Category Archives: Uncategorized

Recap of LinuxCon China and Xen Project’s Growth in the Region

It’s been a very busy month or so for the Xen Project. During mid-June, I was lucky to attend and speak at LinuxCon + ContainerCon China held in Beijing. There I spoke on the topic of securing embedded systems with the hypervisor and live patching, virtual machine introspection and vulnerability management alongside my colleague Cheng Zhang of Citrix.

Open source has grown tremendously in China over the last few years, with Xen Project technology being a key enabler for cloud computing. Most recently, the Xen Project announced Huawei joining the Project’s advisory board. Huawei is one of a growing number of Chinese companies leveraging and contributing to the Xen Project’s software. Other organizations include Alibaba, Fujitsu (China), Intel (China), Tencent, Inspur, and more.

The Xen Project hypervisor currently powers Alibaba Cloud, which is growing at a massive rate with incredible potential.

Many ask why is this growth happening in China and why now? There are many different reasons, but I think the main point is: As key technologies are increasingly built collaboratively, more and more Chinese companies are using open source to leapfrog competitors. By joining Linux Foundation projects, in-country organizations are helping to drive further growth and development.

Collaboration in China and at the Conference

Contributions with the Xen Project have greatly expanded over the last few years, especially in contributions and membership coming from China. In our latest release, Xen Project 4.9, we had 25% more contributors to the core hypervisor, and an increase of 17% of contributions coming from the hypervisor, tests, and other components. We received several contributions from individuals based in China as well as Fujitsu (China), Huawei Technologies, and Intel (China).

We are generally seeing more companies (in China and beyond) participating in the project with an eye toward automotive, embedded, security, and native-cloud computing.

During the conference, I was able to meet up with community members from Alibaba, Huawei, Hyper_, Intel and others.. Key highlights and conversations for me included:

  • In the last year, we have seen very rapid adoption of Xen Project based products in government (e.g. China State Grid), industry (e.g. CTCI), telecoms (e.g. China Mobile), banking/financial (e.g. ICBC, People’s Insurance Company of China) and are starting to see adoption in High Performance Computing. One surprising factor that is leading to rapid adoption of open source in China is that many industries are required to perform code audits on software with the aim of strengthening cybersecurity, which gives open source software a significant edge.
  • I had lots of discussions on the “ins and outs” of Virtual Machine Introspection, after I highlighted that VMI defeated WannaCry/EternalBlue a priori mentioned in my live patching, virtual machine introspection and vulnerability management talk. As I learned most WannaCry victims were based in China including a number of companies such as the China National Petroleum Corporation, which led to 20% of petrol stations across the mainland going offline.
  • Live Patching, and its potential limitations and the complexities of how to build and validate them, were also high on the list of discussions which came up several times.
  • Another highlight was a discussion around the proposed Shared coprocessor framework for Xen, whose design is currently being finalized and will support sharing of GPUs, DSPs, FPGs and security once the prototype has been completed and upstreamed. I had originally assumed that co-processor sharing was mainly of interested either in embedded or for niche cloud use-cases, but was surprised to learn that there may be much more market pull than anticipated.

I’m looking forward for continued collaboration and innovation in this region.

Automotive, Security and the Future of the Xen Project at The Xen Project Developer and Design Summit

The Xen Developer and Design Summit schedule is now live! This conference combines the formats of the Xen Project Developer Summits with the Xen Project Hackathons. If you are part of the Xen Project’s community of developers and power users, come join us in Budapest, Hungary, July 11 – 13 for this must-attend event!

pandas-656890_1920

The conference will cover many different topic areas including community, embedded/automotive, performance, tooling, hardware, security and more. The format will include traditional panels and presentation, as well as design and problem solving sessions.

Design and problem solving session proposals will be accepted until July 7. This is a great way to meet other developers face-to-face to:

  • Discuss and advance the design and architecture of future functionality
  • Coordinate and plan upcoming features
  • Discuss and share best practices and ideas on how to improve community collaboration
  • Hear interactive sessions covering lessons learned from contributors, users and vendor

Submit your design and problem solving ideas here.

Keynotes this year are coming from Lars Kurth, Xen Project Chairperson and Director of Open Source Solutions at Citrix; Oleksandr Andrushchenko, Lead Software Engineer at EPAM Systems; Stefano Stabellini, Virtualization Architect at Aporeto; and Wei Liu, Senior Software Engineer at Citrix.

