Skip to main content


Xen Project 4.8.1

We are pleased to announce the release of Xen 4.8.1. This is available immediately from its git repository;a=shortlog;h=refs/heads/stable-4.8 (tag RELEASE-4.8.1) or from this download page
This release contains the following bug-fixes and improvements in the Xen Project hypervisor:

  • 5ebb4de: update Xen version to 4.8.1 [Jan Beulich]
  • e1c62cd: oxenstored: trim history in the frequent_ops function [Thomas Sanders]
  • 336afa8: oxenstored transaction conflicts: improve logging [Thomas Sanders]
  • 3ee0d82: oxenstored: don’t wake to issue no conflict-credit [Thomas Sanders]
  • 84ee808: oxenstored: do not commit read-only transactions [Thomas Sanders]
  • cb778de: oxenstored: allow self-conflicts [Thomas Sanders]
  • fa0b2b9: oxenstored: blame the connection that caused a transaction conflict [Jonathan Davies]
  • 9ea5032: oxenstored: track commit history [Jonathan Davies]
  • c682760: oxenstored: discard old commit-history on txn end [Thomas Sanders]
  • 9a2c5b4: oxenstored: only record operations with side-effects in history [Jonathan Davies]
  • 567051b: oxenstored: support commit history tracking [Jonathan Davies]
  • 4f4596a: oxenstored: add transaction info relevant to history-tracking [Jonathan Davies]
  • b795db0: oxenstored: ignore domains with no conflict-credit [Thomas Sanders]
  • 6636c70: oxenstored: handling of domain conflict-credit [Thomas Sanders]
  • f2c7ab1: oxenstored: comments explaining some variables [Thomas Sanders]
  • f3b7100: xenstored: Log when the write transaction rate limit bites [Ian Jackson]
  • 4cd02a2: xenstored: apply a write transaction rate limit [Ian Jackson]
  • e0354e6: tools/libxenctrl: fix error check after opening libxenforeignmemory [Paul Durrant]
  • a085f0c: libxl: correct xenstore entry for empty cdrom [Juergen Gross]
  • ec7f9e1: x86: use 64 bit mask when masking away mfn bits [Juergen Gross]
  • 06403aa: memory: properly check guest memory ranges in XENMEM_exchange handling [Jan Beulich]
  • f3623bd: xen: sched: don’t call hooks of the wrong scheduler via VCPU2OP [Dario Faggioli]
  • c95bad9: x86/EFI: avoid Xen image when looking for module/kexec position [Jan Beulich]
  • 4ec1cb0: x86/EFI: avoid IOMMU faults on [_end,__2M_rwdata_end) [Jan Beulich]
  • 093a1f1: x86/EFI: avoid overrunning mb_modules[] [Jan Beulich]
  • 47501b6: build/clang: fix XSM dummy policy when using clang 4.0 [Roger Pau Monné]
  • 2859b25: x86: drop unneeded __packed attributes [Roger Pau Monné]
  • ca41491: arm: xen_size should be paddr_t for consistency [Stefano Stabellini]
  • 26dec7a: xen/arm: alternative: Register re-mapped Xen area as a temporary virtual region [Wei Chen]
  • eca97a4: QEMU_TAG update [Ian Jackson]
  • c75fe64: arm: read/write rank->vcpu atomically [Stefano Stabellini]
  • af18ca9: xen/arm: p2m: Perform local TLB invalidation on vCPU migration [Julien Grall]
  • 30c2dd7: xen/arm: Introduce INVALID_VCPU_ID [Julien Grall]
  • 1780ea7: xen/arm: Set nr_cpu_ids to available number of cpus [Vijaya Kumar K]
  • 42290f0: xen/arm: acpi: Relax hw domain mapping attributes to p2m_mmio_direct_c [Edgar E. Iglesias]
  • bd684c2: Revert “xen/arm: Map mmio-sram nodes as un-cached memory” [Edgar E. Iglesias]
  • 783b670: xen/arm: dt: Relax hw domain mapping attributes to p2m_mmio_direct_c [Edgar E. Iglesias]
  • 07f9ddf: xen/arm: flush icache as well when XEN_DOMCTL_cacheflush is issued [Tamas K Lengyel]
  • d31d0cd: xen/arm: fix GIC_INVALID_LR [Stefano Stabellini]
  • b2e678e: fix out of bound access to mode_strings [Stefano Stabellini]
  • 05946b5: missing vgic_unlock_rank in gic_remove_irq_from_guest [Stefano Stabellini]
  • e020ff3: xen/arm: Fix macro for ARM Jazelle CPU feature identification [Artem Mygaiev]
  • 308c646: xen/arm: traps: Emulate ICC_SRE_EL1 as RAZ/WI [Julien Grall]
  • fceae91: xen/arm: Fix misplaced parentheses for PSCI version check [Artem Mygaiev]
  • f667393: arm/irq: Reorder check when the IRQ is already used by someone [Oleksandr Tyshchenko]
  • 768b250: Don’t clear HCR_VM bit when updating VTTBR. [Jun Sun]
  • 049b13d: x86/emul: Correct the decoding of mov to/from cr/dr [Andrew Cooper]
  • e26a2a0: x86emul: correct decoding of vzero{all,upper} [Jan Beulich]
  • 866f363: xen: credit2: don’t miss accounting while doing a credit reset. [Dario Faggioli]
  • 354c3e4: xen: credit2: always mark a tickled pCPU as… tickled! [Dario Faggioli]
  • 8c2da8f: x86/layout: Correct Xen’s idea of its own memory layout [Andrew Cooper]
  • 6289c3b: x86/vmx: Don’t leak host syscall MSR state into HVM guests [Andrew Cooper]
  • 2e68fda: xen/arm: fix affected memory range by dcache clean functions [Stefano Stabellini]
  • f85fc97: xen/arm: introduce vwfi parameter [Stefano Stabellini]
