Xen Cache Coloring: Interference-Free Real-Time System
•
2 likes•619 views
Slides of the Embedded Linux Conf presentation "Xen Cache Coloring: Interference-Free Real-Time System"
Report
Share
Report
Share
Download to read offline
Recommended
Cache coloring Xen Summit 2020
This document discusses Xen cache coloring and real-time performance in embedded systems. It introduces cache interference between virtual machines and the hypervisor solution of cache partitioning via cache coloring. Each VM is allocated its own portion of cache entries to prevent interference. Benchmark results show that with cache coloring, a motor control application execution time and interrupt response time remain stable even under high interference, whereas without coloring performance degrades significantly. Cache coloring effectively isolates workloads and enables mixed criticality systems on the same device.
Static Partitioning with Xen, LinuxRT, and Zephyr: A Concrete End-to-end Exam...
Static partitioning enables multiple domains to run alongside each other with no interference. They could be running Linux, an RTOS, or another OS, and all of them have direct access to different portions of the SoC. In the last five years, the Xen community introduced several new features to make Xen-based static partitioning possible. Dom0less to start multiple static domains in parallel at boot, and Cache Coloring to minimize cache interference effects are among them. Static inter-domain communications mechanisms were introduced this year, while "ImageBuilder" has been making system-wide configurations easier. An easy-to-use complete solution is within our grasp. This talk will show the progress made on Xen static partitioning. The audience will learn to configure a realistic reference design with multiple partitions: a LinuxRT partition, a Zephyr partition, and a larger Linux partition. The presentation will show how to set up communication channels and direct hardware access for the domains. It will explain how to measure interrupt latency and use cache coloring to zero cache interference effects. The talk will include a live demo of the reference design.
Safety-Certifying Open Source Software: The Case of the Xen Hypervisor
Safety is important to software everywhere human lives are at risk. In these environments often safety-certifications are required to ensure that the quality of the software is high enough to minimize the risk of harm to humans. Safety-certifications such as ISO 26262 come with a series of requirements and processes that sometimes clash with well-established Open Source software development practices. How do we reconcile safety-certifications with Open Source? This presentation will provide an answer to that question. Taking Xen as an example of an Open Source project with a rich 15+ years history, this presentation will explain the best way to match Open Source activities with safety-certification requirements. It will discuss the role of the upstream community and downstream vendors in achieving compliance with ISO 26262 and IEC 61508. It will go through the changes to Xen Project processes already underway and the ones planned for the future to align the Xen hypervisor with safety-certifications. The talk will cover MISRA, traceability, testing, etc., and the latest updates from the Xen FuSa working group.
Xen in Safety-Critical Systems - Critical Summit 2022
Xen Project is a static partitioning hypervisor for embedded deployments (industrial, medical, etc.) Xen enforces strong isolation between domains so that one cannot affect the execution of another. Features such as cache coloring reduce interference and improve interrupt latency and determinism. A real-time workload can run alongside a more complex guest. But can it be used in safety-critical environments? The Xen hypervisor has a microkernel design: services and tools are non-essential and run in unprivileged VMs, while the core is less than 50K LOC. This architecture lends itself well to safety-critical applications as only the core is critical and needs to go through the certification process. This presentation will describe the activities of the Xen FuSa SIG (Special Interest Group) to make Xen easier to safety-certify. It will go through the aspects of Xen that pertain safety and it will explain how to set up a mixed-criticality system with Xen. The talk will discuss the challenges of making an Open Source project safety-certifiable and the progress that the Xen community made so far in the areas of documentation and requirements, MISRA-C code compliance, and interference reduction.
Xen on ARM for embedded and IoT: from secure containers to dom0less systems
This document discusses Xen for embedded and IoT applications. It proposes ViryaOS, a new Xen Project sub-project that would provide a secure Xen-based container runtime and build system for embedded and IoT use cases. ViryaOS would allow building and deploying multiple VMs and secure containers on embedded targets more easily than current methods. It aims to support real-time requirements, hardware access from containers, and dynamic deployment of workloads.
Ace Up the Sleeve
This document summarizes a presentation on designing Active Directory DACL backdoors for persistence after gaining initial domain elevation. It discusses how DACL misconfigurations can provide stealthy, long-term access. Specific techniques covered include hiding DACLs and principals from easy enumeration, as well as case studies on backdoors involving DCSync rights, AdminSDHolder, LAPS passwords, Exchange objects, and abusing GPOs. Defenses discussed include proper event log collection and SACL auditing. The document provides an overview of how DACLs can be stealthily misconfigured to maintain access without immediate detection.
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
Volodymyr will speak about TEE mediators. This is a new feature in Xen which allows multiple virtual machines to interact with Trusted Execution Environment available on platform. He developed mediator for one of TEEs, namely OP-TEE.
He will give background information on why TEE is needed at all and share some implementation details.
Final terraform
This document provides an overview of Terraform including its key features and how to install, configure, and use Terraform to deploy infrastructure on AWS. It covers topics such as creating EC2 instances and other AWS resources with Terraform, using variables, outputs, and provisioners, implementing modules and workspaces, and managing the Terraform state.
Recommended
Cache coloring Xen Summit 2020
This document discusses Xen cache coloring and real-time performance in embedded systems. It introduces cache interference between virtual machines and the hypervisor solution of cache partitioning via cache coloring. Each VM is allocated its own portion of cache entries to prevent interference. Benchmark results show that with cache coloring, a motor control application execution time and interrupt response time remain stable even under high interference, whereas without coloring performance degrades significantly. Cache coloring effectively isolates workloads and enables mixed criticality systems on the same device.
Static Partitioning with Xen, LinuxRT, and Zephyr: A Concrete End-to-end Exam...
Static partitioning enables multiple domains to run alongside each other with no interference. They could be running Linux, an RTOS, or another OS, and all of them have direct access to different portions of the SoC. In the last five years, the Xen community introduced several new features to make Xen-based static partitioning possible. Dom0less to start multiple static domains in parallel at boot, and Cache Coloring to minimize cache interference effects are among them. Static inter-domain communications mechanisms were introduced this year, while "ImageBuilder" has been making system-wide configurations easier. An easy-to-use complete solution is within our grasp. This talk will show the progress made on Xen static partitioning. The audience will learn to configure a realistic reference design with multiple partitions: a LinuxRT partition, a Zephyr partition, and a larger Linux partition. The presentation will show how to set up communication channels and direct hardware access for the domains. It will explain how to measure interrupt latency and use cache coloring to zero cache interference effects. The talk will include a live demo of the reference design.
Safety-Certifying Open Source Software: The Case of the Xen Hypervisor
Safety is important to software everywhere human lives are at risk. In these environments often safety-certifications are required to ensure that the quality of the software is high enough to minimize the risk of harm to humans. Safety-certifications such as ISO 26262 come with a series of requirements and processes that sometimes clash with well-established Open Source software development practices. How do we reconcile safety-certifications with Open Source? This presentation will provide an answer to that question. Taking Xen as an example of an Open Source project with a rich 15+ years history, this presentation will explain the best way to match Open Source activities with safety-certification requirements. It will discuss the role of the upstream community and downstream vendors in achieving compliance with ISO 26262 and IEC 61508. It will go through the changes to Xen Project processes already underway and the ones planned for the future to align the Xen hypervisor with safety-certifications. The talk will cover MISRA, traceability, testing, etc., and the latest updates from the Xen FuSa working group.
Xen in Safety-Critical Systems - Critical Summit 2022
Xen Project is a static partitioning hypervisor for embedded deployments (industrial, medical, etc.) Xen enforces strong isolation between domains so that one cannot affect the execution of another. Features such as cache coloring reduce interference and improve interrupt latency and determinism. A real-time workload can run alongside a more complex guest. But can it be used in safety-critical environments? The Xen hypervisor has a microkernel design: services and tools are non-essential and run in unprivileged VMs, while the core is less than 50K LOC. This architecture lends itself well to safety-critical applications as only the core is critical and needs to go through the certification process. This presentation will describe the activities of the Xen FuSa SIG (Special Interest Group) to make Xen easier to safety-certify. It will go through the aspects of Xen that pertain safety and it will explain how to set up a mixed-criticality system with Xen. The talk will discuss the challenges of making an Open Source project safety-certifiable and the progress that the Xen community made so far in the areas of documentation and requirements, MISRA-C code compliance, and interference reduction.
Xen on ARM for embedded and IoT: from secure containers to dom0less systems
This document discusses Xen for embedded and IoT applications. It proposes ViryaOS, a new Xen Project sub-project that would provide a secure Xen-based container runtime and build system for embedded and IoT use cases. ViryaOS would allow building and deploying multiple VMs and secure containers on embedded targets more easily than current methods. It aims to support real-time requirements, hardware access from containers, and dynamic deployment of workloads.
Ace Up the Sleeve
This document summarizes a presentation on designing Active Directory DACL backdoors for persistence after gaining initial domain elevation. It discusses how DACL misconfigurations can provide stealthy, long-term access. Specific techniques covered include hiding DACLs and principals from easy enumeration, as well as case studies on backdoors involving DCSync rights, AdminSDHolder, LAPS passwords, Exchange objects, and abusing GPOs. Defenses discussed include proper event log collection and SACL auditing. The document provides an overview of how DACLs can be stealthily misconfigured to maintain access without immediate detection.
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
Volodymyr will speak about TEE mediators. This is a new feature in Xen which allows multiple virtual machines to interact with Trusted Execution Environment available on platform. He developed mediator for one of TEEs, namely OP-TEE.
He will give background information on why TEE is needed at all and share some implementation details.
Final terraform
This document provides an overview of Terraform including its key features and how to install, configure, and use Terraform to deploy infrastructure on AWS. It covers topics such as creating EC2 instances and other AWS resources with Terraform, using variables, outputs, and provisioners, implementing modules and workspaces, and managing the Terraform state.
