This presentation has been moved to this address:
https://www.slideshare.net/linaroorg/optimizing-the-design-and-implementation-of-kvmarm-sfo17403-81026985
HKG15-400: Next steps in KVM enablement on ARMLinaro
HKG15-400: Next steps in KVM enablement on ARM
---------------------------------------------------
Date: February 12, 2015
---------------------------------------------------
★ Session Summary ★
Next steps in KVM enablement on ARM
--------------------------------------------------
★ Resources ★
Pathable: https://hkg15.pathable.com/meetings/250827
Video: https://www.youtube.com/watch?v=g8noeSpWVDY
Etherpad: http://pad.linaro.org/p/hkg15-400
---------------------------------------------------
★ Event Details ★
Linaro Connect Hong Kong 2015 - #HKG15
February 9-13th, 2015
Regal Airport Hotel Hong Kong Airport
---------------------------------------------------
http://www.linaro.org
http://connect.linaro.org
SFO15-407: Performance Overhead of ARM VirtualizationLinaro
SFO15-407: Performance Overhead of ARM Virtualization
Speaker: Christoffer Dall
Date: September 24, 2015
★ Session Description ★
The ARM architecture’s support for virtualization has been designed for Type I hypervisors such as Xen. However, Type II hypervisors, such as KVM, offer increased convenience, portability, and an integrated software development environment with existing projects such as the Linux kernel and QEMU. Since the architecture has been designed with a separate CPU mode for the hypervisor, Type II hypervisors must perform the notorious "double-trap" to switch between the guest and the host, and many people have speculated that this causes KVM to be inherently slower than for example Xen. The truth is as always much more complicated than that, and it turns out that the differences in performance between Xen and KVM on the ARMv8 architecture come from entirely different sources. This talk will present a number of performance figures from running KVM and Xen on ARMv8 server hardware and will compare these numbers to x86 servers to illustrate the viability of virtualization on ARMv8 for the enterprise and networking markets.
★ Resources ★
Video: N/A
Presentation: http://www.slideshare.net/linaroorg/sfo15407-performance-overhead-of-arm-virtualization
Etherpad: pad.linaro.org/p/sfo15-407
Pathable: https://sfo15.pathable.com/meetings/303079
★ Event Details ★
Linaro Connect San Francisco 2015 - #SFO15
September 21-25, 2015
Hyatt Regency Hotel
http://www.linaro.org
http://connect.linaro.org
Back to the Future: A Radical Insecure Design of KVM on ARMPriyanka Aash
In ARM there are certain instructions that generates exception. Such instructions are typically executed to request a service from software that runs at a higher privilege level. From the OS kernel (EL1), software can call the Hypervisor (EL2) with the HVC instruction.
The KVM Hypervisor is part of the Linux kernel and by default it is enabled on all supported ARM system. In ARM architecture KVM is implemented through split-mode virtualization and runs across different privileged CPU modes. This talk will discuss about the design and a security issue in a way Linux kernel initializes the KVM Hypervisor. An attacker having access to host EL1 can execute code in EL2. This security issue can be exploited by an attacker to install a Hypervisor root kit on ARM system.
The accompanying demo (slide 15) can be found at https://vimeo.com/90534015
The presentation will cover Xen vs Xen Automotive gaps and analysis. We will elaborate technical solutions for the identified gaps:
* ARM architecture - support HW virtualization extensions for embedded systems
* Stability requirements
* RT Scheduler
* Rich virtualized peripheral support (WiFi, Gfx, MM, USB, etc.)
* Performance benchmarking
* Security
The audience is anyone interesting in building OSS based IVI systems. Attendees can expect the OSS stack detailed architecture, current status of the project, the challenges seen, road map and much more.
XPDDS18: The Evolution of Virtualization in the Arm Architecture - Julien Gra...The Linux Foundation
Tweet Share
Virtualization capabilities were added to the latest revision of the Armv7-A architectures (with processors like Cortex A7 and A15), and this was extended further with Armv8-A (64bit). Since then, Arm has been improving virtualization support with incremental versions of the Armv8 architecture.
This talk will give an overview of the features added.
XPDS14: Porting FreeRTOS to Xen on the ARM Cortex A15 - Jonathan Daugherty, G...The Linux Foundation
Autonomous vehicles need to run robust autopilot software in resource-constrained environments. Such vehicles are increasingly built on ARM platforms with resources to spare. We have begun investigating the feasibility of using this spare capacity to implement other interesting services on these vehicles by using Xen to separate the real-time autopilot software from a richer, non-real-time Linux system. In order to make this work, we have ported FreeRTOS, a popular minimal operating system for microcontrollers, to run as a Xen guest on the ARM Cortex A15.
HKG15-400: Next steps in KVM enablement on ARMLinaro
HKG15-400: Next steps in KVM enablement on ARM
---------------------------------------------------
Date: February 12, 2015
---------------------------------------------------
★ Session Summary ★
Next steps in KVM enablement on ARM
--------------------------------------------------
★ Resources ★
Pathable: https://hkg15.pathable.com/meetings/250827
Video: https://www.youtube.com/watch?v=g8noeSpWVDY
Etherpad: http://pad.linaro.org/p/hkg15-400
---------------------------------------------------
★ Event Details ★
Linaro Connect Hong Kong 2015 - #HKG15
February 9-13th, 2015
Regal Airport Hotel Hong Kong Airport
---------------------------------------------------
http://www.linaro.org
http://connect.linaro.org
SFO15-407: Performance Overhead of ARM VirtualizationLinaro
SFO15-407: Performance Overhead of ARM Virtualization
Speaker: Christoffer Dall
Date: September 24, 2015
★ Session Description ★
The ARM architecture’s support for virtualization has been designed for Type I hypervisors such as Xen. However, Type II hypervisors, such as KVM, offer increased convenience, portability, and an integrated software development environment with existing projects such as the Linux kernel and QEMU. Since the architecture has been designed with a separate CPU mode for the hypervisor, Type II hypervisors must perform the notorious "double-trap" to switch between the guest and the host, and many people have speculated that this causes KVM to be inherently slower than for example Xen. The truth is as always much more complicated than that, and it turns out that the differences in performance between Xen and KVM on the ARMv8 architecture come from entirely different sources. This talk will present a number of performance figures from running KVM and Xen on ARMv8 server hardware and will compare these numbers to x86 servers to illustrate the viability of virtualization on ARMv8 for the enterprise and networking markets.
★ Resources ★
Video: N/A
Presentation: http://www.slideshare.net/linaroorg/sfo15407-performance-overhead-of-arm-virtualization
Etherpad: pad.linaro.org/p/sfo15-407
Pathable: https://sfo15.pathable.com/meetings/303079
★ Event Details ★
Linaro Connect San Francisco 2015 - #SFO15
September 21-25, 2015
Hyatt Regency Hotel
http://www.linaro.org
http://connect.linaro.org
Back to the Future: A Radical Insecure Design of KVM on ARMPriyanka Aash
In ARM there are certain instructions that generates exception. Such instructions are typically executed to request a service from software that runs at a higher privilege level. From the OS kernel (EL1), software can call the Hypervisor (EL2) with the HVC instruction.
The KVM Hypervisor is part of the Linux kernel and by default it is enabled on all supported ARM system. In ARM architecture KVM is implemented through split-mode virtualization and runs across different privileged CPU modes. This talk will discuss about the design and a security issue in a way Linux kernel initializes the KVM Hypervisor. An attacker having access to host EL1 can execute code in EL2. This security issue can be exploited by an attacker to install a Hypervisor root kit on ARM system.
The accompanying demo (slide 15) can be found at https://vimeo.com/90534015
The presentation will cover Xen vs Xen Automotive gaps and analysis. We will elaborate technical solutions for the identified gaps:
* ARM architecture - support HW virtualization extensions for embedded systems
* Stability requirements
* RT Scheduler
* Rich virtualized peripheral support (WiFi, Gfx, MM, USB, etc.)
* Performance benchmarking
* Security
The audience is anyone interesting in building OSS based IVI systems. Attendees can expect the OSS stack detailed architecture, current status of the project, the challenges seen, road map and much more.
XPDDS18: The Evolution of Virtualization in the Arm Architecture - Julien Gra...The Linux Foundation
Tweet Share
Virtualization capabilities were added to the latest revision of the Armv7-A architectures (with processors like Cortex A7 and A15), and this was extended further with Armv8-A (64bit). Since then, Arm has been improving virtualization support with incremental versions of the Armv8 architecture.
This talk will give an overview of the features added.
XPDS14: Porting FreeRTOS to Xen on the ARM Cortex A15 - Jonathan Daugherty, G...The Linux Foundation
Autonomous vehicles need to run robust autopilot software in resource-constrained environments. Such vehicles are increasingly built on ARM platforms with resources to spare. We have begun investigating the feasibility of using this spare capacity to implement other interesting services on these vehicles by using Xen to separate the real-time autopilot software from a richer, non-real-time Linux system. In order to make this work, we have ported FreeRTOS, a popular minimal operating system for microcontrollers, to run as a Xen guest on the ARM Cortex A15.
