September 2017 OpenXT Community Call
Monthly Call Agenda
* Maintainer and plans for stable-6 branch (6.1.x)
* Release manager for next stable-7 release (7.0.x, 7.1.x)
* Release manager for 8.0.0
* OpenXT 8.0.0 Status
- Xen 4.9
- blktap
- pyro
* OpenXT 8.0.0 Planning
- HVM driver domains
- measured launch
- vTPM
- USB3 support
- USB driver domain
- libvirt
- host license key management
- Hyper-V guest enlightenments
- Upstream Xen Windows PV drivers
- Display manager & input server
- Attack surface reduction: Kconfig, restrict grant table version via Xen cmdline
Monthly Call Minutes
PCI device reset/FLR - OXT-1217
- A variation of this patch belongs in upstream Xen & Linux. See Jira ticket for link to upstream Xen thread. If we can maintain a list of PCI devices (e.g. lspci -v output for GPU, NIC) which require this patch, it will help with OpenXT and upstream testing.
What happens to open stable-7 tickets after the release of 7.0.0?
- Some issues will be release noted
- "Affects Version" remains 7.0.0
- "Fix Version" to be triaged (7.1.0, Backlog, or none)
stable-6 branch (6.1.x)
- Maintainer nomination: need input from Rich Turner
- Eric submitted a versioning proposal on mailing list (add some XSAs, tag 6.0.1, move to 6.1.0, add Xen 4.6 & XSAs), no objections
- Build and archive 6.0.1 release binaries
- Focus moves to 6.1.0
stable-7 branch (7.0.x, 7.1.x)
- No volunteers for stable-7 release manager. Rich Persaud nominated Eric Chanudet of AIS. Eric requires mgmt approval. Defer to Oct call.
- Should there be a 7.0.1 bugfix/security release, in advance of 7.1 release with Intel Coffee Lake hardware support?
master (8.0.0)
- Rich Persaud volunteered to be release manager for 8.0.0, will request technical assistance from others as needed.
- 8.0 will target Intel Ice Lake hardware (2018/2019) and fundamental architectural changes to enable extensible OpenXT base platform
- Notes from feature discussion
- UEFI (host and guest), Secure Boot for Windows 10
- Kconfig - define minimal Xen config early in 8.0 dev cycle, so that testing & feature development are done on the minimized base
- USB3 - no high-priority devices currently need USB3, USB-C ports are compatible
- USB driver domain - of interest, will be investigated, not yet committed within 8.0 timeframe, Qubes has an implementation
- HVM and SR-IOV driver domains - security benefits, see upstream Xen mailing list discussion about x86 PCI passthrough security
- libvirt - needs scoping, starting point would be for Chris Rogers to create a wiki page which documents OpenXT Haskell toolstack functions that would need to be migrated to another toolstack, whether libvirt or something else. There will always be some OpenXT-specific toolstack functions that are not provided by an existing toolstack like libvirt. This is a big task, we need to create small prototypes to identity candidates for replacing subsets of Haskell code.
- Hyper-V guest enlightenments - of interest, is available in Xen 4.9, can be an optional build configuration for OpenXT 8.0
- Display manager & input server - no objection to the community introducing a new, optional, open-source display/input stack
- Upstream OE - some 8.0 OpenXT features may appear first in upstream OpenEmbedded meta-virtualization (master), then get pulled into OpenXT
- OE pyro uprev - work underway (Eric), making Haskell toolchain fixes
- blktap3 - work underway, see OXT-1221 (Mahantesh)
- nested virt (Hyper-V) - targeted for 8.0 release, no backport to stable-5