Skip to content

Releases: cloud-hypervisor/cloud-hypervisor

v41.0

16 Aug 12:17
@github-actions github-actions
v41.0
ea3e2ff
Compare
Choose a tag to compare
v41.0 Latest
Latest

This release has been tracked in our roadmap
project as iteration
v41.0. The following user visible changes have been made:

Experimental "Pvmemcontrol" Support

VMM support has been added for this experimental functionality (requires
currently out of tree Linux kernel patches) to allow guests to control its
physical memory properties to allow optimisations and security features.
(#6318, #6467)

Sandboxing With Landlock Support

Support for restricting the VMM process using the Linux kernel "Landlock" API
has been added - this can be used to restrict the files (and the read/write
permissions) that the VMM process can access. This adds another layer of
security alongside the existing sycall filters (seccomp) - this can be
enabled with --landlock and fully documentated. (#5170)

Notable Performance Improvements

  • Reduced heap allocations in virtio-net via the use of a cache of Iovec
    structures (#6636)
  • Notification suppression ("EVENT_IDX") support has been added to
    virtio-block giving a 60% improvement in single queue block throughput and
    IOPs performance (#6580)
  • Correct size used for status field in virtio-block state (#6586)

Notable Bug Fixes

  • Avoid panic on out-of-bounds PCI MSI-X access (#6657)
  • Fix undefined behaviour on AArch64 leading to wrong optimisation on KVM API
    access (#6647)
  • Rust v1.80.0 added use of fcntl syscall on debug assertions so this is now
    included in the virtio-device seccomp filters for tests that use this (#6648)
  • Short reads are now handled correctly in the virtio-vsock device (#6621)
  • Fix undefined behaviour on TTY ioctl leading to wrong optimisation (#6568)

Contributors

Many thanks to everyone who has contributed to our release:

Assets 9
Loading
0 Join discussion

v40.0

21 Jun 11:12
@github-actions github-actions
v40.0
e9b2639
Compare
Choose a tag to compare
v40.0

This release has been tracked in our roadmap
project as iteration
v40.0. The following user visible changes have been made:

Support for Restoring File Descriptor Backed Network Devices

It is now possible to pass file descriptors over the HTTP API (and using
ch-remote) when restoring to update the file descriptors for network devices.
This enables snapshot & restore functionality for guests using macvtap or
other file descriptor backed network devices. (#6286)

Notable Bug Fixes

  • Default values have been removed from required fields in the OpenAPI metadata
    (#6495)
  • The help syntax of ch-remote remove-device has been improved (#6456)
  • A double close of file descriptors has been fixed when using --serial
    (#6486)
  • To prevent loops a limit on the nesting level for QCOW2 backing files has
    been introduced (#6482)
  • Boot time performance has been improved with multiple cores by avoiding
    cpuid instructions and by seeding the in kernel file descriptor table
    (#6498, #6478)
  • L1 cache details are more likely to be propagated into the guest (#6523)
  • The default topology for guests now uses multiple cores rather than sockets
    (#6504)

Contributors

Many thanks to everyone who has contributed to our release:

Assets 9
Loading
0 Join discussion

v39.0

27 Apr 13:40
@github-actions github-actions
v39.0
4f96fa1
Compare
Choose a tag to compare
v39.0

This release has been tracked in our roadmap
project as iteration
v39.0. The following user visible changes have been made:

Variable Sizing of PCI Apertures for Segments

It is now possible to use --pci-segment to adjust the aperture size that
devices 32-bit and 64-bit PCI device BARs will be allocated from. Previously
the address space was equally distributed across all the segments which may
leave insufficient space for devices that require a large 32-bit space. With
this change the weighting per segment can be adjusted. (#6387)

Direct Booting with bzImages

Support for directly booting Linux from bzImages has been added.(#6200)

Support for NVIDIA GPUDirect P2P Support

The x_nv_gpudirect_clique option was added to --device to allow the
configuration of device P2P support with NVIDIA GPUs. (#6235)

Guest NMI Injection Support

A new API endpoint and ch-remote option added for injecting an NMI into the
guest. (#6047)