LCU13: An Introduction to ARM Trusted FirmwareLinaro
Resource: LCU13
Name: An Introduction to ARM Trusted Firmware
Date: 28-10-2013
Speaker: Andrew Thoelke
Video: http://www.youtube.com/watch?v=q32BEMMxmfw
Rootlinux17: Hypervisors on ARM - Overview and Design Choices by Julien Grall...The Linux Foundation
Hypervisors are used in a broad range of domains ranging from Embedded systems, Automotive to big iron servers. The choice of hypervisor has a strong impact on the overall design of your project and its performance. This talk introduces the state of virtualization on ARM, and provides a description of three popular open source hypervisors: KVM, Jailhouse and Xen. Julien Grall explains respective key features, technical differences and suitability of the hypervisor for different application domains.
Julien Grall is a Software Virtualisation Engineer at ARM.
The talk was delivered at Root Linux Conference 2017. Learn more: http://linux.globallogic.com/materials. The video recording is available at https://www.youtube.com/watch?v=jZNXtqFJpuc
LCC17 - Securing Embedded Systems with the Hypervisor - Lars Kurth, CitrixThe Linux Foundation
Hypervisors were once seen as purely cloud and server technologies, but have slowly seeped into the embedded space providing extra layers of security. This discussion will showcase how companies from security vendors to automotive are using open source hypervisors (particularly Xen Project) to secure embedded systems, what challenges they face and how they have overcome it. We will also explore what this might mean to IoT at large and how to get started in securing your embedded system with a hypervisor-first approach.
Xen is one of most popular virtualization project, many companies and individuals participate in the development, testing and using of Xen. In this presentation, Xudong will give an introduction of Intel QA team's test coverage for Xen, demonstrate the pre check in for new features testing, and post check in for regression testing, as well as test methodology and test framework.
LCC17 - Live Patching, Virtual Machine Introspection and Vulnerability Manag...The Linux Foundation
There are three interconnected stories of how the largest clouds in production came together through the Xen Project to develop an industry leading open source security process to manage software vulnerabilities effectively, how those vendors collaborated to stop cloud reboots through Live Patching and how security and CPU vendors collaborated to protect against 0-day vulnerabilities and advanced persistent threats using hardware assisted virtual machine introspection. The talk will cover the impact these technologies have on sys admins and in general.
XPDDS18: Design Session - SGX deep dive and SGX Virtualization Discussion, Ka...The Linux Foundation
Software Guard Extensions (SGX) is Intel's unique security feature which has been present in Intel's processors since Skylake generation. Existing HW/SW solutions hypervisor does not protect tenants against the cloud provider and thus the supplied operating system and hardware. Intel SGX solves this by using enclave, which is a protected portion of userspace application where the code/data cannot be accessed directly from outside by any software, including privileged ones, such as BIOS and VMM. This discussion is intended for the deep dive introduction to SGX, and the design discussion of adding SGX virtualization to Xen. We will start with SGX deep dive, and then go into SGX virtualization design, from high level design to details, such as EPC management/virtualization, CPUID handling, interaction with VMX, live migration support, etc.
XPDS13: Xen in OSS based In–Vehicle Infotainment Systems - Artem Mygaiev, Glo...The Linux Foundation
Xen role, details of implementation and problems in a sample solution based on OSS (Android, Linux and Xen) that addresses Automotive requirements such as ultra-fast RVC boot time, quick IVI system boot time, cloud connectivity and multimedia capabilities, reliability and security through hardware virtualization. Secure CAN/LIN/MOST bus integration handled by Linux on Dom0 while Android runs customizable QML-based HMI in a sandbox of DomU. These case studies will include but not be limited to: computing power requirements, memory requirements, virtualization, stability, boot-time sequence and optimization, video clips showing results of the work done. Case study is built on TexasInstruments OMAP5 SoC.
SFO15-TR9: PSCI, ACPI (and UEFI to boot)
Speaker: Bill Fletcher
Date: September 24, 2015
★ Session Description ★
An introductory session of a system-level overview at Power State Coordination
- Focus on ARMv8
- Goes top-down from ACPI
- A demo based on the current code in qemu
- The specifications are very dynamic - what’s onging for ACPI and PSCI
★ Resources ★
Video: https://www.youtube.com/watch?v=vXzPdpaZVto
Presentation: http://www.slideshare.net/linaroorg/sfo15tr9-psci-acpi-and-uefi-to-boot
Etherpad: pad.linaro.org/p/sfo15-tr9
Pathable: https://sfo15.pathable.com/meetings/303087
★ Event Details ★
Linaro Connect San Francisco 2015 - #SFO15
September 21-25, 2015
Hyatt Regency Hotel
http://www.linaro.org
http://connect.linaro.org
XPDDS18: Intel Processor Trace for Xen Hypervisor - Luwei Kang, IntelThe Linux Foundation
Intel Processor Trace is a hardware feature that recording information about software execution with minimal impact to system execution. Existing hardware is unfriendly to enable Intel PT in guest because the implementation of shadow ToPA is very complex. Intel PT VMX improvements will treat PT output addresses as Guest Physical Addresses (GPAs) and translate them using EPT that serves to simplify the process of Intel PT virtualization for using by a guest software. We have submitted a patch set to enable Intel PT in XEN HVM guest for collecting hardware behavior, backwards debugging for GDB and so on. We also plan to implement system mode for tracing XEN hypervisor and guest's behavior if necessary.
ALSF13: Xen on ARM - Virtualization for the Automotive Industry - Stefano Sta...The Linux Foundation
During the last few months of 2011 the Xen Community started an effort to port Xen to ARMv7 with virtualization extensions, using the Cortex A15 processor as reference platform.
The new Xen port is exploiting this set of hardware capabilities to run guest VMs in the most efficient way possible while keeping the ARM specific changes to the hypervisor and the Linux kernel to a minimum. Developing the new port we took the chance to remove legacy concepts like PV or HVM guests and only support a single kind of guests that is comparable to "PVH" in the Xen X86 world.
Linux 3.7 was the first kernel release to run on Xen on ARM as Dom0 and DomU. Xen 4.3, out in July 2013, is the first hypervisor release to support ARMv7 with virtualization extensions and ARMv8.
This talk will explain why ARM virtualization is set to be increasingly relevant for the automotive industry in the coming years. We will go on to describe how Xen exploits the strengths of the hardware to meet the requirements of the industry. We will illustrate the early design choices and we will evaluate whether they were proven successful or a failure.
XPDS14 - RT-Xen: Real-Time Virtualization in Xen - Sisu Xi, Washington Univer...The Linux Foundation
Recent years have seen an increasing demand for supporting real-time systems in virtualized environments. To combine real-time and virtualization, a real-time scheduler at the hypervisor level is needed to provide timing guarantees to the guest virtual machines. RT-Xen provides a suite of multi-core real-time schedulers to deliver real-time performance to domains running on the Xen hypervisor. Work is underway to incorporate RT-Xen in the Xen distribution to replace the legacy SEDF scheduler. We have implemented and empirically compared a diverse set of multicore real-time scheduling policies within the RT-Xen scheduling framework. Based on extensive experiments of different scheduling policies, we plan to submit a patch on global EDF scheduler to the xen-devel as the first step to incorporate multicore real-time scheduling support within the Xen hypervisor.
XPDS16: Xenbedded: Xen-based client virtualization for phones and tablets - ...The Linux Foundation
This talk presents a new client virtualization platform that allows Xen to be used on mobile phones and tablets. These embedded devices require special consideration, particularly in the context of client virtualization. We will outline the technical challenges of virtualizing common tablet devices, including the touchscreen, audio, webcam, accelerometer, Wi-Fi, cellular, and display devices. TrustZone implications will also be discussed.
We will present the current project status and what it took (or will take) to get NVIDIA's Jetson TX1 development board and Google's Pixel C tablet running multiple Android instances. We will provide an overview of the platform’s build toolchain and source trees. Finally, we will open up discussions on the future of the platform and the challenges associated with improving Xen adoption on mobile ARM devices.
