Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Thursday, August 25
 

08:00

Registration
Thursday August 25, 2016 08:00 - 09:00
TBA

09:00

Keynote: Xen Project Weather Report - Lars Kurth, Xen Project / Citrix
In this talk, we will give an overview of the state of the Xen Project, trends that impact the project, see whether challenges that surfaced last year have been addressed and how we did it, and highlight new challenges and solutions for the coming year.

Speakers
LK

Lars Kurth

Chairman Xen Project / Director
Lars Kurth had his first contact with the open source community in 1997 when he worked on various parts of the ARM toolchain. This experience led Lars to become a passionate open source enthusiast who worked with and for many open source communities over the past 21 years. Lars contributed to projects such as GCC, Eclipse, Symbian and Xen and became the open source community manager for Xen.org in 2011 and later chairman of the Xen Project... Read More →


Thursday August 25, 2016 09:00 - 09:50
Pier 4

09:50

Keynote: Xen Project Development Update - Wei Liu, Citrix
The talk is a status report for the latest release and development projects. It will cover the new features and important bug fixes (if any) in 4.7. It will also provide insight on what’s in the queue for the next major release. Retrospective on the release process will also be part of talk.

Speakers
WL

Wei Liu

Software Engineer, Citrix
Wei Liu started using Xen back in 2009 for his research projects and started engaging Xen, QEMU and Linux kernel community in 2011 when he worked to port VirtIO to Xen in 2011 Google Summer of Code. Now he is a full time employee of Citrix, the driving force behind Xen.org. His work covers Xen scalability and network stack. He had experiences speaking to various audiences from technical or non-technical background, ranging from local Linux user... Read More →


Thursday August 25, 2016 09:50 - 10:30
Pier 4

10:30

Coffee Break
Thursday August 25, 2016 10:30 - 11:00
Harbour Foyer

11:00

Xen Scalability Analysis - Weidong Han, Zhichao Huang & Wei Yang, Huawei
As CPU integrates more cores, server will have more and more cores. It requires hypervisor to have good scalability. This talk will introduce our analysis on many core scalability of Xen, and share some findings and lessons.

Speakers
WH

Weidong Han

Virtualization Architect, Huawei
Weidong Han is a virtualization architect from Huawei, He has 10 years virtualization development experience. He has speaking experience in open source conferences before, such as KVM forum, Xen Summit.
ZH

Zhichao Huang

Senior Software Engineer, Huawei
Zhichao Huang is senior software engineer at Huawei, has 9 years working experience on Linux/Virtualization.
WY

Wei Yang

Senior Software Engineer, Huawei
Wei Yang is senior software engineer in Huawei. He has more than 5 years working experience on virtualization.


Thursday August 25, 2016 11:00 - 11:30
Pier 4

11:00

Xen Orchestra: building a Cloud on top of Xen - Olivier Lambert & Julien Fontanet, Vates
Since its inception, the Xen Orchestra project which uses AGPLv3, always had a philosophy to listen and engage the community. User feedback shaped our initial concept, which first targeted system administrators. Eventually, our users drove us to support cloud-scale deployments supporting up to 2000 VM's. Retaining simplicity in usage and installation, while evolving Xen Orchestra to cloud scale posed many challenges. This led us to build many new features such ACLs, self-service, live charts, config drive management, and more, forced us to constantly evolve our architecture. First we will show how user needs changed our architecture, and how we implemented challenging problems such as user permissions, ACLs, Containers in a virtualized infrastructure and self service. We will conclude with a short demo, what is next and a lessons learned.

Speakers
avatar for Julien Fontanet

Julien Fontanet

CTO & Co-founder, Vates
CTO/co-founder of Vates (http://vates.fr), a start-up specialized in Open Source and Xen Orchestra editor. Also an expert in Node and JS in general.
avatar for Olivier Lambert

Olivier Lambert

CEO & Co-Founder, Vates
Creator of Xen Orchestra project (http://xen-orchestra.com) and CEO/co-founder of Vates (http://vates.fr), a start-up specialized in Open Source. Also a specializing Linux sysadmin with 10+ years of experience. Speaking experience: FOSDEM (2013,2014, 2015,2016), LinuxCon North America/Xen User Summit (2013) in New Orleans, Xen User Summit (2014) in New-York City and LCon/ContainerCon (2015) in Seatlle. Also participated in several Xen Project... Read More →


Thursday August 25, 2016 11:00 - 11:30
Pier 5

11:30

Windows PV Network Performance - Paul Durrant, Citrix Systems Inc
Windows has supported Receive Side Scaling (RSS) for a very long time and most NIC hardware is designed to meet its requirements. This allows Windows to use the hardware to load-balance TCP flows across all CPUs and avoid locking in the stack.

