Difference between revisions of "Xen 4.2 Feature List"

From Xen
(Sync with release notes)
 
(13 intermediate revisions by 2 users not shown)
Line 1: Line 1:
{{Info|This is a preliminary list of Xen 4.2 features}}
 
 
 
== Other Xen Releases ==
 
== Other Xen Releases ==
   
Line 8: Line 6:
   
 
* Security:
 
* Security:
** Support for Intel Supervisor Mode Execution Protection (SEMP), which prevents the execution usermode of pages by the Xen hypervisor, making many application-to-hypervisor exploits much harder.
+
** Support for Intel Supervisor Mode Execution Protection (SMEP), which prevents the execution of usermode pages by the Xen hypervisor, making many application-to-hypervisor exploits much harder.
 
** Various Xen Security Modules ([[XSM]]) / Flask improvements. The XSM framework and the Xen Flask security module is an application of the [http://www.cs.utah.edu/flux/fluke/html/flask.html Flask] architecture to the Xen hypervisor.
 
** Various Xen Security Modules ([[XSM]]) / Flask improvements. The XSM framework and the Xen Flask security module is an application of the [http://www.cs.utah.edu/flux/fluke/html/flask.html Flask] architecture to the Xen hypervisor.
 
* Scalability:
 
* Scalability:
 
** Increased VM density for VDI use-cases
 
** Increased VM density for VDI use-cases
** up to 4095 Host CPUs for 64 bit hypervisor
+
** Up to 4095 Host CPUs for 64 bit hypervisor
 
** Up to 5TB host memory support for 64 bit hypervisor
 
** Up to 5TB host memory support for 64 bit hypervisor
 
** Up to 512 VCPUs per PV VM and 256 VCPUs per HVM VM
 
** Up to 512 VCPUs per PV VM and 256 VCPUs per HVM VM
  +
** Support for multiple PCI segments
** Multiple PCI segment support
 
 
** Prefer oxenstored when present
 
** Prefer oxenstored when present
 
* Performance
 
* Performance
** PCI pass-through for Linux Guests
 
 
** AMD SVM DecodeAssist support
 
** AMD SVM DecodeAssist support
  +
** Scheduler improvements
** Remus memory image compression
 
  +
* EFI boot support for hosts using the 64 bit hypervisor
** Scheduler improvements ('''sched_ratelimit_us''' and '''tslice_ms'''; see "[[Credit_Scheduler#Xen4.2|new commands]]" and "[[Xen_4.2:_cpupools|Xen 4.2: CPUPOOLS]]")
 
* EFI boot support for the 64 bit hypervisor hosts
 
 
* [[XL]] improvements, [[XEND]] is formally deprecated
 
* [[XL]] improvements, [[XEND]] is formally deprecated
 
* Documentation improvements (e.g. man pages)
 
* Documentation improvements (e.g. man pages)
Line 30: Line 26:
   
 
== Detailed List ==
 
== Detailed List ==
  +
 
=== General ===
 
=== General ===
* Documentation improvements (e.g. man pages)
+
* Documentation improvements. Documentation is now available online:
  +
** [http://xenbits.xen.org/docs/4.2-testing/man/index.html man pages]
  +
** [http://xenbits.xen.org/docs/4.2-testing/misc/xen-command-line.html hypervisor command line options]
  +
** [http://xenbits.xen.org/docs/4.2-testing/ full listing]:
 
* Lots of bug fixing of course.
 
* Lots of bug fixing of course.
   
Line 38: Line 38:
 
** For a feature comparison between [[XL]] and [[XEND]] see "[[XL vs Xend Feature Comparison]]".
 
** For a feature comparison between [[XL]] and [[XEND]] see "[[XL vs Xend Feature Comparison]]".
 
** lots of [[XL]] improvements, e.g.
 
** lots of [[XL]] improvements, e.g.
  +
*** More complete support for toolstack operations. Includes all basic and day to day functionality and many advanced features.
*** More feature complete
 
 
*** Support for Network driver domains in [[XL]]
 
*** Support for Network driver domains in [[XL]]
*** Improved support for PCI pass-through (see "[[Xen_4.2:_xl_and_pci_pass-through|Xen 4.2: XL and PCI pass-through]]")
+
*** Improved support for PCI pass-through (see "[[Xen_4.2:_xl_and_pci_pass-through|Xen 4.2: XL and PCI pass-through]]")
  +
*** NetBSD support
  +
*** Support for more intelligent NUMA placement of guest VCPUs. Plus support in the [[Xen_4.2:_cpupools|cpupools]] subsystem for creating a pool per NUMA node.
 
* libxl improvements
 
* libxl improvements
 
** The libxl API is now stable.
 
** The libxl API is now stable.
 
** The libxl featureset has been greatly expanded:
 
** The libxl featureset has been greatly expanded:
*** Many slow running operations can now be done asynchronously.
+
*** Long running operations can now be done asynchronously.
 
