SlideShare a Scribd company logo

XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software Engineer, Citrix

The Linux Foundation
The Linux Foundation

The idea of making Xen secret-free has been floating since Spectre and Meltdown came into light. In this talk we will discuss what is being done and what needs to be done next.

Software
1 of 17
Download to read offline
Secret-free Hypervisor: Now and Future Wei Liu <wl@xen.org>
Agenda • Why this project • What and how • Primary targets • Project scope • Project showcase • Project status
Why this project • Prompted by Meltdown and Spectre • Side-channels are here to stay • Hardware bugs are here to stay • Well-established isolation mechanisms and security boundaries are broken • Rethink Xen’s strategy against a whole class of issues • What if there is no secret to leak in the first place?
Primary targets • Direct map • Xen has a 1:1 mapping of all physical memory in the machine for performance reason • If you can read from that mapping, you can read everything in the machine • Stack • Stack in Xen is allocated from an always mapped heap (xenheap) visible to all PCPUs • Stack content is considered sensitive
Fixes? • Direct map • Remove it completely • Map / unmap pages as required when accessing memory • Stack • Switch to per-PCPU stack which is not visible to other PCPUs in the same machine
Xen code is … J • Xen’s academic origin and organic growth for years brings some challenging aspects: • Messy or not so modular code structure • Missing design documents • Lacking comments • Interesting-looking code and design decisions
A taste of the scope Secret-free hypervisor Remove direct map Use per-PCPU stack Implement Xenheap with vmap Remove mapping infrastructure’s dependency on direct map Implement per-PCPU mapping infrastructure Implement Persistent MAP (PMAP) infrastructure for bootstrapping Use Domheap for page tables Carve out address space Adjust early boot / AP bringup code Maintain correct mapping while context switching
Project showcase Secret-free hypervisor Remove direct map Use per-PCPU stack Implement Xenheap with vmap Remove mapping infrastructure’s dependency on direct map Implement per-PCPU mapping infrastructure Implement Persistent MAP (PMAP) infrastructure for bootstrapping Use Domheap for page tables Carve out address space Adjust early boot / AP bringup code Maintain correct mapping while context switching
Domheap for page tables • Currently page tables are xenheap pages (always mapped pages) • All code is written with the “always mapped” property in mind • Want to use domheap for page tables • Need to (painstakingly) rewrite internal APIs and dependent code without breaking bisection • More importantly, the changes need to be broken down to reviewable patches
Project showcase Secret-free hypervisor Remove direct map Use per-PCPU stack Implement Xenheap with vmap Remove mapping infrastructure’s dependency on direct map Implement per-PCPU mapping infrastructure Implement Persistent MAP (PMAP) infrastructure for bootstrapping Use Domheap for page tables Carve out address space Adjust early boot / AP bringup code Maintain correct mapping while context switching
Implement xenheap with vmap • Less secrets in xenheap but keep its property • Currently vmap is implemented on top of xenheap -- need to flip their relationship • Problems so far: • Make sure page <-> virt conversion functions continue working (or remove them entirely with lots of code churn…) • Make vmap able to unmap a portion of a mapping – there is an optimization in xmalloc which depends on such behavior • Need to break a xenheap-vmap call loop in the page table allocation APIs - - this is reason for the previous project • Patches need not break bisection and be reviewable
Project showcase Secret-free hypervisor Remove direct map Use per-PCPU stack Implement Xenheap with vmap Remove mapping infrastructure’s dependency on direct map Implement per-PCPU mapping infrastructure Implement Persistent MAP (PMAP) infrastructure for bootstrapping Use Domheap for page tables Carve out address space Adjust early boot / AP bringup code Maintain correct mapping while context switching
Implement PMAP infrastructure • Named (badly) after an infrastructure in Linux • The only similarity is they both have a small-ish address space with statically set up page tables • To solve a bootstrapping problem: • Per-PCPU mapping infrastructure needs some mapping mechanism to set itself up without a direct map • Only used during CPU onlining / offlining
Status Secret-free hypervisor Remove direct map Use per-PCPU stack Implement Xenheap with vmap Remove mapping infrastructure’s dependency on direct map Implement per-PCPU mapping infrastructure Implement Persistent MAP (PMAP) infrastructure for bootstrapping Use Domheap for page tables Carve out address space Adjust early boot / AP bringup code Maintain correct mapping while context switching 50+ patches ~5 patches 10+ patches (incomplete) ~5 patches ~10 patches ~15 patches Legend: Patches written from scratch Patches from earlier work that are maybe salvageable
Missing aspect: performance • Can’t really test performance at this stage • May not be too bad (but I could be wrong): • Removing direct map • Xen only needs to access a few pages while a guest is running • PV guest page manipulation code is already very long • Per-PCPU stack • A PCPU only cares about its own stack during normal operation
More information • https://xenproject.atlassian.net/browse/XEN-119 • https://lists.xenproject.org/archives/html/xen-devel/2019- 01/msg01923.html • https://lists.xenproject.org/archives/html/xen-devel/2018- 10/msg01477.html
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software Engineer, Citrix

