Software-update: Xen 4.8

Xen is een baremetal-hypervisor voor het x86- en ARMv7/v8-platform en laat diverse besturingssystemen gelijktijdig op één systeem draaien zonder de prestaties drastisch te beïnvloeden. Voor meer informatie over Xen en de bijbehorende community verwijzen we naar deze en deze pagina. Op dit moment worden alleen Linux, NetBSD en FreeBSD als hostsystemen ondersteund, maar men is druk bezig om ook andere besturingssystemen volledig te ondersteunen. De ontwikkelaars hebben Xen 4.8 uitgebracht en de belangrijkste veranderingen die daarin zijn aangebracht zijn hieronder voor je op een rijtje gezet.

Hypervisor General

• Credit2 scheduler is now supported: Compared to the default Credit scheduler, the Credit2 scheduler is more scalable and better at supporting latency sensitive workloads such as VDI, video and sound delivery, as well as unikernel applications. Credit2 is still based on a general purpose, weighted fair share, scheduling algorithm unlike some of the more specialized Xen Project schedulers such as RTDS and ARINC653.
• Domain creation time optimisation: An optimisation to TLB flush is introduced to greatly reduce the number of flushes needed during domain creation. This has lead to the reduction of domain creation time for very large domains (with hundreds of gigabytes of RAM) from a few minutes to tens of seconds.
• XSM policy is refactored and cleaned up: XSM policy files are refactored and cleaned up so that they are better organised and easier to understand. If configured, we can also now attach the in-tree default policy to Xen binary, so there is no need to load the default policy via boot loader.
• Live Patching hook support: Live Patching is now able to look for the “hooks” section in the payload and execute code from there. This update gives the patch author more control in modifying data and code.

Hypervisor x86

• CPUID faulting emulation: This makes CPUID fault in HVM userspace program without hardware support.
• PVCLOCK_TSC_STABLE_BIT support: This greatly improves user space performance for time related syscalls.
• Intel AVX-512 instructions support: These instructions offer higher performance for the most demanding computational tasks. They represent a significant leap to 512-bit SIMD support. This enables processing of twice the number of data elements that AVX/AVX2 can process with a single instruction and four times that of SSE.
• PVH v2 DomU ABI is stabilised: The DomU guest ABI for PVH v2, without PCI passthrough support, is stabilised. Guest operating system developers can start porting OSes to this mode, which is simpler and gives them all the goodies that hardware and software provide.

Hypervisor ARM

• Xen Project 4.8 ARM DomU ACPI support is now able to build ARM64 guests with ACPI support, such as Red Hat Enterprise Linux Server for ARM Development Preview (available via Partner Early Access Program). It can also run unmodified Xen on ARM.
• Alternative patching support: This enables the hypervisor to apply workarounds for erratas affecting the processor and to apply optimizations specific to a CPU.
• Live Patching initial support: Live Patching now supports both ARM32 and ARM64 platforms.
• Support for Xilinx® Zynq® UltraScale+™ MPSoC: Xen Project Hypervisor 4.8 comes with support for the Xilinx Zynq UltraScale+ MPSoC making it much easier for Xilinx customers to integrate Xen into their solution.

Toolstack

• Split out and re-license libacpi: The code inside hvmloader to construct guest ACPI tables is split out as a separate library libacpi, which is now shared across x86 and ARM. The code is re-licensed from GPL to LGPL.
• HVM USB passthrough: It is now possible to passthrough USB devices to HVM guests with the help of QEMU.
• Load BIOS via libxl: It is now possible to provide arbitrary BIOS binary to the guest making it easier to integrate and test Xen.
• Libxl device handling framework: The device handling code inside libxl is reworked so that it is more extensible and easier to maintain.

Xen Project Test Lab

• XTF is integrated into OSSTest: XTF is a micro-VM based test framework. It is now integrated into OSSTest and gates pushing patches to all supported Xen branches. This would help the project identify functional and security regressions more easily and quickly.

Misc.

• Mini-OS ported to PVH v2: With the stabilization of PVH v2 DomU ABI, we are now confident to port mini-os to that mode. This would serve as an example to port guest OSes to PVH v2, as well as a foundation to more interesting micro-VM based work like building stub domains. The latter (stub domains) is a differentiator to other hypervisors, and could greatly enhance the security and scalability of Xen Project Hypervisor.
• Mini-OS now supports ballooning up: Ideally, a service domain would need to dynamically adjust the memory it consumes, either voluntarily or via obeying command from hypervisor. This is an important feature to make Mini-OS based service domains more flexible in terms of memory consumption, which is one step towards that goal. Support for ballooning down Mini-OS is under development.