Skip to content


Xen 4.1.6.1 released

I am pleased to announce the release of Xen 4.1.6.1. This is available immediately from its git repository xenbits.xen.org (tag RELEASE-4.1.6.1) or from the Xen Project download pages.

Note that 4.1.6 did not get released, as a build issue was found late in the release process, when the 4.1.6 version number was already irreversibly applied.

Xen 4.1.6.1 is a maintenance release in the 4.1 series and contains: We recommend that all users of Xen 4.1.5 upgrade to Xen 4.1.6.1.

This release fixes the following critical vulnerabilities:

  • CVE-2013-1918 / XSA-45: Several long latency operations are not preemptible
  • CVE-2013-1952 / XSA-49: VT-d interrupt remapping source validation flaw for bridges
  • CVE-2013-2076 / XSA-52: Information leak on XSAVE/XRSTOR capable AMD CPUs
  • CVE-2013-2077 / XSA-53: Hypervisor crash due to missing exception recovery on XRSTOR

Continued…

Posted in Announcements.

Tagged with , .


Xen 4.2.3 released

I am pleased to announce the release of Xen 4.2.3. This is available immediately from its git repository xenbits.xen.org (tag RELEASE-4.2.3) or from the Xen Project download pages.

This release fixes the following critical vulnerabilities:

  • CVE-2013-1918 / XSA-45: Several long latency operations are not preemptible
  • CVE-2013-1952 / XSA-49: VT-d interrupt remapping source validation flaw for bridges
  • CVE-2013-2076 / XSA-52: Information leak on XSAVE/XRSTOR capable AMD CPUs
  • CVE-2013-2077 / XSA-53: Hypervisor crash due to missing exception recovery on XRSTOR
    Continued…

Posted in Announcements.

Tagged with .


Xen Project User and Developer Summit Deadlines Are At Hand

Key deadlines are at your doorstep; Sign up now to participate!

With so many people returning from well-earned vacations, we want to remind you to act quickly to take advantage of the upcoming Summit meetings.

Continued…

Posted in Events.


Evolving the Xen Project Test Infrastructure

One of the stated goals for 2013 and 2014 of the Xen Project Advisory Board is to Increase upstream Xen Hypervisor quality including the quality of its latest CPU and Platform features and to address problems with the code in a timely and proactive manner, including defects, security vulnerabilities and performance problems.

OSSTest and Coverity Scan

Earlier this year, first steps have been taken by making available the code for the OSSTest system (a smoke test system, which has been running since 2010). As a second step the Advisory Board worked with the Xen Project Technical Coordination Team, to add the Xen Hypervisor to the Coverity Scan static analysis service, that is open to open source projects with nonprofit status. There is still some detail to sort out on how we grant access to this resource: you can find the ongoing discussion here.

XenRT as basis for a comprehensive Test-as-a-Service Platform for the Xen Project

In the kick-off meeting for the Xen Project Advisory Board in April this year, Citrix offered to open source XenRT, the Citrix XenServer automated test system. This created the opportunity, to establish an independently hosted and expansive Test-as-a-Service Platform for the Xen Project.

Continued…

Posted in Xen Development.

Tagged with , , , , .


Debconf 13

I’ve recently returned from Debconf 13, in Vaumarcus in Switzerland. My colleague Ian Campbell joined me there.

Debconf is the annual conference for contributors to Debian, with a few hundred attendees. There’s a fairly standard conference format with a programme of talks and BoF sessions, but the best part of of a Debconf is usually the ad-hoc conversations with other developers. Often thorny design problems involving multiple parts of the system can be tackled much more effectively in person, so there’s quite a bit of vigorous handwaving and the odd whiteboard/flipchart session.

We had an excellent time and spent rather too much of it staring at the amazing view of Lake Neuchatel. Debian’s 20th birthday party was not to be missed either.

This year’s Debconf found a substantial offering of cloudy topics on the schedule. One major theme was the ways in which Debian are working on better integration with the big public clouds, for example by providing ready-to-use images and by better packing of cloud-related software.

Of particular interest for Xen was Thomas Goirand’s talk on the integration between OpenStack’s various components. OpenStack is a complicated piece of software which has been difficult to install and get running. Thomas, who runs a Xen-based public cloud provider, has been working to make the installation process smoother using Debian’s configuration management systems.

For me, an interesting topic was the continuing difficulty of integration between the Debian archive (Debian’s primary software repository) and git, and after a session in the bar with Joey Hess and others I wrote a tool to help with that.

Debconf is always a highlight of my year and I look forward to next year’s in Portland.

Posted in Uncategorized.


Learning Xen: Converting Existing Non-Xen Hypervisor Images for Use in Xen

If you are testing Xen in your environment, you probably already have images native to other hypervisors which you might like to test.  So a common question is, “How can I convert these images so I can use them in Xen?”

