Difference between revisions of "Design Sessions 2019"

From Xen
(Live Updating Xen: Add description)
Line 1: Line 1:
 +
 +
== Agreeing priorities for the next year ==
 +
<syntaxhighlight>
 +
This is an attempt to agree on the top few (we can decide how many) development and community priorities for the next year. We should only include larger feature development (that may cover multiple series) with the aim to help code reviewers to coordinate review time to get these through the review cycle more quickly.
 +
 +
Attendees are expected to a) Propose major developments in the works or pipeline b) Vote / provide input on how important these are
 +
</syntaxhighlight>
 +
For notes, see
 +
* https://cryptpad.fr/pad/#/2/pad/edit/GI1eh1isXzpVQ9lLeHrnIp+n/
  
 
== Branch management (related to CI v2) ==
 
== Branch management (related to CI v2) ==
Line 7: Line 16:
  
 
== Further defences for speculative sidechannels ==
 
== Further defences for speculative sidechannels ==
See https://lists.xenproject.org/archives/html/xen-devel/2019-07/threads.html#00832
+
<syntaxhighlight>
 +
The discovery of speculative sidechannels has undermined a lot of the security
 +
boundaries that software took for granted. Some defences have already been introduced,
 +
but other areas could do with further hardening. Additionally, we should look for
 +
ways to reduce the overheads where possible.
 +
</syntaxhighlight>
 +
Notes:
 +
* see https://lists.xenproject.org/archives/html/xen-devel/2019-07/threads.html#00832
  
 
== Xen Toolstacks ==
 
== Xen Toolstacks ==
Line 44: Line 60:
 
== Live Updating Xen ==  
 
== Live Updating Xen ==  
 
<syntaxhighlight>
 
<syntaxhighlight>
Development plans for LivePatch on Xen:
+
Live-Updating Xen is replacing the running Xen hypervisor in-place on a system
 +
without guests noticing.
  
Support for module parameters
+
This feature does not yet exist - it's very early days to get involved and design
Additional hooks support
+
the solution. Following up from the talk on Wednesday, we'll use this slot to talk
Concept of expectations
+
about use-cases, how much and what will be of interest to the community, and
inline assembly patching
+
design discussions on the feature.
Replaceable apply/revert actions
 
Fixes and improvements for stacked modules
 
 
</syntaxhighlight>
 
</syntaxhighlight>
  
See
+
For notes, see
 +
* https://cryptpad.fr/pad/#/2/pad/edit/fCwXg1GmSXXG8bc4ridHAsnR/
 +
* https://wiki.xen.org/wiki/Live-Updating_Xen
 
* https://lists.xenproject.org/archives/html/xen-devel/2019-07/threads.html#00834
 
* https://lists.xenproject.org/archives/html/xen-devel/2019-07/threads.html#00834
  

Revision as of 12:41, 9 August 2019

Agreeing priorities for the next year

This is an attempt to agree on the top few (we can decide how many) development and community priorities for the next year. We should only include larger feature development (that may cover multiple series) with the aim to help code reviewers to coordinate review time to get these through the review cycle more quickly.

Attendees are expected to a) Propose major developments in the works or pipeline b) Vote / provide input on how important these are

For notes, see

Branch management (related to CI v2)

See https://lists.xenproject.org/archives/html/xen-devel/2019-07/threads.html#00709

Build System gripes

See https://lists.xenproject.org/archives/html/xen-devel/2019-07/threads.html#00786

Further defences for speculative sidechannels

The discovery of speculative sidechannels has undermined a lot of the security 
boundaries that software took for granted. Some defences have already been introduced, 
but other areas could do with further hardening. Additionally, we should look for 
ways to reduce the overheads where possible.

Notes:

Xen Toolstacks

At the moment, we have a binary xl, which can be run; and we have libxl, which links 
against libxc and various other libraries, which must match 100% the hypervisor version. 
We have python and partial golang bindings for some of these libraries, but these may 
break and need recompilation when upgrading to a new version of Xen. This session is 
to discuss what, if anything, to do as a result of this.

A couple of options:

Make a daemon which links against libxl and exposes that functionality in a 
backwards-compatible manner

Make the Xen ABI fully backwards compatible, so that upgrades to Xen will work with 
older libraries

See

Xen Distros

Xen is packaged on several different distributions: CentOS, Debian, Fedora, and 
Arch. This is an opportunity for distro package maintianers (at minimum George 
Dunlap, who maintains the CentOS Xen packages) and distro package users to get 
together and talk about best practices and how things can be improved.

See

Live Updating Xen

Live-Updating Xen is replacing the running Xen hypervisor in-place on a system 
without guests noticing.

This feature does not yet exist - it's very early days to get involved and design 
the solution. Following up from the talk on Wednesday, we'll use this slot to talk 
about use-cases, how much and what will be of interest to the community, and 
design discussions on the feature.

For notes, see

Virtio

There is an interest on Arm to support virtio on Xen. This would allow us to 
leverage existing PV protocols (e.g virgil 3d) and offering an easy way for 
users to migrate to Xen.

The topics expected to be discussed during the sessions are:

   - Transport to be used
   - How to prevent backend to access all the guest memory
   - Sketch a plan and potential contributors

For notes, see https://lists.xenproject.org/archives/html/xen-devel/2019-07/threads.html#01746