Skip to main content


Xen Project 4.17.2

We are pleased to announce the release of Xen 4.17.2. This is available immediately from its git repository;a=shortlog;h=refs/heads/stable-4.17 (tag RELEASE-4.17.2) or from this download page

This release contains the following bug-fixes and improvements in the Xen Project hypervisor:

  • 322a20add0: Update Xen to version 4.17.2 [Andrew Cooper]
  • b9ade05cbb: x86/spec-ctrl: Mitigate Gather Data Sampling [Andrew Cooper]
  • 46a3c16f36: x86/spec-ctrl: Enumerations for Gather Data Sampling [Andrew Cooper]
  • bbf2235595: x86/cpu-policy: Hide CLWB by default on SKX/CLX/CPX [Andrew Cooper]
  • 24b37f9538: x86/spec-ctrl: Mitigate Speculative Return Stack Overflow [Andrew Cooper]
  • ecb2a3cea9: x86/spec-ctrl: Enumerations for Speculative Return Stack Overflow [Andrew Cooper]
  • c35a2dcd38: x86/spec-ctrl: Rework ibpb_calculations() [Andrew Cooper]
  • 4ff3b18cee: x86/cpu-policy: Advertise MSR_ARCH_CAPS to guests by default [Andrew Cooper]
  • a982b33e5a: libxl: allow building with old gcc again [Jan Beulich]
  • 6af594e098: libxl: avoid shadowing of index() [Jan Beulich]
  • 8df6cec384: libxl: add support for parsing MSR features [Roger Pau Monne]
  • 7374a8d770: libxl: use the cpuid feature names from cpufeatureset.h [Roger Pau Monne]
  • a27d2bfb5c: libxl: split logic to parse user provided CPUID features [Roger Pau Monne]
  • 48a0a355b0: libxl: introduce MSR data in libxl_cpuid_policy [Roger Pau Monne]
  • 79c9c82244: libxl: change the type of libxl_cpuid_policy_list [Roger Pau Monne]
  • 1a76ff3b66: libs/guest: introduce support for setting guest MSRs [Roger Pau Monne]
  • 73afd7df66: x86/cpu-policy: Derive RSBA/RRSBA for guest policies [Andrew Cooper]
  • ea19f259bb: x86/spec-ctrl: Fix up the RSBA/RRSBA bits as appropriate [Andrew Cooper]
  • d1e24450c6: x86/spec-ctrl: Rename retpoline_safe() to retpoline_calculations() [Andrew Cooper]
  • 6cd399059f: x86/spec-ctrl: Use a taint for CET without MSR_SPEC_CTRL [Andrew Cooper]
  • 8cc3a2069b: x86/spec-ctrl: Fix the rendering of FB_CLEAR [Andrew Cooper]
  • 63714f4905: x86/cpu-policy: Rearrange guest_common_default_feature_adjustments() [Andrew Cooper]
  • 84c7cd4f2b: x86/spec-ctrl: Update hardware hints [Andrew Cooper]
  • 8b3632cdda: x86/spec-ctrl: Remove opencoded MSR_ARCH_CAPS check [Andrew Cooper]
  • 55840b4f50: x86/tsx: Remove opencoded MSR_ARCH_CAPS check [Andrew Cooper]
  • 2aeaa7904d: x86/vtx: Remove opencoded MSR_ARCH_CAPS check [Andrew Cooper]
  • 95a3a8f738: x86/boot: Expose MSR_ARCH_CAPS data in guest max policies [Andrew Cooper]
  • 8d9df087e3: x86/boot: Record MSR_ARCH_CAPS for the Raw and Host CPU policy [Andrew Cooper]
  • c399b20810: x86/cpu-policy: MSR_ARCH_CAPS feature names [Andrew Cooper]
  • 86ac7f7477: x86/cpu-policy: Infrastructure for MSR_ARCH_CAPS [Andrew Cooper]
  • b997a9ac9f: x86/boot: Adjust MSR_ARCH_CAPS handling for the Host policy [Andrew Cooper]
  • 84734f2e2a: x86/boot: Rework dom0 feature configuration [Andrew Cooper]
  • d18c9ebccb: x86/cpuid: Calculate FEATURESET_NR_ENTRIES more helpfully [Andrew Cooper]
  • 04866f2fda: x86: Remove temporary {cpuid,msr}_policy defines [Andrew Cooper]
  • f2808b2c1c: libx86: Update library API for cpu_policy [Andrew Cooper]
  • b4de3bc9c1: tools/fuzz: Rework afl-policy-fuzzer [Andrew Cooper]
  • 803d9b467b: x86/emul: Switch x86_emulate_ctxt to cpu_policy [Andrew Cooper]
  • dd5f878145: x86/boot: Merge CPUID policy initialisation logic into cpu-policy.c [Andrew Cooper]
  • 1fbaca2721: x86/boot: Move MSR policy initialisation logic into cpu-policy.c [Andrew Cooper]
  • 3fb36d3f91: x86: Out-of-inline the policy<->featureset convertors [Andrew Cooper]
  • 70b3807429: x86: Drop struct old_cpu_policy [Andrew Cooper]
  • f7e83f312d: x86: Merge xc_cpu_policy's cpuid and msr objects [Andrew Cooper]
  • d11f78fdd2: x86: Merge a domain's {cpuid,msr} policy objects [Andrew Cooper]