Notable Bug Fixes

  • Workaround for kernel bug affecting guest IRQ masking on AMD (#6353)
  • Correctly cleanup sigwinch_listener process (#6208)
  • Graceful shutdown of HTTP API thread (#6248, #6247)
  • Fix queue_affinity option in OpenAPI metadata (#6268)
  • Fix documentation to indicate only stream mode is supported by virtio-vsock
    (#6306)
  • Fix virtio-fs tag validation (#6358, #6359)
  • Add missing pvpanic device to OpenAPI metadata (#6372)
  • Fixes for nested virtualization with VFIO devices (#6110, #6298, #6297,
    #6319)
  • Fix for backing file for virtio-mem regions with snapshot/restore (#6337,
    #6338)
  • Explicitly mark FDs used for network devices as invalid across
    snapshot/restore (#6332, #6286)
  • Improve event-monitor events around reboot (#6277, #6274)
  • Fix potential deadlock around paused devices during live migration (#6293)
  • Fix panic when running ch-remote with no subcommand (#6230)
  • Fix hotplug of virtio devices after snapshot/restore and live migration
    (#6326, #6265)

Contributors

Many thanks to everyone who has contributed to our release:

Assets 9
Loading

v37.1

15 Mar 04:01
@github-actions github-actions
v37.1
115c455
Compare
Choose a tag to compare
v37.1

This is a bug fix release. The following issues have been addressed:

  • Fix several security advisories from dependencies (#6134, #6141)
  • Enable HTT flag to avoid crashing cpu topology enumeration software
    such as hwloc in the guest (#6146)
  • Enable nested virtualization on AMD if supported (#6106)
  • Handle non-power-of-two CPU topology properly (#6062)
  • Various bug fixes around virtio-vsock(#6080, #6091, #6095)
  • Align VFIO devices PCI BARs naturally (#6196)
Assets 9
Loading

v38.0

16 Feb 18:20
@github-actions github-actions
v38.0
ef4fbf0
Compare
Choose a tag to compare
v38.0

This release has been tracked in our roadmap
project as iteration
v38.0. The following user visible changes have been made:

Group Rate Limiter on Block Devices

Users now can throttle a group of block devices with the new
--rate-limiter-group option. Details can be found from the I/O
Throttling documentation

CPU Pinning Support for Block Device Worker Thread

Users now have the option to pin virt-queue threads for block devices
to specific host cpus.

Optimized Boot Time with Parallel Memory Prefault

The boot time with prefault option enabled is optimized via parallel
memory prefault.

New 'debug-console' Device

A 'debug-console' device is added to provide a user-configurable debug
port for logging guest information. Details can be found from the Debug
IO Ports documentation.

Improved VFIO Device Support

All non-emulated MMIO regions of VFIO devices are now mapped to the VFIO
container, allowing PCIe P2P between all VFIO devices on the same
VM. This is required for a wide variety of multi-GPU workloads involving
GPUDirect P2P (DMA between two GPUs), GPUDirect RDMA (DMA between a GPU
and an IB device).

Extended CPU Affinity Support

Users now can set the vcpu affinity to a host CPU with index larger
than 255.

Notable Bug Fixes

  • Enable HTT flag to avoid crashing cpu topology enumeration software
    such as hwloc in the guest (#6146)
  • Fix several security advisories from dependencies (#6134, #6141)
  • Handle non-power-of-two CPU topology properly (#6062)
  • Various bug fixes around virtio-vsock(#6080, #6091, #6095)
  • Enable nested virtualization on AMD if supported (#6106)
  • Align VFIO devices PCI BARs naturally (#6196)

Contributors

Many thanks to everyone who has contributed to our release:

Assets 9
Loading
0 Join discussion

v28.4

20 Jan 00:24
@github-actions github-actions
v28.4
d412ac2
Compare
Choose a tag to compare
v28.4

This is a bug fix release. The following issues have been addressed:

  • Fix VFIO on platforms with non-4k page size (#5450)
  • Fix seccomp filter lists related to virtio-console, serial and pty
    (#5506, #5524)
  • Populate APIC ID properly (#5512)
  • Ignore and warn TAP FDs in more situations (#5522)
  • Disallow concurrent CPU resizing (#5668)
  • Use wrapping add for memory offset from instruction emulator (#5719)
  • Replace unsound static mut with once_cell (#5772)
  • Fix a deadlock when TDX is enabled (#5845)
  • Bug fix to OpenAPI specification file (#5967)
  • Error out early for live migration when TDX is enabled (#6025)
Assets 9
Loading
0 Join discussion

v36.1

10 Jan 22:27
@github-actions github-actions
v36.1
d725400
Compare
Choose a tag to compare
v36.1

This is a bug fix release. The following issues have been addressed:

