Tag Archives: xen project

What’s New with Xen Project Hypervisor 4.8?

I’m pleased to announce the release of the Xen Project Hypervisor 4.8. As always, we focused on improving code quality, security hardening as well as enabling new features. One area of interest and particular focus is new feature support for ARM servers. Over the last few months, we’ve seen a surge of patches from various ARM vendors that have collaborated on a wide range of updates from new drivers to architecture to security.

We are also pleased to announce that Julien Grall will be the next release manager for Xen Project Hypervisor 4.9. Julien has been an active developer for the past few years, making significant code contributions to advance Xen on ARM. He is a software virtualization engineer at ARM and co-maintainer of Xen on ARM with Stefano Stabellini.

This release also marks the start of our first 6-month release cycle. Despite the shorter timeframe and putting more thorough security processes in place, we have maintained development momentum for Xen Project Hypervisor.

We’ve also worked with the Debian community to bring Xen Project Hypervisor 4.8 to the upcoming release (codename “Stretch”).

Here are the categories with updates to highlight in 4.8

  • Hypervisor General
  • Hypervisor x86
  • Hypervisor ARM
  • Toolstack
  • Xen Project Test Lab
  • Misc.

Hypervisor General

  • Credit2 scheduler is now supported: Compared to the default Credit scheduler, the Credit2 scheduler is more scalable and better at supporting latency sensitive workloads such as VDI, video and sound delivery, as well as unikernel applications. Credit2 is still based on a general purpose, weighted fair share, scheduling algorithm unlike some of the more specialized Xen Project schedulers such as RTDS and ARINC653.
  • Domain creation time optimisation: An optimisation to TLB flush is introduced to greatly reduce the number of flushes needed during domain creation. This has lead to the reduction of domain creation time for very large domains (with hundreds of gigabytes of RAM) from a few minutes to tens of seconds.
  • XSM policy is refactored and cleaned up: XSM policy files are refactored and cleaned up so that they are better organised and easier to understand. If configured, we can also now attach the in-tree default policy to Xen binary, so there is no need to load the default policy via boot loader.
  • Live Patching hook support: Live Patching is now able to look for the “hooks” section in the payload and execute code from there. This update gives the patch author more control in modifying data and code.

Hypervisor x86

  • CPUID faulting emulation: This makes CPUID fault in HVM userspace program without hardware support.
  • PVCLOCK_TSC_STABLE_BIT support: This greatly improves user space performance for time related syscalls.
  • Intel AVX-512 instructions support: These instructions offer higher performance for the most demanding computational tasks. They represent a significant leap to 512-bit SIMD support. This enables processing of twice the number of data elements that AVX/AVX2 can process with a single instruction and four times that of SSE.
  • PVH v2 DomU ABI is stabilised: The DomU guest ABI for PVH v2, without PCI passthrough support, is stabilised. Guest operating system developers can start porting OSes to this mode, which is simpler and gives them all the goodies that hardware and software provide.

Hypervisor ARM

  • Xen Project 4.8 ARM DomU ACPI support is now able to build ARM64 guests with ACPI support, such as Red Hat Enterprise Linux Server for ARM Development Preview (available via Partner Early Access Program). It can also run unmodified Xen on ARM.
  • Alternative patching support: This enables the hypervisor to apply workarounds for erratas affecting the processor and to apply optimizations specific to a CPU.
  • Live Patching initial support: Live Patching now supports both ARM32 and ARM64 platforms.
  • Support for Xilinx® Zynq® UltraScale+™ MPSoC: Xen Project Hypervisor 4.8 comes with support for the Xilinx Zynq UltraScale+ MPSoC making it much easier for Xilinx customers to integrate Xen into their solution.

Toolstack

  • Split out and re-license libacpi: The code inside hvmloader to construct guest ACPI tables is split out as a separate library libacpi, which is now shared across x86 and ARM. The code is re-licensed from GPL to LGPL.
  • HVM USB passthrough: It is now possible to passthrough USB devices to HVM guests with the help of QEMU.
  • Load BIOS via libxl: It is now possible to provide arbitrary BIOS binary to the guest making it easier to integrate and test Xen.
  • Libxl device handling framework: The device handling code inside libxl is reworked so that it is more extensible and easier to maintain.

Xen Project Test Lab

  • XTF is integrated into OSSTest: XTF is a micro-VM based test framework. It is now integrated into OSSTest and gates pushing patches to all supported Xen branches. This would help the project identify functional and security regressions more easily and quickly.

