Hello everyone,
It's with great pleasure that I announce our 4.20 PR release.
I want to thank the whole community for their efforts in getting this
release published!
*Please find the PR article attached here
<https://www.linuxfoundation.org/press/xen-project-announces-xen-420-release
>*
Please find the tarball and its signature at:
https://downloads.xenproject.org/release/xen/4.20.0/
You can also check out the tag in xen.git:
git://xenbits.xen.org/xen.git RELEASE-4.20.0
Git checkout and build instructions can be found at:
https://wiki.xenproject.org/wiki/Xen_Project_4.20_Release_Notes#Build_Requirements
Release notes can be found at:
https://wiki.xenproject.org/wiki/Xen_Project_4.20_Release_Notes
A summary for 4.20 release documents can be found at:
https://wiki.xenproject.org/wiki/Category:Xen_4.20
*Some notable features:*
- *Security Enhancements:*
- During the 4.20 development window, 8 new Xen Security Advisories (XSAs)
were published.
- Expanded MISRA C compliance: Integrated ECLAIR MISRA C scanner in GitLab
CI, enforcing 90
rules with zero unjustified violations.
- Enabled UBSAN (Undefined Behaviour Sanitiser) by default for x86, Arm64,
RISC-V and PowerPC
in GitLab CI.
- Integrated two of our existing fuzzing harnesses into OSSFuzz.
- *Arm*
- Support for LLC (Last Level Cache) coloring for performance optimizations.
- Experimental support for Armv8-R.
- Support for NXP S32G3 Processors Family and LINFlexD UART driver.
- To enable Xen towards safety certification, 43 requirements have been
added.
- *x86 Architecture:*
- On Intel CPUs, support the Paging-Write Feature.
- AMD Zen 5 CPU support, including mitigation for SRSO speculative
vulnerability.
- Improve Xen ability to boot (and reboot) using the default configuration
on possibly
quirky EFI firmware.
- Switched the xAPIC flat driver to use physical destination mode for
external interrupts instead
of logical destination mode.
- Remove support for running on Xeon Phi processors.
- There has been a substantial overhaul to the way in which boot module
handling works (part of the
Hyperlaunch work in progress), and a substantial overhaul to how the
32bit early boot code is built
and linked (part of the UEFI SecureBoot work in progress).
- *Other updates:*
- Fixes in the blkif protocol specification for non-512b sector sizes.
- Security and performance enhancements: The domain builder in libxenguest
no longer un-gzips
secondary modules, leaving it to the guest kernel.
- Continued to improve the common/arch code split, including improved
bit-operation helpers for bit
scanning and hamming weight.
Aside from the updates mentioned, I would also like to note that we are
still continue working on the PPC and RISC-V ports.
Best regards,
Oleksii
Come join the conversation on Matrix:
XenProject:https://matrix.to/#/#XenProject:matrix.org
XenDevel:https://matrix.to/#/#XenDevel:matrix.org
XenSocial:https://matrix.to/#/#XenSocial:matrix.org
