Xen[1] is open-source royalty. This hypervisor, which runs and manages virtual machines (VMs), powers some of the largest clouds. You know their names: Amazon Web Services (AWS)[2], Tencent[3], Alibaba Cloud[4], Oracle Cloud[5], and IBM SoftLayer[6]. It's also the foundation for VM products from Citrix, Huawei, Inspur, and Oracle. But, with the release of its latest edition, Xen Project Hypervisor 4.11[7], there are major changes under the hood.
Don't let the "4.11" fool you. This is a major update.
The 15-year-old Xen has been completely re-architected. All of its core technologies, such as x86 support, device emulation, and boot sequence, have been rewritten. The new Xen uses less code and has a smaller trusted computing base (TCB). It's also made less complex and easier to maintain. This latest update boasts both better performance and scalability. It also supports ARM architectures better than ever before.
Xen's security has also been given several major improvements. Lars Kurth, chairperson of the Xen Project Advisory Board, said in a statement, "The Xen Project community worked swiftly to address the security needs of Spectre and Meltdown[8], and continued to match its goals in adding significant features to this release."
Xen has done far more than just patch old security holes. The programmers have combined the best features of Xen paravirtualization (PV) and hardware-assisted virtualization (HVM)[9] into PVH. This simplifies the interface between operating systems with Xen Project Support and the Xen Project Hypervisor. It also reduces Xen's attack surface.
The new release also includes experimental PVH Dom0 support. When you run Xen in this mode, you lose approximately 1 million lines of QEMU