Xen Project Hypervisor Version 4.14 brings added security and performance

Xen Project Hypervisor Version 4.14 brings added security and performance

July 24, 2020 Off By David

TheXen Project, an open source hypervisor hosted at the Linux Foundation, today announced the release of Xen Project Hypervisor 4.14, which introduces Linux stubdomains, better nested performance, more robust live patching and reflects contributions from across the community and ecosystem. This release also continues the fundamental shift for Xen, which was outlined in version 4.13, to make it increasingly resistant to side-channel attacks and hardware issues.

“Xen Project Hypervisor 4.14 is a clear example of important investments from companies and community members to move the project forward,” said George Dunlap, Xen Project Advisory Board Chair.  “We continue to see broad participation from many companies, which is validation of the important role Xen plays in the open-source virtualization space: a project focused solely on virtualization, with a mature code base and community.”

Security
Advanced security has always been one of Xen’s distinctive strengths. This precedent continues with more security-focused features this release.

Key updates and improvements include:

  • Linux Stubdomains that can run the newest device models, allowing users to take advantage of one of Xen’s unique security features while still having the latest emulated hardware.
     
  • Lightweight VM fork for fuzzing / introspection.  Allows very fast introspection “experimentation”, for analyzing malware or finding bugs on systems with Intel EPT support.
     
  • New livepatch features allow for a wider range of security fixes to be live patched while providing extra safety mechanisms to prevent users from applying patches in the wrong order. 
     
  • Control-flow Enforcement Technology (CET) Shadow Stack support.  Control-flow Enforcement Technology (CET) is a set of features in hardware designed to combat Return-oriented Programming (ROP, also call/jump COP/¯JOP) attacks.  Xen 4.14 can use these hardware features, if available, to protect itself from ROP attacks.

Embedded and Safety-Critical
As the Xen project continues to evolve and grow, it has become relevant for the embedded and automotive use cases. Due to this, and the importance of functional safety and safety certification to these use cases, Xen continues on a journey to become Safety Certifiable. A key part of this initiative is the progress made in the Xen Project Functional Safety Working group, which was created in the Spring of 2019 and is supported by multiple vendors, including safety assessors. A new development out of this group is the successful drafting of prototype requirement documents and progress towards the processes and procedures on maintaining these documents.

Support for new platforms
Support for Raspberry Pi 4 has been extended and now all versions of the RPI4, including the popular ones with 4GB and 8GB of RAM, work on Xen. Additionally, version 4.14 will support the next generation AMD EPYC processor, codenamed “Milan”, when it is available to the public.

Featured Highlights

  • Support for Xen running under Hyper-V. Xen will now run as a guest under Hyper-V, the hypervisor developed by Microsoft which runs Microsoft’s Azure cloud. Running Xen inside a cloud allows the same VM control stack to be used on-premise as in a cloud, allowing virtual machines to be moved freely between on-prem and cloud, or even between clouds.
     
  • Hypervisor FS support. Similar to Linux’s sysfs, Hypervisor FS allows Xen to expose internal data and control knobs in a structured way, without the previous requirement of  parsing log data or writing custom hypercalls to transport the data, and custom code to read it.

Xen Hypervisor version 4.14 also includes improvements to hypervisor build, x2APIC mode, mem sharing, altp2m, x86 boot path, microcode handling, libxl event handling, xenstore, xentop, network hotplug scripts and more.

Ongoing work on upcoming features

  • Secret-free Xen– As side channel attacks continue to be risk, Secret free Xen will prevent memory from being mapped which will allow for mitigations to be turned off, increasing performance and erasing the data that was being sought after to begin with. 
     
  • Golang bindings significantly expanded – This upcoming feature will make it easier to develop customer code on top of Xen using the language, Go.
     
  • Live migration without need for guest cooperation – Current users must have functioning Xen drivers in the guest to live migrate. This upcoming feature allows users to migrate VMs with no drivers or broken drivers.