Community Call - Auguest 18 2016

Owned by Ross Philipson
Last updated: Aug 18, 2016
2 min read

Dial-In Information

Bridge Number: 1-315-533-6194

Passcode: 998 566 967

Agenda

- OpenXT 6.0.0 closedown
- OpenXT 6.1.0 planning
- OpenXT 7.0 planning: Kaby Lake
- blktap3
- V4V roadmap (moved to next month)
- Security mailing list status
- Signing Windows 7, 8, 10 PV drivers and co-existence with upstream's signed drivers
- Roadmap for reducing/removing Qemu security risk, see Qubes discussion of PVH1, PVH2 at https://github.com/QubesOS/qubes-issues/issues/2185, including idea about terminating Qemu after boot
- Xen uprev to 4.6 and Xen 4.7 (part of OpenXT 7.0 planning)

Meeting Notes/Action Items

  • 6.0 release to be called on Monday or Tuesday next week, if testing continues to look good
  • 6.1 release timetable to track the Measured Launch work, which is tricky to timebox at the moment.
    • At present hoping for a small number of weeks rather than months
    • No major rearchitecting of code under consideration for stable-6, no major feature additions bar the ML change
    • Current v4v fixes to be rolled into the 6.1 release
    • 4.4 Linux kernel tracking to also be included
    • Security fixes as identified to be rolled in
  • * 7.0 to target integration of meta-virtualization and Xen 4.6. There is a desire to include an OE update.
    • Closely related to work on Xen 4.6 and 4.7
    • Ross will create an epic to track general OE cleanup and link tickets.
    • Jed filed OXT-580 to track the work to reduce our delta vs. upstream OE recipes: https://openxt.atlassian.net/browse/OXT-580
    • Consensus that everyone chipping away at these would be good
    • Possibly include the libxl work - much TBD on that one.
  • * Discussion between Daniel, Ross, Machon, Rich re: documenting the release process we just performed to the wiki
    • Ross was to take this and add perspective on encountered difficulties, what worked, what we should aim to improve
  • * libxl / OpenXT toolstack work is under way in personal repos on github, with a wiki page being kept up to date
  • * OpenEmbedded's support for Jethro appear to expire in October
    • Rich to contact Philip Balister to obtain the definitive OE position on the project support lifecycle for OE branches and releases
    • We likely need to look at shifting our base platform to Krogoth or its successor for the 7.0 release
  • * Rich to ping Qubes team re: any potential interest in our PV-USB implementation
    • Has been significantly improved since they last evaluated the USB stack we were using
    • Current OpenXT USB stack has just passed our 6.0 release testing with good results
  • * Security mailing list: Daniel provided Christopher with guidance on tool selection
    • Zoho service looks OK
    • Script hosting environment for mail processing before forwarding to OpenXT recipients still to be determined
  • * blktap3 discussion: to continue in reply to Ross's email thread on list

Attendees

Eric Chanudet - AIS

Christopher Clark - BAE

Magali Denis - AIS

Machon Gregory - NSA

Jed Lejosne - AIS

Steve Meisner - AIS

Martin Osterloh - AIS

Rich Persaud - BAE

Ross Philipson - AIS

Jim Rauscher - NSA

Stephen Smalley - NSA

Daniel Smith - Apertus Solutions