ProHoster > Blog > internet news > Xen hypervisor 4.18 release

Xen hypervisor 4.18 release

After 11 months of development, the release of the free hypervisor Xen 4.18 has been published. Companies such as Amazon, Arm, Bitdefender, Citrix, EPAM Systems and AMD took part in the development of the new release. The generation of updates for the Xen 4.18 branch will last until May 16, 2025, and the publication of vulnerability fixes until November 16, 2026.

Key changes in Xen 4.18:

  • Added initial port implementations for RISC-V and Power (ppc64le) architectures. Environments have been deployed for testing RISC-V and Power ports in the GitLab CI continuous integration system.
  • When running on ARM64 systems, the Xen memory subsystem takes into account the features of the ARM architecture. Added experimental support for SVE (Scalable Vector Extension) vector instructions. Added Arm Firmware Framework toolkit for ARM A-profile architecture (ARM Application-profile, FF-A). Added experimental ability to dynamically add and remove nodes in the Xen device tree using .dtbo files.
  • On systems with Intel processors, the MSR_ARCH_CAPS parameter is now visible in guests and can be configured through the virtual machine configuration file. On processors released in 2019 and later, the MSR_ARCH_CAPS parameter allows you to see which hardware fixes have been applied to speculative execution vulnerabilities.
  • Added support for the CPUID_USER_DIS (CPUID Faulting) extension added in the fourth generation of AMD EPYC processors to control the ability to view CPUID data from a para-virtualized guest system.
  • Added support for extensions that appeared in Intel processors based on the Sapphire Rapids microarchitecture:
    • For guest systems in HVM and PVH mode, support for the PKS (Protection Key Supervisor) mechanism has been added, which expands the capabilities of protecting memory pages.
    • To prevent an emergency stop of the entire system in case of problems with microarchitectural locks, the VM-Notify mechanism is used.
    • Added protection against bus blocking as a result of misuse of atomic instructions in the guest system (rate-limit enabled).
  • Added support for AVX512-FP16 instructions, which appeared in Intel CPUs based on the Granite Rapids microarchitecture.
  • Added cpufreq driver that uses the HWP (Hardware P-States) mechanism to control the power consumption and frequency of Intel processors.
  • Support has been implemented for forced execution of system operations in DOITM (Data Operand Independent Timing Mode), which ensures constant execution time of instructions, independent of the data processed in these instructions.
  • Implementation of the requirements for the development of safe and reliable programs in the C language, formulated in the MISRA-C specifications for mission-critical systems, continued. The number of MISRA-C directives implemented in Xen has been increased from 4 to 6, and rules from 24 to 65 (in total there are 16 directives and 143 rules in the specification).
  • The xl/libxl toolkit provides the ability to change SMBIOS settings for guests in HVM mode.
  • Added two new hypercalls to bind vCPU operating state and temporary regions to physical rather than virtual addresses.

Source: opennet.ru

Buy reliable hosting for sites with DDoS protection, VPS VDS servers 🔥 Buy reliable website hosting with DDoS protection, VPS VDS servers | ProHoster