This event has ended. Visit the official site or create your own event on Sched.
View analytic
Wednesday, July 12 • 14:30 - 15:15
Design Discussion: Intel Features 1 - RDT & SGX Features - Yi Sun & Kai Huang, Intel

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.
This session has two parts: if we need more time, the session will continue in Intel Features 2

Part 1: Design Discussion: Intel New QoS (RDT) Features - Yi Sun
Accompanying with Cloud Services extension, more and more applications/VMs work on a single platform concurrently. This causes serious contention to shared resources (e.g. LLC, L2 Cache, Memory Bandwidth). Because of that, Intel introduces QoS (named as RDT, Resource Director Technology, now) features to monitor and control the usage of these shared resources. So far, Intel has enabled CMT/MBM for monitoring and L3 CAT/CDP for controlling on Xen. Based on successful applications of these features and new requirements from industry, Intel introduces new shared resource controlling features (e.g. L2 CAT and MBA) in its latest chips to provide ways to configure and control the usage of cache and memory bandwidth. To make more users get these features and enjoy the performance improvement, Intel is trying to push these features into Xen. The original codes of QoS only focus on implementing L3 CAT and CDP so that the extendability is not good. To make codes be more flexible, we refactor the codes to generate an extendable infrastructure so that it would be easy to add a new feature. In this discussion session, I would like to discuss the new infrastructure, RDT features points, how to handle socket offline/online, how to handle domains schedule and other technical points.

Part 2: Design Discussion: SGX virtualization - Kai Huang
Intel Software Guard Extensions (SGX) is a set of new instructions and memory access mechanism targeting to protect user-level software from being attacked. It achieves this by using particular address range of 'enclave' in user-level application, and content of enclave cannot be accessed directly by any software from outside, including privileged software. Enclave Page Cache (EPC) is the hardware resource used to commit to enclave. EPC is limited resource typically reserved by BIOS. SGX also supports Launch Control which allows 3rd party to run their own Launch Enclave, which governs other enclaves to run. SGX virtualization on Xen including exposing SGX to guest, EPC management, Launch Control virtualization, SGX interaction with VMX handling, etc. This design discussion is about to go through the SGX virtualization design with maintainers & other developers, including problems, design options, detailed technical discussion, etc, to make further Xen SGX integration go more smoothly.


Kai Huang

Software Engineer, Intel Corporation
This is Kai Huang from Intel OTC. I have been working on low level system software (Linux device driver, Solaris PCIE/DMA framework, KVM & Xen hypervisor) for 8 years since I graduated from university. My current role is software engineer at Intel OTC's VMM enabling team and my main responsibility is to enable new virtualization hardware features of Intel's new platforms for both KVM... Read More →

Yi Sun

Software Engineer, Intel
Yi joined Intel in 2013. He worked on developing mobile storage drivers (emmc/sd/sdio drivers), Security domain to lead critical bug fix and new features development on Android. In June 2016, he transferred internally to join VMM Enabling team to develop features (New Instruction... Read More →

Wednesday July 12, 2017 14:30 - 15:15
Valletta Conference Centre II

Attendees (3)