*** Improved event handling subsystem.
 
*** Improved event handling subsystem.
 
* Remus compression (compression of memory image improves performance)
 
* Remus compression (compression of memory image improves performance)
  +
* XenStored
* Prefer oxenstored when available. Oxenstored is faster, more scalable and more reliable than the C xenstored. In particular the transaction model in oxenstored does not involve taking a complete copy of the database and aborting on any (even non-conflicting) other change. For more detail on the design, implementation and a performance comparison see [http://gazagnaire.org/pub/GH09.pdf this paper].
 
  +
** Default to oxenstored when available. Oxenstored is faster, more scalable and more reliable than the C xenstored. In particular the transaction model in oxenstored does not involve taking a complete copy of the database and aborting on any (even non-conflicting) other change. For more detail on the design, implementation and a performance comparison see [http://gazagnaire.org/pub/GH09.pdf this paper].
* Support for upstream qemu; nearing feature parity (non default still, but we want people to be testing it)
 
  +
** Support for xenstored (C version only) in a stubdomain, improving scalability and security.
* Added libvchan to xen mainline(cross domain comms)
 
  +
* Support for upstream qemu
  +
** Used by default when required for PV guests (e.g. qdisk backend or VFB support)
  +
** Optional tech preview for use with HVM guests. Missing features:
  +
*** PCI Passthrough.
  +
*** Live Migration support.
  +
* Initial support for using OVMF UEFI firmware with HVM guests (requires upstream qemu)
  +
* Added <tt>libvchan</tt> interdomain communication library.
   
 
=== Xen ===
 
=== Xen ===
  +
* EFI (extensible Firmware Interface) support for hypervisor. Allows Xen to boot on machines which use EFI rather than a traditional BIOS
* Improvements to paging and sharing, enabling higher VM density for VDI use-cases
 
  +
* Support up to 4095 Host CPUs for 64 bit h/v (from 256)
* EFI (extensible Firmware Interface) support for HV (i.e. if I have a machine that has EFI, I can use Xen on it)
 
* Support up to 256 Host CPUs for 64 bit h/v (from 128)
+
* Support for dom0 kernels compressed with xz
* Support dom0 kernels compressed with xz
 
 
* Per-device interrupt remapping (increases scalability)
 
* Per-device interrupt remapping (increases scalability)
* Support for pvhvm guest direct pirq injection (Performance improvement for PCI passthrough for Linux Guests)
+
* Support for [[Xen_Overview#PV_on_HVM|PVHVM]] guest direct physical IRQ injection (improves performance for PCI passthrough to Linux Guests)
 
* Intel SMEP (Supervisor Mode Execution Protection) support
 
* Intel SMEP (Supervisor Mode Execution Protection) support
* Mem event stuff? (Allows to externally observe what guests are up to and can be used for external virus checking - not sure what the right terminology is)
 
 
* Multiple PCI segment support
 
* Multiple PCI segment support
* Added xsave support(floating point)
+
* Added xsave support (support for newer floating point hardware features)
 
* Lots of XSM / Flask fixes (security)
 
* Lots of XSM / Flask fixes (security)
 
* AMD SVM "DecodeAssist" support (AMD CPU feature that avoids emulation and increases performance)
 
* AMD SVM "DecodeAssist" support (AMD CPU feature that avoids emulation and increases performance)
Line 67: Line 74:
 
** Enhanced MCA support to include more failure types
 
** Enhanced MCA support to include more failure types
 
** APEI support (ACPI Platform Error Interface)
 
** APEI support (ACPI Platform Error Interface)
  +
* Credit Scheduler [[Credit_Scheduler#Xen4.2|tuning parameters]]:
* New scheduler parameters [http://blog.xen.org/index.php/2012/04/10/xen-4-2-new-scheduler-parameters-2/]
 
  +
** sched_ratelimit_us
  +
** tslice_ms
  +
* AMD OSVW (OS Visible Workarounds): Disables OS workarounds for hardware errata which are not necessary to workaround in guests because it is handled at the host level.
  +
* Early boot time CPU microcode patching. Xen can supplied with the microcode image by the bootloader (see the <tt>ucode</tt> [http://xenbits.xen.org/docs/4.2-testing/misc/xen-command-line.html command line option]) and load it early rather than relying on the domain 0 kernel to supply it later.
  +
* Improvements to paging and sharing, enabling higher VM density for VDI use-cases
  +
** Heavily reworked page sharing. This remains a tech preview though due to limited tools support.
  +
* Enhanced memaccess interfaces allowing increased introspection of guest memory by tools.
  +
* Initial support for nested virtualisation. This allows HVM guests access to hardware virtualisation features such that they can run their own hypervisor.
   
 
=== Removed Functionality ===
 
=== Removed Functionality ===
Line 74: Line 89:
 
* The IA64 port was removed (unmaintained)
 
* The IA64 port was removed (unmaintained)
 
 
  +
=== Deprecated Functionality ===
  +
* The [[XEND]] toolstack is now deprecated.
  +
 
=== Xen Development Support ===
 
=== Xen Development Support ===
 
* Can build with clang
 
* Can build with clang
Line 79: Line 97:
 
* Lots of xentrace improvements
 
* Lots of xentrace improvements
 
* update ocaml bindings and make them usable by xapi (which previously had it's own fork of the same codebase)
 
* update ocaml bindings and make them usable by xapi (which previously had it's own fork of the same codebase)
 
   
 
== Also See ==
 
== Also See ==

Latest revision as of 12:04, 17 December 2012

Other Xen Releases

See Xen Release Features for a comparison of the featureset of different Xen releases.