LCU13: Deep Dive into ARM Trusted Firmware
Resource: LCU13
Name: Deep Dive into ARM Trusted Firmware
Date: 31-10-2013
Speaker: Dan Handley / Charles Garcia-Tobin
Optimizing the Design and Implementation of KVM/ARM - SFO17-403Linaro
Session ID: SFO17-403
Session Name: Optimizing the Design and Implementation of KVM/ARM - SFO17-403
Speaker: Christoffer Dall
Track: Virtualization
★ Session Summary ★
A key drawback in the use of full system virtualization is the performance penalty introduced by hypervisors. This problem is especially present on ARM, which has significantly higher overhead for some workloads compared to x86, due to differences in the hardware virtualization support. The key reason for the overhead on ARM is the need to multiplex kernel mode state between the hypervisor and VMs, which each run their own kernel. This talk will cover how we have redesigned and optimized KVM/ARM, resulting in an order of magnitude reduction in overhead, and resulted in less overhead than x86 on key hypervisor operations. Our optimizations rely on new hardware support in ARMv8.1, the Virtualization Host Extensions (VHE), but also support legacy hardware through invasive modifications to Linux to support running the kernel in the hypervisor-specific CPU mode, EL2
---------------------------------------------------
★ Resources ★
Event Page: http://connect.linaro.org/resource/sfo17/sfo17-403/
Presentation: https://www.slideshare.net/linaroorg/optimizing-the-design-and-implementation-of-kvmarm-sfo17403
Video: https://www.youtube.com/watch?v=foRxjfKQeas
---------------------------------------------------
★ Event Details ★
Linaro Connect San Francisco 2017 (SFO17)
25-29 September 2017
Hyatt Regency San Francisco Airport
---------------------------------------------------
Keyword:
'http://www.linaro.org'
'http://connect.linaro.org'
---------------------------------------------------
Follow us on Social Media
https://www.facebook.com/LinaroOrg
https://twitter.com/linaroorg
https://www.youtube.com/user/linaroorg?sub_confirmation=1
https://www.linkedin.com/company/1026961
KVM/ARM Nested Virtualization Support and Performance - SFO17-410Linaro
Session ID: SFO17-410
Session Name: KVM/ARM Nested Virtualization Support and Performance - SFO17-410
Speaker: Jintack Lim
Track: Virtualization
★ Session Summary ★
Nested virtualization is increasingly important because of the need to deploy virtual machines running software stacks on top of virtualized cloud infrastructure, as well as for prototyping and testing. ARM recently introduced nested virtualization support in the latest ARMv8.3 revision of the architecture. We will present the efforts and challenges to introduce ARM nested virtualization support to KVM/ARM, which involves adding significant logic to core KVM/ARM code, MMU support, timers, and the GIC emulation including the changes we made since the last Linaro Connect. We will also discuss a paravirtualization approach we have used to prototype and evaluate the implementation on current ARMv8 hardware without hardware support for nested virtualization. We will present performance results and discuss future techniques to improve performance.
---------------------------------------------------
★ Resources ★
Event Page: http://connect.linaro.org/resource/sfo17/sfo17-410/
Presentation:
Video: https://www.youtube.com/watch?v=lvxu8tMztbA
---------------------------------------------------
★ Event Details ★
Linaro Connect San Francisco 2017 (SFO17)
25-29 September 2017
Hyatt Regency San Francisco Airport
---------------------------------------------------
Keyword:
'http://www.linaro.org'
'http://connect.linaro.org'
---------------------------------------------------
Follow us on Social Media
https://www.facebook.com/LinaroOrg
https://twitter.com/linaroorg
https://www.youtube.com/user/linaroorg?sub_confirmation=1
https://www.linkedin.com/company/1026961
LCU13: An Introduction to ARM Trusted FirmwareLinaro
Resource: LCU13
Name: An Introduction to ARM Trusted Firmware
Date: 28-10-2013
Speaker: Andrew Thoelke
Video: http://www.youtube.com/watch?v=q32BEMMxmfw
Rootlinux17: Hypervisors on ARM - Overview and Design Choices by Julien Grall...The Linux Foundation
Hypervisors are used in a broad range of domains ranging from Embedded systems, Automotive to big iron servers. The choice of hypervisor has a strong impact on the overall design of your project and its performance. This talk introduces the state of virtualization on ARM, and provides a description of three popular open source hypervisors: KVM, Jailhouse and Xen. Julien Grall explains respective key features, technical differences and suitability of the hypervisor for different application domains.
Julien Grall is a Software Virtualisation Engineer at ARM.
The talk was delivered at Root Linux Conference 2017. Learn more: http://linux.globallogic.com/materials. The video recording is available at https://www.youtube.com/watch?v=jZNXtqFJpuc
LCC17 - Securing Embedded Systems with the Hypervisor - Lars Kurth, CitrixThe Linux Foundation
Hypervisors were once seen as purely cloud and server technologies, but have slowly seeped into the embedded space providing extra layers of security. This discussion will showcase how companies from security vendors to automotive are using open source hypervisors (particularly Xen Project) to secure embedded systems, what challenges they face and how they have overcome it. We will also explore what this might mean to IoT at large and how to get started in securing your embedded system with a hypervisor-first approach.
Xen is one of most popular virtualization project, many companies and individuals participate in the development, testing and using of Xen. In this presentation, Xudong will give an introduction of Intel QA team's test coverage for Xen, demonstrate the pre check in for new features testing, and post check in for regression testing, as well as test methodology and test framework.
LCC17 - Live Patching, Virtual Machine Introspection and Vulnerability Manag...The Linux Foundation
There are three interconnected stories of how the largest clouds in production came together through the Xen Project to develop an industry leading open source security process to manage software vulnerabilities effectively, how those vendors collaborated to stop cloud reboots through Live Patching and how security and CPU vendors collaborated to protect against 0-day vulnerabilities and advanced persistent threats using hardware assisted virtual machine introspection. The talk will cover the impact these technologies have on sys admins and in general.
XPDDS18: Design Session - SGX deep dive and SGX Virtualization Discussion, Ka...The Linux Foundation
Software Guard Extensions (SGX) is Intel's unique security feature which has been present in Intel's processors since Skylake generation. Existing HW/SW solutions hypervisor does not protect tenants against the cloud provider and thus the supplied operating system and hardware. Intel SGX solves this by using enclave, which is a protected portion of userspace application where the code/data cannot be accessed directly from outside by any software, including privileged ones, such as BIOS and VMM. This discussion is intended for the deep dive introduction to SGX, and the design discussion of adding SGX virtualization to Xen. We will start with SGX deep dive, and then go into SGX virtualization design, from high level design to details, such as EPC management/virtualization, CPUID handling, interaction with VMX, live migration support, etc.
XPDS13: Xen in OSS based In–Vehicle Infotainment Systems - Artem Mygaiev, Glo...The Linux Foundation
Xen role, details of implementation and problems in a sample solution based on OSS (Android, Linux and Xen) that addresses Automotive requirements such as ultra-fast RVC boot time, quick IVI system boot time, cloud connectivity and multimedia capabilities, reliability and security through hardware virtualization. Secure CAN/LIN/MOST bus integration handled by Linux on Dom0 while Android runs customizable QML-based HMI in a sandbox of DomU. These case studies will include but not be limited to: computing power requirements, memory requirements, virtualization, stability, boot-time sequence and optimization, video clips showing results of the work done. Case study is built on TexasInstruments OMAP5 SoC.
SFO15-TR9: PSCI, ACPI (and UEFI to boot)
Speaker: Bill Fletcher
Date: September 24, 2015
★ Session Description ★
An introductory session of a system-level overview at Power State Coordination
- Focus on ARMv8
- Goes top-down from ACPI
- A demo based on the current code in qemu
- The specifications are very dynamic - what’s onging for ACPI and PSCI
★ Resources ★
Video: https://www.youtube.com/watch?v=vXzPdpaZVto
Presentation: http://www.slideshare.net/linaroorg/sfo15tr9-psci-acpi-and-uefi-to-boot
Etherpad: pad.linaro.org/p/sfo15-tr9
Pathable: https://sfo15.pathable.com/meetings/303087
★ Event Details ★
Linaro Connect San Francisco 2015 - #SFO15
September 21-25, 2015
Hyatt Regency Hotel
http://www.linaro.org
http://connect.linaro.org
XPDDS18: Intel Processor Trace for Xen Hypervisor - Luwei Kang, IntelThe Linux Foundation
Intel Processor Trace is a hardware feature that recording information about software execution with minimal impact to system execution. Existing hardware is unfriendly to enable Intel PT in guest because the implementation of shadow ToPA is very complex. Intel PT VMX improvements will treat PT output addresses as Guest Physical Addresses (GPAs) and translate them using EPT that serves to simplify the process of Intel PT virtualization for using by a guest software. We have submitted a patch set to enable Intel PT in XEN HVM guest for collecting hardware behavior, backwards debugging for GDB and so on. We also plan to implement system mode for tracing XEN hypervisor and guest's behavior if necessary.
ALSF13: Xen on ARM - Virtualization for the Automotive Industry - Stefano Sta...The Linux Foundation
During the last few months of 2011 the Xen Community started an effort to port Xen to ARMv7 with virtualization extensions, using the Cortex A15 processor as reference platform.
