-
Notifications
You must be signed in to change notification settings - Fork 242
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Logging #534
Logging #534
Conversation
`-l foo:debug,info` means "print all the info message and the debug message coming from the source named 'foo'"
The new solution is a bit less powerful, but hopefuly simpler to parametrise -- also it can now be configured using the command-line options both at configuration and runtime.
@Drup @talex5 can you please review? I'm not super happy with the solution, but that's the best mixed between your two viewpoints that I can found. The neat thing about the approach, though, is that you can configure the log reporters at configure and runtime ... (ie. I think I'm happy with the user-facing interface). |
An example of usage:
|
| None -> jobs | ||
| Some tracing -> | ||
tracing :: jobs | ||
let jobs = in_parallel jobs in |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why is this needed ? Unless you changed it, the jobs are already in parallel.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Then the current implementation has an issue then. I'll fix mirage/functoria#58 (comment)
What are you not happy with ? It corresponds quite closely to what I had in mind, and the implementation of the command line stuff is nicely shared between configure and runtime. |
Runtime logging configuration is certainly very nice. I believe that is independent of the other changes, right? So, things we lose in exchange for the different implementation are:
Anyway, I'm happy to have anything merged, so if @Drup is happy then I am too :-) |
val mprof_trace : size:int -> unit -> tracing impl | ||
(** Use mirage-profile to trace the unikernel. On Unix, this creates | ||
and mmaps a file called "trace.ctf". On Xen, it shares the trace | ||
buffer with dom0. @param size: size of the ring buffer to use. *) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Was this reformatting intentional? It complicates the diff and seems less readable to me, but if it's necessary for some style guide then fine.
Indeed, but I think we should have a different solution for that, in particular in relation to the use of
I'm not sure I understand. What do you mean ? Those are still normal devices, so everything should be initialized in order properly. |
When I said "errors", I meant unexpected errors (i.e. exceptions). Although it could sometimes be useful to get detailed logs for normal errors like disk-not-found too. About initialisation: A syslog logger will want to start logging before its dependencies are connected. The order would be:
(and maybe do 3 and 5 in parallel) The new system no longer allows this, right? It only works in the current case because the default logger only needs a clock, and clocks don't need initialising. You could perhaps have a separate syslog device that takes over from the default one, though. |
More generally, the new system assumes the logger and its dependencies will initialise instantly. This should be true for the default clock and the default logger. However, if a logger takes time to get ready, early log messages will be lost. |
I think you could do that just fine, actually. Use the ring-buffer logger by default, then have another job (that is started in parallel with everyone) that launches the actual logger and swap reporter with
That was the point of the |
The generated code looks like that: let mirage_logs1 = lazy (
let __clock1 = Lazy.force clock1 in
__clock1 >>= function
| `Error _e -> fail (Failure "clock1")
| `Ok _clock1 ->
let console_threshold =
Some (Mirage_runtime.threshold ~default:Logs.Warning (Key_gen.logs ()))
in
let ring_size = None in
let reporter = Mirage_logs1.create ?ring_size ?console_threshold () in
let level = match (Key_gen.logs ()) with
| [] -> None
| l -> Some (Mirage_runtime.log_level l)
in
Logs.set_level level;
Mirage_logs1.set_reporter reporter;
Lwt.return (`Ok ())
)
let mirage1 = lazy (
let __key1 = Lazy.force key1 in
let __mirage_logs1 = Lazy.force mirage_logs1 in
let __f11 = Lazy.force f11 in
__key1 >>= function
| `Error _e -> fail (Failure "key1")
| `Ok _key1 ->
__mirage_logs1 >>= function
| `Error _e -> fail (Failure "mirage_logs1")
| `Ok _mirage_logs1 ->
__f11 >>= function
| `Error _e -> fail (Failure "f11")
| `Ok _f11 ->
Lwt.return_unit
) So the log reporter is a normal device, and is ready when the dependencies are ready (I reverted the previous implementation that I showed you @talex5). The current missing feature compared to the previous one is the ability to dump the ring buffer on early errors. I'd be tempted to either add an |
Use `register ~argv:None [..]` Fix mirage#493
More updates after talking with @Drup. Now the I've also added a way to disable command-line parsing: with these new |
Note: this requires mirage/functoria#58 |
Also, I tried:
But this fails, because it passes
|
Another strange thing I missed before: it seems that An example of why we have both: qubes-mirage-firewall was occasionally crashing with an unhelpful error from XenStore. I wanted to configure debug logging from xenstore so I could see what the request was. However, this leads to very verbose console output and slows everything down in the working case. So instead I set the source threshold to Debug and the console threshold to Info and enable the ring buffer. The debug messages are collected into the ring while it runs. If it crashes, the ring gets dumped and I see the debug messages leading up to the crash. So probably Finally, it seems to be setting |
@talex5 IMHO: command-line arguments should set the source level. If you want to have the advanced-ringbuffer-writing-at-other-level-dump-on-error thing, this should get another set of command line arguments EDIT: and provide sane defaults: a ringbuffer of reasonable size, and all log sources on debug level |
You can disable command line parsing with --no-argv.
@hannesm I think we're saying the same thing: console thresholds are an advanced feature and the default should be source levels. I don't have any opinion about whether to include console levels as an optional extra in the regular If console thresholds aren't used, there is no need for a ring buffer, since everything will have been printed anyway. This might change if we add a syslog reporter. Ideally, such a reporter would automatically enable the ring buffer. However, I don't believe this is possible with the new API because if you set |
Now ~argv and ~reporter just take impl values, and there is a no_argv and no_reporter values to use empty implementations.
