mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2025-01-05 13:17:51 +03:00
4c121af81b
Signed-off-by: Ján Tomko <jtomko@redhat.com>
4950 lines
177 KiB
XML
4950 lines
177 KiB
XML
<?xml version="1.0"?>
|
|
|
|
<!-- libvirt release notes
|
|
|
|
This file will be processed to produce both HTML and plain text versions
|
|
of the release notes.
|
|
|
|
Keep the style consistent with existing entries as much as possible.
|
|
|
|
Each change should be documented by a short, one-sentence summary, which
|
|
should fit in a single line and should not contain any formatting tags.
|
|
|
|
You can optionally add a description if you feel like the summary alone is
|
|
not enough to document the change accurately. The description may contain
|
|
a <code> tag for switching to non-proportional font. No other tags are
|
|
allowed.
|
|
|
|
Lines should be kept under 80 columns, and should not exceed 100 columns.
|
|
|
|
This file is validated against docs/news.rng schema.
|
|
|
|
Use the following template to add a new release section:
|
|
|
|
<release version="FIXME" date="unreleased">
|
|
<section title="New features">
|
|
</section>
|
|
<section title="Improvements">
|
|
</section>
|
|
<section title="Bug fixes">
|
|
</section>
|
|
</release>
|
|
|
|
If relevant for a given release, add a section for these too:
|
|
|
|
<section title="Packaging changes">
|
|
</section>
|
|
<section title="Removed features">
|
|
</section>
|
|
<section title="Security">
|
|
</section>
|
|
|
|
-->
|
|
|
|
<libvirt>
|
|
<release version="v6.1.0" date="unreleased">
|
|
<section title="New features">
|
|
</section>
|
|
<section title="Improvements">
|
|
</section>
|
|
<section title="Bug fixes">
|
|
</section>
|
|
</release>
|
|
<release version="v6.0.0" date="2020-01-15">
|
|
<section title="Packaging changes">
|
|
<change>
|
|
<summary>
|
|
support for python2 is removed
|
|
</summary>
|
|
<description>
|
|
Libvirt is no longer able to be built using the
|
|
Python 2 binary. Python 3 must be used instead.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
docs: the python docutils toolset is now required
|
|
</summary>
|
|
<description>
|
|
The use of rst2html has been introduced for the
|
|
website build process since docs are now being
|
|
written in the RST as an alternative to HTML.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="New features">
|
|
<change>
|
|
<summary>
|
|
new PCI hostdev address type: unassigned
|
|
</summary>
|
|
<description>
|
|
A new PCI hostdev address type 'unassigned' is introduced. An
|
|
unassigned PCI hostdev behaves like any regular PCI hostdev
|
|
inside Libvirt, but it is not usable by the guest. This gives
|
|
the user a new option to manage the binding of PCI devices
|
|
via Libvirt, declaring PCI hostdevs in the domain XML
|
|
but allowing just a subset of them to be assigned to the
|
|
guest.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Provide init scripts for sub-deaemons
|
|
</summary>
|
|
<description>
|
|
So far libvirt shipped systemd unit files for sub-daemons. With this
|
|
release, init scripts are available too. Package maintainers can
|
|
choose which one to install via <code>--with-init-script</code>
|
|
configure option.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Support cold-unplug of sound devices
|
|
</summary>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Implement VIR_MIGRATE_PARAM_TLS_DESTINATION
|
|
</summary>
|
|
<description>
|
|
This flag, which can be enabled using <code>virsh</code>'s
|
|
<code>--tls-destination</code> option, allows migration to succeed
|
|
in situations where there is a mismatch between the destination's
|
|
hostname and the information stored in its TLS certificate.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Support reporting memory bandwidth usage stats
|
|
</summary>
|
|
<description>
|
|
Implement Intel RDT-MBM in libvirt. The stats can be obtained via
|
|
<code>virsh domstats --memory</code>.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Allow accessing NVMe disks directly
|
|
</summary>
|
|
<description>
|
|
Before this release there were two ways to configure a NVMe disk for
|
|
a domain. The first was using <disk/> with the <source/>
|
|
pointing to the <code>/dev/nvmeXXXX</code>. The other was using PCI
|
|
assignment via <hostdev/> element. Both have their
|
|
disadvantages: the former adds latency of file system and block
|
|
layers of the host kernel, the latter prohibits domain migration. In
|
|
this release the third way of configuring NVMe disk is added which
|
|
combines the advantages and drops disadvantages of the previous two
|
|
ways. It's accessible via <disk type='nvme'/>.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Removed features">
|
|
<change>
|
|
<summary>
|
|
'phyp' Power Hypervisor driver removed
|
|
</summary>
|
|
<description>
|
|
The 'phyp' Power Hypervisor driver has not seen active development
|
|
since 2011 and does not seem to have any real world usage. It
|
|
has now been removed.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Improvements">
|
|
<change>
|
|
<summary>
|
|
qemu: xz save image compression is faster
|
|
</summary>
|
|
<description>
|
|
When using the xz format to compressed virtual
|
|
machine saved state images, the "-3" compression
|
|
level preset is now used. This results in slightly
|
|
larger files, but with a massively reduced time
|
|
to compress. The xz format offers the best compression
|
|
level for saved state images, albeit still with the
|
|
slowest running time. For the fastest possible
|
|
running time, at cost of the larest compressed size,
|
|
lzop should be used.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
domain: Improve job stat handling
|
|
</summary>
|
|
<description>
|
|
It is now possible to retrieve stats for completed and failed jobs.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Don't hold monitor and agent job at the same time
|
|
</summary>
|
|
<description>
|
|
Before this change, a malicious (or buggy)
|
|
<code>qemu-guest-agent</code> running in the guest could make other
|
|
libvirt APIs unavailable for an unbounded amount of time.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Bug fixes">
|
|
<change>
|
|
<summary>
|
|
qemu: Report error if backing image format is not specified explicitly
|
|
</summary>
|
|
<description>
|
|
For a long time libvirt was assuming that a backing file is RAW when
|
|
the format was not specified. This didn't pose a problem until blockdev
|
|
support was enabled in last release. Libvirt now requires that
|
|
the format is specified in the image metadata or domain XML and the
|
|
VM will refuse to start otherwise. Additionally the error message
|
|
now links to the knowledge base which summarizes how to fix the images.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Fix non-shared storage migration over NBD
|
|
</summary>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Generate a single MAC address for hotplugged network devices
|
|
</summary>
|
|
<description>
|
|
Since libvirt 4.6.0, when hotplugging a network device that didn't
|
|
have a MAC address already assigned by the user, two separate
|
|
addresses would be generated: one for the live configuration, which
|
|
would show up immediately, and one for the inactive configuration,
|
|
which would show up after the first reboot. This situation was
|
|
clearly undesirable, so a single MAC address is now generated and
|
|
used both for the live configuration and the inactive one.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
</release>
|
|
<release version="v5.10.0" date="2019-12-02">
|
|
<section title="New features">
|
|
<change>
|
|
<summary>
|
|
qemu: Introduce support for ARM CPU features
|
|
</summary>
|
|
<description>
|
|
The only features supported at the moment are SVE vector lengths,
|
|
which were introduced in QEMU 4.2.0.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Support boot display for GPU mediated devices
|
|
</summary>
|
|
<description>
|
|
Until now, GPU mediated devices generally did not show any output
|
|
until the guest OS had initialized the vGPU. By specifying the
|
|
<code>ramfb</code> attribute, QEMU can be configured to use ramfb as
|
|
a boot display for the device: this allows for display of firmware
|
|
messages, boot loader menu, and other output before the guest OS has
|
|
initialized the vGPU.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Add API to change the response timeout for guest agent commands
|
|
</summary>
|
|
<description>
|
|
By default, when a command is sent to the guest agent, libvirt waits
|
|
forever for a response from the guest agent. If the guest is
|
|
unresponsive for any reason, this can block the calling thread
|
|
indefinitely. By setting a custom timeout using
|
|
<code>virDomainAgentSetResponseTimeout()</code>, API users can change
|
|
this behavior.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Improvements">
|
|
<change>
|
|
<summary>
|
|
Devices CGroup v2 support
|
|
</summary>
|
|
<description>
|
|
Libvirt supported all controllers of CGroup v2 but the devices
|
|
controller which is implemented in this release.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Cold plug of sound device
|
|
</summary>
|
|
<description>
|
|
The QEMU driver now can handle cold plug of
|
|
<code><sound/></code> devices.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Probe for default CPU types
|
|
</summary>
|
|
<description>
|
|
With QEMU 4.2.0 we can probe for the default CPU model used by QEMU
|
|
for a particular machine type and store it in the domain XML. This
|
|
way the chosen CPU model is more visible to users and libvirt will
|
|
make sure the guest will see the exact same CPU after migration.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Adaptation to qemu's blockdev
|
|
</summary>
|
|
<description>
|
|
QEMU introduced a new way of specifying disks on the command line
|
|
which enables fine-grained control over the block stack. Libvirt has
|
|
adapted to this.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Refactors">
|
|
<change>
|
|
<summary>
|
|
More GLib integration
|
|
</summary>
|
|
<description>
|
|
More patches were merged that replace our internal functions with
|
|
GLib ones. Also some effort was invested in replacing gnulib modules
|
|
with GLib functions.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Rewrite of Perl scripts into Python
|
|
</summary>
|
|
<description>
|
|
Libvirt used Perl scripts to check for coding style, generate some
|
|
code and things like that. To bring the number of languages used
|
|
down, these scripts were rewritten into Python.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Bug fixes">
|
|
<change>
|
|
<summary>
|
|
Warn verbosely if using old loader:nvram pairs
|
|
</summary>
|
|
<description>
|
|
Some distributions still use <code>--with-loader-nvram</code> or
|
|
<code>nvram</code> variable in qemu.conf. This is now discouraged in
|
|
favour of FW descriptors. However, instead of silently ignoring user's
|
|
config, libvirt warns if outdated config is detected.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Drop pconfig from Icelake-Server CPU model
|
|
</summary>
|
|
<description>
|
|
The pconfig feature was enabled in QEMU by accident in 3.1.0. All
|
|
other newer versions do not support it and it was removed from the
|
|
Icelake-Server CPU model in QEMU.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Wait longer for device removal confirmation on PPC64
|
|
</summary>
|
|
<description>
|
|
After sending device hot unplug request to QEMU, libvirt waits up to
|
|
5 seconds for qemu to confirm the device removal. On some
|
|
architectures (like PPC64) this can take longer time and libvirt now
|
|
reflects that.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Forcibly create nodes in domain's namespace
|
|
</summary>
|
|
<description>
|
|
The QEMU driver starts a domain in a namepsace with private
|
|
<code>/dev</code> and creates only those nodes there which the domain
|
|
is configured to have. However, it may have happened that if a node
|
|
changed its minor number this change wasn't propagated to the
|
|
namespace.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Various AppArmor bugfixes
|
|
</summary>
|
|
<description>
|
|
The AppArmor driver now knows how to handle
|
|
<code><shmem/></code> devices and also snapshotting more disks
|
|
at once.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Improved video model autoselection
|
|
</summary>
|
|
<description>
|
|
If a graphics device was added to XML that had no video device,
|
|
libvirt automatically added a video device which was always of type
|
|
'cirrus' on x86_64, even if the underlying qemu didn't support
|
|
cirrus. Libvirt now bases the decision on qemu's capabilities.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
</release>
|
|
<release version="v5.9.0" date="2019-11-05">
|
|
<section title="Packaging changes">
|
|
<change>
|
|
<summary>
|
|
Start linking against GLib and using its features
|
|
</summary>
|
|
<description>
|
|
Up until now, libvirt has been dealing with platform portability and
|
|
the lack of certain features in libc by using gnulib and implementing
|
|
its own functions and data structures respectively; going forward, it
|
|
will prefer the facilities offered by GLib instead.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Stop distributing generated documentation
|
|
</summary>
|
|
<description>
|
|
Most downstreams already patch the libvirt source to some extent, so
|
|
this change will probably not affect them.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Rewrite several Perl scripts in Python
|
|
</summary>
|
|
<description>
|
|
Phasing out Perl usage is part of the project strategy.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="New features">
|
|
<change>
|
|
<summary>
|
|
qemu: Introduce a new video model of type 'ramfb'
|
|
</summary>
|
|
<description>
|
|
Introduce a new video model type to the domain XML that supports the
|
|
<code>ramfb</code> standalone device in qemu.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Implement the ccf-assist pSeries feature
|
|
</summary>
|
|
<description>
|
|
Users can now decide whether ccf-assist (Count Cache Flush Assist)
|
|
support should be available to pSeries guests.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Xen: Support specifying ACPI firmware path
|
|
</summary>
|
|
<description>
|
|
The libxl driver now supports specifying an ACPI firmware path
|
|
using the <code>acpi</code> element.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Support specifying resolution for video devices
|
|
</summary>
|
|
</change>
|
|
</section>
|
|
<section title="Removed features">
|
|
<change>
|
|
<summary>
|
|
logging: Drop support for including stack traces
|
|
</summary>
|
|
<description>
|
|
This feature was intended to aid debugging, but in practice it
|
|
resulted in logs that were too verbose to be useful and also resulted
|
|
in a significant performance penalty.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Improvements">
|
|
<change>
|
|
<summary>
|
|
qemu: Implement CPU comparison/baseline on s390x
|
|
</summary>
|
|
<description>
|
|
This functionality has been historically limited to x86_64, but it's
|
|
now available on s390x too.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Bug fixes">
|
|
<change>
|
|
<summary>
|
|
lib: autostart objects exactly once
|
|
</summary>
|
|
<description>
|
|
If libvirtd or any of the sub-daemons is started with socket
|
|
activation then objects might be autostarted more than once.
|
|
For instance, if a domain under <code> qemu:///session </code>
|
|
URI is mark as autostarted and the session daemon is started then the
|
|
domain is started with it. If user shuts the domain down and the
|
|
session daemon is started again, the user's wish to keep the
|
|
domain shut off is ignored and the domain is autostarted again.
|
|
This is now fixed.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Properly advertise bochs-display availability
|
|
</summary>
|
|
<description>
|
|
Support for <code>bochs-display</code> was introduced in libvirt
|
|
5.6.0, but until now the model was not listed in the domain
|
|
capabilities.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
security: Don't remember labels for TPM devices
|
|
</summary>
|
|
<description>
|
|
Due to the way they're implemented in the kernel, trying to remember
|
|
labels for TPM devices makes it impossible to use them.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
security: Properly rollback after failure in a stacked driver
|
|
</summary>
|
|
<description>
|
|
When multiple security drivers are involved, failure in one of them
|
|
would result in only the corresponding changes being rolled back,
|
|
leaving the ones performed by drivers that had been activated earlier
|
|
in place. All changes are rolled back now.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Fix build with musl libc
|
|
</summary>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Improve compatibility with non-bash shells
|
|
</summary>
|
|
</change>
|
|
</section>
|
|
</release>
|
|
<release version="v5.8.0" date="2019-10-05">
|
|
<section title="New features">
|
|
<change>
|
|
<summary>
|
|
qemu: Support use of precreated tap/macvtap devices by unprivileged libvirtd
|
|
</summary>
|
|
<description>
|
|
It is now possible for an unprivileged libvirtd to make use
|
|
of tap and macvtap devices that were previously created by
|
|
some other entity. This is done by setting
|
|
<code>managed='no'</code> along with the device name in the
|
|
<code>target</code> subelement of <code><interface
|
|
type='ethernet'></code>.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Support vhost-user-gpu
|
|
</summary>
|
|
<description>
|
|
Support for running virtio GPUs in separate processes with vhost-user
|
|
backend. It requires QEMU newer than 4.1.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Introduce virConnectSetIdentity API
|
|
</summary>
|
|
<description>
|
|
When split daemons are in use, this API is used to forward uid,
|
|
gid and SELinux info from <code>virproxyd</code> to other driver
|
|
daemons such as <code>virtqemud</code>.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Improvements">
|
|
<change>
|
|
<summary>
|
|
qemu: Support running SLIRP networking in a separate process
|
|
</summary>
|
|
<description>
|
|
User can configure the slirp-helper path in <code>qemu.conf</code>.