Securing Prometheus exporters using HashiCorp Vault
Things like Infrastructure as Code, Service Discovery and Config Management can and have helped us to quickly build and rebuild infrastructure but we haven't nearly spend enough time to train our self to review, monitor and respond to outages. Does our platform degrade in a graceful way or what does a high cpu load really mean? What can we learn from level 1 outages to be able to run our platforms more reliably.
This talk will focus on on creating a secure prometheus exporter ecosystem using HashiCorp Vault where we can we be sure that we are not leaking any business metrics from our observability stack. After which we ll investigate how to automatically rotate the certificates we created to do so.
Introduction to CMake
Το CMake είναι το πιο διαδεδομένο εργαλείο για να "χτίσεις" projects γραμμένα σε C++ για το 2021.
Το CMake δε μεταγλωτίζει το ίδιο τον κώδικα αλλά παράγει τις κατάλληλες παραμέτρους για άλλα εργαλεία (π.χ. make) τα οποία αναλαμβάνουν τη μεταγλώτισση.
Η χρήση εργαλείων όπως το CMake είναι μονόδρομος όταν ένα έργο σε C++ περιλαμβάνει πολλά αρχεία, διάφορες παραμέτρους, εξωτερικά dependencies κλπ. Σε αυτή την περίπτωση η ανάπτυξή του γίνεται εκθετικά δυσκολότερη όσο το μέγεθός του αυξάνεται, εάν δεν υιοθετηθεί χρήση εργαλείων όπως το CMake.
邏 Στο εργαστήριο θα δείξουμε πως μπορούμε να στήσουμε ένα τυπικό project γραμμένο σε C++ και θα καλύψουμε τα πιο βασικά σενάρια που χρειάζεται να γνωρίζει κάποιος όπως:
✅ Παραγωγή εκτελέσιμου αρχείου
✅ Καθορισμός του include path
✅ Δημιουργία βιβλιοθήκης για static ή dynamic linking
✅ Ελεγχος των διάφορων compilation flags
✅ Δημιουργία functions εντός του CMake
✅ Παραμετροποίηση μέσω options
Dom0less - Xen Developer Summit 2019
This document discusses Xen Dom0-less, an approach to running Xen virtual machines without a privileged Domain 0. Traditionally Xen uses a Dom0 to perform boot and configuration tasks, but this adds complexity. Dom0-less allows VMs to boot directly on the hardware using the device tree protocol. This reduces boot time and complexity while enabling safer configurations. Challenges include lack of VM monitoring and PV device support without Dom0. The status is that basic Dom0-less booting is implemented in Xen but more work is needed for true Dom0-less and PV device drivers.
HKG18- 115 - Partitioning ARM Systems with the Jailhouse Hypervisor
"Session ID: HKG18-115
Session Name: HKG18-115 - Partitioning ARM Systems with the Jailhouse Hypervisor
Speaker: Jan Kiszka
Track: Security
★ Session Summary ★
The open source hypervisor Jailhouse provides hard partitioning of multicore systems to co-locate multiple Linux or RTOS instances side by side. It aims at low complexity and minimal footprint to achieve deterministic behavior and enable certifications according to safety or security standards. In this session, we would like to look at the ARM-specific status of Jailhouse and discuss applications, to-dos and possible collaborations around it with the ARM community. The session is intended to be half presentation, half Q&A / discussion.
---------------------------------------------------
★ Resources ★
Event Page: http://connect.linaro.org/resource/hkg18/hkg18-115/
Presentation: http://connect.linaro.org.s3.amazonaws.com/hkg18/presentations/hkg18-115.pdf
Video: http://connect.linaro.org.s3.amazonaws.com/hkg18/videos/hkg18-115.mp4
---------------------------------------------------
★ Event Details ★
Linaro Connect Hong Kong 2018 (HKG18)
19-23 March 2018
Regal Airport Hotel Hong Kong
---------------------------------------------------
Keyword: Security
'http://www.linaro.org'
'http://connect.linaro.org'
---------------------------------------------------
Follow us on Social Media
https://www.facebook.com/LinaroOrg
https://www.youtube.com/user/linaroorg?sub_confirmation=1
https://www.linkedin.com/company/1026961"
Improving hyperconverged performance
DevConf-2018
Gluster storage is integrated with oVirt as file based storage using FUSE, enabling all oVirt features with very little special code. However FUSE is not the most efficient and scalable way to access Gluster storage, resulting in poor virtual machine performance. With newly added native Gluster support a VM can access gluster storage directly in the most efficient way. Decreased storage access latency results in a better IOPS, thus making storage more responsive and improve the VMs performance. Participants will be able to learn more on how file system access works for VMs, review the reason for potential performance issues in hyperconverged setups, and how to improve it.
Db2 migration -_tips,_tricks,_and_pitfalls
This document provides an overview of tips, considerations, and processes for migrating a DB2 database environment to a Teradata data warehouse. It discusses gathering important information about the existing DB2 environment, the high-level phases of the migration including establishing Teradata infrastructure, migrating data, processes and applications, and establishing a production environment. It also covers specific considerations for migrating the physical database including options for converting DB2 tables and indexes to Teradata.
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...
Kubernetes has the concept of resource requests and limits. Pods get scheduled on the nodes based on their requests and optionally limited in how much of the resource they can consume. Understanding and optimizing resource requests/limits is crucial both for reducing resource "slack" and ensuring application performance/low-latency. This talk shows our approach to monitoring and optimizing Kubernetes resources for 80+ clusters to achieve cost-efficiency and reducing impact for latency-critical applications. All shown tools are Open Source and can be applied to most Kubernetes deployments.
WorkShop: Introducción a GIT
Este documento presenta una introducción a Git. En menos de 3 oraciones:
1) Explica qué es Git, su historia y características principales como su naturaleza distribuida y uso de punteros. 2) Detalla los conceptos básicos de Git como sus tres áreas, estados y tipos de archivos. 3) Proporciona ejemplos de comandos Git básicos como init, add, commit y status para gestionar archivos en un repositorio.
Accelerating Virtual Machine Access with the Storage Performance Development ...
Abstract: Although new non-volatile media inherently offers very low latency, remote access
using protocols such as NVMe-oF and presenting the data to VMs via virtualized interfaces such as virtio
adds considerable software overhead. One way to reduce the overhead is to use the Storage
Performance Development Kit (SPDK), an open-source software project that provides building blocks for
scalable and efficient storage applications with breakthrough performance. Comparing the software
paths for virtualizing block storage I/O illustrates the advantages of the SPDK-based approach. Empirical
data shows that using SPDK can improve CPU efficiency by up to 10 x and reduce latency up to 50% over
existing methods. Future enhancements for SPDK will make its advantages even greater.
Speaker Bio: Anu Rao is Product line manager for storage software in Data center Group. She helps
customer ease into and adopt open source Storage software like Storage Performance Development Kit
(SPDK) and Intelligent Software Acceleration-Library (ISA-L).
Writing a fast HTTP parser
Eitaro Fukamachi gave a presentation on writing a fast HTTP parser in Common Lisp called fast-http. He explained that the bottleneck in the Wookie web framework was HTTP parsing, which was slower than Node.js. This was because Node.js uses the C-based and highly optimized http-parser library. Eitaro discussed how fast-http achieves high performance through an architecture that reduces memory allocation and uses the right data types, as well as through benchmarking, profiling, and type declarations to provide hints to the compiler. The goal was to write carefully optimized Lisp code that could match or beat C in performance for complex programs like an HTTP parser.
XPDDS18: Design and Implementation of Automotive: Virtualization Based on Xen...
XPDDS18: Design and Implementation of Automotive: Virtualization Based on Xen...The Linux Foundation
This talk presents a production-ready automotive virtualization solution with Xen. The key requirements that we focus are super-fast startup and recovery from failure, static virtual machine creation with dedicated resources, and performance effective graphics rendering. To reduce the boot time, we optimize the Xen startup procedure by effectively initializing Xen heap and VM memory, and booting multiple VMs concurrently. We provide fast recovery mechanism by re-implementing the VM reset feature. We also develop a highly optimized graphics APIs-forwarding mechanism supporting OpenGLES APIs up to v3.2. The pass rate of Khronos CTS in a guest OS is comparable to the Domain0’s. Our experiment shows that our virtualization solution provides reasonable performance for ARM-based automotive systems (hypervisor booting: less than 70ms, graphics performance: about 96% of Domain0). Pgsodium's Features: those not provided by pgcrypto and integration with rem...
pgsodium is a Postgres extension that provides an alternative to pgcrypto with encryption functions that wrap the libsodium encryption library. It offers features like multi-layered role-based access to symmetric functions, integration with key management systems, end-to-end encryption with key exchange, and streaming encryption with forward secrecy. It aims to address limitations of pgcrypto like lack of key derivation, public key signing, and missing cryptography functions.
[Public] gerrit concepts and workflows
This document provides an overview of Gerrit Code Review, including:
- Gerrit allows code review of commits before they are integrated into branches through a "push for code review" workflow. It creates changes and change refs for pushed commits.
- Changes can be reviewed through the Gerrit web interface by viewing diffs and leaving comments. Reviewers can vote on changes using configurable review labels like "Code-Review".
- The standard workflow involves pushing commits for review, reviewing and voting on changes, and then submitting approved changes to branches. Gerrit integrates with Git and provides access controls and permissions on repositories.
Configurable horizontal pod autoscaler
Ivan Glushkov, Staff Engineer at Postmates, describes the problem that led us to develop a configurable horizontal pod autoscaler (CHPA) for Kubernetes.
Derbycon - The Unintended Risks of Trusting Active Directory
Given at DerbyCon 2018, this presentation covers host and Active Directory security descriptor research.
