Xen is een baremetal-hypervisor voor het x86- en ARMv7/v8-platform, en laat diverse besturingssystemen gelijktijdig op één systeem draaien zonder de prestaties drastisch te beïnvloeden. Voor meer informatie over Xen en de bijbehorende community verwijzen we naar deze en deze pagina. Op dit moment worden alleen Linux, NetBSD en FreeBSD als hostsystemen ondersteund, maar men is druk bezig om ook andere besturingssystemen volledig te ondersteunen. De ontwikkelaars hebben versie 4.12.2 uitgebracht, met de volgende aankondiging:

XEN PROJECT 4.12.2



We are pleased to announce the release of Xen 4.12.2. This is available immediately from its git repository or from this download page. This release contains the following bug-fixes and improvements in the Xen Project hypervisor: update Xen version to 4.12.2

lz4: fix system halt at boot kernel on x86_64

lz4: refine commit 9143a6c55ef7 for the 64-bit case

AMD/IOMMU: Cease using a dynamic height for the IOMMU pagetables

x86/mm: relinquish_memory: Grab an extra type ref when setting PGT_partial

x86/mm: alloc/free_lN_table: Retain partial_flags on -EINTR

x86/mm: Set old_guest_table when destroying vcpu pagetables

x86/mm: Don’t reset linear_pt_count on partial validation

x86/vtx: Work around SingleStep + STI/MovSS VMEntry failures

x86+Arm32: make find_next_{,zero_}bit() have well defined behavior

x86/tlbflush: do not toggle the PGE CR4 bit unless necessary

x86: avoid HPET use on certain Intel platforms

gnttab: make sure grant map operations don’t skip their IOMMU part

x86/psr: fix bug which may cause crash

Rationalize max_grant_frames and max_maptrack_frames handling

x86 / iommu: set up a scratch page in the quarantine domain

xen/x86: vpmu: Unmap per-vCPU PMU page when the domain is destroyed

x86/svm: Write the correct %eip into the outgoing task

x86/svm: Always intercept ICEBP

x86/vtx: Fix fault semantics for early task switch failures

x86/IRQ: make internally used IRQs also honor the pending EOI stack

x86/vmx: always sync PIR to IRR before vmentry

EFI: fix “efi=attr=” handling

x86/p2m-pt: fix (latent) page table mapping leak on do_recalc() error paths

x86/domctl: have XEN_DOMCTL_getpageframeinfo3 preemptible

x86: Don’t increase ApicIdCoreSize past 7

x86/tss: Fix clang build following c/s 7888440625

xen/arm: entry: Ensure the guest state is synced when receiving a vSError

xen/arm: Update the ASSERT() in SYNCHRONIZE_SERROR()

xen/arm: asm: Replace use of ALTERNATIVE with alternative_if

xen/arm: alternative: add auto-nop infrastructure

xen/arm: Allow insn.h to be called from assembly

xen/arm: Move ARCH_PATCH_INSN_SIZE out of the header livepatch.h

xen/arm: alternative: Remove unused parameter for alternative_if_not_cap

xen/arm: traps: Don’t ignore invalid value for serrors=

xen/arm: Ensure the SSBD workaround is re-enabled right after exiting a guest

xen/arm32: entry: Rename save_guest_regs()

xen/arm: traps: Rework entry/exit from the guest path

xen/arm64: entry: Check if an SError is pending when receiving a vSError

xen/arm64: entry: Introduce a macro to generate guest vector and use it

xen/arm64: entry: Avoid open-coding interrupt flags

xen/arm: traps: Update the correct PC when inject a virtual SError to the guest

docs/misc: xen-command-line: Rework documentation of the option ‘serrors’

xen/arm: traps: Rework __do_serror() documentation

xen/arm: Remove serrors=forward

docs/misc: xen-command-line: Remove wrong statement from serrors=diverse

IOMMU: default to always quarantining PCI devices

x86/mm: Adjust linear uses / entries when a page loses validation

x86/vvmx: Fix livelock with XSA-304 fix

x86/livepatch: Prevent patching with active waitqueues

x86/vlapic: allow setting APIC_SPIV_FOCUS_DISABLED in x2APIC mode

xen: Add missing va_end() in hypercall_create_continuation()

x86: fix race to build arch/x86/efi/relocs-dummy.o

x86emul: 16-bit XBEGIN does not truncate rIP

AMD/IOMMU: don’t needlessly trigger errors/crashes when unmapping a page

x86/ioapic: fix clear_IO_APIC_pin write of raw entries

x86/shim: copy back the result of EVTCHNOP_status

x86/pv: Fix !CONFIG_PV build following XSA-299

x86/vtx: Fixes to Haswell/Broadwell LBR TSX errata

x86/vtx: Corrections to BDF93 errata workaround

x86: fix off-by-one in is_xen_fixed_mfn()

