XPDDS18: The Evolution of Virtualization in the Arm Architecture - Julien Grall, ARM

•

5 gostaram•1,038 visualizações

Tweet Share Virtualization capabilities were added to the latest revision of the Armv7-A architectures (with processors like Cortex A7 and A15), and this was extended further with Armv8-A (64bit). Since then, Arm has been improving virtualization support with incremental versions of the Armv8 architecture. This talk will give an overview of the features added.

Tecnologia

The evolu on of Virtualiza on
in the Arm Architecture
Julien Grall <julien.grall@arm.com>
Xen Developer Summit 2018
© 2018 Arm Limited

Type of hypervisors
Figure: From wikipedia
4 © 2018 Arm Limited

ARMv8-A Privilege Model
Support both AArch32 and AArch64 execu on modes
32-64bit inter-working limited to excep on boundaries
AArch64 always has a higher privilege than AArch32
AArch64 state is a superset of AArch32 state
5 © 2018 Arm Limited

ARM virtualiza on
Introduced with the latest version of ARMv7 architecture
New hypervisor execu on state
Non-Secure world, higher privilege than EL1
6 © 2018 Arm Limited

Virtualiza on in a nutshell
Second stage of memory transla on
Adds an extra level of indirec on between guests and physical memory
TLBs are tagged by Virtual Machine ID (VMID)
Ability to trap access of most system registers
The hypervisor decides what it wants to trap
Can handle IRQs, FIQs and asynchronous aborts
The guest doesn’t see physical interrupts ﬁring, for example
Guests can call into EL2 mode (HVC instruc on)
Allows para-virtualizated services
Standard architecture peripherals are virtualiza on-aware
GIC and mer have speciﬁc features to help virtualiza on
7 © 2018 Arm Limited

EL2: Not EL1++ (ARMv8.0-A)
EL2 is not a superset of NS-EL1
Orthogonal mode to EL1
Allows mul plexing of NS-EL1 guests on the hardware
Own transla on regime
Separate Stage-1 transla on, no Stage-2 transla on
It would be diﬃcult to run Linux in EL2
Requires too many changes to be prac cal
EL2 could be used as a ”world switch”
Between guests (baremetal hypervisor/Type I)
Between host and guest (hosted hypervisor/Type II)
This makes the host a form of specialized guest.
8 © 2018 Arm Limited

Hypervisor architecture - Type I
EL1
EL0
EL2
Guest Kernel
Hypervisor
Guest Kernel Guest Kernel
Guest
Userspace Userspace Userspace
Guest Guest
9 © 2018 Arm Limited

Hypervisor architecture - Type II
EL1
EL0
EL2
HYP
Host Kernel
Switching Code
Guest Kernel Guest Kernel
Host
Userspace Userspace Userspace
Guest Guest
10 © 2018 Arm Limited

EL2 enhancement (ARMv8.1-A)
The Virtualiza on Host Extension (VHE) expands the capability of EL2:
Designed to improve the support of the Type-2 hypervisors
Allows the host OS to be run at EL2
The host OS requires minimal changes to run at EL2
User-space s ll runs at EL0
Host has no so ware running at EL1
AArch64 speciﬁc
EL2 becomes a strict superset of EL1
11 © 2018 Arm Limited

Hosted hypervisor architecture on a pla orm without VHE
EL1
EL0
EL2
HYP
Host Kernel
Switching Code
Guest Kernel Guest Kernel
Host
Userspace Userspace Userspace
Guest Guest
12 © 2018 Arm Limited

Hosted hypervisor architecture on a pla orm with VHE
EL1
EL0
EL2
Guest Kernel Guest Kernel
Host
Userspace Userspace Userspace
Guest Guest
Host Kernel + HYP
13 © 2018 Arm Limited

Nested Virtualiza on (ARMv8.3-A)
The Nested Virtualiza on extension allows a hypervisor in a VM.
Unmodiﬁed guest hypervisor running in NS EL1
Implementa on of a host hypervisor required
Running at EL2
AArch64 speciﬁc
14 © 2018 Arm Limited

Nested Virtualiza on on Arm
16 © 2018 Arm Limited

Nested Virtualiza on (ARMv8.3-A)
17 © 2018 Arm Limited

Nested Virtualiza on (Armv8.4.A)
ARMv8.4 extends Nested Virtualiza on to:
Reduce the number of traps
Improve performance of nested hypervisor
18 © 2018 Arm Limited