My recent work has extended the Xen netif protocol so that backends can be coded to meet the requirements of Windows RSS. The first implementation that meets the requirements is Linux xen-netback and this has been verified to meet Microsoft Logo requirements in conjunction with the latest Xen Project PV frontend.

This talk will detail the protocol extension, discuss the Linux backend implementation and show how aggregate network performance now scales effectively with the number of vCPUs in the Windows guest.

Speakers
avatar for Paul Durrant

Paul Durrant

Senior Principal Software Engineer, Citrix Systems Inc
My name is Paul Durrant. I am a Senior Principal Software Engineer in the XenServer platform group of Citrix Systems UK, based in Cambridge. My chief responsibilities are Windows Paravirtual drivers, Virtual GPU subsystem, and the guest storage and network data-paths. My work has given me broad experience of Xen (hypervisor, tools and firmware), PV protocols and QEMU. I have been a kernel level programmer since I graduated from the University... Read More →



Thursday August 25, 2016 11:30 - 12:00
Pier 5

11:30

libvirt and Tools: What's New and What's Next - James Fehlig, SUSE
A year has passed since the last Xen Developer Summit and it is time to announce the quiet progress made on the libvirt libxl driver and related tooling. New features include memory, cpu, block device, and network interface statistics reporting, support for pvUSB, support for migration stream V2, peer-to-peer migration, UEFI for HVM guests via OVMF, and domain capabilities reporting to name a few. There are also many noteworthy improvements such as better conversion of xl.cfg to/from libvirt domXML, allowing users to easily switch between the xl+libxl and libvirt+libxl toolstacks.

The summit also provides an opportunity to discuss new proposals such as better control of domain placement on NUMA systems, exposing Xen's cpu pool feature in libvirt, supporting non-volatile memory for UEFI variables, and improved capabilities reporting.

Much of libvirt's value for Xen is in the tools built upon it: virt-manager, virt-viewer, virt-install, virt-builder, kimchi, OpenStack nova, etc. These tools also deserve a quick status update as they relate to Xen.

The audience is encouraged to participate, e.g. by requesting a sorely missing feature, warning of an upcoming Xen change that may affect libvirt, or simply suggesting a change that makes virtualization management life a bit easier.

Speakers
avatar for James Fehlig

James Fehlig

Software Engineer, SUSE
Jim Fehlig is a software engineer at SUSE Linux and has been working in the virtualization management space for several years. Since 2008, Jim has been a maintainer of the libvirt project, contributing primarily to the Xen drivers. He has also contributed to several other virtualization management related open source projects such as virt-manager, vhostmd, OpenStack, and libvirt-cim.



Thursday August 25, 2016 11:30 - 12:00
Pier 4

12:00

The OpenXT Project in 2016 - Christopher Clark, BAE Systems
The OpenXT Project is an Open Source community producing a Xen-based platform for client devices with a focus on providing strong security properties. The different primary use cases of this project versus server-based Xen systems have motivated notable technical differences and consequently OpenXT should be of interest to anyone seeking to understand the full set of capabilities on offer within the Xen ecosystem.

In this presentation, Christopher Clark will describe the technical architecture of OpenXT, its current status and development activity within the project and its engagement with the upstream OpenEmbedded and Xen projects. This will include an overview of OpenXT's differentiating features such as Measured Launch, Virtual TPMs, Linux-based stubdoms, a specialized input layer and a distinct PV USB stack for Windows and Linux.

Speakers
avatar for Christopher Clark

Christopher Clark

Interoperability Architect, OpenXT Project
Christopher works with the OpenXT Project, most recently building an open governance model for the project and performing a security review of project software. His first involvement with Xen hypervisor development was around 2004 at the Cambridge University Computer Laboratory and at Intel. He joined XenSource and Citrix, and worked on development of both XenServer and XenClient.