High Level features

  • Security:
    • Support for Intel Supervisor Mode Execution Protection (SMEP), which prevents the execution of usermode pages by the Xen hypervisor, making many application-to-hypervisor exploits much harder.
    • Various Xen Security Modules (XSM) / Flask improvements. The XSM framework and the Xen Flask security module is an application of the Flask architecture to the Xen hypervisor.
  • Scalability:
    • Increased VM density for VDI use-cases
    • Up to 4095 Host CPUs for 64 bit hypervisor
    • Up to 5TB host memory support for 64 bit hypervisor
    • Up to 512 VCPUs per PV VM and 256 VCPUs per HVM VM
    • Support for multiple PCI segments
    • Prefer oxenstored when present
  • Performance
    • AMD SVM DecodeAssist support
    • Scheduler improvements
  • EFI boot support for hosts using the 64 bit hypervisor
  • XL improvements, XEND is formally deprecated
  • Documentation improvements (e.g. man pages)
  • RAS:
    • Enhanced MCA support to include more failure types
    • APEI support (ACPI Platform Error Interface)

Detailed List

General

Tools

  • XL is now default toolstack and XEND is formally deprecated
    • For a feature comparison between XL and XEND see "XL vs Xend Feature Comparison".
    • lots of XL improvements, e.g.
      • More complete support for toolstack operations. Includes all basic and day to day functionality and many advanced features.
      • Support for Network driver domains in XL
      • Improved support for PCI pass-through (see "Xen 4.2: XL and PCI pass-through")
      • NetBSD support
      • Support for more intelligent NUMA placement of guest VCPUs. Plus support in the cpupools subsystem for creating a pool per NUMA node.
  • libxl improvements
    • The libxl API is now stable.
    • The libxl featureset has been greatly expanded:
      • Long running operations can now be done asynchronously.
      • Improved event handling subsystem.
  • Remus compression (compression of memory image improves performance)
  • XenStored
    • Default to oxenstored when available. Oxenstored is faster, more scalable and more reliable than the C xenstored. In particular the transaction model in oxenstored does not involve taking a complete copy of the database and aborting on any (even non-conflicting) other change. For more detail on the design, implementation and a performance comparison see this paper.
    • Support for xenstored (C version only) in a stubdomain, improving scalability and security.
  • Support for upstream qemu
    • Used by default when required for PV guests (e.g. qdisk backend or VFB support)
    • Optional tech preview for use with HVM guests. Missing features:
      • PCI Passthrough.
      • Live Migration support.
  • Initial support for using OVMF UEFI firmware with HVM guests (requires upstream qemu)
  • Added libvchan interdomain communication library.

Xen

  • EFI (extensible Firmware Interface) support for hypervisor. Allows Xen to boot on machines which use EFI rather than a traditional BIOS
  • Support up to 4095 Host CPUs for 64 bit h/v (from 256)
  • Support for dom0 kernels compressed with xz
  • Per-device interrupt remapping (increases scalability)
  • Support for PVHVM guest direct physical IRQ injection (improves performance for PCI passthrough to Linux Guests)
  • Intel SMEP (Supervisor Mode Execution Protection) support
  • Multiple PCI segment support
  • Added xsave support (support for newer floating point hardware features)
  • Lots of XSM / Flask fixes (security)
  • AMD SVM "DecodeAssist" support (AMD CPU feature that avoids emulation and increases performance)
  • RAS:
    • Enhanced MCA support to include more failure types
    • APEI support (ACPI Platform Error Interface)
  • Credit Scheduler tuning parameters:
    • sched_ratelimit_us
    • tslice_ms
  • AMD OSVW (OS Visible Workarounds): Disables OS workarounds for hardware errata which are not necessary to workaround in guests because it is handled at the host level.
  • Early boot time CPU microcode patching. Xen can supplied with the microcode image by the bootloader (see the ucode command line option) and load it early rather than relying on the domain 0 kernel to supply it later.
  • Improvements to paging and sharing, enabling higher VM density for VDI use-cases
    • Heavily reworked page sharing. This remains a tech preview though due to limited tools support.
  • Enhanced memaccess interfaces allowing increased introspection of guest memory by tools.
  • Initial support for nested virtualisation. This allows HVM guests access to hardware virtualisation features such that they can run their own hypervisor.

Removed Functionality

  • ACM (alternative XSM to Flask) was removed (unmaintained)
  • Removed vnet (unmaintained)
  • The IA64 port was removed (unmaintained)

Deprecated Functionality

  • The XEND toolstack is now deprecated.

Xen Development Support

  • Can build with clang
  • Added "make deb" target
  • Lots of xentrace improvements
  • update ocaml bindings and make them usable by xapi (which previously had it's own fork of the same codebase)

Also See

  • Category:Xen 4.2 - Contains articles and tutorials related to new functionality in Xen 4.2