Memory Par oning And Monitoring (ARMv8.3-A)
The Memory Par oning And Monitoring (MPAM) allows:
to limit the memory system performance impact of a VM
provide more bandwidth to some processes
A hypervisor can monitor and control how VM uses:
memory of a system
communicate with other system components
19 © 2018 Arm Limited

Summary
Robust set of virtualiza on features
Not just about CPU virtualiza on
Covers the whole systems architecture
An architecture in mo on:
ARMv8.1-A: https://goo.gl/Ox4thV
ARMv8.2-A: https://goo.gl/0Ns37U
ARMv8.3-A: https://goo.gl/CJv1n0
ARMv8-4-A: https://goo.gl/tYZmhR
20 © 2018 Arm Limited

The Arm trademarks featured in this presenta on are registered trademarks or
trademarks of Arm Limited (or its subsidiaries) in the US and/or elsewhere. All rights
reserved. All other marks featured may be trademarks of their respec ve owners.
www.arm.com/company/policies/trademarks
© 2018 Arm Limited

Mais conteúdo relacionado

Mais procurados

Autonomous vehicles need to run robust autopilot software in resource-constrained environments. Such vehicles are increasingly built on ARM platforms with resources to spare. We have begun investigating the feasibility of using this spare capacity to implement other interesting services on these vehicles by using Xen to separate the real-time autopilot software from a richer, non-real-time Linux system. In order to make this work, we have ported FreeRTOS, a popular minimal operating system for microcontrollers, to run as a Xen guest on the ARM Cortex A15.

XPDS14: Porting FreeRTOS to Xen on the ARM Cortex A15 - Jonathan Daugherty, G...

The Linux Foundation

ACRN vMeet-Up EU 2021 - debug ACRN hypervisor

Project ACRN

Mobile devices, such as smart phones and tablets, are becoming de-facto everyday computing and communication devices, virtualization can bring additional benfits to mobile devices for both security and manageability. IT department may use hypervisor, as a highly secure solution, to manage autherized mobile devices, such as for network traffic monitoring, filtering, scan (for virus detection), and/or OS update/patching even when the guest OS becomes completely dead. We insert Xen to the mobile OS Android to deprivilege Android as guest for security and manageability purpose. However, the usage case of mobile device is quit different with that of server, for example mobile devices runs completely different benchmarks (mostly multimedia focused) vs. that in server (mostly responsiveness focused). We analyze the gap of Xen as a mobile hypervisor and present how we improve the performance.

XPDS13: Performance Optimization on Xen-based Android Device - Jack Ren, Inte...

The Linux Foundation

AMD recently disclosed new security technologies which leverage hardware-based memory encryption to provide additional security protections. This talk will focus primarily on technology which supports encrypted virtual machines for extra isolation and protection from the hypervisor itself. The presentation will discuss the technical details of this technology with a focus on how it can be integrated within the Xen infrastructure.

XPDS16: AMD's virtualization memory encryption technology - Brijesh Singh, A...

The Linux Foundation

Hardware accelerated Virtualization in the ARM Cortex™ Processors

The Linux Foundation

Project ACRN hypervisor introduction

Project ACRN

HKG18- 115 - Partitioning ARM Systems with the Jailhouse Hypervisor

Linaro

ARM Architecture-based System Virtualization: Xen ARM open source software pr...

The Linux Foundation

HKG15-400: Next steps in KVM enablement on ARM

Linaro

Xen role, details of implementation and problems in a sample solution based on OSS (Android, Linux and Xen) that addresses Automotive requirements such as ultra-fast RVC boot time, quick IVI system boot time, cloud connectivity and multimedia capabilities, reliability and security through hardware virtualization. Secure CAN/LIN/MOST bus integration handled by Linux on Dom0 while Android runs customizable QML-based HMI in a sandbox of DomU. These case studies will include but not be limited to: computing power requirements, memory requirements, virtualization, stability, boot-time sequence and optimization, video clips showing results of the work done. Case study is built on TexasInstruments OMAP5 SoC.

XPDS13: Xen in OSS based In–Vehicle Infotainment Systems - Artem Mygaiev, Glo...

