Skip to main content


Xen Project 4.7.1

We are pleased to announce the release of Xen 4.7.1. This is available immediately from its git repository;a=shortlog;h=refs/heads/stable-4.7 (tag RELEASE-4.7.1) or from this download page
This release contains the following bug-fixes and improvements in the Xen Project hypervisor:

  • 86f912c: update Xen version to 4.7.1 [Jan Beulich]
  • 5bcf70d: x86: MISALIGNSSE feature depends on SSE [Jan Beulich]
  • 013bced: vscsiif.h: replace PAGE_SIZE with VSCSIIF_PAGE_SIZE [Stefano Stabellini]
  • ebb883c: usbif.h: replace PAGE_SIZE with USBIF_RING_SIZE [Stefano Stabellini]
  • 37fd694: x86/Viridian: don’t depend on undefined register state [Jan Beulich]
  • 7bbea96: x86emul: fix pushing of selector registers [Jan Beulich]
  • a91344a: x86/hvm: Clobber %cs.L when LME becomes set [Andrew Cooper]
  • 2b593c9: xen/trace: Fix trace metadata page count calculation (revert fbf96e6) [George Dunlap]
  • 4b323ed: x86: defer not-present segment checks [Jan Beulich]
  • c26fc22: xen: credit1: return the ‘time remaining to the limit’ as next timeslice. [Dario Faggioli]
  • 3903db1: x86emul: honor guest CR0.TS and CR0.EM [Jan Beulich]
  • 506182e: x86/AMD: apply erratum 665 workaround [Emanuel Czirai]
  • 33c4ba9: x86emul: don’t allow null selector for LTR [Jan Beulich]
  • ccae454: x86emul: correct loading of %ss [Jan Beulich]
  • dc57c17: x86/Intel: hide CPUID faulting capability from guests [Jan Beulich]
  • 2d939ee: xen: credit2: properly schedule migration of a running vcpu. [Dario Faggioli]
  • 24a1b18: xen: credit1: fix mask to be used for tickling in Credit1 [Dario Faggioli]
  • 1983d58: x86/domctl: Fix migration of guests which are not using xsave [Andrew Cooper]
  • d515e86: x86/domctl: Fix TOCTOU race with the use of XEN_DOMCTL_getvcpuextstate [Andrew Cooper]
  • a7edbdc: QEMU_TAG update [Ian Jackson]
  • 317eb71: libxl: do not assume Dom0 backend while getting nic info [Marek Marczykowski-Górecki]
  • 7e17174: tools/migrate: Prevent PTE truncation from being fatal duing the live phase [Andrew Cooper]
  • 0e22f29: libxl: fix libxl_device_usbdev_list() [Juergen Gross]
  • b549cbd: libxc: correct max_pfn calculation for saving domain [Juergen Gross]
  • 038aadd: Revert “x86/hvm: Perform a user instruction fetch for a FEP in userspace” [Jan Beulich]
  • 5c816c7: x86/segment: Bounds check accesses to emulation ctxt->seg_reg[] [Andrew Cooper]
  • 129099b: x86/hvm: Perform a user instruction fetch for a FEP in userspace [Andrew Cooper]
  • f515565: hvm/fep: Allow testing of instructions crossing the -1 -> 0 virtual boundary [Andrew Cooper]
  • c01565b: VMX: correct feature checks for MPX and XSAVES [Jan Beulich]
  • 0c9b942: x86/shadow: Avoid overflowing sh_ctxt->seg_reg[] [Andrew Cooper]
  • cb3397a: x86/emulate: Correct boundary interactions of emulated instructions [Andrew Cooper]
  • 6825f37: x86/32on64: don’t allow recursive page tables from L3 [Jan Beulich]
  • dbeb5da: memory: fix compat handling of XENMEM_access_op [Jan Beulich]
  • 9d2ede8: x86/PV: make PMU MSR handling consistent [Jan Beulich]
  • ba1f4a4: x86: correct PT_NOTE file position [Jan Beulich]
  • 4f610f2: credit1: fix a race when picking initial pCPU for a vCPU [Dario Faggioli]
  • 7743e91: x86/32on64: misc adjustments to call gate emulation [Jan Beulich]
  • 93429d2: x86/levelling: Provide architectural OSXSAVE handling to masked native CPUID [Andrew Cooper]
  • b80d7eb: x86/levelling: Pass a vcpu rather than a domain to ctxt_switch_levelling() [Andrew Cooper]
  • fb87d02: x86/levelling: Restrict non-architectural OSXSAVE handling to emulated CPUID [Andrew Cooper]
  • ed48c80: passthrough: fix a BUG_ON issue [Feng Wu]
  • dbaf2c8: x86/HVM: add guarding logic for VMX specific code [Suravee Suthikulpanit]
  • 80bc435: xen/physmap: Do not permit a guest to populate PoD pages for itself [Andrew Cooper]
  • fd7306f: x86/EFI: don’t apply relocations to l{2,3}_bootmap [Jan Beulich]
  • 5b5abe1: page-alloc/x86: don’t restrict DMA heap to node 0 [Jan Beulich]
  • 8224649: libxl: return any serial tty path in libxl_console_get_tty [Bob Liu]
  • de781b4: tools/libxc: Properly increment ApicIdCoreSize field on AMD [Boris Ostrovsky]
  • ab75cdf: libxenstat: honour XEN_RUN_DIR [Wei Liu]
  • 78a3010: xl: correct xl cpupool-numa-split with vcpu limited dom0 [Juergen Gross]
  • f2160ba: x86/mmcfg: Fix initalisation of variables in pci_mmcfg_nvidia_mcp55() [Andrew Cooper]
  • 471a151: xen: Remove buggy initial placement algorithm [George Dunlap]
  • c732d3c: xen: Have schedulers revise initial placement [George Dunlap]
  • d37c2b9: x86/EFI + Live Patch: avoid symbol address truncation [Jan Beulich]
  • 899495b: x86/entry: Avoid SMAP violation in compat_create_bounce_frame() [Andrew Cooper]
  • b1ba8c0: x86/pv: Remove unsafe bits from the mod_l?_entry() fastpath [Andrew Cooper]
  • a492556: MAINTAINERS: name stable tree maintainers [Jan Beulich]
  • 22ec349: sched: use default scheduler upon an invalid “sched=” [Dario Faggioli]
  • df39cfa: nested vmx: Validate host VMX MSRs before accessing them [Euan Harris]
  • 11e3c4a: update Xen version to 4.7.1-pre [Jan Beulich]
  • 78c7331: README: Update version to 4.7 (from 4.7.0) [Ian Jackson]

In addition, this release also contains the following fixes to qemu-traditional:

  • 8111145: virtio: error out if guest exceeds virtqueue size [P J P]

This release also contains changes to qemu-upstream, whose changelogs we do not list here as it contains many changes that are not directly releated to the Xen Project Hypervisor and thus this release. However, you can check;a=shortlog (between tags qemu-xen-4.7.0 and qemu-xen-4.7.1).
This release, which includes source code for qemu-traditional and qemu-upstream, contains the following security fixes.

XSA-188N/A (Xen 4.7 not vulnerable)......
XSA-1890N/A (Unused XSA number)......
XSA-190 AppliedN/AN/A

See for details related to Xen Project security advisories.
We recommend all users of the 4.7 stable series to update to this latest point release.