xen (4.16.0-1~ubuntu2) jammy; urgency=medium
* Merge Debian experimental/salsa, among many other changes this fixes
booting kernels with zstd compression (LP: #1956166).
Remaining changes:
- Recommend qemu-system-x86-xen
* Dropped changes:
- Additional patches to handle compiling with gcc10 [in upstream]
- Select python2 for xen-init-* scripts [Debian is on python3 now]
- Enforce python2 usage [Debian is on python3 now]
- Build-depend on python2-dev.
- Build using python2.
- Build-depend on lmodern.
- Handle config file moving between packages [no more needed]
* Note changes already dropped in 4.11.4+24-gddaaccbbab-1ubuntu2
- Set python2 for xen-init-name and xen-init-list scripts
[in Debian]
- Force fcf-protection off when using -mindirect-branch
[fixed upstream]
- Update: Building hypervisor with cf-protection enabled
[fixed upstream]
- Strip .note.gnu.property section for intermediate files
[no more needed with the groovy toolchain]
- Add transitional packages for upgrades
[no more needed post focal]
xen (4.16.0-1~exp1) experimental; urgency=medium
Significant changes:
* Update to new upstream version 4.16.0. This also includes a security fix
for the following issue, which was not applicable to Xen 4.14 yet:
- certain VT-d IOMMUs may not work in shared page table mode
XSA-390 CVE-2021-28710
* No longer build any package for the i386 architecture. It was already not
possible to use x86_32 hardware because the i386 packages already
shipped a 64-bit hypervisor and PV shim. Running 32-bit utils with a
64-bit hypervisor requires using a compatibility layer that is fragile and
becomes harder to maintain and test upstream. This change ends the 'grace
period' in which users should have moved to using a fully 64-bit dom0.
- debian/{control,rules,salsa-ci.yml,xen-utils-V.install.vsn-in}: make the
necessary changes
- Remove the Recommends on libc6-xen, which already actually does not
exist any more. (Closes: #992909)
- Drop patch "tools/tests/x86_emulator: Pass -no-pie -fno-pic to gcc on
x86_32" because it is not relevant any more.
Changes related to upgrading to Xen 4.16:
* debian/control: adjust to 4.16 [Maximilian Engelhardt]
* Drop patches that have been applied upstream
* Refresh remaining patches if needed
* debian: follow upstream removal of '.sh' suffix in xl bash_completion file
[Maximilian Engelhardt]
* debian/control, debian/libxenstore*: ship a libxenstore4 package instead
of libxenstore3.0, since upstream bumped the soname
[Maximilian Engelhardt]
Packaging minor fixes and improvements [Maximilian Engelhardt]:
* debian/rules: set SOURCE_BASE_DIR to the top level build dir so that the
"Display Debian package version in hypervisor log" patch can use it.
* Add patch "xen/arch/x86: make objdump output user locale agnostic" to fix
reproducable builds. This patch will also be sent upstream.
* d/rules: remove reproducible=+fixfilepath from DEB_BUILD_MAINT_OPTIONS
* d/salsa-ci.yml: Explicitly set RELEASE variable to unstable
* d/salsa-ci.yml: disable cross building as it's currently not working
* debian: call update-grub when installing/removing xen-hypervisor-common
(Closes: #988901)
* debian: fix dependency generation for python after dh-python was fixed
first. (Closes: #976597) Note that this packaging change can be safely
reverted when building a backports package for Debian Bullseye.
* debian/rules: remove unused pybuild settings
Packaging minor fixes and improvements:
* Improve patches for building the PV shim separately. This enables to
drop the extra Revert of an upstream commit that was done in
4.14.0+80-gd101b417b7-1~exp1:
- Drop patch: Revert "pvshim: make PV shim build selectable from
configure"
- Update patch "[...] Respect caller's CONFIG_PV_SHIM" to follow moving
of a line to a different file
- Drop patch: "tools/firmware/Makefile: CONFIG_PV_SHIM: enable only on
x86_64" because that's now already the default upstream
* debian/control.md5sum: remove this obsolete file
* Merge patches "vif-common: disable handle_iptable" and
"t/h/L/vif-common.sh: fix handle_iptable return value" into a single
patch, since the latter was a fix for the first.
