Xen Project 4.17.3
We are pleased to announce the release of Xen 4.17.3. This is available immediately from its git repository
https://xenbits.xenproject.org/gitweb/?p=xen.git;a=shortlog;h=refs/heads/stable-4.17 (tag RELEASE-4.17.3) or from this download page
This release contains the following bug-fixes and improvements in the Xen Project hypervisor:
- 949a4aad41: update Xen version to 4.17.3 [Jan Beulich]
- 958706fd2e: xen/arm: page: Avoid pointer overflow on cache clean & invalidate [Michal Orzel]
- e2caee491a: xen/sched: fix sched_move_domain() [Juergen Gross]
- 4000522008: Only compile the hypervisor with -Wdeclaration-after-statement [Julien Grall]
- 83ae677d2a: x86/x2apic: introduce a mixed physical/cluster mode [Roger Pau Monné]
- 6eb98dda5c: xen/domain: fix error path in domain_create() [Stewart Hildebrand]
- 5d01aa7ad5: xen/sched: fix adding offline cpu to cpupool [Juergen Gross]
- 7d8bd64e11: x86emul: avoid triggering event related assertions [Jan Beulich]
- 4923450c0e: tools/xg: Fix potential memory leak in cpu policy getters/setters [Alejandro Vallejo]
- eac655d6be: xen/x86: In x2APIC mode, derive LDR from APIC ID [Alejandro Vallejo]
- e3c1ffb2a3: livepatch: do not use .livepatch.funcs section to store internal state [Roger Pau Monné]
- 32c3403e4c: x86/mem_sharing: Release domain if we are not able to enable memory sharing [Frediano Ziglio]
- e1f9cb16e2: xen/sched: fix sched_move_domain() [Juergen Gross]
- 28f44b603f: xen/grant: Fix build in PV_SHIM [Andrew Cooper]
- 0527bab090: x86/spec-ctrl: Add SRSO whitepaper URL [Andrew Cooper]
- c635c17fde: x86/i8259: do not assume interrupts always target CPU0 [Roger Pau Monné]
- d10db37b78: x86/x2apic: remove usage of ACPI_FADT_APIC_CLUSTER [Roger Pau Monné]
- 267ac3c592: x86/pv-shim: fix grant table operations for 32-bit guests [David Woodhouse]
- 4bd2c8c8b9: x86/mem_sharing: add missing m2p entry when mapping shared_info page [Tamas K Lengyel]
- 011d20a69c: docs: Fix IOMMU command line docs some more [Andrew Cooper]
- bb13e63143: x86: support data operand independent timing mode [Jan Beulich]
- 40685f9283: iommu/vt-d: fix SAGAW capability parsing [Roger Pau Monné]
- ee4ce01198: iommu: fix quarantine mode command line documentation [Roger Pau Monné]
- f6996645d2: x86/pvh: fix identity mapping of low 1MB [Roger Pau Monné]
- e1275e58c7: x86/amd: Address AMD erratum #1485 [Alejandro Vallejo]
- 1a94fc132a: x86: Add bit definitions for Automatic IBRS [Alejandro Vallejo]
- 7eb2a4eba1: tools/pygrub: Fix pygrub's –entry flag for python3 [Alejandro Vallejo]
- 65e1f3d289: cxenstored: wait until after reset to notify dom0less domains [George Dunlap]
- 6384cdf0c3: x86: Clarify that only 5 hypercall parameters are supported [Michal Orzel]
- 2e87f3a03a: docs/sphinx: Switch hypercall-abi.rst to named footnotes [Andrew Cooper]
- 4f43614a89: x86/amd: do not expose HWCR.TscFreqSel to guests [Roger Pau Monné]
- 0311ff4a2c: x86/spec-ctrl: Remove conditional IRQs-on-ness for INT $0x80/0x82 paths [Andrew Cooper]
- b7a1e10539: iommu/amd-vi: use correct level for quarantine domain page tables [Roger Pau Monne]
- 0b56bed864: x86/pv: Correct the auditing of guest breakpoint addresses [Andrew Cooper]
- 3f8b444072: x86/svm: Fix asymmetry with AMD DR MASK context switching [Andrew Cooper]
- 46d00dbf4c: libxl: limit bootloader execution in restricted mode [Roger Pau Monne]
- 42bf49d74b: libxl: add support for running bootloader in restricted mode [Roger Pau Monne]
- f5e211654e: tools/pygrub: Deprivilege pygrub [Alejandro Vallejo]
- 8ee19246ad: tools/libfsimage: Export a new function to preload all plugins [Alejandro Vallejo]
- 3797742067: tools/pygrub: Open the output files earlier [Alejandro Vallejo]
- e7059f16f7: tools/pygrub: Small refactors [Alejandro Vallejo]
- 8a584126ea: tools/pygrub: Remove unnecessary hypercall [Alejandro Vallejo]
- eb4efdac4c: libfsimage/xfs: Add compile-time check to libfsimage [Alejandro Vallejo]
- 78143c5336: libfsimage/xfs: Sanity-check the superblock during mounts [Alejandro Vallejo]
- f1cd620cc3: libfsimage/xfs: Amend mask32lo() to allow the value 32 [Alejandro Vallejo]
- d665c6690e: libfsimage/xfs: Remove dead code [Alejandro Vallejo]
- 0d8f9f7f27: iommu/amd-vi: flush IOMMU TLB when flushing the DTE [Roger Pau Monne]
- c4e05c97f5: tools/xenstored: domain_entry_fix(): Handle conflicting transaction [Julien Grall]
- 90c540c589: x86/shadow: defer releasing of PV's top-level shadow reference [Jan Beulich]