  • 77a5a47a0e: x86: Merge the system {cpuid,msr} policy objects [Andrew Cooper]
  • 6452ec6693: x86: Merge struct msr_policy into struct cpu_policy [Andrew Cooper]
  • 0c3fd4cc26: x86: Rename struct cpuid_policy to struct cpu_policy [Andrew Cooper]
  • 1483a13c14: x86: Rename {domctl,sysctl}.cpu_policy.{cpuid,msr}_policy fields [Andrew Cooper]
  • a1a38581b6: x86: Rename struct cpu_policy to struct old_cpuid_policy [Andrew Cooper]
  • 8b76e103a3: x86/sysctl: Retrofit XEN_SYSCTL_cpu_featureset_{pv,hvm}_max [Andrew Cooper]
  • 8c6035b2a9: tools/xen-cpuid: Rework the handling of dynamic featuresets [Andrew Cooper]
  • 38306739f6: libs/vchan: Fix -Wsingle-bit-bitfield-constant-conversion [Andrew Cooper]
  • 61805922c7: subdom: Fix -Werror=address failure in tmp_emulator [Andrew Cooper]
  • 47ff4ab153: tools: drop bogus and obsolete ptyfuncs.m4 [Olaf Hering]
  • 0a62b16489: arm: Avoid using solaris syntax for .section directive [Khem Raj]
  • 8da1697e2c: amd: disable C6 after 1000 days on Zen2 [Roger Pau Monné]
  • 6c442499dc: tools/xenstore: fix XSA-417 patch [Juergen Gross]
  • b4a5a55e9c: x86: fix early boot output [Jan Beulich]
  • db8d48abd3: ocaml/libs/xc: Fix NULL dereference with physinfo_arch_caps() [Edwin Török]
  • 3d0aa6f23d: xen/arm: Add Cortex-A77 erratum 1508412 handling [Luca Fancellu]
  • c18b2dd93f: x86/amd: Fix DE_CFG truncation in amd_check_zenbleed() [Andrew Cooper]
  • 04f14792a6: automation: Increase RAM size [Michal Orzel]
  • 3141a0b85c: x86/amd: Mitigations for Zenbleed [Andrew Cooper]
  • 69611e5b3c: update qemuu tag [Jan Beulich]
  • ec4cf867d1: tools: Remove the use of K&R functions [Andrew Cooper]
  • 8f11b6e942: xen/x86: Remove the use of K&R functions [Andrew Cooper]
  • 71792ec9af: iommu/vtd: fix address translation for leaf entries [Roger Pau Monné]
  • d5d76fe0ab: iommu/amd-vi: fix checking for Invalidate All support in amd_iommu_resume() [Roger Pau Monné]
  • 6ecb20151e: x86/microcode: Add missing unlock in microcode_update_helper() [Alejandro Vallejo]
  • 32f3486f3f: vpci/header: cope with devices not having vpci allocated [Roger Pau Monné]
  • 0b4f9d1f31: tools: convert bitfields to unsigned type [Olaf Hering]
  • 47eb941230: pci: fix pci_get_pdev() to always account for the segment [Roger Pau Monné]
  • 8a13397211: sched/null: avoid crash after failed domU creation [Stewart Hildebrand]
  • ab079e523f: iommu/amd-vi: fix assert comparing boolean to enum [Roger Pau Monné]
  • 1ca795ae8a: docs/man: fix xenstore-write synopsis [Yann Dirson]
  • c260304a3b: ns16550: enable memory decoding on MMIO-based PCI console card [Marek Marczykowski-Górecki]
  • a91b946345: tools/libs/guest: assist gcc13's realloc analyzer [Olaf Hering]
  • d9dbd85adb: x86/mm: replace bogus assertion in paging_log_dirty_op() [Jan Beulich]
  • 28ac8a7880: xen/sysctl: fix XEN_SYSCTL_getdomaininfolist handling with XSM [Juergen Gross]
  • b4913988be: x86/msi: clear initial MSI-X state on boot [Marek Marczykowski-Górecki]
  • 823f56e2e8: x86/extable: hide use of negative offset from array start [Jan Beulich]
  • b773c48e36: update Xen version to 4.17.2-pre [Jan Beulich]
  • 66c930ceac: x86/amd: fix legacy setting of SSBD on AMD Family 17h [Roger Pau Monné]

This release also contains changes to qemu-upstream, whose changelogs we do not list here as it contains many changes that are not directly releated to the Xen Project Hypervisor and thus this release. However, you can check;a=shortlog (between tags qemu-xen-4.17.1 and qemu-xen-4.17.2).

This release, which includes source code for qemu-traditional and qemu-upstream, contains the following security fixes.

XSA Xen qemu-traditional qemu-upstream
XSA-431 Applied N/A N/A
XSA-432 N/A (Linux only) N/A N/A
XSA-433 Applied N/A N/A
XSA-434 Applied N/A N/A
XSA-435 Applied N/A N/A
XSA-436 Applied N/A N/A

See for details related to Xen Project security advisories.

We recommend all users of the 4.17 stable series to update to this latest point release.