Skip to main content


Xen Project 4.7.4

We are pleased to announce the release of Xen 4.7.4. This is available immediately from its git repository;a=shortlog;h=refs/heads/stable-4.7 (tag RELEASE-4.7.4) or from this download page
This release contains the following bug-fixes and improvements in the Xen Project hypervisor:

  • bcc9e245aa: update Xen version to 4.7.4 [Jan Beulich]
  • 259a5c3000: x86/shadow: correct SH_LINEAR mapping detection in sh_guess_wrmap() [Andrew Cooper]
  • 1f551847f5: x86: don’t wrongly trigger linear page table assertion [Jan Beulich]
  • 721c5b3082: x86/mm: fix race condition in modify_xen_mappings() [Yu Zhang]
  • 33479cdf30: x86/mm: fix race conditions in map_pages_to_xen() [Min He]
  • a8d5690cc3: x86/hvm: do not register hpet mmio during s3 cycle [Eric Chanudet]
  • 227cbb7bfc: x86/mm: Make PV linear pagetables optional [George Dunlap]
  • de27faa6e3: x86: fix asm() constraint for GS selector update [Jan Beulich]
  • f8e806fddc: x86: don’t latch wrong (stale) GS base addresses [Jan Beulich]
  • a27ed6a9bf: x86: also show FS/GS base addresses when dumping registers [Jan Beulich]
  • a82350f758: x86: fix GS-base-dirty determination [Jan Beulich]
  • 830224431b: x86emul: handle address wrapping [Jan Beulich]
  • 6e36296c6c: VMX: PLATFORM_INFO MSR is r/o [Jan Beulich]
  • 5805ab112b: x86: avoid #GP for PV guest MSR accesses [Jan Beulich]
  • bc37a36ab1: x86/vvmx: Fix WRMSR interception of VMX MSRs [Andrew Cooper]
  • cf451a8253: x86: fix do_update_va_mapping_otherdomain() wrt translated domains [Jan Beulich]
  • 24955c3143: x86: request page table page-in for the correct domain [Jan Beulich]
  • 46d90a78f6: xen/domctl: Fix Xen heap leak via XEN_DOMCTL_getvcpucontext [Andrew Cooper]
  • cd9ee1f72d: x86/PV: fix/generalize guest nul selector handling [Jan Beulich]
  • 2e24a9ed72: x86/msr: Correct the definition of MSR_IA32_APICBASE_BASE [Andrew Cooper]
  • d0500f2032: x86/svm: Fix a livelock when trying to run shadowed unpaged guests [Andrew Cooper]
  • f03b9e86e7: gnttab: fix pin count / page reference race [Jan Beulich]
  • df0949d197: tools/libxc/xc_dom_arm: add missing variable initialization [Bernd Kuhls]
  • c10dc54d41: x86/cpu: Fix IST handling during PCPU bringup [Andrew Cooper]
  • 8cd1258b09: x86/shadow: Don’t create self-linear shadow mappings for 4-level translated guests [Andrew Cooper]
  • 1d01ddc4ef: x86: don’t allow page_unlock() to drop the last type reference [Jan Beulich]
  • 5ca7d11d0b: x86: don’t store possibly stale TLB flush time stamp [Jan Beulich]
  • ebd47d46c3: x86: limit linear page table use to a single level [Jan Beulich]
  • 6a6a3394b6: x86/HVM: prefill partially used variable on emulation paths [Jan Beulich]
  • e61be54bfa: x86/ioreq server: correctly handle bogus XEN_DMOP_{,un}map_io_range_to_ioreq_server arguments [Vitaly Kuznetsov]
  • e3f7a649f5: x86/FLASK: fix unmap-domain-IRQ XSM hook [Jan Beulich]
  • 957ad237e2: x86/IRQ: conditionally preserve irq pirq mapping on map error paths [Jan Beulich]
  • b1ae705c44: x86/MSI: disallow redundant enabling [Jan Beulich]
