Intel's Cloud-Hypervisor 20 Released With CPU Pinning, Replacing Unsafe Rust Code
The Intel-led open-source Cloud-Hypervisor project that provides a VMM focused on cloud workloads and supports interfacing with Linux's KVM and Windows' MSHV is out with a big feature update. Cloud-Hypervisor is also the project that is known for its use of the Rust programming language and built in part off Rust-VMM.
Cloud-Hypervisor 20.0 marks another step forward for this open-source project that is worked on not only by Intel but also contributions from Microsoft, Arm, and others. It also leverages CrosVM code from Google, among others. With Cloud-Hypervisor 20.0 there are more features in tow, continued emphasis on security, and various fixes.
Cloud-Hypervisor 20.0 introduces support for multiple PCI segments and no longer limits it to 31 devices (now up to a potential 496 PCI devices) and support for CPU pinning by specifying which CPU(s) a particular VM can run on, for either security reasons or wanting to have precise mapping of resources or limiting to specific NUMA node(s). There is also improved VFIO support with Cloud-Hypervisor 20 that can result in performance improvements for pass-through devices.
While Rust code is generally promoted for its security mindness relative to other languages, it's still possible to write potentially unsafe Rust code. With Cloud-Hypervisor 20.0 some of the Rust code was improved upon -- including the replacing of some sections of the code that were deemed potentially unsafe. Some documentation/guidance was also added for users over other sections that could be potentially unsafe.
This release also has several bug fixes. The full list of changes for Cloud-Hypervisor 20.0 along with downloads for Linux and Windows via GitHub.
Cloud-Hypervisor 20.0 marks another step forward for this open-source project that is worked on not only by Intel but also contributions from Microsoft, Arm, and others. It also leverages CrosVM code from Google, among others. With Cloud-Hypervisor 20.0 there are more features in tow, continued emphasis on security, and various fixes.
Cloud-Hypervisor 20.0 introduces support for multiple PCI segments and no longer limits it to 31 devices (now up to a potential 496 PCI devices) and support for CPU pinning by specifying which CPU(s) a particular VM can run on, for either security reasons or wanting to have precise mapping of resources or limiting to specific NUMA node(s). There is also improved VFIO support with Cloud-Hypervisor 20 that can result in performance improvements for pass-through devices.
While Rust code is generally promoted for its security mindness relative to other languages, it's still possible to write potentially unsafe Rust code. With Cloud-Hypervisor 20.0 some of the Rust code was improved upon -- including the replacing of some sections of the code that were deemed potentially unsafe. Some documentation/guidance was also added for users over other sections that could be potentially unsafe.
This release also has several bug fixes. The full list of changes for Cloud-Hypervisor 20.0 along with downloads for Linux and Windows via GitHub.
2 Comments