Recommended

XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
The Linux Foundation
 
The Rocky Cloud Road
The Rocky Cloud RoadThe Rocky Cloud Road
The Rocky Cloud Road
Gert Drapers
 
VMworld 2013: Examining vSphere Design Through a Design Scenario
VMworld 2013: Examining vSphere Design Through a Design Scenario VMworld 2013: Examining vSphere Design Through a Design Scenario
VMworld 2013: Examining vSphere Design Through a Design Scenario
VMworld
 
Towards automated testing - CloudStack Collab Conference
Towards automated testing - CloudStack Collab ConferenceTowards automated testing - CloudStack Collab Conference
Towards automated testing - CloudStack Collab Conference
amoghvk
 
Infrastructure as Code - Getting Started, Concepts & Tools
Infrastructure as Code - Getting Started, Concepts & ToolsInfrastructure as Code - Getting Started, Concepts & Tools
Infrastructure as Code - Getting Started, Concepts & Tools
Lior Kamrat
 
Java Application Servers Are Dead!
Java Application Servers Are Dead!Java Application Servers Are Dead!
Java Application Servers Are Dead!
Eberhard Wolff
 
VMworld 2016: Getting Started with PowerShell and PowerCLI for Your VMware En...
VMworld 2016: Getting Started with PowerShell and PowerCLI for Your VMware En...VMworld 2016: Getting Started with PowerShell and PowerCLI for Your VMware En...
VMworld 2016: Getting Started with PowerShell and PowerCLI for Your VMware En...
VMworld
 
Case study: advantages of the private cloud computing platform
Case study: advantages of the private cloud computing platformCase study: advantages of the private cloud computing platform
Case study: advantages of the private cloud computing platform
ISPABelgium
 

Recommended

XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
The Linux Foundation
 
The Rocky Cloud Road
The Rocky Cloud RoadThe Rocky Cloud Road
The Rocky Cloud Road
Gert Drapers
 
VMworld 2013: Examining vSphere Design Through a Design Scenario
VMworld 2013: Examining vSphere Design Through a Design Scenario VMworld 2013: Examining vSphere Design Through a Design Scenario
VMworld 2013: Examining vSphere Design Through a Design Scenario
VMworld
 
Towards automated testing - CloudStack Collab Conference
Towards automated testing - CloudStack Collab ConferenceTowards automated testing - CloudStack Collab Conference
Towards automated testing - CloudStack Collab Conference
amoghvk
 
Infrastructure as Code - Getting Started, Concepts & Tools
Infrastructure as Code - Getting Started, Concepts & ToolsInfrastructure as Code - Getting Started, Concepts & Tools
Infrastructure as Code - Getting Started, Concepts & Tools
Lior Kamrat
 
Java Application Servers Are Dead!
Java Application Servers Are Dead!Java Application Servers Are Dead!
Java Application Servers Are Dead!
Eberhard Wolff
 
VMworld 2016: Getting Started with PowerShell and PowerCLI for Your VMware En...
VMworld 2016: Getting Started with PowerShell and PowerCLI for Your VMware En...VMworld 2016: Getting Started with PowerShell and PowerCLI for Your VMware En...
VMworld 2016: Getting Started with PowerShell and PowerCLI for Your VMware En...
VMworld
 
