Design Sessions 2019
Agreeing priorities for the next year
This is an attempt to agree on the top few (we can decide how many) development and community priorities for the next year. We should only include larger feature development (that may cover multiple series) with the aim to help code reviewers to coordinate review time to get these through the review cycle more quickly. Attendees are expected to a) Propose major developments in the works or pipeline b) Vote / provide input on how important these are
For notes, see
Build System gripes
Further defences for speculative sidechannels
The discovery of speculative sidechannels has undermined a lot of the security boundaries that software took for granted. Some defences have already been introduced, but other areas could do with further hardening. Additionally, we should look for ways to reduce the overheads where possible.
At the moment, we have a binary xl, which can be run; and we have libxl, which links against libxc and various other libraries, which must match 100% the hypervisor version. We have python and partial golang bindings for some of these libraries, but these may break and need recompilation when upgrading to a new version of Xen. This session is to discuss what, if anything, to do as a result of this. A couple of options: Make a daemon which links against libxl and exposes that functionality in a backwards-compatible manner Make the Xen ABI fully backwards compatible, so that upgrades to Xen will work with older libraries
Xen is packaged on several different distributions: CentOS, Debian, Fedora, and Arch. This is an opportunity for distro package maintianers (at minimum George Dunlap, who maintains the CentOS Xen packages) and distro package users to get together and talk about best practices and how things can be improved.
Live Updating Xen
Live-Updating Xen is replacing the running Xen hypervisor in-place on a system without guests noticing. This feature does not yet exist - it's very early days to get involved and design the solution. Following up from the talk on Wednesday, we'll use this slot to talk about use-cases, how much and what will be of interest to the community, and design discussions on the feature.
For notes, see
There is an interest on Arm to support virtio on Xen. This would allow us to leverage existing PV protocols (e.g virgil 3d) and offering an easy way for users to migrate to Xen. The topics expected to be discussed during the sessions are: - Transport to be used - How to prevent backend to access all the guest memory - Sketch a plan and potential contributors