|
|
It will start a slirp-helper process to provide SLIRP networking
|
|
when the VM is started with network interface "user". That will allow
|
|
stricter security policies for QEMU SLIRP network.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Removed features">
|
|
<change>
|
|
<summary>
|
|
Remove xenapi driver
|
|
</summary>
|
|
<description>
|
|
The xenapi driver is removed since it has not received any significant
|
|
development since its initial contribution nine years ago and has no
|
|
known user base.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
</release>
|
|
<release version="v5.7.0" date="2019-09-03">
|
|
<section title="New features">
|
|
<change>
|
|
<summary>
|
|
qemu: Support Direct Mode for Hyper-V Synthetic timers
|
|
</summary>
|
|
<description>
|
|
The QEMU driver now supports Direct Mode for Hyper-V Synthetic timers
|
|
for Hyper-V guests.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
lib: Add virDomainGetGuestInfo()
|
|
</summary>
|
|
<description>
|
|
This API is intended to aggregate several guest agent information
|
|
queries and is inspired by stats API
|
|
<code>virDomainListGetStats()</code>. It is anticipated that this
|
|
information will be provided by a guest agent
|
|
running within the domain. It's exposed as <code>virsh
|
|
guestinfo</code>.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Experimental split of libvirtd into separate daemons
|
|
</summary>
|
|
<description>
|
|
The big monolithic libvirtd daemon can now be replaced by smaller
|
|
per-driver daemons. The new split daemons are considered experimental
|
|
at this time and distributions are encouraged to continue using the
|
|
traditional libvirtd by default.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Support kvm-hint-dedicated performance hint
|
|
</summary>
|
|
<description>
|
|
With <code><hint-dedicated state='on'/></code> and
|
|
<code><cpu mode='host-passthrough'/></code>, it
|
|
allows a guest to enable optimizations when running on dedicated
|
|
vCPUs. QEMU newer than 2.12.0 and kernel newer than 4.17
|
|
are required.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Removed features">
|
|
<change>
|
|
<summary>
|
|
Remove KVM assignment support
|
|
</summary>
|
|
<description>
|
|
The KVM style of PCI device assignment was removed from
|
|
the kernel in version 4.12.0 after being deprecated since 4.2.0.
|
|
Libvirt defaults to VFIO for a long time. Remove support for
|
|
KVM device assignment from libvirt too.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
libxml: min required libxml is now 2.9.1
|
|
</summary>
|
|
<description>
|
|
Support for building with libxml versions older than 2.9.1
|
|
has been dropped.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Improvements">
|
|
<change>
|
|
<summary>
|
|
virsh: Support setting bandwidth in migrate subcommand
|
|
</summary>
|
|
<description>
|
|
In addition to postcopy bandwidth, the <code>virsh migrate</code>
|
|
subcommand now supports specifying precopy bandwidth with the
|
|
<code>--bandwidth</code> parameter.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
libxl: Implement domain metadata getter/setter
|
|
</summary>
|
|
<description>
|
|
The libxl driver now supports <code>virDomainGetMetadata()</code> and
|
|
<code>virDomainSetMetadata()</code> APIs.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
test driver: Expand API coverage
|
|
</summary>
|
|
<description>
|
|
Additional APIs have been implemented in the test driver.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Report RNG device in domain capabilities XML
|
|
</summary>
|
|
<description>
|
|
Libvirt now reports if RNG devices are supported by the underlying
|
|
hypervisor in the domain capabilities XML.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Stop linking NSS plugins with libvirt.so
|
|
</summary>
|
|
<description>
|
|
This reduces the amount of code and 3rd party libraries are that
|
|
loaded into all processes.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Split the setuid virt-login-shell binary into two pieces
|
|
</summary>
|
|
<description>
|
|
The setuid virt-login-shell binary is now a tiny shim that
|
|
sanitizes the process execution environment variables and
|
|
arguments, before launching the trusted virt-login-shell-helper
|
|
binary.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Allow migration with disk cache on
|
|
</summary>
|
|
<description>
|
|
When QEMU supports flushing caches at the end of migration, we can
|
|
safely allow migration even if <code>disk/driver/@cache</code> is
|
|
neither <code>none</code> nor <code>directsync</code>.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Bug fixes">
|
|
<change>
|
|
<summary>
|
|
Various security label remembering fixes
|
|
</summary>
|
|
<description>
|
|
In the previous release libvirt introduced remembering of original
|
|
owners and SELinux labels on files. However, the feature did not work
|
|
properly with snapshots, on migrations or on network filesystems.
|
|
This is now fixed.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Allow greater PCI domain numbers
|
|
</summary>
|
|
<description>
|
|
Libvirt used to require PCI domain number to be not greater than
|
|
0xFFFF. The code was changed to allow 32 bits long numbers.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Various D-Bus fixes
|
|
</summary>
|
|
<description>
|
|
When D-Bus is not available, libvirt was reporting random errors.
|
|
These are now gone.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Prefer read-only opening of PCI config files
|
|
</summary>
|
|
<description>
|
|
When enumerating PCI bus, libvirt opens config files under
|
|
<code>sysfs</code> mount and parses them to learn various aspects of
|
|
the device (e.g. its capabilities). Only in a very limited number of
|
|
cases it is actually writing into the file. However, it used to open
|
|
the file also for writing even if it was only reading from it.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Fix AppArmor profile
|
|
</summary>
|
|
<description>
|
|
Since the <code>5.6.0</code> release, libvirt uses
|
|
<code>procfs</code> to learn the list of opened file descriptors when
|
|
spawning a command. However, our AppArmor profile was not allowing
|
|
such access.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Don't block storage driver when starting or building a pool
|
|
</summary>
|
|
<description>
|
|
Starting or building a storage pool can take a long time to finish.
|
|
During this time the storage driver was blocked and thus no other API
|
|
involving the storage driver could run. This is now fixed.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
</release>
|
|
<release version="v5.6.0" date="2019-08-05">
|
|
<section title="New features">
|
|
<change>
|
|
<summary>
|
|
qemu: Introduce a new video model of type 'bochs'
|
|
</summary>
|
|
<description>
|
|
Introduce a new video model type that supports the
|
|
<code>bochs-display</code> device that was added in qemu version 3.0.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
api: new virDomainCheckpoint APIs
|
|
</summary>
|
|
<description>
|
|
Introduce several new APIs for creating and managing
|
|
checkpoints in the test and qemu drivers (the latter
|
|
requires qcow2 images). Checkpoints serve as a way to tell
|
|
which portions of a disk have changed since a point in time.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Add support for overriding max threads per process limit
|
|
</summary>
|
|
<description>
|
|
systemd-based systems impose a limit on the number of threads a
|
|
process can spawn, which in some cases can be exceeded by QEMU
|
|
processes running VMs. Add a <code>max_threads_per_process</code>
|
|
option to qemu.conf to override the system default.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Remember original owners and SELinux labels of files
|
|
</summary>
|
|
<description>
|
|
When a domain is starting up libvirt changes DAC and
|
|
SELinux labels so that domain can access it. However,
|
|
it never remembered the original labels and therefore
|
|
the file was returned back to <code>root:root</code>.
|
|
With this release, the original labels are remembered
|
|
and restored properly.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
network: Allow passing arbitrary options to dnsmasq
|
|
</summary>
|
|
<description>
|
|
This works similarly to the existing support for passing arbitary
|
|
options to QEMU, and just like that feature it comes with no
|
|
support guarantees.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Removed features">
|
|
<change>
|
|
<summary>
|
|
xen: Remove sxpr config support
|
|
</summary>
|
|
<description>
|
|
Remove the sxpr style config parser and formatter a year after the
|
|
xend driver was removed.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Improvements">
|
|
<change>
|
|
<summary>
|
|
qemu: Allow XML validation for snapshot creation
|
|
</summary>
|
|
<description>
|
|
Add flag <code>VIR_DOMAIN_SNAPSHOT_CREATE_VALIDATE</code> to validate
|
|
snapshot input XML. For virsh, users can use it as <code>virsh
|
|
snapshot-create --validate</code>.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Support encrypted soft TPM
|
|
</summary>
|
|
<description>
|
|
A soft TPM backend could be encrypted with passphrase. Now libvirt
|
|
supports using a <code>secret</code> object to hold the passphrase,
|
|
and referring to it via the <code>encryption</code> element of the
|
|
TPM device.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
test driver: Expand API coverage
|
|
</summary>
|
|
<description>
|
|
Additional APIs have been implemented in the test driver.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Implement per-driver locking
|
|
</summary>
|
|
<description>
|
|
Drivers now acquire a lock when they're loaded, ensuring that there
|
|
can never be two instances of the same driver active at a time.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
nss: Report newer addresses first
|
|
</summary>
|
|
<description>
|
|
In some cases, a guest might be assigned a new IP address by DHCP
|
|
before the previous lease has expired, in which case the NSS plugin
|
|
will correctly report both addresses; many applications, however,
|
|
ignore all addresses but the first, and may thus end up trying to
|
|
connect using a stale address. To prevent that from happening, the
|
|
NSS plugin will now always report the newest address first.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
util: Optimize mass closing of FDs when spawning child processes
|
|
</summary>
|
|
<description>
|
|
When the limit on the number of FDs is very high, closing all
|
|
unwanted FDs after calling <code>fork()</code> can take a lot of
|
|
time and delay the start of the child process. libvirt will now
|
|
use an optimized algorithm that minimizes such delays.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Bug fixes">
|
|
<change>
|
|
<summary>
|
|
logging: Ensure virtlogd rollover takes priority over logrotate
|
|
</summary>
|
|
<description>
|
|
virtlogd implements its own rollover mechanism, but until now
|
|
logrotate could end up acting on the logs before virtlogd had a
|
|
chance to do so itself.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
</release>
|
|
<release version="v5.5.0" date="2019-07-02">
|
|
<section title="Security">
|
|
<change>
|
|
<summary>
|
|
api: Prevent access to several APIs over read-only connections
|
|
</summary>
|
|
<description>
|
|
Certain APIs give root-equivalent access to the host, and as such
|
|
should be limited to privileged users. CVE-2019-10161,
|
|
CVE-2019-10166, CVE-2019-10167, CVE-2019-10168.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="New features">
|
|
<change>
|
|
<summary>
|
|
qemu: Support SMMUv3 IOMMU
|
|
</summary>
|
|
<description>
|
|
SMMUv3 is an IOMMU implementation for ARM virt guests.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
network: Introduce the network port API
|
|
</summary>
|
|
<description>
|
|
This new public API can be used by virtualization drivers to
|
|
manage network resources associated with guests, and is a further
|
|
step towards splitting libvirtd into multiple daemons.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Removed features">
|
|
<change>
|
|
<summary>
|
|
qemu: Remove support for virDomainQemuAttach and virConnectDomainXMLFromNative APIs
|
|
</summary>
|
|
<description>
|
|
The qemu implementations for the APIs mentioned above were removed
|
|
and the APIs now return an error. The implementation was stale for a
|
|
long time and did not work with modern QEMU command lines, generated
|
|
from libvirt or otherwise.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Stop supporting migration of config files from pre-XDG layout
|
|
</summary>
|
|
<description>
|
|
The new layout was introduced with libvirt 0.9.13 (Jul 2012).
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Remove Avahi mDNS support
|
|
</summary>
|
|
<description>
|
|
This feature was never used outside of virt-manager, which has
|
|
itself stopped using it a while ago.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Improvements">
|
|
<change>
|
|
<summary>
|
|
sysinfo: Report SMBIOS information on aarch64
|
|
</summary>
|
|
<description>
|
|
While SMBIOS support has historically been limited to x86_64, modern
|
|
aarch64 machines often offer access to the same information as well,
|
|
and libvirt now exposes it to the user when that's the case.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
test driver: Expand API coverage
|
|
</summary>
|
|
<description>
|
|
Even more APIs that were missing from the test driver have now been
|
|
implemented.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
virt-xml-validate: Allow input to be read from stdin
|
|
</summary>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Validate spapr-vio addresses as 32-bit
|
|
</summary>
|
|
<description>
|
|
libvirt has always considered these addresses (used for pSeries
|
|
guests) as 64-bit, but the sPAPR specification says that they're
|
|
32-bit instead.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Bug fixes">
|
|
<change>
|
|
<summary>
|
|
qemu: Set process affinity correctly when using <numatune>
|
|
</summary>
|
|
<description>
|
|
libvirt would mistakenly interpret the <code>nodeset</code>
|
|
attribute as a list of CPUs instead of as a list of NUMA node, and
|
|
the process affinity would be set incorrectly as a result; this has
|
|
now been fixed.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
</release>
|
|
<release version="v5.4.0" date="2019-06-03">
|
|
<section title="Security">
|
|
<change>
|
|
<summary>
|
|
cpu: Introduce support for the md-clear CPUID bit
|
|
</summary>
|
|
<description>
|
|
This bit is set when microcode provides the mechanism to invoke a
|
|
flush of various exploitable CPU buffers by invoking the x86
|
|
<code>VERW</code> instruction. CVE-2018-12126, CVE-2018-12127,
|
|
CVE-2018-12130, CVE-2019-11091.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Restrict user access to virt-admin, virtlogd and virtlockd
|
|
</summary>
|
|
<description>
|
|
The intended users for these facilities are the <code>root</code>
|
|
user and the <code>libvirtd</code> service respectively, but these
|
|
restrictions were not enforced correctly. CVE-2019-10132.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Improvements">
|
|
<change>
|
|
<summary>
|
|
test driver: Expand API coverage
|
|
</summary>
|
|
<description>
|
|
Several APIs that were missing from the test driver have now been
|
|
implemented.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Avoid unnecessary static linking
|
|
</summary>
|
|
<description>
|
|
Most binaries shipped as part of libvirt, for example
|
|
<code>virtlogd</code> and <code>libvirt_iohelper</code>, were
|
|
embedding parts of the library even though they also linked against
|
|
the <code>libvirt.so</code> dynamic library. This is no longer the
|
|
case, which results in both the disk and memory footprint being
|
|
reduced.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Report stat-htlb-pgalloc and stat-htlb-pgfail balloon stats
|
|
</summary>
|
|
<description>
|
|
These stats have been introduced in QEMU 3.0.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Bug fixes">
|
|
<change>
|
|
<summary>
|
|
qemu: Fix emulator scheduler support
|
|
</summary>
|
|
<description>
|
|
Setting the scheduler for QEMU's main thread before QEMU had a chance
|
|
to start up other threads was misleading as it would affect other
|
|
threads (vCPU and I/O) as well. In some particular situations this
|
|
could also lead to an error when the thread for vCPU #0 was being
|
|
moved to its cpu,cpuacct cgroup. This was fixed so that the
|
|
scheduler for the main thread is set after QEMU starts.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
apparmor: Allow hotplug of vhost-scsi devices
|
|
</summary>
|
|
</change>
|
|
</section>
|
|
</release>
|
|
<release version="v5.3.0" date="2019-05-04">
|
|
<section title="New features">
|
|
<change>
|
|
<summary>
|
|
qemu: Add support for setting the emulator scheduler parameters
|
|
</summary>
|
|
<description>
|
|
I/O threads and vCPU threads already support setting schedulers, but
|
|
until now it was impossible to do so for the main QEMU thread
|
|
(emulator thread in the libvirt naming). This is, however, requested
|
|
for some very specific scenarios, for example when vCPU threads are
|
|
running at such priority that could starve the main thread.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Removed features">
|
|
<change>
|
|
<summary>
|
|
vbox: Drop support for VirtualBox 4.x releases
|
|
</summary>
|
|
<description>
|
|
Support for all the 4.x releases was ended by
|
|
VirtualBox maintainers in December 2015. Therefore,
|
|
libvirt support for these releases is dropped.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Improvements">
|
|
<change>
|
|
<summary>
|
|
qemu: Use PCI by default for RISC-V guests
|
|
</summary>
|
|
<description>
|
|
PCI support for RISC-V guests was already available in libvirt
|
|
5.1.0, but it required the user to opt-in by manually assigning
|
|
PCI addresses: with this release, RISC-V guests will use PCI
|
|
automatically when running against a recent enough (4.0.0+) QEMU
|
|
release.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Advertise firmware autoselection in domain capabilities
|
|
</summary>
|
|
<description>
|
|
The firmware autoselection feature is now exposed in
|
|
domain capabilities and management applications can
|
|
query for accepted values, i.e. values that are accepted
|
|
and for which libvirt found firmware descriptor files.
|
|
Firmware Secure Boot support is also advertised.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Drop YAJL 1 support
|
|
</summary>
|
|
<description>
|
|
YAJL 2 is widely adopted and maintaining side by side
|
|
support for two versions is unnecessary.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Bug fixes">
|
|
<change>
|
|
<summary>
|
|
rpc: cleanup in virNetTLSContextNew
|
|
</summary>
|
|
<description>
|
|
Failed new gnutls context allocations in virNetTLSContextNew
|
|
function results in double free and segfault. Occasional memory
|
|
leaks may also occur.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
virsh: various completers fixes
|
|
</summary>
|
|
<description>
|
|
There were some possible crashers, memory leaks, etc.
