Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
From:   Jan Kiszka <jan.kiszka@siemens.com>
Subject: [ANNOUNCE] Jailhouse 0.10 released
To:     Jailhouse <jailhouse-dev@googlegroups.com>
Cc:     Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Message-ID: <6b9ac0eb-653c-1d24-9126-6d138ed2edfd@siemens.com>
Date:   Mon, 24 Sep 2018 14:55:59 +0200
User-Agent: Mozilla/5.0 (X11; U; Linux i686 (x86_64); de; rv:1.8.1.12)
 Gecko/20080226 SUSE/2.0.0.12-1.1 Thunderbird/2.0.0.12 Mnenhy/0.7.5.666
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk

O'zapft is, so better release before going to the Wiesn: We are happy to 
announce a new version of the partitioning hypervisor Jailhouse.

There is a similar amount of changes again, though some are more fundamental, 
namely the changes around per-cpu page tables: 174 commits, 248 files changed, 
4013 insertions, 8548 deletions. The code reduction is primarily related to the 
removal of the vexpress target from CI as well as internal code reuse in the 
Python tool extension.

- Removed targets:
    - VExpress (virtual ARMv7 target)
- Cross-arch changes:
    - use per-cpu page tables to hide private information of other cells
      while running in the hypervisor (AKA generic and fast Spectre/L1TF
      mitigation)
    - support for EFI framebuffer as UART alternative
    - removal of VGA support (substituted by EFI framebuffer)
    - provide pyjailhouse module, so far as internal Python API to
      Jailhouse functionality (will be extended step-wise to public API)
    - "jailhouse hardware check" no longer requires a system config
    - inmates: convert all build-time configurations into cell configs
      and runtime parameters (AKA comm region also for ARM)
    - plug race between guest-controlled relocation of intercepted MMIO
      regions and their access
    - fix split-up of hughpages a higher addresses
    - fix write to MSI-X registers during PCI device hand-over
- ARM / ARM64:
    - basic SMCCC moderation
    - fix GICv3 registers dispatching
    - support for more than 8 CPUs with GICv3
    - fix unreliable startup on ARM64 due to missing cache flush
    - fix for printk() of long long variables
    - proper GICv2 shutdown after setup error
    - inmates: save/restore registers in interrupt handlers
- x86:
    - harden non-present mappings against L1TF
    - CPU startup fix for slower targets
    - do no trap on writes to read-only APIC LVT bits
    - inmates: report SMI counter changes in apic-demo

You can download the new release from

     https://github.com/siemens/jailhouse/archive/v0.10.tar.gz

then follow the README.md for first steps on recommended evaluation
platforms and check the tutorial session from ELC-E 2016 [1][2]. To try
out Jailhouse in a virtual environment or on a few reference boards,
there is an image generator available [3]. It will soon be updated to
the new release as well. Drop us a note on the mailing list if you run
into trouble.

What's (probably) next? First of all, we are looking forward to a couple of 
IOMMU implementations for ARM64 targets. Still on my to-do list is enabling of 
the Ultra96 board that Xilinx kindly provided (primarily a jailhouse-images 
topic, but all preconditions are finally fulfilled). And the topic of inter-cell 
communication standardization is also not forgotten. The plan is now virtio over 
share memory transports, "just" needs a prototype and virtio spec extension 
proposals.

Thanks to all the contributors and supporters!

Jan

[1] 
https://events.linuxfoundation.org/sites/events/files/slides/ELCE2016-Jailhouse-Tutorial.pdf
[2] https://youtu.be/7fiJbwmhnRw?list=PLbzoR-pLrL6pRFP6SOywVJWdEHlmQE51q
[3] https://github.com/siemens/jailhouse-images

-- 
Siemens AG, Corporate Technology, CT RDA IOT SES-DE
Corporate Competence Center Embedded Linux