Case study: advantages of the private cloud computing platform
Case study: advantages of the private cloud computing platformCase study: advantages of the private cloud computing platform
Case study: advantages of the private cloud computing platform
ISPABelgium
 
3 the cloud
3 the cloud 3 the cloud
3 the cloud
Len Bass
 
VMworld 2015: Monitoring and Managing Applications with vRealize Operations 6...
VMworld 2015: Monitoring and Managing Applications with vRealize Operations 6...VMworld 2015: Monitoring and Managing Applications with vRealize Operations 6...
VMworld 2015: Monitoring and Managing Applications with vRealize Operations 6...
VMworld
 
4 container management
4 container management4 container management
4 container management
Len Bass
 
VMware Log Insight
VMware Log Insight VMware Log Insight
VMware Log Insight
Iwan Rahabok
 
Application Virtualization, University of New Hampshire
Application Virtualization, University of New HampshireApplication Virtualization, University of New Hampshire
Application Virtualization, University of New Hampshire
Tony Austwick
 
A Note on Distributed Computing - Papers We Love Hyderabad
A Note on Distributed Computing - Papers We Love HyderabadA Note on Distributed Computing - Papers We Love Hyderabad
A Note on Distributed Computing - Papers We Love Hyderabad
Hrishikesh Barua
 
Bluetube
BluetubeBluetube
Bluetube
Vinoth Chandar
 
Perforce on Tour 2015 - Optimising the Developer Pipeline at U-Blox
Perforce on Tour 2015 - Optimising the Developer Pipeline at U-BloxPerforce on Tour 2015 - Optimising the Developer Pipeline at U-Blox
Perforce on Tour 2015 - Optimising the Developer Pipeline at U-Blox
Perforce
 
Net1674 final emea
Net1674 final emeaNet1674 final emea
Net1674 final emea
VMworld
 
VMworld Europe 204: Technical Deep Dive on EVO: RAIL, the new VMware Hyper-Co...
VMworld Europe 204: Technical Deep Dive on EVO: RAIL, the new VMware Hyper-Co...VMworld Europe 204: Technical Deep Dive on EVO: RAIL, the new VMware Hyper-Co...
VMworld Europe 204: Technical Deep Dive on EVO: RAIL, the new VMware Hyper-Co...
VMworld
 
6 microservice architecture
6 microservice architecture6 microservice architecture
6 microservice architecture
Len Bass
 
VMworld 2016: Troubleshooting 101 for Horizon
VMworld 2016: Troubleshooting 101 for HorizonVMworld 2016: Troubleshooting 101 for Horizon
VMworld 2016: Troubleshooting 101 for Horizon
VMworld
 
8 pipeline
8 pipeline 8 pipeline
8 pipeline
Len Bass
 
VMworld 2015: How To Troubleshoot Using vRealize Operations Manager (Deep Liv...
VMworld 2015: How To Troubleshoot Using vRealize Operations Manager (Deep Liv...VMworld 2015: How To Troubleshoot Using vRealize Operations Manager (Deep Liv...
VMworld 2015: How To Troubleshoot Using vRealize Operations Manager (Deep Liv...
VMworld
 
Continuous Integration for BSP
Continuous Integration for BSPContinuous Integration for BSP
Continuous Integration for BSP
Witekio
 
XenApp XenDesktop 7.8 Workshop
XenApp XenDesktop 7.8 Workshop XenApp XenDesktop 7.8 Workshop
XenApp XenDesktop 7.8 Workshop
Digicomp Academy AG
 
OpenCV for Embedded: Lessons Learned
OpenCV for Embedded: Lessons LearnedOpenCV for Embedded: Lessons Learned
OpenCV for Embedded: Lessons Learned
Yury Gorbachev
 
Microservices on top of kafka
Microservices on top of kafkaMicroservices on top of kafka
Microservices on top of kafka
LivePerson
 