Kubernetes Application Deployment with Helm - A beginner Guide!
Google DevFest2019 Presentation at Infosys Campus Bangalore. Application deployment in Kubernetes with Helm is demo'ed in Google Kubernetes Engine (GKE). This is an introductory session on Helm. Several references are given in it to further explore helm3 as it is in Beta state now.
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
This talk will introduce Dom0-less: a new way of using Xen to build mixed-criticality solutions. Dom0-less is a Xen feature that adds a novel approach to static partitioning based on virtualization. It allows multiple domains to start at boot time directly from the Xen hypervisor, decreasing boot times dramatically. Xen userspace tools, such as xl and libvirt, become optional.
Dom0-less extends the existing device tree based Xen boot protocol to cover information required by additional domains. Binaries, such as kernels and ramdisks, are loaded by the bootloader (u-boot) and advertised to Xen via new device tree bindings.
The audience will learn how to use Dom0-less to partition the system. Uboot and device tree configuration details will be explained to enable the audience to get the most out of this feature. The talk will include a status update and details on future plans.
I2C Subsystem In Linux-2.6.24
The document describes the data structures used to represent I2C buses, devices, drivers, and clients in the Linux kernel. It explains how a new I2C bus instance is recognized, how devices are added to the I2C bus, and how an I2C device driver is added and bound to devices. Key data structures include i2c_adapter, i2c_client, i2c_driver, and the device/driver model links between them.
(Ab)Using GPOs for Active Directory Pwnage
Identifying privilege escalation paths within an Active Directory environment is crucial for a successful red team. Over the last few years, BloodHound has made it easier for red teamers to perform reconnaissance activities and identify these attacks paths. When evaluating BloodHound data, it is common to find ourselves having sufficient rights to modify a Group Policy Object (GPO). This level of access allows us to perform a number of attacks, targeting any computer or user object controlled by the vulnerable GPO.
In this talk we will present previous research related to GPO abuses and share a number of misconfigurations we have found in the wild. We will also present a tool that allows red teamers to target users and computers controlled by a vulnerable GPO in order to escalate privileges and move laterally within the environment.
Docker swarm
This document discusses Microservices and Docker Swarm. It begins by introducing the presenter and their background. It then defines what a microservice is and introduces Docker. Key concepts about Docker Swarm are explained such as swarm features, service discovery without an external database, and the swarm concept of managers, workers, services and tasks. It demonstrates how to build a swarm cluster and add nodes, and discusses security, routing mesh, scaling, reverse proxy, rolling updates and secrets. Finally it briefly mentions logging, metrics and dashboard tools to monitor Docker systems.
Rendering in the Cloud
Softlayer began in 2005 and was acquired by IBM in 2013. It provides cloud computing infrastructure including IaaS, PaaS and SaaS. Rendering animation requires huge computing resources and time. Rendering a single animated film can require 300+ artists, 17,000+ CPU cores, 75 million CPU hours and 500 million digital files. Keeping resources on-premises to render films can cost millions whereas cloud infrastructure from Softlayer provides scalable resources more cost effectively. While security and cost concerns still hold the media industry back from fully adopting the cloud, its popularity for rendering is projected to grow to 88% within a year and 60% within 5 years.
“Trends in Neural Network Topologies for Vision at the Edge,” a Presentation ...
“Trends in Neural Network Topologies for Vision at the Edge,” a Presentation ...Edge AI and Vision Alliance
For the full video of this presentation, please visit:
https://www.edge-ai-vision.com/2020/12/trends-in-neural-network-topologies-for-vision-at-the-edge-a-presentation-from-synopsys/
For more information about edge AI and computer vision, please visit:
https://www.edge-ai-vision.com
Pierre Paulin, Director of R&D for Embedded Vision at Synopsys, presents the “Trends in Neural Network Topologies for Vision at the Edge” tutorial at the September 2020 Embedded Vision Summit.
The widespread adoption of deep neural networks (DNNs) in embedded vision applications has increased the importance of creating DNN topologies that maximize accuracy while minimizing computation and memory requirements. This has led to accelerated innovation in DNN topologies.
In this talk, Paulin summarizes the key trends in neural network topologies for embedded vision applications, highlighting techniques employed by widely used networks such as EfficientNet and MobileNet to boost both accuracy and efficiency. He also touches on other optimization methods—such as pruning, compression and layer fusion—that developers can use to further reduce the memory and computation demands of modern DNNs.More Related Content
What's hot
Securing Prometheus exporters using HashiCorp Vault
Things like Infrastructure as Code, Service Discovery and Config Management can and have helped us to quickly build and rebuild infrastructure but we haven't nearly spend enough time to train our self to review, monitor and respond to outages. Does our platform degrade in a graceful way or what does a high cpu load really mean? What can we learn from level 1 outages to be able to run our platforms more reliably.
This talk will focus on on creating a secure prometheus exporter ecosystem using HashiCorp Vault where we can we be sure that we are not leaking any business metrics from our observability stack. After which we ll investigate how to automatically rotate the certificates we created to do so.
Introduction to CMake
Το CMake είναι το πιο διαδεδομένο εργαλείο για να "χτίσεις" projects γραμμένα σε C++ για το 2021.
Το CMake δε μεταγλωτίζει το ίδιο τον κώδικα αλλά παράγει τις κατάλληλες παραμέτρους για άλλα εργαλεία (π.χ. make) τα οποία αναλαμβάνουν τη μεταγλώτισση.
Η χρήση εργαλείων όπως το CMake είναι μονόδρομος όταν ένα έργο σε C++ περιλαμβάνει πολλά αρχεία, διάφορες παραμέτρους, εξωτερικά dependencies κλπ. Σε αυτή την περίπτωση η ανάπτυξή του γίνεται εκθετικά δυσκολότερη όσο το μέγεθός του αυξάνεται, εάν δεν υιοθετηθεί χρήση εργαλείων όπως το CMake.
邏 Στο εργαστήριο θα δείξουμε πως μπορούμε να στήσουμε ένα τυπικό project γραμμένο σε C++ και θα καλύψουμε τα πιο βασικά σενάρια που χρειάζεται να γνωρίζει κάποιος όπως:
✅ Παραγωγή εκτελέσιμου αρχείου
✅ Καθορισμός του include path
✅ Δημιουργία βιβλιοθήκης για static ή dynamic linking
✅ Ελεγχος των διάφορων compilation flags
✅ Δημιουργία functions εντός του CMake
✅ Παραμετροποίηση μέσω options
Dom0less - Xen Developer Summit 2019
This document discusses Xen Dom0-less, an approach to running Xen virtual machines without a privileged Domain 0. Traditionally Xen uses a Dom0 to perform boot and configuration tasks, but this adds complexity. Dom0-less allows VMs to boot directly on the hardware using the device tree protocol. This reduces boot time and complexity while enabling safer configurations. Challenges include lack of VM monitoring and PV device support without Dom0. The status is that basic Dom0-less booting is implemented in Xen but more work is needed for true Dom0-less and PV device drivers.
HKG18- 115 - Partitioning ARM Systems with the Jailhouse Hypervisor
"Session ID: HKG18-115
Session Name: HKG18-115 - Partitioning ARM Systems with the Jailhouse Hypervisor
Speaker: Jan Kiszka
Track: Security
★ Session Summary ★
The open source hypervisor Jailhouse provides hard partitioning of multicore systems to co-locate multiple Linux or RTOS instances side by side. It aims at low complexity and minimal footprint to achieve deterministic behavior and enable certifications according to safety or security standards. In this session, we would like to look at the ARM-specific status of Jailhouse and discuss applications, to-dos and possible collaborations around it with the ARM community. The session is intended to be half presentation, half Q&A / discussion.
---------------------------------------------------
★ Resources ★
Event Page: http://connect.linaro.org/resource/hkg18/hkg18-115/
Presentation: http://connect.linaro.org.s3.amazonaws.com/hkg18/presentations/hkg18-115.pdf
Video: http://connect.linaro.org.s3.amazonaws.com/hkg18/videos/hkg18-115.mp4
---------------------------------------------------
★ Event Details ★
Linaro Connect Hong Kong 2018 (HKG18)
19-23 March 2018
Regal Airport Hotel Hong Kong
---------------------------------------------------
Keyword: Security
'http://www.linaro.org'
'http://connect.linaro.org'
---------------------------------------------------
Follow us on Social Media
https://www.facebook.com/LinaroOrg
https://www.youtube.com/user/linaroorg?sub_confirmation=1
https://www.linkedin.com/company/1026961"
Improving hyperconverged performance
DevConf-2018
Gluster storage is integrated with oVirt as file based storage using FUSE, enabling all oVirt features with very little special code. However FUSE is not the most efficient and scalable way to access Gluster storage, resulting in poor virtual machine performance. With newly added native Gluster support a VM can access gluster storage directly in the most efficient way. Decreased storage access latency results in a better IOPS, thus making storage more responsive and improve the VMs performance. Participants will be able to learn more on how file system access works for VMs, review the reason for potential performance issues in hyperconverged setups, and how to improve it.
Db2 migration -_tips,_tricks,_and_pitfalls
This document provides an overview of tips, considerations, and processes for migrating a DB2 database environment to a Teradata data warehouse. It discusses gathering important information about the existing DB2 environment, the high-level phases of the migration including establishing Teradata infrastructure, migrating data, processes and applications, and establishing a production environment. It also covers specific considerations for migrating the physical database including options for converting DB2 tables and indexes to Teradata.
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...
Kubernetes has the concept of resource requests and limits. Pods get scheduled on the nodes based on their requests and optionally limited in how much of the resource they can consume. Understanding and optimizing resource requests/limits is crucial both for reducing resource "slack" and ensuring application performance/low-latency. This talk shows our approach to monitoring and optimizing Kubernetes resources for 80+ clusters to achieve cost-efficiency and reducing impact for latency-critical applications. All shown tools are Open Source and can be applied to most Kubernetes deployments.
