Xen Project Announces Performance and Security Advancements with Release of 4.19
The Linux Foundation | 31 July 2024
New release marks significant enhancements in performance, security, and versatility across various architectures.
SAN FRANCISCO – July 31st, 2024 – The Xen Project, an open source project under the Linux Foundation, is proud to announce the release of Xen Project 4.19. This release marks a significant milestone in enhancing performance, security, and versatility across various architectures, including Arm, PPC, RISC-V, and x86, altogether providing a robust and secure hypervisor solution for both enterprises and cloud providers.
The Xen Project continues to lead the way in virtualization technology. With contributions from a wide and diverse range of companies, including board members AMD, ARM, AWS, EPAM, Vates, and XenServer, Xen Project 4.19 introduces a range of key changes and improvements that solidify its position as a premier open-source virtualization platform. Comprehensive improvements include substantial enhancements in memory management, security, and system stability, spanning multiple architectures and benefitting a wide array of users and use cases.
"The 4.19 release is a significant achievement for the Xen community, bringing crucial enhancements across all supported architectures," said Kelly Choi, Community Manager at the Xen Project. "New features such as the x2APIC driver for x86 and dynamic node programming for Arm highlight our focus on meeting the evolving needs of our users, and underscores our dedication to advancing virtualization technology with a robust, reliable and open source hypervisor."
Notable Improvements in Release 4.19 Include:
Security Enhancements
- Published 13 new Xen Security Advisories (XSAs) to mitigate vulnerabilities.
- Adoption of additional MISRA-C rules for improved code quality.
Arm Architecture
- Introduction of dynamic node programming using overlay dtbo.
- FF-A notification support
x86 Architecture
-
Introduce a new x2APIC driver that uses Cluster Logical addressing mode for IPIs and physical addressing mode for external interrupts.
-
Deprecate support for XeonPhi in 4.19, with the firm plan to remove support in 4.20.
PVH
- PVH dom0 has now moved to "supported with caveats" status
- PVH/HVM can now map foreign pages, which should for example allow QEMU stubdomains to run as PVH
- Boot time speedup due to the IOMMU changes
- Don't expose pIRQ support to HVM guests by default. The feature (XENFEAT_hvm_pirqs) can now be enabled on a per-domain basis
Other updates:
-
Add a new 9pfs backend running as a daemon in dom0. First user is Xenstore-stubdom now being able to support full Xenstore trace capability.
-
libxl support for backendtype=tap with tapback.
- Increase the maximum number of CPUs Xen can be built for from 4095 to 16383.
- When building with Systemd support (./configure --enable-systemd), remove
libsystemd as a build dependency. Systemd Notify support is retained, now
using a standalone library implementation.
- xenalyze no longer requires `--svm-mode` when analyzing traces generated on AMD CPUs.
- Code symbol annotations and MISRA compliance improvements.
- CI updates:
- Minimum fixes to rebuild the containers, following the HEREDOC problems.
- Rebuild containers to have testing with up-to-date LTS distros.
- Few build system checks, and strip the obsolete contents of the build containers.
The Xen Project 4.19 release underscores the community’s commitment to advancing virtualization technology. Visit the Xen Project website to learn more, and join the conversation by signing up for the Xen Project mailing list and Matrix.
Supporting Quotes
"AMD looks forward to embracing the advancements in the Xen 4.19 release. With MISRA C compliance nearing completion, this milestone brings us closer to a safety-certifiable hypervisor. Additionally, the support for Device Tree overlays for dynamic VM configurations significantly enhances Xen's flexibility with AMD FPGAs and adaptive SoCs, positioning it as a robust solution for critical embedded applications."
– Kris Chaplin, Open Source Software Lead - Systems Engineering, AMD.
“As a proud board member of the Xen Project, XenServer is thrilled to witness the release of Xen 4.19. This new release signifies a remarkable stride in code safety and memory management across various architectures. At XenServer, we are committed to our collaboration with the community to contribute to the future of the Xen hypervisor. We look forward to integrating these enhancements in security and performance into the XenServer product, ensuring that our users can leverage the latest advancements in virtualisation technology.”
– Diego Novellon, Software Engineering Manager, XenServer
"At Vates, we are pleased with the continuous advancements of the Xen project and are proud to contribute to its progress. Notably, Oleksii, one of our dedicated XCP-ng developers, served as the release manager for Xen 4.19. Currently, we are involved in the AMD SEV projects and the Xen port to RISC-V. Alongside other board members, we continue to elevate the Xen project's visibility, ensuring it is recognized not only by its contributors but also within the virtualization sector. Beyond this release, we remain deeply committed to expanding the Xen project's reach by building bridges with other communities and the academic world, fostering broader collaboration and innovation through teamwork."
– Olivier Lambert, CEO, Vates
“Arm is the platform of choice for a vast ecosystem of developers, and our ongoing work with the Xen Project continues to be an important part of our commitment to the open source software community. Virtualization is critical to applications like automotive, where the XEN Hypervisor is part of the SOAFEE open source reference implementation, and the release of Xen 4.19 brings significant improvements in dynamic node programming for the Arm architecture. We look forward to seeing how developers leverage this new release for future automotive use-cases on Arm."
– Andrew Wafaa, senior director, Software Communities at Arm
***
About the Xen Project
The Xen Project is the home for several virtualization-related open source projects and is licensed under the GPLv2. Hosted by the Linux Foundation, Xen Project is focused on advancing virtualization in a number of different commercial and open source applications, including server virtualization, Infrastructure as a Services (IaaS), desktop virtualization, security applications, embedded and hardware appliances, and automotive/aviation. For more information visit XenProject.org.
Media Contact:
Noah Lehman
The Linux Foundation
nlehman@linuxfoundation.org
About The Linux Foundation
The Linux Foundation is the world’s leading home for collaboration on open source software, hardware, standards, and data. Linux Foundation projects are critical to the world’s infrastructure including Linux, Kubernetes, Node.js, ONAP, OpenChain, OpenSSF, PyTorch, RISC-V, SPDX, Zephyr, and more. The Linux Foundation focuses on leveraging best practices and addressing the needs of contributors, users, and solution providers to create sustainable models for open collaboration. For more information, please visit us at linuxfoundation.org. The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see its trademark usage page: www.linuxfoundation.org/trademark-usage. Linux is a registered trademark of Linus Torvalds.