* debian/control: change the Uploaders email address for Ian Jackson,
since he does not work at Citrix any more now
xen (4.14.3+32-g9de3671772-1) unstable; urgency=medium
* Update to new upstream version 4.14.3+32-g9de3671772, which also contains
security fixes for the following issues:
- guests may exceed their designated memory limit
XSA-385 CVE-2021-28706
- PCI devices with RMRRs not deassigned correctly
XSA-386 CVE-2021-28702
- PoD operations on misaligned GFNs
XSA-388 CVE-2021-28704 CVE-2021-28707 CVE-2021-28708
- issues with partially successful P2M updates on x86
XSA-389 CVE-2021-28705 CVE-2021-28709
* Note that the following XSA are not listed, because...
- XSA-387 only applies to Xen 4.13 and older
- XSA-390 only applies to Xen 4.15
* Pick the following upstream commits to fix a regression which prevents
amd64 type hardware to fully power off. The issue was introduced in
version 4.14.0+88-g1d1d1f5391-1 after including upstream commits to
improve Raspberry Pi 4 support. (Closes: #994899):
- 8b6d55c126 ("x86/ACPI: fix mapping of FACS")
- f390941a92 ("x86/DMI: fix table mapping when one lives above 1Mb")
- 0f089bbf43 ("x86/ACPI: fix S3 wakeup vector mapping")
- 16ca5b3f87 ("x86/ACPI: don't invalidate S5 data when S3 wakeup vector
cannot be determined")
xen (4.14.3-1) unstable; urgency=high
* Update to new upstream version 4.14.3, which also contains security fixes
for the following issues:
- IOMMU page mapping issues on x86
XSA-378 CVE-2021-28694 CVE-2021-28695 CVE-2021-28696
- grant table v2 status pages may remain accessible after de-allocation
XSA-379 CVE-2021-28697
- long running loops in grant table handling
XSA-380 CVE-2021-28698
- inadequate grant-v2 status frames array bounds check
XSA-382 CVE-2021-28699
- xen/arm: No memory limit for dom0less domUs
XSA-383 CVE-2021-28700
- Another race in XENMAPSPACE_grant_table handling
XSA-384 CVE-2021-28701
xen (4.14.2+25-gb6a8c4f72d-2) unstable; urgency=medium
* Add README.Debian.security containing a note about the end of upstream
security support for Xen 4.14. Install it into xen-hypervisor-common.
xen (4.14.2+25-gb6a8c4f72d-1) unstable; urgency=medium
* Update to new upstream version 4.14.2+25-gb6a8c4f72d, which also contains
security fixes for the following issues:
- HVM soft-reset crashes toolstack
XSA-368 CVE-2021-28687
- xen/arm: Boot modules are not scrubbed
XSA-372 CVE-2021-28693
- inappropriate x86 IOMMU timeout detection / handling
XSA-373 CVE-2021-28692
- Speculative Code Store Bypass
XSA-375 CVE-2021-0089 CVE-2021-26313
- x86: TSX Async Abort protections not restored after S3
XSA-377 CVE-2021-28690
* Note that the following XSA are not listed, because...
- XSA-370 does not contain code changes.
- XSA-365, XSA-367, XSA-369, XSA-371 and XSA-374 have patches for the
Linux kernel.
- XSA-366 only applies to Xen 4.11.
xen (4.14.1+11-gb0b734a8b3-1) unstable; urgency=medium
* Update to new upstream version 4.14.1+11-gb0b734a8b3, which also contains
security fixes for the following issues:
- IRQ vector leak on x86
XSA-360 CVE-2021-3308 (Closes: #981052)
- arm: The cache may not be cleaned for newly allocated scrubbed pages
XSA-364 CVE-2021-26933
* Drop separate patches for XSAs up to 359 that are now included in the
upstream stable branch.