The new Xen port is exploiting this set of hardware capabilities to run guest VMs in the most efficient way possible while keeping the ARM specific changes to the hypervisor and the Linux kernel to a minimum. Developing the new port we took the chance to remove legacy concepts like PV or HVM guests and only support a single kind of guests that is comparable to "PVH" in the Xen X86 world.
Linux 3.7 was the first kernel release to run on Xen on ARM as Dom0 and DomU. Xen 4.3, out in July 2013, is the first hypervisor release to support ARMv7 with virtualization extensions and ARMv8.
This talk will explain why ARM virtualization is set to be increasingly relevant for the automotive industry in the coming years. We will go on to describe how Xen exploits the strengths of the hardware to meet the requirements of the industry. We will illustrate the early design choices and we will evaluate whether they were proven successful or a failure.
XPDS14 - RT-Xen: Real-Time Virtualization in Xen - Sisu Xi, Washington Univer...The Linux Foundation
Recent years have seen an increasing demand for supporting real-time systems in virtualized environments. To combine real-time and virtualization, a real-time scheduler at the hypervisor level is needed to provide timing guarantees to the guest virtual machines. RT-Xen provides a suite of multi-core real-time schedulers to deliver real-time performance to domains running on the Xen hypervisor. Work is underway to incorporate RT-Xen in the Xen distribution to replace the legacy SEDF scheduler. We have implemented and empirically compared a diverse set of multicore real-time scheduling policies within the RT-Xen scheduling framework. Based on extensive experiments of different scheduling policies, we plan to submit a patch on global EDF scheduler to the xen-devel as the first step to incorporate multicore real-time scheduling support within the Xen hypervisor.
XPDS16: Xenbedded: Xen-based client virtualization for phones and tablets - ...The Linux Foundation
This talk presents a new client virtualization platform that allows Xen to be used on mobile phones and tablets. These embedded devices require special consideration, particularly in the context of client virtualization. We will outline the technical challenges of virtualizing common tablet devices, including the touchscreen, audio, webcam, accelerometer, Wi-Fi, cellular, and display devices. TrustZone implications will also be discussed.
We will present the current project status and what it took (or will take) to get NVIDIA's Jetson TX1 development board and Google's Pixel C tablet running multiple Android instances. We will provide an overview of the platform’s build toolchain and source trees. Finally, we will open up discussions on the future of the platform and the challenges associated with improving Xen adoption on mobile ARM devices.
LCU13: Deep Dive into ARM Trusted Firmware
Resource: LCU13
Name: Deep Dive into ARM Trusted Firmware
Date: 31-10-2013
Speaker: Dan Handley / Charles Garcia-Tobin
Optimizing the Design and Implementation of KVM/ARM - SFO17-403Linaro
Session ID: SFO17-403
Session Name: Optimizing the Design and Implementation of KVM/ARM - SFO17-403
Speaker: Christoffer Dall
Track: Virtualization
★ Session Summary ★
A key drawback in the use of full system virtualization is the performance penalty introduced by hypervisors. This problem is especially present on ARM, which has significantly higher overhead for some workloads compared to x86, due to differences in the hardware virtualization support. The key reason for the overhead on ARM is the need to multiplex kernel mode state between the hypervisor and VMs, which each run their own kernel. This talk will cover how we have redesigned and optimized KVM/ARM, resulting in an order of magnitude reduction in overhead, and resulted in less overhead than x86 on key hypervisor operations. Our optimizations rely on new hardware support in ARMv8.1, the Virtualization Host Extensions (VHE), but also support legacy hardware through invasive modifications to Linux to support running the kernel in the hypervisor-specific CPU mode, EL2
---------------------------------------------------
★ Resources ★
Event Page: http://connect.linaro.org/resource/sfo17/sfo17-403/
Presentation: https://www.slideshare.net/linaroorg/optimizing-the-design-and-implementation-of-kvmarm-sfo17403
Video: https://www.youtube.com/watch?v=foRxjfKQeas
---------------------------------------------------
★ Event Details ★
Linaro Connect San Francisco 2017 (SFO17)
25-29 September 2017
Hyatt Regency San Francisco Airport
---------------------------------------------------
Keyword:
'http://www.linaro.org'
'http://connect.linaro.org'
---------------------------------------------------
Follow us on Social Media
https://www.facebook.com/LinaroOrg
https://twitter.com/linaroorg
https://www.youtube.com/user/linaroorg?sub_confirmation=1
https://www.linkedin.com/company/1026961
KVM/ARM Nested Virtualization Support and Performance - SFO17-410Linaro
Session ID: SFO17-410
Session Name: KVM/ARM Nested Virtualization Support and Performance - SFO17-410
Speaker: Jintack Lim
Track: Virtualization
★ Session Summary ★
Nested virtualization is increasingly important because of the need to deploy virtual machines running software stacks on top of virtualized cloud infrastructure, as well as for prototyping and testing. ARM recently introduced nested virtualization support in the latest ARMv8.3 revision of the architecture. We will present the efforts and challenges to introduce ARM nested virtualization support to KVM/ARM, which involves adding significant logic to core KVM/ARM code, MMU support, timers, and the GIC emulation including the changes we made since the last Linaro Connect. We will also discuss a paravirtualization approach we have used to prototype and evaluate the implementation on current ARMv8 hardware without hardware support for nested virtualization. We will present performance results and discuss future techniques to improve performance.
---------------------------------------------------
★ Resources ★
Event Page: http://connect.linaro.org/resource/sfo17/sfo17-410/
Presentation:
Video: https://www.youtube.com/watch?v=lvxu8tMztbA
---------------------------------------------------
★ Event Details ★
Linaro Connect San Francisco 2017 (SFO17)
25-29 September 2017
Hyatt Regency San Francisco Airport
---------------------------------------------------
Keyword:
'http://www.linaro.org'
'http://connect.linaro.org'
---------------------------------------------------
Follow us on Social Media
https://www.facebook.com/LinaroOrg
https://twitter.com/linaroorg
https://www.youtube.com/user/linaroorg?sub_confirmation=1
https://www.linkedin.com/company/1026961
Secure Container solution is to enhance container security by isolating memory between Docker containers inside one VM with Intel VT-x EPT HW, which is highly effective to protect container’s memory and at the meantime defends ret2user privilege escalation attack that exploits kernel vulnerabilities (eg. CVE-2017-6074 UAF (use-after-free) vulnerability). It extends KVM interfaces which the guest OS can leverage to isolate container memory from other containers, and the interfaces rely on Intel VT-x EPT hardware extension and provide memory access protection for the container which sits in an isolated memory region. Each secure container has a dedicated EPT table rather than sharing one EPT table with guest OS, which enforces the cross-EPT memory access protection. The whole solution is user-friendly to fit in the existing cloud server infrastructure with very limited changes.
MIPI DevCon 2016: Accelerating Software Development for MIPI CSI-2 CamerasMIPI Alliance
MIPI CSI-2-compliant cameras are popular in mobile and mobile-influenced devices because of the specification’s ability to handle high image resolution over fast links with low-power consumption. SoC designers can accelerate their design process by integrating the software drivers to make initial development easier and directly control boot-up sequences. This presentation by Licinio Sousa of Synopsys describes how to use the existing host-side V4L2 API and V4L2 subdevice interfaces to ease the integration of a CSI-2-compliant camera with an existing system. This approach allows designers to easily change their camera without having to make any changes to the CSI-2 host driver.
[Android Codefest Germany] Adding x86 target to your Android app by Xavier Ha...BeMyApp
The Android Codefest Germany is a challenge on optimizing your existing Android NDK app on x86 processor or on building one.
It's still open until Sunday, November 24th, you can submit your app here: http://androidcodefest.bemyapp.com
Implementing SR-IOv failover for Windows guests during live migrationYan Vugenfirer
Presentation from KVM Forum 2020.
In the past, there were several attempted to enable live migration for VMs that are using SR-IOV NICs. We are going to discuss the recent development based on the SR-IOV failover feature in virtio specification and its implementation for the Windows guests. In this session, Annie Li and Yan Vugenfirer will provide an overview of the failover feature and discuss specifics of the Windows guest implementation.
We discuss the existing and new hardware virtualization features. First, we review the existing hardware features that are not used by Xen today, showing examples for use cases. 1) For example, The "descriptor-table exiting" should be useful for the guest kernels or security agent to enhance security features. 2) The VMX-preemption timer allows the hypervisor to preempt guest VM execution after a specified amount of time, which is useful to implement fair scheduling. The hardware can save the timer value on each successive VMexit, after setting the initial VM quantum. 3) VMFUNC is an operation provided by the processor that can be invoked from VMX non-root operation without a VM exit. Today, EPTP switching is available, and we discuss how we can use the feature. Second, we talk about new hardware features, especially for interrupt optimizations.
Linux, Unikernel, LinuxKit: towards redefining the cloud stack.Idit Levine
One of the major announcement last week at DockerCon 2017 was LinuxKit, a tool to create minimal and safer operating system for running your containers.