Thursday August 25, 2016 12:00 - 12:50
Pier 5

12:00

Porting Xen on ARM to a new SOC - Julien Grall, ARM
Adding support for you new shiny board in Xen on ARM is a simple task once you get a kernel running on bare metal.

This session will cover the different steps to port Xen on ARM from the firmware to the shell prompt in DOM0.

We will give you tips on the common pitfalls when you have your hypervisor, or your DOM0 kernel crashing. We will also provide suggestion on how to debug when the console is not working.

Speakers
JG

Julien Grall

Software Engineer, ARM
Julien Grall is a Software Engineer at ARM, working on open source virtualization project such as Xen and KVM. He has been working on Xen since 2012, focusing at the beginning on the x86 port, then on the ARM port. He currently maintains Xen ARM.


slides pdf

Thursday August 25, 2016 12:00 - 12:50
Pier 4

12:50

Lunch (Attendees on Own)
Thursday August 25, 2016 12:50 - 14:00
TBA

14:00

Consideration of Real Time GPU Scheduling of XenGT in Automotive Embedded System - Sangyun Lee, LG Electronics
This presentation will introduce simple real-time GPU scheduler of XenGT running on automotive embedded system and explain why the real-time GPU scheduling and preemption should be needed for automotive system.
The reference target of automotive system consists of two VMs(Virtual Machine) which run on XenGT. One is digital instrument cluster VM and the other is In-Vehicle Infotainment VM. In case of digital instrument cluster system, it must guarantee the real-time GPU rendering of speedometer application at least 60 fps. To do this, GPU scheduler should support a priority-based scheduling and preemption function. The presentation will cover the current status of GPU virtulaization and what is needed to meet the requirement of real-time GPU rendering in automotive system.

Speakers
avatar for Sangyun Lee

Sangyun Lee

Senior Embedded Software Engineer, LG Electronics
Mr. Lee is a senior embedded software engineer in LG Electronics. His current project is researching and developing embedded virtualization solution for automotive embedded system using ARM and Intel SoCs. He has experiences of porting and developing linux kernel, device drivers and xen hypervisor for smartphone, smart watch and digital appliances. He is interested in automotive virtualization solutions.



Thursday August 25, 2016 14:00 - 14:30
Pier 5

14:00

Hypervisor Enforced Data Loss Prevention - Neil Sikka, A1LOGIC
Data Breaches are all over the news these days, and no organization is safe. Nobody, from the largest governments to the biggest banks to the most advanced security companies is able to adequately protect themselves. The difficulty is that there are infinite number of ways to exfiltrate data from an organization ranging from stolen/lost hardware to steganography to malicious insiders to 0Day exploits installing malware to side channels. The industry is trying to solve this problem using detection, heuristics, pattern matching and behavioral analysis. A new approach is clearly needed to fight the Data Breach problem and keep data inside an organization.
Come find out how to use Hypervisors to repurpose hardware to protect sensitive data under the assumption of compromised networks, devices and users (Malicious Insiders). In addition, find out how to do so without using any type of detection, heuristics, pattern matching or behavioral analysis, but rather a strictly algorithmic approach rooted in hardware. Finally, learn about how this technology can be used in a generic manner to protect data of DataBases, Server Software, unmodified legacy applications, and unmodified consumer applications such as word processing and spreadsheet software.

Speakers
avatar for Neil Sikka

Neil Sikka

Founder & CEO, A1Logic
Neil is the Founder and CEO of A1Logic. He has more than a decade of Software Development experience including about 4 years of experience at Microsoft as a Software Developer on Microsoft Exchange and on the MSRC (Microsoft Security Response Center) as a Software Security Engineer. On MSRC, he has analyzed 0day exploits, memory corruptions, and other security vulnerabilities across multiple Microsoft products. In addition, he worked on... Read More →



Thursday August 25, 2016 14:00 - 14:30
Pier 4

14:30

Xenbedded: Xen-based client virtualization for phones and tablets - Chris Patterson & Kyle Temkin, AIS, Inc.
This talk presents a new client virtualization platform that allows Xen to be used on mobile phones and tablets. These embedded devices require special consideration, particularly in the context of client virtualization. We will outline the technical challenges of virtualizing common tablet devices, including the touchscreen, audio, webcam, accelerometer, Wi-Fi, cellular, and display devices. TrustZone implications will also be discussed.