- 9ac2f49f5f: x86/spec-ctrl: Mitigate the Zen1 DIV leakage [Andrew Cooper]
- 19ee1e1faa: x86/amd: Introduce is_zen{1,2}_uarch() predicates [Andrew Cooper]
- 2e2c3efcfc: x86/spec-ctrl: Issue VERW during IST exit to Xen [Andrew Cooper]
- e4a71bc0da: x86/entry: Track the IST-ness of an entry for the exit paths [Andrew Cooper]
- 5f7efd47c8: x86/entry: Adjust restore_all_xen to hold stack_end in %r14 [Andrew Cooper]
- ba023e93d0: x86/spec-ctrl: Improve all SPEC_CTRL_{ENTER,EXIT}_* comments [Andrew Cooper]
- 3952c73bdb: x86/spec-ctrl: Turn the remaining SPEC_CTRL_{ENTRY,EXIT}_* into asm macros [Andrew Cooper]
- 84690fb82c: x86/spec-ctrl: Fold DO_SPEC_CTRL_EXIT_TO_XEN into it's single user [Andrew Cooper]
- dc28aba565: x86/spec-ctrl: Fix confusion between SPEC_CTRL_EXIT_TO_XEN{,_IST} [Andrew Cooper]
- d2d2dcae87: x86/AMD: extend Zenbleed check to models "good" ucode isn't known for [Jan Beulich]
- d31e5b2a9c: xen/arm: page: Handle cache flush of an element at the top of the address space [Stefano Stabellini]
- 699de51274: x86/irq: fix reporting of spurious i8259 interrupts [Roger Pau Monné]
- 8be85d8c0d: x86/vmx: Revert "x86/VMX: sanitize rIP before re-entering guest" [Andrew Cooper]
- a939e953cd: x86/svm: Fix valid condition in svm_get_pending_event() [Jinoh Kang]
- 7ca58fbef4: tboot: Disable CET at shutdown [Jason Andryuk]
- 0429822978: libxl: slightly correct JSON generation of CPU policy [Jan Beulich]
- ba360fbb64: build: correct gas –noexecstack check [Jan Beulich]
- 5116fe12d8: x86/iommu: pass full IO-APIC RTE for remapping table update [Roger Pau Monné]
- e08e7330c5: iommu/vtd: rename io_apic_read_remap_rte() local variable [Roger Pau Monné]
- 1bd4523d69: x86/ioapic: RTE modifications must use ioapic_write_entry [Roger Pau Monné]
- a885649098: x86/ioapic: add a raw field to RTE struct [Roger Pau Monné]
- d0cdd34dd8: x86/ioapic: sanitize IO-APIC pins before enabling lapic LVTERR/ESR [Roger Pau Monné]
- f04295dd80: xenalyze: Handle start-of-day ->RUNNING transitions [George Dunlap]
- e5f9987d5f: x86/head: check base address alignment [Roger Pau Monné]
- 7b5155a79e: xen/vcpu: ignore VCPU_SSHOTTMR_future [Roger Pau Monné]
- 052a8d24bc: tools/vchan: Fix -Wsingle-bit-bitfield-constant-conversion [Andrew Cooper]
- f00d563095: CI: Resync FreeBSD config with staging [Andrew Cooper]
- e418a77295: rombios: Remove the use of egrep [Andrew Cooper]
- 24487fec3b: rombios: Avoid using K&R function syntax [Andrew Cooper]
- ae1045c429: rombios: Work around GCC issue 99578 [Andrew Cooper]
- 37f1d68fa3: x86emul: rework wrapping of libc functions in test and fuzzing harnesses [Jan Beulich]
- 476d2624ec: Config.mk: evaluate XEN_COMPILE_ARCH and XEN_OS immediately [Anthony PERARD]
- a1f68fb567: build: evaluate XEN_BUILD_* and XEN_DOMAIN immediately [Anthony PERARD]
- 36e84ea02e: build: remove TARGET_ARCH, a duplicate of SRCARCH [Anthony PERARD]
- 56076ef445: build: remove TARGET_SUBARCH, a duplicate of ARCH [Anthony PERARD]
- 1c3927f8f6: build: define ARCH and SRCARCH later [Anthony PERARD]
- 8d84be5b55: libxl: Use XEN_LIB_DIR to store bootloader from pygrub [Anthony PERARD]
- 7d88979849: x86: fix build with old gcc after CPU policy changes [Jan Beulich]
- 2f337a04bf: update Xen version to 4.17.3-pre [Jan Beulich]
This release also contains changes to qemu-upstream, whose changelogs we do not list here as it contains many changes that are not directly releated to the Xen Project Hypervisor and thus this release. However, you can check https://xenbits.xenproject.org/gitweb/?p=qemu-xen.git;a=shortlog (between tags qemu-xen-4.17.2 and qemu-xen-4.17.3).
This release, which includes source code for qemu-traditional and qemu-upstream, contains the following security fixes.
XSA | Xen | qemu-traditional | qemu-upstream |
XSA-432 | N/A (Linux only) | N/A | N/A |
XSA-434 | N/A (in 4.17.2) | N/A | N/A |
XSA-435 | N/A (in 4.17.2) | N/A | N/A |
XSA-437 | Applied | N/A | N/A |
XSA-438 | Applied | N/A | N/A |
XSA-439 | N/A | N/A | |
XSA-440 | Applied | N/A | N/A |
XSA-441 | N/A (Linux only) | N/A | N/A |
XSA-442 | Applied | N/A | N/A |
XSA-443 | Applied | N/A | N/A |
XSA-444 | Applied | N/A | N/A |
XSA-445 | Applied | N/A | N/A |
XSA-446 | Applied | N/A | N/A |
XSA-447 | Applied | N/A | N/A |
See https://xenbits.xenproject.org/xsa/ for details related to Xen Project security advisories.
We recommend all users of the 4.17 stable series to update to this latest point release.