lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:   Mon, 8 Jul 2019 09:50:45 +0200
From:   Jan Kiszka <jan.kiszka@...mens.com>
To:     Jailhouse <jailhouse-dev@...glegroups.com>
Cc:     Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: [ANNOUNCE] Jailhouse 0.11 released

Long time, no release: Version 0.11 is finally available. Several last-minute
issues delayed this, though that's not a real excuse for having so many months
since the last one. Time-wise, this should have been two releases.
Changeset-wise, we are in the same dimension as usual: 140 commits, 185 files
changed, 4057 insertions, 1437 deletions.

- New targets:
   - Marvell MACCHIATObin
   - Xilinx Ultra96
   - Microsys miriac SBC-LS1046A
   - Texas Instruments AM654 IDK
- Cross-arch changes:
   - add per-CPU statistics
   - reset PCI devices already on cell shutdown
   - account for PCI devices not supporting QWORD MSI-X accesses
   - adjust driver DT overlay to latest kernels
   - fix alignment calculation for page_alloc_aligned
   - split and relicense printk core for inmates
- ARM / ARM64:
   - add Spectre v2 (CVE 2017-5715) mitigation (if firmware supports it)
   - fix SGI forwarding during jailhouse enable
   - avoid overwriting PSCI firmware on Orange Pi Zero
   - adjust qemu-arm64 config to recent QEMU versions
- x86:
   - multiple fixes for MSI injection during jailhouse enable/disable
   - fix address overflow in VT-d IR emulation
   - do not fail root cell in the presence of Intel PKE
   - various fixes and improvements of the MMIO instruction parser
   - various config generator fixes and improvements
   - more fine-grained MSR exit statistics
   - remove hlt-related latency from apic-demo
   - fix AMD inmate startup
   - add exception reporting feature to inmates
   - fix inmate stacks for SMP usage
   - enable SSE and AVX during inmate start

You can download the new release from

    https://github.com/siemens/jailhouse/archive/v0.11.tar.gz

then follow the README.md for first steps on recommended evaluation
platforms and check the tutorial session from ELC-E 2016 [1][2]. To try
out Jailhouse in a virtual environment or on a few reference boards,
there is an image generator available [3]. It will soon be updated to
the new release as well. Drop us a note on the mailing list if you run
into trouble.

The forecast of upcoming changes first of all contains some pending patches
series: IOMMUv3 is under review already, and cache coloring should see a v2
series soon as well. Then we will likely need a workaround for an APIC issue
Ralf and his group found on AMD Ryzen CPUs. That currently prevents non-root
Linux boot on those CPUs. Finally, the ivshmem device will undergo a significant
rework, patches may already be published this week. If all goes well, those
should finally allow to settle on the interface and push the related kernel
drivers upstream (network, UIO, ideally also a new virtio transport).

Thanks to all the contributors and supporters!

Jan

[1]
https://events.linuxfoundation.org/sites/events/files/slides/ELCE2016-Jailhouse-Tutorial.pdf
[2] https://youtu.be/7fiJbwmhnRw?list=PLbzoR-pLrL6pRFP6SOywVJWdEHlmQE51q
[3] https://github.com/siemens/jailhouse-images

-- 
Siemens AG, Corporate Technology, CT RDA IOT SES-DE
Corporate Competence Center Embedded Linux

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