We will present the current project status and what it took (or will take) to get NVIDIA's Jetson TX1 development board and Google's Pixel C tablet running multiple Android instances. We will provide an overview of the platform’s build toolchain and source trees. Finally, we will open up discussions on the future of the platform and the challenges associated with improving Xen adoption on mobile ARM devices.

Speakers
CP

Chris Patterson

Senior Computer Engineer, AIS
Chris Patterson has spent ten years at AIS doing research and development in the fields of virtualization, computer and network security. He has previously led the development of SecureView®, a Xen-based multi-level access solution for government customers. Historically, this work has focused on supporting Intel-based desktop and laptops. Lately he has been working to bring these technologies to ARM-based mobile and embedded platforms. He... Read More →
avatar for Kyle Temkin

Kyle Temkin

Security Researcher & Engineer, Assured Information Security Inc.
Kyle J. Temkin is a researcher at Assured Information Security Inc., in Rome, NY, where he leads the Mobility and Domain Separation program, which seeks to bring hypervisor-enabled security to commercial-off-the-shelf cell phones and tablets, as well as several smaller hypervisor and security-centered research initiatives. Prior to joining Assured Information Security, Kyle served as a faculty member at Binghamton University, where he taught... Read More →



Thursday August 25, 2016 14:30 - 15:00
Pier 5

14:30

High-Performance Virtualization for HPC Cloud on Xen - Jun Nakajima & Tianyu Lan, Intel Corp.
We have been working to get Xen up and running on self-boot Intel® Xeon Phi processors to build HPC clouds. We see several challenges because of the unique (but not unusual for HPC) hardware technologies and performance requirements. For example, such hardware technologies include 1) >256 CPUs, 2) MCDRAM (high-bandwidth memory), 3) integrated fabric (i.e. Intel® Omni-Path). Unlike the “coprocessor“ model, supporting self-boot with >256 CPUs has various implications to Xen, including scheduling and scalability. We need to allow user applications to use MCDRAM directly to perform optimally. Also, we need to enable the integrated HPC fabric for the VM to use by direct I/O assignment.

In addition, we have only a single VM on each node to meet the high-performance requirements of HPC clouds. This (i.e. non-shared) model allowed us to optimize Xen more. In this talk, we share our design and lessons, and discuss the options we considered to achieve high-performance virtualization for HPC.

Speakers
TL

Tianyu Lan

Virtualization Software Engineer, Intel
I am an intel virtualization software Engineer and focuses on the KVM/Xen feature enabling. I also have worked on the Linux kernel ACPI and power management subsystem several years.
avatar for Jun Nakajima

Jun Nakajima

Senior Principal Engineer, Intel Open Source Technology Center
Jun Nakajima is a Senior Principal Engineer leading open source virtualization and cloud projects, such as, KVM, Xen, and OpenStack at the Intel Open Source Technology Center. Jun has been working on various virtualization projects for almost a decade, and NFV is one of his ongoing projects. Jun presented a number of times at technical conferences, including KVM Forum, Xen Summit, and USENIX. He has over 20 years of experience with operating... Read More →



Thursday August 25, 2016 14:30 - 15:00
Pier 4

15:00

Coffee Break
Thursday August 25, 2016 15:00 - 15:30
Harbour Foyer

15:30

Attack Surface Reduction - Douglas Goldstein, Star Lab
The attack surface for a software environment is defined as the sum of the different points an unauthorized user can enter or extract data from the environment. This talk aims to discuss ways to reduce hypervisor capabilities and code space to provide a meaningful reduction in attack surface. Doug Goldstein will cover areas of the hypervisor that have been made optional already to provide background as well as discussing future areas that can be made optional. The audience is encouraged to participate to flesh out future work in this area.

Speakers
avatar for Douglas Goldstein

Douglas Goldstein

Senior Software Engineer, Star Lab
Doug Goldstein is a Senior Software Engineer at Star Lab, a company focused on providing anti-tamper solutions for the virtualization space. He has been involved in open source software for over 15 years contributing to a wide array of projects such as Gentoo Linux, libvirt, QEMU, Xen, the Linux kernel, and Rust. Doug has been a big advocate of open source software to the public sector.