|
|
which are now fixed.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Make hugepages work with memfd backend
|
|
</summary>
|
|
<description>
|
|
Due to a bug in command line generation libvirt did not
|
|
honor hugepages setting with memfd backend.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Enforce ACL write permission for getting guest time & hostname
|
|
</summary>
|
|
<description>
|
|
Getting the guest time and hostname both require use of
|
|
guest agent commands. These must not be allowed for
|
|
read-only users, so the permissions check must validate
|
|
"write" permission not "read".
|
|
</description>
|
|
</change>
|
|
</section>
|
|
</release>
|
|
<release version="v5.2.0" date="2019-04-03">
|
|
<section title="New features">
|
|
<change>
|
|
<summary>
|
|
Add Storage Pool Capabilities output
|
|
</summary>
|
|
<description>
|
|
Add support to list an enumerated list of supported Storage
|
|
Pools via the virConnectGetCapabilities API when connected
|
|
via a Storage Driver. Add support to get a more detailed
|
|
list XML output Storage Pool Capabilities vis the
|
|
virConnectGetStoragePoolCapabilites API.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Support virtio-{non-}transitional device models
|
|
</summary>
|
|
<description>
|
|
<code>virtio-transitional</code> and
|
|
<code>virtio-non-transitional</code> <code>model</code> values
|
|
were added to the QEMU driver for the following devices:
|
|
<code>disk</code>, <code>interface</code>, <code>filesystem</code>,
|
|
<code>rng</code>, <code>vsock</code>, <code>memballoon</code>,
|
|
<code>controller</code> type <code>scsi</code>,
|
|
<code>controller</code> type <code>virtio-serial</code>,
|
|
<code>input</code> bus <code>virtio</code>
|
|
type <code>passthrough</code>,
|
|
<code>hostdev</code> type <code>scsi_host</code>. These new
|
|
models can be used to give fine grained control over what
|
|
virtio device version is presented to the guest.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Enable firmware autoselection
|
|
</summary>
|
|
<description>
|
|
Libvirt allows users to provide loader path for some time now.
|
|
However, this puts some burden on users because they need to
|
|
know what firmware meets their requirements. Now that QEMU
|
|
ships firmware description files this burden can be moved onto
|
|
libvirt. It is as easy as setting the <code>firmware</code>
|
|
attribute in the <code>os</code> element (accepted values are
|
|
<code>bios</code> and <code>efi</code>). Moreover, libvirt
|
|
automatically enables domain features needed for firmware it
|
|
chooses.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
snapshots: Add support for topological listings
|
|
</summary>
|
|
<description>
|
|
A new flag VIR_DOMAIN_SNAPSHOT_LIST_TOPOLOGICAL is available
|
|
for the various snapshot listing APIs such as
|
|
virDomainListAllSnapshots(). For drivers that support the
|
|
flag, the listed snapshots are guaranteed to be sorted such
|
|
that parents occur before children.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Xen: Add support for max grant frames setting
|
|
</summary>
|
|
<description>
|
|
Add support for Xen's max_grant_frames setting by adding a
|
|
new xenbus controller type with a maxGrantFrames attribute.
|
|
E.g. <code><controller type='xenbus' maxGrantFrames='64'/></code>
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Add support for parallel migration
|
|
</summary>
|
|
<description>
|
|
With QEMU 4.0.0 libvirt can enable parallel migration which causes
|
|
the memory pages to be processed in parallel by several threads and
|
|
sent to the destination host using several connections at the same
|
|
time. This may increase migration speed in case a single thread is
|
|
unable to saturate the network link.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Removed features">
|
|
<change>
|
|
<summary>
|
|
Drop support for Upstart and "Red Hat" init scripts
|
|
</summary>
|
|
<description>
|
|
Not a single one of the platforms we target still uses Upstart,
|
|
and the Upstart project itself has been abandoned for several years
|
|
now; the same is true for the "Red Hat" (really System V) init
|
|
scripts, since RHEL 7 and later releases use systemd.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Improvements">
|
|
<change>
|
|
<summary>
|
|
Report class information for PCI node device capability.
|
|
</summary>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Split setup of IPv4 and IPv6 top level chain
|
|
</summary>
|
|
<description>
|
|
The requirement resulting from private chains improvement done
|
|
in <code>v5.1.0</code> was refined so that only tables from
|
|
corresponding IP version are required. This means that if a
|
|
network doesn't have <code>IPv6</code> enabled then those
|
|
tables are not required.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Don't default to building the QEMU driver
|
|
</summary>
|
|
<description>
|
|
Historically, the QEMU driver has been special in that it was
|
|
enabled by default, with the option to explicitly opt-out of it;
|
|
starting now, we're enabling it opportunistically if we detect that
|
|
all requirements are available, just like we do with other drivers.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Bug fixes">
|
|
<change>
|
|
<summary>
|
|
virt-host-validate: Fix IOMMU check on s390x
|
|
</summary>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Allow creating pSeries guests with graphics and no USB mouse
|
|
</summary>
|
|
<description>
|
|
It's now possible to prevent libvirt from automatically adding a
|
|
USB mouse to pSeries guests by including a USB tablet in the input
|
|
XML: doing so is desiderable as using a tablet results in a much
|
|
better user experience when working with GUIs.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Set $HOME and XGD variables for qemu:///system guests
|
|
</summary>
|
|
<description>
|
|
This avoids files being accidentally created under <code>/</code> or
|
|
the guests not being able to start because they lack the necessary
|
|
permissions to write to that location.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
</release>
|
|
<release version="v5.1.0" date="2019-03-04">
|
|
<section title="New features">
|
|
<change>
|
|
<summary>
|
|
bhyve: Add support for additional command-line arguments
|
|
</summary>
|
|
<description>
|
|
The bhyve driver now supports passing additional command-line
|
|
arguments to the bhyve process using the new
|
|
<code><bhyve:commandline></code> element in domain
|
|
configuration.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
network: Support setting a firewalld "zone" for virtual network bridges
|
|
</summary>
|
|
<description>
|
|
All libvirt virtual networks with bridges managed by libvirt
|
|
(i.e. those with forward mode of "nat", "route", "open", or
|
|
no forward mode) will now be placed in a special firewalld
|
|
zone called "libvirt" by default. The zone of any network
|
|
bridge can be changed using the <code>zone</code> attribute
|
|
of the network's <code>bridge</code> element.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
bhyve: Support for ignoring unknown MSRs reads and writes
|
|
</summary>
|
|
<description>
|
|
A new <features> element <msrs unknown='ignore'/> was
|
|
introduced and the bhyve driver supports it to control unknown
|
|
Model Specific Registers (MSRs) reads and writes.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Add support for encrypted VNC TLS keys
|
|
</summary>
|
|
<description>
|
|
Use the password stored in the secret driver under the uuid
|
|
specified by the <code>vnc_tls_x509_secret_uuid</code> option
|
|
in qemu.conf.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Add storage pool namespace options
|
|
</summary>
|
|
<description>
|
|
Allow for adjustment of RBD configuration options via Storage
|
|
Pool XML Namespace adjustments.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Add support for setting post-copy migration bandwidth
|
|
</summary>
|
|
<description>
|
|
Users can now limit the bandwidth of post-copy migration, e.g.
|
|
via <code>virsh migrate --postcopy-bandwidth</code>.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Improvements">
|
|
<change>
|
|
<summary>
|
|
Create private chains for virtual network firewall rules
|
|
</summary>
|
|
<description>
|
|
Historically firewall rules for virtual networks were added
|
|
straight into the base chains. This works but has a number of
|
|
bugs and design limitations. To address them, libvirt now puts
|
|
firewall rules into its own chains. Note that with this change the
|
|
<code>filter</code>, <code>nat</code> and <code>mangle</code> tables
|
|
are required for both <code>IPv4</code> and <code>IPv6</code>.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Detect CEPH and GPFS as shared FS
|
|
</summary>
|
|
<description>
|
|
When starting a migration libvirt performs some sanity checks
|
|
to make sure domain will be able to run on the destination.
|
|
One of the requirements is that the disk has to either be
|
|
migrated too or be accessible from a network filesystem. CEPH
|
|
and GPFS weren't detected as a network filesystem.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Advertise network MTU via DHCP when specified
|
|
</summary>
|
|
<description>
|
|
If network MTU is set and the network has DHCP enabled,
|
|
advertise the MTU in DHCP transaction too so that clients can
|
|
adjust their link accordingly.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Allocate memory at the configured NUMA nodes from start
|
|
</summary>
|
|
<description>
|
|
Libvirt used to just start QEMU, let it allocate memory for
|
|
the guest, and then use CGroups to move the memory to
|
|
configured NUMA nodes. This is suboptimal as huge chunks of
|
|
memory have to be moved. Moreover, this relies on ability to
|
|
move memory later which is not always true. A change was made
|
|
to set process affinity correctly from the start so that memory
|
|
is allocated on the configured nodes from the beginning.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Support for newer Wireshark
|
|
</summary>
|
|
<description>
|
|
Adapt libvirt to use the more recent release requiring a
|
|
source build configuration of libvirt
|
|
<code>--with-wireshark</code> to upgrade to the more recent
|
|
version.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Batch mode virsh and virt-admin parsing improvements
|
|
</summary>
|
|
<description>
|
|
When parsing a single-argument command_string in batch mode,
|
|
virsh and virt-admin now permit newlines in addition to
|
|
semicolons for splitting commands, and backslash-newline for
|
|
splitting long lines, to be more like shell parsing.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Bug fixes">
|
|
<change>
|
|
<summary>
|
|
qemu: Use CAP_DAC_OVERRIDE during QEMU capabilities probing
|
|
</summary>
|
|
<description>
|
|
By default, libvirt runs the QEMU process as <code>qemu:qemu</code>
|
|
which could cause issues during probing as some features like AMD SEV
|
|
might be inaccessible to QEMU because of file system permissions.
|
|
Therefore, <code>CAP_DAC_OVERRIDE</code> is granted to overcome these
|
|
for the purposes of probing.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
storage: Add default mount options for fs/netfs storage pools
|
|
</summary>
|
|
<description>
|
|
Altered the command line generation for fs/netfs storage pools to
|
|
add some default options. For Linux based systems, the options
|
|
added are "nodev, nosuid, noexec". For FreeBSD based systems,
|
|
the options added are "nosuid, noexec".
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Allow use of PCI for RISC-V guests
|
|
</summary>
|
|
<description>
|
|
This works with QEMU 4.0.0+ only and is opt-in at the moment, since
|
|
it requires users to manually assign PCI addresses, but is otherwise
|
|
fully functional.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
network: Fix virtual networks on systems using firewalld+nftables
|
|
</summary>
|
|
<description>
|
|
Because of the transitional state of firewalld's new support
|
|
for nftables, not all iptables features required by libvirt
|
|
are yet available, so libvirt must continue to use iptables
|
|
for its own packet filtering rules even when the firewalld
|
|
backend is set to use nftables. However, due to the way
|
|
iptables support is implemented in kernels using nftables
|
|
(iptables rules are converted to nftables rules and
|
|
processed in a separate hook from the native nftables
|
|
rules), guest networking was broken on hosts with firewalld
|
|
configured to use nftables as the backend. This has been
|
|
fixed by putting libvirt-managed bridges in their own
|
|
firewalld zone, so that guest traffic can be forwarded
|
|
beyond the host and host services can be exposed to guests
|
|
on the virtual network without opening up those same
|
|
services to the rest of the physical network. This means
|
|
that host access from virtual machines is no longer
|
|
controlled by the firewalld default zone (usually "public"),
|
|
but rather by the new firewalld zone called "libvirt"
|
|
(unless configured otherwise using the new zone
|
|
attribute of the network bridge element).
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Fix i6300esb watchdog hotplug on Q35
|
|
</summary>
|
|
<description>
|
|
Ensure that libvirt allocates a PCI address for the device so
|
|
that QEMU did not default to an address that would not allow
|
|
for device hotplug.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
lxc: Don't reboot host on virDomainReboot
|
|
</summary>
|
|
<description>
|
|
If the container is really a simple one (init is just bash and
|
|
the whole root is passed through) then virDomainReboot and
|
|
virDomainShutdown would reboot or shutdown the host. The
|
|
solution is to use different method to reboot or shutdown the
|
|
container in that case (e.g. signal).
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
rpc: Various stream fixes
|
|
</summary>
|
|
<description>
|
|
One particular race was fixed, one locking problem and error
|
|
reporting from streams was made better.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Fix guestfwd hotplug/hotunplug
|
|
</summary>
|
|
<description>
|
|
Fixed the generation of the guestfwd hotplug/unplug command
|
|
sent to QEMU to match the syntax used when creating the
|
|
initial command line.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Forbid CDROMs on virtio bus
|
|
</summary>
|
|
<description>
|
|
Attempting to create an empty virtio-blk drive or attempting
|
|
to eject it results into an error. Forbid configurations
|
|
where users would attempt to use CDROMs in virtio bus.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Use 'raw' for 'volume' disks without format
|
|
</summary>
|
|
<description>
|
|
Storage pools might want to specify format of the image when
|
|
translating the volume thus libvirt can't add any default
|
|
format when parsing the XML. Add an explicit format when
|
|
starting the VM and format is not present neither by user
|
|
specifying it nor by the storage pool translation function.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Assume 'raw' default storage format also for network storage
|
|
</summary>
|
|
<description>
|
|
Post parse callback adds the 'raw' type only for local files.
|
|
Remote files can also have backing store (even local) so we
|
|
should do this also for network backed storage.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Fix block job progress reporting and advocate for READY event
|
|
</summary>
|
|
<description>
|
|
In some cases QEMU can get to 100% and still not reach the
|
|
synchronised phase. Initiating a pivot in that case will fail.
|
|
Therefore it is strongly advised to wait for
|
|
<code>VIR_DOMAIN_BLOCK_JOB_READY</code> event which does not
|
|
suffer from this problem.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Don't format image properties for empty drive
|
|
</summary>
|
|
<description>
|
|
If a <code>-drive</code> has no image, then formatting
|
|
attributes such as cache, readonly, etc. would cause errors to
|
|
be reported from QEMU. This was fixed by not supplying the
|
|
attributes for devices without an image.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
External snapshot metadata redefinition is fixed
|
|
</summary>
|
|
<description>
|
|
Attempting to use VIR_DOMAIN_SNAPSHOT_CREATE_REDEFINE to
|
|
reinstate the metadata describing an external snapshot
|
|
created earlier for an offline domain no longer fails.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
</release>
|
|
<release version="v5.0.0" date="2019-01-15">
|
|
<section title="New features">
|
|
<change>
|
|
<summary>
|
|
Xen: Add support for openvswitch
|
|
</summary>
|
|
<description>
|
|
The libxl driver now supports virtual interfaces that connect to
|
|
an openvswitch bridge, including interfaces with VLAN tagging and
|
|
trunking configuration.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Report whether KVM nesting is available
|
|
</summary>
|
|
<description>
|
|
Running nested KVM guests requires specific configuration steps to
|
|
be performed on the host; libvirt will now report in the host
|
|
capabilities whether KVM nesting support is available.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Removed features">
|
|
<change>
|
|
<summary>
|
|
Drop UML driver
|
|
</summary>
|
|
<description>
|
|
The UML driver was unmaintained and not tested for
|
|
quite some time now. Worse, there is a bug that causes
|
|
it to deadlock on some very basic operations (e.g.
