ACRN has released version 0.3 (see the release notes), a new updated revision of the project with many added features and fixed bugs. The project team encourages you to learn more about ACRN and try it out, and also to join the weekly technical call.
The major new and updated features are summarized in the release notes, along with bugs fixed and known issues. These are the new features in 0.3:
High level design document: The high level design documents are completed with refreshed content, including: CPU virtualization, GPU virtualization, memory management, VM management, physical interrupt, timer management, CPU P-state and C-statke management, S3/S5 management, power management in hypervisor, static CPU core partition, VT-d design, device pass-through, device model, I/O emulation, Virtio supported devices, USB virtualization, random device virtualization, ACRN trace, ACRN log, hypervisor console.
CSME sharing support: Intel® Converged Security and Management Engine (Intel® CSME) is used to enhance the platform, OS, and application security. ACRN provides CSME sharing capability, so the system can support access to the CSME and all of its constituent subcomponents by multiple guest OS images (Linux, Android, or Clear Linux as Service OS) running concurrently on the same platform.
vHost and vHost-Net support: For upstream and performance improvement, vHost framework and vHost network are enabled to accelerate guest networking with virtio_net.
vSBL enhancement: There are multiple updates for vSBL module, for example, supporting Guest OS crash mode in vSBL debug version, and supporting ACPI customization. vSBL can get RPMB key by hypercall and pass down to boot loader
xD support: The platform supports execution disable (xD) for all virtualized operating systems.
Interrupt storm mitigation: This feature is to mitigate the risks of device interrupt storm.
ACRN compiler and linker enhancement: Setting and flags have been enabled in the compiler and linker to harden ACRN software, including stack execution protection, data relocation and protection (RELRO), stack-based buffer overrun detection, Position Independent Execution (PIE), fortify source, format string vulnerabilities.
Naming convention: MISRA-C has requirements on how identifiers are named and ISO 26262 highly recommends adopting naming conventions for products of any safety level. This release addresses those requirements.
Code reshuffle: Several modules’ codes have been clean up and reshuffled to make upstream friendly, for example, VM loader was updated to avoid involving hypervisor when passing information from Device Model to guest, MMU code was modified by referring to x86 SDM, IOC mediator reshuffled by replacing strtok function with strsep and checking snprintf return value, Virtio code updated by removing unused virtio_console_cfgwrite in virtio_console.