This announcement marks a new phase in the quest to redefine the the stack in the cloud, which had started with the introduction of Unikernels.
In this session we will provide a deep dive on LinuxKit, Unikernels and what they mean for the future of the cloud.
We will discuss how these approaches are Integrated with clusters management tools like kubernetes, and show a few demos.
Docker is an open-source implementation of the deployment engine .
-No Guest OS
-Rides on the already existing kernel’s
- Uses LinuX Containers (LXC) running in the host OS
- Only Container, Apps on Container
Linux firmware for iRMC controller on Fujitsu Primergy serversVladimir Shakhov
Integrated Remote Management Controller aka iRMC (http://manuals.ts.fujitsu.com/file/11470/irmc-s4-ug-en.pdf) is a special-purpose ARM board, included in every Fujitsu Primergy server and actually running on GNU/Linux. Digging into the process of creation of iRMC firmware, significantly based on FOSS components, including Linux kernel, busybox, glibc, net-snmp and many others. Lecture covering technical details how its working, how to use OpenSource components together with propiertary code.
Marcelo Perazolo, Lead Software Architect, IBM Corporation - Monitoring a Pow...Nagios
Marcelo Perazolo, Lead Software Architect, IBM Corporation - In this session, Marcelo will describe how Nagios can be
integrated and extended for the monitoring of a typical
power-based converged infrastructure, and how it interfaces with existing element managers to provide a single point of integration for passive and active monitoring purposes.
Deep Learning Neural Network Acceleration at the Edge - Andrea GalloLinaro
Short
The growing amount of data captured by sensors and the real time constraints imply that not only big data analytics but also Machine Learning (ML) inference shall be executed at the edge. The multiple options for neural network acceleration in Arm-based platforms provide an unprecedented opportunity for new intelligent devices. It also raises the risk of fragmentation and duplication of efforts when multiple frameworks shall support multiple accelerators.
Andrea Gallo, Linaro VP of Segment Groups, will summarise the existing NN frameworks, accelerator solutions, and will describe the efforts underway in the Arm ecosystem.
Abstract
The dramatically growing amount of data captured by sensors and the ever more stringent requirements for latency and real time constraints are paving the way for edge computing, and this implies that not only big data analytics but also Machine Learning (ML) inference shall be executed at the edge. The multiple options for neural network acceleration in recent Arm-based platforms provides an unprecedented opportunity for new intelligent devices with ML inference. It also raises the risk of fragmentation and duplication of efforts when multiple frameworks shall support multiple accelerators.
Andrea Gallo, Linaro VP of Segment Groups, will summarise the existing NN frameworks, model description formats, accelerator solutions, low cost development boards and will describe the efforts underway to identify the best technologies to improve the consolidation and enable the competitive innovative advantage from all vendors.
Audience
The session will be useful for executives to engineers. Executives will gain a deeper understanding of the issues and opportunities. Engineers at NN acceleration IP design houses will take away ideas for how to collaborate in the open source community on their area of expertise, how to evaluate the performance and accelerate multiple NN frameworks without modifying them for each new IP, whether it be targeting edge computing gateways, smart devices or simple microcontrollers.
Benefits to the Ecosystem
The AI deep learning neural network ecosystem is starting just now and it has similar implications with open source as GPU and video accelerators had in the early days with user space drivers, binary blobs, proprietary APIs and all possible ways to protect their IPs. The session will outline a proposal for a collaborative ecosystem effort to create a common framework to manage multiple NN accelerators while at the same time avoiding to modify deep learning frameworks with multiple forks.
Huawei’s requirements for the ARM based HPC solution readiness - Joshua MoraLinaro
Talk Title: Huawei’s requirements for the ARM based HPC solution readiness
Talk Abstract:
A high level review of a wide range of requirements to architect an ARM based competitive HPC solution is provided. The review combines both Industry and Huawei’s unique views with the intend to communicate openly not only the alignment and support in ongoing efforts carried over by other ARM key players but to brief on the areas of differentiation that Huawei is investing towards the research, development and deployment of homegrown ARM based HPC solution(s).
Speaker: Joshua Mora
Speaker Bio:
20 years of experience in research and development of both software and hardware for high performance computing. Currently leading the architecture definition and development of ARM based HPC solutions, both hardware and software, all the way to the applications (ie. turnkey HPC solutions for different compute intensive markets where ARM will succeed !!).
Bud17 113: distribution ci using qemu and open qaLinaro
“Delivering a well working distribution is hard. There are a lot of different hardware platforms that need to be verified and the software stack is in a big flux during development phases. In rolling releases, this gets even worse, as nothing ever stands still. The only sane answer to that problem are working Continuous Integration tests. The SUSE way to check whether any change breaks normal distribution behavior is OpenQA. Using OpenQA we can automatically run tests that hard working QA people did manually in the old days. That way we have fast enough turnaround times to find and reject breaking changes This session shows how OpenQA works, what pitfalls we had to make ARM work with OpenQA and what we’re doing to improve it for ARM specific use cases.”
OpenHPC Automation with Ansible - Renato Golin - Linaro Arm HPC Workshop 2018Linaro
Speaker: Renato Golin
Speaker Bio:
He started programming in the late 80's in C for PCs after a few years playing with 8-bit computers, but he only started programming professionally in the late 90's during the .com bubble. After many years working on Internet's back-end, he moved to UK and worked a few years on bioinformatics at EBI before joining ARM, where he worked on the DS-5 debugger and on the EDG-to-LLVM bridge, where he became the LLVM Tech Lead. Recently, he worked with large clusters and big data at HPCC before moving to Linaro.
Talk Title: OpenHPC Automation with Ansible
Talk Abstract: "In order to test OpenHPC packages and components and to use it as a
platform to benchmark HPC applications, Linaro is developing an automated deployment strategy, using Ansible, Mr-Provisioner and Jenkins, to install the
OS, OpenHPC and prepare the environment on varied architectures (Arm, x86). This work is meant to replace the existing ageing Bash-based recipes upstream while still keeping the documents intact. Our aim is to make it easier to vary hardware configuration, allow for different provisioning techniques and mix internal infrastructure logic to different labs, while still using the same recipes. We hope this will help more people use OpenHPC with a better out-of-the-box experience and with more robust results"
HPC network stack on ARM - Linaro HPC Workshop 2018Linaro
Speaker: Pavel Shamis
Company: Arm
Speaker Bio:
"Pavel is a Principal Research Engineer at ARM with over 16 years of experience in development HPC solutions. His work is focused on co-design software and hardware building blocks for high-performance interconnect technologies, development communication middleware and novel programming models. Prior to joining ARM, he spent five years at Oak Ridge National Laboratory (ORNL) as a research scientist at Computer Science and Math Division (CSMD). In this role, Pavel was responsible for research and development multiple projects in high-performance communication domain including: Collective Communication Offload (CORE-Direct & Cheetah), OpenSHMEM, and OpenUCX. Before joining ORNL, Pavel spent ten years at Mellanox Technologies, where he led Mellanox HPC team and was one of the key driver in enablement Mellanox HPC software stack, including OFA software stack, OpenMPI, MVAPICH, OpenSHMEM, and other.
Pavel is a recipient of prestigious R&D100 award for his contribution in development of the CORE-Direct collective offload technology and he published in excess of 20 research papers.
"
Talk Title: HPC network stack on ARM
Talk Abstract:
Applications, programming languages, and libraries that leverage sophisticated network hardware capabilities have a natural advantage when used in today¹s and tomorrow's high-performance and data center computer environments. Modern RDMA based network interconnects provides incredibly rich functionality (RDMA, Atomics, OS-bypass, etc.) that enable low-latency and high-bandwidth communication services. The functionality is supported by a variety of interconnect technologies such as InfiniBand, RoCE, iWARP, Intel OPA, Cray¹s Aries/Gemini, and others. Over the last decade, the HPC community has developed variety user/kernel level protocols and libraries that enable a variety of high-performance applications over RDMA interconnects including MPI, SHMEM, UPC, etc. With the emerging availability HPC solutions based on ARM CPU architecture it is important to understand how ARM integrates with the RDMA hardware and HPC network software stack. In this talk, we will overview ARM architecture and system software stack, including MPI runtimes, OpenSHMEM, and OpenUCX.
It just keeps getting better - SUSE enablement for Arm - Linaro HPC Workshop ...Linaro
Speaker: Jay Kruemcke
Speaker Company: SUSE
Bio:
"Jay is responsible for the SUSE Linux server products for High Performance Computing, 64-bit ARM systems, and SUSE Linux for IBM Power servers.
Jay has built an extensive career in product management including using social media for client collaboration, product positioning, driving future product directions, and evangelizing the capabilities and future directions for dozens of enterprise products.