Co je nového v XenDesktop 7.6 a XenApp 7.6
Co je nového v XenDesktop 7.6 a XenApp 7.6 Co je nového v XenDesktop 7.6 a XenApp 7.6
Co je nového v XenDesktop 7.6 a XenApp 7.6
MarketingArrowECS_CZ
 
(ATS4-PLAT06) Considerations for sizing and deployment
(ATS4-PLAT06) Considerations for sizing and deployment(ATS4-PLAT06) Considerations for sizing and deployment
(ATS4-PLAT06) Considerations for sizing and deployment
BIOVIA
 
High Fidelity Games: Real Examples, Best Practices ... | Oleksii Vasylenko
High Fidelity Games: Real Examples, Best Practices ... | Oleksii VasylenkoHigh Fidelity Games: Real Examples, Best Practices ... | Oleksii Vasylenko
High Fidelity Games: Real Examples, Best Practices ... | Oleksii Vasylenko
Jessica Tams
 
Apache HAMA: An Introduction toBulk Synchronization Parallel on Hadoop
Apache HAMA: An Introduction toBulk Synchronization Parallel on HadoopApache HAMA: An Introduction toBulk Synchronization Parallel on Hadoop
Apache HAMA: An Introduction toBulk Synchronization Parallel on Hadoop
guest20d395b
 

More Related Content

What's hot

VMworld 2015: Monitoring and Managing Applications with vRealize Operations 6...
VMworld 2015: Monitoring and Managing Applications with vRealize Operations 6...VMworld 2015: Monitoring and Managing Applications with vRealize Operations 6...
VMworld 2015: Monitoring and Managing Applications with vRealize Operations 6...
VMworld
 
Application Virtualization, University of New Hampshire
Application Virtualization, University of New HampshireApplication Virtualization, University of New Hampshire
Application Virtualization, University of New Hampshire
Tony Austwick
 
Net1674 final emea
Net1674 final emeaNet1674 final emea
Net1674 final emea
VMworld
 
(ATS4-PLAT06) Considerations for sizing and deployment
(ATS4-PLAT06) Considerations for sizing and deployment(ATS4-PLAT06) Considerations for sizing and deployment
(ATS4-PLAT06) Considerations for sizing and deployment
BIOVIA
 

What's hot (20)

3 the cloud
3 the cloud 3 the cloud
3 the cloud
 
VMworld 2015: Monitoring and Managing Applications with vRealize Operations 6...
VMworld 2015: Monitoring and Managing Applications with vRealize Operations 6...VMworld 2015: Monitoring and Managing Applications with vRealize Operations 6...
VMworld 2015: Monitoring and Managing Applications with vRealize Operations 6...
 
4 container management
4 container management4 container management
4 container management
 
VMware Log Insight
VMware Log Insight VMware Log Insight
VMware Log Insight
 
Application Virtualization, University of New Hampshire
Application Virtualization, University of New HampshireApplication Virtualization, University of New Hampshire
Application Virtualization, University of New Hampshire
 
A Note on Distributed Computing - Papers We Love Hyderabad
A Note on Distributed Computing - Papers We Love HyderabadA Note on Distributed Computing - Papers We Love Hyderabad
A Note on Distributed Computing - Papers We Love Hyderabad
 
Bluetube
BluetubeBluetube
Bluetube
 
Perforce on Tour 2015 - Optimising the Developer Pipeline at U-Blox
Perforce on Tour 2015 - Optimising the Developer Pipeline at U-BloxPerforce on Tour 2015 - Optimising the Developer Pipeline at U-Blox
Perforce on Tour 2015 - Optimising the Developer Pipeline at U-Blox
 
Net1674 final emea
Net1674 final emeaNet1674 final emea
Net1674 final emea
 
VMworld Europe 204: Technical Deep Dive on EVO: RAIL, the new VMware Hyper-Co...
VMworld Europe 204: Technical Deep Dive on EVO: RAIL, the new VMware Hyper-Co...VMworld Europe 204: Technical Deep Dive on EVO: RAIL, the new VMware Hyper-Co...
VMworld Europe 204: Technical Deep Dive on EVO: RAIL, the new VMware Hyper-Co...
 