WorkShop: Introducción a GIT
Este documento presenta una introducción a Git. En menos de 3 oraciones:
1) Explica qué es Git, su historia y características principales como su naturaleza distribuida y uso de punteros. 2) Detalla los conceptos básicos de Git como sus tres áreas, estados y tipos de archivos. 3) Proporciona ejemplos de comandos Git básicos como init, add, commit y status para gestionar archivos en un repositorio.
Accelerating Virtual Machine Access with the Storage Performance Development ...
Abstract: Although new non-volatile media inherently offers very low latency, remote access
using protocols such as NVMe-oF and presenting the data to VMs via virtualized interfaces such as virtio
adds considerable software overhead. One way to reduce the overhead is to use the Storage
Performance Development Kit (SPDK), an open-source software project that provides building blocks for
scalable and efficient storage applications with breakthrough performance. Comparing the software
paths for virtualizing block storage I/O illustrates the advantages of the SPDK-based approach. Empirical
data shows that using SPDK can improve CPU efficiency by up to 10 x and reduce latency up to 50% over
existing methods. Future enhancements for SPDK will make its advantages even greater.
Speaker Bio: Anu Rao is Product line manager for storage software in Data center Group. She helps
customer ease into and adopt open source Storage software like Storage Performance Development Kit
(SPDK) and Intelligent Software Acceleration-Library (ISA-L).
Writing a fast HTTP parser
Eitaro Fukamachi gave a presentation on writing a fast HTTP parser in Common Lisp called fast-http. He explained that the bottleneck in the Wookie web framework was HTTP parsing, which was slower than Node.js. This was because Node.js uses the C-based and highly optimized http-parser library. Eitaro discussed how fast-http achieves high performance through an architecture that reduces memory allocation and uses the right data types, as well as through benchmarking, profiling, and type declarations to provide hints to the compiler. The goal was to write carefully optimized Lisp code that could match or beat C in performance for complex programs like an HTTP parser.
XPDDS18: Design and Implementation of Automotive: Virtualization Based on Xen...
XPDDS18: Design and Implementation of Automotive: Virtualization Based on Xen...The Linux Foundation
This talk presents a production-ready automotive virtualization solution with Xen. The key requirements that we focus are super-fast startup and recovery from failure, static virtual machine creation with dedicated resources, and performance effective graphics rendering. To reduce the boot time, we optimize the Xen startup procedure by effectively initializing Xen heap and VM memory, and booting multiple VMs concurrently. We provide fast recovery mechanism by re-implementing the VM reset feature. We also develop a highly optimized graphics APIs-forwarding mechanism supporting OpenGLES APIs up to v3.2. The pass rate of Khronos CTS in a guest OS is comparable to the Domain0’s. Our experiment shows that our virtualization solution provides reasonable performance for ARM-based automotive systems (hypervisor booting: less than 70ms, graphics performance: about 96% of Domain0). Pgsodium's Features: those not provided by pgcrypto and integration with rem...
pgsodium is a Postgres extension that provides an alternative to pgcrypto with encryption functions that wrap the libsodium encryption library. It offers features like multi-layered role-based access to symmetric functions, integration with key management systems, end-to-end encryption with key exchange, and streaming encryption with forward secrecy. It aims to address limitations of pgcrypto like lack of key derivation, public key signing, and missing cryptography functions.
[Public] gerrit concepts and workflows
This document provides an overview of Gerrit Code Review, including:
- Gerrit allows code review of commits before they are integrated into branches through a "push for code review" workflow. It creates changes and change refs for pushed commits.
- Changes can be reviewed through the Gerrit web interface by viewing diffs and leaving comments. Reviewers can vote on changes using configurable review labels like "Code-Review".
- The standard workflow involves pushing commits for review, reviewing and voting on changes, and then submitting approved changes to branches. Gerrit integrates with Git and provides access controls and permissions on repositories.
Configurable horizontal pod autoscaler
Ivan Glushkov, Staff Engineer at Postmates, describes the problem that led us to develop a configurable horizontal pod autoscaler (CHPA) for Kubernetes.
Derbycon - The Unintended Risks of Trusting Active Directory
Given at DerbyCon 2018, this presentation covers host and Active Directory security descriptor research.
Kubernetes Application Deployment with Helm - A beginner Guide!
Google DevFest2019 Presentation at Infosys Campus Bangalore. Application deployment in Kubernetes with Helm is demo'ed in Google Kubernetes Engine (GKE). This is an introductory session on Helm. Several references are given in it to further explore helm3 as it is in Beta state now.
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
This talk will introduce Dom0-less: a new way of using Xen to build mixed-criticality solutions. Dom0-less is a Xen feature that adds a novel approach to static partitioning based on virtualization. It allows multiple domains to start at boot time directly from the Xen hypervisor, decreasing boot times dramatically. Xen userspace tools, such as xl and libvirt, become optional.
Dom0-less extends the existing device tree based Xen boot protocol to cover information required by additional domains. Binaries, such as kernels and ramdisks, are loaded by the bootloader (u-boot) and advertised to Xen via new device tree bindings.
The audience will learn how to use Dom0-less to partition the system. Uboot and device tree configuration details will be explained to enable the audience to get the most out of this feature. The talk will include a status update and details on future plans.
I2C Subsystem In Linux-2.6.24
The document describes the data structures used to represent I2C buses, devices, drivers, and clients in the Linux kernel. It explains how a new I2C bus instance is recognized, how devices are added to the I2C bus, and how an I2C device driver is added and bound to devices. Key data structures include i2c_adapter, i2c_client, i2c_driver, and the device/driver model links between them.
(Ab)Using GPOs for Active Directory Pwnage
Identifying privilege escalation paths within an Active Directory environment is crucial for a successful red team. Over the last few years, BloodHound has made it easier for red teamers to perform reconnaissance activities and identify these attacks paths. When evaluating BloodHound data, it is common to find ourselves having sufficient rights to modify a Group Policy Object (GPO). This level of access allows us to perform a number of attacks, targeting any computer or user object controlled by the vulnerable GPO.
In this talk we will present previous research related to GPO abuses and share a number of misconfigurations we have found in the wild. We will also present a tool that allows red teamers to target users and computers controlled by a vulnerable GPO in order to escalate privileges and move laterally within the environment.
Docker swarm
This document discusses Microservices and Docker Swarm. It begins by introducing the presenter and their background. It then defines what a microservice is and introduces Docker. Key concepts about Docker Swarm are explained such as swarm features, service discovery without an external database, and the swarm concept of managers, workers, services and tasks. It demonstrates how to build a swarm cluster and add nodes, and discusses security, routing mesh, scaling, reverse proxy, rolling updates and secrets. Finally it briefly mentions logging, metrics and dashboard tools to monitor Docker systems.
What's hot (20)
Securing Prometheus exporters using HashiCorp Vault
Securing Prometheus exporters using HashiCorp Vault
HKG18- 115 - Partitioning ARM Systems with the Jailhouse Hypervisor
HKG18- 115 - Partitioning ARM Systems with the Jailhouse Hypervisor
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...
Accelerating Virtual Machine Access with the Storage Performance Development ...
Accelerating Virtual Machine Access with the Storage Performance Development ...
XPDDS18: Design and Implementation of Automotive: Virtualization Based on Xen...
XPDDS18: Design and Implementation of Automotive: Virtualization Based on Xen...
Pgsodium's Features: those not provided by pgcrypto and integration with rem...
Pgsodium's Features: those not provided by pgcrypto and integration with rem...
Derbycon - The Unintended Risks of Trusting Active Directory
Derbycon - The Unintended Risks of Trusting Active Directory
Kubernetes Application Deployment with Helm - A beginner Guide!
Kubernetes Application Deployment with Helm - A beginner Guide!
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
Similar to Xen Cache Coloring: Interference-Free Real-Time System
Rendering in the Cloud
Softlayer began in 2005 and was acquired by IBM in 2013. It provides cloud computing infrastructure including IaaS, PaaS and SaaS. Rendering animation requires huge computing resources and time. Rendering a single animated film can require 300+ artists, 17,000+ CPU cores, 75 million CPU hours and 500 million digital files. Keeping resources on-premises to render films can cost millions whereas cloud infrastructure from Softlayer provides scalable resources more cost effectively. While security and cost concerns still hold the media industry back from fully adopting the cloud, its popularity for rendering is projected to grow to 88% within a year and 60% within 5 years.
“Trends in Neural Network Topologies for Vision at the Edge,” a Presentation ...
“Trends in Neural Network Topologies for Vision at the Edge,” a Presentation ...Edge AI and Vision Alliance
For the full video of this presentation, please visit:
https://www.edge-ai-vision.com/2020/12/trends-in-neural-network-topologies-for-vision-at-the-edge-a-presentation-from-synopsys/
For more information about edge AI and computer vision, please visit:
https://www.edge-ai-vision.com
Pierre Paulin, Director of R&D for Embedded Vision at Synopsys, presents the “Trends in Neural Network Topologies for Vision at the Edge” tutorial at the September 2020 Embedded Vision Summit.
The widespread adoption of deep neural networks (DNNs) in embedded vision applications has increased the importance of creating DNN topologies that maximize accuracy while minimizing computation and memory requirements. This has led to accelerated innovation in DNN topologies.
In this talk, Paulin summarizes the key trends in neural network topologies for embedded vision applications, highlighting techniques employed by widely used networks such as EfficientNet and MobileNet to boost both accuracy and efficiency. He also touches on other optimization methods—such as pruning, compression and layer fusion—that developers can use to further reduce the memory and computation demands of modern DNNs.Cit bip v3_7.17_ally_house
This document summarizes the results of a Proof of Concept (POC) evaluation of Turbonomic conducted from February to May 2018. Key findings of the POC include:
- Turbonomic identified 941 decisions to improve end user experience and prevent performance issues, removing risks in real time.