@talex5 we do not agree entirely I believe: in case you want to control (IMHO you don't, it should be for me, the output to console/syslog is the thing a user wants to control, whereas the ring buffer is the special thingy a user shouldn't need to care about |
If you log at debug for all sources then everything will run really slowly, so this certainly shouldn't be the default. If you don't use console thresholds, then setting the source level has the effect of controlling what appears on the console anyway. |
I've fixed the issues reported by @talex5 and I've updated the API to be more consistent, and now individual sources' levels are set. There is also a warning if you specify a source which doesn't exist:
The generated code source is now: let mirage_logs1 = lazy (
let __clock1 = Lazy.force clock1 in
__clock1 >>= function
| `Error _e -> fail (Failure "clock1")
| `Ok _clock1 ->
let console_threshold =
Some (Mirage_runtime.threshold ~default:Logs.Warning (Key_gen.logs ()))
in
let ring_size = None in
let reporter = Mirage_logs1.create ?ring_size ?console_threshold () in
Mirage_runtime.set_level ~default:Logs.Warning (Key_gen.logs ());
Mirage_logs1.set_reporter reporter;
Lwt.return (`Ok reporter)
) |
@talex5 depends on what you store in the ring buffer, doesn't it? shouldn't there be only closures which get evaluated once you hit the error and want to print the data? |
After a quick chat with @talex5 it appears that we don't need that as we now set the source levels correctly. And this function is slow anyway.
@hannesm I don't do that because if the logger is printing mutable state, it might be different by the time the ring is dumped (or not exist at all, as in the case of dumping a Xen shared page, for example). Also, it might cause things to be freed later than expected. |
After a quick chat with @talex5, more code-generation simplification: let mirage_logs1 = lazy (
let __clock1 = Lazy.force clock1 in
__clock1 >>= function
| `Error _e -> fail (Failure "clock1")
| `Ok _clock1 ->
let ring_size = None in
let reporter = Mirage_logs1.create ?ring_size () in
Mirage_runtime.set_level ~default:Logs.Warning (Key_gen.logs ());
Mirage_logs1.set_reporter reporter;
Lwt.return (`Ok reporter)
) |
BTW, the previous default log level was Info, which corresponds to the fairly verbose output mirage libraries give currently with |
In particular, if you want to see a unikernel's IP address when it boots, you'll want the level set at Info. |
IMHO default should be info, and we should adjust the levels (e.g. IP address) when updating libraries to use logs... I find e.g. the ARP messages on console unnecessary in the default configuration |
Ok logs default is now Info. I'm trying to fix the CI scripts, then test it a bit more and then we can start integrating all @talex5 patches to the various libraries. yay! |
…es (3.9.0) CHANGES: The Xen backend is a minimal legacy-free re-write: Solo5 (since 0.6.6) provides the low-level glue code, and ocaml-freestanding provides the OCaml runtime. The PV-only Mini-OS implementation has been retired. The only supported virtualization mode is now Xen PVH (version 2 or above), supported since Xen version 4.10 or later (and Qubes OS 4.0). The support for the ARM32 architecture on Xen has been removed. Security posture improvements: With the move to a Solo5 and ocaml-freestanding base MirageOS gains several notable improvements to security posture for unikernels on Xen: * Stack smashing protection is enabled unconditionally for all C code. * W^X is enforced throughout, i.e. `.text` is read-execute, `.rodata` is read-only, non-executable and `.data`, heap and stack are read-write and non-executable. * The memory allocator used by the OCaml runtime is now dlmalloc (provided by ocaml-freestanding), which is a big improvement over the Mini-OS malloc, and incorporates features such as heap canaries. Interface changes: * With the rewrite of the Xen core platform stack, several Xen-specific APIs have changed in incompatible ways; unikernels may need to be updated. Please refer to the mirage-xen v6.0.0 [change log](https://github.com/mirage/mirage-xen/releases/tag/v6.0.0) for a list of interfaces that have changed along with their replacements. Other changes: * OCaml 4.08 is the minimum supported version. * A dummy `dev-repo` field is emitted for the generated opam file. * .xe files are no longer generated. * Previous versions of MirageOS would strip boot parameters on Xen, since Qubes OS 3.x added arguments that could not be interpreted by our command line parser. Since Qubes OS 4.0 this is no longer an issue, and MirageOS no longer strips any boot parameters. You may need to execute `qvm-prefs qube-name kernelopts ''`. Acknowledgements: * Thanks to Roger Pau Monné, Andrew Cooper and other core Xen developers for help with understanding the specifics of how PVHv2 works, and how to write an implementation from scratch. * Thanks to Marek Marczykowski-Górecki for help with the Qubes OS specifics, and for forward-porting some missing parts of PVHv2 to Qubes OS version of Xen. * Thanks to @palainp on Github for help with testing on Qubes OS. ### v3.8.1 (2020-09-22) * OCaml runtime parameters (OCAMLPARAM) are exposed as boot and configure arguments. This allows e.g. to switch to the best-fit garbage collection strategy (mirage/mirage#1180 @hannesm) ### v3.8.0 (2020-06-22) * Emit type=pv in xl (instead of builder=linux), as required by xen 4.10+ (mirage/mirage#1166 by @djs55) * adapt to ipaddr 5.0.0, tcpip 5.0.0, mirage-crypto 0.8 (mirage/mirage#1172 @hannesm) ### v3.7.7 (2020-05-18) * handle errors from Bos.OS.Cmd.run_out * use PREFIX if defined (no need to call "opam config var prefix") * adapt to conduit 2.2.0, tls 0.12, mirage-crypto 0.7.0 changes ### v3.7.6 (2020-03-18) * fix conduit with 3.7.5 changes (mirage/mirage#1086, @hannesm) ### v3.7.5 (2020-03-15) * use mirage-crypto (and mirage-crypto-entropy) instead of nocrypto, also tls-mirage and up-to-date conduit (mirage/mirage#1068, @hannesm) ### v3.7.4 (2019-12-20) * use `git rev-parse --abbrev-ref HEAD` instead of `git branch --show-current` for emitting branch information into the opam file. The latter is only available in git 2.22 or later, while the former seems to be supported by old git releases. (mirage/mirage#1024, @hannesm) ### v3.7.3 (2019-12-17) * `mirage configure` now emits build and install steps into generated opam file this allows to use `opam install .