The Linux Foundation

Hypervisors are becoming more and more widespread in embedded environments, from automotive to medical and avionics. Their use case is different from traditional server and desktop virtualization, and so are their requirements. This talk will explain why hypervisors are used in embedded, and the unique challenges posed by these environments to virtualization technologies. Xen, a popular open source hypervisor, was born to virtualize x86 Linux systems for the data center. It is now the leading open source hypervisor for ARM embedded platforms. The presentation will show how the ARM port of Xen differs from its x86 counterpart. It will go through the fundamental design decisions that made Xen a good choice for ARM embedded virtualization. The talk will explain the implementation of key features such as device assignment and interrupt virtualization.

Xen and the art of embedded virtualization (ELC 2017)

Stefano Stabellini

LCA13: Xen on ARM

Linaro

BSDCan 2015: How to Port BSD as a Xen on ARM Guest

The Linux Foundation

As the first ARM servers and microservers hit the market, Xen on ARM is becoming more mature, stable and reaching feature parity with x86. This talk will present the current status of the project, will describe the latest improvements, the gaps that still need to be filled and the roadmap going forward. ARMv8 silicon is now available for purchase: we can measure how well Xen on ARM 64-bit is performing on real hardware and compare the performance figures with other hypervisors. The presentation will show these results, it will measure the overhead introduced by Xen on ARM and will compare it with the overhead introduced by Xen and KVM on x86. The talk will explain the reasons behind performance shortfalls and present ideas on how to address them in the future. The performance results will be used to determine when it makes sense to use Xen on ARM and what are the best use cases for it.

XPDS14 - Xen on ARM: Status and Performance - Stefano Stabellini, Citrix

The Linux Foundation

ALSS14: Xen Project Automotive Hypervisor (Demo)

The Linux Foundation

The Arm architecture allows for a wide variety of cache configurations, levels and features. This enables building systems that will optimally fit power/area budgets set for the target application. A consequence of this is that architecturally compliant software has to cater for a much wider range of behaviors than on other architectures. While most software uses cache instructions that don't need special treatment in a virtualized environment, some will want to directly manage a given cache using set/way instructions and will introduce challenges for the hypervisor to handle them. This talk will give an overview of how caches behave in the Arm architecture, especially in the context of virtualization. It will then describe the problem of using set/way instructions in a virtualized environment. We will also discuss the modifications required in Xen to handle those instructions.

XPDDS18: The Art of Virtualizing Cache Maintenance - Julien Grall, Arm

The Linux Foundation

What do “Crazy in Love” by Beyonce and the “Xen Project” have in common? They are both 15-year-old hits. Flash forward to today. The Xen Project is used by more than 10 million users, powers some of the largest clouds on the planet, and is starting to build momentum in embedded and safety-conscious market segments. The Xen Project played a key role in developing technologies outside of the hypervisor, like hardware virtualization, and open source security disclosure standards that impact entire industries. The Xen Project’s success and longevity can be attributed to its flexible architecture, but more importantly to enabling community members to contribute ideas and code, even if they are not core to the project's main use-case. We will share how the project has supported new technologies and ideas (sometimes in the form of failures and sometimes wins) and will derive best practices that may help other projects .

Xen Project 15 Years down the Line

The Linux Foundation

Project ACRN: SR-IOV implementation

Geoffroy Van Cutsem

Project ACRN configuration scenarios and config tool

Project ACRN

This talk provides an overview of the Xen Project eco-system and its main use-cases in a number of important market segments: it covers server virtualization, cloud computing and embedded, automotive and related. Lars Kurth highlights why the Xen Project is relevant in these market segments: he provides an overview of the Xen Project's architecture, relevant existing functionality and ongoing and planned developments. To complement the picture, he covers open-source projects that are related to Xen and are of interest for these use-cases. Excellent Software security is key to all of these use-cases. Thus, Lars specifically covers the Xen Project's security features, track record and touches on the project's security practices. He concludes with a few resources that help you get started with the Xen Project and highlight Internship Programs which the project supports. The talk was delivered at Root Linux Conference 2017. Learn more: http://linux.globallogic.com/materials. The video is available at https://www.youtube.com/watch?v=sjQnAIJji4k

Rootlinux17: An introduction to Xen Project Virtualisation

The Linux Foundation

Mais procurados (20)

XPDS14: Porting FreeRTOS to Xen on the ARM Cortex A15 - Jonathan Daugherty, G...