Here’s a small sampling of other speaking sessions during the conference:

Automotive

  • Dedicated Secure Domain as an Approach for Certification of Automotive Sector Solutions from Iurii Mykhalskyi of GlobalLogic
  • Harmony of CPU Scheduling Between RT Guest OS and Rich Guest OS in Automotive Virtualization from Sangyun Lee of LG Electronics

Security

  • Hypervisor-Based Security: Bringing Virtualized Exceptions Into the Game from Mihai Dontu of Bitdefender
  • Uniprof: Transparent Unikernel Performance Profiling and Debugging from Florian Schmidt of NEC

Future of Xen

  • Intel GVT-g: From Production to Upstream from Zhi Wang of Intel
  • Recent and Ongoing Xen Related Work in the Linux Kernel from Jürgen Groß of SUSE

General Hypervisor

  • Bring up PCI Passthrough on ARM from Julien Grall of ARM
  • EFI Secure Boot, Shim and Xen: Current Status of Developments from Daniel Kiper of Oracle

You can view the entire schedule here. Early bird specials for tickets (price is $250) are available until May 31st.

A special thank you to our Diamond Sponsor Citrix and Gold sponsors ARM, Intel and Superfluidity. We look forward to seeing you at the event in July, and please stay informed on Xen Project updates by following us on social (Twitter and Facebook) and registering to our xen-announce mailing list.

 

Now Accepting Submissions for Xen Project Developer and Design Summit 2017

screen-shot-2017-03-14-at-17-02-17 
We’re excited to announce that registration and the call for proposals is open for Xen Project Developer and Design Summit 2017, which will be held in Budapest, Hungary from July 11-13, 2017. The Xen Project Developer and Design Summit combines the formats of Xen Project Developer Summits with Xen Project Hackathons, and brings together the Xen Project’s community of developers and power users.

Submit a Talk

Do you have an interesting use case around Xen Project technology or best practices around the community? There’s a wide variety of topics we are looking for, including security, embedded environments, network function virtualization (NFV), and more. You can find all the suggested topics for presentations and panels here (make sure you select the Topics tab).

Several formats are being accepted for speaking proposals, including:

  • Presentations and Panels
  • Interactive design and problem solving sessions. These sessions can be submitted as part of the CFP, but we will reserve a number of design sessions to be allocated during the event. Proposers of design sessions are expected to host and moderate design sessions following the format we have used at Xen Project Hackathons. If you have not participated in these in the past, check out past event reports from 2016, 2015 and 2013.

Never talked at a conference before? Don’t worry! We encourage new speakers to submit for our events and have plenty of resources to help you prepare for your presentation.

Here are some dates to remember for submissions and in general:

  • CFP Close: April 14, 2017 (correction: was extended to April 21)
  • CFP Notifications: May 5, 2017
  • Schedule Announced: May 16, 2017
  • Event: July 11-13, 2017

Registration

Come join us for this event, and if you register by May 19, you’ll get an early bird discount :) Travel stipends are available for students or individuals that are not associated with a company. If you have any questions, please send a note to community.manager@xenproject.org.

How To Shrink Attack Surfaces with a Hypervisor

A software environment’s attack surface is defined as the sum of points in which an unauthorized user or malicious adversary can enter or extract data. The smaller the attack surface, the better. Linux.com recently sat down with Doug Goldstein (https://github.com/cardoe or @doug_goldstein) to discuss how companies can use hypervisors to reduce attack surfaces and why the Xen Project hypervisor is a perfect choice for security-first environments. Doug is a principal software engineer at Star Lab, a company focused on providing software protection and integrity solutions for embedded systems.

You can read the full interview here.

Xen Project Maintenance Releases Available (Versions 4.6.4 and 4.7.1)

I am pleased to announce the release of Xen 4.6.4 and 4.7.1. Xen Project Maintenance releases are released in line with our Maintenance Release Policy. We recommend that all users of the 4.6 and 4.7 stable series update to the latest point release.

Xen 4.6.4

Xen 4.6.4 is available immediately from its git repository http://xenbits.xen.org/gitweb/?p=xen.git;a=shortlog;h=refs/heads/stable-4.6
(tag RELEASE-4.6.4) or from the Xen Project download page http://www.xenproject.org/downloads/xen-archives/supported-xen-46-series/xen-464.html

Xen 4.7.1

Xen 4.7.1 is available immediately from its git repository http://xenbits.xen.org/gitweb/?p=xen.git;a=shortlog;h=refs/heads/stable-4.7
(tag RELEASE-4.7.1) or from the Xen Project download page http://www.xenproject.org/downloads/xen-archives/supported-xen-47-series/xen-471.html

These releases contain many bug fixes and improvements. For a complete list of changes, please check the lists of changes on the download pages.

Xen Project 4.5.5 Maintenance Release is Available

I am pleased to announce the release of Xen 4.5.5. Xen Project Maintenance releases are released in line with our Maintenance Release Policy. We recommend that all users of the 4.5 stable series update to this point release.

Xen 4.5.5 is available immediately from its git repository:

    xenbits.xenproject.org/gitweb/?p=xen.git;a=shortlog;h=refs/heads/stable-4.5
    (tag RELEASE-4.5.5)

or from the Xen Project download page at www.xenproject.org/downloads/xen-archives/xen-45-series/xen-455.html.

This release contains many bug fixes and improvements. For a complete list of changes in this release, please check the lists of changes on the download page.

We recommend all users of the 4.5 stable series to update to this latest point release.