|
|
dumping domain XML). These facts make us believe no one
|
|
uses it.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Improvements">
|
|
<change>
|
|
<summary>
|
|
qemu: Add support for ARMv6l guests
|
|
</summary>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Support more NVDIMM configuration options
|
|
</summary>
|
|
<description>
|
|
Introduce more configuration options. For the source element, add
|
|
the 'alignsize' and 'pmem' subelements. For the target element, add
|
|
the 'readonly' subelement.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
cpu: Add support for "stibp" x86_64 feature
|
|
</summary>
|
|
<description>
|
|
Add cpu flag stibp (Single Thread Indirect Branch Predictors) to
|
|
prevent indirect branch predictions from being controlled by the
|
|
sibling Hyperthread.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
libxl: Handle external domain destroy
|
|
</summary>
|
|
<description>
|
|
Historically, if a domain was destroyed using <code>xl</code>
|
|
rather than through libvirt APIs, libvirt would not be aware of
|
|
the fact and keep considering it as running. This is no longer the
|
|
case.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Start selecting the first available DRI device for OpenGL operations
|
|
</summary>
|
|
<description>
|
|
If OpenGL support is needed (either with SPICE gl enabled or with
|
|
egl-headless), libvirt is now able to pick the first available DRI
|
|
device for the job. At the same time, this improvement is also a
|
|
bugfix as it prevents permission-related issues with regards to our
|
|
mount namespaces and the default DRI render node's permissions which
|
|
would normally prevent QEMU from accessing such a device.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Add support for postcopy-requests migration statistics
|
|
</summary>
|
|
<description>
|
|
The <code>virDomainJobInfo</code> can get number page requests
|
|
received from the destination host during post-copy migration.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Bug fixes">
|
|
<change>
|
|
<summary>
|
|
lxc: Don't forbid interfaces with type=direct
|
|
</summary>
|
|
<description>
|
|
Such interfaces are supported by lxc and should be allowed.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Fully clean up RNG devices on detach
|
|
</summary>
|
|
<description>
|
|
Some RNG device types, such as those using EGD, might need extra
|
|
clean up on the host in addition to removing the guest-side device.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
</release>
|
|
<release version="v4.10.0" date="2018-12-03">
|
|
<section title="New features">
|
|
<change>
|
|
<summary>
|
|
qemu: Add Hyper-V PV IPI and Enlightened VMCS support
|
|
</summary>
|
|
<description>
|
|
The QEMU driver now has support for Hyper-V PV IPI and Enlightened VMCS
|
|
for Windows and Hyper-V guests.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Added support for PCI devices on S390
|
|
</summary>
|
|
<description>
|
|
PCI addresses can now include the new zpci element which contains
|
|
uid (user-defined identifier) and fid (PCI function identifier)
|
|
attributes and makes the corresponding devices usable by S390
|
|
guests.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Support changing IOThread polling parameters for a live guest
|
|
</summary>
|
|
<description>
|
|
Introduced virDomainSetIOThreadParams which allows dynamically
|
|
setting the IOThread polling parameters used by QEMU to manage
|
|
the thread polling interval and the algorithm for growth or
|
|
shrink of the polling time. The values only affect a running
|
|
guest with IOThreads. The guest's IOThread polling values can
|
|
be viewed via the domain statistics.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Xen: Add support for PVH
|
|
</summary>
|
|
<description>
|
|
The libxl driver now supports Xen's PVH virtual machine type.
|
|
PVH machines are enabled with the new "xenpvh" OS type, e.g.
|
|
<code><os><type>xenpvh</type></os></code>
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Added support for CMT (Cache Monitoring Technology)
|
|
</summary>
|
|
<description>
|
|
Introduced cache monitoring using the <code>monitor</code>
|
|
element in <code>cachetune</code> for vCPU threads. Added
|
|
interfaces to get and display the cache utilization statistics
|
|
through the command 'virsh domstats' via the
|
|
virConnectGetAllDomainStats API.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Add support for nested HV for pSeries guests
|
|
</summary>
|
|
<description>
|
|
Nested HV support makes it possible to run nested (L2) guests
|
|
with minimal performance penalty when compared to regular (L1)
|
|
guests on ppc64 hardware.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Bug fixes">
|
|
<change>
|
|
<summary>
|
|
Xen: Handle soft reset shutdown event
|
|
</summary>
|
|
<description>
|
|
The pvops Linux kernel uses soft reset to handle the crash
|
|
machine operation. The libxl driver now supports the soft
|
|
reset shutdown event, allowing proper crash handling of
|
|
pvops-based HVM domains.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
</release>
|
|
<release version="v4.9.0" date="2018-11-04">
|
|
<section title="New features">
|
|
<change>
|
|
<summary>
|
|
util: Add cgroup v2 support
|
|
</summary>
|
|
<description>
|
|
cgroup v2 support has been implemented in libvirt, with both
|
|
"unified" (v2 only) and "hybrid" (v2 + v1) setups being usable;
|
|
existing "legacy" (v1 only) setups will keep working.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Add vfio AP support
|
|
</summary>
|
|
<description>
|
|
The QEMU driver now has support to passthrough adjunct processors
|
|
into QEMU guests on S390.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Improvements">
|
|
<change>
|
|
<summary>
|
|
rpc: Make 'genprotocol' output reproducible
|
|
</summary>
|
|
<description>
|
|
This is another step towards making libvirt builds fully
|
|
reproducible.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Bug fixes">
|
|
<change>
|
|
<summary>
|
|
security: Fix permissions for UNIX sockets
|
|
</summary>
|
|
<description>
|
|
Since 4.5.0, libvirt is using FD passing to hand sockets over to
|
|
QEMU, which in theory removes the need for them to be accessible by
|
|
the user under which the QEMU process is running; however, other
|
|
processes such as vdsm need to access the sockets as well, which
|
|
means adjusting permissions is still necessary.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
cpu_map: Add Icelake model definitions
|
|
</summary>
|
|
<description>
|
|
These CPU models will be available in the upcoming 3.1.0 QEMU
|
|
release.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
util: Properly parse URIs with missing trailing slash
|
|
</summary>
|
|
<description>
|
|
Some storage URIs were not parsed correctly, in which case libvirt
|
|
ended up emitting XML that it would then refuse to parse back.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
</release>
|
|
<release version="v4.8.0" date="2018-10-01">
|
|
<section title="New features">
|
|
<change>
|
|
<summary>
|
|
Xen: Support PM Suspend and Wakeup
|
|
</summary>
|
|
<description>
|
|
The libxl driver now supports the virDomainPMSuspendForDuration
|
|
and virDomainPMWakeup APIs.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Removed features">
|
|
<change>
|
|
<summary>
|
|
Xen: Drop support for Xen 4.4 and 4.5
|
|
</summary>
|
|
<description>
|
|
Xen 4.4 and 4.5 are no longer supported by the Xen community.
|
|
Drop support for these older versions and require Xen >= 4.6.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
nwfilter: Disallow binding creation in session mode
|
|
</summary>
|
|
<description>
|
|
Ensure that a filter binding creation is not attempted in session
|
|
mode and generates a proper error message.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Improvements">
|
|
<change>
|
|
<summary>
|
|
qemu: Retrieve guest hostname through QEMU Guest Agent command
|
|
</summary>
|
|
<description>
|
|
QEMU is now able to retrieve the guest hostname using a new QEMU-GA
|
|
command called 'guest-get-host-name'. Virsh users can execute
|
|
'domhostname' for QEMU driver for domains configured to use the
|
|
Guest Agent.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
virsh: Implement vsh-table in virsh and virsh-admin
|
|
</summary>
|
|
<description>
|
|
The new API fixes problems with table-alignment, making the tables
|
|
more readable and deals with unicode.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Bug fixes">
|
|
<change>
|
|
<summary>
|
|
storage: Allow inputvol to be encrypted
|
|
</summary>
|
|
<description>
|
|
When creating a storage volume based on another volume, the base
|
|
input volume is allowed to be encrypted.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
virsh: Require explicit --domain for domxml-to-native
|
|
</summary>
|
|
<description>
|
|
The --domain option for domxml-to-native virsh command has always
|
|
been documented as required, but commit v4.3.0-127-gd86531daf2
|
|
accidentally made it optional.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
lxc_monitor: Avoid AB / BA lock race
|
|
</summary>
|
|
<description>
|
|
A deadlock situation could occur when autostarting a LXC domain
|
|
'guest' due to two threads attempting to take opposing locks while
|
|
holding opposing locks (AB BA problem).
|
|
</description>
|
|
</change>
|
|
</section>
|
|
</release>
|
|
<release version="v4.7.0" date="2018-09-03">
|
|
<section title="New features">
|
|
<change>
|
|
<summary>
|
|
storage: add storage pool iscsi-direct
|
|
</summary>
|
|
<description>
|
|
Introduce a new storage pool backend that uses libiscsi instead of
|
|
iscsiadm. It support basic pool operations: checkPool and refreshPool.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Add support for MBA (Memory Bandwidth Allocation technology)
|
|
</summary>
|
|
<description>
|
|
Domain vCPU threads can now have allocated some parts of host memory
|
|
bandwidth by using the <code>memorytune</code> element in <code>cputune</code>.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Add support for RISC-V guests
|
|
</summary>
|
|
<description>
|
|
riscv32 and riscv64 guest architectures are now supported.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Improvements">
|
|
<change>
|
|
<summary>
|
|
qemu: Add ccw support for vhost-vsock
|
|
</summary>
|
|
<description>
|
|
Support the vhost-vsock-ccw device on S390.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Make default machine type independent of QEMU
|
|
</summary>
|
|
<description>
|
|
We can't control whether or not QEMU will change its default
|
|
machine type in the future, or whether downstream distributions
|
|
will decide to compile out some machine types, so our only option
|
|
to provide a predictable behavior is taking care of the default
|
|
ourselves; management applications and users are encouraged to
|
|
explicitly pick a machine type when creating new guests.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
apparmor: Various improvements
|
|
</summary>
|
|
<description>
|
|
Rules have been added to deal with a number of scenarios that
|
|
didn't work correctly.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Bug fixes">
|
|
<change>
|
|
<summary>
|
|
esx: Truncate CPU model name
|
|
</summary>
|
|
<description>
|
|
Some CPU model names are too long to be stored into the
|
|
corresponding property, and should be explicitly truncated
|
|
to avoid unexpected behavior in users of the
|
|
<code>virNodeGetInfo()</code> API such as
|
|
<code>virsh nodeinfo</code>.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
utils: Remove arbitrary limit on socket_id/core_id
|
|
</summary>
|
|
<description>
|
|
Both values were assumed to be smaller than 4096, but in fact
|
|
they are entirely hardware-dependent and there have been reports
|
|
of machines presenting much bigger values, preventing libvirt from
|
|
working correctly; all such limits have now been removed.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
</release>
|
|
<release version="v4.6.0" date="2018-08-06">
|
|
<section title="New features">
|
|
<change>
|
|
<summary>
|
|
qemu: Implement the HTM pSeries feature
|
|
</summary>
|
|
<description>
|
|
Users can now decide whether HTM (Hardware Transactional Memory)
|
|
support should be available to the guest.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Enable VNC console for mediated devices
|
|
</summary>
|
|
<description>
|
|
Host devices now support a new atribute 'display' which can be used
|
|
to turn on frame buffer rendering on a vgpu mediated device instead of
|
|
on an emulated GPU, like QXL.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Improvements">
|
|
<change>
|
|
<summary>
|
|
qemu: Introduce a new video model of type 'none'
|
|
</summary>
|
|
<description>
|
|
Introduce a new video model type that disables the automatic addition
|
|
of a video device to domains with 'graphics' specified in their XML.
|
|
This can be useful with GPU mediated devices which can serve as the
|
|
only rendering devices within the guest.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
virsh: Add --alias to attach-disk and attach-interface commands
|
|
</summary>
|
|
<description>
|
|
Add option --alias to set customized device alias name when
|
|
using attach-disk or attach-interface commands.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
virsh: Support usb and sata address to attach-disk
|
|
</summary>
|
|
<description>
|
|
Usb or sata address could be used when attach-disk with --address.
|
|
For example, use usb address as usb:<bus>.<port>, use
|
|
sata address as <controller>.<bus>.<unit>.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
</release>
|
|
<release version="v4.5.0" date="2018-07-02">
|
|
<section title="New features">
|
|
<change>
|
|
<summary>
|
|
qemu: Provide TPM emulator support
|
|
</summary>
|
|
<description>
|
|
Support QEMU's TPM emulator based on swtpm. Each QEMU guest gets
|
|
its own virtual TPM.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
bhyve: Support specifying guest CPU topology
|
|
</summary>
|
|
<description>
|
|
Bhyve's guest CPU topology could be specified using the
|
|
<code><cpu><topology ../></cpu></code> element.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Add support for extended TSEG size
|
|
</summary>
|
|
<description>
|
|
Support specifying extended TSEG size for SMM in QEMU.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Add support for SEV guests
|
|
</summary>
|
|
<description>
|
|
SEV (Secure Encrypted Virtualization) is a feature available on AMD
|
|
CPUs that encrypts the guest memory and makes it inaccessible even
|
|
to the host OS.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Removed features">
|
|
<change>
|
|
<summary>
|
|
Remove support for qcow/default encrypted volumes
|
|
</summary>
|
|
<description>
|
|
Disallow using a qcow encrypted volume for the guest and
|
|
disallow creation of the qcow or default encrypted volume
|
|
from the storage driver. Support for qcow encrypted volumes
|
|
has been phasing out since QEMU 2.3 and by QEMU 2.9 creation
|
|
of a qcow encrypted volume via qemu-img required usage of
|
|
secret objects, but that support was never added to libvirt.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Make GnuTLS mandatory
|
|
</summary>
|
|
<description>
|
|
Building without GnuTLS is no longer possible.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Remove allow_disk_format_probing configuration option
|
|
</summary>
|
|
<description>
|
|
The option represented a security risk when used with malicious
|
|
disk images, so users were recommended against enabling it; with
|
|
this release, it's been removed altogether.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Improvements">
|
|
<change>
|
|
<summary>
|
|
capabilities: Provide info about host IOMMU support
|
|
</summary>
|
|
<description>
|
|
Capabilities XML now provide information about host IOMMU support.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
virsh: Add --all to domblkinfo command
|
|
</summary>
|
|
<description>
|
|
Alter the <code>domblkinfo</code> command to add the option
|
|
--all in order to display the size details of each domain
|
|
block device from one command in a output table.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Allow concurrent access to monitor and guest agent
|
|
</summary>
|
|
<description>
|
|
Historically libvirt prevented concurrent accesses to
|
|
the qemu monitor and the guest agent. Therefore two
|
|
independent calls (one querying the monitor and the
|
|
other querying guest agent) would serialize which hurts
|
|
performance. The code was reworked to allow two
|
|
independent calls run at the same time.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Allow configuring the page size for HPT pSeries guests
|
|
</summary>
|
|
<description>
|
|
For HPT pSeries guests, the size of the host pages used to back guest
|
|
memory and the usable guest page sizes are connected; the new setting
|
|
can be used to request that a certain page size is available in the
|
|
guest.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Add support to use an raw input volume for encryption
|
|
</summary>
|
|
<description>
|
|
It is now possible to provide a raw input volume as input for
|
|
to generate a luks encrypted volume via either virsh vol-create-from
|
|
or virStorageVolCreateXMLFrom.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Add support for vsock hot (un)plug and cold (un)plug
|
|
</summary>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Add support for NBD over TLS
|
|
</summary>
|
|
<description>
|
|
NBD volumes can now be accessed securely.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Implement FD passing for Unix sockets
|
|
</summary>
|
|
<description>
|
|
Instead of having QEMU open the socket and then connecting to it,
|
|
which is inherently racy, starting with QEMU 2.12 we can open the
|
|
socket ourselves and pass it to QEMU, avoiding race conditions.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
virsh: Introduce --nowait option for domstat command
|
|
</summary>
|
|
<description>
|
|
When this option is specified, virsh will try to fetch the guest
|
|
stats but abort instead of stalling if they can't be retrieved right
|
|
away.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Bug fixes">
|
|
<change>
|
|
<summary>
|
|
qemu: Fix a potential libvirtd crash on VM reconnect
|
|
</summary>
|
|
<description>
|
|
Initialization of the driver worker pool needs to come before libvirtd
|
|
trying to reconnect to all machines, since one of the QEMU processes
|
|
migh have already emitted events which need to be handled prior to
|
|
us getting to the worker pool initialization.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Fix domain resume after failed migration
|
|
</summary>
|
|
<description>
|
|
Recent versions of QEMU activate block devices before the guest CPU
|
|
has been started, which makes it impossible to roll back a failed
|
|
migration. Use the <code>late-block-activate</code> migration
|
|
capability if supported to avoid the issue.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
vmx: Permit guests to have an odd number of vCPUs
|
|
</summary>
|
|
<description>
|
|
An odd number of vCPUs greater than 1 was forbidden in the past,
|
|
but current versions of ESXi have lifted that restriction.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
</release>
|
|
<release version="v4.4.0" date="2018-06-04">
|
|
<section title="New features">
|
|
<change>
|
|
<summary>
|
|
bhyve: Support locking guest memory
|
|
</summary>
|
|
<description>
|
|
Bhyve's guest memory may be wired using the
|
|
<code><memoryBacking><locked/></memoryBacking></code>
|
|
element.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Provide VFIO channel I/O passthrough support
|
|
</summary>
|
|
<description>
|
|
Support passthrough devices that use channel I/O based mechanism in
|
|
a QEMU virtual machine.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Add support for migration of VMs with non-shared storage over TLS
|
|
</summary>
|
|
<description>
|
|
It's now possible to use the VIR_MIGRATE_TLS flag together with
|
|
VIR_MIGRATE_NON_SHARED_DISK. The connection is then secured using the
|
|
TLS environment which is setup for the migration connection.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Add support for VM Generation ID
|
|
</summary>
|
|
<description>
|
|
The VM Generatation ID exposes a 128-bit, cryptographically
|
|
random, integer value identifier, referred to as a Globally
|
|
Unique Identifier (GUID) to the guest in order to notify the
|
|
guest operating system when the virtual machine is executed
|
|
with a different configuration. Add a new domain XML processing
|
|
and a domain capabilities feature.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Introduce virDomainDetachDeviceAlias
|
|
</summary>
|
|
<description>
|
|
This new API enables users to detach device using only its alias.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Introduce new virConnectCompareHypervisorCPU and virConnectBaselineHypervisorCPU APIs
|
|
</summary>
|
|
<description>
|
|
Unlike the old virConnectCompareCPU and virConnectBaselineCPU APIs,
|
|
both new APIs consider capabilities of a specific hypervisor.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Introduce SCSI persistent reservations support
|
|
</summary>
|
|
<description>
|
|
The QEMU driver gained support for qemu-pr-helper which enables
|
|
guests to issue SCSI commands for persistent reservation.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Implement multiple screen support for virDomainScreenshot
|
|
</summary>
|
|
<description>
|
|
While the virDomainScreenshot API supported multihead video cards,
|
|
the implementation was missing. But now that QEMU implemented it
|
|
libvirt has done as well.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: add support for vhost-vsock-device
|
|
</summary>
|
|
<description>
|
|
A new vsock device was introduced, allowing communication between
|
|
the guest and the host via the AF_VSOCK family.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Improvements">
|
|
<change>
|
|
<summary>
|
|
qemu: Add suport for OpenGL rendering with SDL
|
|
</summary>
|
|
<description>
|
|
Domains using SDL as a graphics backend will now be able to use
|
|
OpenGL accelerated rendering.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Add support for 'output' audio codec
|
|
</summary>
|
|
<description>
|
|
Support QEMU's 'hda-output' codec advertising only a line-out for ich6
|
|
and ich9 sound devices.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
virsh: Enhance event name completion
|
|
</summary>
|
|
<description>
|
|
Implement event name completion for some commands (e.g. event,
|
|
secret-event, pool-event and nodedev-event)
|
|
</description>
|
|
</change>
|
|
</section>
|
|
</release>
|
|
<release version="v4.3.0" date="2018-05-02">
|
|
<section title="New features">
|
|
<change>
|
|
<summary>
|
|
qemu: Add support for the pcie-to-pci-bridge controller
|
|
</summary>
|
|
<description>
|
|
Pure PCIe guests such as x86_64/q35 and aarch64/virt will now
|
|
add this controller when traditional PCI devices are in use.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Xen: Support setting CPU features for host-passthrough model
|
|
</summary>
|
|
<description>
|
|
The CPU model presented to Xen HVM domains is equivalent to libvirt's
|
|
host-passthrough model, although individual features can be enabled
|
|
and disabled via the cpuid setting. The libvirt libxl driver now
|
|
supports enabling and disabling individual features of the
|
|
host-passthrough CPU model.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Removed features">
|
|
<change>
|
|
<summary>
|
|
Xen: Drop the legacy xend-based driver
|
|
</summary>
|
|
<description>
|
|
The xm/xend toolstack was deprecated in Xen 4.2 and removed
|
|
from the Xen sources in the 4.5 development cycle. The libvirt
|
|
driver based on xend is now removed from the libvirt sources.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Improvements">
|
|
<change>
|
|
<summary>
|
|
qemu: Support hot plug and hot unplug of mediated devices
|
|
</summary>
|
|
<description>
|
|
Libvirt now allows mediated devices to be hot plugged and hot
|
|
unplugged from a guest rather than reporting an error that this isn't
|
|
supported. In fact, kernel has been supporting this since 4.10.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Bug fixes">
|
|
<change>
|
|
<summary>
|
|
Improve handling of device mapper targets
|
|
</summary>
|
|
<description>
|
|
When starting a domain with a disk backed by a device
|
|
mapper volume libvirt also needs to allow the storage
|
|
backing the device mapper in CGroups. In the past
|
|
kernel did not care, but starting from 4.16 CGroups are
|
|
consulted on each access to the device mapper target.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
</release>
|
|
<release version="v4.2.0" date="2018-04-01">
|
|
<section title="New features">
|
|
<change>
|
|
<summary>
|
|
Support building with Python 3
|
|
</summary>
|
|
<description>
|
|
Python is required to build libvirt, and up until now only Python 2
|
|
could be used as an interpreter. All scripts used during build have
|
|
now been made compatible with Python 3, which means both major
|
|
releases of the language are fully supported.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Provide ccw address support for graphics and input devices
|
|
</summary>
|
|
<description>
|
|
Support the virtio-gpu-ccw device as a video device and
|
|
virtio-{keyboard, mouse, tablet}-ccw devices as input devices
|
|
on S390.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Improvements">
|
|
<change>
|
|
<summary>
|
|
qemu: Add logging of guest crash information on S390
|
|
</summary>
|
|
<description>
|
|
On S390, when the guest crashes and QEMU exposes the guest crash
|
|
information, log the relevant data to the domain log file.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: use arp table of host to get the IP address of guests
|
|
</summary>
|
|
<description>
|
|
Find IP address of a VM by arp table on hosts.