6 microservice architecture
6 microservice architecture6 microservice architecture
6 microservice architecture
 
VMworld 2016: Troubleshooting 101 for Horizon
VMworld 2016: Troubleshooting 101 for HorizonVMworld 2016: Troubleshooting 101 for Horizon
VMworld 2016: Troubleshooting 101 for Horizon
 
8 pipeline
8 pipeline 8 pipeline
8 pipeline
 
VMworld 2015: How To Troubleshoot Using vRealize Operations Manager (Deep Liv...
VMworld 2015: How To Troubleshoot Using vRealize Operations Manager (Deep Liv...VMworld 2015: How To Troubleshoot Using vRealize Operations Manager (Deep Liv...
VMworld 2015: How To Troubleshoot Using vRealize Operations Manager (Deep Liv...
 
Continuous Integration for BSP
Continuous Integration for BSPContinuous Integration for BSP
Continuous Integration for BSP
 
XenApp XenDesktop 7.8 Workshop
XenApp XenDesktop 7.8 Workshop XenApp XenDesktop 7.8 Workshop
XenApp XenDesktop 7.8 Workshop
 
OpenCV for Embedded: Lessons Learned
OpenCV for Embedded: Lessons LearnedOpenCV for Embedded: Lessons Learned
OpenCV for Embedded: Lessons Learned
 
Microservices on top of kafka
Microservices on top of kafkaMicroservices on top of kafka
Microservices on top of kafka
 
Co je nového v XenDesktop 7.6 a XenApp 7.6
Co je nového v XenDesktop 7.6 a XenApp 7.6 Co je nového v XenDesktop 7.6 a XenApp 7.6
Co je nového v XenDesktop 7.6 a XenApp 7.6
 
(ATS4-PLAT06) Considerations for sizing and deployment
(ATS4-PLAT06) Considerations for sizing and deployment(ATS4-PLAT06) Considerations for sizing and deployment
(ATS4-PLAT06) Considerations for sizing and deployment
 

Similar to XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software Engineer, Citrix

Building Highly Available Apps on Cassandra (Robbie Strickland, Weather Compa...
Building Highly Available Apps on Cassandra (Robbie Strickland, Weather Compa...Building Highly Available Apps on Cassandra (Robbie Strickland, Weather Compa...
Building Highly Available Apps on Cassandra (Robbie Strickland, Weather Compa...
DataStax
 
End to-end async and await
End to-end async and awaitEnd to-end async and await
End to-end async and await
vfabro
 
SPTechCon Austin 2019 - From SharePoint to Office 365 development
SPTechCon Austin 2019 - From SharePoint to Office 365 developmentSPTechCon Austin 2019 - From SharePoint to Office 365 development
SPTechCon Austin 2019 - From SharePoint to Office 365 development
Sébastien Levert
 
Transitioning Groupon to Node.js - EmpireJS 2014
Transitioning Groupon to Node.js - EmpireJS 2014Transitioning Groupon to Node.js - EmpireJS 2014
Transitioning Groupon to Node.js - EmpireJS 2014
Sean McCullough
 
Low Latency Polyglot Model Scoring using Apache Apex
Low Latency Polyglot Model Scoring using Apache ApexLow Latency Polyglot Model Scoring using Apache Apex
Low Latency Polyglot Model Scoring using Apache Apex
Apache Apex
 
Take a peek at Dell's smart EPM global environment
Take a peek at Dell's smart EPM global environmentTake a peek at Dell's smart EPM global environment
Take a peek at Dell's smart EPM global environment
Rodrigo Radtke de Souza
 

Similar to XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software Engineer, Citrix (20)

High Fidelity Games: Real Examples, Best Practices ... | Oleksii Vasylenko
High Fidelity Games: Real Examples, Best Practices ... | Oleksii VasylenkoHigh Fidelity Games: Real Examples, Best Practices ... | Oleksii Vasylenko
High Fidelity Games: Real Examples, Best Practices ... | Oleksii Vasylenko
 