- It identified that 64% of CIT's infrastructure was at risk of failing to meet quality of service (QoS) standards.
- Turbonomic's decisions supported applying Spectre patches without additional hardware in VDI environments.
- Over 1,800 decisions were made to improve resource utilization by 58% and drive $4.6 million in infrastructure cost savings by 2021.
Fast, Scalable Quantized Neural Network Inference on FPGAs with FINN and Logi...
This document provides a summary of a presentation about quantized neural network inference on FPGAs using FINN and LogicNets. It discusses:
- Xilinx Research Labs in Dublin and their work quantifying machine learning applications on Xilinx devices.
- How neural network quantization can improve efficiency by reducing precision while trading off accuracy, and how this is well-suited for FPGAs.
- The FINN toolflow which includes quantization-aware training in PyTorch with Brevitas, the FINN compiler to map networks to hardware, and deployment with PYNQ.
- LogicNets which further improves efficiency by unfolding DNNs into fully pipelined datapath circuits for
Encoding at Scale for Live Video Streaming
Many of today’s live video encoding solutions require extensive compute resources, limiting the ability of live streaming business models to economically scale. This session, presented at Streaming Media West 2018, will introduce a new real-time video encoding solution, combining the performance of System-on-Chip (SoC) encoding, with innovations from NVMe-based cloud infrastructure, which together provides an economical and high quality solution to deliver encoding at scale for live video streaming.
“Vitis and Vitis AI: Application Acceleration from Cloud to Edge,” a Presenta...
“Vitis and Vitis AI: Application Acceleration from Cloud to Edge,” a Presenta...Edge AI and Vision Alliance
For the full video of this presentation, please visit:
https://www.edge-ai-vision.com/2020/12/vitis-and-vitis-ai-application-acceleration-from-cloud-to-edge-a-presentation-from-xilinx/
For more information about edge AI and computer vision, please visit:
https://www.edge-ai-vision.com
Vinod Kathail, Fellow and Chief Architect at Xilinx, presents the “Vitis and Vitis AI: Application Acceleration from Cloud to Edge” tutorial at the September 2020 Embedded Vision Summit.
Xilinx SoCs and FPGAs provide significant advantages in throughput, latency, and energy efficiency for production deployments of compute-intensive applications when compared to CPUs and GPUs. Over the last decade, FPGAs have evolved into highly configurable devices that provide on-chip heterogeneous multi-core CPUs, domain-specific programmable accelerators and “any-to-any” interface connectivity.
Today, the Xilinx Vitis Unified Software Platform supports high-level programming in C, C++, OpenCL, and Python, enabling developers to build and seamlessly deploy applications on Xilinx platforms including Alveo cards, FPGA instances in the cloud, and embedded devices. Moreover, Vitis enables the acceleration of large-scale data processing and machine learning applications using familiar high-level frameworks, such as TensorFlow and SPARK. This presentation provides an overview of the Vitis Software platform and the accelerated Vitis Vision Library, which enables customizable functions such as image signal processing, adaptable AI inference, 3D reconstruction and motion analysis.VDI-POC
This document proposes a proof of concept for a virtual desktop infrastructure (VDI) using thin clients. It involves using HP thin/zero clients connected to a backend server environment running VMware and Citrix. The goals are to increase flexibility, availability, and extend the life of existing PCs by moving computing resources to a centralized server. A 2-person team will demo connecting thin clients and older PCs to pooled or dedicated virtual machines to prove the viability of the concept.
Uncover the Root Cause of Kafka Performance Anomalies, Daniel Kim & Antón Rod...
Kafka makes it possible to ingest and process large amounts of data concurrently by decoupling your data streams. This successful approach introduces some challenges when monitoring Kafka pipelines - to understand what’s happening, we need to monitor every single component and how they interact with each other.
In this talk, we will take a close look at Kafka’s architecture as well as the key infrastructure, JVM, and system metrics you should monitor for each of its components. Then, we will walk through how to diagnose common Kafka performance anomalies through observing patterns in the metrics for the various components. Finally, we will walk through setting up an open source observability pipeline with OpenTelemetry to enable you to collect and process Kafka metrics at scale.
Boost performance and provide strong end-user unified communications experien...
Boost performance and provide strong end-user unified communications experien...Principled Technologies
An HP Elite t655 Thin Client powered by an AMD Ryzen™ Embedded R2314 processor outperformed an Intel Pentium Silver N6005 processor-powered Dell OptiPlex 3000 Thin Client and delivered quality Microsoft Teams and Zoom experiences for end users in Citrix, VMware, and Windows 365 VDI environmentsIntroduction to Software Defined Visualization (SDVis)
This document provides an overview of Intel's Software Defined Visualization (SDVis) initiative and updates on its current status. SDVis aims to enable scalable, flexible visualization that can run on a variety of systems from laptops to large clusters. It utilizes several open source libraries developed by Intel including Embree for ray tracing, OSPRay as a rendering engine, and OpenSWR for rasterization. The document discusses how SDVis addresses challenges of large-scale, high performance visualization. It provides examples of scientific visualization projects using SDVis and performance comparisons of Embree and OSPRay to GPU-based solutions. In addition, the document outlines several active integrations of SDVis technologies in visualization software including ParaView and
Citrix Desktop Master Class – New in XA/XD 7.9, Skype for Business, HDX Raspb...
Recording: https://www.youtube.com/watch?v=B2f_GbelkFs
Join technology experts Lee Bushen and Patrick Irwin as they unpack the latest XenApp & XenDesktop news from Citrix Synergy 2016 with a special focus on Skype for Business.
- What’s New in XenApp & XenDesktop 7.9?
- Spotlight on Skype for Business Optimization, co-development with Microsoft
- What do the Microsoft partnership announcements from Synergy mean to you? Get the lowdown from Nabeel Youakim.
- Fancy some Raspberry Pi? ViewSonic talk about their revolutionary $99 Thin Client
“State-of-the-art Model Quantization and Optimization for Efficient Edge AI,”...
“State-of-the-art Model Quantization and Optimization for Efficient Edge AI,”...Edge AI and Vision Alliance
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2023/06/state-of-the-art-model-quantization-and-optimization-for-efficient-edge-ai-a-presentation-from-deepx/
Hyunjin Kim, Senior Staff Engineer at DEEPX, presents the “State-of-the-art Model Quantization and Optimization for Efficient Edge AI” tutorial at the May 2023 Embedded Vision Summit.
Extremely efficient edge AI requires more than efficient processors; it also requires tools capable of generating superefficient software. In this talk, Kim explains and demonstrates how DEEPX’s DXNN SDK utilizes state-of-the-art optimization techniques to generate extremely efficient, accurate code for DEEPX’s new M1 neural processor.
Kim begins by describing how the DXNN SDK uses hardware-aware, selective quantization to maintain high accuracy while achieving efficient DNN implementations. Next, he explains how the SDK maps DNN layer operations into processor micro-operations to provide both efficiency and flexibility. Kim also shows how the DEEPX SDK conserves memory by utilizing tiling, layer fusion and feature reuse. Finally, he illustrates the ease of use of the SDK by demonstrating the use of the DXNN SDK to implement a state-of-the-art model on the M1 NPU.Novosco: Citrix tips and best practices
Novosco Citrix CTP, George Spiers, provides some tips and best practices to get the most out of your Citrix solution.
“Vision and AI DSPs for Ultra-High-End and Always-On Applications,” a Present...
“Vision and AI DSPs for Ultra-High-End and Always-On Applications,” a Present...Edge AI and Vision Alliance
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2021/07/vision-and-ai-dsps-for-ultra-high-end-and-always-on-applications-a-presentation-from-cadence/
Pulin Desai, Product Marketing Group Director at Cadence Design Systems, presents the “Vision and AI DSPs for Ultra-High-End and Always-On Applications” tutorial at the May 2021 Embedded Vision Summit.
The number and resolution of image sensors continue to increase in mobile, AR/VR, automotive, drone, mobile, and robotics platforms, which also use a mix of other types of sensors in addition to image sensors. Getting the most from these sensors requires highly programmable, high-performance and low-power vision and AI DSPs. The market also needs different performance points to address various use cases. This presentation highlights trends in these markets and provides an architecture and software overview of the latest additions to the Tensilica Vision and AI DSP product line.Citrix Portfolio Updates
4th PLCUG meeting in Warsaw ,30th of October. Session by Sebastian Kisiel talking about new products in Citrix portfolio
“Efficient Video Perception Through AI,” a Presentation from Qualcomm
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2021/07/efficient-video-perception-through-ai-a-presentation-from-qualcomm/
Fatih Porikli, Senior Director of Technology at Qualcomm, presents the “Efficient Video Perception Through AI” tutorial at the May 2021 Embedded Vision Summit.
Video data is abundant and being generated at ever-increasing rates. Analyzing video with AI can provide valuable insights and capabilities for many applications ranging from autonomous driving and smart cameras to smartphones and extended reality. However, as video resolution and frame rates increase while AI video perception models become more complex, running these workloads in real-time is becoming more challenging. This presentation explores the latest research that is enabling efficient video perception while maintaining neural network model accuracy.
XDF18: Heterogeneous Real-Time SoC Software Architecture - Stefano Stabellini...
XDF18: Heterogeneous Real-Time SoC Software Architecture - Stefano Stabellini...The Linux Foundation
Hypervisors are key to enable mixed-criticality systems: a critical workload, typically with real-time requirements, running alongside a larger operating system, such as Linux. The interrupt latency needs to be deterministic, and the boot time of the critical function only a fraction of a second. Hypervisors are also the enabling technology to securely deploy new customers apps at runtime, without affecting system safety.
