Planet Hypervisor

Avoiding dead code: pv_ops is not the silver bullet

This is part I - for part II - see "Xen and the Linux x86 zero page""Code that should not run should never run"The fact that code that should not run should never run seems like something stupid and obvious but it turns out that its actually easier said than done on very large software projects, particularly on the Linux kernel. One term for this is "dead code". The amount of dead code on Linux has increased over the years due to the desire by Linux distributions to want a single Linux kernel binary to work on different run time environments....

Linux asynchronous probe - let's try this again

Updated on 2016-01-19 with description on issue of how systemd limits the number of devices on a Linux system and references to asynchronous work on memory. Edits reflected in this color.Hipster and trendy init systems want to boot really fast. As of v4.2 the Linux kernel now sports asynchronous probe support (this fix posted December 19, 2015 is needed for use of the generic async_probe module parameter). This isn't the first time such type of work has been attempted on Linux though, this lwn article claims that a long time ago some folks tried to enable asynchronous probe and that ultimately...

Run Mirage Unikernels on KVM/QEMU with Solo5

I'm excited to announce the release of Solo5! Solo5 is essentially a kernel library that bootstraps the hardware and forms a base (similar to Mini-OS) from which unikernels can be built. It runs on fully virtualized x86 hardware (e.g., KVM/QEMU), using virtio device interfaces. Importantly, Solo5 is integrated (to some extent) with the MirageOS toolstack, so the Solo5 version of the Mirage toolstack can build Mirage unikernels that run directly on KVM/QEMU instead of Xen. As such, Solo5 can be considered an alternative to Mini-OS in the Mirage stack. Try it out today! In the rest of this post, I'll give a bit of motivation about why I think the lowest...

MirageOS hack retreat

The first MirageOS hack retreat will take place in Marrakech, Morocco, from 11th till 16th March 2016. It is open for everybody. The main goal is to get together people motivated to contribute to MirageOS. Find more details on the hack retreat website. Edit: discuss this post on devel.unikernel.org

Introducing Charrua — a DHCP implementation

Almost every network needs to support DHCP (Dynamic Host Configuration Protocol), that is, a way for clients to request network parameters from the environment. Common parameters are an IP address, a network mask, a default gateway and so on. DHCP can be seen as a critical security component, since it deals usually with unauthenticated/unknown peers, therefore it is of special interest to run a server as a self-contained MirageOS unikernel. Charrua is a DHCP implementation written in OCaml and it started off as an excuse to learn more about the language. While in development it got picked up on the MirageOS mailing lists and became one of the Pioneer Projects. The name Charrua is...

Setting Devlopment Environment for Xen on Ubuntu

Development environment setup for Xen Project sounded easy to me. But it proved to be a worthy task of a standalone article. So, now I will be guiding you through the process of installing Xen Project software from source code. This article was written targeting the Xen Project 4.7-unstable on Ubuntu 15.10 (4.2.0-19-generic), but majority of […]

Unikernel.org

Unikernels are specialised single address space machine images that are constructed by using library operating systems. With MirageOS, we've taken a clean-slate approach to unikernels with a focus on safety. This involved writing protocol libraries from the ground up and it also afforded the ability to use clean, modern APIs. Other unikernel implementations have made trade-offs different to those made by MirageOS. Some excel at handling legacy applications by making the most of existing OS codebases rather than building clean-slate implementations. Some target a wide array of possible environments, or environments complementary to those supported by MirageOS currently. All of these implementations ultimately help developers construct unikernels that match their specific...

Kicking-off Outreachy

Finally, I got selected for Outreachy 2015. I will be working on the project “Introducing PowerClamp-like driver for Xen” with Xen Project with Dario Faggioli and George Dunlap . And this is my first blog to share my Outreachy experiences. Before jumping to my experience, I would like to mention about Outreachy. Reflective of a […]

Cambridge mini-Debconf

I am currently attending the mini-Debconf being held in space generously provided by ARM's offices in Cambridge, UK. Thanks to ARM and the other sponsors for making this possible. Yesterday I made a pass through the bug list for the Xen packages. According to the replies I have received from the BTS I looked at and acted on: #797205: Tagged to reflect that I had previously forwarded upstream. #753358: Update the found versions and marked as an upstream issue. #798510: Investigated a bit and asked some followup questions to the submitter. #799122: Asked for some clarifications from the submitter and updated the found versions. Will likely followup on this one some more today. #745419: Sent a fix to upstream. #784011,...

CodeMesh 2015

These are the slides from my talk today at CodeMesh. This time around I was earlier in the schedule so I get to enjoy the rest of the conference! If you’re reading this at the conference now, please do follow the link in my talk to rate it and give me feedback! The specific items I reference in the talk are below with links to more information. Security and the Bitcoin Piñata This is a bounty where we have locked away some bitcoin in a unikernel that is running our new TLS stack. This was a new model of running a bounty and has proven a great way...