Conversion requires two steps: first, convert the foreign hypervisor image to a Xen-native format, and, second, adjust the contents of the image to accept the new virtual machine environment.

The second step depends largely on the guest operating system involved.  Windows, for example, can require a number of steps to backup the registry, introduce the new virtual hardware, and install the new device drivers.  The first step, on the other hand, is often straightforward.
Continued…

Posted in Xen Hypervisor, Xen Training.


SWIOTLB by Morpheus

The following monologue explains how Linux drivers are able to program a device when running in a Xen virtual machine on ARM.

The problem that needs to be solved is that Xen on ARM guests run with second stage translation in hardware enabled. That means that what the Linux kernel sees as a physical address doesn’t actually correspond to a machine address. An additional translation layer is set by the hypervisor to do the conversion in hardware.

Many devices use DMA to read or write buffers in main memory and they need to be programmed with the addresses of the buffers. In the absence of an IOMMU, DMA requests don’t go through the same physical to machine translation set by the hypervisor for virtual machines, devices need to be programmed with machine addresses rather than physical addresses. Hence the problem we are trying to solve.

Definitions of some of the technical terms used in this article are available at the bottom of the page.

Given the complexity of the topic, we decided to ask for help to somebody with hands-on experience with teaching the recognition of the differences between “virtual” and “real”.

Morpheus

At last.
Please. Come. Sit.
Xen Project Matrix

Do you realize that everything running on Xen is a virtual machine — that Dom0, the OS from which you control the rest of the system, is just the first virtual machine created by the hypervisor? Usually Xen assigns all the devices on the platform to Dom0, which runs the drivers for them.

I imagine, right now, you must be feeling a bit like Alice, tumbling down the rabbit hole?
Let me tell you why you are here.

You are here because you want to know how to program a device in Linux on Xen on ARM.

Continued…

Posted in Xen Development, Xen Hypervisor.

Tagged with , , , , .


Xen Project User Summit 2013 Sessions Announced

Linux stable tree maintainer Greg Kroah-Hartman to give Featured Talk

xen_user_summit_bgThe Xen Project is pleased to announce the sessions which will be presented at the 2013 Xen Project User Summit.  Scheduled for September 18 in New Orleans, the Xen Project User Summit is the first major event focused entirely on users of the Xen Project software.  While there have been other Xen Summits in the past, they have always consisted of a mixture of User and Developer sessions.  This year, we have the opportunity to present two different events, a User Summit in September and a Developer Summit in October.

The Xen Project User Summit session lineup includes some excellent topics and speakers:

Keynote Address: Xen: This is not your Dad’s hypervisor!

Demetrious Coulis, Senior Principal Product Manager for CA AppLogic at CA Technologies, will deliver the keynote address.  He will explain why Xen’s strengths are critical for powering CA AppLogic and platforms like OpenStack.

Featured Talk: Free yourself from the tyranny of your cloud provider!

Greg Kroah-Hartman, maintainer of the stable branch of the Linux kernel (among a mass of other things), will discuss how using kexec in a paravirtualized user domain, with no changes to the control Domain or Xen itself, can allow you to boot your own kernel, no matter what the hosting provider is forcing you to run.

And a whole lot more…

Continued…

Posted in Announcements, Community, Events, Xen Summit.


Indirect descriptors for Xen PV disks

Some time ago Konrad Rzeszutek Wilk (the Xen Linux maintainer) came up with a list of possible improvements to the Xen PV block protocol, which is used by Xen guests to reduce the overhead of emulated disks.

This document is quite long, and the list of possible improvements is also not small, so we decided to go implementing them step by step. One of the first items that seemed like a good candidate for performance improvement was what is called “indirect descriptors”. This idea is borrowed from the VirtIO protocol, and to put it clear consists on fitting more data in a request. I am going to expand how is this done later in the blog post, but first I would like to speak a little bit about the Xen PV disk protocol in order to understand it better.

Xen PV disk protocol

The Xen PV disk protocol is very simple, it only requires a shared memory page between the guest and the driver domain in order to queue requests and read responses. This shared memory page has a size of 4KB, and is mapped by both the guest and the driver domain. The structure used by the fronted and the backend to exchange data is also very simple, and is usually known as a ring, which is a circular queue and some counters pointing to the last produced requests and responses.

Continued…

Posted in Xen Development, Xen Hypervisor.

Tagged with , , , , , , , , , .


The Xen Project at OSCON

This is a joint blog post by Anil Madhavapeddy and Lars Kurth

Xen Project

As in previous years, the Xen Project had a presence at OSCON again. This year, we did not have our own booth: Citrix donated some space to a number of different open source projects in their Open @ Citrix booth and the Xen Project gladly took this offer. Like in the past, we had volunteers helping out at the booth. I wanted to thank Anil Madhavapeddy, George Dunlap, Ian Campbell, Richard Mortier and Russell Pavlicek for their work.

OSCON Panorama Continued…

Posted in Community, Events.

Tagged with .