Apache HAMA: An Introduction toBulk Synchronization Parallel on Hadoop
Apache HAMA: An Introduction toBulk Synchronization Parallel on HadoopApache HAMA: An Introduction toBulk Synchronization Parallel on Hadoop
Apache HAMA: An Introduction toBulk Synchronization Parallel on Hadoop
 
Apache HAMA: An Introduction toBulk Synchronization Parallel on Hadoop
Apache HAMA: An Introduction toBulk Synchronization Parallel on HadoopApache HAMA: An Introduction toBulk Synchronization Parallel on Hadoop
Apache HAMA: An Introduction toBulk Synchronization Parallel on Hadoop
 
PROCESS WARP
PROCESS WARPPROCESS WARP
PROCESS WARP
 
Build Your First SharePoint Framework Webpart
Build Your First SharePoint Framework WebpartBuild Your First SharePoint Framework Webpart
Build Your First SharePoint Framework Webpart
 
Building Highly Available Apps on Cassandra (Robbie Strickland, Weather Compa...
Building Highly Available Apps on Cassandra (Robbie Strickland, Weather Compa...Building Highly Available Apps on Cassandra (Robbie Strickland, Weather Compa...
Building Highly Available Apps on Cassandra (Robbie Strickland, Weather Compa...
 
How to automate the SharePoint Provisioning
How to automate the SharePoint Provisioning How to automate the SharePoint Provisioning
How to automate the SharePoint Provisioning
 
End to-end async and await
End to-end async and awaitEnd to-end async and await
End to-end async and await
 
SPTechCon Austin 2019 - From SharePoint to Office 365 development
SPTechCon Austin 2019 - From SharePoint to Office 365 developmentSPTechCon Austin 2019 - From SharePoint to Office 365 development
SPTechCon Austin 2019 - From SharePoint to Office 365 development
 
ASP.NET
ASP.NETASP.NET
ASP.NET
 
Data Parallel and Object Oriented Model
Data Parallel and Object Oriented ModelData Parallel and Object Oriented Model
Data Parallel and Object Oriented Model
 
Azure Automation, PnP Provisioning and PnP PowerShell
Azure Automation, PnP Provisioning and PnP PowerShellAzure Automation, PnP Provisioning and PnP PowerShell
Azure Automation, PnP Provisioning and PnP PowerShell
 
Galaxy
GalaxyGalaxy
Galaxy
 
ASP.NET 5 - Microsoft's Web development platform reimagined
ASP.NET 5 - Microsoft's Web development platform reimaginedASP.NET 5 - Microsoft's Web development platform reimagined
ASP.NET 5 - Microsoft's Web development platform reimagined
 
Lattice yapc-slideshare
Lattice yapc-slideshareLattice yapc-slideshare
Lattice yapc-slideshare
 
Transitioning Groupon to Node.js - EmpireJS 2014
Transitioning Groupon to Node.js - EmpireJS 2014Transitioning Groupon to Node.js - EmpireJS 2014
Transitioning Groupon to Node.js - EmpireJS 2014
 
Low Latency Polyglot Model Scoring using Apache Apex
Low Latency Polyglot Model Scoring using Apache ApexLow Latency Polyglot Model Scoring using Apache Apex
Low Latency Polyglot Model Scoring using Apache Apex
 
Practical virtual network functions with Snabb (SDN Barcelona VI)
Practical virtual network functions with Snabb (SDN Barcelona VI)Practical virtual network functions with Snabb (SDN Barcelona VI)
Practical virtual network functions with Snabb (SDN Barcelona VI)
 
Cloudera Impala: A Modern SQL Engine for Hadoop
Cloudera Impala: A Modern SQL Engine for HadoopCloudera Impala: A Modern SQL Engine for Hadoop
Cloudera Impala: A Modern SQL Engine for Hadoop
 
Take a peek at Dell's smart EPM global environment
Take a peek at Dell's smart EPM global environmentTake a peek at Dell's smart EPM global environment
Take a peek at Dell's smart EPM global environment
 

More from The Linux Foundation

ELC2019: Static Partitioning Made Simple
ELC2019: Static Partitioning Made SimpleELC2019: Static Partitioning Made Simple
ELC2019: Static Partitioning Made Simple
The Linux Foundation
 