Thursday August 25, 2016 15:30 - 16:00
Pier 4

15:30

Display Handler, a Client Display Framework for Xen - Brendan Kerrigan, Assured Information Security, Inc.
This presentation will introduce Display Handler, an open source implementation and framework for providing client virtualized display and input handling within Xen. Display Handler provides a modular approach to both graphics virtualization and input multiplexing. Designed from the ground up to be extensible, the base implementation includes a DRM dumb buffer based renderer, though research is being done on integrating Intel’s GVT-g as an alternative renderer. It includes a fully functional input server which can be extended to support different input sources and output formats as well as providing configurable filtering. The base implementation includes a Windows display driver for Windows XP/7 support, a Linux framebuffer driver for basic Linux guest support, and generic QEMU guest support. A Windows 10 guest display driver is in development in addition to a proper Linux DRM guest driver. It was written in C++ and includes a full suite of unit tests.

The presentation will cover the motivation behind the development of Display Handler, the overall architecture, and future directions planned for the framework, especially how it can fit in with various other graphics virtualization technologies that are currently under development. Challenges on providing a beneficial user experience in multi-VM workstations will also be discussed.

Speakers


Thursday August 25, 2016 15:30 - 16:00
Pier 5

16:00

Patch review for non-maintainers - George Dunlap, Citrix Systems R&D UK Ltd
As the number of contributions grow, reviewer bandwidth becomes a bottleneck; and maintainers are always asking for more help. However,
ultimately maintainers must at least Ack every patch that goes in; so if you're not a maintainer, how can you contribute? Why should anyone care about your opinion?

This talk will try to lay out some advice and guidelines for non-maintainers, for how they can do code review in a way which will effectively reduce the load on maintainers when they do come to review a patch.

Speakers
avatar for George Dunlap

George Dunlap

Staff Software Engineer, Citrix
George Dunlap worked with the Xen project while a graduate student at the University of Michigan before receiving his PhD in 2006. He is currently working as Staff Software Engineer for Citrix on the open-source Xen team in Cambridge, England. He has done work in many areas of Xen, including performance analysis, scheduling, and memory management. He writes technical articles regularly for the xenproject.org blog, including one describing in... Read More →


Thursday August 25, 2016 16:00 - 16:30
Pier 5

16:00

XSM-Flask, current limitations and Ongoing work. - Anshul Makkar, Ctirix Systems UK Ltd.
Currently XSM is very limited and restrictive in its functionality .
1) one single big policy controlling all domains,
2) reloading new policy requires host reboot.
3) multiple domains performing similar functions to be grouped under same security label and type.

Anshul Makkar, is going to present a talk to discuss about the ongoing work to overcome the above limitations. Some of the security aspect that he will cover
Some of the security features that I will cover.
1) Interdomain communication
2) Creating secure stub domains.
3) Securing and segregating introspection domains.

Speakers
avatar for Anshul Makkar

Anshul Makkar

Linux Virtualization Engineer, Citrix
I am Anshul Makkar, currently employed with Citrix Systems, UK ltd. Currently my scope of work involves development around intel gvtg, Nvidia and AMD vgpu solutions , XSM and evaluating Credit-2 scheduler.



Thursday August 25, 2016 16:00 - 16:30
Pier 4

16:30

Live Migration of vGPU - Xiao Zheng, Intel Asia-Pacific Research & Development Ltd.
GPU virtualization is hot in cloud usages including VDI, media processing, etc. While Intel GVT-g (a.k.a XenGT) helps unleash those compelling usages on Intel Processor Graphics, new requirements are emerging such as VM live migration with vGPU. In this session we will introduce the challenges of supporting vGPU live migration on current migration framework, then elaborate techniques to bring vGPU live migration into XenGT.

Speakers
XZ

Xiao Zheng

Senior Software Engineer, Intel China
10 years experienced software developer working in Intel China. Currently design and implement Intel GPU virtualization technology. Recent presentation was: as one of Intel Developer Forum (IDF) key technique speaker on Apri 201



Thursday August 25, 2016 16:30 - 17:00
Pier 4

16:30

Making Migration More Secure - John Shackleton, Adventium Labs
Live virtual machine migration is a crucial operation in the day-to-day management of modern cloud environments. For systems with the highest security requirements, standard migration protocols must be ammended to protect against a number of failure or cyberattack scenarios. In this presentation, we explore these scenarios and discuss extensions to various Xen toolstacks to protect against potential vulnerabilities.

