Data Centre


Xen Project says new version 4.10 has found balance between security and novelty

Splendid isolation for VMs, and a hand for ARM servers

By Simon Sharwood


The Xen Project has released version 4.10 of its hypervisor.

Maintainer boss Julien Grail wrote that "As in Xen 4.9, we took a security-first approach for Xen 4.10 and spent a lot of energy to improve code quality and harden security."

"This inevitably slowed down the acceptance of new features somewhat and also delayed the release. However, we believe that we reached a meaningful balance between mature security practices and innovation."

So what's new? The Reg likes the new ability to run a VM on a chosen CPU and better ways to "express placement preference of vcpus on processors, which improves cache and memory performance when configured appropriately."

VM introspection's been enhanced, notably with "A software page table walker was added to VMI on ARM, which lays the groundwork to alt2pm for ARM CPUs."

A new UI lets users do things like "modify certain boot parameters without the need to reboot Xen."

"Guest types are now selected using the type option in the configuration file, where users can select a PV, PVH or HVM guest," according to the Project's announcement of the new release.

Support for system-on-chips (SoCs) has been enhanced weith support for the 64-bit Armv8-A architecture from Qualcomm Centriq 2400 and Cavium ThunderX. As both are server architectures, Xen's made sure it's ready if the market decides Arm-powered servers are a thing.

The new release has also, however, added support for the L2 Cache Allocation Technology (CAT) that runs on some micro-servers using Intel CPUs. So let's not assume that Xen's gone all-in on ARM.

Full release notes are here and notes on how to access and build the new release are here.

Those who have noted that the United States National Security Agency has tossed plenty of code into Xen will be pleased to see that it's again name-checked as a contributor. ®

Sign up to our NewsletterGet IT in your inbox daily


More from The Register

KVM? Us? Amazon erases new hypervisor from AWS EC2 FAQ

We've fro-Xen page to preserve evidence of NVMe servers and Xen's stay of execution

Xen Project's plan after AWS goes KVM: Talk up embedded future

Update AWS changes its tune, multi-hypervisor plan is its future

Countdown starts for new Xen hypervisor release

RC1 for Xen 4.10 is upon us, so get testing, hyper-hipsters

AWS adopts home-brewed KVM as new hypervisor

Out with Xen, in with 'core KVM technology' for new C5 instances and future VMs too

Xen 4.11 debuts new ‘PVH’ guest type, for the sake of security

Take some paravirtualization, add hardware extensions and – voila – QEMU flies away

Xen Project patches Intel’s Lazy FPU flaw, VMware doesn't need to

UPDATE Guest register states are readable, but the patch cavalry has arrived

Xen 4.11 is over a month late and its devs are mostly cool with that

Hardware hassles mean rc7 was needed, spark discussion about release cadence

Linux Foundation backs new ‘ACRN’ hypervisor for embedded and IoT

UPDATED Intel tosses in code because data centre hypervisors are too bloated

Citrix snuffs Xen and NetScaler brands

Arise, ‘Citrix Hypervisor’ and ‘ Citrix SD-WAN’

Xen warns of nine embargo-worthy bugs

We won't know what they are for a fortnight, but clouds are warning of VM reboots