"
Talk Title: It just keeps getting better - SUSE enablement for Arm
Talk Abstract:
SUSE has been delivering commercial Linux support for Arm based servers since 2016. Initially the focus was on high end servers for HPC and Ceph based software defined storage. But we have enabled a number of other Arm SoCs and are even supporting the Raspberry Pi. This session will cover the SUSE products that are available for the Arm platform and view to the future.
Intelligent Interconnect Architecture to Enable Next Generation HPC - Linaro ...Linaro
Speakers: Gilad Shainer and Scot Schultz
Company: Mellanox Technologies
Talk Title: Intelligent Interconnect Architecture to Enable Next
Generation HPC
Talk Abstract:
The latest revolution in HPC interconnect architecture is the development of In-Network Computing, a technology that enables handling and accelerating application workloads at the network level. By placing data-related algorithms on an intelligent network, we can overcome the new performance bottlenecks and improve the data center and applications performance. The combination of In-Network Computing and ARM based processors offer a rich set of capabilities and opportunities to build the next generation of HPC platforms.
Gilad Shainer Bio:
Gilad Shainer has served as Mellanox's vice president of marketing since March 2013. Previously, Mr. Shainer was Mellanox's vice president of marketing development from March 2012 to March 2013. Mr. Shainer joined Mellanox in 2001 as a design engineer and later served in senior marketing management roles between July 2005 and February 2012. Mr. Shainer holds several patents in the field of high-speed networking and contributed to the PCI-SIG PCI-X and PCIe specifications. Gilad Shainer holds a MSc degree (2001, Cum Laude) and a BSc degree (1998, Cum Laude) in Electrical Engineering from the Technion Institute of Technology in Israel.
Scot Schultz Bio:
Scot Schultz is a HPC technology specialist with broad knowledge in operating systems, high speed interconnects and processor technologies. Joining the Mellanox team in 2013, Schultz is 30-year veteran of the computing industry. Prior to joining Mellanox, he spent the past 17 years at AMD in various engineering and leadership roles in the area of high performance computing. Scot has also been instrumental with the growth and development of various industry organizations including the Open Fabrics Alliance, and continues to serve as a founding board-member of the OpenPOWER Foundation and Director of Educational Outreach and founding member of the HPC-AI Advisory Council.
Yutaka Ishikawa - Post-K and Arm HPC Ecosystem - Linaro Arm HPC Workshop Sant...Linaro
Yutaka Ishikawa - Post-K and Arm HPC Ecosystem - Linaro Arm HPC Workshop Santa Clara 2018
Bio: "Yutaka Ishikawa is the project leader of developing the post K
supercomputer. From 1987 to 2001, he was a member of AIST (former
Electrotechnical Laboratory), METI. From 1993 to 2001, he was the
chief of Parallel and Distributed System Software Laboratory at Real
World Computing Partnership. He led development of cluster system
software called SCore, which was used in several large PC cluster
systems around 2004. From 2002 to 2014, he was a professor at the
University Tokyo. He led a project to design a commodity-based
supercomputer called T2K open supercomputer. As a result, three
universities, Tsukuba, Tokyo, and Kyoto, obtained each supercomputer
based on the specification in 2008. He was also involved with the
design of the Oakleaf-PACS, the successor of T2K supercomputer in both
Tsukuba and Tokyo, whose peak performance is 25PF."
Session Title: Post-K and Arm HPC Ecosystem
Session Description:
"Post-K, a flagship supercomputer in Japan, is being developed by Riken
and Fujitsu. It will be the first supercomputer with Armv8-A+SVE.
This talk will give an overview of Post-K and how RIKEN and Fujitsu
are currently working on software stack for an Arm architecture."
Andrew J Younge - Vanguard Astra - Petascale Arm Platform for U.S. DOE/ASC Su...Linaro
Event: Arm Architecture HPC Workshop by Linaro and HiSilicon
Location: Santa Clara, CA
Speaker: Andrew J Younge
Talk Title: Vanguard Astra - Petascale Arm Platform for U.S. DOE/ASC Supercomputing
Talk Desc: The Vanguard program looks to expand the potential technology choices for leadership-class High Performance Computing (HPC) platforms, not only for the National Nuclear Security Administration (NNSA) but for the Department of Energy (DOE) and wider HPC community. Specifically, there is a need to expand the supercomputing ecosystem by investing and developing emerging, yet-to-be-proven technologies and address both hardware and software challenges together, as well as to prove-out the viability of such novel platforms for production HPC workloads.
The first deployment of the Vanguard program will be Astra, a prototype Petascale Arm supercomputer to be sited at Sandia National Laboratories during 2018. This talk will focus on the arthictecural details of Astra and the significant investments being made towards the maturing the Arm software ecosystem. Furthermore, we will share initial performance results based on our pre-general availability testbed system and outline several planned research activities for the machine.
Bio: Andrew Younge is a R&D Computer Scientist at Sandia National Laboratories with the Scalable System Software group. His research interests include Cloud Computing, Virtualization, Distributed Systems, and energy efficient computing. Andrew has a Ph.D in Computer Science from Indiana University, where he was the Persistent Systems fellow and a member of the FutureGrid project, an NSF-funded experimental cyberinfrastructure test-bed. Over the years, Andrew has held visiting positions at the MITRE Corporation, the University of Southern California / Information Sciences Institute, and the University of Maryland, College Park. He received his Bachelors and Masters of Science from the Computer Science Department at Rochester Institute of Technology (RIT) in 2008 and 2010, respectively.
HKG18-501 - EAS on Common Kernel 4.14 and getting (much) closer to mainlineLinaro
Session ID: HKG18-501
Session Name: HKG18-501 - EAS on Common Kernel 4.14 and getting (much) closer to mainline
Speaker: Chris Redpath
Track: Mobile, Kernel
★ Session Summary ★
This session will introduce the changes to EAS planned for 4.14 kernel, and how Arm hopes that EAS will develop in future. EAS has already evolved from an Arm/Linaro joint project to involving a much wider community of SoC vendors, Google and interested device manufacturers. We will highlight the product-specific pieces remaining in the Android Common Kernel EAS implementation, and our plans to provide an upstreaming plan for each product feature. In particular, the new 'simplified energy model' is designed to provide mainline-friendliness and comparable performance using a simple DT expression of cpu power/performance.
---------------------------------------------------
★ Resources ★
Event Page: http://connect.linaro.org/resource/hkg18/hkg18-501/
Presentation: http://connect.linaro.org.s3.amazonaws.com/hkg18/presentations/hkg18-501.pdf
Video: http://connect.linaro.org.s3.amazonaws.com/hkg18/videos/hkg18-501.mp4
---------------------------------------------------
★ Event Details ★
Linaro Connect Hong Kong 2018 (HKG18)
19-23 March 2018
Regal Airport Hotel Hong Kong
---------------------------------------------------
Keyword: Mobile, Kernel
'http://www.linaro.org'
'http://connect.linaro.org'
---------------------------------------------------
Follow us on Social Media
https://www.facebook.com/LinaroOrg
https://www.youtube.com/user/linaroorg?sub_confirmation=1
https://www.linkedin.com/company/1026961
HKG18-501 - EAS on Common Kernel 4.14 and getting (much) closer to mainlineLinaro
"Session ID: HKG18-501
Session Name: HKG18-501 - EAS on Common Kernel 4.14 and getting (much) closer to mainline
Speaker: Chris Redpath
Track: Mobile, Kernel
★ Session Summary ★
This session will introduce the changes to EAS planned for 4.14 kernel, and how Arm hopes that EAS will develop in future. EAS has already evolved from an Arm/Linaro joint project to involving a much wider community of SoC vendors, Google and interested device manufacturers. We will highlight the product-specific pieces remaining in the Android Common Kernel EAS implementation, and our plans to provide an upstreaming plan for each product feature. In particular, the new 'simplified energy model' is designed to provide mainline-friendliness and comparable performance using a simple DT expression of cpu power/performance.
---------------------------------------------------
★ Resources ★
Event Page: http://connect.linaro.org/resource/hkg18/hkg18-501/
Presentation: http://connect.linaro.org.s3.amazonaws.com/hkg18/presentations/hkg18-501.pdf
Video: http://connect.linaro.org.s3.amazonaws.com/hkg18/videos/hkg18-501.mp4
---------------------------------------------------
★ Event Details ★
Linaro Connect Hong Kong 2018 (HKG18)
19-23 March 2018
Regal Airport Hotel Hong Kong
---------------------------------------------------
Keyword: Mobile, Kernel
'http://www.linaro.org'
'http://connect.linaro.org'
---------------------------------------------------
Follow us on Social Media
https://www.facebook.com/LinaroOrg
https://www.youtube.com/user/linaroorg?sub_confirmation=1
https://www.linkedin.com/company/1026961"
HKG18-315 - Why the ecosystem is a wonderful thing, warts and allLinaro
"Session ID: HKG18-315
Session Name: HKG18-315 - Why the ecosystem is a wonderful thing warts and all
Speaker: Andrew Wafaa
Track: Ecosystem Day
★ Session Summary ★
The Arm ecosystem is a vibrant place, but it's not always smooth sailing. This presentation will go through the highs and lows of getting the ecosystem fully Arm enabled.