Misc.

  • Mini-OS ported to PVH v2: With the stabilization of PVH v2 DomU ABI, we are now confident to port mini-os to that mode. This would serve as an example to port guest OSes to PVH v2, as well as a foundation to more interesting micro-VM based work like building stub domains. The latter (stub domains) is a differentiator to other hypervisors, and could greatly enhance the security and scalability of Xen Project Hypervisor.
  • Mini-OS now supports ballooning up: Ideally, a service domain would need to dynamically adjust the memory it consumes, either voluntarily or via obeying command from hypervisor. This is an important feature to make Mini-OS based service domains more flexible in terms of memory consumption, which is one step towards that goal. Support for ballooning down Mini-OS is under development.

Summary

Despite the shorter release cycle, the community developed several major features, and found and fixed many more bugs. It is also rather impressive to see multiple vendors collaborate on the Xen Project Hypervisor to drive multiple projects forward. Major contributions for this release come from ARM, BitDefender, Bosch, Citrix, Freescale, Intel, Linaro, Oracle, Qualcomm, SUSE, Star Lab, the US National Security Agency, Xilinx, Zentific, and a number of universities and individuals.

Over the last year, contributors with strong security and embedded backgrounds have joined the Xen Project allowing us to  continue to focus on performance and flexibility without sacrificing security and reliability. Xen Project Hypervisor continues to move forward thanks to amazing efforts from companies developing products based on the hypervisor, such as XenServer 7 and Bitdefender Hypervisor Introspection, and novel new developments with Live Patching and Virtual Machine Introspection.

In this release, we took a security-first approach and spent a lot of energy to improve code quality and harden security. This inevitably slowed down the acceptance of new features a bit, but not enough to reach meaningful balance between mature security practice and innovation.

On behalf of the Xen Project Hypervisor team, I would like to thank everyone for their contributions (either in the form of patches, bug reports or packaging efforts) to the Xen Project. Please check our acknowledgement page, which recognizes all those who helped make this release happen.

The source can be located in the http://xenbits.xen.org/gitweb/?p=xen.git;a=shortlog;h=refs/heads/stable-4.8 tree (tag RELEASE-4.8.0) or can be downloaded as tarball from our website. More information can be found at

Xen Project Maintenance Releases Available (Versions 4.6.4 and 4.7.1)

I am pleased to announce the release of Xen 4.6.4 and 4.7.1. Xen Project Maintenance releases are released in line with our Maintenance Release Policy. We recommend that all users of the 4.6 and 4.7 stable series update to the latest point release.

Xen 4.6.4

Xen 4.6.4 is available immediately from its git repository http://xenbits.xen.org/gitweb/?p=xen.git;a=shortlog;h=refs/heads/stable-4.6
(tag RELEASE-4.6.4) or from the Xen Project download page http://www.xenproject.org/downloads/xen-archives/supported-xen-46-series/xen-464.html

Xen 4.7.1

Xen 4.7.1 is available immediately from its git repository http://xenbits.xen.org/gitweb/?p=xen.git;a=shortlog;h=refs/heads/stable-4.7
(tag RELEASE-4.7.1) or from the Xen Project download page http://www.xenproject.org/downloads/xen-archives/supported-xen-47-series/xen-471.html

These releases contain many bug fixes and improvements. For a complete list of changes, please check the lists of changes on the download pages.

Xen Project 4.5.5 Maintenance Release is Available

I am pleased to announce the release of Xen 4.5.5. Xen Project Maintenance releases are released in line with our Maintenance Release Policy. We recommend that all users of the 4.5 stable series update to this point release.

Xen 4.5.5 is available immediately from its git repository:

    xenbits.xenproject.org/gitweb/?p=xen.git;a=shortlog;h=refs/heads/stable-4.5
    (tag RELEASE-4.5.5)

or from the Xen Project download page at www.xenproject.org/downloads/xen-archives/xen-45-series/xen-455.html.

This release contains many bug fixes and improvements. For a complete list of changes in this release, please check the lists of changes on the download page.

We recommend all users of the 4.5 stable series to update to this latest point release.

Xen Project 4.7 and 4.6.3 Release

I’m pleased to announce the release of Xen Project Hypervisor 4.7 and Xen Project Hypervisor 4.6.3.

Xen Project Hypervisor 4.7

This new release focuses on improving code quality, security hardening, security features, live migration support, usability improvements and support for new hardware features — this is also the first release of our fixed term June – December release cycle.