` to actually install a unikernel. (mirage/mirage#1022 @hannesm) * refactor configure, build and link step into separate modules (mirage/mirage#1017 @dinosaure) ### v3.7.2 (2019-11-18) * adjust fat-filesystem constraints to >= 0.14 && < 0.15 (mirage/mirage#1015, @hannesm) ### v3.7.1 (2019-11-03) * clean opam files when `mirage configure` is executed (mirage/mirage#1013 @dinosaure) * deprecate mirage-types and mirage-types-lwt (mirage/mirage#1006 @hannesm) * remove abstraction over 'type 'a io' and 'buffer', remove mirage-*-lwt packages (mirage/mirage#1006 @hannesm) * unify targets in respect to hooks (Mirage_runtime provides the hooks and registration) * unify targets in respect to error handling (no toplevel try .. with installed anymore, mirage-unix does no longer ignore all errors) ### v3.7.0 (2019-11-01) * mirage-runtime: provide at_enter_iter/at_exit_iter/at_exit hooks for the event loop (mirage/mirage#1010, @samoht @dinosaure @hannesm) * call `exit 0` after the Lwt event loop returned (to run at_exit handlers in freestanding environments) (mirage/mirage#1011, @hannesm) * NOTE: this release only contains the mirage-runtime opam package to unblock other releases, there'll be a 3.7.1 soon ### v3.6.0 (2019-10-02) * solo5 0.6 support for multiple devices (mirage/mirage#993, by @mato) please read https://github.com/Solo5/solo5/blob/v0.6.2/CHANGES.md for detailed changes observable mirage changes: - new target `-t spt` for sandboxed processed tender (seccomp on Linux) - new functions Mirage_key.is_solo5 and Mirage_key.is_xen, analogue to Mirage_key.is_unix * respect verbosity when calling `ocamlbuild` -- verbose if log level is info or debug (mirage/mirage#999, by @mato) ### v3.5.2 (2019-08-22) * Adapt to conduit 2.0.0 release, including dns 4.0.0 (mirage/mirage#996, by @hannesm) * Adjust mirage-xen constraints to < 5.0.0 (mirage/mirage#995, by @reynir) ### v3.5.1 (2019-07-11) * Adapt to new tracing API (mirage/mirage#985, by @talex5) * Remove stubs for qrexec and qubes gui (qubes 3 is end of life, qubes 4 makes it configurable) (mirage/mirage#984, by @linse & @yomimono) * Update mirage-logs and charrua-client-mirage version constraints (mirage/mirage#982, by @hannesm) * Remove unused dockerfile, travis updates (mirage/mirage#982 mirage/mirage#990, by @hannesm) ### v3.5.0 (2019-03-03) * Rename Mirage_impl_kv_ro to Mirage_impl_kv, and introduce `rw` (mirage/mirage#975, by @hannesm) * Adapt to mirage-kv 2.0.0 changes (mirage/mirage#975, by @hannesm) * Adapt to mirage-protocols and mirag-net 2.0.0 changes (mirage/mirage#972, by @hannesm) * mirage-types-lwt: remove unneeded io-page dependency (mirage/mirage#971, by @hannesm) * Fix regression introduced in 3.4.0 that "-l *:debug" did no longer work (mirage/mirage#970, by @hannesm) * Adjust various upper bounds (mirage-unix, cohttp-mirage, mirage-bootvar-xen) (mirage/mirage#967, by @hannesm) ### v3.4.1 (2019-02-05) * Provide a httpaf_server device, and a cohttp_server device (mirage/mirage#955, by @anmonteiro) * There can only be a single prng device in a unikernel, due to entropy harvesting setup (mirage/mirage#959, by @hannesm) * Cleanup zarith-freestanding / gmp-freestanding dependencies (mirage/mirage#964, by @hannesm) * ethernet is now a separate package (mirage/mirage#965, by @hannesm) * arp now uses the mirage/arp repository by default, the tcpip.arpv4 implementation was removed in tcpip 3.7.0 (mirage/mirage#965, by @hannesm) ### v3.4.0 (2019-01-11) * use ipaddr 3.0 without s-expression dependency (mirage/mirage#956, by @hannesm) * use mirage-clock 2.x and tcpip 3.6.x libraries (mirage/mirage#960, mirage/mirage#962, by @hannesm) * default to socket stack on unix and macos (mirage/mirage#958, by @hannesm) * use String.split_on_char in mirage-runtime to avoid astring dependency (mirage/mirage#957, by @hannesm) * add build-dependency on mirage to each unikernel (mirage/mirage#953, by @hannesm) ### 3.3.1 (2018-11-21) * fix regression: --yes was not passed to opam in 3.3.0 (mirage/mirage#950, by @hannesm) ### 3.3.0 (2018-11-18) New target: (via solo5) Genode: "Genode is a free and open-source operating system framework consisting of a microkernel abstraction layer and a collection of userspace components. The framework is notable as one of the few open-source operating systems not derived from a proprietary OS, such as Unix. The characteristic design philosophy is that a small trusted computing base is of primary concern in a security oriented OS." (from wikipedia, more at https://genode.org/ mirage/mirage#942, by @ehmry) User-visible changes * use mirage-bootvar-unix instead of OS.Env.argv (deprecated since mirage-{xen,unix,os-shim}.3.1.0, mirage-solo5.0.5.0) on unix (mirage/mirage#931, by @hannesm) WARNING: this leads to a different semantics for argument passing on Unix: all arguments are concatenated (using a whitespace " " as separator), and split on the whitespace character again (by parse-argv). This is coherent with all other backends, but the whitespace in "--hello=foo bar" needs to be escaped now. * mirage now generates upper bounds for hard-coded packages that are used in generated code. When we now break the API, unikernels which are configured with an earlier version won't accept the new release of the dependency. This means API breakage is much smoother for us, apart from that we now track version numbers in the mirage utility. The following rules were applied for upper bounds: - if version < 1.0.0 then ~min:"a.b.c" ~max:"a.