This presentation will give an overview of hypervisor technologies for Xilinx platforms. It will introduce the most recent developments of the Xen hypervisor, including the "null" scheduler and dom0less, and it will explain how to make use of the new features to best configure Xen for embedded environments.Luca Relandini - Microservices and containers networking: Contiv, deep dive a...
Contiv provides a higher level of networking abstraction for microservices: it provides built-in service discovery and service routing for scale out services, working with schedulers like Docker Swarm, Kubernetes, Mesos and Openshift. A powerful policy-based management that makes networking on large scale easy. We will see some code examples, use cases and an easy tutorial on the web. This session is a follow up to the successful sessions at Codemotion Rome and Amsterdam in 2016: we'll go deeper into the architecture and the use cases.
Dcp
The document discusses Digital Cinema Packages (DCPs) which are used to store and convey digital cinema audio, image, and data streams. It describes the components and file structure of a DCP including image and audio files stored in MXF format, an asset map file, composition playlist file, packing list file, and volume index file if stored across multiple mediums. It also discusses 3D DCPs, the encryption process, delivery methods, tools for DCP and KDM creation, and tips for independent filmmakers to create their own DCPs.
HDX 3D
HDX 3D is a Citrix technology that allows 3D graphics applications to be virtualized by streaming graphics data instead of individual images. The document provides guidance on setting up NAT and WAN emulation
Similar to Xen Cache Coloring: Interference-Free Real-Time System (20)
“Trends in Neural Network Topologies for Vision at the Edge,” a Presentation ...
“Trends in Neural Network Topologies for Vision at the Edge,” a Presentation ...
Fast, Scalable Quantized Neural Network Inference on FPGAs with FINN and Logi...
Fast, Scalable Quantized Neural Network Inference on FPGAs with FINN and Logi...
“Vitis and Vitis AI: Application Acceleration from Cloud to Edge,” a Presenta...
“Vitis and Vitis AI: Application Acceleration from Cloud to Edge,” a Presenta...
Uncover the Root Cause of Kafka Performance Anomalies, Daniel Kim & Antón Rod...
Uncover the Root Cause of Kafka Performance Anomalies, Daniel Kim & Antón Rod...
Boost performance and provide strong end-user unified communications experien...
Boost performance and provide strong end-user unified communications experien...
Introduction to Software Defined Visualization (SDVis)
Introduction to Software Defined Visualization (SDVis)
Citrix Desktop Master Class – New in XA/XD 7.9, Skype for Business, HDX Raspb...
Citrix Desktop Master Class – New in XA/XD 7.9, Skype for Business, HDX Raspb...
“State-of-the-art Model Quantization and Optimization for Efficient Edge AI,”...
“State-of-the-art Model Quantization and Optimization for Efficient Edge AI,”...
“Vision and AI DSPs for Ultra-High-End and Always-On Applications,” a Present...
“Vision and AI DSPs for Ultra-High-End and Always-On Applications,” a Present...
“Efficient Video Perception Through AI,” a Presentation from Qualcomm
“Efficient Video Perception Through AI,” a Presentation from Qualcomm
XDF18: Heterogeneous Real-Time SoC Software Architecture - Stefano Stabellini...
XDF18: Heterogeneous Real-Time SoC Software Architecture - Stefano Stabellini...
Luca Relandini - Microservices and containers networking: Contiv, deep dive a...
Luca Relandini - Microservices and containers networking: Contiv, deep dive a...
More from Stefano Stabellini
Xen Safety Embedded OSS Summit April 2024 v4.pdf
Slides of the Xen Safety presentation at Embedded Open Source Summit 2024 in Seattle
System Device Tree and Lopper: Concrete Examples - ELC NA 2022
System Device Tree is an extension to Device Tree to describe all the hardware on an SoC, including heterogeneous CPU clusters and secure resources not typically visible to an Operating System like Linux. This full view allows the System Device Tree to be the "One true source" of the entire hardware description and helps to prevent the common (and hard-to-debug) problem of conflicting resources and system consistency. Lopper is an Open Source framework to parse and manipulate System Device Tree. With Lopper, it is possible to generate multiple traditional Device Trees from a single larger System Device Tree. This presentation will provide an overview of System Device Tree and will discuss the latest updates of the specification and tooling. The talk will illustrate multiple use-cases for System Device Tree with concrete examples, such as Linux running on the more powerful CPU cluster and Zephyr running on a smaller Cortex-R cluster. It will also show how to use Lopper to generate multiple traditional Device Trees targeting different OSes, not just Linux but also Zephyr/other RTOSes. Finally, an end-to-end demo based on Yocto to build a complete heterogeneous system with multiple OSes and RTOSes running on different clusters on a single reference board will be shown.
ELC21: VM-to-VM Communication Mechanisms for Embedded
Static partitioning is becoming increasingly common in embedded. A static hypervisor, such as Xen dom0less, is employed to split the hardware resources into multiple domains and run a different OS in each domain. For instance, Linux and Zephyr. Only the simplest static partitioning configurations don't involve any data exchanges between the domains. Often, communication and data exchanges between two or more environments are required to complete the data processing pipeline that implements the target application. However, the VM-to-VM communication mechanisms available in static partitioning configurations are typically more limited compared to general-purpose hypervisors. For example, PV drivers are not available to Xen dom0less domains. This presentation will discuss the need for communication in static partitioning setups and it will present the technical challenges involved in getting traditional communication methods to work, including Xen PV drivers and VirtIO. The talk will also provide simpler alternatives based on shared memory and interrupt notifications to set up domain-to-domain data streams: simpler techniques that are easily exploitable both by Linux and by tiny baremetal applications as well.
RunX ELCE 2020
RunX is a new OCI-compatible containers runtime that starts containers as Xen virtual machines (VMs). It is written to be very simple with minimal overhead and supports real-time capabilities, accelerators, and secure defaults. RunX is a new project under the Linux Foundation Edge umbrella and is open to contributions from the start. It uses a minimal Linux kernel and Busybox-based ramdisk to boot regular containers as VMs within a pristine container environment using tiny micro-VMs optimized for embedded systems. RunX implementations choices include being easy to build and run with minimal dependencies and not requiring in-guest agents to reduce overhead.
RunX: deploy real-time OSes as containers at the edge
Containers are incredibly convenient to package applications and deploy them quickly across the data center.
This talk will introduce RunX, a new project under LF Edge that aims at bringing containers to the edge with extra benefits. At the core, RunX is an OCI-compatible container runtime to run software packaged as containers as Xen micro-VMs. RunX allows traditional containers to be executed with a minimal overhead as virtual machines, providing additional isolation and real-time support.
It also introduces new types of containers designed with edge and embedded deployments in mind. RunX enables RTOSes, and baremetal apps to be packaged as containers, delivered to the target using the powerful containers infrastructure, and deployed at runtime as Xen micro-VMs. Physical resources can be dynamically assigned to them, such as accelerators and FPGA blocks.
This presentation will go through the architecture of RunX and the new deployment scenarios it enables. It will provide an overview of the integration with Yocto Project via the meta-virtualization layer and describe how to build a complete system with Xen and RunX.
The presentation will come with a live demo on embedded hardware.
System Device Tree update: Bus Firewalls and Lopper
System Device Tree & Lopper
The document discusses using a System Device Tree (S-DT) and the open source Lopper tool to simplify hardware resource allocation and configuration across multiple operating systems and firmware. An S-DT describes all hardware resources that can later be divided into partitions or domains. Lopper takes an S-DT as input, prunes it to generate traditional device trees for each domain, and handles address mapping and other transformations. The document outlines ongoing work to specify shared resource allocation, bus firewall configuration, and integration with RemoteProc in the S-DT to further standardize the process.
Xen and the art of embedded virtualization (ELC 2017)
Hypervisors are becoming more and more widespread in embedded environments, from automotive to medical and avionics. Their use case is different from traditional server and desktop virtualization, and so are their requirements. This talk will explain why hypervisors are used in embedded, and the unique challenges posed by these environments to virtualization technologies.
Xen, a popular open source hypervisor, was born to virtualize x86 Linux systems for the data center. It is now the leading open source hypervisor for ARM embedded platforms. The presentation will show how the ARM port of Xen differs from its x86 counterpart. It will go through the fundamental design decisions that made Xen a good choice for ARM embedded virtualization. The talk will explain the implementation of key features such as device assignment and interrupt virtualization.
Xen Project for ARM Servers
Xen is an open-source type-1 hypervisor that has been ported to run on ARM architecture. The port started in 2011 and ARM Holdings joined the Xen Project in 2013. Xen has a small code base, strong security features, and powers many large cloud computing installations. It is widely used in Linux distributions for ARM64 systems.
Xen and OpenStack
The document discusses efforts to improve Xen as a hypervisor for OpenStack. It notes goals of making Xen a good platform for OpenStack production and development. In January 2015, Xen via Libvirt was in group C of the OpenStack integration classification, with no automated testing working. By June 2015, significant progress had been made, with Xen via Libvirt reaching group B, all Tempest tests passing on the latest OpenStack and libvirt trees. The Xen Project now has an OpenStack CI loop for automated testing with voting rights. Instructions are provided for deploying OpenStack on Xen using DevStack.
XDS15: Project Raisin
As part of the process of building Xen, the current build system clones multiple external git trees and compile them. For example Seabios and QEMU are imported using this mechanism. The process is unfriendly to Linux distributions, which have the requirement of building each component just once, and is unfriendly to users, who often find it confusing and inflexible. A new tool was created to solve this problem.
This talk will introduce Raisin: a source distribution system for the Xen Project. Raisin offers a generic framework to deploy any Xen related projects from source. Currently it supports QEMU, SeaBIOS, OVMF, Linux, Libvirt and blktap, but is very easy to extend. Raisin also helps developers by providing quick validation tests that can be run against local changes.