Speakers
avatar for John Shackleton

John Shackleton

Principal Research Scientist, Adventium Labs
Mr. John Shackleton is a principal research scientist at Adventium Labs, where he is the technical lead for a series of research and development projects focused on virtualization and system security, in both commercial and government computing environments.



Thursday August 25, 2016 16:30 - 17:00
Pier 5

17:00

Live scalability for vGPU using gScale - Xiao Zheng, Intel
With increasing GPU-intensive workloads deployed on Cloud, the Cloud service providers are seeking for practical and efficient GPU virtualization solutions. vGPU scalability can significantly reduce the TCO (Total Cost of Ownership) and improve the ROI (Return on Investment) for Cloud providers. One of the technical challenges to scale up vGPU is due to the graphic memory resource limitation, which constrains the total number of guest virtual GPU instances.

In this talk, Intel's GVT team will introduces a scalable GPU virtualization solution (code name: gScale) to break the hardware limitation of global graphics memory space. The evaluation shows that gScale can have 5x vGPU scalability in guest Linux and 4x vGPU scalability in guest Windows.

Speakers
XZ

Xiao Zheng

Senior Software Engineer, Intel China
10 years experienced software developer working in Intel China. Currently design and implement Intel GPU virtualization technology. Recent presentation was: as one of Intel Developer Forum (IDF) key technique speaker on Apri 201



Thursday August 25, 2016 17:00 - 17:30
Pier 4

17:00

Unconference Sessions - Scheduling
Thursday August 25, 2016 17:00 - 17:30
Pier 5

19:00

Joint Attendee Party with KVM Forum (Badge Required)

Join fellow attendees of Xen Project Developer Summit  along with KVM Forum attendees for food, drink, and a memorable hockey experience.

Party guests will have the opportunity to view historic hockey memorobilia, visit a replica of the Montreal Canadien's dressing room, and play a variety of interactive hockey games.

The party is located on the Concourse Level of the Hockey Hall of Fame - a 10 minute walk from the Westin. Walking maps will be provided.

Badge required for entry to party.

Thursday August 25, 2016 19:00 - 21:00
Hockey Hall of Fame and Museum Brookfield Place, 30 Yonge Street, Toronto, ON M5E 2X8
 
Friday, August 26
 

08:00

Registration
Friday August 26, 2016 08:00 - 09:00
TBA

09:00

Welcome and Unconference Session
Friday August 26, 2016 09:00 - 09:30
Pier 4

09:30

A Paravirtualized Interface for Socket Syscalls - Dimitri Stiliadis, Aporeto
Docker and other container runtimes are gathering momentum and becoming the new industry standard for server applications. Linux namespaces, commonly used to run Docker apps, come with a large surface of attack which is difficult to reduce. Intel’s Clear Containers use KVM to run containers as VMs to provide additional isolation. It is possible to provide VM-like isolation for containers without sacrificing performance. 

This talk focuses on the benefits of using Xen to provide an execution environment for Docker apps. The presentation starts by listing the requirements of this environment. It explains why monitoring container syscalls is important and what its security benefits are. The talk introduces a new paravirtualized protocol to virtualize IP sockets and provides the design and implementation details. The presentation clarifies the impact of the new protocol from a security perspective. The discussion concludes by comparing performance figures with the traditional PV network frontend and backend drivers in Linux, explaining the reasons for any performance gaps. 

Speakers
DS

Dimitri Stiliadis

Founder and CEO, Aporeto
Dimitri Stiliadis is the Founder and CEO of Aporeto and was the Founder and CTO of Nuage Networks (Nokia). He has a multi-disciplinary background in distributed systems, security, and networking. He has held several leading roles in Bell Labs Research and received a PhD in computer engineering from the University of California, Santa Cruz. He is the author for more than 50 peer-reviewed papers and holds more than 20 patents.