Packaging bugfixes and improvements [Elliott Mitchell]:
* debian/rules: Set CC/LD to enable cross-building
* d/shuffle-binaries: Fix binary shuffling script for cross-building
* Rework "debian/rules: Do not try to move EFI binaries on armhf"
* debian/scripts: Optimize runtime scripts
* debian/xen-utils-common.examples: Remove xm examples
* d/shuffle-boot-files: make it POSIX compliant [Hans van Kranenburg, based
on a patch by Elliott Mitchell]
* d/shuffle-binaries: Switch loop from for to while
* d/shuffle-binaries: Switch to POSIX shell, instead of Bash
* d/shuffle-boot-files: Switch to POSIX shell, instead of Bash
* debian/xendomains.init: Pipe xen-init-list instead of tmp file
Make the package build reproducibly [Maximilian Engelhardt]:
* debian/salsa-ci.yml: enable salsa-ci
* debian/salsa-ci.yml: enable diffoscope in reprotest
* debian/rules: use SOURCE_DATE_EPOCH for xen build dates
* debian/rules: don't include build path in binaries
* debian/rules: reproducibly build oxenstored
* Pick the following upstream commits:
- 5816d327e4 ("xen: don't have timestamp inserted in config.gz")
- ee41b5c450 ("x86/EFI: don't insert timestamp when SOURCE_DATE_EPOCH is
defined")
- e18dadc5b7 ("docs: use predictable ordering in generated documentation")
* Include upstream patch that is not committed yet, but needed:
- docs: set date to SOURCE_DATE_EPOCH if available
* debian/salsa-ci.yml: don't allow reprotest to fail
Packaging bugfixes and improvements:
* d/shuffle-boot-files: Document more inner workings
xen (4.14.0+88-g1d1d1f5391-2) unstable; urgency=high
* For now, revert "debian/rules: Set CC/LD to enable cross-building", since
it causes an FTBFS on i386.
xen (4.14.0+88-g1d1d1f5391-1) unstable; urgency=high
* Update to new upstream version 4.14.0+88-g1d1d1f5391, which also contains
security fixes for the following issues:
- stack corruption from XSA-346 change
XSA-355 CVE-2020-29040 (Closes: #976109)
* Apply security fixes for the following issues:
- oxenstored: permissions not checked on root node
XSA-353 CVE-2020-29479
- xenstore watch notifications lacking permission checks
XSA-115 CVE-2020-29480
- Xenstore: new domains inheriting existing node permissions
XSA-322 CVE-2020-29481
- Xenstore: wrong path length check
XSA-323 CVE-2020-29482
- Xenstore: guests can crash xenstored via watchs
XSA-324 CVE-2020-29484
- Xenstore: guests can disturb domain cleanup
XSA-325 CVE-2020-29483
- oxenstored memory leak in reset_watches
XSA-330 CVE-2020-29485
- oxenstored: node ownership can be changed by unprivileged clients
XSA-352 CVE-2020-29486
- undue recursion in x86 HVM context switch code
XSA-348 CVE-2020-29566
- infinite loop when cleaning up IRQ vectors
XSA-356 CVE-2020-29567
- FIFO event channels control block related ordering
XSA-358 CVE-2020-29570
- FIFO event channels control structure ordering
XSA-359 CVE-2020-29571
* Note that the following XSA are not listed, because...
- XSA-349 and XSA-350 have patches for the Linux kernel
- XSA-354 has patches for the XAPI toolstack
Packaging bugfixes and improvements:
* d/rules: do not compress /usr/share/doc/xen/html (Closes: #942611)
* Add missing CVE numbers to the previous changelog entries
Packaging bugfixes and improvements [Elliott Mitchell]:
* d/shuffle-binaries: Make error detection/message overt
* d/shuffle-binaries: Add quoting for potentially changeable variables
* d/shuffle-boot-files: Add lots of double-quotes when handling variables
* debian/rules: Set CC/LD to enable cross-building
* debian/xen.init: Load xen_acpi_processor on boot
* d/shuffle-binaries: Remove useless extra argument being passed in
Packaging bugfixes and improvements [Maximilian Engelhardt]:
* d/xen-hypervisor-V-F.postinst.vsn-in: use reboot-required
(Closes: #862408)
* d/xen-hypervisor-V-F.postrm: actually install script
* d/xen-hypervisor-V.*: clean up unused files
* d/xen-hypervisor-V.bug-control.vsn-in: actually install script
* debian/rules: enable verbose build
Fixes to patches for upstream code:
* t/h/L/vif-common.sh: force handle_iptable return value to be 0
(Closes: #955994)
* Pick the following upstream commits to improve Raspberry Pi 4 support,
requested by Elliott Mitchell:
- 25849c8b16 ("xen/rpi4: implement watchdog-based reset")
- 17d192e023 ("tools/python: Pass linker to Python build process")
- 861f0c1109 ("xen/arm: acpi: Don't fail if SPCR table is absent")
- 1c4aa69ca1 ("xen/acpi: Rework acpi_os_map_memory() and
acpi_os_unmap_memory()")
- 4d625ff3c3 ("xen/arm: acpi: The fixmap area should always be cleared
during failure/unmap")
- dac867bf9a ("xen/arm: Check if the platform is not using ACPI before
initializing Dom0less")
- 9c2bc0f24b ("xen/arm: Introduce fw_unreserved_regions() and use it")
- 7056f2f89f ("xen/arm: acpi: add BAD_MADT_GICC_ENTRY() macro")
- 957708c2d1 ("xen/arm: traps: Don't panic when receiving an unknown debug
trap")
* Pick upstream commit ba6e78f0db ("fix spelling errors"). Thanks, Diederik.