(b+1).0" - if version > 1.0.0 then ~min:"a.b.c" ~max:"(a+1).0.0"` - exceptions: tcpip (~min:"3.5.0" ~max:"3.6.0"), mirage-block-ramdisk (unconstrained) WARNING: Please be careful when release any of the referenced libraries by taking care of appropriate version numbering. (initial version in mirage/mirage#855 by @avsm, final mirage/mirage#946 by @hannesm) * since functoria.2.2.2, the "package" function (used in unikernel configuration) is extended with the labeled argument ~pin that receives a string (e.g. ~pin:"git+https://github.com/mirage-random/mirage-random.git"), and is embedded into the generated opam file as [pin-depends](https://opam.ocaml.org/doc/Manual.html#opamfield-pin-depends) * mirage-random-stdlib is now used for default_random instead of mirage-random (which since 1.2.0 no longer bundles the stdlib Random module). mirage-random-stdlib is not cryptographically secure, but "a lagged-Fibonacci F(55, 24, +) with a modified addition function to enhance the mixing of bits.", which is now seeded using mirage-entropy. If you configure your unikernel with "mirage configure --prng fortuna" (since mirage 3.0.0), a cryptographically secure PRNG will be used (read more at https://mirage.io/blog/mirage-entropy) * mirage now revived its command-line "--no-depext", which removes the call to "opam depext" in the depend and depends target of the generated Makefile (mirage/mirage#948, by @hannesm) * make depend no longer uses opam pin for opam install --deps-only (mirage/mirage#948, by @hannesm) * remove unused io_page configuration (initial discussion in mirage/mirage#855, mirage/mirage#940, by @hannesm) * charrua-client requires a Mirage_random interface since 0.11.0 (mirage/mirage#938, by @hannesm) * split implementations into separate modules (mirage/mirage#933, by @emillon) * improved opam2 support (declare ocaml as dependency mirage/mirage#926) * switch build system to dune (mirage/mirage#927, by @emillon) * block device writes has been fixed in mirage-solo5.0.5.0 ### 3.2.0 (2018-09-23) * adapt to solo5 0.4.0 changes (mirage/mirage#924, by @mato) Upgrading from Mirage 3.1.x or earlier Due to conflicting packages, opam will not upgrade mirage to version 3.2.0 or newer if a version of mirage-solo5 older than 0.4.0 is installed in the switch. To perform the upgrade you must run `opam upgrade mirage` explicitly. Changes required to rebuild and run ukvm unikernels As of Solo5 0.4.0, the ukvm target has been renamed to hvt. If you are working out of an existing, dirty, source tree, you should initially run: ``` mirage configure -t hvt mirage clean mirage configure -t hvt ``` and then proceed as normal. If you are working with a clean source tree, then simply configuring with the new hvt target is sufficient: `mirage configure -t hvt` Note that the build products have changed: The unikernel binary is now named `<unikernel>.hvt`, the `ukvm-bin` binary is now named `solo5-hvt`. * adapt to mirage-protocols, mirage-stack, tcpip changes (mirage/mirage#920, by @hannesm) This is a breaking change: mirage 3.2.0 requires mirage-protocols 1.4.0, mirage-stack 1.3.0, and tcpip 3.5.0 to work (charru-client-mirage 0.10 and mirage-qubes-ipv4 0.6 are adapted to the changes). An older mirage won't be able to use these new libraries correctly. Conflicts were introduced in the opam-repository. In more detail, direct and socket stack initialisation changed, which is automatically generated by the mirage tool for each unikernel (as part of `main.ml`). A record was built up, which is no longer needed. Several unneeded type aliases were removed: `netif` from Mirage_protocols.ETHIF `ethif` and `prefix` from Mirage_protocols.IP `ip` from Mirage_protocols.{UDP,TCP} `netif` and `'netif config` from Mirage_stack.V4 `'netif stackv4_config` and `socket_stack_config` in Mirage_stack * squash unnecessary warning from `mirage build` (mirage/mirage#916, by @mato) ### 3.1.1 (2018-08-01) * for the unix target, add `-tags thread`, as done for the mac osx target (mirage/mirage#861, suggested by @cfcs) * bump minimum mirage-solo5* and solo5-kernel* to 0.3.0 (mirage/mirage#914, by @hannesm, as suggested by @mato) * use the exposed signature in functoria for Key modules (mirage/mirage#912, by @Drup) * add ?group param to all generic devices (mirage/mirage#913, by @samoht) ### 3.1.0 (2018-06-20) * solo5 v0.3.0 support (mirage/mirage#906, by @mato @Kensan @hannesm): The major new user-visible features for the Solo5 backends are: ukvm: Now runs natively on FreeBSD vmm and OpenBSD vmm. ukvm: ARM64 support. muen: New target, for the Muen Separation Kernel. ukvm: Improved and documented support for debugging Solo5-based unikernels. * generate libvirt.xml for virtio target (mirage/mirage#903, by @bramford) * don't make xen config documents for target qubes (mirage/mirage#895, by @yomimono) * use a path pin when making depends (mirage/mirage#891, by @yomimono) * move block registration to `configure` section (mirage/mirage#892, by @yomimono) * allow to directly specifying xenstore ids (mirage/mirage#879, by @yomimono) ### 3.0.8 (2017-12-19) * when passing block devices to `xen`, pass the raw filename rather than trying to infer the xenstore ID (mirage/mirage#874, by @yomimono) * make homepage in opam files consistent (mirage/mirage#872, by @djs55) ### 3.0.7 (2017-11-24) * the released version of `cohttp-mirage` is `1.0.0` (not `3.0.0`) (mirage/mirage#870 by @hannesm) ### 3.0.6 (2017-11-16) * remove macOS < yosemite support (mirage/mirage#860 by @hannesm) * rename `mirage-http` to `cohttp-mirage` (mirage/mirage#863 by @djs55) See [mirage/ocaml-cohttp#572] * opam: require OCaml 4.04.2+ (mirage/mirage#867 by @hannesm) ### 3.0.5 (2017-08-08) * Allow runtime configuration of syslog via config keys `--syslog`, `--syslog-port` and `--syslog-hostname` (mirage/mirage#853 via @hannesm). * Switch build of tool and libraries to Jbuilder (by @samoht) * Fix a warning when connecting to a ramdisk device (mirage/mirage#837 by @g2p) * Fix reference to tar library when using `--kv-ro archive` (mirage/mirage#848 by @mor1) * Adapt to latest functoria API (mirage/mirage#849 by @samoht) * Add a `--gdb` argument for ukvm targets so that debuggers can