ACRN vMeet-Up EU 2021 - debug ACRN hypervisor

XPDS13: Performance Optimization on Xen-based Android Device - Jack Ren, Inte...

XPDS16: AMD's virtualization memory encryption technology - Brijesh Singh, A...

Hardware accelerated Virtualization in the ARM Cortex™ Processors

Project ACRN hypervisor introduction

HKG18- 115 - Partitioning ARM Systems with the Jailhouse Hypervisor

ARM Architecture-based System Virtualization: Xen ARM open source software pr...

HKG15-400: Next steps in KVM enablement on ARM

XPDS13: Xen in OSS based In–Vehicle Infotainment Systems - Artem Mygaiev, Glo...

Xen and the art of embedded virtualization (ELC 2017)

LCA13: Xen on ARM

BSDCan 2015: How to Port BSD as a Xen on ARM Guest

XPDS14 - Xen on ARM: Status and Performance - Stefano Stabellini, Citrix

ALSS14: Xen Project Automotive Hypervisor (Demo)

XPDDS18: The Art of Virtualizing Cache Maintenance - Julien Grall, Arm

Xen Project 15 Years down the Line

Project ACRN: SR-IOV implementation

Project ACRN configuration scenarios and config tool

Rootlinux17: An introduction to Xen Project Virtualisation

Semelhante a XPDDS18: The Evolution of Virtualization in the Arm Architecture - Julien Grall, ARM

5 kvm arm

sundarms

Static partitioning virtualization on RISC-V

RISC-V International

Operating System---18 (Virtual Machines)

NareenAsad

Part 1: Reworking the ARM GIC Emulation The ARM Generic Interrupt Controller (GIC) provides some level of virtualization support in hardware. This still requires emulation of the distributor part, which has to integrate with the virtualization feature. Doing this in a performing and readable way is not trivial, especially the locking strategy tends to be complicated. While extending the existing virtual GIC support in Xen to cover support for MSIs, some issues have been discovered which ask for some significant changes in the existing code. The presentation will briefly describe the existing VGIC design and the issues we faced when trying to extend it. Based on this the changes will be presented and how they improve and ideally simplify the code. Part 2: Xen Challenges in the ARM ITS Emulation For being able to use MSIs on ARM systems in Xen domains we need to emulate the ARM GICv3 ITS controller. Its design is centered around a command queue located in normal system memory. Emulating this in the Xen hypervisor brings some interesting challenges, ranging from safely accessing the guest memory and dealing with possible propagation of commands, to possible DOS attacks by domains keeping the emulation code busy. The presentation outlines the main problems and how we hit Xen limits in emulating this correctly and efficiently. Also it presents our temporary workarounds and their drawbacks.

XPDDS17: Reworking the ARM GIC Emulation & Xen Challenges in the ARM ITS Emu...

The Linux Foundation

LAS16-500: The Rise and Fall of Assembler and the VGIC from Hell Speakers: Marc Zyngier, Christoffer Dall Date: September 30, 2016 ★ Session Description ★ KVM/ARM has grown up. While the initial implementation of virtualization support for ARM processors in Linux was a quality upstream software project, there were initial design decisions simply not suitable for a long-term maintained hypervisor code base. For example, the way KVM/ARM utilized the hardware support for virtualization, was by running a ‘switching’ layer of code in EL2, purely written in assembly. This was a reasonable design decision in the initial implementation, as the switching layer only had to do one thing: Switch between a VM and the host. But as we began to optimize the implementation, add support for ARMv8.1 and VHE, and added features such as debugging support, we had to move to a more integrated approach, writing the switching logic in C code as well. As another example, the support for virtual interrupts, famously known as the VGIC, was designed with a focus on optimizing MMIO operations. As it turns out, MMIO operations is a less important and infrequent operation on the GIC, and the design had some serious negative consequences for supporting other state transitions for virtual interrupts and had negative performance implications. Therefore, we completely redesigned the VGIC support, and implemented the whole thing from scratch as a team effort, with a very promising result, upstream since Linux v4.7. In this talk we will cover the evolution of this software project and give an overview of the state of the project as it is today. ★ Resources ★ Etherpad: pad.linaro.org/p/las16-500 Presentations & Videos: http://connect.linaro.org/resource/las16/las16-500/ ★ Event Details ★ Linaro Connect Las Vegas 2016 – #LAS16 September 26-30, 2016 http://www.linaro.org http://connect.linaro.org