We continue to strive to make Xen Project Hypervisor the most secure open source hypervisor to match the security challenges in cloud computing, and for embedded and IoT use-cases. We are continuing to improve upon the performance and scalability for our users, and aim to continuously bring many new features to our users in a timely manner.

To make it easier to understand the major changes during this release cycle, I’ve grouped them below into several categories:

  • Security Features
  • Migration Support
  • Performance and Workloads
  • Support for new Hardware Features
  • Drivers and Devices (Linux, FreeBSD and other)

Security Features

Reboot-free Live Patching: Xen Project Hypervisor 4.7 comes equipped with Live Patching, a technology that enables re-boot free deployment of security patches to minimize disruption and downtime during security upgrades for system administrators and DevOps practitioners. Xen Project 4.7 implements version 1 of the Xen Project’s Live Patching specification, which is designed to encode the vast majority of security patches (approximately 90%) as Live Patching payloads. This version ships with a Live Patching enabled hypervisor and payload deployment tools and is available as a technology preview.

KCONFIG support: For security, embedded automotive and IoT use cases, Xen Project introduced the ability to remove core Xen Hypervisor features at compile time via KCONFIG. This ability creates a more lightweight hypervisor and eliminates extra attack surfaces that are beneficial in security-first environments, microservice architectures and environments that have heavy compliance and certification needs, like automotive.

Improvements to the Virtual Machine Introspection (VMI) subsystem: A number of performance, scalability, robustness and interface improvements have been added to the Virtual Machine Introspection subsystem, that was introduced in Xen 4.5. In addition, Bitdefender Hypervisor Introspection leveraging Xen Project Virtual Machine Introspection, has recently been released as a new enterprise security solution to discover and remedy deep threats that remain hidden via traditional endpoint security tools.

Foundation work to tolerate a restartable Dom0: Several key components in a Xen Project system run in Dom0, which make Dom0 the single point of failure. Xen Project has been able to run xenstored, the daemon for managing the hypervisor’s central settings repository on a Xen Project host, in a sandboxed Virtual Machine called xenstored stub domain since Xen Project version 4.2. In Xen 4.7, we have made it easier to build xenstored stub domains and for them to tolerate a Dom0 restart. This will make Dom0 less critical to a Xen Project system and help us move towards a more robust and secure architecture in the future. More work in this area is expected in subsequent releases.

Migration Support

Improved Migration support: CPU ID Levelling enables migration of VM’s between a larger range of non-identical hosts than previously supported.

Fault Tolerance / Coarse-grained Lock-stepping (COLO): Xen 4.5 laid the foundation for COLO while improving the Xen Project’s Hypervisors Live Migration and Remus High Availability support. The COLO Manager, which introduces a relaxed approach to checkpointing that avoids unnecessary checkpoints enabling near native performance for many workloads, has been fully integrated as an experimental feature into Xen 4.7. Note that the COLO Block Replication and COLO Proxy components, both of which are QEMU components, are currently still reviewed by the QEMU community. Both components are available as out-of-tree add-ons to the Xen Project Hypervisor, until fully integrated into QEMU.

Performance and Workloads

Support for a wider range of workloads and applications: The PV guest limit restriction of 512GB has been removed to allow the creation of huge PV domains in the TB range. TB sized VMs, coupled with Xen Project’s existing support for 512 vCPUs per VM, enable execution of memory and compute intensive workloads such as big data analytics workloads and in-memory databases.

Improved Credit 2 scheduler: The Credit2 scheduler is one (big) step closer to being ready for production use. It is now possible to instruct the scheduler to organize its runqueues and perform load balancing at core, socket or NUMA node granularity. More fine grained (core) configurations, deliver more aggressive load balancing, and are best suited for medium size systems. This feature has been proven to enable very good performance, especially if Hyper Threading is present.

Less fine grained configurations entail less overhead, and is suitable for larger servers or when no Hyper Threading is available. In addition, Credit2 has been extended to allow pinning of vCPUs to pCPUs (also known as “hard affinity”), allowing system administrators to configure the system in the exact way they want, and achieve the best setup for a given workload (for instance, a guarantee that a certain subset of vCPUs are always able to run when they need to run).

Improved RTDS scheduler: The RTDS scheduler is a real-time CPU scheduler built to provide guaranteed CPU capacity to guest VMs on SMP hosts, which primarily targets embedded, real-time and low-latency workloads. In Xen Project 4.7, the scheduling model has been changed from a quantum-driven to an event-driven model, which reduces scheduling overhead and thus scalability and performance for embedded and realtime workloads. In addition, per-VCPU parameter configuration has been added to allow better scheduler control for specialised workloads.

