Skip to main content


Xen Project 4.6.4

We are pleased to announce the release of Xen 4.6.4. This is available immediately from its git repository;a=shortlog;h=refs/heads/stable-4.6 (tag RELEASE-4.6.4) or from this download page
This release contains the following bug-fixes and improvements in the Xen Project hypervisor:

  • fa062b2: update Xen version to 4.6.4 [Jan Beulich]
  • 03da413: vscsiif.h: replace PAGE_SIZE with VSCSIIF_PAGE_SIZE [Stefano Stabellini]
  • b7b9911: usbif.h: replace PAGE_SIZE with USBIF_RING_SIZE [Stefano Stabellini]
  • d60a422: x86/Viridian: don’t depend on undefined register state [Jan Beulich]
  • d2b7b92: x86emul: fix pushing of selector registers [Jan Beulich]
  • cadd37e: x86/hvm: Clobber %cs.L when LME becomes set [Andrew Cooper]
  • ebc5d6e: xen/trace: Fix trace metadata page count calculation (revert fbf96e6) [George Dunlap]
  • ce904f6: x86: defer not-present segment checks [Jan Beulich]
  • 92848cf: xen: credit1: return the ‘time remaining to the limit’ as next timeslice. [Dario Faggioli]
  • 4b41252: x86emul: honor guest CR0.TS and CR0.EM [Jan Beulich]
  • ef005cc: x86/AMD: apply erratum 665 workaround [Emanuel Czirai]
  • e6f8bfb: x86emul: don’t allow null selector for LTR [Jan Beulich]
  • a4badfa: x86emul: correct loading of %ss [Jan Beulich]
  • d75fe0d: x86/Intel: hide CPUID faulting capability from guests [Jan Beulich]
  • 223835f: xen: credit2: properly schedule migration of a running vcpu. [Dario Faggioli]
  • 4511619: xen: credit1: fix mask to be used for tickling in Credit1 [Dario Faggioli]
  • 8861999: x86/domctl: Fix TOCTOU race with the use of XEN_DOMCTL_getvcpuextstate [Andrew Cooper]
  • 245fa11: QEMU_TAG update [Ian Jackson]
  • 57dbc55: libxl: do not assume Dom0 backend while getting nic info [Marek Marczykowski-Górecki]
  • cc977b7: tools/migrate: Prevent PTE truncation from being fatal duing the live phase [Andrew Cooper]
  • 3cffa34: Revert “x86/hvm: Perform a user instruction fetch for a FEP in userspace” [Jan Beulich]
  • 6b5bb50: x86/segment: Bounds check accesses to emulation ctxt->seg_reg[] [Andrew Cooper]
  • c3b06b0: x86/hvm: Perform a user instruction fetch for a FEP in userspace [Andrew Cooper]
  • 7c86320: hvm/fep: Allow testing of instructions crossing the -1 -> 0 virtual boundary [Andrew Cooper]
  • 9d819be: VMX: correct feature checks for MPX [Jan Beulich]
  • 26352b6: x86/shadow: Avoid overflowing sh_ctxt->seg_reg[] [Andrew Cooper]
  • be8c32a: x86/emulate: Correct boundary interactions of emulated instructions [Andrew Cooper]
  • f984f6e: x86/32on64: don’t allow recursive page tables from L3 [Jan Beulich]
  • 4627e5e: memory: fix compat handling of XENMEM_access_op [Jan Beulich]
  • 1663655: x86/PV: make PMU MSR handling consistent [Jan Beulich]
  • 5bb458b: credit1: fix a race when picking initial pCPU for a vCPU [Dario Faggioli]
  • 40592ed: x86/32on64: misc adjustments to call gate emulation [Jan Beulich]
  • 0d9c05d: xen: Remove buggy initial placement algorithm [George Dunlap]
  • a149a6e: xen: Have schedulers revise initial placement [George Dunlap]
  • 4260eef: sched: better handle (not) inserting idle vCPUs in runqueues [Dario Faggioli]
  • a00a0f9: xen/physmap: Do not permit a guest to populate PoD pages for itself [Andrew Cooper]
  • 4f78b27: page-alloc/x86: don’t restrict DMA heap to node 0 [Jan Beulich]
  • e06d2ba: libxl: return any serial tty path in libxl_console_get_tty [Bob Liu]
  • 0e94436: tools/libxc: Properly increment ApicIdCoreSize field on AMD [Boris Ostrovsky]
  • 77a9be9: libxenstat: honour XEN_RUN_DIR [Wei Liu]
  • 29e5892: libxenvchan: Change license of header from Lesser GPL v2.1 to BSD [Konrad Rzeszutek Wilk]
  • f8972b4: xl: correct xl cpupool-numa-split with vcpu limited dom0 [Juergen Gross]
  • 2c11229: configure: Fix when no libsystemd compat lib are available [Anthony PERARD]
  • 55292d3: update Xen version to 4.6.4-pre [Jan Beulich]
  • 83dff39: Revert “xen: Have schedulers revise initial placement” [Jan Beulich]
  • 4282362: Revert “xen: Remove buggy initial placement algorithm” [Jan Beulich]
  • ff49c27: x86/mmcfg: Fix initalisation of variables in pci_mmcfg_nvidia_mcp55() [Andrew Cooper]
  • 715242a: xen: Remove buggy initial placement algorithm [George Dunlap]
  • 477080f: xen: Have schedulers revise initial placement [George Dunlap]
  • ec712ba: nested vmx: Validate host VMX MSRs before accessing them [Euan Harris]
  • 6fd1c8e: nested vmx: intercept guest rdmsr for MSR_IA32_VMX_VMFUNC [Euan Harris]
  • 0905c2a: serial: fix incorrect length of strncmp for dtuart [Jiandi An]
  • 625c3e4: xen/arm: p2m: Restrict usage of get_page_from_gva to the current vCPU [Julien Grall]
  • ad0e68e: xen/arm: p2m: Pass the vCPU in parameter to get_page_from_gva [Julien Grall]
  • db42305: xen/arm: system: Use the correct parameter name in local_irq_restore [Julien Grall]
  • dfe85d3: x86/entry: Avoid SMAP violation in compat_create_bounce_frame() [Andrew Cooper]
  • eac595f: x86/pv: Remove unsafe bits from the mod_l?_entry() fastpath [Andrew Cooper]

In addition, this release also contains the following fixes to qemu-traditional:

  • cff044b: virtio: error out if guest exceeds virtqueue size [P J P]
  • This release also contains changes to qemu-upstream, whose changelogs we do not list here as it contains many changes that are not directly releated to the Xen Project Hypervisor and thus this release. However, you can check;a=shortlog (between tags qemu-xen-4.6.3 and qemu-xen-4.6.4).
    This release, which includes source code for qemu-traditional and qemu-upstream, contains the following security fixes.

    XSAXen qemu-traditional qemu-upstream
    XSA-187N/A (Xen 4.6 not vulnerable)......
    XSA-188N/A (Unused XSA number)......
    See for details related to Xen Project security advisories.
    We recommend all users of the 4.6 stable series to update to this latest point release.