LAS16-500: The Rise and Fall of Assembler and the VGIC from Hell

Linaro

Introduction to ControlLogix Redundancy Customer Presentation.pptx

SyedMuhammadAliOmer

Wirelessconnect

Firman Indrianto

Q4.11: ARM Technology Update Plenary

Linaro

Virtualization Support in ARMv8+

Aananth C N

MOVED: Optimizing the Design and Implementation of KVM/ARM - SFO17-403

Linaro

Luxriot video management system (vms)

Phil Stewkesbury

Microsoft Hyper-V

Davoud Teimouri

Luxriot_presentation

Paul Harrison J.P.

RISC-V 30906 hex five multi_zone iot firmware

RISC-V International

What's New In 2008 R2 Hyper V and VMM 2008 R2 - Updated Oct 2009

Aidan Finn

This presentation provides an example of the mixed-critical ROS2 stack implementation based on VxWorks RTOS, embedded Linux, and hypervisor from Wind River. Turtlebot3 was selected as a robotic demo platform controlled by the SBC (single board computer) that runs a Hypervisor with several guest OS instances. We demonstrate a hardware-agnostic approach by utilizing two different SBC HW platforms: Xilinx-based ARM board and Intel UP2 board. The hypervisor provides a separation of safety from non-safety and real-time from best-effort applications and allows us to build a mixed-critical system using multicore SBCs. One of the guest OSes is VxWorks - very few solutions available on the market which is already fulfilling safety and real-time requirements. ROS2 dashing release and turtlebot3 ROS2 middleware were ported to the VxWorks. On top, we run a collision-avoidance ROS2 application. Embedded Linux partition serves as a communication gateway to the external world and provides an example of a non-critical software stack. We demonstrate that if the non-critical guest OS fails and gets rebooted the safety-critical part still runs and performs its control functions. The source code of this demo is available on lab.windriver.com.

Turtlebot3: VxWorks running ROS2 as a real-time guest OS on Hypervisor

Andrei Kholodnyi

Multicast tutorial v3

Ajay Karri

MVUG- From Zero to Hero on Hyper V R2- Part1

Lai Yoong Seng

Sierraware ARM hypervisor

Sierraware

2011-11-03 Intelligence Community Cloud Users Group

Shawn Wells

Semelhante a XPDDS18: The Evolution of Virtualization in the Arm Architecture - Julien Grall, ARM (20)

5 kvm arm

Static partitioning virtualization on RISC-V

Operating System---18 (Virtual Machines)

XPDDS17: Reworking the ARM GIC Emulation & Xen Challenges in the ARM ITS Emu...

LAS16-500: The Rise and Fall of Assembler and the VGIC from Hell

Introduction to ControlLogix Redundancy Customer Presentation.pptx

Wirelessconnect

Q4.11: ARM Technology Update Plenary

Virtualization Support in ARMv8+

MOVED: Optimizing the Design and Implementation of KVM/ARM - SFO17-403

Luxriot video management system (vms)

Microsoft Hyper-V

Luxriot_presentation

RISC-V 30906 hex five multi_zone iot firmware

What's New In 2008 R2 Hyper V and VMM 2008 R2 - Updated Oct 2009

Turtlebot3: VxWorks running ROS2 as a real-time guest OS on Hypervisor

Multicast tutorial v3

MVUG- From Zero to Hero on Hyper V R2- Part1

Sierraware ARM hypervisor

2011-11-03 Intelligence Community Cloud Users Group

Mais de The Linux Foundation

Static partitioning is used to split an embedded system into multiple domains, each of them having access only to a portion of the hardware on the SoC. It is key to enable mixed-criticality scenarios, where a critical application, often based on a small RTOS, runs alongside a larger non-critical app, typically based on Linux. The two domains cannot interfere with each other. This talk will explain how to use Xen for static partitioning. It will introduce dom0-less, a new Xen feature written for the purpose. Dom0-less allows multiple VMs to start at boot time directly from the Xen hypervisor, decreasing boot times drastically. It makes it very easy to partition the system without virtualization overhead. Dom0 becomes unnecessary. This presentation will go into details on how to setup a Xen dom0-less system. It will show configuration examples and explain device assignment. The talk will discuss its implications for latency-sensitive and safety-critical environments.