|
|
If someone customizing IP address inside VM, it will be helpful.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Xen: Remove hard-coded scheduler weight
|
|
</summary>
|
|
<description>
|
|
The libxl driver was accidentally hard-coding the per-domain
|
|
scheduler weight to 1000, silently ignoring any user-provided
|
|
<code><shares></code> in <code><cputune></code>. The
|
|
driver now honors <code><shares></code>, and defers setting
|
|
a default value to Xen. Note that the Xen default is 256, so any
|
|
domains started after this improvement will have one fourth the
|
|
shares of previously started domains. If all domains must have
|
|
equal CPU shares, administrators must manually set the weight of
|
|
previously started domains to 256, or restart them.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Bug fixes">
|
|
<change>
|
|
<summary>
|
|
qemu: TLS migration now enforces use of TLS for the NBD connection
|
|
</summary>
|
|
<description>
|
|
When the VIR_MIGRATE_TLS flag was used with the migration API libvirt
|
|
did not ensure that the NBD connection was using TLS as well. The code
|
|
now rejects such migration as the TLS transport for NBD is not ready
|
|
yet, but prevents a false sense of security that TLS would be used.
|
|
The support TLS for NBD will be added soon.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
</release>
|
|
<release version="v4.1.0" date="2018-03-05">
|
|
<section title="New features">
|
|
<change>
|
|
<summary>
|
|
Added support for CAT (Cache allocation Technology)
|
|
</summary>
|
|
<description>
|
|
Domain vCPU threads can now have allocated some parts of host cache
|
|
using the <code>cachetune</code> element in <code>cputune</code>.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Allow opening secondary drivers
|
|
</summary>
|
|
<description>
|
|
Up until now it was possible to connect to only hypervisor drivers
|
|
(e.g. qemu:///system, lxc:///, vbox:///system, and so on). The
|
|
internal drivers (like network driver, node device driver, etc.) were
|
|
hidden from users and users could use them only indirectly. Starting
|
|
with this release new connection URIs are accepted. For instance
|
|
network:///system, storage:///system and so on.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
virtlogd, virtlockd: Add support for admin protocol
|
|
</summary>
|
|
<description>
|
|
These two daemons now support admin protocol through which some admin
|
|
info can be gathered or some configuration tweaked on the fly.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Improvements">
|
|
<change>
|
|
<summary>
|
|
virsh: Enhance bash completion
|
|
</summary>
|
|
<description>
|
|
Implement more bash completions so that basic libvirt
|
|
objects can be auto-completed (e.g. networks,
|
|
interfaces, NWFilters, and so on).
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Use VIR_ERR_DEVICE_MISSING for various hotplug/detach messages
|
|
</summary>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Allow showing the dump progress for memory only dump
|
|
</summary>
|
|
<description>
|
|
Alter the QEMU dump-guest-memory command processing to check
|
|
for and allow asynchronous completion which then allows for
|
|
the virsh dump --memory-only --verbose command to display percent
|
|
completion data.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
conf: add support for setting Chassis SMBIOS data fields
|
|
</summary>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
libxl: add support for setting clock offset and adjustment
|
|
</summary>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Make port allocator global
|
|
</summary>
|
|
<description>
|
|
Up until now each driver had their own port allocator module. This
|
|
meant that info on port usage was not shared. Starting with this
|
|
release, the port allocator module is made global and therefore
|
|
drivers allocate ports from global pool.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Fixed some compiler warnings that appear with GCC 8
|
|
</summary>
|
|
</change>
|
|
</section>
|
|
<section title="Bug fixes">
|
|
<change>
|
|
<summary>
|
|
qemu: Check for unsafe migration more thoroughly
|
|
</summary>
|
|
<description>
|
|
If a domain disk is stored on local filesystem (e.g. ext4) but is
|
|
not being migrated it is very likely that domain is not able to
|
|
run on destination. Regardless of share/cache mode.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Fix updating device with boot order
|
|
</summary>
|
|
<description>
|
|
Starting with 3.7.0 release updating any device with boot order would
|
|
fail with 'boot order X is already used by another device' while in
|
|
fact it was the very same device.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
virlog: determine the hostname on startup CVE-2018-6764
|
|
</summary>
|
|
<description>
|
|
At later point it might not be possible or even safe to use
|
|
getaddrinfo(). It can in turn result in a load of NSS module which
|
|
can even be loaded from unsage guest filesystem and thus escape the
|
|
confinment of its container.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Rework vCPU statistics fetching
|
|
</summary>
|
|
<description>
|
|
Fetching vCPU statistics was very expensive because it lead to waking
|
|
up vCPU threads in QEMU and thus it degraded performance. The code
|
|
was reworked so that fetching statistics does not wake up halted
|
|
vCPUs.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: unlink memory backing file on domain shutdown
|
|
</summary>
|
|
<description>
|
|
Depending on the filesystem where domain memory is stored, some files
|
|
might have been left behind. This is not a problem on hugetlbfs, but
|
|
it is a problem on regular filesystems like ext4.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Fix shutting down domains in parallel
|
|
</summary>
|
|
<description>
|
|
If multiple domains were being shut down in parallel, libvirtd might
|
|
have deadlocked.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
nodedev: Update PCI mdev capabilities dynamically
|
|
</summary>
|
|
<description>
|
|
PCI devices may have other nested capabilities, like SRIOV and mdev
|
|
which depend on the device being plugged into the native vendor
|
|
driver. However, in case such a device is directly assigned to a guest
|
|
using VFIO driver, the device will naturally lose these capabilities
|
|
and libvirt needs to reflect that.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
</release>
|
|
<release version="v4.0.0" date="2018-01-19">
|
|
<section title="New features">
|
|
<change>
|
|
<summary>
|
|
tools: Provide bash completion support
|
|
</summary>
|
|
<description>
|
|
Both <code>virsh</code> and <code>virt-admin</code> now implement
|
|
basic bash completion support.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Refresh capabilities on host microcode update
|
|
</summary>
|
|
<description>
|
|
A microcode update can cause the CPUID bits to change; therefore,
|
|
the capabilities cache should be rebuilt when such an update is
|
|
detected on the host.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
lxc: Set hostname based on container name
|
|
</summary>
|
|
</change>
|
|
</section>
|
|
<section title="Improvements">
|
|
<change>
|
|
<summary>
|
|
CPU frequency reporting improvements
|
|
</summary>
|
|
<description>
|
|
The CPU frequency will now be reported by <code>virsh nodeinfo</code>
|
|
and other tools for s390 hosts; at the same time; CPU frequency has
|
|
been disabled on aarch64 hosts because there's no way to detect it
|
|
reliably.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
libxl: Mark domain0 as persistent
|
|
</summary>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Xen: Add support for multiple IP addresses on interface devices
|
|
</summary>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Add support for hot unplugging redirdev device
|
|
</summary>
|
|
</change>
|
|
</section>
|
|
<section title="Bug fixes">
|
|
<change>
|
|
<summary>
|
|
qemu: Enforce vCPU hotplug granularity constraints
|
|
</summary>
|
|
<description>
|
|
QEMU 2.7 and newer don't allow guests to start unless the initial
|
|
vCPUs count is a multiple of the vCPU hotplug granularity, so
|
|
validate it and report an error if needed.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
</release>
|
|
<release version="v3.10.0" date="2017-12-04">
|
|
<section title="New features">
|
|
<change>
|
|
<summary>
|
|
conf: Support defining distances between virtual NUMA cells
|
|
</summary>
|
|
<description>
|
|
A NUMA hardware architecture supports the notion of distances
|
|
between NUMA cells. This can now be specified using the
|
|
<code><distances></code> element within the NUMA cell
|
|
configuration. Drivers which support this include Xen and QEMU.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Xen: Support defining vNUMA topology
|
|
</summary>
|
|
<description>
|
|
Xen now supports defining a virtual NUMA topology for VMs,
|
|
including specifying distances between NUMA cells.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Add the ability to configure HPT resizing for pSeries guests
|
|
</summary>
|
|
<description>
|
|
The user can now decide whether HPT (Hash Page Table) resizing
|
|
should be enabled, disabled or required instead of leaving it up to
|
|
hypervisor defaults and negotiation between the guest and the host.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Add vmcoreinfo feature
|
|
</summary>
|
|
<description>
|
|
Starting with QEMU 2.11, the guest can save kernel debug
|
|
details when this feature is enabled and the kernel supports
|
|
it. It is useful to process kernel dump with KASLR enabled,
|
|
and also provides various kernel details to crash tools.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
conf: Move the auth and encryption definitions to disk source
|
|
</summary>
|
|
<description>
|
|
Allow parsing and formatting of the <code>auth</code> and
|
|
<code>encryption</code> sub-elements to be a child of the
|
|
<code>source</code> element. This will allow adding an
|
|
<code>auth</code> sub-element to a <code>backingStore</code>
|
|
or <code>mirror</code> elements as a means to track specific
|
|
authentication and/or encryption needs.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Improvements">
|
|
<change>
|
|
<summary>
|
|
vbox: Add VirtualBox 5.2 support
|
|
</summary>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
vbox: Add support for configuring storage controllers
|
|
</summary>
|
|
<description>
|
|
The VirtualBox driver now supports the <code><controller></code>
|
|
element in the domain XML for configuring storage controllers in VBOX
|
|
VMs. Additionally, libvirt's domain XML schema was updated to allow
|
|
optional <code>model</code> attribute for <code><controller
|
|
type='ide'></code> which is used by the VBOX driver to set the
|
|
IDE controller model to be one of 'piix4', 'piix4' (default), or
|
|
'ich6'. Finally, with this change <code>dumpxml</code> generates
|
|
<code><controller></code> elements that correspond to current
|
|
VBOX VM storage controller configuration.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
vbox: Add support for attaching empty removable disks
|
|
</summary>
|
|
<description>
|
|
The VirutalBox driver now supports adding CD-ROM and floppy disk
|
|
devices that do not have the disk source specified. Previously such
|
|
devices were silently ignored.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
vbox: Add support for attaching SAS storage controllers
|
|
</summary>
|
|
<description>
|
|
In VirtualBox, SCSI and SAS are distinct controller types whereas
|
|
libvirt does not make such distinction. Therefore, the VBOX driver was
|
|
updated to allow attaching SAS controllers via <code><controller
|
|
type='scsi' model='lsisas1068'></code> element. If there are
|
|
both SCSI and SAS controllers present in the VBOX VM, the domain XML
|
|
can associate the disk device using the <code><address></code>
|
|
element with the <code>controller</code> attribute, and optionally,
|
|
set the port via <code>unit</code> attribute.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Generate predictable paths for qemu memory backends
|
|
</summary>
|
|
<description>
|
|
In some cases management applications need to know
|
|
paths passed to memory-backend-file objects upfront.
|
|
Libvirt now generates predictable paths so applications
|
|
can prepare the files if they need to do so.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Shareable disks work properly with recent qemu
|
|
</summary>
|
|
<description>
|
|
Recent qemu versions added image locking to avoid potential corruption
|
|
of disk images. This broke shareable disks with libvirt since the
|
|
feature was turned on by default in qemu. Libvirt now enables sharing
|
|
of those disks in qemu so that the image locking is not applied in
|
|
that case. Additionally libvirt now checks that shareable disks have
|
|
supported format (raw) to avoid metadata corruption.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Improve serial console behavior on non-x86 architectures
|
|
</summary>
|
|
<description>
|
|
ppc64, aarch64 and s390x guests were treating the <serial>
|
|
and <console> elements differently from x86, in some cases
|
|
presenting misleading information to the user. The behavior is now
|
|
consistent across all architectures and the information reported
|
|
is always accurate.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Bug fixes">
|
|
<change>
|
|
<summary>
|
|
vbox: Do not ignore failures to attach disk devices when defining
|
|
</summary>
|
|
<description>
|
|
The <code>define</code> now fails and reports an error if any of the
|
|
<code>controller</code> or <code>disk</code> devices specified in the
|
|
domain XML fail to attach to the VirtualBox VM.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
vbox: Fix dumpxml to always output disk devices
|
|
</summary>
|
|
<description>
|
|
The VirtualBox driver was ignoring any disk devices in
|
|
<code>dumpxml</code> output if there was a SAS storage controller
|
|
attached to the VM.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
vbox: Fix dumpxml to always generate valid domain XML
|
|
</summary>
|
|
<description>
|
|
When a VirtualBox VM has multiple disks attached, each to a different
|
|
storage controller that uses 'sd' prefix for block device names e.g.
