Community Call - Auguest 18 2016

Dial-In Information

Bridge Number: 1-315-533-6194

Passcode: 998 566 967

Agenda

- OpenXT 6.0.0 closedown
- OpenXT 6.1.0 planning
- OpenXT 7.0 planning: Kaby Lake
- blktap3
- V4V roadmap (moved to next month)
- Security mailing list status
- Signing Windows 7, 8, 10 PV drivers and co-existence with upstream's signed drivers
- Roadmap for reducing/removing Qemu security risk, see Qubes discussion of PVH1, PVH2 at https://github.com/QubesOS/qubes-issues/issues/2185, including idea about terminating Qemu after boot
- Xen uprev to 4.6 and Xen 4.7 (part of OpenXT 7.0 planning)

Meeting Notes/Action Items

• 6.0 release to be called on Monday or Tuesday next week, if testing continues to look good
• 6.1 release timetable to track the Measured Launch work, which is tricky to timebox at the moment.
  • At present hoping for a small number of weeks rather than months
  • No major rearchitecting of code under consideration for stable-6, no major feature additions bar the ML change
  • Current v4v fixes to be rolled into the 6.1 release
  • 4.4 Linux kernel tracking to also be included
  • Security fixes as identified to be rolled in
• * 7.0 to target integration of meta-virtualization and Xen 4.6. There is a desire to include an OE update.
  • Closely related to work on Xen 4.6 and 4.7
  • Ross will create an epic to track general OE cleanup and link tickets.
  • Jed filed OXT-580 to track the work to reduce our delta vs. upstream OE recipes: https://openxt.atlassian.net/browse/OXT-580
  • Consensus that everyone chipping away at these would be good
  • Possibly include the libxl work - much TBD on that one.
• * Discussion between Daniel, Ross, Machon, Rich re: documenting the release process we just performed to the wiki
  • Ross was to take this and add perspective on encountered difficulties, what worked, what we should aim to improve
• * libxl / OpenXT toolstack work is under way in personal repos on github, with a wiki page being kept up to date
  • https://openxt.atlassian.net/wiki/display/DC/xl+Migration
  • AIS team will give a presentation on the current state of the libxl toolstack work on the next community call

• * OpenEmbedded's support for Jethro appear to expire in October
  • Rich to contact Philip Balister to obtain the definitive OE position on the project support lifecycle for OE branches and releases
  • We likely need to look at shifting our base platform to Krogoth or its successor for the 7.0 release
• * Rich to ping Qubes team re: any potential interest in our PV-USB implementation
  • Has been significantly improved since they last evaluated the USB stack we were using
  • Current OpenXT USB stack has just passed our 6.0 release testing with good results
• * Security mailing list: Daniel provided Christopher with guidance on tool selection
  • Zoho service looks OK
  • Script hosting environment for mail processing before forwarding to OpenXT recipients still to be determined
• * blktap3 discussion: to continue in reply to Ross's email thread on list

Attendees

Eric Chanudet - AIS

Christopher Clark - BAE

Magali Denis - AIS

Machon Gregory - NSA

Jed Lejosne - AIS

Steve Meisner - AIS

Martin Osterloh - AIS

Rich Persaud - BAE

Ross Philipson - AIS

Jim Rauscher - NSA

Stephen Smalley - NSA

Daniel Smith - Apertus Solutions