Friday August 26, 2016 09:30 - 10:00
Pier 4

09:30

Unconference Session
Friday August 26, 2016 09:30 - 10:00
Pier 5

10:00

AMD's virtualization memory encryption technology - Brijesh Singh, Advanced Micro Devices (AMD)
AMD recently disclosed new security technologies which leverage hardware-based memory encryption
to provide additional security protections. This talk will focus primarily on technology which supports
encrypted virtual machines for extra isolation and protection from the hypervisor itself. The
presentation will discuss the technical details of this technology with a focus on how it can be integrated
within the Xen infrastructure.

Speakers
BS

Brijesh Singh

Software Engineer, AMD
Brijesh Singh is a member of the Linux OS group at AMD. He is responsible for enabling and enhancing support for AMD processor features in the Xen hypervisor and the Linux kernel on x86 and arm64 platforms.



Friday August 26, 2016 10:00 - 10:30
Pier 4

10:00

Unconference Session
Friday August 26, 2016 10:00 - 10:30
Pier 5

10:30

Coffee Break
Friday August 26, 2016 10:30 - 11:00
Harbour Foyer

11:00

CPUID handling for guests - Andrew Cooper, Citrix
Migration of virtual machines without guest downtime is a key feature for hypervisors. Sadly, not all hardware is the same, and keeping guests running in a heterogeneous environment takes a lot of care. Normally, features are advertised via the CPUID instruction, but life is never as simple as we would like. Andrew will discuss what information needs to be controlled, what information can and can't be controlled, and how it applies to Xen guests.

Speakers
AC

Andrew Cooper

Senior Software Engineer, Citrix XenServer
I am a hypervisor/kernel developer for Citrix XenServer, and upstream x86 maintainer in the Xen project.


Friday August 26, 2016 11:00 - 11:30
Pier 4

11:00

Unconference Session
Friday August 26, 2016 11:00 - 11:30
Pier 5

11:30

Hypervisor-based Security: Vicarious Learning via Introspektioneering, or How I Learned to Love the Bomb - Mihai Dontu, Bitdefender
This presentation is based on the technical hurdles we overcame when building a commercial product on the introspection capabilities of the Xen hypervisor. Mihai Dontu will relate the importance of the x86 emulator, the need for a more focused effort on its completeness and correctness, the problems encountered, and the solutions adopted. He will also approach the subject of performance, for which hypervisor features that were not meant to be in the hot path had to be punctually reworked to solve a key requirement for making a theoretical product a commercial reality.

Speakers
avatar for Mihai Donțu

Mihai Donțu

Technical Project Manager, Bitdefender
My name is Mihai Dontu, I am the technical project manager of the Linux development team within Bitdefender and I am currently involved in integrating our memory introspection technology in Xen.



Friday August 26, 2016 11:30 - 12:00
Pier 4

11:30

Unconference Session
Friday August 26, 2016 11:30 - 12:00
Pier 5

12:00

Xen Live Patching - Updating Xen Without Rebooting - Konrad Wilk, Oracle
Oracle and Citrix have been working together to bring live-patching to the Xen hypervisor. This will allow system administrators to update the hypervisor without the need to reboot. The talk will provide an overview of how it works, what were the difficulties in implementing it, how it compares to the other technologies for patching (uSplice, kSplice, kPatch, kGraft, Linux hot-patching), how to use it, and what is in the roadmap schedule.

Speakers
KW

Konrad Wilk

Software Director, Oracle
Konrad Wilk is a Software Director at Oracle. His group's mission is to make Linux and Xen Project virtualization better and faster. As part of this work, Konrad has been the maintainer of the Xen Project subsystem in Linux kernel, Xen Project maintainer and had been the Release Manager for the 4.5 release of the Xen Project Hypervisor. Konrad has been active in the Linux and Xen Project communities for more than 7 years and was instrumental in... Read More →


