XCP-ng 8.2 LTS To Bring Rewritten UEFI, Core Scheduling To Fend Off Side Channel Attacks

XCP-ng as the open-source hypervisor built atop XenServer is preparing for its 8.2 LTS release while this week marked the availability of the first beta.

This XenServer-based open-source hypervisor is in the process of picking up many features for the 8.2 LTS release. There is a re-implementation of XCP-ng's UEFI support, Openflow controller access support with Xen Orchestra, experimental core scheduling, experimental storage driver support for Gluster / ZFS / XFS / CephFS, support for Intel Icelake and Comet Lake processors, and a variety of other improvements.

The core scheduling work being tackled by XCP-ng is similar to the implementations being worked on for the Linux kernel and other hypervisors. The motivation with core scheduling is for helping to mitigate side channel attacks like Spectre, Meltdown, and Fallout on processors with Hyper Threading. XCP-ng is allowing controls over the CPU/core/socket for controlling whether untrusted VMs share a physical core or not as part of their vCPU configuration. Xen Orchestra in turn will offer user-interface controls for easily managing the core scheduling behavior.

More details on the XCP-ng 8.2 LTS beta release via XCP-ng.org.