xen (4.14.0+80-gd101b417b7-1) unstable; urgency=medium
* Re-upload to unstable for rebuild.
xen (4.14.0+80-gd101b417b7-1~exp2) experimental; urgency=medium
* Re-upload since apparently DMs aren't allowed NEW?
xen (4.14.0+80-gd101b417b7-1~exp1) experimental; urgency=medium
* Update to new upstream version 4.14.0+80-gd101b417b7, which also contains
security fixes for the following issues:
- Information leak via power sidechannel
XSA-351 CVE-2020-28368
- x86 PV guest INVLPG-like flushes may leave stale TLB entries
XSA-286 CVE-2020-27674
- unsafe AMD IOMMU page table updates
XSA-347 CVE-2020-27670
- undue deferral of IOMMU TLB flushes
XSA-346 CVE-2020-27671
- x86: Race condition in Xen mapping code
XSA-345 CVE-2020-27672
- lack of preemption in evtchn_reset() / evtchn_destroy()
XSA-344 CVE-2020-25601
- races with evtchn_reset()
XSA-343 CVE-2020-25599
- out of bounds event channels available to 32-bit x86 domains
XSA-342 CVE-2020-25600
- Missing memory barriers when accessing/allocating an event channel
XSA-340 CVE-2020-25603
- x86 pv guest kernel DoS via SYSENTER
XSA-339 CVE-2020-25596
- once valid event channels may not turn invalid
XSA-338 CVE-2020-25597
- PCI passthrough code reading back hardware registers
XSA-337 CVE-2020-25595
- race when migrating timers between x86 HVM vCPU-s
XSA-336 CVE-2020-25604
- Missing unlock in XENMEM_acquire_resource error path
XSA-334 CVE-2020-25598
- x86 pv: Crash when handling guest access to MSR_MISC_ENABLE
XSA-333 CVE-2020-25602
* Updating to the most recent upstream stable-4.14 branch also fixes
additional compiling issues with gcc 10 that we were running into. These
were: upstream commit 5d45ecabe3c0 ("xen/arm64: force gcc 10+ to always
inline generic atomics helpers") to fix a FTBFS at mem_access.c and
upstream commit 0dfddb2116e3 ("tools/xenpmd: Fix gcc10 snprintf warning")
to fix a FTBFS on armhf. (Closes: #970802)
* Drop upstream commits d25cc3ec93eb ("libxl: workaround gcc 10.2
maybe-uninitialized warning") and fff1b7f50e75 ("libxl: fix
-Werror=stringop-truncation in libxl__prepare_sockaddr_un") from our patch
pile because these gcc 10 related fixes are in the upstream stable branch
now.
* Partially revert "debian/rules: Combine shared Make args" since it caused
a FTBFS on i386.
* Revert upstream commit a516bddbd3 ("tools/firmware/Makefile:
CONFIG_PV_SHIM: enable only on x86_64") and cherry-pick our previous
commits 0b898ccc2 ("tools/firmware/Makfile: Respect caller's
CONFIG_PV_SHIM") and a516bddbd3 ("tools/firmware/Makefile: CONFIG_PV_SHIM:
enable only on x86_64") again to work around a FTBFS where the shim would
not be built during the i386 package build.
* Now all FTBFS issues should be resolved, so we can do (Closes: #968965)
Packaging minor fixes and improvements:
* d/xen-utils-common.xen.init: Actually *really* include the change to
disable oom killer for xenstored. It inadvertently got lost in
4.14.0-1~exp1. (Closes: #961511)
Lintian related fixes:
* debian/changelog: fix a typo in the previous changelog entry
xen (4.14.0-1~exp1) experimental; urgency=medium
Significant changes:
* Update to new upstream version 4.14.0.