ELC2019: Static Partitioning Made Simple

The Linux Foundation

TrenchBoot is a cross-community OSS integration project for hardware-rooted, late launch integrity of open and proprietary systems. It provides a general purpose, open-source DRTM kernel for measured system launch and attestation of device integrity to trust-centric access infrastructure. TrenchBoot closes the UEFI Measurement Gap and reduces the need to trust system firmware. This talk will introduce TrenchBoot architecture and a recent collaboration with Oracle to launch the Linux kernel directly with Intel TXT or AMD SVM Secure Launch. It will propose mechanisms for integrating the Xen hypervisor into a TrenchBoot system launch. DRTM-enabled capabilities for client, server and embedded platforms will be presented for consideration by the Xen community.

XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...

The Linux Foundation

Artem will briefly cover what has been done since the first talk on Xen in Automotive domain back in 2013, what is going on now and what is still missing for broad adaptation of Xen in vehicles. The following topics will be covered: Embedded/automotive features of Xen Collaboration with AGL and GENIVI organizations for standardization Efforts on Functional Safety compliance Artem will also go over typical automotive use scenarios for Xen which may not be the same as generic computing use of hypervisor.

XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...

The Linux Foundation

XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...

The Linux Foundation

In recent years unikernels have shown immense performance potential (e.g., boot times of only a few ms, image sizes of only hundreds of KBs).The fundamental drawback of unikernels is that they require that applications be manually ported to the underlying minimalistic OS, needing both expert work and often considerable amount of time. The Unikraft project provides a unikernel code base and build system that significantly simplifies the building of unikernels. In addition to support for a number CPU architectures, languages and frameworks, Unikraft provides debugging and tracing features that are generally sorely missing from unikernel projects. In this talk we will talk about these features, show a set of preliminary performance numbers, and provide a roadmap for the project's future.

XPDDS19 Keynote: Unikraft Weather Report

The Linux Foundation

XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...

The Linux Foundation

This talk will introduce Dom0-less: a new way of using Xen to build mixed-criticality solutions. Dom0-less is a Xen feature that adds a novel approach to static partitioning based on virtualization. It allows multiple domains to start at boot time directly from the Xen hypervisor, decreasing boot times dramatically. Xen userspace tools, such as xl and libvirt, become optional. Dom0-less extends the existing device tree based Xen boot protocol to cover information required by additional domains. Binaries, such as kernels and ramdisks, are loaded by the bootloader (u-boot) and advertised to Xen via new device tree bindings. The audience will learn how to use Dom0-less to partition the system. Uboot and device tree configuration details will be explained to enable the audience to get the most out of this feature. The talk will include a status update and details on future plans.

XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx

The Linux Foundation

As the number of contributions grow, reviewer bandwidth becomes a bottleneck; and maintainers are always asking for more help. However, ultimately maintainers must at least Ack every patch that goes in; so if you're not a maintainer, how can you contribute? Why should anyone care about your opinion? This talk will try to lay out some advice and guidelines for non-maintainers, for how they can do code review in a way which will effectively reduce the load on maintainers when they do come to review a patch.

XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...

The Linux Foundation

This talk is a follow-up to our Summit 2017 presentation in which we covered our plans for Intel VMFUNC and #VE, as well as related use-cases. This year, we will provide a report on what we have accomplished in Xen 4.12, and what remains to be addressed. We will also give a brief status update of VMI on AMD hardware. The session will end with some real-world numbers of the Hypervisor Introspection solution running on Citrix Hypervisor 8.0 with #VE enabled.

XPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender

The Linux Foundation

Safety certification is one of the essential requirements for software to be used in highly regulated industries. Besides technical and compliance issues (such as ISO 26262 vs IEC 611508) transitioning an existing project to become more easily safety certifiable requires significant changes to development practices within an open source project. In this session, we will lay out some challenges of making safety certification achievable in open source and the Xen Project. We will outline the process the Xen Project has followed thus far and highlight lessons learned along the way. The talk will primarily focus on necessary process, tooling changes and community challenges that can prevent progress. We will be offering an in-depth review of how Xen Project is approaching this challenging goal and try to derive lessons for other projects and contributors.

OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...

