Xen Project Hypervisor 4.13 Brings Improved Security, Hardware Support and Features to Increase Embedded Use Case Adoption

Broad community collaboration brings new functionality as well as steps forward in functional safety certification.

SAN FRANCISCO – December 18, 2019 — The Xen Project, an open source hypervisor hosted at the Linux Foundation, today announced the release of Xen Project Hypervisor 4.13, which improves security, hardware support, added new options for embedded use cases and reflects a wide array of contributions from the community and ecosystem. This release also represents a fundamental shift in the long-term direction of Xen, one which solidifies its resilience against security threats due to side channel attacks and hardware issues.

“Xen 4.13 combines improved security, broader support for hardware platforms, an easier adoption path for embedded and safety-critical use-cases, as well as a broad representation of diverse community collaboration,” said Lars Kurth, Xen Project Advisory Board Chairperson. “In addition to the significant features we are adding, including Core scheduling, late uCode loading, live-patching and added support for OP-TEE and improvements to Dom0less, our community is laying the groundwork for a fully functional and more easily safety certifiable platform for Xen.”

Security

Xen 4.13 provides key updates in defence against hardware vulnerabilities including Core scheduling, late uCode loading and branch hardening to mitigate against Spectre v1. Xen 4.13 is the first step in revamping key architectural functionality within Xen that allows users to better balance security and performance.

Key updates include:

  • Core scheduling, a newly introduced experimental technology that allows Xen to group virtual central processing units (CPUs) into virtual Cores and schedules these on physical cores. Switching between virtual cores on a physical core is synchronized and there are never virtual CPUs of different virtual cores running at the same time on a single physical core. While Core scheduling does not yet allow users to re-enable hyperthreading, together with other features currently under development (such as the secret-free Hypervisor), it’s inclusion in Xen 4.13 is critical for providing a better security-performance trade-offs in the near future. Users are encouraged to stress-test.
  • Ability to install uCode updates at run-time via late uCode loading, avoiding system reboots that are otherwise necessary.
  • Live-patching improvements which extend the capability of the Xen Project Hypervisor without the need to reboot, providing added efficiency.
  • Branch hardening removes a number of potential gadgets reducing the attack surface using Spectre v1.

Embedded and Safety-Critical

Xen 4.13 brings new features that provide easier adoption for embedded and safety-critical use-cases, specifically ISO 26262 and ASIL-B.

Key updates include:

  • Extending the range of use-cases for Dom0less Xen and improve usability by making it easy to build Dom0less Xen configurations.
  • Adding support for Renesas’ VMSA compatible IO-MMU targeting Arm-based 3rd generation R-Car system-on-chips. This is the first IO-MMU in Xen that supports functional safety, which is an important milestone towards making Xen compliant with ASIL-B requirements.
  • OP-TEE (https://www.op-tee.org/) support enabling all guests to concurrently run trusted Applications on Arm’s TrustZone without interfering one with another.

In addition, the Xen Project community has created a Functional Safety Working group supported by multiple vendors, including safety assessors. This group is working on a multi-year plan that makes it possible for vendors to consume Xen Project software in a fashion that is compatible with ASIL-B requirements. This is a significant challenge that requires code and development processes to comply with key tenets of ISO 26262, a challenge which has not yet been solved by any open source project, but which multiple projects are trying to address.

Support for new hardware platforms

Xen 4.13 brings support for a variety of hardware platforms. Most notably, Xen 4.13 introduces support for AMD 2nd Generation EPYC™ with exceptional performance-per-dollar, connectivity options, and security features. In addition, Xen 4.13 also supports Hygon Dhyana 18h processor family, Raspberry Pi4 and Intel AVX512.

Comments from Xen Project Users and Contributors:

“AMD has been a long-time contributor to the Xen Project and we are pleased to include Xen in our growing AMD 2nd Generation EPYC ecosystem. The Xen 4.13 based hypervisors running on servers powered by AMD EPYC processors are well suited for many different workloads and help provide customers an attractive total cost of ownership. In particular, the results of VDI performance tests demonstrate the power of Xen on AMD EPYC processors,” said Raghu Nambiar, Corporate Vice President and CTO of Datacenter Ecosystems & Application Engineering, AMD.

“The Xen Project Hypervisor has always focused on securely isolating VMs, enabling operators to run multi-tenant workloads with confidence. Xen 4.13 builds on this heritage by further defending against attacks which attempt to leverage hardware-based side channels.” Jacus de Beer, Director of Engineering, Hybrid Cloud Platforms, Citrix.
 “Xen 4.13 also helps integrators and operators to simplify system maintenance and reduce downtime using the new live-patching, and run-time microcode-loading features. This blend of security and serviceability helps Citrix Hypervisor, which uses Xen at its core, to deliver a dependable platform to our cloud, server and desktop virtualization customers.”

“The Xen Project is making huge progress in functional safety compliance, which will allow OEMs and tier 1 suppliers to design mixed safety systems using an open source hypervisor,” said Alex Agizim, CTO, Automotive & Embedded, EPAM Systems. “We are excited to be part of this initiative as one of the leaders in Xen’s FuSa SiG and enable vehicles to be part of the connected services ecosystem.”

“At SUSE we are constantly looking at the requirements of performance and security in our enterprise solutions. Xen’s new scheduling option ‘core scheduling’ is the result of many months of work in the Xen community championed by SUSE,” said Claudio Fontana, Engineering Manager, Virtualization, SUSE. “It demonstrates a new way to take advantage of hardware optimizations, without compromising on the security of our customers’ systems, that should also be looked at as a successful example to spark similar work and discussions in other large open source projects.”

“Xilinx sees Xen Project Hypervisor as the leader in the embedded and automotive virtualization space,” said Tony McDowell, Senior Product Marketing Engineer at Xilinx. “Xilinx embraces and continues to enhance with support the Xen Project by completing our development of key features required to have usable and easily configured Dom0-less systems.”

Additional Resources

About the Xen Project

Xen Project software is an open source virtualization platform licensed under the GPLv2 with a similar governance structure to the Linux kernel. Designed from the start for cloud computing, the Project has more than a decade of development and is being used by more than 10 million users. A project at The Linux Foundation, the Xen Project community is focused on advancing virtualization in a number of different commercial and open source applications including server virtualization, Infrastructure as a Services (IaaS), desktop virtualization, security applications, embedded and hardware appliances. It counts many industries and open source community leaders among its members including Alibaba, Amazon Web Services, AMD, Arm, Bitdefender, Citrix, EPAM Systems, Huawei and Intel. For more information about the Xen Project software and to participate, please visit XenProject.org.

Intel and Xeon are trademarks of Intel Corporation or its subsidiaries in the U.S. and/or other countries.

AMD, the AMD logo, EPYC, and combinations thereof are trademarks of Advanced Micro Devices, Inc.

About Linux Foundation

Founded in 2000, the Linux Foundation is supported by more than 1,000 members and is the world’s leading home for collaboration on open source software, open standards, open data, and open hardware. Linux Foundation’s projects are critical to the world’s infrastructure including Linux, Kubernetes, Node.js, and more. The Linux Foundation’s methodology focuses on leveraging best practices and addressing the needs of contributors, users and solution providers to create sustainable models for open collaboration. For more information, please visit us at linuxfoundation.org.

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see our trademark usage page: https://www.linuxfoundation.org/trademark-usage. Linux is a registered trademark of Linus Torvalds.

Media Contact

Rachel Romoff
rromoff@linuxfoundation.org
210-241-8284

Read more