The presentation will explain the goals of the project, the current status, and the best ways to use it.
OpenStack and Xen
This document discusses using Xen as the hypervisor for OpenStack. It notes that Xen is a small, open source type-1 hypervisor that currently powers over 50% of public cloud infrastructure. The goals are to make Xen a great platform for OpenStack production and development by getting it to group A status within OpenStack within 1 year. It describes installing Ubuntu, Xen, and Devstack to deploy OpenStack on Xen and fixing bugs encountered along the way, including two Xen bugs in Nova and one in Libvirt. Current status is that everything works out of the box with the latest OpenStack and Libvirt using Xen.
More from Stefano Stabellini (11)
System Device Tree and Lopper: Concrete Examples - ELC NA 2022
System Device Tree and Lopper: Concrete Examples - ELC NA 2022
ELC21: VM-to-VM Communication Mechanisms for Embedded
ELC21: VM-to-VM Communication Mechanisms for Embedded
RunX: deploy real-time OSes as containers at the edge
RunX: deploy real-time OSes as containers at the edge
System Device Tree update: Bus Firewalls and Lopper
System Device Tree update: Bus Firewalls and Lopper
Xen and the art of embedded virtualization (ELC 2017)
Xen and the art of embedded virtualization (ELC 2017)
Recently uploaded
GreenCode-A-VSCode-Plugin--Dario-Jurisic
Presentation about a VSCode plugin from Dario Jurisic at the GSD Community Stage meetup
ALGIT - Assembly Line for Green IT - Numbers, Data, Facts
Presentation from Ghazal Aakel and Eric Jochum at the GSD Community Stage Meetup on June 6th, 2024
Malibou Pitch Deck For Its €3M Seed Round
French start-up Malibou raised a €3 million Seed Round to develop its payroll and human resources
management platform for VSEs and SMEs. The financing round was led by investors Breega, Y Combinator, and FCVC.
E-Invoicing Implementation: A Step-by-Step Guide for Saudi Arabian Companies
Explore the seamless transition to e-invoicing with this comprehensive guide tailored for Saudi Arabian businesses. Navigate the process effortlessly with step-by-step instructions designed to streamline implementation and enhance efficiency.
E-commerce Development Services- Hornet Dynamics
For any business hoping to succeed in the digital age, having a strong online presence is crucial. We offer Ecommerce Development Services that are customized according to your business requirements and client preferences, enabling you to create a dynamic, safe, and user-friendly online store.
Enums On Steroids - let's look at sealed classes !
These are slides for my session"Enums On Steroids - let's look at sealed classes !" - delivered among others, on Devoxx UK 2024 conference
UI5con 2024 - Bring Your Own Design System
How do you combine the OpenUI5/SAPUI5 programming model with a design system that makes its controls available as Web Components? Since OpenUI5/SAPUI5 1.120, the framework supports the integration of any Web Components. This makes it possible, for example, to natively embed own Web Components of your design system which are created with Stencil. The integration embeds the Web Components in a way that they can be used naturally in XMLViews, like with standard UI5 controls, and can be bound with data binding. Learn how you can also make use of the Web Components base class in OpenUI5/SAPUI5 to also integrate your Web Components and get inspired by the solution to generate a custom UI5 library providing the Web Components control wrappers for the native ones.
How to write a program in any programming language
How to write a program in any programming language
一比一原版(USF毕业证)旧金山大学毕业证如何办理
USF硕士毕业证成绩单【微信95270640】一比一伪造旧金山大学文凭@假冒USF毕业证成绩单+Q微信95270640办理USF学位证书@仿造USF毕业文凭证书@购买旧金山大学毕业证成绩单USF真实使馆认证/真实留信认证回国人员证明
#一整套旧金山大学文凭证件办理#—包含旧金山大学旧金山大学本科毕业证成绩单学历认证|使馆认证|归国人员证明|教育部认证|留信网认证永远存档教育部学历学位认证查询办理国外文凭国外学历学位认证#我们提供全套办理服务。
一整套留学文凭证件服务:
一:旧金山大学旧金山大学本科毕业证成绩单毕业证 #成绩单等全套材料从防伪到印刷水印底纹到钢印烫金
二:真实使馆认证(留学人员回国证明)使馆存档
三:真实教育部认证教育部存档教育部留服网站永久可查
四:留信认证留学生信息网站永久可查
国外毕业证学位证成绩单办理方法:
1客户提供办理旧金山大学旧金山大学本科毕业证成绩单信息:姓名生日专业学位毕业时间等(如信息不确定可以咨询顾问:我们有专业老师帮你查询);
2开始安排制作毕业证成绩单电子图;
3毕业证成绩单电子版做好以后发送给您确认;
4毕业证成绩单电子版您确认信息无误之后安排制作成品;
5成品做好拍照或者视频给您确认;
6快递给客户(国内顺丰国外DHLUPS等快读邮寄)。
教育部文凭学历认证认证的用途:
如果您计划在国内发展那么办理国内教育部认证是必不可少的。事业性用人单位如银行国企公务员在您应聘时都会需要您提供这个认证。其他私营 #外企企业无需提供!办理教育部认证所需资料众多且烦琐所有材料您都必须提供原件我们凭借丰富的经验帮您快速整合材料让您少走弯路。
实体公司专业为您服务如有需要请联系我: 微信95270640奈一次次令他失望山娃今年岁上五年级识得很多字从走出小屋开始山娃就知道父亲的家和工地共有一个很动听的名字——天河工地的底层空空荡荡很宽阔很凉爽在地上铺上报纸和水泥袋父亲和工人们中午全睡在地上地面坑坑洼洼山娃曾多次绊倒过也曾有长铁钉穿透凉鞋刺在脚板上但山娃不怕工地上也常有五六个从乡下来的小学生他们的父母亲也是高楼上的建筑工人小伙伴来自不同省份都操着带有浓重口音的普通话可不知为啥山娃不仅很快与他们熟识了
What next after learning python programming basics
What next after learning python programming basics
Hand Rolled Applicative
User Validation
Code Kata
Could you use a simple piece of Scala validation code (granted, a very simplistic one too!) that you can rewrite, now and again, to refresh your basic understanding of Applicative operators <*>, <*, *>?
The goal is not to write perfect code showcasing validation, but rather, to provide a small, rough-and ready exercise to reinforce your muscle-memory.
Despite its grandiose-sounding title, this deck consists of just three slides showing the Scala 3 code to be rewritten whenever the details of the operators begin to fade away.
The code is my rough and ready translation of a Haskell user-validation program found in a book called Finding Success (and Failure) in Haskell - Fall in love with applicative functors.
All you need to know about Spring Boot and GraalVM
All you need to know about Spring Boot and GraalVM 🐰
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
原版一模一样【微信:741003700 】【美国纽约州立大学奥尔巴尼分校毕业证学位证书】【微信:741003700 】学位证,留信认证(真实可查,永久存档)offer、雅思、外壳等材料/诚信可靠,可直接看成品样本,帮您解决无法毕业带来的各种难题!外壳,原版制作,诚信可靠,可直接看成品样本。行业标杆!精益求精,诚心合作,真诚制作!多年品质 ,按需精细制作,24小时接单,全套进口原装设备。十五年致力于帮助留学生解决难题,包您满意。
本公司拥有海外各大学样板无数,能完美还原海外各大学 Bachelor Diploma degree, Master Degree Diploma
1:1完美还原海外各大学毕业材料上的工艺:水印,阴影底纹,钢印LOGO烫金烫银,LOGO烫金烫银复合重叠。文字图案浮雕、激光镭射、紫外荧光、温感、复印防伪等防伪工艺。材料咨询办理、认证咨询办理请加学历顾问Q/微741003700
留信网认证的作用:
1:该专业认证可证明留学生真实身份
2:同时对留学生所学专业登记给予评定
3:国家专业人才认证中心颁发入库证书
4:这个认证书并且可以归档倒地方
5:凡事获得留信网入网的信息将会逐步更新到个人身份内,将在公安局网内查询个人身份证信息后,同步读取人才网入库信息
6:个人职称评审加20分
7:个人信誉贷款加10分
8:在国家人才网主办的国家网络招聘大会中纳入资料,供国家高端企业选择人才
Everything You Need to Know About X-Sign: The eSign Functionality of XfilesPr...
Wondering how X-Sign gained popularity in a quick time span? This eSign functionality of XfilesPro DocuPrime has many advancements to offer for Salesforce users. Explore them now!
8 Best Automated Android App Testing Tool and Framework in 2024.pdf
Regarding mobile operating systems, two major players dominate our thoughts: Android and iPhone. With Android leading the market, software development companies are focused on delivering apps compatible with this OS. Ensuring an app's functionality across various Android devices, OS versions, and hardware specifications is critical, making Android app testing essential.
WWDC 2024 Keynote Review: For CocoaCoders Austin
Overview of WWDC 2024 Keynote Address.
Covers: Apple Intelligence, iOS18, macOS Sequoia, iPadOS, watchOS, visionOS, and Apple TV+.
Understandable dialogue on Apple TV+
On-device app controlling AI.
Access to ChatGPT with a guest appearance by Chief Data Thief Sam Altman!
App Locking! iPhone Mirroring! And a Calculator!!