|
|
one disk attached to SATA and one to SCSI controller, it no longer
|
|
generates XML where both would have 'sda' device name assigned.
|
|
Instead it properly assigns 'sda' and 'sdb' to those disks in the
|
|
order of appearance.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Securely pass iSCSI authentication data
|
|
</summary>
|
|
<description>
|
|
Rather than supplying the authentication data as part of the
|
|
iSCSI URL for a disk or host device, utilize the encrypted
|
|
secret object to securely pass the authentication data.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
</release>
|
|
<release version="v3.9.0" date="2017-11-02">
|
|
<section title="New features">
|
|
<change>
|
|
<summary>
|
|
Add capability to allow hot (un)plug of a domain watchdog device
|
|
</summary>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Allow users to set device aliases
|
|
</summary>
|
|
<description>
|
|
Users can set aliases to domain devices and thus identify them
|
|
easily.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Support multiqueue for virtio-blk
|
|
</summary>
|
|
<description>
|
|
Multiqueue support for <code>virtio-blk</code> has been available
|
|
in QEMU ever since 2.7.0, and now libvirt guests can enable it.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Add virDomainSetLifecycleAction API
|
|
</summary>
|
|
<description>
|
|
Provided a new API to allow dynamic guest lifecycle control for
|
|
guest reactions to poweroff, restart, or crash type events related
|
|
to the domain XML <code>on_poweroff</code>, <code>on_reboot</code>,
|
|
and <code>on_crash</code> elements. The
|
|
<code>virsh set-lifecycle-action</code> command was created to
|
|
control the actions.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Allow cold(un)plugging and hot(un)plugging input devices
|
|
</summary>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
net: Implement QoS for vhostuser
|
|
</summary>
|
|
</change>
|
|
</section>
|
|
<section title="Improvements">
|
|
<change>
|
|
<summary>
|
|
Allow a logical volume to be create using LUKS
|
|
</summary>
|
|
<description>
|
|
A logical volume may be created using an <code>encryption</code>
|
|
element using "luks" format. This does require a previously created
|
|
<code>secret</code> to store the passphrase used to encrypt the
|
|
volume Adding the volume to a domain can then either provide the
|
|
secret or allow the consumer in the guest to provide the passphrase
|
|
in order to decrypt the volume.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
net: Ignore auto-generated MAC address when detaching an interface
|
|
</summary>
|
|
<description>
|
|
If the MAC address has not been specified by the user, libvirt will
|
|
try and fill in the gaps by generating one; however, for some error
|
|
paths that led to some confusing error messages, so when an
|
|
auto-generated MAC address is specified the error message will not
|
|
include the auto-generated MAC.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
net: Enable MAC address lookup for virDomainInterfaceStats
|
|
</summary>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
apparmor: Several improvements
|
|
</summary>
|
|
<description>
|
|
Changes include permitting access to data about USB devices and
|
|
<code>dnsmasq</code> instances, allowing spaces in guest names and
|
|
many more.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
cpu: Use CPU information obtained from QEMU when possible
|
|
</summary>
|
|
<description>
|
|
Recent QEMU versions can expose information about which CPU models
|
|
are available and usable on the host; libvirt will now make use of
|
|
such information whenever possible.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
hyperv: Various improvements
|
|
</summary>
|
|
<description>
|
|
The error reported when clients can't connect to Hyper-V has been
|
|
made more descriptive, and memory limits for guests are now mapped
|
|
to more appropriate libvirt equivalents.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Report QEMU error on failed migration
|
|
</summary>
|
|
<description>
|
|
Instead of reporting a generic error, ask QEMU for a more detailed
|
|
and thus hopefully more helpful one.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
vbox: Implement autoport for RDP
|
|
</summary>
|
|
<description>
|
|
libvirt will now obtain the (dynamically allocated) RDP port number
|
|
from VirtualBox itself, avoiding conflicts between multiple guests
|
|
wanting to use RDP at the same time.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Allow rotation of small logs
|
|
</summary>
|
|
<description>
|
|
On a host where numerous unique instances are executed per day, it's
|
|
quite possible that, even though each of the single log files are
|
|
fairly small, collectively the quantity and volume may add tens of
|
|
thousands of log files to the <code>/var/log/libvirt/qemu/</code>
|
|
directory. Removing the constraints that log have to be bigger than
|
|
100 KiB before they can be rotated solves the issue.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Bug fixes">
|
|
<change>
|
|
<summary>
|
|
Fix swapped interface statistics and QoS
|
|
</summary>
|
|
<description>
|
|
Due to internal implementation, reported statistics for
|
|
some types of interfaces were swapped (RX appeared in
|
|
TX and vice versa). Similarly, QoS was set in reversed
|
|
way.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Properly resize local LUKS encrypted volume
|
|
</summary>
|
|
<description>
|
|
Resizing of a local LUKS encrypted volume will now use qemu-img
|
|
to resize the volume. This will require configuring a secret for
|
|
the LUKS encrypted volume.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Reserve PCI addresses for implicit i440fx devices
|
|
</summary>
|
|
<description>
|
|
Failing to do so causes the addresses to be considered usable by
|
|
libvirt, which means they could be assigned to more than one device
|
|
resulting in the guest failing to start.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
spec: Restart libvirtd only at the end of the upgrade process
|
|
</summary>
|
|
<description>
|
|
Use <code>%posttrans</code> to make sure <code>libvirtd</code>
|
|
is not restarted before all other components, such as the library
|
|
itself and storage / hypervisor drivers, have already been upgraded.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Security">
|
|
<change>
|
|
<summary>
|
|
qemu: Ensure TLS clients always verify the server certificate
|
|
</summary>
|
|
<description>
|
|
While it's reasonable to turn off client certificate validation,
|
|
as setting it up can be non-trivial, clients should always verify
|
|
the server certificate to avoid MITM attacks. However, libvirt was
|
|
using the same knob to control both checks, leading to
|
|
CVE-2017-1000256 / LSN-2017-0002.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
</release>
|
|
<release version="v3.8.0" date="2017-10-04">
|
|
<section title="New features">
|
|
<change>
|
|
<summary>
|
|
qemu: Added support for cold-(un)plug of watchdog devices
|
|
</summary>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Added support for setting IP address os usernet interfaces
|
|
</summary>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Added support for Veritas Hyperscale (VxHS) block devices
|
|
</summary>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
storage: Added new events for pool-build and pool-delete
|
|
</summary>
|
|
</change>
|
|
</section>
|
|
<section title="Improvements">
|
|
<change>
|
|
<summary>
|
|
qemu: Set DAC permissions properly for spice rendernode
|
|
</summary>
|
|
<description>
|
|
When a <code>rendernode</code> path is set for SPICE GL on
|
|
<code>qemu:///system</code>, we now correctly set DAC permissions
|
|
on the device at VM startup. This is the last remaining hurdle to
|
|
let SPICE GL work for <code>qemu:///system</code> without any
|
|
external host changes.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
nodedev: Add switchdev offload query to NIC capabilities
|
|
</summary>
|
|
<description>
|
|
Allow querying the NIC interface capabilities for the
|
|
availability of switchdev offloading (also known as
|
|
kernel-forward-plane-offload).
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
New CPU models for AMD and Intel
|
|
</summary>
|
|
<description>
|
|
AMD EPYC and Intel Skylake-Server CPU models were added together with
|
|
their features
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Improve long waiting when saving a domain
|
|
</summary>
|
|
<description>
|
|
While waiting for a write to disk to be finished, e.g. during save,
|
|
even simple operations like <code>virsh list</code> would be blocking
|
|
due to domain lock. This is now resolved by unlocking the domain
|
|
in places where it is not needed.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Bug fixes">
|
|
<change>
|
|
<summary>
|
|
Proper units are now used in virsh manpage for dom(mem)stats
|
|
</summary>
|
|
<description>
|
|
Previously the documentation used multiples of 1000, but now it is
|
|
fixed to use multiples of 1024.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Fix error reporting when disk attachment fails
|
|
</summary>
|
|
<description>
|
|
There was a possibility for the actual error to be overridden or
|
|
cleared during the rollback.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Fix assignment of graphics ports after daemon restart
|
|
</summary>
|
|
<description>
|
|
This could be seen with newer kernels that have bug regarding
|
|
SO_REUSEADDR. After libvirtd was restarted it could assign already
|
|
used address to new guests which would make them fail to start. This
|
|
is fixed by marking used ports unavailable when reconnecting to
|
|
running QEMU domains.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Fix message decoding which was causing a very strange bug
|
|
</summary>
|
|
<description>
|
|
When parsing an RPC message with file descriptors was interrupted and
|
|
had to restart, the offset of the payload was calculated badly causing
|
|
strange issues like not being able to find a domain that was not
|
|
requested.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
</release>
|
|
<release version="v3.7.0" date="2017-09-04">
|
|
<section title="New features">
|
|
<change>
|
|
<summary>
|
|
qemu: Add managedsave-edit commands
|
|
</summary>
|
|
<description>
|
|
Using managedsave-dumpxml, managedsave-define and managedsave-edit
|
|
commands, now we can dump and edit the XML configuration of domain
|
|
which has managedsave image.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Add migrate-getmaxdowntime command
|
|
</summary>
|
|
<description>
|
|
Currently, the maximum tolerable downtime for a domain being migrated
|
|
is write-only from libvirt, via migrate-setmaxdowntime. This
|
|
implements a complementary migrate-getmaxdowntime command
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
bhyve: Support autoport for VNC ports
|
|
</summary>
|
|
<description>
|
|
It's no longer necessary to explicitly specify VNC port for the bhyve
|
|
guests. With the autoport feature it will be allocated automatically.
|
|
Please refer to the bhyve driver documentation for examples.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Added support for setting heads of virtio GPU
|
|
</summary>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Added support to configure reconnect timeout for chardev devices
|
|
</summary>
|
|
<description>
|
|
When you have a TCP or UNIX chardev device and it's connected somewhere
|
|
you can configure reconnect timeout if the connection is closed.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Improvements">
|
|
<change>
|
|
<summary>
|
|
qemu: Report a clear error when dropping a VM during startup
|
|
</summary>
|
|
<description>
|
|
"Failed to load config for domain 'DOMNAME'" is now reported if a VM
|
|
config can't be parsed for some reason, and thus provides a clear
|
|
indication for users (and devs).
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
apparmor: Update for QEMU 2.10 compatibility
|
|
</summary>
|
|
<description>
|
|
Starting with QEMU 2.10, disk images and NVRAM files get
|
|
automatically locked to prevent them from being corrupted; however,
|
|
file locking needs to be explicitly allowed through
|
|
<code>virt-aa-helper</code> or AppArmor will reject the requests and
|
|
the guest will not be able to run.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
virsh: List Unix sockets in 'domdisplay' output
|
|
</summary>
|
|
<description>
|
|
VNC and SPICE graphics can use Unix sockets instead of TCP/IP sockets
|
|
as connection endpoints, but such a configuration was not handled
|
|
correctly by <code>virsh domdisplay</code>, causing the respective
|
|
endpoints to be missing from the output.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Don't check whether offline migration is safe
|
|
</summary>
|
|
<description>
|
|
Since offline migration only copies the guest definition to the
|
|
destination host, data corruption is not a concern and the operation
|
|
can always be performed safely.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
virt-host-validate: Fix IOMMU detection on ppc64
|
|
</summary>
|
|
</change>
|
|
</section>
|
|
<section title="Bug fixes">
|
|
<change>
|
|
<summary>
|
|
qemu: Better support for international domain names (with wide characters)
|
|
</summary>
|
|
<description>
|
|
There were some issues with multi-byte domains getting lost
|
|
on daemon restart due to truncation, so the code now handles
|
|
multi-byte names a bit better.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Support long domain names with namespaces
|
|
</summary>
|
|
<description>
|
|
Domains with extremely long names would fail to start due to
|
|
temporary namespace paths being created with the whole name.
|
|
The path is now generated with shortened name instead.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Tolerate missing emulator binary during libvirtd restart
|
|
</summary>
|
|
<description>
|
|
For some time libvirt required qemu capabilities being present when
|
|
parsing VM configs during startup. As a side effect VM configs would
|
|
fail to parse and thus vanish, if the emulator binary would be
|
|
uninstalled or broken. Libvirt now tolerates when capabilities
|
|
are missing during startup.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Prevent pSeries guests from disappearing in some situations
|
|
</summary>
|
|
<description>
|
|
pSeries guest would disappear if any of the host devices they were
|
|
configured to use was not available during libvirtd startup, which
|
|
could easily happen for SR-IOV Virtual Functions. This scenario is
|
|
now handled correctly.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Honor <on_reboot/> setting
|
|
</summary>
|
|
<description>
|
|
The setting was accepted by the parser, but not actually implemented.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Fix --verbose option for all daemons
|
|
</summary>
|
|
<description>
|
|
Since v3.0.0, the option had been ignored by all libvirt daemons
|
|
(<code>libvirtd</code>, <code>virtlogd</code> and
|
|
<code>virtlockd</code>); it's now working as intended once again.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
</release>
|
|
<release version="v3.6.0" date="2017-08-02">
|
|
<section title="New features">
|
|
<change>
|
|
<summary>
|
|
hyperv: Implement virDomainSetMemory and virDomainSendKey APIs
|
|
</summary>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Support multiple PHBs for pSeries guests
|
|
</summary>
|
|
<description>
|
|
pSeries guests can now have multiple PHBs (PCI Host Bridges), which
|
|
show up as separate PCI domains in the guest. To create additional
|
|
PHBs, simply add PCI controllers with model <code>pci-root</code>
|
|
to the guest configuration.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Isolate hostdevs on pSeries guests
|
|
</summary>
|
|
<description>
|
|
To enable better error reporting and recovery, unrelated hostdevs
|
|
will now be automatically isolated on pSeries guests by placing them
|
|
on separate PHBs (PCI Host Bridges).