(Closes: #866380) about removal of broken xen-bugtool
* debian/{rules,control}: switch to python 3
(Closes: #938843) about python 2 removal in bullseye
* debian/control: Fix python dependency to use python3-dev:any and
libpython3-dev [Elliott Mitchell]
Changes related to upgrading to Xen 4.14:
* debian/control: adjust to 4.14
* debian/rules: remove install commands for pkgconfig files, since those
files are not present any more
* debian/: Follow fsimage -> xenfsimage renaming
* debian/xen-utils-V.*: Use @version@ instead of hardcoded version
* debian/control: add flex, bison
* debian/control: add libxenhypfs[1] [Ian Jackson]
* debian/libxenstore3.0.symbols: drop xprintf
(Closes: #968965) [Ian Jackson; also reported by Gianfranco Costamagna]
* d/scripts/xen-init-name, d/scripts/xen-init-list: rewrite these two
scripts, hugely simplify them and make them use python 3
* Pick upstream commits d25cc3ec93eb ("libxl: workaround gcc 10.2
maybe-uninitialized warning") and fff1b7f50e75 ("libxl: fix
-Werror=stringop-truncation in libxl__prepare_sockaddr_un") to fix gcc 10
FTBFS
* tools: don't build/ship xenmon, it can't work with python 3
Packaging minor fixes and improvements:
* debian/rules: Set DEB_BUILD_MAINT_OPTIONS in shell
(Closes: #939560) [Ian Jackson; report from Guillem Jover]
* debian/rules: Improve comment about hardening options
(Closes: #939560) [Ian Jackson; report from Guillem Jover]
* debian/rules: Drop redundant sequence numbers in dh_installinit
(Closes: #939560) [Ian Jackson; report from Guillem Jover]
* d/xen-utils-common.xen.init: add important notes to keep in mind when
changing this script, related to multi-version handling
* debian/control: cleanup Uploaders and add myself
* debian/control: s/libncurses5-dev/libncurses-dev/
* xen-utils-V scripts: remove update-alternatives command
* xen-utils-V.postinst.vsn-in: whitespace cosmetics
* d/xen-utils-common.xen.init: disable oom killer for xenstored
(Closes: #961511)
* debian/rules: Combine shared Make args [Elliott Mitchell]
Fixes and improvements for cross-compiling [Elliott Mitchell]:
* debian/rules: Add --host to tools configure target
* Pick upstream commit 69953e285638 ('tools: Partially revert
"Cross-compilation fixes."')
Lintian related fixes:
* debian/changelog: trim trailing whitespace. [Debian Janitor]
* debian/pycompat: remove obsolete file. [Debian Janitor]
* debian/rules: Avoid using $(PWD) variable. [Debian Janitor]
* debian/control: hardcode xen-utils-4.14 python3 dependency because
dh_python can't figure out how to add it
* debian/control: xen-doc: add ${misc:Depends}
* d/xen-hypervisor-V-F.lintian-overrides.vsn-in: fix override to use the
newer debug-suffix-not-dbg tag and correct the file path used so it
matches again
* debian/control: remove XS-Python-Version which is deprecated
* debian/control: drop autotools-dev build dependency because debhelper
already takes care of this
* d/xen-utils-V.lintian-overrides.vsn-in: fix rpath override because the
xenfsimage python .so filename changed from xenfsimage.so into
xenfsimage.cpython-38-x86_64-linux-gnu.so now, make it match again
* d/xen-utils-V.lintian-overrides.vsn-in: s/fsimage/xenfsimage/ which is a
left over change from the rename in some comment lines
* d/xen-utils-common.xen.init: use /run instead of /var/run because we don't
expect anyone on a pre-stretch system to build and use these packages
* debian/control: update Standards-Version to 4.5.0
xen (4.11.4+24-gddaaccbbab-1) unstable; urgency=medium
* Update to new upstream version 4.11.4+24-gddaaccbbab, which also contains
security fixes for the following issues:
- inverted code paths in x86 dirty VRAM tracking
XSA-319 CVE-2020-15563
- Special Register Buffer speculative side channel
XSA-320 CVE-2020-0543
N.B: To mitigate this issue, new cpu microcode is required. The changes
in Xen provide a workaround for affected hardware that is not receiving
a vendor microcode update. Please refer to the upstream XSA-320 Advisory
text for more details.
- insufficient cache write-back under VT-d
XSA-321 CVE-2020-15565
- Missing alignment check in VCPUOP_register_vcpu_info
XSA-327 CVE-2020-15564
- non-atomic modification of live EPT PTE
XSA-328 CVE-2020-15567
-- Christian Ehrhardt <email address hidden> Tue, 18 Jan 2022 11:00:29 +0100
