marek Marczykowski-Górecki]
  • 3c85fb7b65: AMD/IOMMU: without XT, x2APIC needs to be forced into physical mode [Jan Beulich]
  • 3eac216e6e: libacpi: fix PCI hotplug AML [David Woodhouse]
  • 7082d656ae: bunzip: work around gcc13 warning [Jan Beulich]
  • f971f5c531: VT-d: constrain IGD check [Jan Beulich]
  • d84612ecab: x86/altp2m: help gcc13 to avoid it emitting a warning [Jan Beulich]
  • b5409f4e4d: core-parking: fix build with gcc12 and NR_CPUS=1 [Jan Beulich]
  • b4dad09bb2: x86/spec-ctrl: Add BHI controls to userspace components [Andrew Cooper]
  • 244d39fb13: tools/xenmon: Fix xenmon.py for with python3.x [Bernhard Kaindl]
  • 651ffe2c78: tools/python: change 's#' size type for Python >= 3.10 [Marek Marczykowski-Górecki]
  • b745ff3011: x86/vmx: implement Notify VM Exit [Roger Pau Monné]
  • 27abea1ba6: x86/vmx: introduce helper to set VMX_INTR_SHADOW_NMI [Roger Pau Monné]
  • 83f12e4eaf: x86/vmx: implement VMExit based guest Bus Lock detection [Roger Pau Monné]
  • a730e4d119: x86/spec-ctrl: Defer CR4_PV32_RESTORE on the cstar_enter path [Andrew Cooper]
  • a2a915b396: x86/HVM: serialize pinned cache attribute list manipulation [Jan Beulich]
  • d0cb66d59a: x86/HVM: bound number of pinned cache attribute regions [Jan Beulich]
  • f8f8f07880: x86/shadow: account for log-dirty mode when pre-allocating [Jan Beulich]
  • ec5b058d2a: x86/ucode/AMD: late load the patch on every logical thread [Sergey Dyasli]
  • fa8250f192: libs/guest: Fix leak on realloc failure in backup_ptes() [Edwin Török]
  • 01f85d835b: libs/guest: Fix resource leaks in xc_core_arch_map_p2m_tree_rw() [Andrew Cooper]
  • 53bd16bcc0: tools: Use PKG_CONFIG_FILE instead of PKG_CONFIG variable [Bertrand Marquis]
  • b10cf1561a: xen: Fix Clang -Wunicode diagnostic when building asm-macros [Andrew Cooper]
  • 837bdc6eb2: xen: Work around Clang-IAS macro \@ expansion bug [Andrew Cooper]
  • e8f28e129d: x86: perform mem_sharing teardown before paging teardown [Tamas K Lengyel]
  • e9a7942f6c: x86/ucode/AMD: apply the patch early on every logical thread [Sergey Dyasli]
  • 46c104cce0: build: make FILE symbol paths consistent [Ross Lagerwall]
  • 74b76704fd: credit2: respect credit2_runqueue=all when arranging runqueues [Marek Marczykowski-Górecki]
  • 8202b9cf84: x86/shskt: Disable CET-SS on parts susceptible to fractured updates [Andrew Cooper]
  • cdc23d47ad: x86/cpuid: Infrastructure for leaves 7:1{ecx,edx} [Andrew Cooper]
  • c622b8ace9: libs/util: Fix parallel build between flex/bison and CC rules [Anthony PERARD]
  • aaf74a532c: automation: Remove clang-8 from Debian unstable container [Anthony PERARD]
  • 3685e754e6: x86/spec-ctrl: Mitigate Cross-Thread Return Address Predictions [Andrew Cooper]
  • 587823eca1: tools/ocaml/libs: Fix memory/resource leaks with caml_alloc_custom() [Andrew Cooper]
  • bf935b1ff7: tools/ocaml/xc: Don't reference Abstract_Tag objects with the GC lock released [Andrew Cooper]
  • afdcc10856: tools/ocaml/xc: Fix binding for xc_domain_assign_device() [Edwin Török]
  • 021b82cc0c: tools/ocaml/evtchn: Don't reference Custom objects with the GC lock released [Edwin Török]
  • 5797b798a5: tools/ocaml/libs: Allocate the correct amount of memory for Abstract_tag [Andrew Cooper]
  • 2c21e1bee6: tools/ocaml/libs: Don't declare stubs as taking void [Edwin Török]
  • e74d868b48: tools/oxenstored: validate config file before live update [Edwin Török]
  • f0e653fb4a: tools/ocaml/xb: Drop Xs_ring.write [Edwin Török]
  • 7d516fc876: tools/ocaml/xb,mmap: Use Data_abstract_val wrapper [Edwin Török]
  • 5d8f9cfa16: tools/ocaml/xenctrl: Use larger chunksize in domain_getinfolist [Edwin Török]
  • 03f545b6cf: tools/ocaml/xenctrl: Make domain_getinfolist tail recursive [Edwin Török]