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Improvements">
|
|
<change>
|
|
<summary>
|
|
qemu: platform serial devices can now use chardev features
|
|
</summary>
|
|
<description>
|
|
QEMU VMs that depend on platform serial devices can now use
|
|
QEMU's <code>-chardev</code> option, which enables access to
|
|
advanced features like log file configuration. This applies
|
|
to the default serial devices for arm, aarch64, and some ppc
|
|
configurations.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Require use of GCC 4.4 or Clang compilers
|
|
</summary>
|
|
<description>
|
|
We only ever test libvirt with GCC or Clang (which
|
|
provides a GCC compatible compilation environment).
|
|
Between them, these compilers cover every supported
|
|
operating system platform, including Windows.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: shared disks with directsync cache should be safe for migration
|
|
</summary>
|
|
<description>
|
|
At present shared disks can be migrated with either readonly or
|
|
<code>cache=none</code>. But <code>cache=directsync</code> should be
|
|
safe for migration, because both <code>cache=directsync</code> and
|
|
<code>cache=none</code> don't use the host page cache, and
|
|
<code>cache=direct</code> write through qemu block layer cache.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Handle hotplug change on VLAN configuration using OVS
|
|
</summary>
|
|
<description>
|
|
Libvirt was taught to handle VLAN change for running OVS interface.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Bug fixes">
|
|
<change>
|
|
<summary>
|
|
qemu: Use vCPU 'node-id' property and pass it back to qemu
|
|
</summary>
|
|
<description>
|
|
vCPU properties gathered from query-hotpluggable-cpus need to be
|
|
passed back to QEMU. As QEMU did not use the node-id property until
|
|
now and libvirt forgot to pass it back properly (it was parsed but
|
|
not passed around) we did not honor this.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Miscellaneous stream fixes
|
|
</summary>
|
|
<description>
|
|
After introducing sparse stream features there were still some known
|
|
bugs left. Those are fixed in this release.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Miscellaneous domain NS fixes
|
|
</summary>
|
|
<description>
|
|
Libvirt starts qemu domains in separate Linux namespaces for a while
|
|
now. However, there were still some bugs lingering. For instance
|
|
libvirt did not know how to handle file based bind mounts.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Various CPU driver improvements
|
|
</summary>
|
|
<description>
|
|
There were some minor bugs when using 'host-model' CPU.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
</release>
|
|
<release version="v3.5.0" date="2017-07-04">
|
|
<section title="New features">
|
|
<change>
|
|
<summary>
|
|
qemu: Add support for loadparm for a boot device
|
|
</summary>
|
|
<description>
|
|
Add an optional boot parameter 'loadparm' for a boot device.
|
|
Loadparm is an 8 byte parameter that, when present, is queried by
|
|
S390 guests via sclp or diag 308. Linux guests on S390 use it to
|
|
select a boot entry.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Support controlling how video devices are exposed to the bhyve guests
|
|
</summary>
|
|
<description>
|
|
The <code>vgaconf</code> attribute was added to <code>video</code>'s
|
|
<code>driver</code> element. Possible values are: <code>on</code>,
|
|
<code>off</code>, and <code>io</code>. It controls the way how
|
|
bhyve exposes video devices to its guests; various guest OSes might
|
|
require different settings to boot properly.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Add support for live updates of coalesce settings
|
|
</summary>
|
|
<description>
|
|
Users can now use <code>virsh update-device</code> to change
|
|
the coalesce settings of an interfaces while the domain is
|
|
running.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Allow VirtIO devices to use vIOMMU
|
|
</summary>
|
|
<description>
|
|
It is now possible to turn on IOTBL for the vIOMMU and have VirtIO
|
|
devices use it, provided they have been configured appropriately.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Improvements">
|
|
<change>
|
|
<summary>
|
|
qemu: block copy job can be used with persistent domains
|
|
</summary>
|
|
<description>
|
|
Until now it was not possible to use block copy with persistent VMs.
|
|
In use cases where it's not required to recover the job after VM
|
|
shutdown, it's possible to specify VIR_DOMAIN_BLOCK_COPY_TRANSIENT_JOB
|
|
flag to start the copy job.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
JSON pseudo-protocol backing store parser supports new format of qemu 2.9
|
|
</summary>
|
|
<description>
|
|
QEMU 2.9 modified a few structures corresponding to the JSON format
|
|
of specifying a backing store for a disk image. Libvirt now implements
|
|
the new format.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Capabilities now include info about host's CAT settings
|
|
</summary>
|
|
<description>
|
|
Various information about resource control from the host is
|
|
gathered and presented in capabilities if available.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
apparmor: Several improvements
|
|
</summary>
|
|
<description>
|
|
Allow access to Ceph config, EFI firmware on both x86_64 and
|
|
aarch64, device tree on ppc64 and more.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Support host-model on POWER9 machines
|
|
</summary>
|
|
</change>
|
|
</section>
|
|
<section title="Bug fixes">
|
|
<change>
|
|
<summary>
|
|
qemu: snapshot: retrieve image metadata from user provided files
|
|
</summary>
|
|
<description>
|
|
Disk images of an external snapshot created with
|
|
VIR_DOMAIN_SNAPSHOT_CREATE_REUSE_EXT flag specified would not be
|
|
scanned for metadata after recent changes.
|
|
|
|
The metadata is necessary to allow keeping relative paths between
|
|
images when doing a block-commit.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Parse decimal numbers in a locale-independent way
|
|
</summary>
|
|
<description>
|
|
Some locales, such as <code>de_DE</code> and <code>pt_BR</code>,
|
|
use comma rather than dot to separate the integer part from the
|
|
fractional part of a decimal number; however, several data sources
|
|
such as the kernel use a locale-independent representation and need
|
|
to be treated accordingly.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Support compilation with newer compiler and libc versions
|
|
</summary>
|
|
<description>
|
|
Several fixes have been included to make compilation with Clang
|
|
4.0.0, GCC 7.1 and glibc >= 2.25.90 possible.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Query name for vhost-user interfaces at runtime
|
|
</summary>
|
|
<description>
|
|
This makes it possible to use <code>virsh</code> subcommands such
|
|
as <code>domiflist</code> and <code>domifstat</code> on vhost-user
|
|
interfaces.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Set MTU for hotplugged interfaces correctly
|
|
</summary>
|
|
<description>
|
|
When hotplugging a network interface, the MTU was only set on the
|
|
guest side. Set it on the host side as well.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Forbid updating MTU for interfaces of running guests
|
|
</summary>
|
|
<description>
|
|
The MTU setting can't be modified while the guest is running, so any
|
|
attempt to alter it at runtime will now result in an error rather
|
|
than being silently ignored.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Fix specifying QXL heads with older QEMU releases
|
|
</summary>
|
|
<description>
|
|
Specifying the number of QXL heads was not working correctly for
|
|
QEMU releases older than 1.6.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Fix migration to older libvirt/QEMU versions
|
|
</summary>
|
|
<description>
|
|
When the guest is started, libvirt updates the CPU definition to
|
|
reflect the actual CPU features to enforce ABI. We need to send
|
|
original and updated CPU definition in order to support migration
|
|
to older libvirt/QEMU versions. Only the updated CPU definition
|
|
was sent to destination.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
</release>
|
|
<release version="v3.4.0" date="2017-06-02">
|
|
<section title="New features">
|
|
<change>
|
|
<summary>
|
|
Improved streams to efficiently transfer sparseness
|
|
</summary>
|
|
<description>
|
|
New extension to virStream was implemented so that
|
|
virStorageVolDownload and virStorageVolUpload can preserve file
|
|
sparseness.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
I/O APIC type can be specified for QEMU/KVM domains
|
|
</summary>
|
|
<description>
|
|
The <code>ioapic</code> tag was added to domain
|
|
<code>features</code>, so the type of the I/O APIC can now
|
|
be specified (e.g. putting it in userspace for KVM domains).
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
The reason for VM shutdown is reported, if known
|
|
</summary>
|
|
<description>
|
|
QEMU 2.10 will be able to report the reason for shutting
|
|
down (whether that was caused by the guest or not), and
|
|
libvirt is prepared for that and reports that information in
|
|
its shutdown event as well, if it is known.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Improvements">
|
|
<change>
|
|
<summary>
|
|
Repository now has new README.md file
|
|
</summary>
|
|
<description>
|
|
The new file uses markdown syntax, so it looks better on
|
|
github and possibly other web pages, but it has also more
|
|
useful information. The old README is now symlink to the
|
|
new file.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Use GICv2 by default for aarch64/virt TCG guests
|
|
</summary>
|
|
<description>
|
|
The emulated GICv3 has some limitations that make it unusable as a
|
|
default; use GICv2 until they're sorted out. This change makes it
|
|
once again possible to run aarch64/virt guests on a x86_64 host
|
|
without having to tweak their configuration.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Additional capabilities for the node_device module
|
|
</summary>
|
|
<description>
|
|
Introduce two new capabilities to the node_device module. The first
|
|
is for CCW devices, most common on the S390 architecture. The second
|
|
is for fibre channel-backed SCSI devices and exposes the
|
|
fc_remote_port sub-capability to SCSI target devices.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Node devices now report Mediated device capabilities
|
|
</summary>
|
|
<description>
|
|
Endpoint devices support new <code>mdev</code> capability
|
|
and their parents now report the supported types in new
|
|
<code>mdev_types</code> capability.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Capabilities now report information about host caches
|
|
</summary>
|
|
<description>
|
|
If supported in the kernel, host capabilities will now list
|
|
L3 caches. The code for other levels was added as well, but
|
|
only L3 caches are reported currently.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
POWER9 CPU model was added
|
|
</summary>
|
|
<description>
|
|
It is now properly reported in host capabilities.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
libxl: NUMA sibling distances are now reported in host capabilities
|
|
</summary>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
VMDK version 3 files are now properly detected
|
|
</summary>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Interrupt remapping and Extended interrupt mode for IOMMU devices
|
|
</summary>
|
|
<description>
|
|
These two new features can now be controlled with new
|
|
<code><driver intremap='on/off' eim='on/off'/></code>
|
|
tag for <code>iommu</code> devices.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Graphics in libxl domains now have default addresses
|
|
</summary>
|
|
<description>
|
|
Even though there were default addresses before this change,
|
|
they were not saved in the XML. It is now possible to see
|
|
and control the listen addresses properly.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Default USB controllers are now added for devices in libxl domains
|
|
</summary>
|
|
<description>
|
|
Even though they were added automatically when USB device
|
|
was attached, they could've been missing in some other
|
|
cases. The logic is now fixed so there are always USB
|
|
controllers, even if there was none of them in the specified
|
|
XML.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Limits for RPC messages were increased
|
|
</summary>
|
|
<description>
|
|
Hitting the RPC limits we have is easier every day, so they
|
|
were increased once again and some guessing logic was
|
|
improved as well. It is now possible to get more stats than
|
|
ever using the <code>virConnectGetAllDomainStats()</code>
|
|
call and push through even bigger requests and replies for
|
|
all APIs.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Bug fixes">
|
|
<change>
|
|
<summary>
|
|
qemu: Create memory_backing_dir on startup
|
|
</summary>
|
|
<description>
|
|
Libvirt's policy is that directories are created on startup if
|
|
they don't exist. We've missed this one.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
PCIe 4.0 cards now report proper link speeds
|
|
</summary>
|
|
<description>
|
|
It could happen that the link speed for PCIe devices was not
|
|
properly reported or the nodedev-dumpxml just failed. That
|
|
was due to mistake in the field width, but should now work
|
|
properly.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Do not report errors on shutdown
|
|
</summary>
|
|
<description>
|
|
For some users, in some rare cases, it could happen that
|
|
there was an error message "internal error: End of file from
|
|
qemu monitor" in the logs even though no problem happened.
|
|
The detection of these false positives was improved and such
|
|
errors should not show any more.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
User-specified UNIX socket paths for virtio channels should not be reset
|
|
</summary>
|
|
<description>
|
|
It could happen, in some cases, that libvirt would mistake a
|
|
user-specified path for its own generated one and thus
|
|
remove it from the XML. The detection of such addresses was
|
|
improved now.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Fix address reservation during RNG hot-plug
|
|
</summary>
|
|
<description>
|
|
When error occurred in a specific point in time during the
|
|
hot-plug of an RNG device, it could happen that an address
|
|
was released even though another device was already using
|
|
it, making it possible to hot-plug another device with that
|
|
address, effectively having duplicated addresses in the XML.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
</release>
|
|
<release version="v3.3.0" date="2017-05-05">
|
|
<section title="New features">
|
|
<change>
|
|
<summary>
|
|
net: Add support for coalesce settings
|
|
</summary>
|
|
<description>
|
|
Enabling data batching through these settings can improve network
|
|
performance for guests.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Add support for guest CPU cache specification
|
|
</summary>
|
|
<description>
|
|
This features allows fine-grained control of the cache behavior
|
|
of the guest CPU.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Add support for the qemu-xhci USB controller
|
|
</summary>
|
|
</change>
|
|
</section>
|
|
<section title="Improvements">
|
|
<change>
|
|
<summary>
|
|
hyperv: Support Hyper-V 2012 and newer
|
|
</summary>
|
|
<description>
|
|
Starting with Hyper-V 2012 the API has changed causing the existing
|
|
driver to be unable to send and process requests properly. This has
|
|
been resolved by adding abstractions to handle the differences and
|
|
ease handling such breaks if they happen in the future.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
libxl: Add support for nested HVM domains
|
|
</summary>
|
|
<description>
|
|
Xen has supported nested HVM domains since version 4.4. The
|
|
libvirt libxl driver now supports nested HVM domains by
|
|
specifying the host-passthrough CPU mode when defining a
|
|
domain.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Implement ACPI support for aarch64 guests
|
|
</summary>
|
|
<description>
|
|
Up until this point, ACPI support was only advertised for x86_64
|
|
guests and disabling it for aarch64 guests was not possible at all.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
vz: Add support for changing the number of vCPUs
|
|
</summary>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Automatically choose the best USB controller for guests
|
|
</summary>
|
|
<description>
|
|
The recently introduced qemu-xhci USB controller is the best choice
|
|
for both ppc64 and aarch64 guests, so use it by default on those
|
|
architectures if available.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
daemon: Increase default task limit for libvirtd
|
|
</summary>
|
|
<description>
|
|
The default number of tasks for the pids cgroup controller is 512,
|
|
which libvirtd can quickly bump into when starting lots of guests.
