Back to home

code review dashboard

Introducing the Xen Project Code Review Dashboard
06/03/2016

The Xen Project’s code contributions have grown more than 10% each year. Although growth is extremely healthy to the project as a whole, it has its growing pains. For the Xen Project, it led to issues with its code review process: maintainers believed that their review workload increased and

Disclosure process poll results
08/23/2012

Monday we closed the poll for the security discussion. Thank you everyone who participated! The process has not turned up a hidden option that everyone agreed on; however, it has helped find what I hope will be a “median” option which best addresses the concerns and desires as the community

The Intel SYSRET privilege escalation
06/13/2012

The Xen Security team recently disclosed a vulnerability, Xen Security Advisory 7 (CVE-2012-0217), which would allow guest administrators to escalate to hypervisor-level privileges. The impact is much wider than Xen; many other operating systems seem to have the same vulnerability, including NetBSD, FreeBSD, some versions of Microsoft Windows (including Windows

Xen @ Build a Cloud Day Boston
12/22/2011

As I mentioned in the Xen Day post, Xen.org was offered a slot at the Build an Open Source Cloud Day Boston. The Build a Cloud attendees were great. They were very engaged and asked lots of questions. The questions gave me a chance to cover several Xen topics

Xen ARM Project - Did you know about this?
09/14/2009

The Xen.org community is currently working on several projects that don’t receive much attention but are critical to the overall success of the Xen hypervisor solution. For example, the Xen ARM project being led by Samsung continues to develop a Xen hypervisor solution for the ARM 9 processor

New Project added to Xen Project Page
02/02/2009

I have added information and a link to a new project on the Xen.org Project Page: Isolated Execution; project home page is http://isolated-exec.sourceforge.net/. For more information on this project, see https://xenproject.org/index.php/2008/12/12/security-through-isolation-in-xen/

Xen security research results presented
08/14/2008

Joana Rutkowska and her team presented very interesting insights on Xen security, as well as attacks against it, at this years Black Hat conference in Las Vegas. In a trilogy of talks(“Xen 0wning trilogy”), they gave information about “Subverting the Xen Hypervisor”, “Detecting and preventing the Xen hypervisor subversions”

New Security Email for Xen.org
05/05/2008

A new email has been established for anyone finding a security issue with any Xen build. Please send a detailed email of the problem to security@xen.org. This email distribution reaches a wide group of Xen community members who can immediately address the problem.