x86/tsc: update vcpu time info on guest TSC adjustments

x86/vvmx: Fix the use of RDTSCP when it is intercepted at L0

x86/spec-ctrl: Mitigate the TSX Asynchronous Abort sidechannel

x86/tsx: Introduce tsx= to use MSR_TSX_CTRL when available

x86/vtx: Allow runtime modification of the exec-sp setting

x86/vtx: Disable executable EPT superpages to work around CVE-2018-12207

x86/vtd: Hide superpage support for SandyBridge IOMMUs

xen/arm64: Don’t blindly unmask interrupts on trap without a change of level

xen/arm32: Don’t blindly unmask interrupts on trap without a change of level

xen/arm32: entry: Fold the macro SAVE_ALL in the macro vector

xen/arm32: entry: Split __DEFINE_ENTRY_TRAP in two

passthrough: quarantine PCI devices

xen/arm: p2m: Don’t check the return of p2m_get_root_pointer() with BUG_ON()

xen/arm: p2m: Avoid off-by-one check on p2m->max_mapped_gfn

xen/arm: p2m: Avoid aliasing guest physical frame

x86/mm: Don’t drop a type ref unless you held a ref to begin with

x86/mm: Fix nested de-validation on error

x86/mm: Properly handle linear pagetable promotion failures

x86/mm: Collapse PTF_partial_set and PTF_partial_general_ref into one

x86/mm: Always retain a general ref on partial

x86/mm: Have alloc_l[23]_table clear partial_flags when preempting

x86/mm: Rework get_page_and_type_from_mfn conditional

x86/mm: Use flags for _put_page_type rather than a boolean

x86/mm: Separate out partial_pte tristate into individual flags

x86/mm: Don’t re-set PGT_pinned on a partially de-validated page

x86/mm: L1TF checks don’t leave a partial entry

x86/PV: check GDT/LDT limits during emulation

xen/hypercall: Don’t use BUG() for parameter checking in hypercall_create_continuation()

xen/arm: mm: Flush the TLBs even if a mapping failed in create_xen_entries

xen/arm: fix nr_pdxs calculation

xen/arm64: Correctly compute the virtual address in maddr_to_virt()

xen/arm: vsmc: The function identifier is always 32-bit

xen/arm: p2m: Free the p2m entry after flushing the IOMMU TLBs

xen/arm: Don’t use _end in is_xen_fixed_mfn()

xen/arm: setup: Calculate correctly the size of Xen

xen/arm: Implement workaround for Cortex A-57 and Cortex A72 AT speculate

xen/arm: memaccess: Initialize correctly *access in __p2m_get_mem_access

xen/arm: traps: Avoid using BUG_ON() to check guest state in advance_pc()

xen/arm: SCTLR_EL1 is a 64-bit register on Arm64

xen/arm: traps: Avoid using BUG_ON() in _show_registers()

x86/efi: properly handle 0 in pixel reserved bitmask

pci: clear {host/guest}_maskall field on assign

efi/boot: make sure graphics mode is set while booting through MB2

efi/boot: add missing pointer dereference in set_color

IOMMU: add missing HVM check

x86/crash: force unlock console before printing on kexec crash

x86/shim: fix ballooning down the guest

sched: don’t let XEN_RUNSTATE_UPDATE leak into vcpu_runstate_get()

sched: fix freeing per-vcpu data in sched_move_domain()

ACPI/cpuidle: bump maximum number of power states we support

libxc/x86: avoid certain overflows in CPUID APIC ID adjustments

vpci: honor read-only devices

ioreq: fix hvm_all_ioreq_servers_add_vcpu fail path cleanup

x86/cpuid: Fix handling of the CPUID.7[0].eax levelling MSR

x86/shadow: don’t enable shadow mode with too small a shadow allocation (part 2)

x86: properly gate clearing of PKU feature

p2m/ept: pass correct level to atomic_write_ept_entry in ept_invalidate_emt

x86/mm: correctly initialise M2P entries on boot

x86/p2m: fix non-translated handling of iommu mappings

x86: Restore IA32_MISC_ENABLE on wakeup

x86/xpti: Don’t leak TSS-adjacent percpu data via Meltdown

xen/page_alloc: Keep away MFN 0 from the buddy allocator

xen/link: Introduce .bss.percpu.page_aligned

xen/sched: fix memory leak in credit2

x86/boot: Set Accessed bits in boot_cpu_{,compat_}gdt_table[]

x86/apic: enable x2APIC mode before doing any setup

x86/microcode: always collect_cpu_info() during boot

xen/spec-ctrl: Speculative mitigation facilities report wrong status

x86/boot: Fix build dependenices for reloc.c

x86/ept: pass correct level to p2m_entry_modify

video: fix handling framebuffer located above 4GB