---------------------------------------------------
★ Resources ★
Event Page: http://connect.linaro.org/resource/hkg18/hkg18-315/
Presentation: http://connect.linaro.org.s3.amazonaws.com/hkg18/presentations/hkg18-315.pdf
Video: http://connect.linaro.org.s3.amazonaws.com/hkg18/videos/hkg18-315.mp4
---------------------------------------------------
★ Event Details ★
Linaro Connect Hong Kong 2018 (HKG18)
19-23 March 2018
Regal Airport Hotel Hong Kong
---------------------------------------------------
Keyword: Ecosystem Day
'http://www.linaro.org'
'http://connect.linaro.org'
---------------------------------------------------
Follow us on Social Media
https://www.facebook.com/LinaroOrg
https://www.youtube.com/user/linaroorg?sub_confirmation=1
https://www.linkedin.com/company/1026961"
HKG18- 115 - Partitioning ARM Systems with the Jailhouse HypervisorLinaro
"Session ID: HKG18-115
Session Name: HKG18-115 - Partitioning ARM Systems with the Jailhouse Hypervisor
Speaker: Jan Kiszka
Track: Security
★ Session Summary ★
The open source hypervisor Jailhouse provides hard partitioning of multicore systems to co-locate multiple Linux or RTOS instances side by side. It aims at low complexity and minimal footprint to achieve deterministic behavior and enable certifications according to safety or security standards. In this session, we would like to look at the ARM-specific status of Jailhouse and discuss applications, to-dos and possible collaborations around it with the ARM community. The session is intended to be half presentation, half Q&A / discussion.
---------------------------------------------------
★ Resources ★
Event Page: http://connect.linaro.org/resource/hkg18/hkg18-115/
Presentation: http://connect.linaro.org.s3.amazonaws.com/hkg18/presentations/hkg18-115.pdf
Video: http://connect.linaro.org.s3.amazonaws.com/hkg18/videos/hkg18-115.mp4
---------------------------------------------------
★ Event Details ★
Linaro Connect Hong Kong 2018 (HKG18)
19-23 March 2018
Regal Airport Hotel Hong Kong
---------------------------------------------------
Keyword: Security
'http://www.linaro.org'
'http://connect.linaro.org'
---------------------------------------------------
Follow us on Social Media
https://www.facebook.com/LinaroOrg
https://www.youtube.com/user/linaroorg?sub_confirmation=1
https://www.linkedin.com/company/1026961"
"Session ID: HKG18-TR08
Session Name: HKG18-TR08 - Upstreaming SVE in QEMU
Speaker: Alex Bennée,Richard Henderson
Track: Enterprise
★ Session Summary ★
ARM's Scalable Vector Extensions is an innovative solution to processing highly data parallel workloads. While several out-of-tree attempts at implementing SVE support for QEMU existed, we took a fundamentally different approach to solving key challenges and therefore pursued a from-scratch QEMU SVE implementation in Linaro. Our strategic choice was driven by several factors. First as an ""upstream first"" organisation we were focused on a solution that would be readily accepted by the upstream project. This entailed doing our development in the open on the project mailing lists where early feedback and community consensus can be reached.
---------------------------------------------------
★ Resources ★
Event Page: http://connect.linaro.org/resource/hkg18/hkg18-tr08/
Presentation: http://connect.linaro.org.s3.amazonaws.com/hkg18/presentations/hkg18-tr08.pdf
Video: http://connect.linaro.org.s3.amazonaws.com/hkg18/videos/hkg18-tr08.mp4
---------------------------------------------------
★ Event Details ★
Linaro Connect Hong Kong 2018 (HKG18)
19-23 March 2018
Regal Airport Hotel Hong Kong
---------------------------------------------------
Keyword: Enterprise
'http://www.linaro.org'
'http://connect.linaro.org'
---------------------------------------------------
Follow us on Social Media
https://www.facebook.com/LinaroOrg
https://www.youtube.com/user/linaroorg?sub_confirmation=1
https://www.linkedin.com/company/1026961"
HKG18-113- Secure Data Path work with i.MX8MLinaro
"Session ID: HKG18-113
Session Name: HKG18-113 - Secure Data Path work with i.MX8M
Speaker: Cyrille Fleury
Track: Digital Home
★ Session Summary ★
NXP presentation on Secure Data Path work with i.MX8M Soc. Demonstrate 4K PlayReady playback with Android 8.1 running on i.MX8M. Focus on security (MS SL3000 and Widevine level 1)
---------------------------------------------------
★ Resources ★
Event Page: http://connect.linaro.org/resource/hkg18/hkg18-113/
Presentation: http://connect.linaro.org.s3.amazonaws.com/hkg18/presentations/hkg18-113.pdf
Video: http://connect.linaro.org.s3.amazonaws.com/hkg18/videos/hkg18-113.mp4
---------------------------------------------------
★ Event Details ★
Linaro Connect Hong Kong 2018 (HKG18)
19-23 March 2018
Regal Airport Hotel Hong Kong
---------------------------------------------------
Keyword: Digital Home
'http://www.linaro.org'
'http://connect.linaro.org'
---------------------------------------------------
Follow us on Social Media
https://www.facebook.com/LinaroOrg
https://www.youtube.com/user/linaroorg?sub_confirmation=1
https://www.linkedin.com/company/1026961"
HKG18-120 - Devicetree Schema Documentation and Validation Linaro
"Session ID: HKG18-120
Session Name: HKG18-120 - Structured Documentation and Validation for Device Tree
Speaker: Grant Likely
Track: Kernel
★ Session Summary ★
Devicetree has become the dominant hardware configuration language used when building embedded systems. Projects using Devicetree now include Linux, U-Boot, Android, FreeBSD, and Zephyr. However, it is notoriously difficult to write correct Devicetree data files. The dtc tools perform limited tests for valid data, and there there is not yet a way to add validity test for specific hardware descriptions. Neither is there a good way to document requirements for specific bindings. Work is underway to solve these problems. This session will present a proposal for adding Devicetree schema files to the Devicetree toolchain that can be used to both validate data and produce usable documentation.
---------------------------------------------------
★ Resources ★
Event Page: http://connect.linaro.org/resource/hkg18/hkg18-120/
Presentation: http://connect.linaro.org.s3.amazonaws.com/hkg18/presentations/hkg18-120.pdf
Video: http://connect.linaro.org.s3.amazonaws.com/hkg18/videos/hkg18-120.mp4
---------------------------------------------------
★ Event Details ★
Linaro Connect Hong Kong 2018 (HKG18)
19-23 March 2018
Regal Airport Hotel Hong Kong
---------------------------------------------------
Keyword: Kernel
'http://www.linaro.org'
'http://connect.linaro.org'
---------------------------------------------------
Follow us on Social Media
https://www.facebook.com/LinaroOrg
https://www.youtube.com/user/linaroorg?sub_confirmation=1
https://www.linkedin.com/company/1026961"
"Session ID: HKG18-223
Session Name: HKG18-223 - Trusted Firmware M : Trusted Boot
Speaker: Tamas Ban
Track: LITE
★ Session Summary ★
An overview of the trusted boot concept and firmware update on the ARMv8-M based platform and how MCUBoot acts as a BL2 bootloader for TF-M.
Trusted Firmware M
In October 2017, Arm announced the vision of Platform Security Architecture (PSA) - a common framework to allow everyone in the IoT ecosystem to move forward with stronger, scalable security and greater confidence. There are three key stages to the Platform Security Architecture: Analysis, Architecture and Implementation which are described at https://developer.arm.com/products/architecture/platform-security-architecture.
_Trusted Firmware M, i.e. TF-M, is the Arm project to provide an open source reference implementation firmware that will conform to the PSA specification for M-Class devices. Early access to TF-M was released in December 2017 and it is being made public during Linaro Connect. The implementation should be considered a prototype until the PSA specifications reach release state and the code aligns._
---------------------------------------------------
★ Resources ★
Event Page: http://connect.linaro.org/resource/hkg18/hkg18-223/
Presentation: http://connect.linaro.org.s3.amazonaws.com/hkg18/presentations/hkg18-223.pdf
Video: http://connect.linaro.org.s3.amazonaws.com/hkg18/videos/hkg18-223.mp4
---------------------------------------------------
★ Event Details ★
Linaro Connect Hong Kong 2018 (HKG18)
19-23 March 2018
Regal Airport Hotel Hong Kong
---------------------------------------------------
Keyword: LITE
'http://www.linaro.org'
'http://connect.linaro.org'
---------------------------------------------------
Follow us on Social Media
https://www.facebook.com/LinaroOrg
https://www.youtube.com/user/linaroorg?sub_confirmation=1
https://www.linkedin.com/company/1026961"
Welcome to the first live UiPath Community Day Dubai! Join us for this unique occasion to meet our local and global UiPath Community and leaders. You will get a full view of the MEA region's automation landscape and the AI Powered automation technology capabilities of UiPath. Also, hosted by our local partners Marc Ellis, you will enjoy a half-day packed with industry insights and automation peers networking.