Friday August 26, 2016 12:00 - 12:50
Pier 4

12:00

Unconference Session
Friday August 26, 2016 12:00 - 12:50
Pier 5

12:50

Lunch (Attendees on Own)
Friday August 26, 2016 12:50 - 14:00
TBA

14:00

Review and Analysis of Performance Metrics of the Xen Hypervisor on Zynq® UltraScale+™ MPSoC - Jarvis Roach & Benjamin Sanda, DornerWorks
Performance metrics for Xen running on the targeted hardware platform is a significant factor in determining whether a project can afford the overhead of using a hypervisor as part of its overall system design. The release of the Xilinx Zynq® UltraScale+™ MPSoC based ZCU-102 development boards, marketed for the embedded design space, earlier this year enabled DornerWorks to measure key Xen-related performance metrics using the freely available, open source, Xen Zynq Distribution (XZD). These metrics include Xen boot times, Xen interrupt latency, and domain context switch times. DornerWorks will review the performance measurements collected, the methods used for collecting those metrics, and discuss the implications of the results, including how the data might be used to estimate performance of applications running as guests on that platform.

Speakers
JR

Jarvis Roach

Sr. Engineer, DornerWorks Ltd.
Jarvis Roach is the senior engineer leading the technical team developing hypervisor-based solutions in the embedded space at DornerWorks Ltd. After serving in the Army, Jarvis attended the University of Michigan where he graduated with a Bachelor's in Computer Engineering, magnum cum laude. He has spent the last seventeen years working on an eclectic combination of projects in a variety of different fields; from telecommunications to... Read More →
avatar for Benjamin Sanda

Benjamin Sanda

Embedded Software Engineer, DornerWorks Ltd.
Benjamin J Sanda is an embedded software engineer at DornerWorks Ltd. where his focus is on real-time kernel and firmware development. He has over nine years’ industry experience in safety critical, real-time, low-level design and implementation on multiple platforms, and has worked heavily with Wind River VxWorks in medical and aviation environments. He is also a Ph.D. candidate in Electrical Engineering at Western Michigan University, working... Read More →



Friday August 26, 2016 14:00 - 14:30
Pier 4

14:00

Unconference Session
Friday August 26, 2016 14:00 - 14:30
Pier 5

14:30

Keeping coherency on ARM - Julien Grall, ARM
The ARM architecture strongly recommends to use a break-before-make when changing translation table entries whenever certain conditions are met. Failing to do so may result in getting TLB conflicts or breaking the coherency.

During this session, we will introduce break-before-make and when the code handling page tables should use it. We will also discuss the modifications required in Xen to avoid breaking the coherency.

Speakers
JG

Julien Grall

Software Engineer, ARM
Julien Grall is a Software Engineer at ARM, working on open source virtualization project such as Xen and KVM. He has been working on Xen since 2012, focusing at the beginning on the x86 port, then on the ARM port. He currently maintains Xen ARM.


slides pdf

Friday August 26, 2016 14:30 - 15:20
Pier 4

14:30

Unconference Session
Friday August 26, 2016 14:30 - 15:20
Pier 5

15:30

Coffee Break
Friday August 26, 2016 15:30 - 16:00
Harbour Foyer

16:00

Scope and Performance of Credit-2 Scheduler. - Anshul Makkar, Ctirix Systems UK Ltd.
Credit 2 scheduler brings operational efficiency, improved performance over Credit 1 and is comparable to its predecessor functionality wise. Anshul Makkar, will discuss about the following for Credit 2:
1) benchmarked results and performance improvements /
2) Its algorithmic improvement over Credit 1 in handling heavy workloads.
3) Structured code which provide better sustainability and maintainability.
4) functionality.

Friday August 26, 2016 16:00 - 16:30
Pier 4

16:00

Unconference Session
Friday August 26, 2016 16:00 - 16:30
Pier 5

16:30

Virtual NVDIMM in Xen - Haozhong Zhang, Intel
NVDIMM is a new feature on Intel Skylake Servers that provides the high-performance and high-density persistent memory. Although NVDIMM can be accessed via a way similar to the normal memory load/store, a sophisticated driver is required for device detection and maintenance. These characters as well as its usage model bring challenges to provide NVDIMM to guests in Xen. In this presentation, I'll introduce the primary challenges and the proposed approaches to address them.

Speakers
HZ

Haozhong Zhang

Software Engineer, Intel
I'm a software engineer of Intel Opensource Technology Center, and primarily working on enabling Intel virtualization features for KVM/Xen/Qemu.


Friday August 26, 2016 16:30 - 17:00
Pier 4

16:30

Unconference Session
Friday August 26, 2016 16:30 - 17:00
Pier 5