|
|
Raise the limit to a more reasonable 32768.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
docs: Include man pages describing key code names and values
|
|
</summary>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
virsh: Report initialization errors
|
|
</summary>
|
|
<description>
|
|
Sometimes virsh might be unable to start: when that happens, report
|
|
useful diagnostics instead of failing silently.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Bug fixes">
|
|
<change>
|
|
<summary>
|
|
nss: Don't require a network restart for libvirt_guest
|
|
</summary>
|
|
<description>
|
|
Previously, the libvirt_guest NSS module would only work properly
|
|
after the corresponding network had been restarted; now newly
|
|
started guests will be reported correctly right away.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
storage: Remove unavailable transient pools after restart
|
|
</summary>
|
|
<description>
|
|
Solve an issue where transient storage pools would be stuck in an
|
|
unmanageable state if the source disappeared and libvirtd was
|
|
subsequently restarted.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
storage: Fix capacity value for LUKS encrypted volumes
|
|
</summary>
|
|
<description>
|
|
The 'capacity' value (e.g. guest logical size) for a LUKS volume is
|
|
smaller than the 'physical' value of the file in the file system, so
|
|
we need to account for that.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Fix regression when hyperv/vendor_id feature is used
|
|
</summary>
|
|
<description>
|
|
Guests using the feature would not be started at all; it is now
|
|
possible to start them as expected.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Do not crash on USB address with no port and invalid bus
|
|
</summary>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
crypto: Always pad data before encrypting it
|
|
</summary>
|
|
<description>
|
|
If this step is not performed, when the data length matches the
|
|
chunk size the decryption routines will misinterpret the last byte
|
|
of data as the padding length and fail to decode it correctly.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
</release>
|
|
<release version="v3.2.0" date="2017-04-02">
|
|
<section title="New features">
|
|
<change>
|
|
<summary>
|
|
The virt-host-validate tool now supports bhyve hypervisor
|
|
</summary>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Introduce NVDIMM memory model
|
|
</summary>
|
|
<description>
|
|
NVDIMM is new type of memory introduced into QEMU 2.6. The idea is
|
|
that we have a non-volatile memory module that keeps the data
|
|
persistent across domain reboots and offers much faster data
|
|
accesses. However, due to a bug in QEMU, this feature is not enabled
|
|
for QEMUs older than 2.9.0.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Introduce support for generic PCIe Root Ports
|
|
</summary>
|
|
<description>
|
|
For new controllers, a generic device (pcie-root-port) will be used
|
|
by default instead of the Intel-specific device (ioh3420), provided
|
|
the QEMU binary supports it.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Add support for checking guest CPU ABI compatibility
|
|
</summary>
|
|
<description>
|
|
When migrating a domain to a different host, restoring a domain from
|
|
a file or reverting a snapshot libvirt will make sure the guest CPU
|
|
QEMU presents to the guest OS exactly matches the one provided on
|
|
the source host (or before the domain's state was saved). This
|
|
enhanced check may also be requested when starting a new domain to
|
|
ensure the virtual CPU exactly matches the one specified in the XML.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Add support to migrate using TLS
|
|
</summary>
|
|
<description>
|
|
Add the ability to migrate QEMU guests using TLS via a new flag
|
|
VIR_MIGRATE_TLS or virsh migrate '--tls' option. Requires using at
|
|
least QEMU 2.9.0 in order to work properly.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: add mediated devices framework support
|
|
</summary>
|
|
<description>
|
|
Recent kernel version introduced new mediated device framework, so
|
|
provide an initial support of this framework for libvirt, mainly by
|
|
introducing a new host device type in the XML.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Add support for setting TSC frequency
|
|
</summary>
|
|
<description>
|
|
Setting TSC frequency is required to enable migration for domains
|
|
with 'invtsc' CPU feature turned on.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Add support for block device threshold event
|
|
</summary>
|
|
<description>
|
|
When using thin provisioning, management tools need to resize the
|
|
disk in certain cases. To avoid having them to poll disk usage
|
|
this version introduces an event which will be fired when a given
|
|
offset of the storage is written by the hypervisor. Together with the
|
|
API it allows registering thresholds for given storage backing
|
|
volumes and this event will then notify management if the threshold
|
|
is exceeded. Currently only the qemu driver supports this.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
bhyve: Add support for UEFI boot ROM, VNC, and USB tablet
|
|
</summary>
|
|
<description>
|
|
The bhyve driver now supports booting using the UEFI boot ROM,
|
|
so non-FreeBSD guests that support UEFI could be booted without
|
|
using an external boot loader like grub-bhyve. Video is also
|
|
supported now, allowing to connect to guests via VNC and use
|
|
an USB tablet as an input device. Please refer to
|
|
the driver page for domain XML examples.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Improvements">
|
|
<change>
|
|
<summary>
|
|
qemu: Detect host CPU model by asking QEMU on x86_64
|
|
</summary>
|
|
<description>
|
|
Previously, libvirt detected the host CPU model using CPUID
|
|
instruction, which caused libvirt to detect a lot of CPU features
|
|
that are not supported by QEMU/KVM. Asking QEMU makes sure we
|
|
don't start it with unsupported features.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
perf: Add more perf statistics
|
|
</summary>
|
|
<description>
|
|
Add support to get the count of cpu clock time, task clock time,
|
|
page faults, context switches, cpu migrations, minor page faults,
|
|
major page faults, alignment faults, emulation faults by
|
|
applications running on the platform.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Write hyperv crash information into vm log
|
|
</summary>
|
|
<description>
|
|
qemu's implementation of the hyperv panic notifier now reports
|
|
information about the crash from the guest os. Starting with this
|
|
version, libvirt logs the information to the vm log file for possible
|
|
debugging.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Bug fixes">
|
|
<change>
|
|
<summary>
|
|
QEMU: Use adaptive timeout for connecting to monitor
|
|
</summary>
|
|
<description>
|
|
When starting qemu, libvirt waits for qemu to create the monitor
|
|
socket which libvirt connects to. Historically, there was sharp 30
|
|
second timeout after which the qemu process was killed. This
|
|
approach is suboptimal as in some scenarios with huge amounts of
|
|
guest RAM it can take a minute or more for kernel to allocate and
|
|
zero out pages for qemu. The timeout is now flexible and computed by
|
|
libvirt at domain startup.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Overwrite (clear) 2 KB instead of just 512 bytes when initializing logical device
|
|
</summary>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Describe the logical backend requirements better for pool-create-as
|
|
</summary>
|
|
</change>
|
|
</section>
|
|
</release>
|
|
<release version="v3.1.0" date="2017-03-03">
|
|
<section title="New features">
|
|
<change>
|
|
<summary>
|
|
storage: Add Virtuozzo storage backend storage pool
|
|
</summary>
|
|
<description>
|
|
Add new storage backend to support pool and volume management
|
|
within the Virtuozzo Storage environment. Virtuozzo Storage is
|
|
a highly available distributed software defined storage with
|
|
built-in replication and disaster recovery.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Add support for memory backing with file source
|
|
</summary>
|
|
<description>
|
|
Add support in numa topology for file source inside memory backing
|
|
(hugepages are not needed) Three new elements
|
|
<source/>,<access/> and <allocation/> were added
|
|
to <memoryBacking/> element. Also new configuration parameter
|
|
<code>memory_backing_dir</code> was added to qemu.conf.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
network: make openvswitch call timeout configurable
|
|
</summary>
|
|
<description>
|
|
Adding the ability to specify the timeout value in seconds for
|
|
openvswitch calls in the libvirtd configuration file.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
bhyve: add e1000 NIC support
|
|
</summary>
|
|
<description>
|
|
Add support for e1000 NIC. Previously, the only available option
|
|
was <code>virtio-net</code>.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
libxl: add tunneled migration support
|
|
</summary>
|
|
<description>
|
|
Add tunneled migration to libxl driver, which is always capable of
|
|
strong encryption and doesn't require any extra network connection
|
|
other than what's required for remote access of libvirtd.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: add rendernode argument
|
|
</summary>
|
|
<description>
|
|
Add a new attribute 'rendernode' to <gl> spice element.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
nodedev: add drm capability
|
|
</summary>
|
|
<description>
|
|
Add a new 'drm' capability for Direct Rendering Manager (DRM)
|
|
devices, providing device type information.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Add API for individual/specific vCPU hotplug
|
|
</summary>
|
|
<description>
|
|
The new API allows selecting specific vCPUs to be added/removed from
|
|
the VM. The existing APIs allowed only adding/removing from the end
|
|
which did not play well with NUMA.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Improvements">
|
|
<change>
|
|
<summary>
|
|
virsh: pool-list: allow both --uuid and --name in one command
|
|
</summary>
|
|
<description>
|
|
Adjust the virsh-pool command to support the --uuid and/or --name
|
|
options in order to print just the --name and/or --uuid of pools.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Introduce MTU to domain <interface/> and <network>
|
|
</summary>
|
|
<description>
|
|
Allow setting MTU size for some types of domain interface
|
|
and network.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
libxl: improve support for <timer> configurations
|
|
</summary>
|
|
<description>
|
|
Add support for multiple timers. Extend the tsc timer to
|
|
support the emulate mode. Improve conversion of timer XML
|
|
to/from xl.cfg.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
storage: modularize the storage driver
|
|
</summary>
|
|
<description>
|
|
Split up the storage driver backends into loadable modules so that
|
|
binary distributions don't have to compromise on shipping the storage
|
|
driver with all backends which may pull in too many dependencies.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Bug fixes">
|
|
<change>
|
|
<summary>
|
|
nodedev: Fabric name must not be required for fc_host capability
|
|
</summary>
|
|
<description>
|
|
fabric_name is one of many fc_host attributes in Linux that is
|
|
optional and left to the low-level driver to decide if it is
|
|
implemented. For example the zfcp device driver does not provide a
|
|
fabric name for an fcp host. The requirement for the existence of
|
|
a fabric name has been removed by making it optional.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
bhyve: change address allocation schema for SATA disks
|
|
</summary>
|
|
<description>
|
|
Previously, the bhyve driver assigned PCI addresses to SATA disks
|
|
directly rather than assigning that to a controller and
|
|
using SATA addresses for disks. It was implemented this way
|
|
because bhyve has no notion of an explicit SATA controller.
|
|
However, as this doesn't match libvirt's understanding of
|
|
disk addresses, the bhyve driver was changed to follow
|
|
the common schema and have PCI addresses for SATA controllers
|
|
and SATA addresses for disks. If you're having issues
|
|
because of this, it's recommended to edit the domain's XML
|
|
and remove <address type='pci'> from the <disk>
|
|
elements with <target bus='sata'/> and let libvirt
|
|
regenerate it properly.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
libxl: maximum memory fixes
|
|
</summary>
|
|
<description>
|
|
Fix reporting of domain maximum memory. Fix setting dom0
|
|
maximum memory.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
libxl: fix disk detach when <driver> not specified
|
|
</summary>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
libxl: fix dom0 autoballooning with Xen 4.8
|
|
</summary>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Allow empty script path to <interface/>
|
|
</summary>
|
|
<description>
|
|
Historically, this was always allowed. Unfortunately, due to some
|
|
rework done for 1.3.2 release a bug was dragged in which suddenly
|
|
stop allowing domain with such configuration to start.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
</release>
|
|
<release version="v3.0.0" date="2017-01-17">
|
|
<section title="New features">
|
|
<change>
|
|
<summary>
|
|
Domain events for metadata content changes
|
|
</summary>
|
|
<description>
|
|
The domain events framework has a new event ID that can
|
|
be used to get notifications when domain metadata content
|
|
changes.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Event notifications for the secret object
|
|
</summary>
|
|
<description>
|
|
The secret object now supports event notifications, covering
|
|
lifcycle changes and secret value changes.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
New localPtr attribute for "ip" element in network XML
|
|
</summary>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Support QEMU group I/O throttling
|
|
</summary>
|
|
<description>
|
|
Add the capability to allow group I/O throttling via a new
|
|
domain <disk> <iotune> subelement "group_name"
|
|
to allow sharing I/O throttling quota between multiple drives.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
nss: Introduce libvirt_guest
|
|
</summary>
|
|
<description>
|
|
New <code>libvirt_guest</code> nss module that translates libvirt
|
|
guest names into IP addresses.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
daemon: Add support for runtime logging settings adjustment
|
|
</summary>
|
|
<description>
|
|
Logging-related settings like log outputs and filters can now be
|
|
adjusted during runtime using the admin interface without the
|
|
necessity of the daemon's restart.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
storage: Add virStorageVolInfoFlags API
|
|
</summary>
|
|
<description>
|
|
Add the API to support using the VIR_STORAGE_VOL_GET_PHYSICAL
|
|
flag in order to return the host physical size in bytes
|
|
of the image container in the allocation field of the
|
|
_virStorageVolInfo structure. The --physical flag has been
|
|
added to the virsh vol-info command to access the data.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
libxl: Implement virDomainGetMaxVcpus API
|
|
</summary>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
storage: Add overwrite flag checking for logical pool
|
|
</summary>
|
|
<description>
|
|
Add support for the OVERWRITE flags for the logical storage
|
|
backend including checking for existing data on the target
|
|
volumes when building a new logical pool on target volume(s).
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Add support for guest CPU configuration on s390(x)
|
|
</summary>
|
|
</change>
|
|
</section>
|
|
<section title="Improvements">
|
|
<change>
|
|
<summary>
|
|
perf: Add more perf statistics
|
|
</summary>
|
|
<description>
|
|
Add support to get the count of branch instructions
|
|
executed, branch misses, bus cycles, stalled frontend
|
|
cpu cycles, stalled backend cpu cycles, and ref cpu
|
|
cycles by applications running on the platform.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
conf: Display <physical> for volume xml
|
|
</summary>
|
|
<description>
|
|
Add a display of the <physical> size of a disk
|
|
volume in the output of the volume XML.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Use virtio-pci by default for aarch64 mach-virt guests
|
|
</summary>
|
|
<description>
|
|
virtio-pci provides several advantages over virtio-mmio, such
|
|
as the ability to hotplug devices and improved performance.
|
|
While opting in to virtio-pci has been possible for a while,
|
|
newly-defined guests will now use it automatically.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
vbox: remove support for VirtualBox 3.x and older
|
|
</summary>
|
|
<description>
|
|
Those old VirtualBox versions have been unsupported by
|
|
upstream for a long time and the API of 4.0 and newer has
|
|
diverged enough to require code abstractions to handle differences.
|
|
Removing support for those old versions drops lots of code from
|
|
the driver and simplifies the logic to ease implementation of new
|
|
features going forward.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
virsh: pool-info: introduce option --bytes
|
|
</summary>
|
|
<description>
|
|
Add option --bytes to virsh pool-info in order ti allow display
|
|
of units in bytes rather than default of human readable output.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
scsi: Add parent wwnn/wwpn or fabric capability for createVport
|
|
</summary>
|
|
<description>
|
|
Improve the algorithm searching for the parent scsi_host device
|
|
for vHBA/NPIV scsi_host creation. Rather than supplying the
|
|
"parent" by name, it's now possible to define the parent by
|
|
it's wwnn/wwpn or fabric_wwn in the node device create XML or
|
|
the storage pool XML.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: aggregate pcie-root-ports onto multiple functions of a slot
|
|
</summary>
|
|
<description>
|
|
When pcie-root-ports are added to pcie-root in order to
|
|
provide a place to connect PCI Express endpoint devices,
|
|
libvirt now aggregates multiple root ports together onto the
|
|
same slot (up to 8 per slot) in order to conserve slots.
|
|
Using this method, it's possible to connect more than 200
|
|
endpoint devices to a guest that uses PCIe without requiring
|
|
setup of any PCIe switches.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Bug fixes">
|
|
<change>
|
|
<summary>
|
|
lxc: fix accidental killing of containers during libvirtd restart
|
|
</summary>
|
|
<description>
|
|
The libvirt_lxc process was previously not moved into the
|
|
container scope. As a result, if systemd reloads its config
|
|
after a container is started, when libvirtd is later restarted
|
|
it will accidentally kill the containers.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Correct GetBlockInfo values
|
|
</summary>
|
|
<description>
|
|
For an active domain, correct the physical value provided for
|
|
a raw sparse file backed storage and the allocation value provided
|
|
for a qcow2 file backed storage that hasn't yet been opened on
|
|
the domain.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Make virtio console usable on ppc64 guests
|
|
</summary>
|
|
<description>
|
|
The chardev detection code has been improved and can now handle this
|
|
configuration properly.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Enable mount namespace
|
|
</summary>
|
|
<description>
|
|
To avoid funny races with udev relabelling devices under our hands and
|
|
to enhance security, libvirt now spawns each qemu process with its own
|
|
<code>/dev</code>.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
storage: Fix implementation of no-overwrite for file system backend
|
|
</summary>
|
|
<description>
|
|
Fix file system storage backend implementation of the OVERWRITE
|
|
flags to be consistent between code and documentation. Add checks
|
|
to ensure that when building a new file system on a target volume
|
|
that there is not something already on the disk in a format that
|
|
libvirt can recognize.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Create hugepage path on per domain basis
|
|
</summary>
|
|
<description>
|
|
Historically, all hugepage enabled domains shared the same path under
|
|
hugetlbfs. This left libvirt unable to correctly set security labels
|
|
on it. With this release, however, each domain is put into a
|
|
separate path which is also correctly labeled.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
conf: Reject domains with duplicate drive addresses
|
|
</summary>
|
|
<description>
|
|
Reject duplicate drive addresses for disks and hostdevs at
|
|
domain definition.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
libxl: reverse defaults on HVM net device attach
|
|
</summary>
|
|
<description>
|
|
Fixes network interface attach for HVM domains when no model is
|
|
specified. Emulated hotplug isn't yet supported and hence we should
|
|
default to the general working scenario.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
libxl: always enable pae for x86_64 HVM
|
|
</summary>
|
|
<description>
|
|
By default pae is disabled in libxl. Without an explicit <pae/>
|
|
setting in the domain <features> configuration, an x86_64 HVM
|
|
domain would be get an i686 environment. pae should always be enabled
|
|
for x86_64 HVM domains.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Fix XML dump of autogenerated websocket
|
|
</summary>
|
|
<description>
|
|
As a result autogenerated websocket port is regenerated on domain restore,
|
|
migration and such as it should be.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
</release>
|
|
<release version="v2.5.0" date="2016-12-04">
|
|
<section title="New features">
|
|
<change>
|
|
<summary>
|
|
shmem: Add support for additional models
|
|
</summary>
|
|
<description>
|
|
The shmem device can now utilize QEMU's ivshmem-plain and
|
|
ivshmem-doorbell, more modern versions of ivshmem.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
vbox: Add VirtualBox 5.1 support
|
|
</summary>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
libssh: New transport
|
|
</summary>
|
|
<description>
|
|
The new libssh transport allows one to connect to a running
|
|
libvirtd via SSH, using the libssh library; for example:
|
|
<code>qemu+libssh://server/system</code>.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
vhost-scsi: Add support scsi_host hostdev passthrough
|
|
</summary>
|
|
<description>
|
|
Add the capability to pass through a scsi_host HBA and the
|
|
associated LUNs to the guest.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Allow debugging of gluster volumes in qemu
|
|
</summary>
|
|
<description>
|
|
Users can now enable debug logging for native gluster
|
|
volumes in qemu using the "gluster_debug_level" option in qemu.conf
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Pre-allocate memory slots for memory hotplug
|
|
</summary>
|
|
<description>
|
|
Slot numbers for memory devices are now automatically allocated and
|
|
thus persistent. In addition slot numbers can be specified without
|
|
providing a base address, which simplifies user configuration
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
qemu: Express devices will be placed on PCIe bus by default
|
|
</summary>
|
|
<description>
|
|
For machine types that use a PCI Express root bus
|
|
(e.g. x86_64/Q35 and aarch64/virt), any unaddressed PCI
|
|
device that is an Express device (all virtio-1.0 devices,
|
|
e1000e, nec-xhci, vfio assigned devices) will be placed on
|
|
an Express controller (i.e. a pcie-root-port) instead of a
|
|
legacy PCI controller (i.e. pci-bridge) with the root ports
|
|
added as needed.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Improvements">
|
|
<change>
|
|
<summary>
|
|
docs: Better documentation for migration APIs and flags
|
|
</summary>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
vbox: Address thread safety issues
|
|
</summary>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
virsh: Add support for passing an alternative persistent XML to migrate command
|
|
</summary>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
vhostuser: Allow hotplug of multiqueue devices
|
|
</summary>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
NEWS: Switch to an improved format
|
|
</summary>
|
|
<description>
|
|
List user-visible changes instead of single commits for a better
|
|
high-level overview of differences between libvirt releases.
|
|
</description>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
website: Modernize layout and branding
|
|
</summary>
|
|
<description>
|
|
The libvirt website looked very cluttered and outdated; it has now
|
|
been completely overhauled, resulting in a design that's better
|
|
organized and more pleasant to look at.
|
|
</description>
|
|
</change>
|
|
</section>
|
|
<section title="Bug fixes">
|
|
<change>
|
|
<summary>
|
|
vz: Fix migration in P2P mode
|
|
</summary>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Forbid newline character in names of some libvirt objects
|
|
</summary>
|
|
</change>
|
|
<change>
|
|
<summary>
|
|
Fix compilation on macOS
|
|
</summary>
|
|
</change>
|
|
</section>
|
|
</release>
|
|
</libvirt>
|