Per-cpu reader-writer lock: This new infrastructure allows for the fast path read case to have low overhead by only setting/clearing a per-cpu variable for using the read lock. After transforming various hypervisor locks to this infrastructure, VM-VM network transfer with 16 queues jumped from 15 gbit/s to 48 gbit/s on a 2 socket Haswell-EP host.

Usability Improvements

PVUSB Support: In Xen Project 4.7, a new XL command line interface to manage PVUSB devices has been introduced to manage PVUSB devices for PV guests. Both in kernel PVUSB backend and QEMU backend are supported.

Hot plugging of QEMU disk backends: Xen Project now enables hot-plugging of USB devices as well as QEMU disk backends, such as drbd, iscsi, and more in HVM guests. This new feature allows users to add and remove disk backends to virtual machines without the need to reboot the guest.

Soft-reset: The soft reset feature for HVM guests allows for a more graceful shutdown and restart of the HVM guest.

New Hardware Support

Features specific to the ARM Architecture

SBBR Compliance: Xen Project now supports booting on hosts that expose ACPI 6.0 (and later) information. The ARM Server Base Boot Requirements (SBBR) stipulate that compliant systems need to express hardware resources with ACPI; thus this support will come in useful for ARM Servers. This effort was carried out by Shannon Zhao of Linaro with minor patches from Julien Grall of ARM.

PCSI 1.0 Compatibility: PSCI 1.0 compatibility allows Xen Project software to operate on systems that expose PSCI 1.0 methods. Now, all 1.x versions of PSCI will be compatible with Xen Project software. More information on Power State Coordination Interface can be found here. This effort was also carried out by Julien Grall with a patch from Dirk Behme of Bosch.

vGIC-v3: Virtual Generic Interrupt Controller version 3. Reworked to be spec-compliant and optimised in some code paths.

Wallclock support: ARM guest can now get wallclock time directly from Xen Project via shared info page.

Features specific to Intel® Xeon® processor product family

Improved Interrupt Efficiency: Xen Project 4.7 supports VT-d Posted Interrupts, which provides hardware-level acceleration to increase interrupt virtualization efficiency. It reduces latency and improves user experience through performance improvements, especially for interrupt-intensive front-end workloads such as web servers. Note that Posted Interrupts in Xen Project 4.7 are still experimental and disabled by default.

Code and Data Prioritization: Xen Project 4.7 is the first to include Code and Data Prioritization (CDP), part of the Intel® Resource Director Technology (RDT) Framework and an extension of Cache Allocation Technology (CAT), first introduced in Xen Project 4.6. The introduction of CDP allows isolation of code/data within the shared L3 cache of multi-tenant environments, reducing contention and improving performance.

Other Intel Features: Additional features specific to the Intel Xeon processor family in Xen Project 4.7 include: VMX TSC Scaling, which allows for easier migration between machines with different CPU frequencies and support for Memory Protection Keys, a new security feature for hardening the software stack.

Drivers and Devices (Linux, FreeBSD and other)

During the Xen Project 4.7 release cycle, we made significant improvements to major operating systems and components we rely on to improve interoperability. During this development cycle 1494 Xen Project only related changesets – mostly bug fixes and small improvements – were applied to Linux, FreeBSD, NetBSD, QEMU and the Windows PV drivers: more than twice as many as in the 4.6 release cycle.

Summary

With dozens of major improvements, many more bug fixes and small improvements, and significant improvements to Drivers and Devices, Xen Project 4.7 reflects a thriving community around the Xen Project Hypervisor.

We are extremely proud of achieving the highest quality of the release while increasing development velocity across the hypervisor and its upstream dependencies by about 16%. In particular, our latest security related features enable Xen Project software to compete in the security appliance market and help answer some of the difficult questions regarding security in the cloud era.

We set out at the beginning of this release cycle to foster greater collaboration among vendors, individual developers, upstream maintainers, other projects and distributions. During this release cycle we continued to see an increasing influx of patches and newcomers such as Star Lab, Bosch and Netflix. We had a significant amount of contributions from cloud providers, software vendors, hardware vendors, academic researchers and individuals to help with this release. Major contributors for this particular release come from Citrix, SUSE, Intel, Star Lab, Oracle, Linaro, Fujitsu, Bitdefender, Red Hat, Huawei, ARM, Novetta, Broadcom, Xilinx, Bosch, AMD, GlobalLogic, NSA, Netflix and a number of universities and individuals. Thank you to all who participated.