Fundamentals of Programming and Language Processors
Fundamentals of Programming and Language Processors
一比一原版(UMN毕业证)明尼苏达大学毕业证如何办理
UMN硕士毕业证成绩单【微信95270640】购买(明尼苏达大学毕业证成绩单硕士学历)Q微信95270640代办UMN学历认证留信网伪造明尼苏达大学学位证书精仿明尼苏达大学本科/硕士文凭证书补办明尼苏达大学 diplomaoffer,Transcript购买明尼苏达大学毕业证成绩单购买UMN假毕业证学位证书购买伪造明尼苏达大学文凭证书学位证书,专业办理雅思、托福成绩单,学生ID卡,在读证明,海外各大学offer录取通知书,毕业证书,成绩单,文凭等材料:1:1完美还原毕业证、offer录取通知书、学生卡等各种在读或毕业材料的防伪工艺(包括 烫金、烫银、钢印、底纹、凹凸版、水印、防伪光标、热敏防伪、文字图案浮雕,激光镭射,紫外荧光,温感光标)学校原版上有的工艺我们一样不会少,不论是老版本还是最新版本,都能保证最高程度还原,力争完美以求让所有同学都能享受到完美的品质服务。
#毕业证成绩单 #毕业証 #成绩单 #學生卡 #OFFER录取通知书 #雅思#托福等……
国外大学明尼苏达大学明尼苏达大学毕业证offer制作方法(一对一专业服务)
1客户提供办理信息:姓名生日专业学位毕业时间等(如信息不确定可以咨询顾问:我们有专业老师帮你查询);
2开始安排制作毕业证成绩单电子图;
3毕业证成绩单电子版做好以后发送给您确认;
4毕业证成绩单电子版您确认信息无误之后安排制作成品;
5成品做好拍照或者视频给您确认;
6快递给客户(国内顺丰国外DHLUPS等快读邮寄)
— — 制作工艺 【高仿真】— —
凭借多年的制作经验本公司制作明尼苏达大学明尼苏达大学毕业证offer《激光》《水印》《钢印》《烫金》《紫外线》凹凸版uv版等防伪技术一流高精仿度几乎跟学校100%相同!让您绝对满意。
— — -公司理念 【诚信为主】— — —
我們以質量求生存.以服务求发展有雄厚的实力专业的团队咨询顾问为您细心解答可详谈是真是假眼见为实让您真正放心平凡人生,尽我所能助您一臂之力让我們携手圆您梦想!
此贴长年有效【贴心专线/微-信: 95270640】敬请保留此联系方式以备用!如有不在线请给我们留言!我们将在第一时间给您回复!上散发着一抹抹的光晕而这每处自然形成的细节融合在一起浑然天成的美实在令人心生愉悦小道的周边无秩序的生长着几株艳丽的野花红的粉的紫的虽混乱无章却给这幅美景更增添一份性感夹杂着一份纯洁的妖娆毫无违和感实在给人带来一份悠然幸福的心情如果说现在的审美已经断然拒绝了无声的话那么在树林间飞掠而过的小鸟叽叽咋咋的叫声是否就是这最后的点睛之笔悠然走在林间的小路上宁静与清香一丝丝的盛夏气息吸入身体昔日生活里的繁忙多
Recently uploaded (20)
ALGIT - Assembly Line for Green IT - Numbers, Data, Facts
ALGIT - Assembly Line for Green IT - Numbers, Data, Facts
E-Invoicing Implementation: A Step-by-Step Guide for Saudi Arabian Companies
E-Invoicing Implementation: A Step-by-Step Guide for Saudi Arabian Companies
Enums On Steroids - let's look at sealed classes !
Enums On Steroids - let's look at sealed classes !
How to write a program in any programming language
How to write a program in any programming language
What next after learning python programming basics
What next after learning python programming basics
All you need to know about Spring Boot and GraalVM
All you need to know about Spring Boot and GraalVM
Everything You Need to Know About X-Sign: The eSign Functionality of XfilesPr...
Everything You Need to Know About X-Sign: The eSign Functionality of XfilesPr...
8 Best Automated Android App Testing Tool and Framework in 2024.pdf
8 Best Automated Android App Testing Tool and Framework in 2024.pdf
Fundamentals of Programming and Language Processors
Fundamentals of Programming and Language Processors
Xen Cache Coloring: Interference-Free Real-Time System
- 1. © Copyright 2020 Xilinx Xen Cache Coloring & Real-Time Stefano Stabellini Marco Solieri Luca Miccio Giulio Corradi
- 2. © Copyright 2020 Xilinx Xen in Embedded Consolidation and Componentization Isolation Security Reliability Safety Interference& Real-Time
- 3. © Copyright 2020 Xilinx Xen Schedulers CPU CPU CPU CPU
- 4. © Copyright 2020 Xilinx Xen Schedulers CPU CPU CPU CPU sched=null sched=credit vCPU vCPU vCPU vCPU vCPU vCPU vCPU vCPU vCPU vCPU
- 5. © Copyright 2020 Xilinx Xen Schedulers CPU CPU CPU CPU sched=null sched=credit vCPU vCPU vCPU vCPU vCPU vCPU vCPU vCPU vCPU vCPU
- 6. © Copyright 2020 Xilinx Xen Schedulers CPU CPU CPU CPU sched=null sched=rtds vCPU vCPU vCPU vCPU vCPU vCPU vCPU vCPU vCPU vCPU
- 7. © Copyright 2020 Xilinx Shared L2 cache L2 Core 1 Core 2 Core 3 Core 4 DDR L1 L1 L1 L1
- 8. © Copyright 2020 Xilinx Shared L2 cache L2 Core 1 Core 2 Core 3 Core 4 DDR L1 L1 L1 L1
- 9. © Copyright 2020 Xilinx Shared L2 cache L2 Core 1 Core 2 Core 3 Core 4 DDR L1 L1 L1 L1
- 10. © Copyright 2020 Xilinx Xen Cache Coloring CPUs clusters often share L2 cache Interference via L2 cache affects performance App0 running on CPU0 can cause cache entries evictions, which affect App1 running on CPU1 App1 running on CPU1 could miss a deadline due to App0’s behavior It can happen betweenApps running on the same OS & between VMs on the same hypervisor Hypervisor Solution: Cache Partitioning, AKA Cache Coloring Each VM gets its own allocation of cache entries No shared cache entries between VMs Allows real-time apps to run with deterministic IRQ latency Core 1 Core 2 Core 3 Core 4 L2 D D R
- 11. © Copyright 2020 Xilinx Colors Calculation Detect Way Size via registers via xen command line Calculate colors masks and total number of available colors Xilinx ZynqMP: way size is 65536 Order 16 -> color bitmask 0xF000 -> 16 colors D D R
- 12. © Copyright 2020 Xilinx Colored Allocation New colored memory allocator In alternative to Buddy Pages are stored by color in separate lists Can be used for Xen memory as well as Domain memory
- 13. © Copyright 2020 Xilinx Coloring Configuration Xen command line Dom0-less DomUs xl domU config files way_size=65536 xen_colors=0 dom0_colors=1-6 fdt set /chosen/domU0 colors <0x0 0x80> colors=["10-11"]
- 14. © Copyright 2020 Xilinx Benchmarking Hardware: Xilinx MPSoC Workload: Bare Metal application Stress: Bare Metal application Test configuration: Measured load: 1500 sums Internal load: 8000 sums every 250us Interrupt triggered every 8ms Samples:1000 Colored configuration: Xen: ["0,1"] Motor Control DomU: ["4,7"] Stress DomU: ["8,11"] Stress2 DomU:["12,15"] Linux stress:["2,3"] Linux stress command: stress -m 1 --vm-bytes 8M --vm-stride 64 --vm-keep -t 3600 &
- 15. © Copyright 2020 Xilinx L1 vs L2 cache L1 cache can hide L2 cache interference effects in simple test scenarios Make sure not use the L1 cache by accident during the measurements
- 16. © Copyright 2020 Xilinx Benchmark #1: Motor Control Execution Time Measure the time it takes to run a typical motor control execution routine, with and without interference
- 17. © Copyright 2020 Xilinx Results No interference: results for reference Lower is better
- 18. © Copyright 2020 Xilinx Results Adding interference: Xen Coloring has the best execution time
- 19. © Copyright 2020 Xilinx Results Increasing interference: • Xen Coloring is stable • Other results worsen
- 20. © Copyright 2020 Xilinx Results Increasing interference again: • Xen Coloring is stable • Other results worsen still
- 21. © Copyright 2020 Xilinx Results Comparing Xen vs. Xen Colored Lower is better
- 22. © Copyright 2020 Xilinx Benchmark #2: interrupt response time Measure the difference between the time when the interrupt service routine runs and the time the interrupt is set to fire, with and without interference Timer in Programmable Logic
- 23. © Copyright 2020 Xilinx Results No interference: results for reference Lower is better
- 24. © Copyright 2020 Xilinx Results Adding interference: • Xen without Coloring worsen • Xen Coloring is stable
- 25. © Copyright 2020 Xilinx Results Adding more interference: • Xen without Coloring worsen again • Xen Coloring is stable
- 26. © Copyright 2020 Xilinx Results Adding even more interference: • Xen without Coloring worsen still • Xen Coloring is stable
- 27. © Copyright 2020 Xilinx Results All results together Xen Coloring provides stable IRQ latency even under severe levels of interference
- 28. © Copyright 2020 Xilinx Conclusions Xen Cache Coloring offers Much lower execution times under stress Much lower IRQ latency under stress Greatly improves Determinism -- measurements have far lower variance Xen Cache Coloring effectively reduces the effects of cache interference Enable deployments of real-time and non-real-time workloads on a single SoC
- 29. © Copyright 2020 Xilinx Status All patches online at: https://github.com/Xilinx/xen.git xilinx/release-2020.1 TODO Upstreaming Linux Dom0 not 1:1 mapped, i.e. PV drivers support
- 30. © Copyright 2020 Xilinx Xen Cache Coloring: Demo Xen [0] Baremetal Latency Measurements [7] Baremetal Memory Stress [10 11] Dom0 [1 2 3 4 5 6]
- 31. © Copyright 2020 Xilinx Baremetal Latency Measurements
- 32. © Copyright 2020 Xilinx Baremetal Memory Stress
- 33. © Copyright 2020 Xilinx Thank You