  • 3add76f7a5: x86: enforce proper privilege when (un)mapping pIRQ-s [Jan Beulich]
  • 314a8fcd4e: x86: don’t allow MSI pIRQ mapping on unowned device [Jan Beulich]
  • d6aad63509: xen/arm: Correctly report the memory region in the dummy NUMA helpers [Julien Grall]
  • 7c99633832: xen/page_alloc: Cover memory unreserved after boot in first_valid_mfn [Julien Grall]
  • 145c18d810: VT-d: use correct BDF for VF to search VT-d unit [Chao Gao]
  • c3fa5cdf3f: hvmloader: use base instead of pci_mem_start for find_next_rmrr() [Xiong Zhang]
  • 487f8f9d6f: x86: check for allocation errors in modify_xen_mappings() [Jan Beulich]
  • ffcfc40e0b: arm/x86: change [modify,destroy]_xen_mappings to return error [Konrad Rzeszutek Wilk]
  • c7783d9c26: gnttab: also validate PTE permissions upon destroy/replace [Jan Beulich]
  • 3331050a1a: tools/xenstore: dont unlink connection object twice [Juergen Gross]
  • 83966a3066: grant_table: fix GNTTABOP_cache_flush handling [Andrew Cooper]
  • a67b22324a: xen/mm: make sure node is less than MAX_NUMNODES [George Dunlap]
  • 68dbba27ae: gnttab: avoid spurious maptrack handle allocation failures [Jan Beulich]
  • 2728470492: cpufreq: only stop ondemand governor if already started [Christopher Clark]
  • dea68ed3f1: VT-d PI: disable VT-d PI when CPU-side PI isn’t enabled [Chao Gao]
  • 9d12253f0f: VT-d: don’t panic/warn on iommu=no-igfx [Rusty Bird]
  • 73d7bc562a: docs: replace xm with xl in xen-tscmode [Olaf Hering]
  • b704b1a09b: rombios: prevent building with PIC/PIE [Olaf Hering]
  • ca4ef7b5e8: xen/livepatch: Don’t crash on encountering STN_UNDEF relocations [Andrew Cooper]
  • ece330ae94: xen/livepatch: Use zeroed memory allocations for arrays [Andrew Cooper]
  • 3d63ebca46: x86/hvm: Fixes to hvmemul_insn_fetch() [Andrew Cooper]
  • 30d50f8ead: arm/mm: release grant lock on xenmem_add_to_physmap_one() error paths [Jan Beulich]
  • 2dc3cdb6e6: travis: install ghostscript [Wei Liu]
  • 5151257626: gnttab: fix “don’t use possibly unbounded tail calls” [Jan Beulich]
  • c9f3ca0624: gnttab: fix transitive grant handling [Jan Beulich]
  • e873251378: gnttab: don’t use possibly unbounded tail calls [Jan Beulich]
  • 8aebf856ca: gnttab: correct pin status fixup for copy [Jan Beulich]
  • c362cde2c6: gnttab: split maptrack lock to make it fulfill its purpose again [Jan Beulich]
  • fece08abf9: update Xen version to 4.7.4-pre [Jan Beulich]
  • 767f6d27d1: x86/grant: disallow misaligned PTEs [Andrew Cooper]

This release also contains no fixes to qemu-traditional:
This release also contains changes to qemu-upstream, whose changelogs we do not list here as it contains many changes that are not directly releated to the Xen Project Hypervisor and thus this release. However, you can check;a=shortlog (between tags qemu-xen-4.7.3 and qemu-xen-4.7.4).
This release, which includes source code for qemu-traditional and qemu-upstream, contains the following security fixes.

XSAXenqemu-traditional qemu-upstream
XSA-229N/A (Linux only).........
See for details related to Xen Project security advisories.
We recommend all users of the 4.7 stable series to update to this latest point release.