The Xen Project is releasing the latest version of its open source Xen Project Hypervisor. This iteration, 4.13, brings about new security and embedded features, as well as support for new hardware platforms. Version 4.13 reflects a wide array of contributions from both the community and ecosystem. This release also represents a fundamental shift for the long-term direction of Xen toward more resilience against security threats from side-channel attacks and hardware-related issues.
According to Lars Kurth, Xen Project advisory board chairperson, “In addition to the significant features we are adding, including Core scheduling, late uCoding loading, live-patching and added support for OP-TEE and improvements to Dom0less, our community is laying the groundwork for a fully functional and more easily safety certifiable platform for Xen.”
As for the specifics of the new features, let’s take a look.
The 4.13 release features a number of security updates to help defend against hardware vulnerabilities. The key updates include:
- Core Scheduling is an experimental technology that allows Xen to group virtual CUPs into virtual Cores and then schedules those virtual Cores on physical cores.
- Run-time installation of uCode updates via late uCode coding. This will avoid system reboots that might otherwise be necessary.
- Live-patching improvements.
- Branch hardening to reduce the attack surface using Spectre v1.
The switching between virtual and physical cores is synchronized in such a way that there are never virtual CPUs of virtual Cores running at the same time on a physical core. At the moment, Core Scheduling does not allow users to re-enable hyperthreading. However, this inclusion is considered critical for providing improved security performance in the future.
Embedded and Safety-Critical
With the 4.13 release, there are a few new features aimed at providing easier adoption for embedded and safety-critical use-cases (such as ISO 2626 and ASIL-B). The key features and updates include:
- Extended range and improved usability for Dom0less Xen.
- Support for Renesas’ VMSA-compatible IO-MMU targeting Arm-based third gen R-Car SoCs.
- Support for OP-TEE, which enables all guests to concurrently run trusted apps on Arm’s TrustZone.
Along with the new features, the Xen Project community has created a new Functional Safety Working group (supported by numerous vendors) to make it possible for vendors to consume Xen Project software such that it is compatible with ASIL-B requirements. This will require all code and development processes to comply with key tenets of ISO 2626 (an international standard for functional safety of electrical and/or electronic systems in production automobiles defined by the International Organization for Standardization), which has yet to be solved by any open source project.
New Hardware Platform Support
Xen 4.1 includes support for a number of new hardware platforms, such as:
- AMD Second Gen EPYC (codename Rome).
- Hygon Dhyana 18h processor.
- Raspberry Pi4.
- Intel AVX512.
Support for AMD EPYC processors gives Xen users additional choices to help reduce cost, while increasing performance and security. Of this introduction, Raghu Nambiar, AMD corporate vice president and chief technology officer of data center ecosystems and application engineering, said, “The Xen 4.13 based hypervisors running on servers powered by AMD EPYC processors are well suited for many different workloads and help provide customers an attractive total cost of ownership. In particular, the results of VDI performance tests demonstrate the power of Xen on AMD EPYC processors.”