  • 3dae50283d: libxl: fix guest kexec – skip cpuid policy [Jason Andryuk]
  • d012788137: ns16550: fix an incorrect assignment to uart->io_size [Ayan Kumar Halder]
  • 819a5d4ed8: build: fix building flask headers before descending in flask/ss/ [Anthony PERARD]
  • 2d74e7035b: x86/shadow: fix PAE check for top-level table unshadowing [Jan Beulich]
  • e904d8ae01: x86/vmx: Support for CPUs without model-specific LBR [Andrew Cooper]
  • 5e3250258a: x86/vmx: Calculate model-specific LBRs once at start of day [Andrew Cooper]
  • c871e05e13: include/compat: produce stubs for headers not otherwise generated [Jan Beulich]
  • 1d7a388e7b: tools: Fix build with recent QEMU, use "–enable-trace-backends" [Anthony PERARD]
  • a470a83c36: x86/S3: Restore Xen's MSR_PAT value on S3 resume [Andrew Cooper]
  • 2f8851c37f: Revert "tools/xenstore: simplify loop handling connection I/O" [Jason Andryuk]
  • c4972a4272: tools/oxenstored: Render backtraces more nicely in Syslog [Andrew Cooper]
  • 91a9ac6e9b: tools/oxenstored/syslog: Avoid potential NULL dereference [Edwin Török]
  • e13a9a2146: tools/oxenstored: Set uncaught exception handler [Edwin Török]
  • 991b512f5f: tools/oxenstored: Log live update issues at warning level [Edwin Török]
  • f02171b663: tools/oxenstored: Keep /dev/xen/evtchn open across live update [Edwin Török]
  • 4b418768ef: tools/oxenstored: Rework Domain evtchn handling to use port_pair [Andrew Cooper]
  • a20daa7ffd: tools/oxenstored: Implement Domain.rebind_evtchn [Andrew Cooper]
  • fd0d9b0597: tools/oxenstored: Rename some 'port' variables to 'remote_port' [Andrew Cooper]
  • bc5cc00868: tools/oxenstored: Bind the DOM_EXC VIRQ in in Event.init() [Andrew Cooper]
  • 0929960173: tools/oxenstored: Style fixes to Domain [Andrew Cooper]
  • c7cf603836: tools/ocaml/evtchn: Extend the init() binding with a cloexec flag [Edwin Török]
  • 24d9dc2ae2: tools/ocaml/evtchn: Add binding for xenevtchn_fdopen() [Edwin Török]
  • d11528a993: tools/ocaml/evtchn: OCaml 5 support, fix potential resource leak [Edwin Török]
  • 2e8d7a08bc: tools/oxenstored: Fix incorrect scope after an if statement [Andrew Cooper]
  • a7a26da0b5: x86/time: prevent overflow with high frequency TSCs [Neowutran]
  • 1dcc9b6dfe: EFI: relocate the ESRT when booting via multiboot2 [Demi Marie Obenour]
  • c3e37c60fb: ioreq_broadcast(): accept partial broadcast success [Per Bilse]
  • 26f39b3d70: x86/HVM: don't mark evtchn upcall vector as pending when vLAPIC is disabled [Jan Beulich]
  • 5810edc049: x86/Viridian: don't mark IRQ vectors as pending when vLAPIC is disabled [Jan Beulich]
  • 54bb56e128: x86/HVM: don't mark external IRQs as pending when vLAPIC is disabled [Jan Beulich]
  • b7b34bd66a: x86/pvh: do not forward MADT Local APIC NMI structures to dom0 [Roger Pau Monné]
  • 9cbc04a95f: x86/irq: do not release irq until all cleanup is done [Roger Pau Monné]
  • 0b999fa2ea: update Xen version to 4.17.1-pre [Jan Beulich]

This release also contains changes to qemu-upstream, whose changelogs we do not list here as it contains many changes that are not directly releated to the Xen Project Hypervisor and thus this release. However, you can check https://xenbits.xenproject.org/gitweb/?p=qemu-xen.git;a=shortlog (between tags qemu-xen-4.17.0 and qemu-xen-4.17.1).

This release, which includes source code for qemu-traditional and qemu-upstream, contains the following security fixes.

XSA Xen qemu-traditional qemu-upstream
XSA-425 Applied N/A N/A
XSA-426 Applied N/A N/A
XSA-427 Applied N/A N/A
XSA-428 Applied N/A N/A
XSA-429 Applied N/A N/A
XSA-430 Applied N/A N/A

See https://xenbits.xenproject.org/xsa/ for details related to Xen Project security advisories.

We recommend all users of the 4.17 stable series to update to this latest point release.