The Linux Foundation

Safety certification is one of the essential requirements for software to be used in highly regulated industries. The Xen Project, a secure and stable hypervisor that is used in many different markets, has been exploring the feasibility of building safety certified products on top of Xen for a year, looking at key aspects of its code base and development practices. In this session, we will lay out the motivation and challenges of making safety certification achievable in open source and the Xen Project. We will outline the process the project has followed thus far and highlight lessons learned along the way. The talk will cover technical enablers, necessary process and tooling changes and community challenges offering an in-depth review of how Xen Project is approaching this exciting and and challenging goal.

OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...

The Linux Foundation

2018 saw fundamental shifts in security boundaries which were previously taken for granted. A lot of work has been done in the past 2 years, and largely in secret under embargo, but there is plenty more work to be done to strengthen the existing mitigations and to try to recover some performance without reopening security holes. This talk will look at speculative execution sidechannels, the work which has already been done to mitigate the security holes, and future work which hopes to bring some improvements.

XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix

The Linux Foundation

The Arm architecture provides a set of guidelines that any software should abide by when accessing the memory with MMU off and update page-tables. Failing to do so may result in getting TLB conflicts or breaking coherency. In a previous talk ("Keeping coherency on Arm"), we focused on updating safely the stage-2 (aka P2M) page-tables. This talk will focus on the boot code and Xen memory management. During this session, we will introduce some of the guidelines and when they should be used. We will also discuss how Xen boot sequence needs to be reworked to avoid breaking the guidelines.

XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd

The Linux Foundation

For many years the QEMU codebase has contained PV backends for Xen guests, giving them paravirtual access to storage, network, keyboard, mouse, etc. however these backends have not been configurable as QEMU devices as their implementation did not fully adhere to the QEMU Object Model (QOM). Particularly the PV storage backend not using proper QOM devices, or qdevs, meant that the QEMU block layer needed to maintain legacy code that was cluttering up the source. This was causing push-back from the maintainers who did not want to accept any patches relating to that Xen backend until it was 'qdevified'. In this talk, I'll explain the modifications I made to QEMU to achieve 'qdevification' of the PV storage backend, how compatibility with the libxl toolstack was maintained, and what the next steps in both QEMU and libxl development should be.

XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...

The Linux Foundation

PCI is a local computer bus for attaching hardware devices in a computer, and is the main peripheral bus on modern x86 systems. As such, having a proper way to emulate it is crucial for Xen to be able to expose both fully emulated devices or passthrough devices to guests. This talk will focus on the current status of PCI emulation in Xen, how and where it is used, what are its main limitations and future plans to improve it in order to be more robust and modular.

XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D

The Linux Foundation

XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems

The Linux Foundation

Xen is a very powerful hypervisor with a talented and diverse developers community. Despite the fact it's almost everywhere (from the Cloud to the embedded world), it can be difficult to set up and manage as a system administrator. General purpose distros have Xen packages, but that's just a start in your Xen journey: you need some tooling and knowledge to have a working and scalable platform. XCP-ng was built to overcome those issues: by bringing Xen to the masses with a fully turnkey distro with Xen as its core. It's the logical sequel to the XCP project, with a community focus from the start. We'll see how it happened, what we did, and what's next. Finally, we'll see the impact of XCP-ng on the Xen Project.

XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...

The Linux Foundation

XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...

The Linux Foundation

High level toolstacks for server and cloud virtualization are very mature with large communities using and supporting them. Client virtualization is a much more niche community with unique requirements when compared to those found in the server space. In this talk, we’ll introduce a client virtualization toolstack for Xen (redctl) that we are using in Redfield, a new open-source client virtualization distribution that builds upon the work done by the greater virtualization and Linux communities. We will present a case for maturing libxl’s Go bindings and discuss what advantages Go has to offer for high level toolstacks, including in the server space.

XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...

The Linux Foundation

Today Xen is scheduling guest virtual cpus on all available physical cpus independently from each other. Recent security issues on modern processors (e.g. L1TF) require to turn off hyperthreading for best security in order to avoid leaking information from one hyperthread to the other. One way to avoid having to turn off hyperthreading is to only ever schedule virtual cpus of the same guest on one physical core at the same time. This is called core scheduling. This presentation shows results from the effort to implement core scheduling in the Xen hypervisor. The basic modifications in Xen are presented and performance numbers with core scheduling active are shown.

XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE

The Linux Foundation

Mais de The Linux Foundation (20)