by @SigmaSquadron Activity log
- Created automatic suggestion
- @SigmaSquadron dismissed
x86: incomplete IBPB for vCPU isolation
In the context switch logic Xen attempts to skip an IBPB in the case of a vCPU returning to a CPU on which it was the previous vCPU to run. While safe for Xen's isolation between vCPUs, this prevents the guest kernel correctly isolating between tasks. Consider: 1) vCPU runs on CPU A, running task 1. 2) vCPU moves to CPU B, idle gets scheduled on A. Xen skips IBPB. 3) On CPU B, guest kernel switches from task 1 to 2, issuing IBPB. 4) vCPU moves back to CPU A. Xen skips IBPB again. Now, task 2 is running on CPU A with task 1's training still in the BTB.
Affected products
- ==consult Xen advisory XSA-479
Matching in nixpkgs
pkgs.xen
Type-1 hypervisor intended for embedded and hyperscale use cases
pkgs.xenon
Monitoring tool based on radon
pkgs.hhexen
Linux port of Raven Game's Hexen
pkgs.lexend
Variable font family designed to aid in reading proficiency
-
nixos-unstable 0.pre+date=2022-09-22
- nixpkgs-unstable 0.pre+date=2022-09-22
- nixos-unstable-small 0.pre+date=2022-09-22
-
nixos-25.05 0.pre+date=2022-09-22
- nixos-25.05-small 0.pre+date=2022-09-22
- nixpkgs-25.05-darwin 0.pre+date=2022-09-22
pkgs.uhexen2
Cross-platform port of Hexen II game
pkgs.qemu_xen
Generic and open source machine emulator and virtualizer
pkgs.xenomapper
Utility for post processing mapped reads that have been aligned to a primary genome and a secondary genome and binning reads into species specific, multimapping in each species, unmapped and unassigned bins
pkgs.nxengine-evo
Complete open-source clone/rewrite of the masterpiece jump-and-run platformer Doukutsu Monogatari (also known as Cave Story)
pkgs.xenia-canary
Xbox 360 Emulator Research Project
-
nixos-unstable 0-unstable-2025-11-22
- nixpkgs-unstable 0-unstable-2025-11-22
- nixos-unstable-small 0-unstable-2025-11-22
pkgs.xen-guest-agent
Xen agent running in Linux/BSDs (POSIX) VMs
-
nixos-unstable 0.4.0-unstable-2024-05-31
- nixpkgs-unstable 0.4.0-unstable-2024-05-31
- nixos-unstable-small 0.4.0-unstable-2024-05-31
-
nixos-25.05 0.4.0-unstable-2024-05-31
- nixos-25.05-small 0.4.0-unstable-2024-05-31
- nixpkgs-25.05-darwin 0.4.0-unstable-2024-05-31
pkgs.libretro.nxengine
NXEngine libretro port
-
nixos-unstable 0-unstable-2024-10-21
- nixpkgs-unstable 0-unstable-2024-10-21
- nixos-unstable-small 0-unstable-2024-10-21
-
nixos-25.05 0-unstable-2024-10-21
- nixos-25.05-small 0-unstable-2024-10-21
- nixpkgs-25.05-darwin 0-unstable-2024-10-21
pkgs.grub2_pvgrub_image
PvGrub2 image for booting PV Xen guests
pkgs.grub2_pvhgrub_image
PvGrub2 image for booting PVH Xen guests
pkgs.hunspellDicts.eu_ES
Basque (Xuxen 5)
-
nixos-unstable 5-2015.11.10
- nixpkgs-unstable 5-2015.11.10
- nixos-unstable-small 5-2015.11.10
-
nixos-25.05 5-2015.11.10
- nixos-25.05-small 5-2015.11.10
- nixpkgs-25.05-darwin 5-2015.11.10
pkgs.haskellPackages.xeno
A fast event-based XML parser in pure Haskell
pkgs.python312Packages.xen
Type-1 hypervisor intended for embedded and hyperscale use cases
pkgs.python313Packages.xen
Type-1 hypervisor intended for embedded and hyperscale use cases
pkgs.ocamlPackages.xenstore
Xenstore protocol in pure OCaml
pkgs.ocamlPackages.mirage-xen
Xen core platform libraries for MirageOS
pkgs.haskellPackages.xenomorph
None
pkgs.haskellPackages.xmlbf-xeno
xeno backend support for the xmlbf library
pkgs.nltk-data.maxent-ne-chunker
NLTK Data
-
nixos-unstable 0-unstable-2024-07-29
- nixpkgs-unstable 0-unstable-2024-07-29
- nixos-unstable-small 0-unstable-2024-07-29
pkgs.ocamlPackages.xenstore-tool
Command line tool for interfacing with xenstore
pkgs.ocamlPackages.mirage-net-xen
Network device for reading and writing Ethernet frames via then Xen netfront/netback protocol
pkgs.python312Packages.pylatexenc
Simple LaTeX parser providing latex-to-unicode and unicode-to-latex conversion
pkgs.python313Packages.pylatexenc
Simple LaTeX parser providing latex-to-unicode and unicode-to-latex conversion
pkgs.nltk-data.maxent-ne-chunker-tab
NLTK Data
-
nixos-unstable 0-unstable-2024-07-29
- nixpkgs-unstable 0-unstable-2024-07-29
- nixos-unstable-small 0-unstable-2024-07-29
pkgs.ocamlPackages.mirage-bootvar-xen
Handle boot-time arguments for Xen platform
pkgs.ocamlPackages.xenstore_transport
Low-level libraries for connecting to a xenstore service on a xen host
pkgs.nltk-data.maxent-treebank-pos-tagger
NLTK Data
-
nixos-unstable 0-unstable-2024-07-29
- nixpkgs-unstable 0-unstable-2024-07-29
- nixos-unstable-small 0-unstable-2024-07-29
pkgs.nltk-data.maxent-treebank-pos-tagger-tab
NLTK Data
-
nixos-unstable 0-unstable-2024-07-29
- nixpkgs-unstable 0-unstable-2024-07-29
- nixos-unstable-small 0-unstable-2024-07-29
Package maintainers
-
@djanatyn Jonathan Strickland <djanatyn@gmail.com>
-
@majiru Jacob Moody <moody@posixcafe.org>
-
@umazalakain Uma Zalakain <ping@umazalakain.info>
-
@fufexan Fufezan Mihai <fufexan@protonmail.com>
-
@edwtjo Edward Tjörnhammar <ed@cflags.cc>
-
@aanderse Aaron Andersen <aaron@fosslib.net>
-
@hrdinka Christoph Hrdinka <c.nix@hrdinka.at>
-
@thiagokokada Thiago K. Okada <thiagokokada@gmail.com>
-
@drewrisinger Drew Risinger <drisinger+nixpkgs@gmail.com>
-
@SigmaSquadron Fernando Rodrigues <alpha@sigmasquadron.net>
-
@CertainLach Yaroslav Bolyukin <iam@lach.pw>
-
@hehongbo Hongbo
-
@alyssais Alyssa Ross <hi@alyssa.is>
-
@xdHampus Hampus
-
@jbedo Justin Bedő <cu@cua0.org>
-
@jfvillablanca Jann Marc Villablanca <jmfv.dev@gmail.com>
-
@happysalada Raphael Megzari <raphael@megzari.com>
-
@bengsparks Ben Sparks <benjamin.sparks@protonmail.com>
-
@sternenseemann Lukas Epple <sternenseemann@systemli.org>
-
@tuxy Binh Nguyen <lastpass7565@gmail.com>