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
The Linux Foundation
 
XPDDS19 Keynote: Unikraft Weather Report
XPDDS19 Keynote: Unikraft Weather ReportXPDDS19 Keynote: Unikraft Weather Report
XPDDS19 Keynote: Unikraft Weather Report
The Linux Foundation
 
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, XilinxXPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
The Linux Foundation
 
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
The Linux Foundation
 
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making... OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
The Linux Foundation
 
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
The Linux Foundation
 
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
The Linux Foundation
 
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
The Linux Foundation
 
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information Security
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information SecurityXPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information Security
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information Security
The Linux Foundation
 

More from The Linux Foundation (20)

ELC2019: Static Partitioning Made Simple
ELC2019: Static Partitioning Made SimpleELC2019: Static Partitioning Made Simple
ELC2019: Static Partitioning Made Simple
 
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
 
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
 
XPDDS19 Keynote: Unikraft Weather Report
XPDDS19 Keynote: Unikraft Weather ReportXPDDS19 Keynote: Unikraft Weather Report
XPDDS19 Keynote: Unikraft Weather Report
 
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, XilinxXPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
 
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
 
XPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
XPDDS19: Memories of a VM Funk - Mihai Donțu, BitdefenderXPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
XPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
 
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
 
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making... OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
 
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, CitrixXPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
 
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltdXPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
 
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
 
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&DXPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
 
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM SystemsXPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
 
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
 
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
 
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
 
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSEXPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
 
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information Security
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information SecurityXPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information Security
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information Security
 
XPDDS19: Support of PV Devices in Nested Xen - Jürgen Groß, SUSE
XPDDS19: Support of PV Devices in Nested Xen - Jürgen Groß, SUSEXPDDS19: Support of PV Devices in Nested Xen - Jürgen Groß, SUSE
XPDDS19: Support of PV Devices in Nested Xen - Jürgen Groß, SUSE
 

Recently uploaded

Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS LiveVip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Call Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure
 
AI & Machine Learning Presentation Template
AI & Machine Learning Presentation TemplateAI & Machine Learning Presentation Template
AI & Machine Learning Presentation Template
Presentation.STUDIO
 
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdfintroduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
VishalKumarJha10
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
panagenda
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
Delhi Call girls
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Steffen Staab
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
Delhi Call girls
 
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionIntroducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
OnePlan Solutions
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
VictorSzoltysek
 

Recently uploaded (20)

Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS LiveVip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
 
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
 
AI & Machine Learning Presentation Template
AI & Machine Learning Presentation TemplateAI & Machine Learning Presentation Template
AI & Machine Learning Presentation Template
 
Microsoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdfMicrosoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdf
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdfintroduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.js
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdfAzure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
Exploring the Best Video Editing App.pdf
Exploring the Best Video Editing App.pdfExploring the Best Video Editing App.pdf
Exploring the Best Video Editing App.pdf
 
8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionIntroducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
 
Define the academic and professional writing..pdf
Define the academic and professional writing..pdfDefine the academic and professional writing..pdf
Define the academic and professional writing..pdf
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
 

XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software Engineer, Citrix

  • 1. Secret-free Hypervisor: Now and Future Wei Liu <wl@xen.org>
  • 2. Agenda • Why this project • What and how • Primary targets • Project scope • Project showcase • Project status
  • 3. Why this project • Prompted by Meltdown and Spectre • Side-channels are here to stay • Hardware bugs are here to stay • Well-established isolation mechanisms and security boundaries are broken • Rethink Xen’s strategy against a whole class of issues • What if there is no secret to leak in the first place?
  • 4. Primary targets • Direct map • Xen has a 1:1 mapping of all physical memory in the machine for performance reason • If you can read from that mapping, you can read everything in the machine • Stack • Stack in Xen is allocated from an always mapped heap (xenheap) visible to all PCPUs • Stack content is considered sensitive
  • 5. Fixes? • Direct map • Remove it completely • Map / unmap pages as required when accessing memory • Stack • Switch to per-PCPU stack which is not visible to other PCPUs in the same machine
  • 6. Xen code is … J • Xen’s academic origin and organic growth for years brings some challenging aspects: • Messy or not so modular code structure • Missing design documents • Lacking comments • Interesting-looking code and design decisions
  • 7. A taste of the scope Secret-free hypervisor Remove direct map Use per-PCPU stack Implement Xenheap with vmap Remove mapping infrastructure’s dependency on direct map Implement per-PCPU mapping infrastructure Implement Persistent MAP (PMAP) infrastructure for bootstrapping Use Domheap for page tables Carve out address space Adjust early boot / AP bringup code Maintain correct mapping while context switching
  • 8. Project showcase Secret-free hypervisor Remove direct map Use per-PCPU stack Implement Xenheap with vmap Remove mapping infrastructure’s dependency on direct map Implement per-PCPU mapping infrastructure Implement Persistent MAP (PMAP) infrastructure for bootstrapping Use Domheap for page tables Carve out address space Adjust early boot / AP bringup code Maintain correct mapping while context switching
  • 9. Domheap for page tables • Currently page tables are xenheap pages (always mapped pages) • All code is written with the “always mapped” property in mind • Want to use domheap for page tables • Need to (painstakingly) rewrite internal APIs and dependent code without breaking bisection • More importantly, the changes need to be broken down to reviewable patches
  • 10. Project showcase Secret-free hypervisor Remove direct map Use per-PCPU stack Implement Xenheap with vmap Remove mapping infrastructure’s dependency on direct map Implement per-PCPU mapping infrastructure Implement Persistent MAP (PMAP) infrastructure for bootstrapping Use Domheap for page tables Carve out address space Adjust early boot / AP bringup code Maintain correct mapping while context switching
  • 11. Implement xenheap with vmap • Less secrets in xenheap but keep its property • Currently vmap is implemented on top of xenheap -- need to flip their relationship • Problems so far: • Make sure page <-> virt conversion functions continue working (or remove them entirely with lots of code churn…) • Make vmap able to unmap a portion of a mapping – there is an optimization in xmalloc which depends on such behavior • Need to break a xenheap-vmap call loop in the page table allocation APIs - - this is reason for the previous project • Patches need not break bisection and be reviewable
  • 12. Project showcase Secret-free hypervisor Remove direct map Use per-PCPU stack Implement Xenheap with vmap Remove mapping infrastructure’s dependency on direct map Implement per-PCPU mapping infrastructure Implement Persistent MAP (PMAP) infrastructure for bootstrapping Use Domheap for page tables Carve out address space Adjust early boot / AP bringup code Maintain correct mapping while context switching
  • 13. Implement PMAP infrastructure • Named (badly) after an infrastructure in Linux • The only similarity is they both have a small-ish address space with statically set up page tables • To solve a bootstrapping problem: • Per-PCPU mapping infrastructure needs some mapping mechanism to set itself up without a direct map • Only used during CPU onlining / offlining
  • 14. Status Secret-free hypervisor Remove direct map Use per-PCPU stack Implement Xenheap with vmap Remove mapping infrastructure’s dependency on direct map Implement per-PCPU mapping infrastructure Implement Persistent MAP (PMAP) infrastructure for bootstrapping Use Domheap for page tables Carve out address space Adjust early boot / AP bringup code Maintain correct mapping while context switching 50+ patches ~5 patches 10+ patches (incomplete) ~5 patches ~10 patches ~15 patches Legend: Patches written from scratch Patches from earlier work that are maybe salvageable
  • 15. Missing aspect: performance • Can’t really test performance at this stage • May not be too bad (but I could be wrong): • Removing direct map • Xen only needs to access a few pages while a guest is running • PV guest page manipulation code is already very long • Per-PCPU stack • A PCPU only cares about its own stack during normal operation
  • 16. More information • https://xenproject.atlassian.net/browse/XEN-119 • https://lists.xenproject.org/archives/html/xen-devel/2019- 01/msg01923.html • https://lists.xenproject.org/archives/html/xen-devel/2018- 10/msg01477.html