As the release manager, I would like to thank everyone for their contributions (either in the form of patches, bug reports or packaging efforts) to the Xen Project. This release wouldn’t have happened without contributions from so many people around the world. Please check out our 4.7 contributor acknowledgement page.

The source can be located in the http://xenbits.xen.org/gitweb/?p=xen.git;a=shortlog;h=refs/heads/stable-4.7 tree (tag RELEASE-4.7.0) or can be downloaded as tarball from our website. More information can be found at

Xen Project Hypervisor 4.6.3

The Xen Project 4.6.3 release is a maintenance release which comprises bug fixes and security updates. This is release is available immediately from its git repository
http://xenbits.xen.org/gitweb/?p=xen.git;a=shortlog;h=refs/heads/stable-4.6
(tag RELEASE-4.6.3) or from the Xen Project download page
http://www.xenproject.org/downloads/xen-archives/xen-46-series/xen-463.html
(where a list of changes can also be found).

We recommend all users of the 4.6 stable series which do not wish to upgrade to Xen 4.7, to update to this latest point release.

Note regarding version numbering: an issue was found late in the release process,
after one of the affected qemu trees was already tagged with a signed release git tag. Signed git tags provide a secure way of accounting for the source code, but once created they cannot be removed. Thus, the project could have released this maintenance release with a known issue, or fix the issue and skip a version number. We opted for the latter and decided to skip version 4.6.2.

Xen Project 4.7 Planning Opens

With Xen 4.6 released in October, we are already one month into the new cycle. Which means it is time to start planning for the next release. You may remember that one of the goals of the 4.6 release planning was to create smoother developer experience and to release Xen 4.6 on time. Both goals were achieved, so it was time to think where to go from here. Thus, the Xen community underwent a thorough discussion on how to manage future releases from xen-unstable and its impact on stable releases. The takeaway message of those lengthy threads is that we should continue to work on making the release cycle shorter and more predictable.

As such, the timeline for 4.7 is:

  • Development starts: October 13, 2015
  • Last posting date: March 18, 2016
  • Hard code freeze: April 1, 2016
  • Release date: June 3, 2016

After the 4.7 release, we will start to release Xen every 6 months: at the beginning of June and December. A regular 6 monthly release schedule has worked well for Ubuntu, OpenStack and many other projects. The idea behind it is a simple one: set a hard date and modify your goals to match that timeline. Which is also, why we dropped feature freeze exceptions, which create overheads and introduce unnecessary risk and debate. In addition, the new fixed release schedule will help open source projects and commercial vendors who consume Xen to plan their own releases better. And it allows us to set a schedule that ensures that every single release cycle is only affected by a single holiday period and that we have a Xen Project developer event (be it a Hackathon or Xen Project Developer Summit) during each release cycle. The stable release scheme is unchanged: 18 months full support, plus 18 months security fixes afterwards.

For more information, check out the slides that explain our release process and how it is changing for Xen 4.7 and beyond. To follow the roadmap in the coming months, be sure to check the Xen 4.7 Roadmap page on our wiki. Get involved on xen-devel@ and happy hacking!

For more updates, follow @XenProject.org on Twitter.

Xen Project 4.5.1 Maintenance Release Available

I am pleased to announce the release of Xen 4.5.1. We recommend that all users of the 4.5 stable series update to this first point release.

Xen 4.5.1 is available immediately from its git repository:

    xenbits.xenproject.org/gitweb/?p=xen.git;a=shortlog;h=refs/heads/stable-4.5
    (tag RELEASE-4.5.1)

or from the Xen Project download page at www.xenproject.org/downloads/xen-archives/xen-45-series/xen-451.html.

This release contains many bug fixes and improvements. For example:

  • Removal of race conditions in the Xen default toolstack that affected libvirt, in particular when used with OpenStack (this release contains all changes that we use in the Xen Project OpenStack CI loop; also see related OpenStack news);
  • Stability improvements to CPUPOOL handling, in particular when used with different schedulers;
  • Stability improvements to EFI support on some x86 platforms;
  • Stability improvement to handling of nested virtualisation on x86;
  • Various improvements to 32 and 64 bit ARM support;
  • Various improvements to better integrate and support rump kernels;
  • Error handling improvements; and
  • Security fixes since the release of Xen 4.5.0,

For a complete list of changes in this release, please check lists of changes on the download page.