📕 Curious on our agenda? Wait no more!
10:00 Welcome note - UiPath Community in Dubai
Lovely Sinha, UiPath Community Chapter Leader, UiPath MVPx3, Hyper-automation Consultant, First Abu Dhabi Bank
10:20 A UiPath cross-region MEA overview
Ashraf El Zarka, VP and Managing Director MEA, UiPath
10:35: Customer Success Journey
Deepthi Deepak, Head of Intelligent Automation CoE, First Abu Dhabi Bank
11:15 The UiPath approach to GenAI with our three principles: improve accuracy, supercharge productivity, and automate more
Boris Krumrey, Global VP, Automation Innovation, UiPath
12:15 To discover how Marc Ellis leverages tech-driven solutions in recruitment and managed services.
Brendan Lingam, Director of Sales and Business Development, Marc Ellis
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™UiPathCommunity
In questo evento online gratuito, organizzato dalla Community Italiana di UiPath, potrai esplorare le nuove funzionalità di Autopilot, il tool che integra l'Intelligenza Artificiale nei processi di sviluppo e utilizzo delle Automazioni.
📕 Vedremo insieme alcuni esempi dell'utilizzo di Autopilot in diversi tool della Suite UiPath:
Autopilot per Studio Web
Autopilot per Studio
Autopilot per Apps
Clipboard AI
GenAI applicata alla Document Understanding
👨🏫👨💻 Speakers:
Stefano Negro, UiPath MVPx3, RPA Tech Lead @ BSP Consultant
Flavio Martinelli, UiPath MVP 2023, Technical Account Manager @UiPath
Andrei Tasca, RPA Solutions Team Lead @NTT Data
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
Enhancing Performance with Globus and the Science DMZGlobus
ESnet has led the way in helping national facilities—and many other institutions in the research community—configure Science DMZs and troubleshoot network issues to maximize data transfer performance. In this talk we will present a summary of approaches and tips for getting the most out of your network infrastructure using Globus Connect Server.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
2. ENGINEERS AND DEVICES
WORKING TOGETHER
–Popek and Golberg
[Formal requirements for virtualizable third generation architectures ’74]
““Efficient, isolated duplicate
of the real machine””
3. ENGINEERS AND DEVICES
WORKING TOGETHER
Hardware
OS Kernel
App AppApp
Hardware
Hypervisor
VM
Kernel
App App
VM
Kernel
App App
Native Virtual Machines
Virtualization
4. ENGINEERS AND DEVICES
WORKING TOGETHER
Hypervisor Design
Hardware
Hypervisor
VM
Kernel
App App
VM
Kernel
App App
Type 1 (Standalone)
5. ENGINEERS AND DEVICES
WORKING TOGETHER
Hypervisor Design
Hardware
Hypervisor
VM
Kernel
App App
VM
Kernel
App App
Type 1 (Standalone)
Hardware
OS Kernel
VM
Kernel
App App
VM
Kernel
App App
Type 2 (Hosted)
Hypervisor
App
6. ENGINEERS AND DEVICES
WORKING TOGETHER
Hypervisor Design
Hardware
Xen
Dom0
Linux
App App
DomU
Linux
App App
Hardware
Linux
VM
Linux
App App
VM
Linux
App App
KVM
App
9. ENGINEERS AND DEVICES
WORKING TOGETHER
KVM/ARM
Host
Linux
AppApp
VM
Kernel
AppApp
KVM
KVM lowvisor
EL0
EL1
EL2
1. Hypercall
2. Return3. Hypercall
4. Return
switch
state
10. ENGINEERS AND DEVICES
WORKING TOGETHER
KVM/ARM
Host
Linux
AppApp
VM
Kernel
AppApp
KVM
EL0
EL1
EL2
1. Hypercall 2. Return
11. ENGINEERS AND DEVICES
WORKING TOGETHER
ARMv8.1 VHE
• Virtualization Host Extensions
• Supports running unmodified
OSes in EL2 without using EL1
Linux
EL0
EL1
EL2
AppApp
12. ENGINEERS AND DEVICES
WORKING TOGETHER
ARMv8.1 VHE in Details
1. HCR_EL2.E2H complete enables and disables VHE
2. Addition registers in EL2 to have same support as EL1
3. TGE bit traps EL0 to EL2 without disabling EL0 Stage 1 MMU
4. EL2 translation regime works like EL1
5. Redirects system register accesses from EL1 to EL2
13. ENGINEERS AND DEVICES
WORKING TOGETHER
VHE Register Redirection
TCR_EL1
mrs x0, TCR_EL1
HCR_EL2.E2H==0
TCR_EL2
HCR_EL2.E2H==1
15. ENGINEERS AND DEVICES
WORKING TOGETHER
More VHE Register Redirection
• Some registers change bit position and content
• Example: CNTHTCL_EL2 changes layout to match CNTKCTL_EL1 with extra
bits
18. ENGINEERS AND DEVICES
WORKING TOGETHER
Experimental Setup
• AMD Seattle B0
• 64-bit ARMv8-A
• 2.0 GHz AMD A1100 CPU
• 8-way SMP
• 16 GB RAM
• 10 GB Ethernet (passthrough)
*Measurements obtained using Linux in EL2. See BKK16 talk.
19. ENGINEERS AND DEVICES
WORKING TOGETHER
VHE Performance at First Glance
CPU Clock Cycles non-VHE VHE*
Hypercall 3.181 3.045
*Measurements obtained using Linux in EL2. See BKK16 talk.
20. ENGINEERS AND DEVICES
WORKING TOGETHER
KVM/ARM Optimization #1
VM
Kernel
AppAppEL0
EL1
EL2
Host
AppApp
Linux KVM
• Avoid saving/restoring
EL1 register state
21. ENGINEERS AND DEVICES
WORKING TOGETHER
KVM/ARM Optimization #2
VM
Kernel
AppAppEL0
EL1
EL2
Host
AppApp
Linux KVM
• Leave virtualization
features enabled
• No traps from host EL0
when E2H and TGE are
both set
• EL2 not affected by
traps
22. ENGINEERS AND DEVICES
WORKING TOGETHER
KVM/ARM Optimization #3
• Don’t context switch
the timer on every exit
from the VM
• Completely reworks the
timer code to take
interrupts and load/put
state as necessary
• 20 patches on list
23. ENGINEERS AND DEVICES
WORKING TOGETHER
KVM/ARM Optimization #4
• Defer as much work as possible to vcpu_load and vcpu_put
• Called when entering/exiting run-loop
• Called when preempted/scheduled
24. ENGINEERS AND DEVICES
WORKING TOGETHER
KVM/ARM Optimization #5
• Rewrite the world
switch code
• Avoids many
conditionals
• Adds has_vhe() calls in
pre_run_check and
post_run_check.
kvm_arch_vcpu_ioctl_run
{
...
while (1) {
pre_run_checks();
if (has_vhe() /* static key */
ret = kvm_vcpu_vhe_run(vcpu);
else
ret = kvm_call_hyp(__kvm_vcpu_run, vcpu);
post_run_checks();
}
...
}
25. ENGINEERS AND DEVICES
WORKING TOGETHER
Microbenchmark Results
CPU Clock Cycles non-VHE VHE OPT * x86
Hypercall 3,181 752 1.437
I/O Kernel 3,992 1.604 2.565
I/O User 6,665 7.630 6.732
Virtual IPI 14,155 2.526 3.102
*Measurements obtained using Linux in EL2. See BKK16 talk.
27. ENGINEERS AND DEVICES
WORKING TOGETHER
Application Workloads
0.00
0.50
1.00
1.50
2.00
Kernbench
Hackbench
TCP_STREAM
TCP_MAERTS
TCP_RR
Apache
Memcached
non-VHE VHE OPT*
*Measurements obtained using Linux in EL2. See BKK16 talk.
Normalized overhead
(lower is better)
28. ENGINEERS AND DEVICES
WORKING TOGETHER
Conclusions
• Optimize and redesign KVM/ARM for VHE
• Reduce hypercall overhead by more than 75% (better than x86!)
• Network benchmark overhead reduced by 50%
• Memcached overhead reduced by more than 80%
29. ENGINEERS AND DEVICES
WORKING TOGETHER
Upstream Status
• Timer patches on list
• Optimization patches in final stages
• Priority to upstream soon, hopefully ready for v4.16