be attached easily. This allows `mirage configure --gdb -t ukvm` to work (@ricarkol in mirage/mirage#847). * Adapt to latest functoria (mirage/mirage#849 by @samoht) * Adapt to latest charrua, tcpip (mirage/mirage#854 by @yomimono) * Switch to jbuilder (mirage/mirage#850 by @samoht) Packaging updates for latest opam repository: * ARP is compatible with MirageOS3 since 0.2.0 (mirage/mirage#851 by @hannesm) ### 3.0.4 (2017-06-15) * add a --block configure flag for picking ramdisk or file-backed disk * add lower bounds on packages * fallback to system `$PKG_CONFIG_PATH` * update for mirage-qubes-ipv4 ### 3.0.2 (2017-03-15) * restore ocamlbuild colors when `TERM <> dumb && Unix.isatty stdout` (mirage/mirage#814, by @hannesm) ### 3.0.1 (2017-03-14) * remove "-color always" from ocamlbuild invocation (bugfix for some scripts interpreting build output) (mirage/mirage#811, by @hannesm) * provide a "random" module argument when invoking IPv6.Make (compat with tcpip 3.1.0) (mirage/mirage#801, by @hannesm) * add a "depends" target to the generated Makefile (controversial and may be removed) (mirage/mirage#805, by @yomimono) * allow qubesdb to be requested in config.ml when the target is xen (mirage/mirage#807, by @talex5) ### 3.0.0 (2017-02-23) * rename module types modules: V1 -> Mirage_types, V1_LWT -> Mirage_types_lwt (mirage/mirage#766, by @yomimono, @samoht, and @hannesm) * split type signatures and error printers into separate libraries (mirage/mirage#755, mirage/mirage#753, mirage/mirage#752, mirage/mirage#751, mirage/mirage#764, and several others, by @samoht and @yomimono) * use mirage-fs instead of ocaml-fat to transform FS into KV_RO (mirage/mirage#756, by @samoht) * changes to simplify choosing an alternate ARP implementation (mirage/mirage#750, by @hannesm) * add configurators for syslog reporter (mirage/mirage#749, by @hannesm) * filter incoming boot-time arguments for all Xen backends, not just QubesOS (mirage/mirage#746, by @yomimono) * give mirage-types-lwt its own library, instead of a mirage-types sublibrary called lwt (mirage/mirage#735, by @hannesm) * remove `format` function and `Format_unknown` error from FS module type (mirage/mirage#733, by @djs55) * ocamlify FAT name (mirage/mirage#723 by @yomimono) * remove type `error` from DEVICE module type (mirage/mirage#728, by @hannesm) * UDP requires random for source port randomization (mirage/mirage#726 by @hannesm) * drop "mir-" prefix from generated binaries (mirage/mirage#725 by @hannesm) * BLOCK and FS uses result types (mirage/mirage#705 by @yomimono) * depext fixes (mirage/mirage#718 by @mato) * workflow changes: separate configure, depend, build phases, generate opam file during configure (mirage/mirage#703, mirage/mirage#711 by @hannesm) * tap0 is now default_network (mirage/mirage#715, mirage/mirage#719 by @yomimono, @mato) * ARP uses result types (mirage/mirage#711 by @yomimono) * ipv4 key (instead of separate ip and netmask) (mirage/mirage#707, mirage/mirage#709 by @yomimono) * CHANNEL uses result types (mirage/mirage#702 by @avsm) * no custom myocamlbuild.ml, was needed for OCaml 4.00 (mirage/mirage#693 by @hannesm) * revert custom ld via pkg-config (mirage/mirage#692 by @hannesm) * result types for FLOW and other network components (mirage/mirage#690 by @yomimono) * removed `is_xen` key (mirage/mirage#682, by @hannesm) * mirage-clock-xen is now mirage-clock-freestanding (mirage/mirage#684, by @mato) * mirage-runtime is a separate opam package providing common functionality (mirage/mirage#681, mirage/mirage#615 by @hannesm) * add `qubes` target for making Xen unikernels which boot & configure themselves correctly on QubesOS. (mirage/mirage#553, by @yomimono) * revised V1.CONSOLE interface: removed log, renamed log_s to log (mirage/mirage#667, by @hannesm) * remove Str module from OCaml runtime (mirage/mirage#663, in ocaml-freestanding and mirage-xen-ocaml, by @hannesm) * new configuration time keyword: prng to select the default prng (mirage/mirage#611, by @hannesm) * fail early if tracing is attempted with Solo5 (mirage/mirage#657, by @yomimono) * refactor ipv4, stackv4, and dhcp handling (mirage/mirage#643, by @yomimono) * create xen-related helper files only when the target is xen (mirage/mirage#639, by @hannesm) * improvements to nocrypto handling (mirage/mirage#636, by @pqwy) * disable warning mirage/mirage#42 in generated code for unikernels (mirage/mirage#633, by @hannesm) * V1.NETWORK functions return a Result.t rather than polyvars indicating success or errors (mirage/mirage#615, by @hannesm) * remove GNUisms and unnecessary artifacts from build (mirage/mirage#623, mirage/mirage#627, by @mato and @hannesm) * remove type `id` from `DEVICE` module type. (mirage/mirage#612, by @yomimono and @talex5) * revise the RANDOM signature to provide n random bytes; provide nocrypto_random and stdlib_random (mirage/mirage#551 and mirage/mirage#610, by @hannesm) * expose `direct` as an option for `kv_ro`. (mirage/mirage#607, by @mor1) * require a `mem` function in KV_RO, and add `Failure` error variant (mirage/mirage#606, by @yomimono) * `connect` functions are no longer expected to return polyvars, but rather to raise exceptions if `connect` fails and return the value directly. (mirage/mirage#602, by @hannesm) * new documentation using `odig` (mirage/mirage#591, mirage/mirage#593, mirage/mirage#594, mirage/mirage#597, mirage/mirage#598, mirage/mirage#599, mirage/mirage#600, and more, by @avsm) * change build system to `topkg` from `oasis`. (mirage/mirage#558, mirage/mirage#590, mirage/mirage#654, mirage/mirage#673, by @avsm, @samoht, @hannesm, @dbuenzli) * express io-page dependency of crunch. (mirage/mirage#585, by @yomimono and @mato) * deprecate the CLOCK module type in favor of PCLOCK (POSIX clock) and MCLOCK (a monotonically increasing counter of elapsed nanoseconds). (mirage/mirage#548 and mirage/mirage#579, by @mattgray and @yomimono) * emit an ocamlfind predicate that matches the target, reducing the amount of duplication by target required of library authors (mirage/mirage#568, by @pqwy) * implement an `is_unix` key (mirage/mirage#575, by @mato) * use an int64 representing nanoseconds as the argument for `TIME.sleep`, instead of a float representing seconds. (mirage/mirage#547, by @hannesm) * expose new targets `virtio` and `ukvm` via the `solo5` project. (mirage/mirage#565, by @djwillia, @mato, and @hannesm). * remove users of `base_context`, which includes command-line arguments `--unix` and `--xen`, and `config.ml` functions `add_to_ocamlfind_libraries` and `add_to_opam_packages`. As a side effect, fix a long-standing error message bug when invoking `mirage` against a `config.ml` that does not build. (mirage/mirage#560, by @yomimono) * link `libgcc.a` only on ARM & other build improvements (mirage/mirage#544, by @hannesm) * allow users to use `crunch` on unix with `kv_ro`; clean up crunch .mlis on clean (mirage/mirage#556, by @yomimono) * remove console arguments to network functors (mirage/mirage#554, by @talex5 and @yomimono) * standardize ip source and destination argument names as `src` and `dst`, and source and destination ports as `src_port` and `dst_port` (mirage/mirage#546, by @yomimono) * a large number of documentation improvements (mirage/mirage#549, by @djs55) * require `pseudoheader` function for IP module types. (mirage/mirage#541, by @yomimono) * always build with `ocamlbuild -r`, to avoid repetitive failure message (mirage/mirage#537, by @talex5) ### 2.9.1 (2016-07-20) * Warn users of command-line arguments `--unix` and `--xen` that support for these will soon be dropped. Instead, use `-t unix` and `-t xen` respectively. (see mirage/mirage-www#475 (comment)) (mirage/mirage#561, by @yomimono) * Warn users of functions `add_to_opam_packages p` and `add_to_ocamlfind_libraries l` that support for these will soon be dropped. Instead, use `register ~libraries:l` and `register:~packages:p` respectively. (mirage/mirage#561, by @yomimono). ### 2.9.0 (2016-04-29) * Add logging support. A new `reporter` parameter to `register` is now available. This parameter defines how to configure the log reporter, using `Logs` and `Mirage_logs`. Log reporters can also be configured at configuration AND runtime using on the new `-l` or `--logs` command-line argument. (mirage/mirage#534, by @samoht, @talex5 and @Drup) * Allow to disable command-line parsing at runtime. There is a new `argv` parameter to the `register` function to allow to pass custom command-line argument parsing devices. Use `register ~argv:no_argv` to disable command-line argument parsing. (mirage/mirage#493, by @samoht and @Drup) ### 2.8.0 (2016-04-04) * Define an ICMP and ICMPV4 module type. ICMPV4 is included in, and surfaced by, the STACKV4 module type. The previous default behavior of the IPv4 module with respect to ICMP is preserved by STACKV4 and the tcpip_stack_direct function provided by mirage. (mirage/mirage#523, by @yomimono) * Explicitly require OCaml compiler version 4.02.3 in opam files for mirage-types and mirage. ### 2.7.3 (2016-03-20) * Fix another regression introduced in 2.7.1 which enable `-warn-error` by default. This is now controlled by a `--warn-error` flag on `mirage configure`. Currently it's default value is [false] but this might change in future versions (mirage/mirage#520) ### 2.7.2 (2016-03-20) * Fix regression introduced in 2.7.1 which truncates the ouput of `opam install` and breaks `opam depext` (mirage/mirage#519, by @samoht) ### 2.7.1 (2016-03-17) * Improve the Dockerfile (mirage/mirage#507, by @avsm) * Use Astring (by @samoht) * Clean-up dependencies automatically added by the tool - do not require `lwt.syntax`, `cstruct.syntax` and `sexplib`, which should make the default unikernels camlp4-free (mirage/mirage#510, mirage/mirage#515 by @samoht) - always require `mirage-platform` (mirage/mirage#512, by @talex5) - ensure that `mirage-types` and `mirage-types-lwt` are installed * Turn on more warnings and enable "warning as errors". * Check that the OCaml compiler is at least 4.02.3 (by @samoht) ### 2.7.0 (2016-02-17) The mirage tool is now based on functoria. (mirage/mirage#441 mirage/mirage#450, by @Drup @samoht) See https://mirage.io/blog/introducing-functoria for full details. * Command line interface: The config file must be passed with the -f option (instead of being just an argument). * Two new generic combinators are available, generic_stack and generic_kv_ro. * `get_mode` is deprecated. You should use keys instead. And in particular `Key.target` and `Key.is_xen`. * `add_to_ocamlfind_libraries` and `add_to_opam_packages` are deprecated. Both the `foreign` and the `register` functions now accept the `~libraries` and `~packages` arguments to specify library dependencies. * If you were using `tls` without the conduit combinator, you will be greeted during configuration by a message like this: ``` The "nocrypto" library is loaded but entropy is not enabled! Please enable the entropy by adding a dependency to the nocrypto device. You can do so by adding ~deps:[abstract nocrypto] to the arguments of Mirage.foreign. ``` Data dependencies (such as entropy initialization) are now explicit. In order to fix this, you need to declare the dependency like so: ```ocaml open Mirage let my_functor = let deps = [abstract nocrypto] in foreign ~deps "My_Functor" (foo @-> bar) ``` `My_functor.start` will now take an extra argument for each dependencies. In the case of nocrypto, this is `()`. * Remove `nat-script.sh` from the scripts directory, to be available as an external script. ### 2.6.1 (2015-09-08) * Xen: improve the .xl file generation. We now have - `name.xl`: this has sensible defaults for everything including the network bridges and should "just work" if used on the build box - `name.xl.in`: this has all the settings needed to boot (e.g. presence of block and network devices) but all the environmental dependencies are represented by easily-substitutable variables. This file is intended for production use: simply replace the variables for the paths, bridges, memory sizes etc. and run `xl create` as before. ### 2.6.0 (2015-07-28) * Better ARP support. This needs `mirage-tcpip.2.6.0` (mirage/mirage#419, by @yomimono) - [mirage-types] Remove `V1.IPV4.input_arp` - [mirage-types] Expose `V1.ARP` and `V1_LWT.ARP` - Expose a `Mirage.arp` combinator * Provide noop configuration for default_time (mirage/mirage#435, by @yomimono) * Add `Mirage.archive` and `Mirage.archive_of_files` to support attaching files via a read-only tar-formatted BLOCK (mirage/mirage#432, by @djs55) * Add a .merlin file (mirage/mirage#428, by @Drup) ### 2.5.1 (2015-07-17) * [mirage-types] Expose `V1_LWT.FS.page_aligned_buffer = Cstruct.t` ### 2.5.0 (2015-06-10) * Change the type of the `Mirage.http_server` combinator. The first argument (the conduit server configuration) is removed and should now be provided at compile-time in `unikernel.ml` instead of configuration-time in `config.ml`: ```ocaml (* [config.ml] *) (* in 2.4 *) let http = http_server (`TCP (`Port 80)) conduit (* in 2.5 *) let http = http_server conduit (* [unikernel.ml] *) let start http = (* in 2.4 *) http (S.make ~conn_closed ~callback ()) (* in 2.5 *) http (`TCP 80) (S.make ~conn_closed ~callback ()) ``` * Change the type of the `Mirage.conduit_direct` combinator. Previously, it took an optional `vchan` implementation, an optional `tls` immplementation and an optional `stackv4` implemenation. Now, it simply takes a `stackv4` implementation and a boolean to enable or disable the `tls` stack. Users who want to continue to use `vchan` with `conduit` should now use the `Vchan` functors inside `unikernel.ml` instead of the combinators in `config.ml`. To enable the TLS stack: ```ocaml (* [config.ml] *) let conduit = conduit_direct ~tls:true (stack default_console) (* [unikernel.ml] *) module Main (C: Conduit_mirage.S): struct let start conduit = C.listen conduit (`TLS (tls_config, `TCP 443)) callback end ``` * [types] Remove `V1.ENTROPY` and `V1_LWT.ENTROPY`. The entropy is now handled directly by `nocrypto.0.4.0` and the mirage-tool is only responsible to call the `Nocrypto_entropy_{mode}.initialize` function. * Remove `Mirage.vchan`, `Mirage.vchan_localhost`, `Mirage.vchan_xen` and `Mirage.vchan_default`. Vchan users need to adapt their code to directly use the `Vchan` functors instead of relying on the combinators. * Remove `Mirage.conduit_client` and `Mirage.conduit_server` types. * Fix misleading "Compiling for target" messages in `mirage build` (mirage/mirage#408 by @lnmx) * Add `--no-depext` to disable the automatic installation of opam depexts (mirage/mirage#402) * Support `@name/file` findlib's extended name syntax in `xen_linkopts` fields. `@name` is expanded to `%{lib}%/name` * Modernize the Travis CI scripts ### 2.4.0 (2015-05-05) * Support `mirage-http.2.2.0` * Support `conduit.0.8.0` * Support `tcpip.2.4.0` * Add time and clock parameters to IPv4 (mirage/mirage#362, patch from @yomimono) * Support for `ocaml-tls` 0.4.0. * Conduit now takes an optional TLS argument, allowing servers to support encryption. (mirage/mirage#347) * Add the ability to specify `Makefile.user` to extend the generated `Makefile`. Also `all`, `build` and `clean` are now extensible make targets. * Remove the `mirage run` command (mirage/mirage#379) * Call `opam depext` when configuring (mirage/mirage#373) * Add opam files for `mirage` and `mirage-types` packages * Fix `mirage --version` (mirage/mirage#374) * Add a `update-doc` target to the Makefile to easily update the online documentation at http://mirage.github.io/mirage/ ### 2.3.0 (2015-03-10) * Remove the `IO_PAGE` module type from `V1`. This has now moved into the `io-page` pacakge (mirage/mirage#356) * Remove `DEVICE.connect` from the `V1` module types. When a module is functorised over a `DEVICE` it should only have the ability to *use* devices it is given, not to connect to new ones. (mirage/mirage#150) * Add `FLOW.error_message` to the `V1` module types to allow for generic handling of errors. (mirage/mirage#346) * Add `IP.uipaddr` as a universal IP address type. (mirage/mirage#361) * Support the `entropy` version 0.2+ interfaces. (mirage/mirage#359) * Check that the `opam` command is at least version 1.2.0 (mirage/mirage#355) * Don't put '-classic-display' in the generated Makefiles. (mirage/mirage#364) ### 2.2.1 (2015-01-29) * Fix logging errors when `mirage` output is not redirected. (mirage/mirage#355) * Do not reverse the order of C libraries when linking. This fixes Zarith linking in Xen mode. (mirage/mirage#341). * Fix typos in command line help. (mirage/mirage#352). ### 2.2.0 (2014-12-18) * Add IPv6 support. This alters some of the interfaces that were previously hardcoded to IPv4 by generalising them. For example: ```ocaml type v4 type v6 type 'a ip type ipv4 = v4 ip type ipv6 = v6 ip ``` Full support for configuring IPv6 does not exist yet, as this release is intended for getting the type definitions in place before adding configuration support. ### 2.1.1 (2014-12-10) * Do not reuse the Unix linker options when building Xen unikernels. Instead, get the linker options from the ocamlfind `xen_linkopts` variables (mirage/mirage#332). See `tcpip.2.1.0` for a library that does this for a C binding. * Only activate MacOS X compilation by default on 10.10 (Yosemite) or higher. Older revisions of MacOS X will use the generic Unix mode by default, since the `vmnet` framework requires Yosemite or higher. * Do not run crunched filesystem modules through `camlp4`, which significantly speeds up compilation on ARM platforms (from minutes to seconds!) (mirage/mirage#299). ### 2.1.0 (2014-12-07) * Add specific support for `MacOSX` as a platform, which enables network bridging on Yosemite (mirage/mirage#329). The `--unix` flag will automatically activate the new target if run on a MacOS X host. If this breaks for you due to being on an older version of MacOS X, then use the new `--target` flag to set either Unix, MacOSX or Xen to the `mirage configure` command. * Add `mirage.runtime` findlib library and corresponding Mirage_runtime module (mirage/mirage#327). * If net driver in STACKV4_direct can't initialize, print a helpful error (mirage/mirage#164). * [xen]: fixed link order in generated Makefile (mirage/mirage#322). * Make `Lwt.tracing` instructions work for Fish shell too by improving quoting (mirage/mirage#328). ### 2.0.1 (2014-11-21) * Add `register ~tracing` to enable tracing with mirage-profile at start-up (mirage/mirage#321). * Update Dockerfile for latest libraries (mirage/mirage#320). * Only build mirage-types if Io_page is also installed (mirage/mirage#324). ### 2.0.0 (2014-11-05) * [types]: backwards incompatible change: CONSOLE is now a FLOW; 'write' has a different signature and 'write_all' has been removed. * Set on_crash = 'preserve' in default Xen config. * Automatically install dependencies again, but display the live output to the user. * Include C stub libraries in linker command when generating Makefiles for Xen. * Add `Vchan`, `Conduit` and `Resolver` code generators. * Generate a `*.xe` script which can upload a kernel to a XenServer. * Generate a libvirt `*.xml` configuration file (mirage/mirage#292). * Fix determination of `mirage-xen` location for paths with spaces (mirage/mirage#279). * Correctly show config file locations when using a custom one. * Fix generation of foreign (non-functor) modules (mirage/mirage#293) ### 1.2.0 (2014-07-05) The Mirage frontend tool now generates a Makefile with a `make depend` target, instead of directly invoking OPAM as part of `mirage configure`. This greatly improves usability on slow platforms such as ARM, since the output of OPAM as it builds can be inspected more easily. Users will now need to run `make depend` to ensure they have the latest package set, before building their unikernel with `make` as normal. * Improve format of generated Makefile, and also colours in terminal output. * Add `make depend` target to generated Makefile. * Set `OPAMVERBOSE` and `OPAMYES` in the Makefile, which can be overridden. * Add an `ENTROPY` device type for strong random sources (mirage/mirage#256). ### 1.1.3 (2014-06-15) * Build OPAM packages in verbose mode by default. * [types] Add `FLOW` based on `TCPV4`. * travis: build mirage-types from here, rather than 1.1.0. ### 1.1.2 (2014-04-01) * Improvement to the Amazon EC2 deployment script. * [types] Augment STACKV4 with an IPV4 module in addition to TCPV4 and UDPV4. * Regenerate with OASIS 0.4.4 (which adds natdynlink support) ### 1.1.1 (2014-02-21) * Man page fixes for typos and terminology (mirage/mirage#220). * Activate backtrace recording by default (mirage/mirage#225). * Fixes in the `V1.STACKV4` to expose UDPv4/TCPv4 types properly (mirage/mirage#226). ### 1.1.0 (2014-02-05) * Add a combinator interface to device binding that makes the functor generation significantly more succinct and expressive. This breaks backwards compatibility with `config.ml` files from the 1.0.x branches. * Integrate the `mirage-types` code into `types`. This is built as a separate library from the command-line tool, via the `install-types` Makefile target. ### 1.0.4 (2014-01-14) * Add default build tags for annot, bin_annot, principal and strict_sequence. * Renane `KV_RO` to `Crunch` ### 1.0.3 (2013-12-18) * Do not remove OPAM packages when doing `mirage clean` (mirage/mirage#143) * [xen] generate a simple main.xl, without block devices or network interfaces. * The HTTP dependency now also installs `mirage-tcp-*` and `mirage-http-*`. * Fix generated Makefile dependency on source OCaml files to rebuild reliably. * Support `Fat_KV_RO` (a read-only k/v version of the FAT filesystem). * The Unix `KV_RO` now passes through to the underlying filesystem instead of calling `crunch`, via `mirage-fs-unix`. ### 1.0.2 (2013-12-10) * Add `HTTP` support. * Fix `KV_RO` configuration for OPAM autoinstall. ### 1.0.1 (2013-12-09) * Add more examples to the FAT filesystem test case. * Fix `mirage-tcpip-*` support * Fix `mirage-net-*` support ### 1.0.0 (2013-12-09) * Adapt the latest library releases for Mirage 1.0 interfaces. ### 0.10.0 (2013-12.08) * Complete API rewrite * [xen] XL configuration phase is now created during configure phase, was during run phase. ### 0.9.7 (2013-08-09) * Generate code that uses the `Ipaddr.V4` interface instead of `Nettypes`. ### 0.9.6 (2013-07-26) * fix unix-direct by linking the unix package correctly (previously it was always dropped). ### 0.9.5 (2013-07-18) * completely remove the dependency on obuild: use ocamlbuild everywhere now. * adapt for mirage-0.9.3 OS.Netif interfaces (abstract type `id`). * do not output network config when there are no `ip-*` lines in the `.conf` file. * do not try to install `mirage-fs` if there is no filesystem to create. * added `nat-script.sh` to setup xenbr0 with DNS, DHCP and masqerading under Linux. ### 0.9.4 (2013-07-09) * build using ocamlbuild rather than depending on obuild. * [xen] generate a symbol that can be used to produce stack traces with xenctx. * mirari run --socket just runs the unikernel without any tuntap work. * mirari run --xen creates a xl config file and runs `xl create -c unikernel.xl`. ### 0.9.3 (2013-06-12) * Add a `--socket` flag to activate socket-based networking (UNIX only). * Do not use OPAM compiler switches any more, as that's done in the packaging now. * Use fd-passing in the UNIX backend to spawn a process. ### 0.9.2 (2013-03-28) * Install `obuild` automatically in all compiler switches (such as Xen). * Only create symlinks to `mir-foo` for a non-Xen target. * Add a `mirari clean` command. * Add the autoswitch feature via `mirari --switch=<compiler>` or the config file. ### 0.9.1 (2013-02-13) * Fix Xen symlink upon build. * Add a `--no-install` option to `mirari configure` to prevent invoking OPAM automatically. ### 0.9.0 (2013-02-12) * Automatically install `mirage-fs` package if a filesystem crunch is requested. * Remove the need for `mir-run` by including the final Xen link directly in Mirari. * Add support for building Xen variants. * Initial import of a unix-direct version.
No description provided.