  • Fix aio backend behavior for block devices when writeback cache
    disabled (#5930)
  • Fix PvPanic device PCI BAR alignment (#5956)
  • Bug fix to OpenAPI specification file (#5967)
  • Error out early for live migration when TDX is enabled (#6025)
Assets 9
Loading
0 Join discussion

v35.1

10 Jan 22:26
@github-actions github-actions
v35.1
9c15de0
Compare
Choose a tag to compare
v35.1

This is a bug fix release. The following issues have been addressed:

  • Fix a deadlock when TDX is enabled (#5845)
  • Correct default value for vCPU topology on AArch64 (#5893)
  • Fix PvPanic device PCI BAR alignment (#5956)
  • Bug fix to OpenAPI specification file (#5967)
  • Error out early for live migration when TDX is enabled (#6025)
Assets 9
Loading
0 Join discussion

v37.0

14 Dec 18:58
@github-actions github-actions
v37.0
5e702dc
Compare
Choose a tag to compare
v37.0

This release has been tracked in our roadmap project as iteration
v37.0. The following user visible changes have been made:

Long Term Support (LTS) Release

This release is a LTS release. Point releases for bug fixes will be made
for the next 18 months; live migration and live upgrade will be
supported between the point releases of the LTS.

Multiple PCI segments Support for 32-bit VFIO Devices

Now VFIO devices with 32-bit memory BARs can be attached to non-zero PCI
segments on the guest, allowing users to have more 32-bit devices and
assign such devices to appropriate NUMA nodes for better performance.

Configurable Named TAP Devices

Named TAP devices now accepts IP configuration from users, such as IP
and MAC address, as long as the named TAP device is created by Cloud
Hypervisor (e.g. not existing TAP devices).

TTY Output from Both Serial Device and Virtio Console

Now legacy serial device and virtio console can be set as TTY mode as
the same time. This allows users to capture early boot logs with the
legacy serial device without losing performance benefits of using
virtio-console, when appropriate kernel configuration is used (such as
using kernel command-line console=hvc0 earlyprintk=ttyS0 on x86).

Faster VM Restoration from Snapshots

The speed of VM restoration from snapshots is improved with a better
implementation of deserializing JSON files.

Notable Bug Fixes

  • Fix aio backend behavior for block devices when writeback cache
    disabled (#5930)
  • Fix PvPanic device PCI BAR alignment (#5956)
  • Bug fix to OpenAPI specification file (#5967)
  • Error out early for live migration when TDX is enabled (#6025)

Contributors

Many thanks to everyone who has contributed to our release:

Assets 9
Loading
0 Join discussion

v36.0

02 Nov 16:06
@github-actions github-actions
v36.0
f5899d1
Compare
Choose a tag to compare
v36.0

This release has been tracked in our roadmap project as iteration
v36.0. The following user visible changes have been made:

Command Line Changes

We switched back to use the clap crate to create our command line,
since the argh crate is barely maintained. There were several syntax
changes:

  • All --option value commands now are --option=value.
  • The --disk DISK1 --disk DISK2 command now is --disk DISK1 DISK2.
  • The -v -v -vcommand now is -vvv.

Note: the released binary size increased around 0.3M due to this change.

Enabled Features Reported via API Endpoint and CLI

Now the enabled (Cargo) features of the running Cloud Hypervisor
instance can be queried via API endpoint (/vmm.ping) and CLI
(--version -v).

NUMA Support for PCI segments

The --numa command is augmented with a new option pci_segment=, so
that users can define the relationship between PCI segments and NUMA
nodes. Examples can be found from the memory documentation

CPU Topology Support on AMD Platforms

Now the CPU topology on x86_64 platforms supports multiple vendors.

Unix Socket Backend for Serial Port

The --serial command is augmented with a new option socket=, allowing
users to access the serial port using a Unix socket.

AIO Backend for Block Devices

An AIO backend is added for virtio-block devices to improve block
device performance when the io_uring feature is not supported by the
host Operating System.

Documentation Improvements

  • New documentation for collecting coverage data
  • Various typo fixes

Notable Bug Fixes

  • Fix a deadlock when TDX is enabled (#5845)
  • Only advertise AMX feature bits to guest when the AMX cpu feature is
    enabled (#5834)
  • Correct default value for vCPU topology on AArch64 (#5893)

Contributors

Many thanks to everyone who has contributed to our release:

Assets 9
Loading
0 Join discussion