  • 9967251: arm/p2m: remove the page from p2m->pages list before freeing it [Julien Grall]
  • 34305da: QEMU_TAG update [Ian Jackson]
  • 437a8e6: VMX: fix VMCS race on context-switch paths [Jan Beulich]
  • 9028ba8: xen/p2m: Fix p2m_flush_table for non-nested cases [George Dunlap]
  • 1c28394: x86/ept: allow write-combining on !mfn_valid() MMIO mappings again [David Woodhouse]
  • c246296: IOMMU: always call teardown callback [Oleksandr Tyshchenko]
  • 10baa19: x86/emulate: don’t assume that addr_size == 32 implies protected mode [George Dunlap]
  • 4582c2b: xen: credit2: fix shutdown/suspend when playing with cpupools. [Dario Faggioli]
  • a20300b: xen: credit2: never consider CPUs outside of our cpupool. [Dario Faggioli]
  • 23e3303: xen: credit2: use the correct scratch cpumask. [Dario Faggioli]
  • 95f1f99: x86/hvm: do not set msr_tsc_adjust on hvm_set_guest_tsc_fixed [Joao Martins]
  • 9b0e6d3: x86emul: correct FPU stub asm() constraints [Jan Beulich]
  • b843de7: x86: segment attribute handling adjustments [Jan Beulich]
  • ba7e250: x86emul: LOCK check adjustments [Jan Beulich]
  • 6240d92: x86emul: VEX.B is ignored in compatibility mode [Jan Beulich]
  • b378b1f: x86/xstate: Fix array overrun on hardware with LWP [Andrew Cooper]
  • b29aed8: arm/p2m: Fix regression during domain shutdown with active mem_access [Tamas K Lengyel]
  • e1cefed: libxl: fix libxl_set_memory_target [Wei Liu]
  • 53c3a73: xen/arm: gic-v3: Make sure read from ICC_IAR1_EL1 is visible on the redistributor [Julien Grall]
  • daf491d: x86/cpu: Don’t update this_cpu for get_cpu_vendor(, gcv_guest) [Andrew Cooper]
  • a654228: x86/emul: Correct the return value handling of VMFUNC [Andrew Cooper]
  • c581ead: x86/boot: fix build with certain older gcc versions [Jan Beulich]
  • 67e9679: x86emul: CMPXCHG16B requires an aligned operand [Jan Beulich]
  • 080a31b: VT-d: correct dma_msi_set_affinity() [Jan Beulich]
  • 1febe8d: x86emul: ignore most segment bases for 64-bit mode in is_aligned() [Jan Beulich]
  • 7713ee2: x86emul: MOVNTI does not allow REP prefixes [Jan Beulich]
  • b76a796: x86/VPMU: clear the overflow status of which counter happened to overflow [Luwei Kang]
  • e298344: x86/hvm: don’t unconditionally create a default ioreq server [Paul Durrant]
  • 6933092: libelf: section index 0 is special [Jan Beulich]
  • af6534e: x86emul: CMPXCHG{8,16}B ignore prefixes [Jan Beulich]
  • 297cf3d: xen: Fix determining when domain creation is complete [Andrew Cooper]
  • 3e902dd: x86emul: correct PUSHF/POPF [Jan Beulich]
  • c5efe95: init/FreeBSD: fix incorrect usage of $rc_pids in xendriverdomain [Roger Pau Monne]
  • 63c68c7: init/FreeBSD: add rc control variables [Roger Pau Monne]
  • 3667bc0: init/FreeBSD: fix xencommons so it can only be launched by Dom0 [Roger Pau Monne]
  • 86e54be: init/FreeBSD: remove xendriverdomain_precmd [Roger Pau Monne]
  • e7ad85e: init/FreeBSD: set correct PATH for xl devd [Roger Pau Monne]
  • bdbfca0: xsm: allow relevant permission during migrate and gpu-passthrough. [Anshul Makkar]
  • 443264e: libxl: init_acpi_config should return rc in exit path, and set to 0 on success [Wei Liu]
  • d575902: x86/emul: add likely()/unlikely() to test harness [Andrew Cooper]
  • 24ccfc3: x86/HVM: add missing NULL check before using VMFUNC hook [Jan Beulich]
  • 7628c7e: x86: force EFLAGS.IF on when exiting to PV guests [Jan Beulich]
  • b996efb: x86/emul: Correct the handling of eflags with SYSCALL [Andrew Cooper]
  • 7967daf: QEMU_TAG update [Ian Jackson]
  • 1f4ea16: update Xen version to 4.8.1-pre [Jan Beulich]

In addition, this release also contains the following fixes to qemu-traditional:

  • 3bed93d: cirrus/vnc: zap drop bitblit support from console code. [Gerd Hoffmann]
  • b77d58b: cirrus: add blit_is_unsafe call to cirrus_bitblt_cputovideo [Gerd Hoffmann]
  • a1d57bb: cirrus: fix oob access issue (CVE-2017-2615) [Li Qiang]
  • 095261a: qemu: ioport_read, ioport_write: be defensive about 32-bit addresses [Ian Jackson]

This release also contains changes to qemu-upstream, whose changelogs we do not list here as it contains many changes that are not directly releated to the Xen Project Hypervisor and thus this release. However, you can check;a=shortlog (between tags qemu-xen-4.8.0 and qemu-xen-4.8.1).
This release, which includes source code for qemu-traditional and qemu-upstream, contains the following security fixes.








N/A (Xen 4.8 not affected)


N/A (Applied on master before 4.8 branch was created)








N/A (Unassigned number)



















See for details related to Xen Project security advisories.
We recommend all users of the 4.8 stable series to update to this latest point release.